On Wed, 2024-10-23 at 17:44 +0100, Richard Purdie via lists.openembedded.org wrote: > On Wed, 2024-10-23 at 15:08 +0300, Mikko Rapeli via > lists.openembedded.org wrote: > > These changes enable building systemd uki images which combine > > kernel, kernel command line, initrd and possibly signatures to > > a single UEFI binary. This binary can be booted with UEFI firmware > > and systemd-boot. No grub is needed and UEFI firmware and/or > > systemd-boot provide possibilities for boot menus. > > The uki binary can also be signed for UEFI secure boot > > so the secure boot extends from firmware to kernel and initrd. > > Binding secure boot to full userspace is then easier since for > > example > > kernel command line and initrd contain the support needed to mount > > encrypted dm-verity etc partitions, and/or create partitions on > > demand > > with systemd-repart using device specific TPM devices for > > encryption. > > > > Tested on qemuarm64-secureboot machine from meta-arm with changes > > to > > support secure boot. Slightly different configuration tested on > > multiple arm64 System Ready boards with UEFI firmware, real and > > firmware > > based TPM devices. Tested with ovmf firmware on x86_64 with > > selftests but > > without secure boot which seems to be harder to setup in ovmf. > > > > Sadly I see two wic selftests, wic.Wic2.test_rawcopy_plugin_qemu > > and > > wic.Wic2.test_expand_mbr_image, failing when executing all wic > > selftests > > on a build machine with zfs filesystem. Will investigate this > > further. > > The issue seems to be in mkfs.ext4 producing broken filesystem, and > > partially > > in the tests which don't run the correct rootfs file (.ext4 vs > > .wic). > > Will debug this further and it is IMO unrelated to these changes > > since > > they reproduce on pure master branch without this series. > > > > v10: disabled kvm support in new tests since it breaks qemu boot on > > aarch64 > > build machine, removed "testimage" from IMAGE_CLASS as well > > since > > can end up testing qemu machine during build. > > I hate to say this but > wic.Wic2.test_efi_plugin_plain_systemd_boot_qemu_aarch64 is still > failing: >
https://valkyrie.yoctoproject.org/#/builders/23/builds/320/steps/14/logs/stdio > wic.Wic2.test_efi_plugin_plain_systemd_boot_qemu_aarch64 > > :( > > (I know there is another failure in there too). > > Cheers, > > Richard > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#206256): https://lists.openembedded.org/g/openembedded-core/message/206256 Mute This Topic: https://lists.openembedded.org/mt/109169005/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
