Code Monkey home page Code Monkey logo

meta-efibootguard's Introduction

EFI Boot Guard meta layer

A meta-layer for integration of efibootguard into a yocto project.

Development

You can contribute to the project via pull requests and the mailing list.

Contribution by PR (Pull Request)

Contribution by mailing list:

  • Signed patches can be sent to the mailing list [email protected].
  • The mailing list is used for "efibootguard" and "meta-efibootguard". Please use for patches the prefix "meta-efibootguard".
git commit -s
git send-email [email protected] --confirm=always -M -1 --subject-prefix="meta-efibootguard][PATCH"

Archive:
https://www.mail-archive.com/[email protected]

status

The layer on master branch is compatible with the following Yocto version:

Version Codename LTS
4.0 Kirkstone Yes
3.4 Honister No
3.3 Hardknott No

The layer on dunfell branch is compatible with the following Yocto version:

Version Codename LTS
3.1 Dunfell Yes

project integration

Steps:

  1. Include this meta layer into your project

  2. Set EFI_PROVIDER to "efibootguard" in your local.conf or in your conf/machine/<MACHINE>.conf:

EFI_PROVIDER="efibootguard"

  1. Provide a project-specific .wks file using the python source plugins of this layer for image creation

  2. Build the roots and the hdd image using the new .wks file

Example .wks file

# short-description: Create a bootable disk image with efibootguard
# long-description: Creates a partitioned EFI disk image,
# using efibootguard, that the user can directly dd to boot media.

# EFI partition containing efibootguard
part --source efibootguard-efi --size 32 --extra-space 0 --overhead-factor 1 --ondisk mmcblk0 --label efi --part-type=EF00 --align 1024

# Two root partitions for updateability, leave away 2nd if not used
part / --source rootfs --size 1024 --extra-space 0 --overhead-factor 1 --ondisk mmcblk0 --fstype=ext4 --label platform0 --align 1024
part --source rootfs --size 1024 --extra-space 0 --overhead-factor 1 --ondisk mmcblk0 --fstype=ext4 --label plaftorm1 --align 1024

# Two config partitions to load boot configuration and kernel
part --source efibootguard-boot --size 32 --extra-space 0 --overhead-factor 1 --ondisk mmcblk0 --label boot0 --align 1024 --part-type=0700 --sourceparams "watchdog=60,revision=2"
part --source efibootguard-boot --size 32 --extra-space 0 --overhead-factor 1 --ondisk mmcblk0 --label boot1 --align 1024 --part-type=0700 --sourceparams "watchdog=60,revision=1"

# Other partitions
part --size 1024 --extra-space 0 --overhead-factor 1 --ondisk mmcblk0 --label persistent --align 1024 --fstype=ext4
part swap --ondisk mmcblk0 --size 512 --fstype=swap --label swap --align 1024

# Important for type of partition table
bootloader --ptable gpt --append="console=ttyS1,115200n8 reboot=efi,warm rw debugshell=5 rootwait"

NOTE: The --append option to the bootloader gives kernel parameters that are written into the efibootguard environment file.

meta-efibootguard's People

Contributors

bachp avatar chombourger avatar hoinmic avatar jan-kiszka avatar julianscheel avatar petermarko avatar tronje avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

mentorembedded litmusautomation tronje afreof johnson325 ansar-rasool mferland hoinmic luiskoo samdolt

meta-efibootguard's Issues

Update license for yocto kirkstone

Building against latest poky master (kirkstone) gives following warning:

WARNING: efibootguard-0.10-r0 do_package_qa: QA Issue: Recipe LICENSE includes obsolete licenses GPLv2 [obsolete-license]

License should be updated (probably to GPL-2.0-only).
Issue with that is that it would also mean losing compatibility with older yocto releases which do not have this license available in common-licenses.

Yocto build with too many parallels make make efibootguard failing

It appears that with too many parallel make threads, the version.h file is not yet created when it is needed
And the build fail :
Interesting part :

NOTE: make -j 36
make --no-print-directory all-recursive
Making all in .
set -e; echo '  CHK      version.h'; mkdir -p ./; 	../git/gen_version_h ../git/ < ../git/Makefile.in > version.h.tmp; if [ -r version.h ] && cmp -s version.h version.h.tmp; then rm -f version.h.tmp; else echo '  UPD      version.h'; mv -f version.h.tmp version.h; fi
  CHK      version.h

...

./x86_64-poky-linux-libtool  --tag=CC   --mode=compile x86_64-poky-linux-gcc  -m64 -march=nehalem -mtune=generic -mfpmath=sse -msse4.2 -fstack-protector-strong  -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=/srv/yocto/build-litmusedge-std-vmware-dev/tmp/work/corei7-64-poky-linux/efibootguard/0.10-r0/recipe-sysroot -DHAVE_CONFIG_H -I. -I../git  -I../git/include -I../git -include config.h  -Wno-unused-parameter -Wmissing-prototypes -fshort-wchar -DHAVE_ENDIAN_H -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -Werror -O2 -pipe -g -feliminate-unused-debug-types -fmacro-prefix-map=/srv/yocto/build-litmusedge-std-vmware-dev/tmp/work/corei7-64-poky-linux/efibootguard/0.10-r0=/usr/src/debug/efibootguard/0.10-r0                      -fdebug-prefix-map=/srv/yocto/build-litmusedge-std-vmware-dev/tmp/work/corei7-64-poky-linux/efibootguard/0.10-r0=/usr/src/debug/efibootguard/0.10-r0                      -fdebug-prefix-map=/srv/yocto/build-litmusedge-std-vmware-dev/tmp/work/corei7-64-poky-linux/efibootguard/0.10-r0/recipe-sysroot=                      -fdebug-prefix-map=/srv/yocto/build-litmusedge-std-vmware-dev/tmp/work/corei7-64-poky-linux/efibootguard/0.10-r0/recipe-sysroot-native=  -c -o tools/ebgpart.lo ../git/tools/ebgpart.c
../git/tools/bg_envtools.c:18:10: fatal error: version.h: No such file or directory
   18 | #include "version.h"
      |          ^~~~~~~~~~~
compilation terminated.
make[2]: *** [Makefile:1047: tools/bg_setenv-bg_envtools.o] Error 1
make[2]: *** Waiting for unfinished jobs....

Create `dunfell` branch

Could you please create dunfell branch in the repository? Two reasons:

  • dunfell is LTS branch of yocto that is actively maintained
  • Latset changes to master seem incompatible with yocto-dunfell

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.