dm-verity: Set the IMAGE_FSTYPES correctly when dm-verity is enabled

After the using inherit_defer for the image classes in oe-core commit 451363438d38 ("classes/recipes: Switch to use inherit_defer"), the using of anonymous python function in dm-verity-img.bbclass to set the IMAGE_FSTYPES doesn't work anymore. The reason is that image.bbclass also use anonymous python function to add the do_image_xxx task for the corresponding filesystem type. The anonymous function in dm-verity-img.bbclass is evaluated much later than the one in image.bbclass. Then the task such as do_image_vhash will not be added as we expect. So we choose to use "+=" to set the IMAGE_FSTYPES. The populate_sdk_ext.bbclass may generate a dependency list like below: core-image-minimal.do_sdk_depends -> lib32-core-image-minimal.do_image_vhash So we also need to make sure the do_image_vhash task for the multilib filesystem is added. Signed-off-by: Kevin Hao <kexin.hao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Kevin Hao <kexin.hao@windriver.com> 2024-02-22 09:21:54 +0800
committer: Armin Kuster <akuster808@gmail.com> 2024-03-27 12:36:58 -0400
commit: d80cd2ba6a3ef850cef12578671a5b17d86d3e7c (patch)
tree: 8c2581fa23799f15d841b2c9337bd5d628c01315
parent: 7b951e3900943b5f4a05a0c06cdff6bd29b4fa00 (diff)
download: meta-security-d80cd2ba6a3ef850cef12578671a5b17d86d3e7c.tar.gz
1 files changed, 19 insertions, 5 deletions
diff --git a/classes/dm-verity-img.bbclass b/classes/dm-verity-img.bbclass
index 62c3069..7f79548 100644
--- a/classes/dm-verity-img.bbclass
+++ b/classes/dm-verity-img.bbclass
@@ -177,6 +177,24 @@ CONVERSION_CMD:verity = "verity_setup ${type}"
 CONVERSION_DEPENDS_verity = "cryptsetup-native"
 IMAGE_CMD:vhash = "verity_hash"
+def get_verity_fstypes(d):
+    verity_image = d.getVar('DM_VERITY_IMAGE')
+    verity_type = d.getVar('DM_VERITY_IMAGE_TYPE')
+    verity_hash = d.getVar('DM_VERITY_SEPARATE_HASH')
+    pn = d.getVar('PN')
+    fstypes = ""
+    if not pn.endswith(verity_image):
+        return fstypes # This doesn't concern this image
+    fstypes = verity_type + ".verity"
+    if verity_hash == "1":
+        fstypes += " vhash"
+    return fstypes
+IMAGE_FSTYPES += "${@get_verity_fstypes(d)}"
 python __anonymous() {
    verity_image = d.getVar('DM_VERITY_IMAGE')
    verity_type = d.getVar('DM_VERITY_IMAGE_TYPE')
@@ -188,16 +206,12 @@ python __anonymous() {
        bb.warn('dm-verity-img class inherited but not used')
        return
-    if verity_image != pn:
+    if not pn.endswith(verity_image):
        return # This doesn't concern this image
    if len(verity_type.split()) != 1:
        bb.fatal('DM_VERITY_IMAGE_TYPE must contain exactly one type')
-    d.appendVar('IMAGE_FSTYPES', ' %s.verity' % verity_type)
-    if verity_hash == "1":
-        d.appendVar('IMAGE_FSTYPES', ' vhash')
    # If we're using wic: we'll have to use partition images and not the rootfs
    # source plugin so add the appropriate dependency.
    if 'wic' in image_fstypes:
author	Kevin Hao <kexin.hao@windriver.com>	2024-02-22 09:21:54 +0800
committer	Armin Kuster <akuster808@gmail.com>	2024-03-27 12:36:58 -0400
commit	d80cd2ba6a3ef850cef12578671a5b17d86d3e7c (patch)
tree	8c2581fa23799f15d841b2c9337bd5d628c01315
parent	7b951e3900943b5f4a05a0c06cdff6bd29b4fa00 (diff)
download	meta-security-d80cd2ba6a3ef850cef12578671a5b17d86d3e7c.tar.gz