From patchwork Thu Feb 16 03:35:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13142467 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9832FC61DA4 for ; Thu, 16 Feb 2023 03:37:06 +0000 (UTC) Received: from mta-64-225.siemens.flowmailer.net (mta-64-225.siemens.flowmailer.net [185.136.64.225]) by mx.groups.io with SMTP id smtpd.web11.2521.1676518621485032881 for ; Wed, 15 Feb 2023 19:37:01 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=Wmvivqux; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.225, mailfrom: fm-72506-202302160336584ef060ebf1cd9f4340-11ao5_@rts-flowmailer.siemens.com) Received: by mta-64-225.siemens.flowmailer.net with ESMTPSA id 202302160336584ef060ebf1cd9f4340 for ; Thu, 16 Feb 2023 04:36:58 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=fnzizk7RTE8eUPDNDXV4vJ87+HoZfi8uHrcABnKubN8=; b=WmvivquxS0iroUzrqST8/G6DtNlI1wYyXgRSlHd7Quxcw2urq/7QkPjz83Fvf7ppTzZpw2 L4iNB9Cg9Xl78cHwOmILed/ZgbvgRzZywYL4MQtZNVCkkW0e7p0bxch/pXCyxEjnR4LIJpP+ +DueZ+PqfU/sy6XL+4QpsZg2LYpcc=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v5 1/8] register image classes via layer.conf Date: Thu, 16 Feb 2023 03:35:37 +0000 Message-Id: <20230216033544.1990604-2-felix.moessbauer@siemens.com> In-Reply-To: <20230216033544.1990604-1-felix.moessbauer@siemens.com> References: <20230216033544.1990604-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 16 Feb 2023 03:37:06 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10702 This patch registers the provided image classes via the bblayer.conf file. By that, no manual additions of these classes via kas is required and erronous implementations are detected early (e.g. mandatory inputs without defaults). Signed-off-by: Felix Moessbauer --- conf/layer.conf | 2 ++ doc/README.secureboot.md | 1 - kas/opt/ebg-secure-boot-snakeoil.yml | 1 - kas/opt/swupdate.yml | 1 - 4 files changed, 2 insertions(+), 3 deletions(-) diff --git a/conf/layer.conf b/conf/layer.conf index 0c5fd39..2c888b2 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -22,3 +22,5 @@ LAYERSERIES_COMPAT_cip-core = "next" LAYERDIR_cip-core = "${LAYERDIR}" LAYERDIR_cip-core[vardepvalue] = "isar-cip-core" + +IMAGE_CLASSES += "squashfs verity swupdate" diff --git a/doc/README.secureboot.md b/doc/README.secureboot.md index 50562e1..b15ea93 100644 --- a/doc/README.secureboot.md +++ b/doc/README.secureboot.md @@ -151,7 +151,6 @@ header: local_conf_header: secure-boot-image: | - IMAGE_CLASSES += "verity" IMAGE_FSTYPES = "wic" WKS_FILE = "${MACHINE}-efibootguard-secureboot.wks.in" INITRAMFS_INSTALL:append = " initramfs-verity-hook" diff --git a/kas/opt/ebg-secure-boot-snakeoil.yml b/kas/opt/ebg-secure-boot-snakeoil.yml index a182a67..9a28453 100644 --- a/kas/opt/ebg-secure-boot-snakeoil.yml +++ b/kas/opt/ebg-secure-boot-snakeoil.yml @@ -16,7 +16,6 @@ header: local_conf_header: secure-boot-image: | - IMAGE_CLASSES += "verity" IMAGE_FSTYPES = "wic" IMAGE_TYPEDEP:wic += "verity" WKS_FILE = "${MACHINE}-efibootguard-secureboot.wks.in" diff --git a/kas/opt/swupdate.yml b/kas/opt/swupdate.yml index ae5e3a1..7902d82 100644 --- a/kas/opt/swupdate.yml +++ b/kas/opt/swupdate.yml @@ -19,7 +19,6 @@ local_conf_header: CIP_IMAGE_OPTIONS:append = " swupdate.inc" wic-swu: | - IMAGE_CLASSES += "squashfs" IMAGE_TYPEDEP:wic += "squashfs" IMAGE_FSTYPES = "wic" WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks.in" From patchwork Thu Feb 16 03:35:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13142468 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8B549C61DA4 for ; Thu, 16 Feb 2023 03:37:46 +0000 (UTC) Received: from mta-65-226.siemens.flowmailer.net (mta-65-226.siemens.flowmailer.net [185.136.65.226]) by mx.groups.io with SMTP id smtpd.web10.2426.1676518659954523673 for ; Wed, 15 Feb 2023 19:37:40 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=S49HQ7/q; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.226, mailfrom: fm-72506-202302160337376e4192315ae2678eea-yt_nmw@rts-flowmailer.siemens.com) Received: by mta-65-226.siemens.flowmailer.net with ESMTPSA id 202302160337376e4192315ae2678eea for ; Thu, 16 Feb 2023 04:37:37 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=w1/rxsuft/Kc7xPolUfcn8Tw2hov6muq9ewEnSZTWQ0=; b=S49HQ7/q1BabkMLQhGYQ6CB00Qg4eljBRBBqM0QnOLdvRE944K0xDBzo+N0D2gjMWCjpZh ttmwXwL4JkXAh6gg367Q7hDw5MNtTAGp8h2nlZjg6Rh6hfD5jnTdYq17CCCrvYabByoZWZKg tJjA0+BptdtNa+lsOrzt8VmZvGb2g=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v5 2/8] refactor: use imagetypes for swu generation Date: Thu, 16 Feb 2023 03:35:38 +0000 Message-Id: <20230216033544.1990604-3-felix.moessbauer@siemens.com> In-Reply-To: <20230216033544.1990604-1-felix.moessbauer@siemens.com> References: <20230216033544.1990604-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 16 Feb 2023 03:37:46 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10703 This patch reworks the implementation of the swupdate type. All generic aspects are moved from the swupdate.inc file into the swupdate class and made conditional on the swu type. The sw-description file is now referenced using the image-type infrastructure, which avoids manual additions to FILESEXTRAPATHS and accidental overwrites of SRC_URI. The templating logic is moved into the generic one provided by imagetypes. Signed-off-by: Felix Moessbauer --- classes/swupdate.bbclass | 27 ++++++++++++------- kas/opt/swupdate.yml | 4 +-- .../images/{files => swu}/sw-description.tmpl | 0 recipes-core/images/swupdate.inc | 15 ----------- 4 files changed, 19 insertions(+), 27 deletions(-) rename recipes-core/images/{files => swu}/sw-description.tmpl (100%) diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass index 5eb4936..8438c5b 100644 --- a/classes/swupdate.bbclass +++ b/classes/swupdate.bbclass @@ -8,23 +8,34 @@ # Quirin Gylstorff # # SPDX-License-Identifier: MIT +ROOTFS_PARTITION_NAME ?= "${IMAGE_FULLNAME}.wic.p4.gz" SWU_IMAGE_FILE ?= "${DEPLOY_DIR_IMAGE}/${PN}-${DISTRO}-${MACHINE}.swu" SWU_DESCRIPTION_FILE ?= "sw-description" -SWU_ADDITIONAL_FILES ?= "" +SWU_ADDITIONAL_FILES ?= "linux.efi ${ROOTFS_PARTITION_NAME}" SWU_SIGNED ?= "" SWU_SIGNATURE_EXT ?= "sig" SWU_SIGNATURE_TYPE ?= "rsa" BUILDCHROOT_IMAGE_FILE ?= "${PP_DEPLOY}/${@os.path.basename(d.getVar('SWU_IMAGE_FILE'))}" -IMAGER_INSTALL += "cpio" -IMAGER_INSTALL += "${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}" +IMAGE_TYPEDEP:wic += "squashfs" +IMAGE_TYPEDEP:swu = "wic" +IMAGER_INSTALL:swu += "cpio ${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}" -do_swupdate_binary[stamp-extra-info] = "${DISTRO}-${MACHINE}" -do_swupdate_binary[cleandirs] += "${WORKDIR}/swu" -do_swupdate_binary[network] = "${TASK_USE_SUDO}" -do_swupdate_binary() { +IMAGE_SRC_URI:swu = "file://${SWU_DESCRIPTION_FILE}.tmpl" +IMAGE_TEMPLATE_FILES:swu = "${SWU_DESCRIPTION_FILE}.tmpl" +IMAGE_TEMPLATE_VARS:swu = "ROOTFS_PARTITION_NAME TARGET_IMAGE_UUID ABROOTFS_PART_UUID_A ABROOTFS_PART_UUID_B" + +# This imagetype is neither machine nor distro specific. Hence, we cannot +# use paths in FILESOVERRIDES. Manual modifications of this variable are +# discouradged and hard to implement. Instead, we register this path explicitly. +# We append to the path, so locally provided config files are preferred +FILESEXTRAPATHS:append = ":${LAYERDIR_cip-core}/recipes-core/images/swu" + +do_image_swu[stamp-extra-info] = "${DISTRO}-${MACHINE}" +do_image_swu[cleandirs] += "${WORKDIR}/swu" +IMAGE_CMD:swu() { rm -f '${SWU_IMAGE_FILE}' cp '${WORKDIR}/${SWU_DESCRIPTION_FILE}' '${WORKDIR}/swu/${SWU_DESCRIPTION_FILE}' @@ -91,5 +102,3 @@ do_swupdate_binary() { fi done | cpio -ovL -H crc > "${BUILDCHROOT_IMAGE_FILE}"' } - -addtask swupdate_binary before do_build after do_deploy do_copy_boot_files do_install_imager_deps do_transform_template diff --git a/kas/opt/swupdate.yml b/kas/opt/swupdate.yml index 7902d82..80cd86e 100644 --- a/kas/opt/swupdate.yml +++ b/kas/opt/swupdate.yml @@ -19,10 +19,8 @@ local_conf_header: CIP_IMAGE_OPTIONS:append = " swupdate.inc" wic-swu: | - IMAGE_TYPEDEP:wic += "squashfs" - IMAGE_FSTYPES = "wic" + IMAGE_FSTYPES += "swu" WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks.in" INITRAMFS_INSTALL:append = " initramfs-squashfs-hook" - WIC_DEPLOY_PARTITIONS = "1" ABROOTFS_PART_UUID_A ?= "fedcba98-7654-3210-cafe-5e0710000001" ABROOTFS_PART_UUID_B ?= "fedcba98-7654-3210-cafe-5e0710000002" diff --git a/recipes-core/images/files/sw-description.tmpl b/recipes-core/images/swu/sw-description.tmpl similarity index 100% rename from recipes-core/images/files/sw-description.tmpl rename to recipes-core/images/swu/sw-description.tmpl diff --git a/recipes-core/images/swupdate.inc b/recipes-core/images/swupdate.inc index ee893dd..f4f5c42 100644 --- a/recipes-core/images/swupdate.inc +++ b/recipes-core/images/swupdate.inc @@ -10,26 +10,11 @@ # inherit image_uuid -inherit swupdate inherit read-only-rootfs IMAGE_INSTALL += " swupdate" IMAGE_INSTALL += " swupdate-handler-roundrobin" -ROOTFS_PARTITION_NAME = "${IMAGE_FULLNAME}.wic.p4.gz" - -FILESEXTRAPATHS:prepend := "${THISDIR}/files:" - -SRC_URI += "file://sw-description.tmpl" -TEMPLATE_FILES += "sw-description.tmpl" - -do_transform_template[vardeps] += "TARGET_IMAGE_UUID" -addtask do_transform_template before do_swupdate_binary after do_generate_image_uuid - -TEMPLATE_VARS += "ROOTFS_PARTITION_NAME TARGET_IMAGE_UUID ABROOTFS_PART_UUID_A ABROOTFS_PART_UUID_B" - -SWU_ADDITIONAL_FILES += "linux.efi ${ROOTFS_PARTITION_NAME}" - python() { for u in ['A', 'B']: if not d.getVar('ABROOTFS_PART_UUID_' + u): From patchwork Thu Feb 16 03:42:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13142469 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BB6C9C61DA4 for ; Thu, 16 Feb 2023 03:42:56 +0000 (UTC) Received: from mta-65-225.siemens.flowmailer.net (mta-65-225.siemens.flowmailer.net [185.136.65.225]) by mx.groups.io with SMTP id smtpd.web10.2525.1676518974831078888 for ; Wed, 15 Feb 2023 19:42:55 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=N+HOJOUr; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.225, mailfrom: fm-72506-202302160342529bcf20bde02299692b-bxs5sm@rts-flowmailer.siemens.com) Received: by mta-65-225.siemens.flowmailer.net with ESMTPSA id 202302160342529bcf20bde02299692b for ; Thu, 16 Feb 2023 04:42:52 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc; bh=co6Ruff++oJb0Ft+S9CUGgvS1eXDsumgRMTGDUJnVEc=; b=N+HOJOUr8BEeaPVOTwArOVwZcS07PkdeQxZBYHZ6NmxwImZGimes5GZdZ4NchPXd0/smL5 wOuxGkTzZMuEHcJBQ9DfEkdTaVKQsZ8gGx80DeIFc/uK2DeOjnCy2SlY9a1aNfO+BxwjLd9c cnLyrTks+qO7n3w6v/pKQ4sWqFHd4=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v5 3/8] swu: directly image from squashfs rootfs Date: Thu, 16 Feb 2023 03:42:41 +0000 Message-Id: <20230216034241.1992269-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 16 Feb 2023 03:42:56 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10704 This patch reworks the generation of the swu file. Instead of using the rootfs partition created by wic, we directly use the squashfs rootfs as default. By that, we do not have to deploy the WIC partitions and also always select the correct rootfs independent of the partition number. This is especially relevant for embedded boards, where the first partitions contain the u-boot-spl and firmware. For use-cases with other fs formats (like verity), we support to overwrite the SWU_ROOTFS_NAME and SWU_ROOTFS_TYPE. Signed-off-by: Felix Moessbauer --- classes/swupdate.bbclass | 8 +++++--- kas/opt/ebg-secure-boot-snakeoil.yml | 1 + kas/opt/swupdate.yml | 1 + 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass index 8438c5b..bb648c2 100644 --- a/classes/swupdate.bbclass +++ b/classes/swupdate.bbclass @@ -6,9 +6,12 @@ # Authors: # Christian Storm # Quirin Gylstorff +# Felix Moessbauer # # SPDX-License-Identifier: MIT -ROOTFS_PARTITION_NAME ?= "${IMAGE_FULLNAME}.wic.p4.gz" +SWU_ROOTFS_TYPE ?= "squashfs" +SWU_ROOTFS_NAME ?= "${IMAGE_FULLNAME}" +ROOTFS_PARTITION_NAME ?= "${SWU_ROOTFS_NAME}.${SWU_ROOTFS_TYPE}.gz" SWU_IMAGE_FILE ?= "${DEPLOY_DIR_IMAGE}/${PN}-${DISTRO}-${MACHINE}.swu" SWU_DESCRIPTION_FILE ?= "sw-description" @@ -19,8 +22,7 @@ SWU_SIGNATURE_TYPE ?= "rsa" BUILDCHROOT_IMAGE_FILE ?= "${PP_DEPLOY}/${@os.path.basename(d.getVar('SWU_IMAGE_FILE'))}" -IMAGE_TYPEDEP:wic += "squashfs" -IMAGE_TYPEDEP:swu = "wic" +IMAGE_TYPEDEP:swu = "wic ${SWU_ROOTFS_TYPE}.gz" IMAGER_INSTALL:swu += "cpio ${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}" IMAGE_SRC_URI:swu = "file://${SWU_DESCRIPTION_FILE}.tmpl" diff --git a/kas/opt/ebg-secure-boot-snakeoil.yml b/kas/opt/ebg-secure-boot-snakeoil.yml index 9a28453..3d0e3c9 100644 --- a/kas/opt/ebg-secure-boot-snakeoil.yml +++ b/kas/opt/ebg-secure-boot-snakeoil.yml @@ -18,6 +18,7 @@ local_conf_header: secure-boot-image: | IMAGE_FSTYPES = "wic" IMAGE_TYPEDEP:wic += "verity" + SWU_ROOTFS_TYPE = "verity" WKS_FILE = "${MACHINE}-efibootguard-secureboot.wks.in" INITRAMFS_INSTALL:append = " initramfs-verity-hook" # abrootfs cannot be installed together with verity diff --git a/kas/opt/swupdate.yml b/kas/opt/swupdate.yml index 80cd86e..236b3c4 100644 --- a/kas/opt/swupdate.yml +++ b/kas/opt/swupdate.yml @@ -19,6 +19,7 @@ local_conf_header: CIP_IMAGE_OPTIONS:append = " swupdate.inc" wic-swu: | + IMAGE_TYPEDEP:wic += "squashfs" IMAGE_FSTYPES += "swu" WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks.in" INITRAMFS_INSTALL:append = " initramfs-squashfs-hook" From patchwork Thu Feb 16 03:45:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13142470 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BC173C61DA4 for ; Thu, 16 Feb 2023 03:45:56 +0000 (UTC) Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net [185.136.65.227]) by mx.groups.io with SMTP id smtpd.web11.2678.1676519152779423585 for ; Wed, 15 Feb 2023 19:45:53 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=Yq+4jP5B; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.227, mailfrom: fm-72506-20230216034550f6165c7896adc41199-9tsk7q@rts-flowmailer.siemens.com) Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 20230216034550f6165c7896adc41199 for ; Thu, 16 Feb 2023 04:45:50 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc; bh=Gd+DzsYI2y8SpMSvbCti/U3UPJKgvtrSpciqXV5cDRw=; b=Yq+4jP5BMgwgDWVqUlFkPyyjZCzmhsTZan4O26fFGG3PQs0/Wrxt+JktN1jplssyrIMzmA BqaJcdkDrUn3a04lhdufVSV4fJWKAXIRqY15OOWIMpQ/AjHMpG/p96vuQ/jSbjebdaCHmPgK dejx3ZzxpHOo+ku9EHpQJnt8DVFBU=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v5 5/8] make sw-description spec compliant Date: Thu, 16 Feb 2023 03:45:15 +0000 Message-Id: <20230216034518.1993074-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 16 Feb 2023 03:45:56 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10705 Remove the filesystem attribute from the images object, as this can only be applied to files objects. Signed-off-by: Felix Moessbauer --- recipes-core/images/swu/sw-description.tmpl | 1 - 1 file changed, 1 deletion(-) diff --git a/recipes-core/images/swu/sw-description.tmpl b/recipes-core/images/swu/sw-description.tmpl index 05125e6..01c5f53 100644 --- a/recipes-core/images/swu/sw-description.tmpl +++ b/recipes-core/images/swu/sw-description.tmpl @@ -17,7 +17,6 @@ software = device = "C:BOOT0:linux.efi->${ABROOTFS_PART_UUID_A},C:BOOT1:linux.efi->${ABROOTFS_PART_UUID_B}"; type = "roundrobin"; compressed = "zlib"; - filesystem = "ext4"; properties: { subtype = "image"; configfilecheck = "/etc/os-release@not_match@IMAGE_UUID=${TARGET_IMAGE_UUID}"; From patchwork Thu Feb 16 03:45:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13142471 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 94C27C61DA4 for ; Thu, 16 Feb 2023 03:46:26 +0000 (UTC) Received: from mta-65-225.siemens.flowmailer.net (mta-65-225.siemens.flowmailer.net [185.136.65.225]) by mx.groups.io with SMTP id smtpd.web11.2689.1676519185396090278 for ; Wed, 15 Feb 2023 19:46:25 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=j4zr2Yzt; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.225, mailfrom: fm-72506-20230216034623da8c572c4c57d65e4a-0t_sc1@rts-flowmailer.siemens.com) Received: by mta-65-225.siemens.flowmailer.net with ESMTPSA id 20230216034623da8c572c4c57d65e4a for ; Thu, 16 Feb 2023 04:46:23 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=YKV4ox0dOYClgjugnxUxVSCTA5MLVV2OQjkTX5Yd2Zg=; b=j4zr2YztqQ1IQ0SNhT8idwGQW6jIgyoD7hltzJwM5O2YBTwayygug2pWAggFODJkRm2cFE L3fXgs5YXCRgSc92xLOXh+zq1WSb6Ig7kdGT/NjpREfasAHb4/vkmhkF2yjeDK1x/OfdTvwX olnEdheVShfHliXZGnNve6k/0amxA=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v5 6/8] swu: replace custom image compression Date: Thu, 16 Feb 2023 03:45:16 +0000 Message-Id: <20230216034518.1993074-2-felix.moessbauer@siemens.com> In-Reply-To: <20230216034518.1993074-1-felix.moessbauer@siemens.com> References: <20230216034518.1993074-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 16 Feb 2023 03:46:26 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10706 This patch replaces the custom compression logic for the rootfs in the swupdate swu file by using the imagetype infrastructure. This handles some corner-cases and in general streamlines the options used for compressing. With the new infrastructure in place, we add support to compress the image with zstd (only zlib and zstd are supported by swupdate). Signed-off-by: Felix Moessbauer --- classes/swupdate.bbclass | 40 ++++++++++----------- recipes-core/images/swu/sw-description.tmpl | 2 +- 2 files changed, 19 insertions(+), 23 deletions(-) diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass index 2a497fb..5f1ab6e 100644 --- a/classes/swupdate.bbclass +++ b/classes/swupdate.bbclass @@ -11,7 +11,9 @@ # SPDX-License-Identifier: MIT SWU_ROOTFS_TYPE ?= "squashfs" SWU_ROOTFS_NAME ?= "${IMAGE_FULLNAME}" -ROOTFS_PARTITION_NAME ?= "${SWU_ROOTFS_NAME}.${SWU_ROOTFS_TYPE}.gz" +# compression type as defined by swupdate (zlib or zstd) +SWU_COMPRESSION_TYPE ?= "zlib" +ROOTFS_PARTITION_NAME ?= "${SWU_ROOTFS_NAME}.${SWU_ROOTFS_TYPE}.${@get_swu_compression_type(d)}" SWU_IMAGE_FILE ?= "${DEPLOY_DIR_IMAGE}/${PN}-${DISTRO}-${MACHINE}.swu" SWU_DESCRIPTION_FILE ?= "sw-description" @@ -22,12 +24,25 @@ SWU_SIGNATURE_TYPE ?= "rsa" BUILDCHROOT_IMAGE_FILE ?= "${PP_DEPLOY}/${@os.path.basename(d.getVar('SWU_IMAGE_FILE'))}" -IMAGE_TYPEDEP:swu = "wic ${SWU_ROOTFS_TYPE}.gz" +IMAGE_TYPEDEP:swu = "wic ${SWU_ROOTFS_TYPE}.${@get_swu_compression_type(d)}" IMAGER_INSTALL:swu += "cpio ${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}" IMAGE_SRC_URI:swu = "file://${SWU_DESCRIPTION_FILE}.tmpl" IMAGE_TEMPLATE_FILES:swu = "${SWU_DESCRIPTION_FILE}.tmpl" -IMAGE_TEMPLATE_VARS:swu = "ROOTFS_PARTITION_NAME TARGET_IMAGE_UUID ABROOTFS_PART_UUID_A ABROOTFS_PART_UUID_B" +IMAGE_TEMPLATE_VARS:swu = " \ + ROOTFS_PARTITION_NAME \ + TARGET_IMAGE_UUID \ + ABROOTFS_PART_UUID_A \ + ABROOTFS_PART_UUID_B \ + SWU_COMPRESSION_TYPE" + +# convert between swupdate compressor name and imagetype extension +def get_swu_compression_type(d): + swu_ct = d.getVar('SWU_COMPRESSION_TYPE', True) + swu_to_image = {'zlib': 'gz', 'zstd': 'zst'} + if swu_ct not in swu_to_image: + bb.fatal('requested SWU_COMPRESSION_TYPE is not supported by swupdate') + return swu_to_image[swu_ct] # This imagetype is neither machine nor distro specific. Hence, we cannot # use paths in FILESOVERRIDES. Manual modifications of this variable are @@ -41,25 +56,6 @@ IMAGE_CMD:swu() { rm -f '${SWU_IMAGE_FILE}' cp '${WORKDIR}/${SWU_DESCRIPTION_FILE}' '${WORKDIR}/swu/${SWU_DESCRIPTION_FILE}' - # Compress files if requested - for file in ${SWU_ADDITIONAL_FILES}; do - basefile=$(basename "$file" .gz) - if [ "$basefile" = "$file" ]; then - continue - fi - for uncompressed in "${WORKDIR}/$basefile" "${DEPLOY_DIR_IMAGE}/$basefile"; do - if [ -e "$uncompressed" ]; then - rm -f "$uncompressed.gz" - if [ -x "$(command -v pigz)" ]; then - pigz "$uncompressed" - else - gzip "$uncompressed" - fi - break - fi - done - done - # Create symlinks for files used in the update image for file in ${SWU_ADDITIONAL_FILES}; do if [ -e "${WORKDIR}/$file" ]; then diff --git a/recipes-core/images/swu/sw-description.tmpl b/recipes-core/images/swu/sw-description.tmpl index 01c5f53..b5a8622 100644 --- a/recipes-core/images/swu/sw-description.tmpl +++ b/recipes-core/images/swu/sw-description.tmpl @@ -16,7 +16,7 @@ software = filename = "${ROOTFS_PARTITION_NAME}"; device = "C:BOOT0:linux.efi->${ABROOTFS_PART_UUID_A},C:BOOT1:linux.efi->${ABROOTFS_PART_UUID_B}"; type = "roundrobin"; - compressed = "zlib"; + compressed = "${SWU_COMPRESSION_TYPE}"; properties: { subtype = "image"; configfilecheck = "/etc/os-release@not_match@IMAGE_UUID=${TARGET_IMAGE_UUID}"; From patchwork Thu Feb 16 03:45:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13142472 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 93E74C61DA4 for ; Thu, 16 Feb 2023 03:46:56 +0000 (UTC) Received: from mta-64-227.siemens.flowmailer.net (mta-64-227.siemens.flowmailer.net [185.136.64.227]) by mx.groups.io with SMTP id smtpd.web10.2608.1676519211625394888 for ; Wed, 15 Feb 2023 19:46:51 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=BvgzEBok; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.227, mailfrom: fm-72506-2023021603464910ceed91ce5c6991c8-xebnkb@rts-flowmailer.siemens.com) Received: by mta-64-227.siemens.flowmailer.net with ESMTPSA id 2023021603464910ceed91ce5c6991c8 for ; Thu, 16 Feb 2023 04:46:49 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=ScAG0jE1nnnd6tTya54ccV+qmx/xOJr9VBvgp0eU5yw=; b=BvgzEBokWb2IKb5ZbdnLUi18mUKxJxDyBssT+SmovSOTGuwZQ3fM1b7jx72rg5PIZ1UR/n LFqh5uoq5z79hgnhICvJ4RdZbaAZPeW8wBO429nF8FweCatKlSka2+pZX50T98qeASmTvOa5 0d1+Mand73X7oCN+x7nHhv7aJ9tU8=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v5 7/8] prefix swu related variables with SWU Date: Thu, 16 Feb 2023 03:45:17 +0000 Message-Id: <20230216034518.1993074-3-felix.moessbauer@siemens.com> In-Reply-To: <20230216034518.1993074-1-felix.moessbauer@siemens.com> References: <20230216034518.1993074-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 16 Feb 2023 03:46:56 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10707 This patch ensures that all variables used in the swupdate.bbclass are either only active when swu is selected, or are prefixed with SWU. By that, we avoid accidental name collisions in the image recipe, as this recipe always inherits the swupdate class (via the imagetype logic). Signed-off-by: Felix Moessbauer --- classes/swupdate.bbclass | 10 +++++----- recipes-core/images/swu/sw-description.tmpl | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass index 5f1ab6e..9fcaf3c 100644 --- a/classes/swupdate.bbclass +++ b/classes/swupdate.bbclass @@ -13,16 +13,16 @@ SWU_ROOTFS_TYPE ?= "squashfs" SWU_ROOTFS_NAME ?= "${IMAGE_FULLNAME}" # compression type as defined by swupdate (zlib or zstd) SWU_COMPRESSION_TYPE ?= "zlib" -ROOTFS_PARTITION_NAME ?= "${SWU_ROOTFS_NAME}.${SWU_ROOTFS_TYPE}.${@get_swu_compression_type(d)}" +SWU_ROOTFS_PARTITION_NAME ?= "${SWU_ROOTFS_NAME}.${SWU_ROOTFS_TYPE}.${@get_swu_compression_type(d)}" SWU_IMAGE_FILE ?= "${DEPLOY_DIR_IMAGE}/${PN}-${DISTRO}-${MACHINE}.swu" SWU_DESCRIPTION_FILE ?= "sw-description" -SWU_ADDITIONAL_FILES ?= "linux.efi ${ROOTFS_PARTITION_NAME}" +SWU_ADDITIONAL_FILES ?= "linux.efi ${SWU_ROOTFS_PARTITION_NAME}" SWU_SIGNED ?= "" SWU_SIGNATURE_EXT ?= "sig" SWU_SIGNATURE_TYPE ?= "rsa" -BUILDCHROOT_IMAGE_FILE ?= "${PP_DEPLOY}/${@os.path.basename(d.getVar('SWU_IMAGE_FILE'))}" +SWU_BUILDCHROOT_IMAGE_FILE ?= "${PP_DEPLOY}/${@os.path.basename(d.getVar('SWU_IMAGE_FILE'))}" IMAGE_TYPEDEP:swu = "wic ${SWU_ROOTFS_TYPE}.${@get_swu_compression_type(d)}" IMAGER_INSTALL:swu += "cpio ${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}" @@ -30,7 +30,7 @@ IMAGER_INSTALL:swu += "cpio ${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SI IMAGE_SRC_URI:swu = "file://${SWU_DESCRIPTION_FILE}.tmpl" IMAGE_TEMPLATE_FILES:swu = "${SWU_DESCRIPTION_FILE}.tmpl" IMAGE_TEMPLATE_VARS:swu = " \ - ROOTFS_PARTITION_NAME \ + SWU_ROOTFS_PARTITION_NAME \ TARGET_IMAGE_UUID \ ABROOTFS_PART_UUID_A \ ABROOTFS_PART_UUID_B \ @@ -98,7 +98,7 @@ IMAGE_CMD:swu() { fi echo "$file.${SWU_SIGNATURE_EXT}" fi - done | cpio -ovL -H crc > "${BUILDCHROOT_IMAGE_FILE}"' + done | cpio -ovL -H crc > "${SWU_BUILDCHROOT_IMAGE_FILE}"' } python do_check_swu_partition_uuids() { diff --git a/recipes-core/images/swu/sw-description.tmpl b/recipes-core/images/swu/sw-description.tmpl index b5a8622..cade7c3 100644 --- a/recipes-core/images/swu/sw-description.tmpl +++ b/recipes-core/images/swu/sw-description.tmpl @@ -13,7 +13,7 @@ software = version = "0.2"; name = "cip software update"; images: ({ - filename = "${ROOTFS_PARTITION_NAME}"; + filename = "${SWU_ROOTFS_PARTITION_NAME}"; device = "C:BOOT0:linux.efi->${ABROOTFS_PART_UUID_A},C:BOOT1:linux.efi->${ABROOTFS_PART_UUID_B}"; type = "roundrobin"; compressed = "${SWU_COMPRESSION_TYPE}"; @@ -21,7 +21,7 @@ software = subtype = "image"; configfilecheck = "/etc/os-release@not_match@IMAGE_UUID=${TARGET_IMAGE_UUID}"; }; - sha256 = "${ROOTFS_PARTITION_NAME}-sha256"; + sha256 = "${SWU_ROOTFS_PARTITION_NAME}-sha256"; }); files: ({ filename = "linux.efi"; From patchwork Thu Feb 16 03:45:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13142473 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 93339C61DA4 for ; Thu, 16 Feb 2023 03:47:16 +0000 (UTC) Received: from mta-64-228.siemens.flowmailer.net (mta-64-228.siemens.flowmailer.net [185.136.64.228]) by mx.groups.io with SMTP id smtpd.web11.2709.1676519226959568856 for ; Wed, 15 Feb 2023 19:47:07 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=HA1cH732; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.228, mailfrom: fm-72506-20230216034704ac2f7f899b9a72ad00-pnanwu@rts-flowmailer.siemens.com) Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id 20230216034704ac2f7f899b9a72ad00 for ; Thu, 16 Feb 2023 04:47:04 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=4tn4zdGcTt0xzyvTqCH+AzuTy7wqiJ9ih1NXePJMS/A=; b=HA1cH732HrCpil3QcBwwXOo4qCYKzgY4xlxCrLT3pkzUUt+2yZ3HiYFegdvVwTZ7oit5Ze 8pfakGVLd1xdB3yRV3td4e6B4zVytpxRWW1B3UiIfMzUULPfnm/r2rLppOcwlXXAfTkQfXPm 2lhbIgxX4PPK56qqaWx2UgzBGp7/s=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v5 8/8] refactor verity image creation Date: Thu, 16 Feb 2023 03:45:18 +0000 Message-Id: <20230216034518.1993074-4-felix.moessbauer@siemens.com> In-Reply-To: <20230216034518.1993074-1-felix.moessbauer@siemens.com> References: <20230216034518.1993074-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 16 Feb 2023 03:47:16 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10708 This patch simplifies the integration of verity with swupdate. We now directly copy the generated verity image into the swu file, instead of going via wic. This solves the issue with leading partitions, shifting the partition layout and resulting in a wrong partition in the swu file. Further, we cleanup some duplicated variables. Signed-off-by: Felix Moessbauer --- classes/verity.bbclass | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/classes/verity.bbclass b/classes/verity.bbclass index 154b9e1..747a7ae 100644 --- a/classes/verity.bbclass +++ b/classes/verity.bbclass @@ -9,21 +9,16 @@ # SPDX-License-Identifier: MIT # -VERITY_IMAGE_TYPE ?= "squashfs" - -inherit ${VERITY_IMAGE_TYPE} - IMAGE_TYPEDEP:verity = "${VERITY_IMAGE_TYPE}" IMAGER_INSTALL:verity += "cryptsetup" +VERITY_IMAGE_TYPE ?= "squashfs" VERITY_INPUT_IMAGE ?= "${IMAGE_FULLNAME}.${VERITY_IMAGE_TYPE}" VERITY_OUTPUT_IMAGE ?= "${IMAGE_FULLNAME}.verity" VERITY_IMAGE_METADATA = "${VERITY_OUTPUT_IMAGE}.metadata" VERITY_HASH_BLOCK_SIZE ?= "1024" VERITY_DATA_BLOCK_SIZE ?= "1024" -IMAGER_INSTALL += "cryptsetup" - create_verity_env_file() { local ENV="${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.verity.env"