[PATCH v2 0/3] start-qemu.sh: Add some ease of use functionality

[PATCH v2 0/3] start-qemu.sh: Add some ease of use functionality

[Q. Gylstorff]

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

Fix booting of secure-boot image
Parse .config.yaml for ease of use and reduced commandline clutter

Changes V2:
 - Add Sentence to README
 - Add default cip-core-image-security

Quirin Gylstorff (3):
  start-qemu.sh: set bootindex for SECURE_BOOT
  start-qemu.sh: parse .config.yaml for ease of use
  start-qemu.sh: Simplify qemu call

 README.md     |  6 ++++--
 start-qemu.sh | 36 +++++++++++++++++++++++++++---------
 2 files changed, 31 insertions(+), 11 deletions(-)

-- 
2.30.2

[PATCH v2 1/3] start-qemu.sh: set bootindex for SECURE_BOOT

[Q. Gylstorff]

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

Set the bootindex to avoid booting into the default uefi shell.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
 start-qemu.sh | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/start-qemu.sh b/start-qemu.sh
index 3f62257..2c0a751 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -39,8 +39,14 @@ case "$1" in
 			-cpu qemu64 \
 			-smp 4 \
 			-machine q35,accel=kvm:tcg \
-			-device ide-hd,drive=disk \
 			-device virtio-net-pci,netdev=net"
+		if [ -n "${SECURE_BOOT}" ]; then
+			QEMU_EXTRA_ARGS=" \
+			${QEMU_EXTRA_ARGS} -device ide-hd,drive=disk,bootindex=0"
+		else
+			QEMU_EXTRA_ARGS=" \
+			${QEMU_EXTRA_ARGS} -device ide-hd,drive=disk"
+		fi
 		KERNEL_CMDLINE=" \
 			root=/dev/sda"
 		;;
-- 
2.30.2

[PATCH v2 2/3] start-qemu.sh: parse .config.yaml for ease of use

[Q. Gylstorff]

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

Suggested-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
 README.md     |  6 ++++--
 start-qemu.sh | 16 +++++++++++++++-
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 53ef679..bd707a4 100644
--- a/README.md
+++ b/README.md
@@ -38,8 +38,10 @@ Run, e.g.,
 
     ./start-qemu.sh x86
 
-when having built a QEMU AMD64 image. A security image for QEMU can be started
-like this:
+when having built a QEMU AMD64 image. Using the image configuration menu will
+initialize variables used by start-qemu.sh with fitting defaults.
+
+A security image for QEMU can be started like this:
 
     TARGET_IMAGE=cip-core-image-security ./start-qemu.sh x86
 
diff --git a/start-qemu.sh b/start-qemu.sh
index 2c0a751..94c3611 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -20,15 +20,29 @@ usage()
 	exit 1
 }
 
+if grep -s -q "IMAGE_SECURE_BOOT: true" .config.yaml; then
+	SECURE_BOOT="true"
+fi
+
 if [ -n "${QEMU_PATH}" ]; then
 	QEMU_PATH="${QEMU_PATH}/"
 fi
 
 if [ -z "${DISTRO_RELEASE}" ]; then
-  DISTRO_RELEASE="buster"
+	if grep -s -q "DEBIAN_BULLSEYE: true" .config.yaml; then
+		DISTRO_RELEASE="bullseye"
+	elif grep -s -q "DEBIAN_STRETCH: true" .config.yaml; then
+		DISTRO_RELEASE="stretch"
+	else
+		DISTRO_RELEASE="buster"
+	fi
 fi
+
 if [ -z "${TARGET_IMAGE}" ];then
 	TARGET_IMAGE="cip-core-image"
+	if grep -s -q "IMAGE_SECURITY: true" .config.yaml; then
+		TARGET_IMAGE="cip-core-image-security"
+	fi
 fi
 
 case "$1" in
-- 
2.30.2

[PATCH v2 3/3] start-qemu.sh: Simplify qemu call

[Q. Gylstorff]

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

Move qemu call out of if clause to avoid code duplications and
use the same behavior for secure boot and non secure boot images.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
 start-qemu.sh | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/start-qemu.sh b/start-qemu.sh
index 94c3611..a92e9f4 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -123,18 +123,16 @@ if [ -n "${SECURE_BOOT}" ]; then
 		BOOT_FILES="-drive if=pflash,format=raw,unit=0,readonly=on,file=${ovmf_code} \
 			-drive if=pflash,format=raw,file=${ovmf_vars} \
 			-drive file=${IMAGE_PREFIX}.wic.img,discard=unmap,if=none,id=disk,format=raw"
-		${QEMU_PATH}${QEMU} \
-			-m 1G -serial mon:stdio -netdev user,id=net \
-			${BOOT_FILES} ${QEMU_EXTRA_ARGS} "$@"
 else
 		IMAGE_FILE=$(ls ${IMAGE_PREFIX}.ext4.img)
 
 		KERNEL_FILE=$(ls ${IMAGE_PREFIX}-vmlinu* | tail -1)
 		INITRD_FILE=$(ls ${IMAGE_PREFIX}-initrd.img* | tail -1)
 
-		${QEMU_PATH}${QEMU} \
-			-m 1G -serial mon:stdio -netdev user,id=net \
-			-drive file=${IMAGE_FILE},discard=unmap,if=none,id=disk,format=raw \
+		BOOT_FILES="-drive file=${IMAGE_FILE},discard=unmap,if=none,id=disk,format=raw \
 			-kernel ${KERNEL_FILE} -append "${KERNEL_CMDLINE}" \
-			-initrd ${INITRD_FILE} ${QEMU_EXTRA_ARGS} "$@"
+			-initrd ${INITRD_FILE}"
 fi
+${QEMU_PATH}${QEMU} \
+			-m 1G -serial mon:stdio -netdev user,id=net \
+			${BOOT_FILES} ${QEMU_EXTRA_ARGS} "$@"
-- 
2.30.2

Re: [cip-dev] [PATCH v2 0/3] start-qemu.sh: Add some ease of use functionality

[Gylstorff Quirin]

Hi Jan,

please Ignore v2. I sent the changes in a extra patchset.

Quirin

On 11/24/21 3:31 PM, Quirin Gylstorff via lists.cip-project.org wrote:
> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> 
> Fix booting of secure-boot image
> Parse .config.yaml for ease of use and reduced commandline clutter
> 
> Changes V2:
>   - Add Sentence to README
>   - Add default cip-core-image-security
> 
> Quirin Gylstorff (3):
>    start-qemu.sh: set bootindex for SECURE_BOOT
>    start-qemu.sh: parse .config.yaml for ease of use
>    start-qemu.sh: Simplify qemu call
> 
>   README.md     |  6 ++++--
>   start-qemu.sh | 36 +++++++++++++++++++++++++++---------
>   2 files changed, 31 insertions(+), 11 deletions(-)
> 
> 
> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#7000): https://lists.cip-project.org/g/cip-dev/message/7000
> Mute This Topic: https://lists.cip-project.org/mt/87281974/1753640
> Group Owner: cip-dev+owner@lists.cip-project.org
> Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129121/1753640/1405269326/xyzzy [quirin.gylstorff@siemens.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>