diff --git a/meta-lmp-base/classes/lmp.bbclass b/meta-lmp-base/classes/lmp.bbclass index 6aff3b1be3..82fe0c5c0c 100644 --- a/meta-lmp-base/classes/lmp.bbclass +++ b/meta-lmp-base/classes/lmp.bbclass @@ -125,10 +125,18 @@ IMAGE_CMD:ota:append () { if [ "${APP_PRELOAD_WITHIN_OE_BUILD}" = "1" ]; then preload_apps fi + + # Split content /var into a separated folder so it can be consumed by WKS separately + if [ "${OSTREE_SPLIT_VAR}" = "1" ]; then + rm -rf ${OTA_VAR} + mv ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var ${OTA_VAR} + mkdir -p ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var + fi } OTA_BOOT = "${WORKDIR}/ota-boot" -do_image_ota[dirs] += "${OTA_BOOT}" -do_image_ota[cleandirs] += "${OTA_BOOT}" +OTA_VAR = "${WORKDIR}/ota-var" +do_image_ota[dirs] += "${OTA_BOOT} ${OTA_VAR}" +do_image_ota[cleandirs] += "${OTA_BOOT} ${OTA_VAR}" # Adapted from oe_mkext234fs in image_types.bbclass oe_mkotaespfs() { diff --git a/meta-lmp-base/conf/distro/lmp.conf b/meta-lmp-base/conf/distro/lmp.conf index f7124c4eb3..a208fa7a44 100644 --- a/meta-lmp-base/conf/distro/lmp.conf +++ b/meta-lmp-base/conf/distro/lmp.conf @@ -13,6 +13,7 @@ OSTREE_KERNEL ?= "${@oe.utils.conditional('KERNEL_IMAGETYPE', 'fitImage', '${KER OSTREE_KERNEL_ARGS_COMMON ?= "root=LABEL=otaroot rootfstype=ext4" OSTREE_KERNEL_ARGS ?= "${OSTREE_KERNEL_ARGS_COMMON}" OSTREE_SPLIT_BOOT ?= "0" +OSTREE_SPLIT_VAR ?= "0" OSTREE_LOADER_LINK ?= "1" OSTREE_DEPLOY_USR_OSTREE_BOOT ?= "0" DISTRO_FEATURES:append = " sota" diff --git a/meta-lmp-base/recipes-core/base-files/base-files_%.bbappend b/meta-lmp-base/recipes-core/base-files/base-files_%.bbappend index a1c1daa4f2..2a396ce2de 100644 --- a/meta-lmp-base/recipes-core/base-files/base-files_%.bbappend +++ b/meta-lmp-base/recipes-core/base-files/base-files_%.bbappend @@ -2,6 +2,17 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" SRC_URI += "file://tmpfiles.conf" +# fstab handling when var is in a separated partition (required by ostree) +OSTREE_SPLIT_VAR ?= "0" + +do_compile:append () { + if ${@bb.utils.contains('OSTREE_SPLIT_VAR', '1', 'true', 'false', d)}; then + if ! grep -q '/var[[:blank:]]' ${WORKDIR}/fstab; then + echo "LABEL=var /var ext4 defaults 0 1" >> ${WORKDIR}/fstab + fi + fi +} + do_install:append () { if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then install -D -m 0644 ${WORKDIR}/tmpfiles.conf ${D}${nonarch_libdir}/tmpfiles.d/${PN}.conf diff --git a/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper b/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper index 97f969997f..edaaf95b12 100644 --- a/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper +++ b/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper @@ -1,27 +1,10 @@ #!/bin/sh # Copyright (c) Fathi Boudra +# Copyright (c) 2019-2023 Foundries.IO +# # All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. +# +# SPDX-License-Identifier: BSD-2-Clause # must exit on error set -e @@ -51,7 +34,6 @@ fi # get the partition number and type INFO=$(udevadm info --query=property --name=${ROOT_DEVICE}) PART_ENTRY_NUMBER=$(echo "${INFO}" | grep '^ID_PART_ENTRY_NUMBER=' | cut -d'=' -f2) -PART_ENTRY_NAME=$(echo "${INFO}" | { grep '^ID_PART_ENTRY_NAME=' || true; } | cut -d'=' -f2) # in case the root device is not on a partitioned media if [ "x$PART_ENTRY_NUMBER" = "x" ]; then @@ -64,37 +46,40 @@ PART_TABLE_TYPE=$(echo "${INFO}" | grep '^ID_PART_TABLE_TYPE=' | cut -d'=' -f2) DEVICE=$(udevadm info --query=path --name=${ROOT_DEVICE} | awk -F'/' '{print $(NF-1)}') DEVICE="/dev/${DEVICE}" -# only manipulate partition table if rootfs is the last partition -LAST_PART=$(partx -s -o nr ${DEVICE} | tail -n1) -if [ ${PART_ENTRY_NUMBER} -eq ${LAST_PART} ]; then - SIZE=$(blockdev --getsz ${DEVICE}) - TYPE="p\n" - if [ "$PART_TABLE_TYPE" = "gpt" ]; then - ${SGDISK} -e ${DEVICE} - SIZE=$(($SIZE - 33)) # the GPT end of disk is 34 sectors - TYPE="" - fi - - # Use fdisk to repartition - # fdisk uses a ram image of the parition table until a write is performed - # so the sequence is to delete the partition and recreate it at the same - # starting point but making it the size of the available disk. - # - END=$((${SIZE} - 1)) - PARTOF=$(echo "${INFO}" | grep '^ID_PART_ENTRY_OFFSET=' | cut -d'=' -f2) - echo -e "d\n${PART_ENTRY_NUMBER}\nn\n${TYPE}${PART_ENTRY_NUMBER}\n${PARTOF}\n${END}\nw\n" | ${FDISK} ${DEVICE} +# only manipulate the last partition from the same disk used by the rootfs +LAST_PART=$(partx -s -o nr ${DEVICE} | tail -n1 | awk -F' ' '{print $1}') +RESIZE_PART="${DEVICE}${LAST_PART}" +INFO=$(udevadm info --query=property --name=${RESIZE_PART}) +PART_ENTRY_NUMBER=$(echo "${INFO}" | grep '^ID_PART_ENTRY_NUMBER=' | cut -d'=' -f2) +PART_ENTRY_NAME=$(echo "${INFO}" | { grep '^ID_PART_ENTRY_NAME=' || true; } | cut -d'=' -f2) - if [ -n "${PART_ENTRY_NAME}" ]; then - ${SGDISK} --change-name=${PART_ENTRY_NUMBER}:"${PART_ENTRY_NAME}" ${DEVICE} - fi - ${PARTX} -u ${DEVICE} +# resize the partition first and after the actual file system +SIZE=$(blockdev --getsz ${DEVICE}) +TYPE="p\n" +if [ "$PART_TABLE_TYPE" = "gpt" ]; then + ${SGDISK} -e ${DEVICE} + SIZE=$(($SIZE - 33)) # the GPT end of disk is 34 sectors + TYPE="" +fi +# Use fdisk to repartition +# fdisk uses a ram image of the parition table until a write is performed +# so the sequence is to delete the partition and recreate it at the same +# starting point but making it the size of the available disk. +# +END=$((${SIZE} - 1)) +PARTOF=$(echo "${INFO}" | grep '^ID_PART_ENTRY_OFFSET=' | cut -d'=' -f2) +echo -e "d\n${PART_ENTRY_NUMBER}\nn\n${TYPE}${PART_ENTRY_NUMBER}\n${PARTOF}\n${END}\nw\n" | ${FDISK} ${DEVICE} +if [ -n "${PART_ENTRY_NAME}" ]; then + ${SGDISK} --change-name=${PART_ENTRY_NUMBER}:"${PART_ENTRY_NAME}" ${DEVICE} fi +${PARTX} -u ${DEVICE} -if [ -n "${DM_NAME}" ] && cryptsetup isLuks ${ROOT_DEVICE}; then +if command -v cryptsetup > /dev/null && cryptsetup isLuks ${RESIZE_PART}; then # OP-TEE: use TEE Identity for pkcs11 authentication export CKTEEC_LOGIN_TYPE=user + DM_NAME=`lsblk -n --list -o NAME,TYPE ${RESIZE_PART} | awk '$2=="crypt" {print $1}'` cryptsetup resize --token-only ${DM_NAME} ${RESIZE2FS} "/dev/mapper/${DM_NAME}" else - ${RESIZE2FS} "${ROOT_DEVICE}" + ${RESIZE2FS} "${RESIZE_PART}" fi diff --git a/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper.service b/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper.service index 6cc850c62e..393ff3046b 100644 --- a/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper.service +++ b/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper.service @@ -1,5 +1,5 @@ [Unit] -Description=Resize root filesystem to fit available disk space +Description=Resize last partition and filesystem to fit available disk space Wants=systemd-udevd.service systemd-udev-trigger.service After=systemd-remount-fs.service systemd-udevd.service luks-reencryption.service diff --git a/meta-lmp-base/wic/efidisk-split-var-sota.wks.in b/meta-lmp-base/wic/efidisk-split-var-sota.wks.in new file mode 100644 index 0000000000..308e593932 --- /dev/null +++ b/meta-lmp-base/wic/efidisk-split-var-sota.wks.in @@ -0,0 +1,9 @@ +# short-description: Create an OTA-enabled EFI disk image +# long-description: Creates an OTA-enabled EFI disk image that the user +# can directly dd to boot media. + +part /boot --source bootimg-sota-efi --sourceparams="loader=${EFI_PROVIDER}" --rootfs-dir=${WORKDIR}/ota-boot --ondisk sda --active --align 1024 --use-uuid ${OSTREE_WKS_EFI_SIZE} --label boot +part / --source otaimage --ondisk sda --part-name=otaroot --fstype=ext4 --align 1024 --use-uuid +part /var --source rootfs --ondisk sda --rootfs-dir=${WORKDIR}/ota-var --fstype=ext4 --part-name var --label var --part-type 0x8310 --align 4096 --use-uuid + +bootloader --source bootimg-sota-efi --timeout=1 --ptable gpt diff --git a/meta-lmp-bsp/conf/machine/include/lmp-machine-custom.inc b/meta-lmp-bsp/conf/machine/include/lmp-machine-custom.inc index 0097164afd..ca1777e4f9 100644 --- a/meta-lmp-bsp/conf/machine/include/lmp-machine-custom.inc +++ b/meta-lmp-bsp/conf/machine/include/lmp-machine-custom.inc @@ -136,7 +136,7 @@ EFI_PROVIDER:intel-corei7-64 = "systemd-boot" OSTREE_SPLIT_BOOT:intel-corei7-64 = "1" OSTREE_LOADER_LINK:intel-corei7-64 = "0" KERNEL_CLASSES:intel-corei7-64 = " kernel-lmp-efi " -WKS_FILE:intel-corei7-64:sota ?= "efidisk-sota.wks.in" +WKS_FILE:intel-corei7-64:sota ?= "${@bb.utils.contains('OSTREE_SPLIT_VAR', '1', 'efidisk-split-var-sota.wks.in', 'efidisk-sota.wks.in', d)}" WKS_FILE_DEPENDS:append:intel-corei7-64 = " ${INITRD_IMAGE_LIVE} efitools" WKS_FILE_DEPENDS_BOOTLOADERS:remove:intel-corei7-64 = "grub-efi" ## wic-based installer requires image to be available via IMAGE_BOOT_FILES