diff options
Diffstat (limited to 'meta-netboot')
| -rw-r--r-- | meta-netboot/README | 15 | ||||
| -rw-r--r-- | meta-netboot/conf/include/agl-netboot.inc | 5 | ||||
| -rw-r--r-- | meta-netboot/conf/layer.conf | 2 | ||||
| -rw-r--r-- | meta-netboot/recipes-core/initramfs-netboot/files/init.sh | 31 | ||||
| -rw-r--r-- | meta-netboot/recipes-core/initramfs-netboot/initramfs-netboot_1.0.bb | 10 | ||||
| -rw-r--r-- | meta-netboot/recipes-core/systemd/files/resolv-conf-relabel.service | 14 | ||||
| -rw-r--r-- | meta-netboot/recipes-core/systemd/resolv-conf-relabel.bb | 21 | ||||
| -rwxr-xr-x | meta-netboot/scripts/run-yocto-check-layer-flags-enabled.sh | 46 | ||||
| -rwxr-xr-x | meta-netboot/scripts/run-yocto-check-layer.sh | 26 |
9 files changed, 89 insertions, 81 deletions
diff --git a/meta-netboot/README b/meta-netboot/README index 7efa22650..a30238b9d 100644 --- a/meta-netboot/README +++ b/meta-netboot/README @@ -3,6 +3,19 @@ meta-netboot This layer contains some recipes and configuration adjustments to allow network boot through NBD (network block device). +Maintenance +----------- + +All patches must be submitted via the AGL Gerrit instance at +https://gerrit.automotivelinux.org. See this wiki page for +details: + +https://wiki.automotivelinux.org/agl-distro/contributing + +Layer maintainers: + Jan-Simon Möller <jsmoeller@linuxfoundation.org> + + Content and usage ----------------- @@ -59,7 +72,7 @@ setenv bootargs_root 'root=/dev/ram0 ramdisk_size=16384 ip=dhcp' setenv bootargs_video 'vmalloc=384M video=HDMI-A-1:1920x1080-32@60' setenv serverip '<your_serverip>' setenv 'bootdaddr' '0x48000000' -setenv 'bootdfile' 'Image-r8a7795-h3ulcb.dtb' +setenv 'bootdfile' 'Image-r8a77951-ulcb.dtb' setenv 'bootdload_net' 'tftp ${bootdaddr} h3ulcb/${bootdfile}' setenv 'bootkaddr' '0x48080000' setenv 'bootkfile' 'Image' diff --git a/meta-netboot/conf/include/agl-netboot.inc b/meta-netboot/conf/include/agl-netboot.inc index 555629537..2c1307e81 100644 --- a/meta-netboot/conf/include/agl-netboot.inc +++ b/meta-netboot/conf/include/agl-netboot.inc @@ -1,3 +1,6 @@ INHERIT += "netboot" -IMAGE_INSTALL:append:netboot = " curl" +IMAGE_INSTALL:append:netboot = " \ + curl \ + ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'resolv-conf-relabel policycoreutils-loadpolicy', '', d)} \ +" diff --git a/meta-netboot/conf/layer.conf b/meta-netboot/conf/layer.conf index 2af752805..a41406cbb 100644 --- a/meta-netboot/conf/layer.conf +++ b/meta-netboot/conf/layer.conf @@ -9,5 +9,5 @@ BBFILE_COLLECTIONS += "meta-netboot" BBFILE_PATTERN_meta-netboot = "^${LAYERDIR}/" BBFILE_PRIORITY_meta-netboot = "60" -LAYERSERIES_COMPAT_meta-netboot = "dunfell" +LAYERSERIES_COMPAT_meta-netboot = "scarthgap" LAYERDEPENDS_meta-netboot = "core networking-layer" diff --git a/meta-netboot/recipes-core/initramfs-netboot/files/init.sh b/meta-netboot/recipes-core/initramfs-netboot/files/init.sh index 2b8bc63d0..87a1acb80 100644 --- a/meta-netboot/recipes-core/initramfs-netboot/files/init.sh +++ b/meta-netboot/recipes-core/initramfs-netboot/files/init.sh @@ -21,7 +21,6 @@ EOF # global variables -SMACK=n NBD_SERVER= NBD_PORT=10809 NBD_DEV=/dev/nbd0 @@ -109,17 +108,6 @@ check_debug "Debug point 1. Exit to continue initrd script (mount NBD device)." log_info "NBD parameters: device $NBD_DEV, server $NBD_SERVER:$NBD_PORT" -# check if smack is active (and if so, mount smackfs) -grep -q smackfs /proc/filesystems && { - SMACK=y - - do_mount_fs smackfs /sys/fs/smackfs - - # adjust current label and network label - echo System >/proc/self/attr/current - echo System >/sys/fs/smackfs/ambient -} - # start nbd client try=5 while :;do @@ -165,9 +153,24 @@ fi # also use /proc/net/pnp to generate /etc/resolv.conf rm -f /etc/resolv.conf grep -v bootserver /proc/net/pnp | sed 's/^domain/search/g' >/etc/resolv.conf -chsmack -A /etc/resolv.conf -# unmount tmp and run to let systemd remount them with correct smack labels (SPEC-2596) +# Do SELinux relabeling if required, to avoid a reboot that would complicate CI +if [ -f /.autorelabel ]; then + # Nothing SELinux related works w/o the fs mounted + do_mount_fs selinuxfs /sys/fs/selinux + + # Labeling requires the policy to be loaded + log_info "Loading SELinux policy" + /usr/sbin/load_policy + + /usr/bin/selinux-autorelabel.sh + + # Will get remounted by systemd startup, unmount to keep that behavior + # more like the non-netboot case. + umount /sys/fs/selinux +fi + +# unmount tmp and run to let systemd remount them log_info "Unmounting /tmp and /run" umount /tmp umount /run diff --git a/meta-netboot/recipes-core/initramfs-netboot/initramfs-netboot_1.0.bb b/meta-netboot/recipes-core/initramfs-netboot/initramfs-netboot_1.0.bb index 264b21492..dd61a1ea8 100644 --- a/meta-netboot/recipes-core/initramfs-netboot/initramfs-netboot_1.0.bb +++ b/meta-netboot/recipes-core/initramfs-netboot/initramfs-netboot_1.0.bb @@ -8,14 +8,14 @@ S = "${WORKDIR}" RDEPENDS:${PN} += "nbd-client" do_install() { - install -dm 0755 ${D}/etc - touch ${D}/etc/initrd-release + install -dm 0755 ${D}${sysconfdir} + touch ${D}${sysconfdir}/initrd-release install -dm 0755 ${D}/dev - install -dm 0755 ${D}/sbin - install -m 0755 ${WORKDIR}/init.sh ${D}/sbin/init + install -dm 0755 ${D}${sbindir} + install -m 0755 ${WORKDIR}/init.sh ${D}${sbindir}/init } inherit allarch -FILES:${PN} += " /dev /etc/initrd-release /sbin/init " +FILES:${PN} += " /dev ${sysconfdir}/initrd-release ${sbindir}/init " diff --git a/meta-netboot/recipes-core/systemd/files/resolv-conf-relabel.service b/meta-netboot/recipes-core/systemd/files/resolv-conf-relabel.service new file mode 100644 index 000000000..5d9216cc2 --- /dev/null +++ b/meta-netboot/recipes-core/systemd/files/resolv-conf-relabel.service @@ -0,0 +1,14 @@ +[Unit] +Description=SELinux resolv.conf relabeling +DefaultDependencies=no +ConditionKernelCommandLine=ip +ConditionKernelCommandLine=nbd.server +After=local-fs.target +Before=sysinit.target + +[Service] +Type=oneshot +ExecStart=/usr/sbin/restorecon -Fi /etc/resolv.conf + +[Install] +WantedBy=sysinit.target diff --git a/meta-netboot/recipes-core/systemd/resolv-conf-relabel.bb b/meta-netboot/recipes-core/systemd/resolv-conf-relabel.bb new file mode 100644 index 000000000..36d096b44 --- /dev/null +++ b/meta-netboot/recipes-core/systemd/resolv-conf-relabel.bb @@ -0,0 +1,21 @@ +SUMMARY = "System unit to relabel resolve.conf" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +SRC_URI = "file://resolv-conf-relabel.service" + +inherit systemd allarch features_check + +SYSTEMD_SERVICE:${PN} = "${BPN}.service" + +REQUIRED_DISTRO_FEATURES = "systemd" + +do_configure[noexec] = "1" +do_compile[noexec] = "1" + +do_install() { + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/resolv-conf-relabel.service ${D}${systemd_system_unitdir}/ +} + +FILES:${PN} += "${systemd_system_unitdir}" diff --git a/meta-netboot/scripts/run-yocto-check-layer-flags-enabled.sh b/meta-netboot/scripts/run-yocto-check-layer-flags-enabled.sh deleted file mode 100755 index cf7a75a30..000000000 --- a/meta-netboot/scripts/run-yocto-check-layer-flags-enabled.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -#set -x - -SCRIPTPATH="$( cd $(dirname $0) >/dev/null 2>&1 ; pwd -P )" -echo $SCRIPTPATH -AGLROOT="$SCRIPTPATH/../../.." -POKYDIR="$AGLROOT/external/poky" -TMPROOT=`mktemp -d` - -rm -rf ${TMPROOT}/testbuild-ycl || true -mkdir -p ${TMPROOT}/testbuild-ycl -cd ${TMPROOT}/testbuild-ycl - -source $POKYDIR/oe-init-build-env . - -cat << EOF >> conf/local.conf -# just define defaults -AGL_FEATURES ?= "" -AGL_EXTRA_IMAGE_FSTYPES ?= "" - -# important settings imported from poky-agl.conf -# we do not import -DISTRO_FEATURES:append = " systemd smack" -DISTRO_FEATURES_BACKFILL_CONSIDERED:append = " sysvinit" -VIRTUAL-RUNTIME_init_manager = "systemd" - -# workaround -# ERROR: Nothing PROVIDES 'smack' (but meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2020.3.bb DEPENDS on or otherwise requires it) -BBMASK += "meta-oe/recipes-extended/ostree/ostree_2020.3.bb" - -NETBOOT_ENABLED = "1" -NETBOOT_FSTYPES ??= "ext4.gz" - -EOF - - -yocto-check-layer \ - --dependency \ - $AGLROOT/external/meta-openembedded/meta-oe \ - $AGLROOT/external/meta-openembedded/meta-python \ - $AGLROOT/external/meta-openembedded/meta-networking \ - -- \ - $AGLROOT/meta-agl/meta-netboot/ - - -[ $? = 0 ] && rm -rf ${TMPROOT}/testbuild-ycl diff --git a/meta-netboot/scripts/run-yocto-check-layer.sh b/meta-netboot/scripts/run-yocto-check-layer.sh index 09e655afb..979c76838 100755 --- a/meta-netboot/scripts/run-yocto-check-layer.sh +++ b/meta-netboot/scripts/run-yocto-check-layer.sh @@ -19,26 +19,26 @@ AGL_FEATURES ?= "" AGL_EXTRA_IMAGE_FSTYPES ?= "" # important settings imported from poky-agl.conf -# we do not import -DISTRO_FEATURES:append = " systemd smack" +# we cannot import the distro config right away +# as the initial values are poky only till the layer +# is added in + +AGL_DEFAULT_DISTRO_FEATURES = "usrmerge largefile opengl wayland pam bluetooth bluez5 3g polkit" +DISTRO_FEATURES:append = " systemd wayland pam \${AGL_DEFAULT_DISTRO_FEATURES}" DISTRO_FEATURES_BACKFILL_CONSIDERED:append = " sysvinit" VIRTUAL-RUNTIME_init_manager = "systemd" -# workaround -# ERROR: Nothing PROVIDES 'smack' (but meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2020.3.bb DEPENDS on or otherwise requires it) -BBMASK += "meta-oe/recipes-extended/ostree/ostree_2020.3.bb" - - EOF - -yocto-check-layer \ +yocto-check-layer --no-auto-dependency \ --dependency \ - $AGLROOT/external/meta-openembedded/meta-oe \ - $AGLROOT/external/meta-openembedded/meta-python \ - $AGLROOT/external/meta-openembedded/meta-networking \ + $AGLROOT/external/meta-openembedded/meta-oe \ + $AGLROOT/external/meta-openembedded/meta-python \ + $AGLROOT/external/meta-openembedded/meta-networking \ -- \ - $AGLROOT/meta-agl/meta-netboot/ + $AGLROOT/meta-agl/meta-netboot [ $? = 0 ] && rm -rf ${TMPROOT}/testbuild-ycl + +exit 0 |