| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OSTree handles the contents of /boot separately from the rest of the
filesystem, see [1].
By default, upstream yocto rootfs generation stores the following
artifacts in /boot:
- kernel-image (bzImage) as /boot/bzImage-...;
- multiple packages that deploy grub.cfg, grubenv and EFI binaries:
* dpkg -S /boot/efi/EFI/BOOT
shim, seloader, ovmf-pkcs7-efi, grub-efi, grub-bootconf, efitools
However, none of these are ever used in Enea Edge, due to the way our
initial installation and subsequent upgrade work:
* live image building copies the kernel image from yocto deploy dir,
EFI binaries from rootfs /boot (this patch changes this to also
copy from the yocto deploy dir "bootloader" dir for uniformity) to
the root of the hddimg image;
* Enea Edge Installer (via utils.sh) creates the ESP partition
and copies all artifacts from hddimg to ESP under /EFI/BOOT [2];
* (currently) subsequent upgrades do _not_ update the contents of the
ESP /EFI/BOOT directory after initial installation;
* subsequent upgrades copy the kernel and ostree-initramfs from OSTree
rootfs (from /usr/lib/modules where ostree-kernel package resides)
to the ESP for SELoader validation;
This flow leaves unused (duplicate) artifacts in the following path:
/ostree/boot.x/poky/<poky hash>/0/boot/
While the kernel-image package can be omitted from installation, since
ostree-kernel package already installs the same binaries in
/usr/lib/modules (where OSTree will look for it), the rest of the
packages (shim, seloader etc.) also install other files to the rootfs
(e.g. CLI tools) and/or are used by the live image (hddimg) build
process as sources when copying said artifacts to the hddimg image; so
we can't simply skip installing them inside the rootfs.
Also, we want non-SOTA artifacts (e.g. rootfs.ext4) to still contain
these artifacts.
So the only sensible solution to avoiding confusion and removing
unused artifacts from OSTree images is to remove them right before
creating the OSTree image.
While at it, add some ENEA-specific comment markers to our prepend/
append fragments to make them stand out.
[1] https://github.com/ostreedev/ostree/blob/v2020.8/docs/\
atomic-upgrades.md#the-ostreeboot-directory
[2] http://sestogerrit02/cgit/linux/meta-enea-virtualization.git/tree/
recipes-enea/nfv-installer/nfv-installer/utils.sh?h=rocko#n230
Change-Id: I470c1c3d19f301cae4b8fbe184aa2906d4a25ddf
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. EFI_PREFIX: Fix duplicate grubx64.efi binaries by aligning paths:
* by default, upstream meta-oe and meta-secure-core both install
grubx64.efi, but in different locations (/boot/EFI/BOOT vs
/boot/efi/EFI/BOOT) unless we explicitely override some vars to
align the 2 paths; use the old behavior (/boot/efi/EFI/BOOT),
as meta-secure-core has multiple recipes that reference it, while
meta-oe allows changing the path via a single var override;
* note that in an OSTree deployment, these paths don't even exist
on target, we explicity install grubx64.efi during Enea Edge
installation by copying grubx64.efi from /EFI/BOOT in hddimg;
2. live-vm-common: use ${EFI_FILES_PATH} instead of hardcoding it;
3. core-image-minimal-initramfs, enea-nfv-access: Blacklist
grub-common-extras package on x86-64 machines if OSTree is used;
Depends-On: I703b53fd09c5ed75731375414f3e711ec3dadc3e
Change-Id: I3735bc004ece62f94172108f2e7ed4596942deea
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
