Changes in v4: - renamed to "unified kernel image", also at filename level - added error clean-up to kernel-stub (warning: untested, as usual) - some style changes - main function for bg_gen_unified_kernel - remove some dead code from bg_gen_unified_kernel
Changes in v3: - address/suppress cppcheck findings - add required build dependency on version.h - address pycodestyle findings - add documentation Changes in v2: - fix script for more picky UEFI firmware than U-Boot (now tested also against OVMF on x86) - move/rename script to tools/bg_gen_unified_linux and install it - build fixes under Debian 10 - avoid dtb-related output of stub under x86 Add a stub and generator script to build inified Linux images that contain kernel, command line, initrd and device trees into a single UEFI executable. This is an important building block for secure boot under UEFI. In contrast to the existing solution by systemd, this one comes with support for multiple device trees that permits running the same image on similar but not identical hardware platforms. Although the trend goes towards firmware provided device tree, replacements in lock-step with kernel updates will remains important in the foreseeable future, and this stub accounts for it. Furthermore, this approach here has a more user-friendly python-based generator script which does not depend on too-new binutils or LLVM versions and allows to simplify the Linux stub by arranging data in the required way already during generation. These patches have been moderately tested only, primarily on ARM64. The next planned step is a test integration with isar-cip-core. Still, reviews would already be welcome. Jan Jan Kiszka (3): Add stub for unified kernel images tools: Add generator for unified kernel images docs: Add description for unified kernel images .github/workflows/main.yaml | 5 + Makefile.am | 36 ++++- README.md | 5 + docs/UNIFIED-KERNEL.md | 38 +++++ kernel-stub/fdt.c | 190 ++++++++++++++++++++++++ kernel-stub/initrd.c | 121 +++++++++++++++ kernel-stub/kernel-stub.h | 24 +++ kernel-stub/main.c | 189 ++++++++++++++++++++++++ tools/bg_gen_unified_kernel | 284 ++++++++++++++++++++++++++++++++++++ 9 files changed, 889 insertions(+), 3 deletions(-) create mode 100644 docs/UNIFIED-KERNEL.md create mode 100644 kernel-stub/fdt.c create mode 100644 kernel-stub/initrd.c create mode 100644 kernel-stub/kernel-stub.h create mode 100644 kernel-stub/main.c create mode 100755 tools/bg_gen_unified_kernel -- 2.34.1 -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/efibootguard-dev/cover.1651140766.git.jan.kiszka%40siemens.com.
