diff options
Diffstat (limited to 'meta-phosphor/classes/image_types_phosphor.bbclass')
-rw-r--r-- | meta-phosphor/classes/image_types_phosphor.bbclass | 158 |
1 files changed, 49 insertions, 109 deletions
diff --git a/meta-phosphor/classes/image_types_phosphor.bbclass b/meta-phosphor/classes/image_types_phosphor.bbclass index 8f92f7045..e4663471c 100644 --- a/meta-phosphor/classes/image_types_phosphor.bbclass +++ b/meta-phosphor/classes/image_types_phosphor.bbclass @@ -19,19 +19,15 @@ FLASH_UBI_OVERLAY_BASETYPE ?= "ubifs" FLASH_EXT4_BASETYPE ?= "ext4" FLASH_EXT4_OVERLAY_BASETYPE ?= "ext4" -IMAGE_TYPES += "mtd-static mtd-static-alltar mtd-static-tar mtd-ubi mtd-ubi-tar mmc-verity mmc-ext4-tar" +IMAGE_TYPES += "mtd-static mtd-static-alltar mtd-static-tar mtd-ubi mtd-ubi-tar mmc-ext4-tar" IMAGE_TYPEDEP_mtd-static = "${IMAGE_BASETYPE}" IMAGE_TYPEDEP_mtd-static-tar = "${IMAGE_BASETYPE}" IMAGE_TYPEDEP_mtd-static-alltar = "mtd-static" IMAGE_TYPEDEP_mtd-ubi = "${FLASH_UBI_BASETYPE}" IMAGE_TYPEDEP_mtd-ubi-tar = "${FLASH_UBI_BASETYPE}" -IMAGE_TYPEDEP_mmc-verity = "${FLASH_EXT4_BASETYPE}" IMAGE_TYPEDEP_mmc-ext4-tar = "${FLASH_EXT4_BASETYPE}" -IMAGE_TYPES_MASKED += "mtd-static mtd-static-alltar mtd-static-tar mtd-ubi mtd-ubi-tar mmc-verity mmc-ext4-tar" - -IMAGE_BLOCK_SIZE ?= "4096" -EXTRA_IMAGECMD_ext4 = "-b ${IMAGE_BLOCK_SIZE}" +IMAGE_TYPES_MASKED += "mtd-static mtd-static-alltar mtd-static-tar mtd-ubi mtd-ubi-tar mmc-ext4-tar" # Flash characteristics in KB unless otherwise noted DISTROOVERRIDES .= ":flash-${FLASH_SIZE}" @@ -58,6 +54,10 @@ FLASH_UBI_RWFS_SIZE_flash-131072 ?= "32768" FLASH_UBI_RWFS_TXT_SIZE ?= "6MiB" FLASH_UBI_RWFS_TXT_SIZE_flash-131072 ?= "32MiB" +# eMMC sizes in KB unless otherwise noted. +MMC_UBOOT_SIZE ?= "1024" +MMC_BOOT_PARTITION_SIZE ?= "65536" + SIGNING_KEY ?= "${STAGING_DIR_NATIVE}${datadir}/OpenBMC.priv" INSECURE_KEY = "${@'${SIGNING_KEY}' == '${STAGING_DIR_NATIVE}${datadir}/OpenBMC.priv'}" SIGNING_KEY_DEPENDS = "${@oe.utils.conditional('INSECURE_KEY', 'True', 'phosphor-insecure-signing-key-native:do_populate_sysroot', '', d)}" @@ -105,6 +105,12 @@ mk_empty_image() { | tr '\000' '\377' > $image_dst } +mk_empty_image_zeros() { + image_dst="$1" + image_size_kb=$2 + dd if=/dev/zero of=$image_dst bs=1k count=$image_size_kb +} + clean_rwfs() { type=$1 shift @@ -182,7 +188,7 @@ do_generate_ubi[dirs] = "${S}/ubi" do_generate_ubi[depends] += " \ ${PN}:do_image_${@d.getVar('FLASH_UBI_BASETYPE', True).replace('-', '_')} \ virtual/kernel:do_deploy \ - u-boot:do_populate_sysroot \ + u-boot:do_deploy \ mtd-utils-native:do_populate_sysroot \ " @@ -217,99 +223,10 @@ do_make_ubi[dirs] = "${S}/ubi" do_make_ubi[depends] += " \ ${PN}:do_image_${@d.getVar('FLASH_UBI_BASETYPE', True).replace('-', '_')} \ virtual/kernel:do_deploy \ - u-boot:do_populate_sysroot \ + u-boot:do_deploy \ mtd-utils-native:do_populate_sysroot \ " -python do_generate_mmc_verity() { - import os - import subprocess - - rootfs_image = os.path.join(d.getVar('IMGDEPLOYDIR', True), - '%s.%s' % ( - d.getVar('IMAGE_LINK_NAME', True), - d.getVar('FLASH_EXT4_BASETYPE', True))) - - verity_image = 'verity-%s.%s' % ( - d.getVar('IMAGE_LINK_NAME', True), - d.getVar('FLASH_EXT4_BASETYPE', True)) - - subprocess.check_call(['dd', - 'if=%s' % rootfs_image, - 'of=%s' % verity_image]) - - # dm-verity values - sector_size = 512 - block_size = int(d.getVar('IMAGE_BLOCK_SIZE', True)) - verity_algo = "sha256" - rootfs_image_size = os.stat(rootfs_image).st_size - - def align_up(number, boundary): - return ((number + (boundary - 1)) // boundary) * boundary - - # verity metadata must be aligned on the block boundary subsequent to the - # end of the data - verity_hash_offset = align_up(rootfs_image_size, block_size) - - verity_hash_blocks = verity_hash_offset // block_size - - # the output of 'veritysetup format' looks like: - # VERITY header information for obmc-phosphor-image-witherspoon.squashfs-xz - # UUID: 269b5934-de5b-45b0-99a3-56b219a7b544 - # Hash type: 1 - # Data blocks: 4523 - # Data block size: 4096 - # Hash block size: 4096 - # Hash algorithm: sha256 - # Salt: 8fca9eff342fc0cf2964057257ea80813a223cb2e540a38458142edeb190e12e - # Root hash: 38ef00d23fa89300dcf66e7494d25246d03bf846b4119b34e7b1587c0b6fe1d9 - verity_hash_file = "verity-hash-verification-data" - with open(verity_hash_file, 'w') as f: - subprocess.check_call(['veritysetup', - 'format', - '--hash=%s'% verity_algo, - '--data-block-size=%i' % block_size, - '--hash-block-size=%i' % block_size, - '--hash-offset=%i' % verity_hash_offset, - '%s' % verity_image, - '%s' % verity_image], stdout=f, stderr=f) - - for line in open(verity_hash_file, "r"): - if "Salt" in line: - verity_salt = line.split()[-1] - if "Root" in line: - verity_root = line.split()[-1] - - verity_image_size = os.stat(verity_image).st_size - - # Make an appropriately sized image for MMC - mmc_image_name = "%s.mmc" % d.getVar('IMAGE_NAME', True) - mmc_image_path = os.path.join(d.getVar('IMGDEPLOYDIR', True), - '%s' % mmc_image_name) - - # CSD size accommodates MMC limitations that are relevant to QEMU - csd_size = (1 << (9 + 9 - 1 + 2)) - - with open(mmc_image_path, 'w') as fd: - os.posix_fallocate(fd.fileno(), 0, align_up(verity_image_size, csd_size)) - subprocess.check_call(['dd', - 'if=%s' % verity_image, - 'of=%s' % mmc_image_path, - 'conv=notrunc']) - - os.chdir("%s" % d.getVar('IMGDEPLOYDIR', True)) - mmc_link_name = os.path.join(d.getVar('IMGDEPLOYDIR', True), - '%s.mmc' % d.getVar('IMAGE_LINK_NAME', True)) - if os.path.lexists(mmc_link_name): - os.remove(mmc_link_name) - os.symlink(mmc_image_name, mmc_link_name) -} -do_generate_mmc_verity[dirs] = "${S}/mmc" -do_generate_mmc_verity[depends] += " \ - ${PN}:do_image_${FLASH_EXT4_BASETYPE} \ - cryptsetup-native:do_populate_sysroot \ - " - do_mk_static_nor_image() { # Assemble the flash image mk_empty_image ${IMGDEPLOYDIR}/${IMAGE_NAME}.static.mtd ${FLASH_SIZE} @@ -406,7 +323,7 @@ do_generate_static[dirs] = "${S}/static" do_generate_static[depends] += " \ ${PN}:do_image_${@d.getVar('IMAGE_BASETYPE', True).replace('-', '_')} \ virtual/kernel:do_deploy \ - u-boot:do_populate_sysroot \ + u-boot:do_deploy \ " make_signatures() { @@ -487,7 +404,7 @@ do_generate_static_tar[dirs] = " ${S}/static" do_generate_static_tar[depends] += " \ ${PN}:do_image_${@d.getVar('IMAGE_BASETYPE', True).replace('-', '_')} \ virtual/kernel:do_deploy \ - u-boot:do_populate_sysroot \ + u-boot:do_deploy \ openssl-native:do_populate_sysroot \ ${SIGNING_KEY_DEPENDS} \ ${PN}:do_copy_signing_pubkey \ @@ -505,29 +422,56 @@ do_generate_ubi_tar[dirs] = " ${S}/ubi" do_generate_ubi_tar[depends] += " \ ${PN}:do_image_${@d.getVar('FLASH_UBI_BASETYPE', True).replace('-', '_')} \ virtual/kernel:do_deploy \ - u-boot:do_populate_sysroot \ + u-boot:do_deploy \ openssl-native:do_populate_sysroot \ ${SIGNING_KEY_DEPENDS} \ ${PN}:do_copy_signing_pubkey \ " do_generate_ext4_tar() { - zstd -f -k -T0 -c ${ZSTD_COMPRESSION_LEVEL} ${IMGDEPLOYDIR}/${IMAGE_LINK_NAME}.${FLASH_EXT4_BASETYPE} > ${IMGDEPLOYDIR}/${IMAGE_LINK_NAME}.${FLASH_EXT4_BASETYPE}.zst + # Generate the U-Boot image + mk_empty_image_zeros image-u-boot ${MMC_UBOOT_SIZE} + do_generate_image_uboot_file image-u-boot + + # Generate a compressed ext4 filesystem with the fitImage file in it to be + # flashed to the boot partition of the eMMC + install -d boot-image + install -m 644 ${DEPLOY_DIR_IMAGE}/${FLASH_KERNEL_IMAGE} boot-image/fitImage + mk_empty_image_zeros boot-image.${FLASH_EXT4_BASETYPE} ${MMC_BOOT_PARTITION_SIZE} + mkfs.ext4 -F -i 4096 -d boot-image boot-image.${FLASH_EXT4_BASETYPE} + # Error codes 0-3 indicate successfull operation of fsck + fsck.ext4 -pvfD boot-image.${FLASH_EXT4_BASETYPE} || [ $? -le 3 ] + zstd -f -k -T0 -c ${ZSTD_COMPRESSION_LEVEL} boot-image.${FLASH_EXT4_BASETYPE} > boot-image.${FLASH_EXT4_BASETYPE}.zst + + # Generate the compressed ext4 rootfs + zstd -f -k -T0 -c ${ZSTD_COMPRESSION_LEVEL} ${IMGDEPLOYDIR}/${IMAGE_LINK_NAME}.${FLASH_EXT4_BASETYPE} > ${IMAGE_LINK_NAME}.${FLASH_EXT4_BASETYPE}.zst + + ln -sf boot-image.${FLASH_EXT4_BASETYPE}.zst image-kernel + ln -sf ${IMAGE_LINK_NAME}.${FLASH_EXT4_BASETYPE}.zst image-rofs + ln -sf ${IMGDEPLOYDIR}/${IMAGE_LINK_NAME}.rwfs.${FLASH_EXT4_OVERLAY_BASETYPE} image-rwfs ln -sf ${S}/MANIFEST MANIFEST ln -sf ${S}/publickey publickey - make_image_links rwfs.${FLASH_EXT4_OVERLAY_BASETYPE} ${FLASH_EXT4_BASETYPE}.zst - make_signatures image-u-boot image-kernel image-rofs image-rwfs MANIFEST publickey - make_tar_of_images ext4.mmc MANIFEST publickey ${signature_files} + + hostfw_update_file="${DEPLOY_DIR_IMAGE}/hostfw/update/image-hostfw" + if [ -e "${hostfw_update_file}" ]; then + ln -sf "${hostfw_update_file}" image-hostfw + make_signatures image-u-boot image-kernel image-rofs image-rwfs MANIFEST publickey image-hostfw + make_tar_of_images ext4.mmc MANIFEST publickey ${signature_files} image-hostfw + else + make_signatures image-u-boot image-kernel image-rofs image-rwfs MANIFEST publickey + make_tar_of_images ext4.mmc MANIFEST publickey ${signature_files} + fi } do_generate_ext4_tar[dirs] = " ${S}/ext4" do_generate_ext4_tar[depends] += " \ zstd-native:do_populate_sysroot \ ${PN}:do_image_${FLASH_EXT4_BASETYPE} \ virtual/kernel:do_deploy \ - u-boot:do_populate_sysroot \ + u-boot:do_deploy \ openssl-native:do_populate_sysroot \ ${SIGNING_KEY_DEPENDS} \ ${PN}:do_copy_signing_pubkey \ + phosphor-hostfw-image:do_deploy \ " def get_pubkey_basedir(d): @@ -609,10 +553,6 @@ python() { 'do_image_complete', 'do_generate_rwfs_ubi do_generate_phosphor_manifest', d) - if 'mmc-verity' in types: - bb.build.addtask( - 'do_generate_mmc_verity', - 'do_image_complete','', d) if 'mmc-ext4-tar' in types: bb.build.addtask( 'do_generate_ext4_tar', |