@@ -1,10 +1,11 @@
#
# CIP Core, generic profile
#
-# Copyright (c) Siemens AG, 2020
+# Copyright (c) Siemens AG, 2020-2022
#
# Authors:
# Quirin Gylstorff <quirin.gylstorff@siemens.com>
+# Jan Kiszka <jan.kiszka@siemens.com>
#
# SPDX-License-Identifier: MIT
#
@@ -21,13 +22,13 @@ IMAGE_UUID ?= "${@generate_image_uuid(d)}"
do_generate_image_uuid[vardeps] += "IMAGE_UUID"
do_generate_image_uuid[depends] = "buildchroot-target:do_build"
+do_generate_image_uuid[dirs] = "${DEPLOY_DIR_IMAGE}"
do_generate_image_uuid() {
sudo sed -i '/^IMAGE_UUID=.*/d' '${IMAGE_ROOTFS}/etc/os-release'
echo "IMAGE_UUID=\"${IMAGE_UUID}\"" | \
sudo tee -a '${IMAGE_ROOTFS}/etc/os-release'
- image_do_mounts
- # update initramfs to add uuid
- sudo chroot '${IMAGE_ROOTFS}' update-initramfs -u
+ echo "TARGET_IMAGE_UUID=\"${IMAGE_UUID}\"" \
+ > "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.uuid.env"
}
-addtask generate_image_uuid before do_copy_boot_files after do_rootfs_install
+addtask generate_image_uuid before do_image after do_rootfs
@@ -9,10 +9,6 @@
# SPDX-License-Identifier: MIT
#
-INITRAMFS_RECIPE ?= "cip-core-initramfs"
-do_wic_image[depends] += "${INITRAMFS_RECIPE}:do_build"
-INITRD_IMAGE = "${INITRAMFS_RECIPE}-${DISTRO}-${MACHINE}.initrd.img"
-
inherit verity-img
inherit wic-swu-img
@@ -16,6 +16,12 @@ inherit wic-img
inherit swupdate-img
IMAGE_INSTALL += "etc-overlay-fs"
+
+INITRAMFS_RECIPE ?= "cip-core-initramfs"
+INITRD_IMAGE = "${INITRAMFS_RECIPE}-${DISTRO}-${MACHINE}.initrd.img"
+
+do_wic_image[depends] += "${INITRAMFS_RECIPE}:do_build"
+
IMAGE_INSTALL += "home-fs"
IMAGE_INSTALL += "tmp-fs"
@@ -25,6 +25,7 @@ local_conf_header:
secure-boot-image: |
IMAGE_FSTYPES = "secure-wic-swu-img"
WKS_FILE = "${MACHINE}-efibootguard-secureboot.wks.in"
+ INITRAMFS_INSTALL_append = " initramfs-verity-hook"
secure-boot: |
# Add snakeoil binaries for qemu
@@ -17,7 +17,7 @@ header:
local_conf_header:
initramfs: |
- IMAGE_INSTALL += "initramfs-abrootfs-hook"
+ INITRAMFS_INSTALL_append = " initramfs-abrootfs-hook"
image-option-uuid: |
CIP_IMAGE_OPTIONS_append = " image-uuid.inc"
@@ -10,7 +10,3 @@
#
inherit initramfs
-
-INITRAMFS_INSTALL += " \
- initramfs-verity-hook \
- "
similarity index 62%
rename from recipes-initramfs/initramfs-abrootfs-hook/files/initramfs.lsblk.hook
rename to recipes-initramfs/initramfs-abrootfs-hook/files/abrootfs.hook
@@ -1,9 +1,8 @@
-# This software is a part of ISAR.
-# Copyright (C) Siemens AG, 2020
+#!/bin/sh
+# Copyright (C) Siemens AG, 2020-2022
#
# SPDX-License-Identifier: MIT
-#!/bin/sh
PREREQ=""
prereqs()
@@ -21,9 +20,5 @@ esac
. /usr/share/initramfs-tools/scripts/functions
. /usr/share/initramfs-tools/hook-functions
-if [ ! -x /usr/bin/lsblk ]; then
- echo "Warning: couldn't find /usr/bin/lsblk!"
- exit 0
-fi
-
copy_exec /usr/bin/lsblk
+copy_file library /usr/share/abrootfs/image-uuid.env /usr/share/abrootfs/image-uuid.env
new file mode 100644
@@ -0,0 +1,66 @@
+#!/bin/sh
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Siemens AG, 2020-2022
+#
+# Authors:
+# Jan Kiszka <jan.kiszka@siemens.com>
+#
+# SPDX-License-Identifier: MIT
+
+prereqs()
+{
+ # Make sure that this script is run last in local-top
+ local req
+ for req in "${0%/*}"/*; do
+ script="${req##*/}"
+ if [ "$script" != "${0##*/}" ]; then
+ printf '%s\n' "$script"
+ fi
+ done
+}
+case $1 in
+prereqs)
+ prereqs
+ exit 0
+ ;;
+esac
+
+. /scripts/functions
+. /usr/share/abrootfs/image-uuid.env
+
+# Even if this script fails horribly, make sure there won't be a chance the
+# current $ROOT will be attempted. As this device most likely contains a
+# perfectly valid filesystem, it would be mounted successfully, leading to a
+# broken boot.
+echo "ROOT=/dev/null" >/conf/param.conf
+wait_for_udev 10
+case "$ROOT" in
+ PART*)
+ # root was given as PARTUUID= or PARTLABEL=. Use blkid to find the matching
+ # partition
+ ROOT=$(blkid --list-one --output device --match-token "$ROOT")
+ ;;
+ "")
+ # No Root device was given. Use find the matching IMAGE_UUID
+ partitions=$(blkid -o device)
+ for part in $partitions; do
+ if [ "$(blkid -p ${part} --match-types novfat -s USAGE -o value)" = "filesystem" ]; then
+ mount -o ro -t $(get_fstype $part) $part ${rootmnt}
+ . ${rootmnt}/etc/os-release
+ umount ${rootmnt}
+ if [ "${IMAGE_UUID}" = "${TARGET_IMAGE_UUID}" ]; then
+ ROOT="$part"
+ break
+ fi
+ fi
+ done
+ ;;
+esac
+
+if [ -z "${ROOT}" ]; then
+ panic "Can't find the root device with matching UUID!"
+fi
+
+echo "ROOT=${ROOT}" >/conf/param.conf
deleted file mode 100644
@@ -1,33 +0,0 @@
-# This software is a part of ISAR.
-# Copyright (C) Siemens AG, 2020
-#
-# SPDX-License-Identifier: MIT
-
-#!/bin/sh
-set -x
-PREREQ=""
-
-prereqs()
-{
- echo "$PREREQ"
-}
-
-case $1 in
-prereqs)
- prereqs
- exit 0
- ;;
-esac
-
-. /usr/share/initramfs-tools/scripts/functions
-. /usr/share/initramfs-tools/hook-functions
-
-if [ ! -e /etc/os-release ]; then
- echo "Warning: couldn't find /etc/os-release!"
- exit 0
-fi
-
-IMAGE_UUID=$(sed -n 's/^IMAGE_UUID="\(.*\)"/\1/p' /etc/os-release)
-echo "${IMAGE_UUID}" > "${DESTDIR}/conf/image_uuid"
-
-exit 0
\ No newline at end of file
deleted file mode 100644
@@ -1,6 +0,0 @@
-#!/bin/sh
-
-# patch local script
-patch -s -p0 /usr/share/initramfs-tools/scripts/local /usr/share/initramfs-abrootfs-hook/debian-local.patch
-
-update-initramfs -v -u
@@ -1,33 +1,40 @@
#
# CIP Core, generic profile
#
-# Copyright (c) Siemens AG, 2020
+# Copyright (c) Siemens AG, 2020-2022
#
# Authors:
# Quirin Gylstorff <quirin.gylstorff@siemens.com>
+# Jan Kiszka <jan.kiszka@siemens.com>
#
# SPDX-License-Identifier: MIT
inherit dpkg-raw
-DEBIAN_DEPENDS += ", busybox, patch"
+DEBIAN_DEPENDS = "initramfs-tools"
-SRC_URI += "file://postinst \
- file://initramfs.lsblk.hook \
- file://initramfs.image_uuid.hook \
- file://debian-local-patch"
+SRC_URI += "file://abrootfs.hook \
+ file://abrootfs.script"
+
+ABROOTFS_IMAGE_RECIPE ?= "cip-core-image"
+
+IMAGE_UUID_ENV_FILE = "${DEPLOY_DIR_IMAGE}/${ABROOTFS_IMAGE_RECIPE}-${DISTRO}-${MACHINE}.uuid.env"
+
+do_install[depends] += "${ABROOTFS_IMAGE_RECIPE}:do_generate_image_uuid"
+do_install[cleandirs] += " \
+ ${D}/usr/share/initramfs-tools/hooks \
+ ${D}/usr/share/abrootfs \
+ ${D}/usr/share/initramfs-tools/scripts/local-top"
do_install() {
- # add patch for local to /usr/share/initramfs-abrootfs-hook
- TARGET=${D}/usr/share/initramfs-abrootfs-hook
- install -m 0755 -d ${TARGET}
- install -m 0644 ${WORKDIR}/debian-local-patch ${TARGET}/debian-local.patch
-
- # add hooks for secure boot
- HOOKS=${D}/etc/initramfs-tools/hooks
- install -m 0755 -d ${HOOKS}
- install -m 0740 ${WORKDIR}/initramfs.lsblk.hook ${HOOKS}/lsblk.hook
- install -m 0740 ${WORKDIR}/initramfs.image_uuid.hook ${HOOKS}/image_uuid.hook
+ if [ -f "${IMAGE_UUID_ENV_FILE}" ]; then
+ install -m 0600 "${IMAGE_UUID_ENV_FILE}" "${D}/usr/share/abrootfs/image-uuid.env"
+ else
+ bberror "Did not find ${IMAGE_UUID_ENV_FILE}. initramfs will not be build correctly!"
+ fi
+ install -m 0755 "${WORKDIR}/abrootfs.script" \
+ "${D}/usr/share/initramfs-tools/scripts/local-top/abrootfs"
+ install -m 0755 "${WORKDIR}/abrootfs.hook" \
+ "${D}/usr/share/initramfs-tools/hooks/abrootfs"
}
-addtask do_install after do_transform_template