[RFC,1/3] Add Discoverable Disk Image definitions to ISAR

Message ID	20251110105140.1609372-2-Quirin.Gylstorff@siemens.com
State	RFC
Headers	show Return-Path: <isar-users+bncBCZO5JXOOYINPB6HZADBUBB4NAQEC@googlegroups.com> Received-SPF: pass (google.com: domain of fm-51332-20251110105201192362aee100020744-mh8hlk@rts-flowmailer.siemens.com designates 185.136.64.226 as permitted sender) client-ip=185.136.64.226; From: "'Quirin Gylstorff' via isar-users" <isar-users@googlegroups.com> To: isar-users@googlegroups.com Subject: [RFC PATCH 1/3] Add Discoverable Disk Image definitions to ISAR Date: Mon, 10 Nov 2025 11:50:52 +0100 Message-ID: <20251110105140.1609372-2-Quirin.Gylstorff@siemens.com> In-Reply-To: <20251110105140.1609372-1-Quirin.Gylstorff@siemens.com> References: <20251110105140.1609372-1-Quirin.Gylstorff@siemens.com> MIME-Version: 1.0 Feedback-ID: 519:519-51332:519-21489:flowmailer Reply-To: Quirin Gylstorff <Quirin.Gylstorff@siemens.com> Content-Type: text/plain; charset="UTF-8" Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com
Series	Add support of Discoverable Disk Image \| expand [RFC,0/3] Add support of Discoverable Disk Image [RFC,1/3] Add Discoverable Disk Image definitions to ISAR [RFC,2/3] Add imagetype Discoverable Disk Image(DDI) [RFC,3/3] classes/image: Add DDI imagetype

Message ID

20251110105140.1609372-2-Quirin.Gylstorff@siemens.com

State

RFC

Headers

Received-SPF: pass (google.com: domain of
 fm-51332-20251110105201192362aee100020744-mh8hlk@rts-flowmailer.siemens.com
 designates 185.136.64.226 as permitted sender) client-ip=185.136.64.226;
From: "'Quirin Gylstorff' via isar-users" <isar-users@googlegroups.com>
To: isar-users@googlegroups.com
Subject: [RFC PATCH 1/3] Add Discoverable Disk Image definitions to ISAR
Date: Mon, 10 Nov 2025 11:50:52 +0100
Message-ID: <20251110105140.1609372-2-Quirin.Gylstorff@siemens.com>
In-Reply-To: <20251110105140.1609372-1-Quirin.Gylstorff@siemens.com>
References: <20251110105140.1609372-1-Quirin.Gylstorff@siemens.com>
MIME-Version: 1.0
Feedback-ID: 519:519-51332:519-21489:flowmailer
Reply-To: Quirin Gylstorff <Quirin.Gylstorff@siemens.com>
Content-Type: text/plain; charset="UTF-8"
Precedence: list
Mailing-list: list isar-users@googlegroups.com;
 contact isar-users+owners@googlegroups.com

Series

Add support of Discoverable Disk Image | expand

Commit Message

Quirin Gylstorff Nov. 10, 2025, 10:50 a.m. UTC

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

This is in preparation to support Discoverable Disk Image as a
image type.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
 .../definitions/confext.repart.d/10-root.conf   | 16 ++++++++++++++++
 .../confext.repart.d/20-root-verity.conf        | 14 ++++++++++++++
 .../confext.repart.d/30-root-verity-sig.conf    | 13 +++++++++++++
 .../definitions/portable.repart.d/10-root.conf  | 16 ++++++++++++++++
 .../portable.repart.d/20-root-verity.conf       | 14 ++++++++++++++
 .../portable.repart.d/30-root-verity-sig.conf   | 13 +++++++++++++
 .../definitions/sysext.repart.d/10-root.conf    | 17 +++++++++++++++++
 .../sysext.repart.d/20-root-verity.conf         | 14 ++++++++++++++
 .../sysext.repart.d/30-root-verity-sig.conf     | 13 +++++++++++++
 .../isar-ddi-definitions_0.1.bb                 | 17 +++++++++++++++++
 10 files changed, 147 insertions(+)
 create mode 100644 meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/10-root.conf
 create mode 100644 meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/20-root-verity.conf
 create mode 100644 meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/30-root-verity-sig.conf
 create mode 100644 meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/10-root.conf
 create mode 100644 meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/20-root-verity.conf
 create mode 100644 meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/30-root-verity-sig.conf
 create mode 100644 meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/10-root.conf
 create mode 100644 meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/20-root-verity.conf
 create mode 100644 meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/30-root-verity-sig.conf
 create mode 100644 meta/recipes-support/isar-ddi-definitions/isar-ddi-definitions_0.1.bb

diff --git a/meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/10-root.conf b/meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/10-root.conf
new file mode 100644
index 00000000..f728ab66
--- /dev/null
+++ b/meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/10-root.conf
@@ -0,0 +1,16 @@ 
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Partition]
+Type=root
+Format=erofs
+CopyFiles=/etc/
+Verity=data
+VerityMatchKey=root
+Minimize=best
diff --git a/meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/20-root-verity.conf b/meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/20-root-verity.conf
new file mode 100644
index 00000000..8179351b
--- /dev/null
+++ b/meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/20-root-verity.conf
@@ -0,0 +1,14 @@ 
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Partition]
+Type=root-verity
+Verity=hash
+VerityMatchKey=root
+Minimize=best
diff --git a/meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/30-root-verity-sig.conf b/meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/30-root-verity-sig.conf
new file mode 100644
index 00000000..df160154
--- /dev/null
+++ b/meta/recipes-support/isar-ddi-definitions/files/definitions/confext.repart.d/30-root-verity-sig.conf
@@ -0,0 +1,13 @@ 
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Partition]
+Type=root-verity-sig
+Verity=signature
+VerityMatchKey=root
diff --git a/meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/10-root.conf b/meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/10-root.conf
new file mode 100644
index 00000000..6f500d04
--- /dev/null
+++ b/meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/10-root.conf
@@ -0,0 +1,16 @@ 
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Partition]
+Type=root
+Format=erofs
+CopyFiles=/
+Verity=data
+VerityMatchKey=root
+Minimize=best
diff --git a/meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/20-root-verity.conf b/meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/20-root-verity.conf
new file mode 100644
index 00000000..8179351b
--- /dev/null
+++ b/meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/20-root-verity.conf
@@ -0,0 +1,14 @@ 
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Partition]
+Type=root-verity
+Verity=hash
+VerityMatchKey=root
+Minimize=best
diff --git a/meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/30-root-verity-sig.conf b/meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/30-root-verity-sig.conf
new file mode 100644
index 00000000..df160154
--- /dev/null
+++ b/meta/recipes-support/isar-ddi-definitions/files/definitions/portable.repart.d/30-root-verity-sig.conf
@@ -0,0 +1,13 @@ 
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Partition]
+Type=root-verity-sig
+Verity=signature
+VerityMatchKey=root
diff --git a/meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/10-root.conf b/meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/10-root.conf
new file mode 100644
index 00000000..b8ef985b
--- /dev/null
+++ b/meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/10-root.conf
@@ -0,0 +1,17 @@ 
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Partition]
+Type=root
+Format=erofs
+CopyFiles=/usr/
+CopyFiles=/opt/
+Verity=data
+VerityMatchKey=root
+Minimize=best
diff --git a/meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/20-root-verity.conf b/meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/20-root-verity.conf
new file mode 100644
index 00000000..8179351b
--- /dev/null
+++ b/meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/20-root-verity.conf
@@ -0,0 +1,14 @@ 
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Partition]
+Type=root-verity
+Verity=hash
+VerityMatchKey=root
+Minimize=best
diff --git a/meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/30-root-verity-sig.conf b/meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/30-root-verity-sig.conf
new file mode 100644
index 00000000..df160154
--- /dev/null
+++ b/meta/recipes-support/isar-ddi-definitions/files/definitions/sysext.repart.d/30-root-verity-sig.conf
@@ -0,0 +1,13 @@ 
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Partition]
+Type=root-verity-sig
+Verity=signature
+VerityMatchKey=root
diff --git a/meta/recipes-support/isar-ddi-definitions/isar-ddi-definitions_0.1.bb b/meta/recipes-support/isar-ddi-definitions/isar-ddi-definitions_0.1.bb
new file mode 100644
index 00000000..25c437f0
--- /dev/null
+++ b/meta/recipes-support/isar-ddi-definitions/isar-ddi-definitions_0.1.bb
@@ -0,0 +1,17 @@ 
+# This software is a part of ISAR.
+# Copyright (c) Siemens AG, 2025
+#
+# SPDX-License-Identifier: MIT
+
+inherit dpkg-raw
+
+DESCRIPTION = "Definitions to generate Discoverable Disk Image"
+DPKG_ARCH = "all"
+
+DEBIAN_DEPENDS = "systemd, systemd-repart, cryptsetup, openssl, erofs-utils"
+SRC_URI = "file://definitions"
+
+do_install[cleandirs] = "${D}/usr/share/${BPN}"
+do_install() {
+    cp -a ${WORKDIR}/definitions/* ${D}/usr/share/${BPN}/
+}

[RFC,1/3] Add Discoverable Disk Image definitions to ISAR

Commit Message

Patch