From patchwork Sun Jan 17 03:07:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brian Norris X-Patchwork-Id: 1427676 X-Patchwork-Delegate: mail@aparcar.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2001:8b0:10b:1231::1; helo=merlin.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=merlin.20170209 header.b=fWxsJS//; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=mI1xWMdV; dkim-atps=neutral Received: from merlin.infradead.org (merlin.infradead.org [IPv6:2001:8b0:10b:1231::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DJKfM4X2Mz9sWL for ; Sun, 17 Jan 2021 14:10:03 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=m7gwG12zOO4MrgEZpmgH/DzfR5u9n+eovIUOJPiB0dM=; b=fWxsJS//7tEP2lryvK2v1OWdO vpc3uZDNDO9cG3lRj7PnBAFyPdTrrOKWv/TbiYC/rpXXhs1at5vjkywzORllFaOhWMrr4a6/FQ/Do olxiv1Zipu2m08BIP2JrFtRSMx/hAjbeN4l97IUx5tQkO4Gq3opIw+/eyh+zK+9HZVFyZelvX3+E3 oKUX1KD18Cf+6qwoLuJG2tyy+NlsvJM2E9tk2I9qCF0/zZQ3HMQ4RcmYOrE26LhONAQPQlp1xlxpZ oWBzk3neWFrnwBPLedCuKwq8e5Ywwco7hc0mfNg5PvPwezk14Q4U0dYcctuw7Jv9Fj3hXwuBXVpjq 4rw99keXA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1l0yPf-00048j-F6; Sun, 17 Jan 2021 03:07:35 +0000 Received: from mail-pf1-x434.google.com ([2607:f8b0:4864:20::434]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1l0yPZ-00046c-Fw for openwrt-devel@lists.openwrt.org; Sun, 17 Jan 2021 03:07:31 +0000 Received: by mail-pf1-x434.google.com with SMTP id f63so276717pfa.13 for ; Sat, 16 Jan 2021 19:07:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=l7ndJ8tvIcBoYc9vAK4sloQynq52nSYYMLqxmNPOYf4=; b=mI1xWMdVsqE4/jTzq7w75Mypl9MhMcO5U63PYZIUS3azfP3Z7i4nuiEO1nZRm2uUCU ihBad0mMznbv8isJQunCr4EzNOGlboQvX1TLWuU6KhT34dASAfCzx8LinOHTMrDoANEF bJGwWVFhZ8UIYaTmE8B6C+tJ7AEZdxJc0xTdX/xTbpBa3j4Z1aLDQZgP5Q/9vToHCuZU ZLCekOSHo+AATpsKPm2W5iA7mfST3fk3j748V2atl/EInS1JEXhB5PQ/8CgEHGpdKmsx N0XuUOGyA9GzPKy04tEaWYLMoSZDXvDGRQRKMnGLl3JDuLva0SWcVl5x3P16NC/6NIvJ bhQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=l7ndJ8tvIcBoYc9vAK4sloQynq52nSYYMLqxmNPOYf4=; b=HwvJ6yyJDKKIEmE4A9Tka8u60Gxu/FaNYC0qqAc+Pq1w6KYqytJ/sYw2n/ULEpUCFD NNmtXORfxzg7L7uXEACTd8SFLsi8hquTcWr94KOfsZtBDvC0R+9N3FzUpyHo7s91Axmw Gk/AknP6It5kR2V8rvsRp9PxWv3Z0HybQc9qopXMFHRzBW7QPu2jbkBruW85bkDvi7U7 bncgT7ZpvRzICAb+lnX7yz3J0AT7THvh0b6YQox2OizORcW8FJ143Po4GDxb0KJQo3Pd Vo0INYUS5TLNtumTBSZFmu28p6i36tOaPRwjWgianFVuGL+/waRmv6FT1n15aym+n+XC Lhjg== X-Gm-Message-State: AOAM532M2iVbqVRjS+E1F8A7tWa3DJP+bcMTPqgxNw/OWrNRCzBOPOdA Fpt3gGm1jeskm4V4Z9X2jqXX/WPaFTM= X-Google-Smtp-Source: ABdhPJxDLQpML7mlwslA4kmJlWOiBG/TqbhHen/ruaC7a96qYKOdOKwseruVq0tw5VS9rN9dkvxcww== X-Received: by 2002:a63:d814:: with SMTP id b20mr20121148pgh.202.1610852843851; Sat, 16 Jan 2021 19:07:23 -0800 (PST) Received: from localhost ([2601:647:5800:2ac5:9eef:d5ff:fefc:64ae]) by smtp.gmail.com with ESMTPSA id d7sm2390235pfd.160.2021.01.16.19.07.23 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 16 Jan 2021 19:07:23 -0800 (PST) From: Brian Norris To: openwrt-devel@lists.openwrt.org Subject: [PATCH v2 3/4] image-commands: support Chromium OS image-type creation Date: Sat, 16 Jan 2021 19:07:05 -0800 Message-Id: <20210117030707.1251501-4-computersforpeace@gmail.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210117030707.1251501-1-computersforpeace@gmail.com> References: <20210117030707.1251501-1-computersforpeace@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210116_220730_217524_52BA8D1C X-CRM114-Status: GOOD ( 15.64 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:434 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [computersforpeace[at]gmail.com] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Brian Norris Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org See the previous patches, which implemented the cros-vbutil verified-boot payload-packing tool, and extended ptgen for the CrOS kernel partition type. With these, it's now possible to package kernel + rootfs to make disk images that can boot a Chrome OS-based system (e.g., Chromebooks, or even a few AP models). gen_image_vboot.sh borrows a bit of structure from gen_image_generic.sh, but I didn't feel it fit well to try and add new flags to the latter, given the difference in its FAT kernel packaging and our raw kernel partition packing. Signed-off-by: Brian Norris --- include/image-commands.mk | 18 ++++++++++ .../base-files/files/lib/upgrade/common.sh | 4 ++- scripts/gen_image_vboot.sh | 36 +++++++++++++++++++ 3 files changed, 57 insertions(+), 1 deletion(-) create mode 100755 scripts/gen_image_vboot.sh diff --git a/include/image-commands.mk b/include/image-commands.mk index 979eafb15734..f02d8e79fce6 100644 --- a/include/image-commands.mk +++ b/include/image-commands.mk @@ -172,6 +172,24 @@ define Build/fit @mv $@.new $@ endef +define Build/cros-image + $(SCRIPT_DIR)/gen_image_vboot.sh \ + $@ \ + $(CONFIG_TARGET_KERNEL_PARTSIZE) \ + $(CONFIG_TARGET_KERNEL_PARTSIZE) $(IMAGE_KERNEL) \ + $(CONFIG_TARGET_ROOTFS_PARTSIZE) $(IMAGE_ROOTFS) +endef + +# NB: Chrome OS bootloaders replace the '%U' in command lines with the UUID of +# the kernel partition it chooses to boot from. This gives a flexible way to +# consistently build and sign kernels that always use the subsequent +# (PARTNROFF=1) partition as their rootfs. +define Build/cros-vboot + $(STAGING_DIR_HOST)/bin/cros-vbutil \ + -k $@ -c "root=PARTUUID=%U/PARTNROFF=1" -o $@.new + @mv $@.new $@ +endef + define Build/gzip gzip -f -9n -c $@ $(1) > $@.new @mv $@.new $@ diff --git a/package/base-files/files/lib/upgrade/common.sh b/package/base-files/files/lib/upgrade/common.sh index c28bae48a15c..a2ee8d1675a6 100644 --- a/package/base-files/files/lib/upgrade/common.sh +++ b/package/base-files/files/lib/upgrade/common.sh @@ -178,9 +178,11 @@ export_bootdevice() { fi done ;; + PARTUUID=????????-????-????-????-??????????01/PARTNROFF=1 | \ PARTUUID=????????-????-????-????-??????????02) uuid="${rootpart#PARTUUID=}" - uuid="${uuid%02}00" + uuid="${uuid%/PARTNROFF=1}" + uuid="${uuid%0?}00" for disk in $(find /dev -type b); do set -- $(dd if=$disk bs=1 skip=568 count=16 2>/dev/null | hexdump -v -e '8/1 "%02x "" "2/1 "%02x""-"6/1 "%02x"') if [ "$4$3$2$1-$6$5-$8$7-$9" = "$uuid" ]; then diff --git a/scripts/gen_image_vboot.sh b/scripts/gen_image_vboot.sh new file mode 100755 index 000000000000..ae267ba3fbb9 --- /dev/null +++ b/scripts/gen_image_vboot.sh @@ -0,0 +1,36 @@ +#!/usr/bin/env bash +# Copyright (C) 2021 OpenWrt.org +set -e -x +[ $# == 6 ] || { + echo "SYNTAX: $0 " + exit 1 +} + +OUTPUT="$1" +BOOTPARTSIZE="$2" +KERNELSIZE="$3" +KERNELIMAGE="$4" +ROOTFSSIZE="$5" +ROOTFSIMAGE="$6" + +rm -f "${OUTPUT}" + +head=16 +sect=63 + +# create partition table +set $(ptgen -o "${OUTPUT}" -h $head -s $sect -g -p ${BOOTPARTSIZE}m -T cros_kernel -p ${KERNELSIZE}m -p ${ROOTFSSIZE}m) + +BOOTOFFSET="$(($1 / 512))" +BOOTSIZE="$2" +KERNELOFFSET="$(($3 / 512))" +KERNELSIZE="$4" +ROOTFSOFFSET="$(($5 / 512))" +ROOTFSSIZE="$(($6 / 512))" + +mkfs.fat -n boot -C "${OUTPUT}.boot" -S 512 "$((BOOTSIZE / 1024))" + +dd if="${OUTPUT}.boot" of="${OUTPUT}" bs=512 seek="${BOOTOFFSET}" conv=notrunc +rm -f "${OUTPUT}.boot" +dd if="${KERNELIMAGE}" of="${OUTPUT}" bs=512 seek="${KERNELOFFSET}" conv=notrunc +dd if="${ROOTFSIMAGE}" of="${OUTPUT}" bs=512 seek="${ROOTFSOFFSET}" conv=notrunc