From patchwork Wed Sep 23 08:20:44 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Harald Seiler X-Patchwork-Id: 82 Return-Path: Delivered-To: ilbers.mnt@gmail.com Received: by 2002:a4a:eb04:0:0:0:0:0 with SMTP id f4csp601410ooj; Wed, 23 Sep 2020 09:22:00 -0700 (PDT) X-Received: by 2002:aca:f05:: with SMTP id 5mr148636oip.173.1600878120647; Wed, 23 Sep 2020 09:22:00 -0700 (PDT) ARC-Seal: i=3; a=rsa-sha256; t=1600878120; cv=pass; d=google.com; s=arc-20160816; b=JgXRb7ZdvhgPOxdpFnYSm7BkreQkfR04U/floQsm4Vl5lX7V31RABBvo6h0gdAzTnK TnHhL3RqYYv5KwSH5zCbKredZoUuqxVu/2YVOnqYcetLA8maD/zko6LvJ+28ZwU95xA+ cX/yDpsx6wajbcHZC7NOlTSk6wbzuN7fvU/Zv7/3tfH/sKQrRp+ANVo998Y8NmTUcb4t vmwFjk+q0zONEAVCQ1XSKhJvfHXp7kdDXSDlGqXVI7aXN5pWwBE4Gbux7sR5yIEXk4KA Eu0iCsIiNqLNNIxGSdU/4yMlV6mE/VoE6GK98zLUjbCcTfeBUy24mVKhH/nnk/fXlEjI REVg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:dkim-signature; bh=pU4nuOco8KaYjTyuw2NHO8/SK6gnUjpLlvXIDKSrxZg=; b=tGHcD08oZ5KWWQqV6TQ+RCL7crBQgUEfzyuwb4KSJ/ftZrybjUdj/h0rQXMohUkRep HQkWIwNOwJZOwZ/rKtSi82oRJ0F4fnFi/Y3+7CDw0bycE9D+M1wAKeFKaxkUh7UhBzqQ 2zWQPaOTZrM7sD1ptfbqeidPzLvPt+/9oTMpteGSyhnGkhDrKT+7qwX50rumdXh1JLMp OWeR/t03ZYD7iCQ7Z1iN2Mt9JRXvn/dxM87I1t23Zc/ZIGEwHWFXCE+v215eSWLZF0QB hdsNmOwd/UuFOh+o5MmZTxLpOsh21BXPlb93uVLckYWmznAksL6L/1/XTsu65Dbc86NG 6yMQ== ARC-Authentication-Results: i=3; mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=HEfYrO1Q; arc=pass (i=2); spf=pass (google.com: domain of isar-users+bncbczlpqw3rykrbkhmvx5qkgqei24hb4y@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCZLPQW3RYKRBKHMVX5QKGQEI24HB4Y@googlegroups.com Received: from mail-sor-f55.google.com (mail-sor-f55.google.com. [209.85.220.55]) by mx.google.com with SMTPS id m8sor40261otn.96.2020.09.23.09.22.00 (Google Transport Security); Wed, 23 Sep 2020 09:22:00 -0700 (PDT) Received-SPF: pass (google.com: domain of isar-users+bncbczlpqw3rykrbkhmvx5qkgqei24hb4y@googlegroups.com designates 209.85.220.55 as permitted sender) client-ip=209.85.220.55; Authentication-Results: mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=HEfYrO1Q; arc=pass (i=2); spf=pass (google.com: domain of isar-users+bncbczlpqw3rykrbkhmvx5qkgqei24hb4y@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCZLPQW3RYKRBKHMVX5QKGQEI24HB4Y@googlegroups.com ARC-Seal: i=2; a=rsa-sha256; t=1600878120; cv=pass; d=google.com; s=arc-20160816; b=LlGgziOUn/uxAbe9PDCyJBd8d59KnDCwQE5g/MEXRx8phTszdRsjkUfWoB7d5nO3Ox WNVee05jCXiJGKQu7UeTXzBW1fds769yiNc3NVU4HUN44zIQlOGN3uZJVkR8xmzDX3FY Wy74mk0Ak5qZeLgD4pkQRhHuXTc57/+HLNiOQeXGT7yrFTKmYk3cwFAOf3TunI9KIiD9 bqDMCZNf3XRSEzdNnbqIPE6Wm1tvwUqOfgmMdk6UVj/RAOqRVUufHI2OLy0eZKLoxCvG yRkcg3E/OYpjMb5fQ7ttdF5+/Zoy225ZBG36aKHGD3hVP5dYlXoVFb4Uv7vZqzJwxfGK rUSw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:dkim-signature; bh=pU4nuOco8KaYjTyuw2NHO8/SK6gnUjpLlvXIDKSrxZg=; b=KaD8zVpEosZhxZks3COwhQfnExJ+ZsbxgzBEjKk18KXUatcr3d/C66GWFW/GVgnbme QDGlLm21VSYDlGX0BbZOAy8pOW0XNP5ysM0M2gHboiYQc+1ZIBFYx67dTfZt+UleVB+g N0iTU3EtZnqc++Xk0NdUzcOj8RIpKIPTysuf2sv6HT8XWzMCYyl8llyPvVQX4UzJxljI cFHGzV0ON60xL+dQWu77EWqQ5rvCbry9x5YVLLKZMRmn3Y64YJQxsqDYPGZL0WOb5LmG 8YDYhQlZzreKSNgkTfYpoONcF6rcVDYVnQu8I+7KA/2NHpC9mJPawPD05BqvskOdkKwb pa8A== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of hws@denx.de) smtp.mailfrom=hws@denx.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=pU4nuOco8KaYjTyuw2NHO8/SK6gnUjpLlvXIDKSrxZg=; b=HEfYrO1Q5BKnXZvKfRABffG5EPW/QjGH/H9nFUhwMZwOLUZD2RUzo31+LBlD/CAAsT X/b2q94kEzm8svy7BcESsXMFW8wiEZ0gxbt20maglXs0cs8iqbmepfYF96hse2WHPyPZ bvAgxCKET5PrMP1HWQh/oBt9RewcaNg69Vicdl0Q5QBGtSXGrBoQuAJxZDT5akXOrf2Y BiOTlxNMqWGBmHuG1fy7afcbEVjAgXtFHKQFNzV8a5SNJdAec4wX+CDtUhi5fjEyaL4S wuzcwyeW9jvwIOjDU6djmA0nQJCZoadWm1gXFBenysfgBY/8vrAwZIDj373CkkZfSSfQ CiRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :x-spam-checked-in-group:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=pU4nuOco8KaYjTyuw2NHO8/SK6gnUjpLlvXIDKSrxZg=; b=eO6lDwJo7EsSBZBOvCSYl+sO7uvfj2hjLm2aqZ0i7Vx5Cc3OB9QWrUp5+5qEypp9d/ CZFvHS5mVhI+OJjBl43JcxrOoY09Rufe8UU0HAomN0AcXwnB0TYPnkw/JgHi8X8pM2VU 4YBCuWvvn8GjPwd9c3v2YEybp92UpB9C/xvRDogMn40oAXQHh+c/ijeMkyETQ3xVvKJg E81J1O7d3atRrgwh/PisA7uEJM4nnEmN3VlH3wNsh3T9+y70DptPoPwiqpEnpIn6CKLE QZaJeG2lyhTRk9hMXSYilHwX2SCFk8eD8Gd3OPZ12fbryorZgc5TC9FWfyRcb1gfS325 HBKQ== Sender: isar-users@googlegroups.com X-Gm-Message-State: AOAM530HriZRCDqt4FINUSTesi3+ieal6+yBoiKXhUDj6unX2zNoBWOc B54dwrlohq6r56dq9ZvvbJY= X-Google-Smtp-Source: ABdhPJxNcn0CMkj/Lce+VHZAOhnasRQ9PTwSSkleeiPU/3YuOif0DCi0TiJBjFBfQ0xg+haVbyH9VQ== X-Received: by 2002:a05:6830:1e02:: with SMTP id s2mr354570otr.78.1600878120208; Wed, 23 Sep 2020 09:22:00 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6830:4d2:: with SMTP id s18ls55082otd.0.gmail; Wed, 23 Sep 2020 09:21:59 -0700 (PDT) X-Received: by 2002:a9d:ee2:: with SMTP id 89mr338111otj.194.1600878119877; Wed, 23 Sep 2020 09:21:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600878119; cv=none; d=google.com; s=arc-20160816; b=vTtqJiEEVMHcoZoOT3eeyZZXY13yBvL6HogHFksyqPIArcAMSUfbERc68X3lfLoxRo y8CLPe/6pGjS4NJikqjXPxP4OFPQFmROclQ2fV0v4vwwvsfrossOowhs+7hZ22p+Xp56 rvzUL08gInbUvReyhDT1PKBzeulZ5yD5TAoBax79q8qaYs/NOAUSqFLKWrUh/IhG39ep 7SUDt2CFn1gw4qFGdTU9NI3Bj9StImfOq8Jl+61qii3zWlqAN7onroCPIglTlkB46Ed6 mK/+DHI9au9aBTVN2CHKZjTRTVD6gmgKB9CE8rJZADHJIdWT+J9arG0WOnQIbeWp1mr7 pKPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from; bh=GG/3io2VDK6InrqZMpOjVAmuFBH3ScSxcBE15yLK5jM=; b=geOz9Wikz/JItjHydltPoBT62jqujBfpVGiJGhzZd0OF3Gbv1zrAvBbwTvz7fHdnHu g44gMCSxybyyp6dN3Fx4o7qJmiEmFq3FQbDypzBX56OoliP8etVOfHuAwI4fikRLehPD fxmhrDSlJ/fCFY9ey8FI+ZVbOjcnLRKarri8JOCRf/rF5ypEQSlr4qfFEr93cx65AU3q +gMCyI9j0BsDLH0QGUnBBMq226tjEghMVOr9XQbie4rJT3rQyVNI8MfECxUWJakdw4fJ K9wzxssFp6sH0vRPYTqUU3RPy9NMmqyAtbLC3qhvLHmBwF6QKPtBWcdwrzfcFgyjlU8I pPkw== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of hws@denx.de) smtp.mailfrom=hws@denx.de Received: from mail-out.m-online.net (mail-out.m-online.net. [212.18.0.9]) by gmr-mx.google.com with ESMTPS id d1si33640oom.0.2020.09.23.09.21.59 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 23 Sep 2020 09:21:59 -0700 (PDT) Received-SPF: neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of hws@denx.de) client-ip=212.18.0.9; Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 4BxNjV6l0Jz1qs3k; Wed, 23 Sep 2020 18:21:50 +0200 (CEST) Received: from localhost (dynscan1.mnet-online.de [192.168.6.70]) by mail.m-online.net (Postfix) with ESMTP id 4BxNjV6SJ2z1qwT6; Wed, 23 Sep 2020 18:21:50 +0200 (CEST) X-Virus-Scanned: amavisd-new at mnet-online.de Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new, port 10024) with ESMTP id G3ukJ1N3P7jM; Wed, 23 Sep 2020 18:21:49 +0200 (CEST) X-Auth-Info: pHRPPzGWRtMpKq1m1+KV41TSMuPkoRE7flfJrWj4JRU= Received: from maia.denx.de (p578adb1c.dip0.t-ipconnect.de [87.138.219.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.mnet-online.de (Postfix) with ESMTPSA; Wed, 23 Sep 2020 18:21:49 +0200 (CEST) From: Harald Seiler To: isar-users@googlegroups.com Cc: Harald Seiler Subject: [PATCH v2 1/3] classes: Add initramfs class Date: Wed, 23 Sep 2020 18:20:44 +0200 Message-Id: <20200923162046.206888-1-hws@denx.de> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200921104212.1387227-1-hws@denx.de> References: <20200921104212.1387227-1-hws@denx.de> MIME-Version: 1.0 X-Original-Sender: hws@denx.de X-Original-Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of hws@denx.de) smtp.mailfrom=hws@denx.de Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1678439856994304796?= X-GMAIL-MSGID: =?utf-8?q?1678642376363396270?= Add a new "image" class for generating a custom initramfs. It works like this: A new minimal debian rootfs is bootstrapped and all dependency packages for the new initramfs are installed. Then, an initramfs is generated from this rootfs and deployed like usual. This new initramfs.bbclass "image" class should be pulled in by an "initramfs image" recipe. Said recipe then specifies all dependencies of the initramfs via INITRAMFS_INSTALL and INITRAMFS_PREINSTALL (which are analogous to the respective IMAGE_* variables). initramfs.bbclass intentionally does _not_ expose a mechanism to change /etc/initramfs-tools/initramfs.conf and /etc/initramfs-tools/modules. Changes to their settings are better done via packages that deploy conf-hooks to /usr/share/initramfs-tools/conf-hooks.d/ and module fragment files to /usr/share/initramfs-tools/modules.d/. Signed-off-by: Harald Seiler --- Notes: I had this idea while searching for a way to build an initramfs that uses dm-verity to assert integrity of the rootfs. To me, this feels like a much cleaner solution than anything else I tried and I'm happy to report that, using this approach, I got everything working nicely in the original project. In my opinion, this design has a number of advantages over the previous solutions we have seen so far: - It does not suffer any kind of initramfs pollution, caused by packages installed into a rootfs. This is a big problem when trying to generated an initramfs from e.g. `buildchroot-target` as many unrelated packaged could be installed there which would all get pulled into the initrd (if they install hooks/scripts). This also means, with this new approach, the integrator has maximum control over the contents of the initramfs. - There are no needs to change the initramfs generation process in any way, the debian tooling can be used exactly like its meant to. - As most isar-generated images will never regenerate the initramfs from the running system, all initramfs related packages are dead-weight to the image. This is a problem when trying to generate the initramfs from the actual image rootfs. When it is necessary to rebuild the initramfs in a running system, the packages designed for this new class could just be installed into the rootfs, without any changes necessary. This means, any generic initramfs module packages can be used both with the in-rootfs mechanism and initramfs.bbclass. - Because of this complete isolation and independence, implementation of complex logic is much easier: For example dm-verity needs a root-hash that is only available after the rootfs has been cast into a filesystem image. With this new approach, this can be modelled with a simple task dependency. Changes in v2: - None (just added examples in new patches) meta/classes/initramfs.bbclass | 41 ++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 meta/classes/initramfs.bbclass diff --git a/meta/classes/initramfs.bbclass b/meta/classes/initramfs.bbclass new file mode 100644 index 000000000000..8af9b4b379a5 --- /dev/null +++ b/meta/classes/initramfs.bbclass @@ -0,0 +1,41 @@ +# This software is a part of ISAR. + +# Make workdir and stamps machine-specific without changing common PN target +WORKDIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/${PN}-${MACHINE}/${PV}-${PR}" +STAMP = "${STAMPS_DIR}/${DISTRO}-${DISTRO_ARCH}/${PN}-${MACHINE}/${PV}-${PR}" +STAMPCLEAN = "${STAMPS_DIR}/${DISTRO}-${DISTRO_ARCH}/${PN}-${MACHINE}/*-*" + +INITRAMFS_INSTALL ?= "" +INITRAMFS_PREINSTALL ?= "" +INITRAMFS_ROOTFS ?= "${WORKDIR}/rootfs" +INITRAMFS_IMAGE_FILE = "${DEPLOY_DIR_IMAGE}/${INITRAMFS_FULLNAME}.initrd.img" + +# Install proper kernel +INITRAMFS_INSTALL += "${@ ("linux-image-" + d.getVar("KERNEL_NAME", True)) if d.getVar("KERNEL_NAME", True) else ""}" + +# Name of the initramfs including distro&machine names +INITRAMFS_FULLNAME = "${PN}-${DISTRO}-${MACHINE}" + +DEPENDS += "${INITRAMFS_INSTALL}" + +ROOTFSDIR = "${INITRAMFS_ROOTFS}" +ROOTFS_FEATURES = "" +ROOTFS_PACKAGES = "initramfs-tools ${INITRAMFS_PREINSTALL} ${INITRAMFS_INSTALL}" + +inherit rootfs + +do_generate_initramfs() { + rootfs_do_mounts + rootfs_do_qemu + + sudo -E chroot "${INITRAMFS_ROOTFS}" \ + update-initramfs -u -v + + if [ ! -e "${INITRAMFS_ROOTFS}/initrd.img" ]; then + die "No initramfs was found after generation!" + fi + + rm -rf "${INITRAMFS_IMAGE_FILE}" + cp "${INITRAMFS_ROOTFS}/initrd.img" "${INITRAMFS_IMAGE_FILE}" +} +addtask generate_initramfs after do_rootfs before do_build