From patchwork Mon Sep 21 02:42:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Harald Seiler X-Patchwork-Id: 60 Return-Path: Delivered-To: ilbers.mnt@gmail.com Received: by 2002:a4a:eb04:0:0:0:0:0 with SMTP id f4csp3403918ooj; Mon, 21 Sep 2020 03:43:03 -0700 (PDT) X-Received: by 2002:a05:600c:28d:: with SMTP id 13mr29038763wmk.69.1600684982855; Mon, 21 Sep 2020 03:43:02 -0700 (PDT) ARC-Seal: i=3; a=rsa-sha256; t=1600684982; cv=pass; d=google.com; s=arc-20160816; b=eXbBOaWXxonXIu6qX6sE0s2qQH6f10j1LGXGHW4QVpTrTUt/Wl+vbdrB/I66n6uWQN eozeKY0JNeXaJ1y1qdB0xNKKd3zPhX1mJ1BrMh94gd0/aLCTydZiamhWDTfqS2GjqEAn rjDJ9gxlKO9AeuYnenLGQPhjgmHy5Pe3uwDvznjcMfI3zeomsKuH9EzYwQd6LZUMRfGt uWS8R1U5Fasdj9UeBsv0r7PZuhHnONWgH/xMWeF42X6TZciW+EZfy33wZRVQ+j0uaFZ4 XCCXlZ3VRlCdP9zyHpA/eissvCuPyzh3sdrljKifu/kXqqBUkxnOyEBqPbuHx6wSoEsy 0ivw== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:message-id:date :subject:cc:to:from:sender:dkim-signature; bh=putdVWaS57fFngco0LR7Gm+CKMaldTidPD/az+KSCug=; b=y/keAkAsrrTzB+1v9vYCjAmlYQmlZB1Z7FPP5OehEJnbRuno3y2UE8XfFPxp/HUlx4 h03reKcmjOESpS3Ga+BsIRNPqf5G7raaGm4z9NVqEMaceTyOJLRPTNcddqMgKl3woEht WQpz4BBVg8Z3jjaGEEywuN2dZ4a6DqyrQ4gRisLPrBYJQPdGw0wb/Jx9KyhqxnY/k1SZ DmcO4Y9GG/JmiezX1YMwElfuwC4wKAyVIrzjqxdFXuzD/aeejLxMPdln8cx4aknMmScL wJeXNteJYfJ6bj6UdlaD9y3AsqvgZo8TXfKKMKFauI0Wsnd/PvuQx3WRWHRtIQJh8n1G OeuA== ARC-Authentication-Results: i=3; mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=fGPYss08; arc=pass (i=2); spf=pass (google.com: domain of isar-users+bncbczlpqw3rykrbnuhul5qkgqeo675t2y@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCZLPQW3RYKRBNUHUL5QKGQEO675T2Y@googlegroups.com Received: from mail-sor-f55.google.com (mail-sor-f55.google.com. [209.85.220.55]) by mx.google.com with SMTPS id t22sor5145350wrb.25.2020.09.21.03.43.02 (Google Transport Security); Mon, 21 Sep 2020 03:43:02 -0700 (PDT) Received-SPF: pass (google.com: domain of isar-users+bncbczlpqw3rykrbnuhul5qkgqeo675t2y@googlegroups.com designates 209.85.220.55 as permitted sender) client-ip=209.85.220.55; Authentication-Results: mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=fGPYss08; arc=pass (i=2); spf=pass (google.com: domain of isar-users+bncbczlpqw3rykrbnuhul5qkgqeo675t2y@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCZLPQW3RYKRBNUHUL5QKGQEO675T2Y@googlegroups.com ARC-Seal: i=2; a=rsa-sha256; t=1600684982; cv=pass; d=google.com; s=arc-20160816; b=qhpKs5Pem3lV5keefupnSju41MBFWTAY3aB4YR4se8o6hJO37xheb28Jz/iJonKOuH l4lwGpumf8nnLwAHMsAjV7yk11BEzklPS10Bf78srCWkRNPTpbJXSX8cV+AmTwG6vwwJ +D6IyLtA6+hSRcr50qkezSDLuz+77f0MsBh9HKK9MDdhGmLSq6/uMqnHrylswp/umXbG ExtLnbYetYiJbAxzcLWfuUk3pbUWX68KfjKZCkrxdSoSgU2n5EQtCMFZvI3glEqAENic 9Lrgx/K9OKe0WragL6pqlymPi8rKWNnQb1JR2EKu0cswvJJ/w5ZGQI+IX2lMxfjLNa/y hr6g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:message-id:date :subject:cc:to:from:sender:dkim-signature; bh=putdVWaS57fFngco0LR7Gm+CKMaldTidPD/az+KSCug=; b=G/krKBe9s5KmX8bfBEte5AI1Jp7KYkIvUFGp2vYrUl0RL83EoQaYpRJYH8ssJGj4E1 yiouiklzz6rI/ZUAdQ/GQ6UHln46pSZBVl45vWhChw5jtEGQrq1VhbTQ5sIRWR/sh/ox Zz2tT0nLBjN4VTivtWyFmH2pYMZeNaLmNnC7pyeZtFSMc6xnBQKFTW6UbIkUw9hzYdlU B8AIkAHsbqdHowpR/Ade8ZkE8xeF/8bP98aGKzLij8eLToGn8HcBKptkI4BSDySKGIFN /GYpPEFyePUbrKHgX5zFU5MZ9tK4Qr9N8Ou8FOFMMaoH1QW65DpGtNEWleBzMUEJn0re 7fXA== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of hws@denx.de) smtp.mailfrom=hws@denx.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:mime-version :x-original-sender:x-original-authentication-results:precedence :mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=putdVWaS57fFngco0LR7Gm+CKMaldTidPD/az+KSCug=; b=fGPYss08NNJww2qF7m0IQIPfWElxLzUFEdxqoVfFdog0gDTS+JF7t+CMveStqVkD7u ELwg4LCOk8qi68qBJUPRAIZIMnyiwunc2osGG8kIIf73xrEZlVPV2ElxWAlAvjGN8r25 lu4/3F8UVA0kj81ghHb0Rv4fmx4A6ehY+Cn4JlocXWtSQHQmjQhdiVhdl2VLasYhmKwi uMNDerL4P9XOolhTKTH7sPDEHaKi8UOmOGxy7F6khzwQtDwroM72zJNU2FnTNKhPe7qF w4T+JX3Y60G1l1TV6YzrUNKiqAjIJgcoAezB9ir0d0CD0v5ANwPz2sP76suVsV3NP1pL G7ig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:from:to:cc:subject:date:message-id :mime-version:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:x-spam-checked-in-group:list-post :list-help:list-archive:list-subscribe:list-unsubscribe; bh=putdVWaS57fFngco0LR7Gm+CKMaldTidPD/az+KSCug=; b=QL0QhLmzheoCK4NOCsj0do3fYriyBr4i8U5dgPyUEecFIuZ4GgUCWpfFHhtXmWORKh z7fY/2A/3ypwQ9jz/f3Pf6KDfH7X14l/C1EbkTJIGOEesD98hsyC5iui3hK+sPbbE+ZG 9j0YfS19BStqqxQsPMXrP6EAUlG4Pwq4+aElLy5ywefvaN7njABlOTGAXrSO3InEr3Fn UMMSIUHF/qM9GE3cdlWSBMe+cWKbgsS7Salep27uuYz9gYbgEpRIhgp5Rl9D/0OYvRjm PFok1u1HOtypGexh8U7xbEnGRWgeTLVUe69P4yfW9rnbfUg407m+l6iBVqHl57XPjCdR J9aw== Sender: isar-users@googlegroups.com X-Gm-Message-State: AOAM531sFKxBQyy6V4Sh8A5jVc5muLpBjAHYCBp+oMmAj9VQh4lNHsj6 PiiaH2PMtuD91fv5RfeKl3M= X-Google-Smtp-Source: ABdhPJzgWab7nGp0Gy/+fuqZV2WT/V/p2IYNCN3MMJhGZ+7mND1QjglE+VvulAfmgt6A2O4ujmj3wg== X-Received: by 2002:adf:f80a:: with SMTP id s10mr54733946wrp.351.1600684982333; Mon, 21 Sep 2020 03:43:02 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:adf:dd0a:: with SMTP id a10ls1000492wrm.2.gmail; Mon, 21 Sep 2020 03:43:01 -0700 (PDT) X-Received: by 2002:adf:dd82:: with SMTP id x2mr54891986wrl.419.1600684981457; Mon, 21 Sep 2020 03:43:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600684981; cv=none; d=google.com; s=arc-20160816; b=DHYA3DCKWuQ8Y8Lt+PNG060BOC4u39HnPaLYhLCIflPFdRbXA9FOKzQnvGPZluU/DH +tLlTbtNJYolob4FwjeFo0kCEtZW9ISMdEASowaUCN7TZSpx94E9nfYMVNE+aN075UTL EOogVmWeNm46tu+z4lMKosZxttQChsJQfQw0VREFBTzJDycf+mJpbQZ/AGvoLzEX5BV2 hOKGoTUcKN8hhiqu83LxnNZoWLARcb809tTbw9RdGtmmGMOABjat/pf0BTPGEId9WSTn 0CJfblHV+8+Pka67Bvo5IU9a8wWXsacPNMV7KaykhOO0nB2UXqVfR+w8wdULOZzmOE3P hOPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from; bh=pSF04ONjaIeBaCyXTlajpM/Zw7YftXvz60EkWdE9JqY=; b=qb2u5P2UVv0oc5X/MA0g8O7GfjMwDVWt+b/2vg3fUBpJo477p+cICpjDZ5jmGAdgQK V/MehkSZEn26nMFd6VBnsfzZOZoFizwiWkZZRpbT8kty4qwSyYCvJ2xUs0mEYDvF20S7 62N7b9sSHpBFR82XHr8YXrAD5bKwJ9P98bQHR7KqhIXj1aDX4+q1FGRlLDulvdUv+XiN HCLuN3xpzOfhSZ+vpN+erIzSGEiAJEcXOF1BvsYO1/K1sOtoAfY9+dVcUiE7FEdhQKVC GBhurhcrKbulrhbdgbSeHlmo1PZNovXb5c5nF/4iaVrkKW2+RwvK0xkWCza78U7zBaDo xHGQ== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of hws@denx.de) smtp.mailfrom=hws@denx.de Received: from mail-out.m-online.net (mail-out.m-online.net. [212.18.0.10]) by gmr-mx.google.com with ESMTPS id x1si352418wmk.2.2020.09.21.03.43.01 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 21 Sep 2020 03:43:01 -0700 (PDT) Received-SPF: neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of hws@denx.de) client-ip=212.18.0.10; Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 4Bw1HT0xcBz1rt4M; Mon, 21 Sep 2020 12:43:01 +0200 (CEST) Received: from localhost (dynscan1.mnet-online.de [192.168.6.70]) by mail.m-online.net (Postfix) with ESMTP id 4Bw1HT0cfDz1qsnx; Mon, 21 Sep 2020 12:43:01 +0200 (CEST) X-Virus-Scanned: amavisd-new at mnet-online.de Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new, port 10024) with ESMTP id EqtjLPQ2Mhrf; Mon, 21 Sep 2020 12:43:00 +0200 (CEST) X-Auth-Info: mnN8/10gVqKC0mKDPPrA7VoizvdSyNpSJyZjx2U+IgE= Received: from maia.denx.de (p578adb1c.dip0.t-ipconnect.de [87.138.219.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.mnet-online.de (Postfix) with ESMTPSA; Mon, 21 Sep 2020 12:43:00 +0200 (CEST) From: Harald Seiler To: isar-users@googlegroups.com Cc: Harald Seiler Subject: [RFC PATCH] classes: Add initramfs class Date: Mon, 21 Sep 2020 12:42:12 +0200 Message-Id: <20200921104212.1387227-1-hws@denx.de> X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 X-Original-Sender: hws@denx.de X-Original-Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of hws@denx.de) smtp.mailfrom=hws@denx.de Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1678439856994304796?= X-GMAIL-MSGID: =?utf-8?q?1678439856994304796?= Add a new "image" class for generating a custom initramfs. It works like this: A new minimal debian rootfs is bootstrapped and all dependency packages for the new initramfs are installed. Then, an initramfs is generated from this rootfs and deployed like usual. This new initramfs.bbclass "image" class should be pulled in by an "initramfs image" recipe. Said recipe then specifies all dependencies of the initramfs via INITRAMFS_INSTALL and INITRAMFS_PREINSTALL (which are analogous to the respective IMAGE_* variables). initramfs.bbclass intentionally does _not_ expose a mechanism to change /etc/initramfs-tools/initramfs.conf and /etc/initramfs-tools/modules. Changes to their settings are better done via packages that deploy conf-hooks to /usr/share/initramfs-tools/conf-hooks.d/ and module fragment files to /usr/share/initramfs-tools/modules.d/. Signed-off-by: Harald Seiler --- Notes: I had this idea while searching for a way to build an initramfs that uses dm-verity to assert integrity of the rootfs. To me, this feels like a much cleaner solution than anything else I tried and I'm happy to report that, using this approach, I got everything working nicely in the original project. In my opinion, this design has a number of advantages over the previous solutions we have seen so far: - It does not suffer any kind of initramfs pollution, caused by packages installed into a rootfs. This is a big problem when trying to generated an initramfs from e.g. `buildchroot-target` as many unrelated packaged could be installed there which would all get pulled into the initrd (if they install hooks/scripts). This also means, with this new approach, the integrator has maximum control over the contents of the initramfs. - There are no needs to change the initramfs generation process in any way, the debian tooling can be used exactly like its meant to. - As most isar-generated images will never regenerate the initramfs from the running system, all initramfs related packages are dead-weight to the image. This is a problem when trying to generate the initramfs from the actual image rootfs. When it is necessary to rebuild the initramfs in a running system, the packages designed for this new class could just be installed into the rootfs, without any changes necessary. This means, any generic initramfs module packages can be used both with the in-rootfs mechanism and initramfs.bbclass. - Because of this complete isolation and independence, implementation of complex logic is much easier: For example dm-verity needs a root-hash that is only available after the rootfs has been cast into a filesystem image. With this new approach, this can be modelled with a simple task dependency. meta/classes/initramfs.bbclass | 41 ++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 meta/classes/initramfs.bbclass diff --git a/meta/classes/initramfs.bbclass b/meta/classes/initramfs.bbclass new file mode 100644 index 000000000000..8af9b4b379a5 --- /dev/null +++ b/meta/classes/initramfs.bbclass @@ -0,0 +1,41 @@ +# This software is a part of ISAR. + +# Make workdir and stamps machine-specific without changing common PN target +WORKDIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/${PN}-${MACHINE}/${PV}-${PR}" +STAMP = "${STAMPS_DIR}/${DISTRO}-${DISTRO_ARCH}/${PN}-${MACHINE}/${PV}-${PR}" +STAMPCLEAN = "${STAMPS_DIR}/${DISTRO}-${DISTRO_ARCH}/${PN}-${MACHINE}/*-*" + +INITRAMFS_INSTALL ?= "" +INITRAMFS_PREINSTALL ?= "" +INITRAMFS_ROOTFS ?= "${WORKDIR}/rootfs" +INITRAMFS_IMAGE_FILE = "${DEPLOY_DIR_IMAGE}/${INITRAMFS_FULLNAME}.initrd.img" + +# Install proper kernel +INITRAMFS_INSTALL += "${@ ("linux-image-" + d.getVar("KERNEL_NAME", True)) if d.getVar("KERNEL_NAME", True) else ""}" + +# Name of the initramfs including distro&machine names +INITRAMFS_FULLNAME = "${PN}-${DISTRO}-${MACHINE}" + +DEPENDS += "${INITRAMFS_INSTALL}" + +ROOTFSDIR = "${INITRAMFS_ROOTFS}" +ROOTFS_FEATURES = "" +ROOTFS_PACKAGES = "initramfs-tools ${INITRAMFS_PREINSTALL} ${INITRAMFS_INSTALL}" + +inherit rootfs + +do_generate_initramfs() { + rootfs_do_mounts + rootfs_do_qemu + + sudo -E chroot "${INITRAMFS_ROOTFS}" \ + update-initramfs -u -v + + if [ ! -e "${INITRAMFS_ROOTFS}/initrd.img" ]; then + die "No initramfs was found after generation!" + fi + + rm -rf "${INITRAMFS_IMAGE_FILE}" + cp "${INITRAMFS_ROOTFS}/initrd.img" "${INITRAMFS_IMAGE_FILE}" +} +addtask generate_initramfs after do_rootfs before do_build