On Mon, 2021-09-27 at 13:18 +0200, Kristian Klausen wrote: > Den Mon, Sep 13, 2021 at 10:13:04 +0200 skrev Kristian Klausen: > > "A unified kernel image is a single EFI PE executable combining an EFI > > stub loader, a kernel image, an initramfs image, and the kernel command > > line. > > > > [...] > > > > Images of this type have the advantage that all metadata and payload > > that makes up the boot entry is monopolized in a single PE file that can > > be signed cryptographically as one for the purpose of EFI > > SecureBoot."[1] > > > > This commit adds a create-unified-kernel-image=true option to the > > bootimg-efi plugin for creating a Unified Kernel Image[1] and installing > > it into $BOOT/EFI/Linux/ with a .efi extension per the the Boot Loader > > Specification[1][2]. This is useful for implementing Secure Boot. > > > > systemd-boot is the only mainstream bootloader implementing the > > specification, but GRUB should be able to boot the EFI binary, this > > commit however doesn't implement the necessary changes to the GRUB > > config generation logic to boot the Unified Kernel Image. > > > > [1] > > https://systemd.io/BOOT_LOADER_SPECIFICATION/#type-2-efi-unified-kernel-images > > [2] https://systemd.io/BOOT_LOADER_SPECIFICATION/ > > > > Signed-off-by: Kristian Klausen <krist...@klausen.dk> > > Any update on getting this merged? > > Cheers, > Kristian > > > --- > > V2: > > Add os-release as dependency > > Pull os-release file from STAGING_DIR_HOST, so it doesn't need to be > > installed into the rootfs > > Add selftest > > > > meta-selftest/wic/test_efi_plugin.wks | 6 ++ > > meta/classes/image_types_wic.bbclass | 5 +- > > meta/lib/oeqa/selftest/cases/wic.py | 29 ++++++++ > > scripts/lib/wic/plugins/source/bootimg-efi.py | 71 ++++++++++++++++--- > > 4 files changed, 99 insertions(+), 12 deletions(-) > > create mode 100644 meta-selftest/wic/test_efi_plugin.wks > > > > diff --git a/meta-selftest/wic/test_efi_plugin.wks > > b/meta-selftest/wic/test_efi_plugin.wks > > new file mode 100644 > > index 0000000000..1603d6c4bb > > --- /dev/null > > +++ b/meta-selftest/wic/test_efi_plugin.wks > > @@ -0,0 +1,6 @@ > > +# short-description: This file is used in oe-selftest wic module to test > > efi plugin > > + > > +part /boot --source bootimg-efi > > --sourceparams="loader=systemd-boot,create-unified-kernel-image=true,initrd=${INITRAMFS_IMAGE}-${MACHINE}.${INITRAMFS_FSTYPES}" > > --active --align 1024 --use-uuid > > +part / --source rootfs --fstype=ext4 --align 1024 --use-uuid > > + > > +bootloader --timeout=0 --append="console=ttyS0,115200n8" > > diff --git a/meta/classes/image_types_wic.bbclass > > b/meta/classes/image_types_wic.bbclass > > index d561fb2636..e3863c88a9 100644 > > --- a/meta/classes/image_types_wic.bbclass > > +++ b/meta/classes/image_types_wic.bbclass > > @@ -27,6 +27,7 @@ WICVARS ?= "\ > > ROOTFS_SIZE \ > > STAGING_DATADIR \ > > STAGING_DIR \ > > + STAGING_DIR_HOST \ > > STAGING_LIBDIR \ > > TARGET_SYS \ > > " > > @@ -84,8 +85,8 @@ do_image_wic[deptask] += "do_image_complete" > > WKS_FILE_DEPENDS_DEFAULT = '${@bb.utils.contains_any("BUILD_ARCH", [ > > 'x86_64', 'i686' ], "syslinux-native", "",d)}' > > WKS_FILE_DEPENDS_DEFAULT += "bmap-tools-native cdrtools-native > > btrfs-tools-native squashfs-tools-native e2fsprogs-native" > > WKS_FILE_DEPENDS_BOOTLOADERS = "" > > -WKS_FILE_DEPENDS_BOOTLOADERS:x86 = "syslinux grub-efi systemd-boot" > > -WKS_FILE_DEPENDS_BOOTLOADERS:x86-64 = "syslinux grub-efi systemd-boot" > > +WKS_FILE_DEPENDS_BOOTLOADERS:x86 = "syslinux grub-efi systemd-boot > > os-release" > > +WKS_FILE_DEPENDS_BOOTLOADERS:x86-64 = "syslinux grub-efi systemd-boot > > os-release" > > WKS_FILE_DEPENDS_BOOTLOADERS:x86-x32 = "syslinux grub-efi" > >
Sadly this fails during testing on several machines: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2676 which is probably from the os-release dependency. I need to remove this patch and retest but given it is wic failures, I suspect this patch... Cheers, Richard
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#156509): https://lists.openembedded.org/g/openembedded-core/message/156509 Mute This Topic: https://lists.openembedded.org/mt/85570082/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
