From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH v6 0/8] systemd uki support
Date: Thu, 10 Oct 2024 10:53:48 +0300 [thread overview]
Message-ID: <ZweIDGG8rMT5E9R-@nuoska> (raw)
In-Reply-To: <21828cb8152b762bbc4987312e2dc0c0613c34fb.camel@linuxfoundation.org>
Hi,
On Wed, Oct 09, 2024 at 11:36:51PM +0100, Richard Purdie wrote:
> On Wed, 2024-10-09 at 18:53 +0100, Richard Purdie via
> lists.openembedded.org wrote:
> > On Wed, 2024-10-09 at 14:26 +0300, Mikko Rapeli via
> > lists.openembedded.org wrote:
> > > These changes enable building systemd uki images which combine
> > > kernel, kernel command line, initrd and possibly signatures to
> > > a single UEFI binary. This binary can be booted with UEFI firmware
> > > and systemd-boot. No grub is needed and UEFI firmware and/or
> > > systemd-boot provide possibilities for boot menus.
> > > The uki binary can also be signed for UEFI secure boot
> > > so the secure boot extends from firmware to kernel and initrd.
> > > Binding secure boot to full userspace is then easier since for
> > > example
> > > kernel command line and initrd contain the support needed to mount
> > > encrypted dm-verity etc partitions, and/or create partitions on
> > > demand
> > > with systemd-repart using device specific TPM devices for
> > > encryption.
> > >
> > > Tested on qemuarm64-secureboot machine from meta-arm with changes
> > > to
> > > support secure boot. Slightly different configuration tested on
> > > multiple arm64 System Ready boards with UEFI firmware, real and
> > > firmware
> > > based TPM devices. Tested with ovmf firmware on x86_64 with
> > > selftests but
> > > without secure boot which seems to be harder to setup in ovmf.
> > >
> > > Sadly I see two wic selftests, wic.Wic2.test_rawcopy_plugin_qemu
> > > and
> > > wic.Wic2.test_expand_mbr_image, failing when executing all wic
> > > selftests
> > > on a build machine with zfs filesystem. Will investigate this
> > > further.
> > > The issue seems to be in mkfs.ext4 producing broken filesystem, and
> > > partially
> > > in the tests which don't run the correct rootfs file (.ext4 vs
> > > .wic).
> > > Will debug this further and it is IMO unrelated to these changes
> > > since
> > > they reproduce on pure master branch without this series.
> > >
> > > v6: fixed wic refactoring botch which broken non-uki systemd-boot
> > > usage on
> > > ��� genericarm64 reported by Ross Burton <Ross.Burton@arm.com>,
> > > added
> > > ��� selftest to cover this wks usage on x86 and aarch64
> > >
> > > v5: drop patch "image_types_wic.bbclass: set systemd-boot and os-
> > > release
> > > ��� dependency for all archs" since systemd-boot does not support
> > > all
> > > ��� architectures
> > >
> > > v4: handle missing runqemu variable from build config, add
> > > python3-pefile to fast ptest list
> > >
> > > v3: rebased, fixed and added more sefltests, removed wic plugin
> > > side uki
> > > support
> > >
> > > v2:
> > > https://lists.openembedded.org/g/openembedded-core/message/204090
> > >
> >
> > This seems to be causing selftest failures unfortunately:
> >
> > https://valkyrie.yoctoproject.org/#/builders/54/builds/206/steps/14/logs/stdio
>
> I think something may be broken in master causing that. Not quite sure
> what/when yet.
Sorry, this is my bad. x86 test runqemu is missing ovmf argument. I don't know how
this slipped through. Will send a new version.
Cheers,
-Mikko
prev parent reply other threads:[~2024-10-10 7:53 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-09 11:26 [PATCH v6 0/8] systemd uki support Mikko Rapeli
2024-10-09 11:26 ` [PATCH v6 1/8] uki.bbclass: add class for building Unified Kernel Images (UKI) Mikko Rapeli
2024-10-09 19:53 ` [OE-core] " Ricardo Salveti
2024-10-10 9:06 ` Mikko Rapeli
2024-10-10 15:21 ` Ricardo Salveti
2024-10-09 11:26 ` [PATCH v6 2/8] wic bootimg-efi.py: keep timestamps and add debug prints Mikko Rapeli
2024-10-09 11:26 ` [PATCH v6 3/8] wic bootimg-efi.py: change UKI support from wic plugin to uki.bbclass Mikko Rapeli
2024-10-09 11:26 ` [PATCH v6 4/8] oeqa selftest uki.py: add tests for uki.bbclass Mikko Rapeli
2024-10-09 11:26 ` [PATCH v6 5/8] oeqa selftest efibootpartition.py: add TEST_RUNQEMUPARAMS to runqemu Mikko Rapeli
2024-10-09 11:26 ` [PATCH v6 6/8] oeqa selftest efibootpartition.py: remove systemd-boot from grub-efi test Mikko Rapeli
2024-10-09 11:26 ` [PATCH v6 7/8] oeqa selftest wic.py: add TEST_RUNQEMUPARAMS to runqemu Mikko Rapeli
2024-10-09 11:26 ` [PATCH v6 8/8] oeqa selftest wic.py: support UKIs via uki.bbclass Mikko Rapeli
2024-10-09 17:53 ` [OE-core] [PATCH v6 0/8] systemd uki support Richard Purdie
[not found] ` <17FCDA527F20D203.22523@lists.openembedded.org>
2024-10-09 22:36 ` Richard Purdie
2024-10-10 7:53 ` Mikko Rapeli [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZweIDGG8rMT5E9R-@nuoska \
--to=mikko.rapeli@linaro.org \
--cc=openembedded-core@lists.openembedded.org \
--cc=richard.purdie@linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox