* [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality
@ 2021-11-24 11:12 Q. Gylstorff
2021-11-24 11:12 ` [cip-dev][isar-cip-core][PATCH 1/3] start-qemu.sh: set bootindex for SECURE_BOOT Q. Gylstorff
` (3 more replies)
0 siblings, 4 replies; 9+ messages in thread
From: Q. Gylstorff @ 2021-11-24 11:12 UTC (permalink / raw)
To: jan.kiszka, cip-dev
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
Fix booting of secure-boot image
Parse .config.yaml for ease of use and reduced commandline clutter
Quirin Gylstorff (3):
start-qemu.sh: set bootindex for SECURE_BOOT
start-qemu.sh: parse .config.yaml for ease of use
start-qemu.sh: Simplify qemu call
start-qemu.sh | 33 ++++++++++++++++++++++++---------
1 file changed, 24 insertions(+), 9 deletions(-)
--
2.30.2
^ permalink raw reply [flat|nested] 9+ messages in thread
* [cip-dev][isar-cip-core][PATCH 1/3] start-qemu.sh: set bootindex for SECURE_BOOT
2021-11-24 11:12 [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality Q. Gylstorff
@ 2021-11-24 11:12 ` Q. Gylstorff
2021-11-24 11:12 ` [cip-dev][isar-cip-core][PATCH 2/3] start-qemu.sh: parse .config.yaml for ease of use Q. Gylstorff
` (2 subsequent siblings)
3 siblings, 0 replies; 9+ messages in thread
From: Q. Gylstorff @ 2021-11-24 11:12 UTC (permalink / raw)
To: jan.kiszka, cip-dev
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
Set the bootindex to avoid booting into the default uefi shell.
An if-clause is used to avoid the following error message for non-secure-boot images:
```
qemu-system-x86_64: -device ide-hd,drive=disk,bootindex=0: The bootindex 0 has already been used
```
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
start-qemu.sh | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/start-qemu.sh b/start-qemu.sh
index 3f62257..2c0a751 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -39,8 +39,14 @@ case "$1" in
-cpu qemu64 \
-smp 4 \
-machine q35,accel=kvm:tcg \
- -device ide-hd,drive=disk \
-device virtio-net-pci,netdev=net"
+ if [ -n "${SECURE_BOOT}" ]; then
+ QEMU_EXTRA_ARGS=" \
+ ${QEMU_EXTRA_ARGS} -device ide-hd,drive=disk,bootindex=0"
+ else
+ QEMU_EXTRA_ARGS=" \
+ ${QEMU_EXTRA_ARGS} -device ide-hd,drive=disk"
+ fi
KERNEL_CMDLINE=" \
root=/dev/sda"
;;
--
2.30.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [cip-dev][isar-cip-core][PATCH 2/3] start-qemu.sh: parse .config.yaml for ease of use
2021-11-24 11:12 [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality Q. Gylstorff
2021-11-24 11:12 ` [cip-dev][isar-cip-core][PATCH 1/3] start-qemu.sh: set bootindex for SECURE_BOOT Q. Gylstorff
@ 2021-11-24 11:12 ` Q. Gylstorff
2021-11-24 11:12 ` [cip-dev][isar-cip-core][PATCH 3/3] start-qemu.sh: Simplify qemu call Q. Gylstorff
2021-11-24 11:44 ` [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality Jan Kiszka
3 siblings, 0 replies; 9+ messages in thread
From: Q. Gylstorff @ 2021-11-24 11:12 UTC (permalink / raw)
To: jan.kiszka, cip-dev
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
Suggested-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
start-qemu.sh | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/start-qemu.sh b/start-qemu.sh
index 2c0a751..21b303a 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -20,13 +20,24 @@ usage()
exit 1
}
+if grep -s -q "IMAGE_SECURE_BOOT: true" .config.yaml; then
+ SECURE_BOOT="true"
+fi
+
if [ -n "${QEMU_PATH}" ]; then
QEMU_PATH="${QEMU_PATH}/"
fi
if [ -z "${DISTRO_RELEASE}" ]; then
- DISTRO_RELEASE="buster"
+ if grep -s -q "DEBIAN_BULLSEYE: true" .config.yaml; then
+ DISTRO_RELEASE="bullseye"
+ elif grep -s -q "DEBIAN_STRETCH: true" .config.yaml; then
+ DISTRO_RELEASE="stretch"
+ else
+ DISTRO_RELEASE="buster"
+ fi
fi
+
if [ -z "${TARGET_IMAGE}" ];then
TARGET_IMAGE="cip-core-image"
fi
--
2.30.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [cip-dev][isar-cip-core][PATCH 3/3] start-qemu.sh: Simplify qemu call
2021-11-24 11:12 [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality Q. Gylstorff
2021-11-24 11:12 ` [cip-dev][isar-cip-core][PATCH 1/3] start-qemu.sh: set bootindex for SECURE_BOOT Q. Gylstorff
2021-11-24 11:12 ` [cip-dev][isar-cip-core][PATCH 2/3] start-qemu.sh: parse .config.yaml for ease of use Q. Gylstorff
@ 2021-11-24 11:12 ` Q. Gylstorff
2021-11-24 11:44 ` [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality Jan Kiszka
3 siblings, 0 replies; 9+ messages in thread
From: Q. Gylstorff @ 2021-11-24 11:12 UTC (permalink / raw)
To: jan.kiszka, cip-dev
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
Move qemu call out of if clause to avoid code duplications and
use the same behavior for secure boot and non secure boot images.
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
start-qemu.sh | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/start-qemu.sh b/start-qemu.sh
index 21b303a..4817790 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -120,18 +120,16 @@ if [ -n "${SECURE_BOOT}" ]; then
BOOT_FILES="-drive if=pflash,format=raw,unit=0,readonly=on,file=${ovmf_code} \
-drive if=pflash,format=raw,file=${ovmf_vars} \
-drive file=${IMAGE_PREFIX}.wic.img,discard=unmap,if=none,id=disk,format=raw"
- ${QEMU_PATH}${QEMU} \
- -m 1G -serial mon:stdio -netdev user,id=net \
- ${BOOT_FILES} ${QEMU_EXTRA_ARGS} "$@"
else
IMAGE_FILE=$(ls ${IMAGE_PREFIX}.ext4.img)
KERNEL_FILE=$(ls ${IMAGE_PREFIX}-vmlinu* | tail -1)
INITRD_FILE=$(ls ${IMAGE_PREFIX}-initrd.img* | tail -1)
- ${QEMU_PATH}${QEMU} \
- -m 1G -serial mon:stdio -netdev user,id=net \
- -drive file=${IMAGE_FILE},discard=unmap,if=none,id=disk,format=raw \
+ BOOT_FILES="-drive file=${IMAGE_FILE},discard=unmap,if=none,id=disk,format=raw \
-kernel ${KERNEL_FILE} -append "${KERNEL_CMDLINE}" \
- -initrd ${INITRD_FILE} ${QEMU_EXTRA_ARGS} "$@"
+ -initrd ${INITRD_FILE}"
fi
+${QEMU_PATH}${QEMU} \
+ -m 1G -serial mon:stdio -netdev user,id=net \
+ ${BOOT_FILES} ${QEMU_EXTRA_ARGS} "$@"
--
2.30.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality
2021-11-24 11:12 [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality Q. Gylstorff
` (2 preceding siblings ...)
2021-11-24 11:12 ` [cip-dev][isar-cip-core][PATCH 3/3] start-qemu.sh: Simplify qemu call Q. Gylstorff
@ 2021-11-24 11:44 ` Jan Kiszka
2021-11-24 11:45 ` Jan Kiszka
3 siblings, 1 reply; 9+ messages in thread
From: Jan Kiszka @ 2021-11-24 11:44 UTC (permalink / raw)
To: Q. Gylstorff, cip-dev
On 24.11.21 12:12, Q. Gylstorff wrote:
> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
>
> Fix booting of secure-boot image
> Parse .config.yaml for ease of use and reduced commandline clutter
>
> Quirin Gylstorff (3):
> start-qemu.sh: set bootindex for SECURE_BOOT
> start-qemu.sh: parse .config.yaml for ease of use
> start-qemu.sh: Simplify qemu call
>
> start-qemu.sh | 33 ++++++++++++++++++++++++---------
> 1 file changed, 24 insertions(+), 9 deletions(-)
>
Definitely an improvement! But the fact that secure boot comes with a
different target image is not reflected yet.
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality
2021-11-24 11:44 ` [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality Jan Kiszka
@ 2021-11-24 11:45 ` Jan Kiszka
2021-11-24 12:07 ` Gylstorff Quirin
0 siblings, 1 reply; 9+ messages in thread
From: Jan Kiszka @ 2021-11-24 11:45 UTC (permalink / raw)
To: Q. Gylstorff, cip-dev
On 24.11.21 12:44, Jan Kiszka wrote:
> On 24.11.21 12:12, Q. Gylstorff wrote:
>> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
>>
>> Fix booting of secure-boot image
>> Parse .config.yaml for ease of use and reduced commandline clutter
>>
>> Quirin Gylstorff (3):
>> start-qemu.sh: set bootindex for SECURE_BOOT
>> start-qemu.sh: parse .config.yaml for ease of use
>> start-qemu.sh: Simplify qemu call
>>
>> start-qemu.sh | 33 ++++++++++++++++++++++++---------
>> 1 file changed, 24 insertions(+), 9 deletions(-)
>>
>
> Definitely an improvement! But the fact that secure boot comes with a
> different target image is not reflected yet.
>
...or is that only the case with your dm-verity series? Let me check.
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality
2021-11-24 11:45 ` Jan Kiszka
@ 2021-11-24 12:07 ` Gylstorff Quirin
2021-11-24 12:38 ` Jan Kiszka
0 siblings, 1 reply; 9+ messages in thread
From: Gylstorff Quirin @ 2021-11-24 12:07 UTC (permalink / raw)
To: Jan Kiszka, cip-dev
On 11/24/21 12:45 PM, Jan Kiszka wrote:
> On 24.11.21 12:44, Jan Kiszka wrote:
>> On 24.11.21 12:12, Q. Gylstorff wrote:
>>> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
>>>
>>> Fix booting of secure-boot image
>>> Parse .config.yaml for ease of use and reduced commandline clutter
>>>
>>> Quirin Gylstorff (3):
>>> start-qemu.sh: set bootindex for SECURE_BOOT
>>> start-qemu.sh: parse .config.yaml for ease of use
>>> start-qemu.sh: Simplify qemu call
>>>
>>> start-qemu.sh | 33 ++++++++++++++++++++++++---------
>>> 1 file changed, 24 insertions(+), 9 deletions(-)
>>>
>>
>> Definitely an improvement! But the fact that secure boot comes with a
>> different target image is not reflected yet.
>>
>
> ...or is that only the case with your dm-verity series? Let me check.
>
> Jan
>
Only dm-verity introduces the new target.
Quirin
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality
2021-11-24 12:07 ` Gylstorff Quirin
@ 2021-11-24 12:38 ` Jan Kiszka
2021-11-24 14:25 ` Gylstorff Quirin
0 siblings, 1 reply; 9+ messages in thread
From: Jan Kiszka @ 2021-11-24 12:38 UTC (permalink / raw)
To: Gylstorff Quirin, cip-dev
On 24.11.21 13:07, Gylstorff Quirin wrote:
>
>
> On 11/24/21 12:45 PM, Jan Kiszka wrote:
>> On 24.11.21 12:44, Jan Kiszka wrote:
>>> On 24.11.21 12:12, Q. Gylstorff wrote:
>>>> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
>>>>
>>>> Fix booting of secure-boot image
>>>> Parse .config.yaml for ease of use and reduced commandline clutter
>>>>
>>>> Quirin Gylstorff (3):
>>>> start-qemu.sh: set bootindex for SECURE_BOOT
>>>> start-qemu.sh: parse .config.yaml for ease of use
>>>> start-qemu.sh: Simplify qemu call
>>>>
>>>> start-qemu.sh | 33 ++++++++++++++++++++++++---------
>>>> 1 file changed, 24 insertions(+), 9 deletions(-)
>>>>
>>>
>>> Definitely an improvement! But the fact that secure boot comes with a
>>> different target image is not reflected yet.
>>>
>>
>> ...or is that only the case with your dm-verity series? Let me check.
>>
>> Jan
>>
>
> Only dm-verity introduces the new target.
>
Yep, confirmed.
Will take all three if you could also update the documentation (on-top),
stating that building via "menu" will initialize the start-qemu vars
with fitting defaults.
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality
2021-11-24 12:38 ` Jan Kiszka
@ 2021-11-24 14:25 ` Gylstorff Quirin
0 siblings, 0 replies; 9+ messages in thread
From: Gylstorff Quirin @ 2021-11-24 14:25 UTC (permalink / raw)
To: Jan Kiszka, cip-dev
On 11/24/21 1:38 PM, Jan Kiszka wrote:
> On 24.11.21 13:07, Gylstorff Quirin wrote:
>>
>>
>> On 11/24/21 12:45 PM, Jan Kiszka wrote:
>>> On 24.11.21 12:44, Jan Kiszka wrote:
>>>> On 24.11.21 12:12, Q. Gylstorff wrote:
>>>>> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
>>>>>
>>>>> Fix booting of secure-boot image
>>>>> Parse .config.yaml for ease of use and reduced commandline clutter
>>>>>
>>>>> Quirin Gylstorff (3):
>>>>> start-qemu.sh: set bootindex for SECURE_BOOT
>>>>> start-qemu.sh: parse .config.yaml for ease of use
>>>>> start-qemu.sh: Simplify qemu call
>>>>>
>>>>> start-qemu.sh | 33 ++++++++++++++++++++++++---------
>>>>> 1 file changed, 24 insertions(+), 9 deletions(-)
>>>>>
>>>>
>>>> Definitely an improvement! But the fact that secure boot comes with a
>>>> different target image is not reflected yet.
>>>>
>>>
>>> ...or is that only the case with your dm-verity series? Let me check.
>>>
>>> Jan
>>>
>>
>> Only dm-verity introduces the new target.
>>
>
> Yep, confirmed.
>
> Will take all three if you could also update the documentation (on-top),
> stating that building via "menu" will initialize the start-qemu vars
> with fitting defaults.
>
> Jan
>
I will send a v2. Did miss cip-core-image-security.
Quirin
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2021-11-24 14:25 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-11-24 11:12 [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality Q. Gylstorff
2021-11-24 11:12 ` [cip-dev][isar-cip-core][PATCH 1/3] start-qemu.sh: set bootindex for SECURE_BOOT Q. Gylstorff
2021-11-24 11:12 ` [cip-dev][isar-cip-core][PATCH 2/3] start-qemu.sh: parse .config.yaml for ease of use Q. Gylstorff
2021-11-24 11:12 ` [cip-dev][isar-cip-core][PATCH 3/3] start-qemu.sh: Simplify qemu call Q. Gylstorff
2021-11-24 11:44 ` [cip-dev][isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality Jan Kiszka
2021-11-24 11:45 ` Jan Kiszka
2021-11-24 12:07 ` Gylstorff Quirin
2021-11-24 12:38 ` Jan Kiszka
2021-11-24 14:25 ` Gylstorff Quirin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.