From patchwork Thu Jan 14 00:11:54 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Harald Seiler X-Patchwork-Id: 268 Return-Path: Delivered-To: ilbers.mnt@gmail.com Received: by 2002:a4a:b386:0:0:0:0:0 with SMTP id p6csp1103037ooo; Thu, 14 Jan 2021 02:12:19 -0800 (PST) X-Received: by 2002:ac2:599e:: with SMTP id w30mr3094571lfn.552.1610619139564; Thu, 14 Jan 2021 02:12:19 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1610619139; cv=pass; d=google.com; s=arc-20160816; b=dmQ1FQAwm5OOy9JGgI50Q8c3G/HyOefMG2va8QLvRxLCOOO5okMN1OhrZbfG77jKtm 2QKHPumfe/fm1ohSXXTaz2KC49d6unZsPjTd9JMFZDXe+P/3F4z6QRaxSQSZdbnzKD6O NHYK8diS4xTy4lYo1uHkiR/UNpdBO9Ve0EpX69ZXG0SHJ9ieUmI7srAwduWc49lxz7+D H1ALz4EgQMV4bDBRjXTXVxM1NChJQYSTnaM62dTBfxkP4Jiq6tz0hSjw7C7c+GzAyJS2 RK7sMMXjT2Z5DddqdjWg/J5A5/ukwrRkjXAhGrXp9AsREFxkE9V/Ed3QewgPqJw/JiO/ T0jw== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:dkim-signature; bh=WxBwa1Vj5GuZoLkQuMvJVuLytphARz1w8XbOyiS0+q8=; b=z6zFPtFgiy1SoEENh5jg77XdNexXc11/hN6+TtaoH6hXaL2dQpKSjNFGPsCcCsZjsu 0gCCGcpi0RHrgqePx8Hp87vBR9WoxdXdZsCDcVwMxGwBqCqeK22DPGcG+6HH3lwB1pzX gAvLIA/lDkVM7J3HsfMZjgslqDCSj2pih31Es5t+kCohYjXyrZ2TkoeDyOMtwpkxD3np p8ABJf63lo8Vn+JHmf4SzNG88FHn46u2xZK6EFIkVLixI62uKTh1g2d8WDsJcoaLaePQ KIY1dmWNE/irarbt+cDxgG4Z/Nd8L6dG2sxpDIJxer7tilgsCK8DfsW0tZxozupI6PzI 7GBA== ARC-Authentication-Results: i=3; mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=GqXAdydM; arc=pass (i=2); spf=pass (google.com: domain of isar-users+bncbczlpqw3rykrbavsqcaamgqer3g62wi@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCZLPQW3RYKRBAVSQCAAMGQER3G62WI@googlegroups.com Received: from mail-sor-f55.google.com (mail-sor-f55.google.com. [209.85.220.55]) by mx.google.com with SMTPS id z16sor2155817ljj.36.2021.01.14.02.12.19 (Google Transport Security); Thu, 14 Jan 2021 02:12:19 -0800 (PST) Received-SPF: pass (google.com: domain of isar-users+bncbczlpqw3rykrbavsqcaamgqer3g62wi@googlegroups.com designates 209.85.220.55 as permitted sender) client-ip=209.85.220.55; Authentication-Results: mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=GqXAdydM; arc=pass (i=2); spf=pass (google.com: domain of isar-users+bncbczlpqw3rykrbavsqcaamgqer3g62wi@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCZLPQW3RYKRBAVSQCAAMGQER3G62WI@googlegroups.com ARC-Seal: i=2; a=rsa-sha256; t=1610619139; cv=pass; d=google.com; s=arc-20160816; b=d062aljYN9nLklAk2sUK+LCzhkmz+imsggfHMuireypevCLXZAjLNnRCR91nWKQkc6 dFKG0v7BdULolIMh3NHWzAaE5hyaa9od4ls4gnd1UyE3oKUPYR2mnKY+DL6l6X6MuBTV zSKmra6NSN8xyR6I9QamvMP4ykX4mIC1oWvr9bYAkRZ/oIr/1nsbIB4jkh7l2nHENdSB F/LnLFSZxmdgpRjzTYKYFBt/1/0SkTUtyqrpZtXECwwCEoBueL8Nile+rE9f2RCzdpMh 7GAd4o1sEMg/mCPSwl0rrwgQz7U5ncusYns0M0W5nlPTitlgpx4oIHyVJRSlD6mhnRzN CL+Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:dkim-signature; bh=WxBwa1Vj5GuZoLkQuMvJVuLytphARz1w8XbOyiS0+q8=; b=QLEBXzyHwJ2TXQoHtCocOofdmvsdaX2yT28a08v/MpZ6jqffHVPw+VswQwPBtH0o6j No7Cayqt9g0W8A52J3x5qZvg/nleallm7Dqz9qsvQOPFHZMEYF1680G0g2WfM2jizO3w 2RZBqK7de0DCJjHLUEva6ic/SqshbdNz6Bmql5G234Zye4ieZdX3eiGjsAHXXCoXb20I 4GQk+Uitdxtcqo7M2nis4Vf47dX0YnN9Tg0iF8v7L29ER+ob74IdHD9fVyBUL5c3aLRe Ahwyiv9vlFLDqRAOOqNgpL9XZmMft0bKwq/Dh1/XN+NvHwVBCMRQysV9gdWGSzulF88X AGeg== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of hws@denx.de) smtp.mailfrom=hws@denx.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=WxBwa1Vj5GuZoLkQuMvJVuLytphARz1w8XbOyiS0+q8=; b=GqXAdydMmj5Oi3lTkQ7ueV1bpYx2Z3GMxIcj7eUddqDcQxAT10d8wsWvaDmc7lWhZG a4TFCBGtw8wJCaYMpx+aw7Z8nTHof41ZDZ0BDyDEB7sYuL47nwU4bG5DNs35C5osYagT VKvi1YSocAzQq/h2qPbHc2wvDC53QO3jTvz0lm4gO7yACM94JIHHE8Zybe2nzZbf1g3H wafyk4VhzwlWyKoazGhatcGMWCl4S1VcgcbseZYvEi2nTl+bnFFolH1Ju0jJhJUe5U9S WJiOLsN9f5sr/Yd1TIK66L5yXoqfpxH9U7h/jqNb55pJ3abA9WV9pgCPGODDZx2qoSyj t/Hg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :x-spam-checked-in-group:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=WxBwa1Vj5GuZoLkQuMvJVuLytphARz1w8XbOyiS0+q8=; b=DUJsvBTiSba1YnlYmedLKgUVYmDWv/Hgpdr1NDG7wPjuM4IAOFhW2cl5jpfWuwpuKF 5zTRJocBkHrq2VJGmajeoCJsKXaXc7etN7TAG7UJ+vYcobVFxr7CFBOoDhHS+a6mJPWE ahi79K2nRm86UsrDNVy2wHLbVaWzxQ2W406Kx+B2R6YH4TvAT8EngnxMKSDo1x2ahjUj E38dkWuBNIlbmuQIzWaNq7RYaf5eOJMRxpcb+vQ/30HpYvRZG33MeCZxhbrwYyv3hMQv 2XmIv3bfFSCWiYAS8/LtwWmoDDcPGYuvx0h8dikuNORpG0JAL514Aur37KcUGZu39vz3 vlnQ== Sender: isar-users@googlegroups.com X-Gm-Message-State: AOAM531qpBmy9w4qhnT7Gtcv8nBZX3t+7YPsAD1TOJntLPkdjDumI0l0 u+Hc5Zd3QbYatpdhUSUsGBs= X-Google-Smtp-Source: ABdhPJylMPYGQTSVl1Ml4DhW49PJ/JUl741yu/bvlo67gGTi+zHEfwNWm6wTBoQ/krn4sx1WwoivAQ== X-Received: by 2002:a2e:a58c:: with SMTP id m12mr2915873ljp.444.1610619139059; Thu, 14 Jan 2021 02:12:19 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a2e:810b:: with SMTP id d11ls844759ljg.11.gmail; Thu, 14 Jan 2021 02:12:18 -0800 (PST) X-Received: by 2002:a2e:99cc:: with SMTP id l12mr2918975ljj.448.1610619137997; Thu, 14 Jan 2021 02:12:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1610619137; cv=none; d=google.com; s=arc-20160816; b=hgFsSua9xMxD6MtqXF2NVjjNCkWZpuvaIcgA0lGIT7sl0iq+mkCxaDeBTuN3mqs09r BdYmG3FXU2cGyFBOeg1A2PFyACHPDPE3VZt/Z6/dgpWnnTDyd9QdF9D9GHySWua8WN4E j1fvV9jtlfPL1UMv4x81zIpGRto7kTpjTv2Hk+9+T63YThLAxuQm8CLT4Xy7cojLJRNW tqiy2blZCd+WCmuj+uuaVJVlwoVEq0DaT/OrRLhpSc4qPTDGWfDXrfC0zpXAfT+vv0QW m8vQoFlBTcbx6gtWwoQ0SgsU3zK6hqHD3UjM7ynq1BNhknjj+HOUcSH/fZ/xFAOrnZsx JgXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from; bh=23ngHHofv0w3uTg24LXszM9Ggvmd60DtwAyDfrGDfHA=; b=sR+BYXAY3QsvX0RcqDnezCzFnHNcO2Vg7vAkVj+/eaSZFMwD1XoBGZfx+aIYX5sQ6U zLdKANPXvMkzLY2Sg22xkNH0hvkhWRHSMJzdzsFClRfA1ar1ltG5zwv2UVB3d7+xraw1 2zoj/yBXo/BzqAwG3o1MC7ZAeD4FUeYqP+YHuoEQwub+W7jVZTmxzmOCvgMO6RZmp+sW 1/2ITP5Hbadfp2HbQmlqiAbVMF0Hw+A81QpN4r5Fn7wKUVnKcAIGZQMZFzC/XQrCDuUA fLwBQKQ18FZQBnwCO+kRt46nuKXJJiKBhqhRZOzn0ye+I1XrClL59RZBlvMHN7kBN1f4 eFpQ== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of hws@denx.de) smtp.mailfrom=hws@denx.de Received: from mail-out.m-online.net (mail-out.m-online.net. [212.18.0.9]) by gmr-mx.google.com with ESMTPS id l8si178184ljc.2.2021.01.14.02.12.17 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 14 Jan 2021 02:12:17 -0800 (PST) Received-SPF: neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of hws@denx.de) client-ip=212.18.0.9; Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 4DGg8x2h45z1qs3X; Thu, 14 Jan 2021 11:12:17 +0100 (CET) Received: from localhost (dynscan1.mnet-online.de [192.168.6.70]) by mail.m-online.net (Postfix) with ESMTP id 4DGg8x2TdWz1tSQS; Thu, 14 Jan 2021 11:12:17 +0100 (CET) X-Virus-Scanned: amavisd-new at mnet-online.de Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new, port 10024) with ESMTP id AB4OX24aSoOd; Thu, 14 Jan 2021 11:12:16 +0100 (CET) X-Auth-Info: mK4//C+ufCNGTUlsCLoHAfqvqVOJtt++a3Oq0KckhNQ= Received: from maia.denx.de (p578adb1c.dip0.t-ipconnect.de [87.138.219.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.mnet-online.de (Postfix) with ESMTPSA; Thu, 14 Jan 2021 11:12:16 +0100 (CET) From: Harald Seiler To: isar-users@googlegroups.com Cc: Harald Seiler , Jan Kiszka Subject: [PATCH v3 1/3] classes: Add initramfs class Date: Thu, 14 Jan 2021 11:11:54 +0100 Message-Id: <20210114101156.243184-1-hws@denx.de> X-Mailer: git-send-email 2.29.2 In-Reply-To: References: MIME-Version: 1.0 X-Original-Sender: hws@denx.de X-Original-Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of hws@denx.de) smtp.mailfrom=hws@denx.de Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1688856574816061426?= X-GMAIL-MSGID: =?utf-8?q?1688856574816061426?= Add a new "image" class for generating a custom initramfs. It works like this: A new minimal debian rootfs is bootstrapped and all dependency packages for the new initramfs are installed. Then, an initramfs is generated from this rootfs and deployed like usual. This new initramfs.bbclass "image" class should be pulled in by an "initramfs image" recipe. Said recipe then specifies all dependencies of the initramfs via INITRAMFS_INSTALL and INITRAMFS_PREINSTALL (which are analogous to the respective IMAGE_* variables). initramfs.bbclass intentionally does _not_ expose a mechanism to change /etc/initramfs-tools/initramfs.conf and /etc/initramfs-tools/modules. Changes to their settings are better done via packages that deploy conf-hooks to /usr/share/initramfs-tools/conf-hooks.d/ and module fragment files to /usr/share/initramfs-tools/modules.d/. Signed-off-by: Harald Seiler --- Notes: I had this idea while searching for a way to build an initramfs that uses dm-verity to assert integrity of the rootfs. To me, this feels like a much cleaner solution than anything else I tried and I'm happy to report that, using this approach, I got everything working nicely in the original project. In my opinion, this design has a number of advantages over the previous solutions we have seen so far: - It does not suffer any kind of initramfs pollution, caused by packages installed into a rootfs. This is a big problem when trying to generated an initramfs from e.g. `buildchroot-target` as many unrelated packaged could be installed there which would all get pulled into the initrd (if they install hooks/scripts). This also means, with this new approach, the integrator has maximum control over the contents of the initramfs. - There are no needs to change the initramfs generation process in any way, the debian tooling can be used exactly like its meant to. - As most isar-generated images will never regenerate the initramfs from the running system, all initramfs related packages are dead-weight to the image. This is a problem when trying to generate the initramfs from the actual image rootfs. When it is necessary to rebuild the initramfs in a running system, the packages designed for this new class could just be installed into the rootfs, without any changes necessary. This means, any generic initramfs module packages can be used both with the in-rootfs mechanism and initramfs.bbclass. - Because of this complete isolation and independence, implementation of complex logic is much easier: For example dm-verity needs a root-hash that is only available after the rootfs has been cast into a filesystem image. With this new approach, this can be modelled with a simple task dependency. Changes in v2: - None (just added examples in new patches) Changes in v3: - None meta/classes/initramfs.bbclass | 41 ++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 meta/classes/initramfs.bbclass diff --git a/meta/classes/initramfs.bbclass b/meta/classes/initramfs.bbclass new file mode 100644 index 000000000000..8af9b4b379a5 --- /dev/null +++ b/meta/classes/initramfs.bbclass @@ -0,0 +1,41 @@ +# This software is a part of ISAR. + +# Make workdir and stamps machine-specific without changing common PN target +WORKDIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/${PN}-${MACHINE}/${PV}-${PR}" +STAMP = "${STAMPS_DIR}/${DISTRO}-${DISTRO_ARCH}/${PN}-${MACHINE}/${PV}-${PR}" +STAMPCLEAN = "${STAMPS_DIR}/${DISTRO}-${DISTRO_ARCH}/${PN}-${MACHINE}/*-*" + +INITRAMFS_INSTALL ?= "" +INITRAMFS_PREINSTALL ?= "" +INITRAMFS_ROOTFS ?= "${WORKDIR}/rootfs" +INITRAMFS_IMAGE_FILE = "${DEPLOY_DIR_IMAGE}/${INITRAMFS_FULLNAME}.initrd.img" + +# Install proper kernel +INITRAMFS_INSTALL += "${@ ("linux-image-" + d.getVar("KERNEL_NAME", True)) if d.getVar("KERNEL_NAME", True) else ""}" + +# Name of the initramfs including distro&machine names +INITRAMFS_FULLNAME = "${PN}-${DISTRO}-${MACHINE}" + +DEPENDS += "${INITRAMFS_INSTALL}" + +ROOTFSDIR = "${INITRAMFS_ROOTFS}" +ROOTFS_FEATURES = "" +ROOTFS_PACKAGES = "initramfs-tools ${INITRAMFS_PREINSTALL} ${INITRAMFS_INSTALL}" + +inherit rootfs + +do_generate_initramfs() { + rootfs_do_mounts + rootfs_do_qemu + + sudo -E chroot "${INITRAMFS_ROOTFS}" \ + update-initramfs -u -v + + if [ ! -e "${INITRAMFS_ROOTFS}/initrd.img" ]; then + die "No initramfs was found after generation!" + fi + + rm -rf "${INITRAMFS_IMAGE_FILE}" + cp "${INITRAMFS_ROOTFS}/initrd.img" "${INITRAMFS_IMAGE_FILE}" +} +addtask generate_initramfs after do_rootfs before do_build