Re: [PATCH v2] wic/bootimg-efi: Add Unified Kernel Image option

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Kristian Klausen <kristian@klausen.dk>
To: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Kristian Klausen <kristian@klausen.dk>,
	openembedded-core@lists.openembedded.org
Subject: Re: [PATCH v2] wic/bootimg-efi: Add Unified Kernel Image option
Date: Fri, 1 Oct 2021 09:13:42 +0200	[thread overview]
Message-ID: <YVa1Jr29QAgfhqqo@bob> (raw)
In-Reply-To: <0c89091d931bd81497bb81df47f1dfb559f2fffe.camel@linuxfoundation.org>

Den Thu, Sep 30, 2021 at 23:46:00 +0100 skrev Richard Purdie:
> On Mon, 2021-09-27 at 13:18 +0200, Kristian Klausen wrote:
> > Den Mon, Sep 13, 2021 at 10:13:04 +0200 skrev Kristian Klausen:
> > > "A unified kernel image is a single EFI PE executable combining an EFI
> > > stub loader, a kernel image, an initramfs image, and the kernel command
> > > line.
> > > 
> > > [...]
> > > 
> > > Images of this type have the advantage that all metadata and payload
> > > that makes up the boot entry is monopolized in a single PE file that can
> > > be signed cryptographically as one for the purpose of EFI
> > > SecureBoot."[1]
> > > 
> > > This commit adds a create-unified-kernel-image=true option to the
> > > bootimg-efi plugin for creating a Unified Kernel Image[1] and installing
> > > it into $BOOT/EFI/Linux/ with a .efi extension per the the Boot Loader
> > > Specification[1][2]. This is useful for implementing Secure Boot.
> > > 
> > > systemd-boot is the only mainstream bootloader implementing the
> > > specification, but GRUB should be able to boot the EFI binary, this
> > > commit however doesn't implement the necessary changes to the GRUB
> > > config generation logic to boot the Unified Kernel Image.
> > > 
> > > [1] https://systemd.io/BOOT_LOADER_SPECIFICATION/#type-2-efi-unified-kernel-images
> > > [2] https://systemd.io/BOOT_LOADER_SPECIFICATION/
> > > 
> > > Signed-off-by: Kristian Klausen <kristian@klausen.dk>
> > 
> > Any update on getting this merged?
> > 
> > Cheers,
> > Kristian
> > 
> > > ---
> > > V2:
> > > Add os-release as dependency
> > > Pull os-release file from STAGING_DIR_HOST, so it doesn't need to be
> > > installed into the rootfs
> > > Add selftest
> > > 
> > >  meta-selftest/wic/test_efi_plugin.wks         |  6 ++
> > >  meta/classes/image_types_wic.bbclass          |  5 +-
> > >  meta/lib/oeqa/selftest/cases/wic.py           | 29 ++++++++
> > >  scripts/lib/wic/plugins/source/bootimg-efi.py | 71 ++++++++++++++++---
> > >  4 files changed, 99 insertions(+), 12 deletions(-)
> > >  create mode 100644 meta-selftest/wic/test_efi_plugin.wks
> > > 
> > > diff --git a/meta-selftest/wic/test_efi_plugin.wks b/meta-selftest/wic/test_efi_plugin.wks
> > > new file mode 100644
> > > index 0000000000..1603d6c4bb
> > > --- /dev/null
> > > +++ b/meta-selftest/wic/test_efi_plugin.wks
> > > @@ -0,0 +1,6 @@
> > > +# short-description: This file is used in oe-selftest wic module to test efi plugin
> > > +
> > > +part /boot --source bootimg-efi --sourceparams="loader=systemd-boot,create-unified-kernel-image=true,initrd=${INITRAMFS_IMAGE}-${MACHINE}.${INITRAMFS_FSTYPES}" --active --align 1024 --use-uuid
> > > +part / --source rootfs --fstype=ext4 --align 1024 --use-uuid
> > > +
> > > +bootloader  --timeout=0 --append="console=ttyS0,115200n8"
> > > diff --git a/meta/classes/image_types_wic.bbclass b/meta/classes/image_types_wic.bbclass
> > > index d561fb2636..e3863c88a9 100644
> > > --- a/meta/classes/image_types_wic.bbclass
> > > +++ b/meta/classes/image_types_wic.bbclass
> > > @@ -27,6 +27,7 @@ WICVARS ?= "\
> > >  	ROOTFS_SIZE \
> > >  	STAGING_DATADIR \
> > >  	STAGING_DIR \
> > > +	STAGING_DIR_HOST \
> > >  	STAGING_LIBDIR \
> > >  	TARGET_SYS \
> > >  "
> > > @@ -84,8 +85,8 @@ do_image_wic[deptask] += "do_image_complete"
> > >  WKS_FILE_DEPENDS_DEFAULT = '${@bb.utils.contains_any("BUILD_ARCH", [ 'x86_64', 'i686' ], "syslinux-native", "",d)}'
> > >  WKS_FILE_DEPENDS_DEFAULT += "bmap-tools-native cdrtools-native btrfs-tools-native squashfs-tools-native e2fsprogs-native"
> > >  WKS_FILE_DEPENDS_BOOTLOADERS = ""
> > > -WKS_FILE_DEPENDS_BOOTLOADERS:x86 = "syslinux grub-efi systemd-boot"
> > > -WKS_FILE_DEPENDS_BOOTLOADERS:x86-64 = "syslinux grub-efi systemd-boot"
> > > +WKS_FILE_DEPENDS_BOOTLOADERS:x86 = "syslinux grub-efi systemd-boot os-release"
> > > +WKS_FILE_DEPENDS_BOOTLOADERS:x86-64 = "syslinux grub-efi systemd-boot os-release"
> > >  WKS_FILE_DEPENDS_BOOTLOADERS:x86-x32 = "syslinux grub-efi"
> > >  
> 
> Sadly this fails during testing on several machines:
> 
> https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2676
> 
> which is probably from the os-release dependency. I need to remove this patch
> and retest but given it is wic failures, I suspect this patch...
> 
> Cheers,
> 
> Richard
> 

Hi Richard

That is unfortunate. I just had a quick look at the failed no-x11 
build[1] and failed wic build[3]. According to the error logs[2][4] the 
"postinstall intercept hook 'update_gio_module_cache'" is failing due 
to:
TOPDIR/tmp/work/qemux86_64-poky-linux/core-image-sato/1.0-r0/rootfs/usr/libexec/gio-querymodules: /lib64/libc.so.6: version `GLIBC_2.34' not found (required by TOPDIR/tmp/work/qemux86_64-poky-linux/core-image-sato/1.0-r0/rootfs/usr/libexec/gio-querymodules)

So I'm not sure it is related to my patch, please let me know how it 
goes with the retest and I can investigate further if my patch is to 
blame.

For the record, the tested patch wasn't this (v2) but the v3[5].

[1] https://autobuilder.yoctoproject.org/typhoon/#/builders/40/builds/4084
[2] https://errors.yoctoproject.org/Errors/Build/131891/
[3] https://autobuilder.yoctoproject.org/typhoon/#/builders/58/builds/4049
[4] https://errors.yoctoproject.org/Errors/Build/131857/
[5] https://lists.openembedded.org/g/openembedded-core/topic/patch_v3_wic_bootimg_efi/85923375

Cheers,
Kristian

next prev parent reply	other threads:[~2021-10-01  7:13 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-13  8:13 [PATCH v2] wic/bootimg-efi: Add Unified Kernel Image option Kristian Klausen
2021-09-27 11:18 ` Kristian Klausen
2021-09-30 22:46   ` Richard Purdie
2021-10-01  7:13     ` Kristian Klausen [this message]
2021-10-01  8:41       ` Richard Purdie

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YVa1Jr29QAgfhqqo@bob \
    --to=kristian@klausen.dk \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=richard.purdie@linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.