Boot.cmd refactoring, part 2 (add imx8mmevk and imx8mqevk support)#348
Merged
igoropaniuk merged 3 commits intofoundriesio:masterfrom Jun 3, 2021
Merged
Conversation
igoropaniuk
force-pushed
the
boot.cmd-refactoring
branch
from
47c7bfc to
12a99c9
Compare
|
|
||
| setenv fdt_addr 0x15800000 | ||
| setenv optee_ovl_addr 0x16000000 | ||
| setenv initrd_addr ${loadaddr} |
Member
There was a problem hiding this comment.
Since initrd is not necessarily enough on all targets and we can also load the initrd from the fit into a fixed address, it would be better to have this set as fit_addr or similar.
Contributor
Author
There was a problem hiding this comment.
changed to $fit_addr
Interesting that I can not use $loadaddr for FIT image on imx8mmevk/imx8mqevk, as bootm reports that it's corrupted, something overlaps with that region.
So for now I just do this:
setenv fit_addr ${initrd_addr}
12a99c9 to
c6b84e7
Compare
igoropaniuk
force-pushed
the
boot.cmd-refactoring
branch
from
c6b84e7 to
8c83b10
Compare
| setenv bootcmd_tee_ovy 'if test -n ${optee_ovl_addr}; then imxtract ${loadaddr}#conf@@FIT_NODE_SEPARATOR@@${fdt_file} fdt@@FIT_NODE_SEPARATOR@@${fdt_file} ${fdt_addr}; fdt addr ${fdt_addr}; fdt resize 0x1000; fdt apply ${optee_ovl_addr}; fi' | ||
| setenv bootcmd_run 'bootm ${loadaddr}#conf@@FIT_NODE_SEPARATOR@@${fdt_file} ${loadaddr}#conf@@FIT_NODE_SEPARATOR@@${fdt_file} ${fdt_addr}' | ||
| setenv bootcmd_load_f 'ext4load ${devtype} ${devnum}:${rootpart} ${fit_addr} "/boot"${kernel_image}' | ||
| setenv bootcmd_tee_ovy 'if test -n ${optee_ovl_addr}; then imxtract ${fit_addr}#${fdt_file_final} fdt@@FIT_NODE_SEPARATOR@@${fdt_file_final} ${fdt_addr}; fdt addr ${fdt_addr}; fdt resize 0x1000; fdt apply ${optee_ovl_addr}; fi' |
Member
There was a problem hiding this comment.
There is a subtle change at bootcmd_tee_ovy here:
-imxtract ${loadaddr}#conf@@FIT_NODE_SEPARATOR@@${fdt_file} fdt@@FIT_NODE_SEPARATOR@@${fdt_file} ${fdt_addr};
+imxtract ${fit_addr}#${fdt_file_final} fdt@@FIT_NODE_SEPARATOR@@${fdt_file_final} ${fdt_addr}
The original change was using the conf node, and that was on purpose because conf is the only thing that gets signed. While your change will work the same way, I believe it won't verify the signature of the fdt_file_final node when not used together with the respective conf, since it is not signed.
An example for https://ci.foundries.io/projects/lmp/builds/1284/apalis-imx6/artifacts/other/fitImage-initramfs-ostree-lmp-image-apalis-imx6-apalis-imx6 (dtc -I dtb -O dts):
The fdt node:
fdt-imx6q-apalis-eval.dtb {
description = "Flattened Device Tree blob";
type = "flat_dt";
arch = "arm";
compression = "none";
load = <0x15800000>;
hash-1 {
value = <0x13823165 0x911d9ac1 0x4e231641 0xe73e923d 0x89bdae0e 0xffc1eb9b 0x5925dd9a 0x366b9def>;
algo = "sha256";
};
};
Conf node:
conf-imx6q-apalis-eval.dtb {
description = "1 Linux kernel, FDT blob, ramdisk";
kernel = "kernel-1";
fdt = "fdt-imx6q-apalis-eval.dtb";
ramdisk = "ramdisk-1";
hash-1 {
algo = "sha256";
};
signature-1 {
hashed-strings = <0x00 0x8e>;
hashed-nodes = "/\0/configurations/conf-imx6q-apalis-eval.dtb\0/images/kernel-1\0/images/kernel-1/hash-1\0/images/fdt-imx6q-apalis-eval.dtb\0/images/fdt-imx6q-apalis-eval.dtb/hash-1\0/images/ramdisk-1\0/images/ramdisk-1/hash-1";
timestamp = <0x00>;
signer-version = "2020.07";
signer-name = "mkimage";
value = <0x25fe5b29 0x58cd62cd 0xd527e1b8 0x72fd3db7 0xb13280ff 0x4c654c1e 0x3c5eb05a 0x895c3641 0xf2919edc 0x4eed9dda 0xaa4bd1e 0x57d66669 0xabf8112 0xa6db8778 0x3cc76f8 0x535a5683 0xa9615121 0x66613ae3 0x8b5660a2 0x55a12bc1 0x3cc26b98 0xc61d6586 0x7d81486 0xcfbd3881 0xb6281722 0x3568af7 0xe418804b 0x46c94ec9 0x1725ba7f 0xe7c04587 0x9ab505c3 0xbf7afc0b 0x52af6447 0x7437b891 0xc741b244 0xbfebf45f 0x16b37044 0xfc51580c 0x94e250b8 0xbb0adf1d 0xd4eafe61 0x9e02bd44 0x540dcaaf 0x12d9dcc 0xfb0585d1 0x5ca7592 0x15d8a390 0x724b2615 0xc5a956fc 0xec3bdff0 0x314641da 0x207f7604 0x46f96b38 0x4a49ac4c 0xe277d98c 0xc40c058a 0xe9984e2a 0x5893648a 0x8af33c8 0x454b133 0x68a86989 0x659847f0 0xa5df29b7 0x66995ddb>;
algo = "sha256,rsa2048";
key-name-hint = "dev";
sign-images = "kernel\0fdt\0ramdisk";
};
};
Contributor
Author
There was a problem hiding this comment.
good catch!
I've done that unintentioanlly, fixing now
Member
|
Just one comment, but looks good otherwise. |
1. Use fdt_file_final to cover the case when final fdt file name is created by concatenating different prefixes etc (like freescale_ for imx8m-based boards). 2. Add support for loading non-changed DTB from FIT image. Signed-off-by: Igor Opaniuk <[email protected]>
Use common boot handlers from boot.cmd.in instead of having them in each boot.cmd file. Signed-off-by: Igor Opaniuk <[email protected]>
Use common boot handlers from boot.cmd.in instead of having them in each boot.cmd file. Signed-off-by: Igor Opaniuk <[email protected]>
igoropaniuk
force-pushed
the
boot.cmd-refactoring
branch
from
8c83b10 to
ff41ab7
Compare
Contributor
Author
|
Fixed @ricardosalveti last comment (as he mentioned this can be merged after that fix) |
quaresmajose
pushed a commit
that referenced
this pull request
Jan 10, 2023
Bumping podman-compose to version 0.1.8-2-g1555417, which comprises the following commits:
1555417 FIXES #361: key error _service
1f989ed FIXES #356: respect pull_policy
66ce2a3 release 0.1.8
d8e11d5 FIXES #312: run starts dependencies
72c3572 #289: exit code and test for that
c187e88 up and down specific containers
31b8bb4 simpler passing of env
f177712 Fix `up` arguments parsing
ae3deb1 #355: fix dry run
117b7fb command list of strings
5acb997 command list of strings
02b2f65 Update issue templates
a36b6f1 Update issue templates
e3be6dd Update issue templates
4b75678 Update issue templates
dcb038e remove tabs
a2fef56 FIXES #353: down in reverse order
c753b8e FIXES #167: support ContainerFile
c9486c9 #115: handle string entrypoint
f2aeaba #348: conditional --infra-name
2d80e43 remove print
d1a77de external name
c49f070 volumes with names
6d69b7c Add support external volumes
ab13503 add support for long port publishing format
069018c #342: set infra container name
b33c42b Readability fix for missing commands
785f7ad Get version info with setup.cfg
b6a9f8e #335: report version with -v
4a5fd23 #275 make pipx happy
dc0ac0d docs: added the transform_policy default and description
502d7cc #327: accept ports as string
e85d79d added cpu_shares flag for v2
bfb57b9 added cpu_shares flag for v2
2d0aad6 Also pull images with a build section
ff5b9f1 Support for logging
62aa337 feat(secrets): ✨ Add support for secrets
3836094 Update podman_compose.py
d97a20d #308: fix environment
f417c9a #120: extend not add
5ed5528 FIXES #120: parse mem and cpu limits
3d6ca3c FIXES #120: parse mem and cpu limits
6e3383d Convert numeric command arguments to string (fixes #77)
8ef7587 Fix some typos (found by codespell)
039fe30 Make sure port entries are converted to strings
62d2024 Add stop_signal service attribute
9317f98 #278: args
045cef2 #289: report exit code when --exit-code-from
a7f97b6 implement -e in run
0ea18b4 Force adding an .env file for the tests
00840d0 resolve conflict
2ad7daa Test variable interpolation in the YAML
080b8a3 Prefer 'compose.yaml' as per compose spec
226ac4f fix missing --label flag in volume creation
030a196 Fix README typo
901213e Update podman_compose.py
b337060 Add support for sysctls in compose file
b3090c3 Mode Python installation and test deps to requirement files
5fabfee Support annotations
75a63df fix: check `.env` in current dir with `isfile` instead of `exists`
08dd36f Add docker-compose labels for interoperability
669953b Rework argument generation to adhere directly to what podman accepts.
d3df688 Remove test code
bda7b5e Add exec support
6289d25 fixes #236: compatible with docker-compose
abc0813 Only pull each image once
9cd837f Fixes #236: Ensure project name works with podman
a4b8b5e Fix 'podman-compose version' with no compose file in the working directory
5971f57 FIXES #249: update dotenv with some envs
ab96f12 FIXES #249: update dotenv with some envs
f6a3cb0 Allow environment variables to be unset
497355f Re-order environment/env_files to match compose
20a86ea add --no-cache arg to build
4e2e960 build specific service
efba3a1 support str style configuration for env_file
9063976 BUG: 'podman stop -t 360.0' called for float, expects int on cli
3712b54 ENH: add timeout option to podman-compose down, as in https://docs.docker.com/compose/reference/down/
294f8ee Hashlib to generate SHA256 instead of MD5 for FIPS
105b129 Fix infinite loop
d3f3711 FIXES #181: accept init and init-path
7eacf14 MAINT: resolve containers/podman-compose#180 (comment)
8cd98ab MAINT: extend instead of append
047820d ENH: Added restart policy forwarding to podmann run, compose build args added to up args
e7b1382 Add --build-arg to 'up' (Fixes #161)
64ed554 Allow empty default/error value in substitution
93bf39e Add Security Policy
5915ba3 Catch error when compose file is empty
1ca6a88 target once
7b40079 Pass "target" parameter when building an image.
f9915c4 Check for target property when building images
1973340 Add support for --build-arg option
e8147e3 Add support for cap_add/cap_drop
7f210ff fixing "Error: unknown flag: --shm_size"
cbed801 start detached
6a42d68 add ports test
07a2430 Fixes #152: validate that podman is useable
5215782 Fixes #152: validate that podman is useable
03cbd29 pass volumes using -v
796e6a4 Avoid crash when no services are defined
efcbc75 Pass ulimit parameters when building container
dacc753 Add Code of Conduct
8c3b7e6 Added mount option delegated and cached
147f0ae Update README with dnf install instructions.
27d3caf Add support for privileged option
e7a9bd3 Show stopped containers in ps
ddd582c Add support for logs subcommand
169eaee Fix override of the run command
c5f8973 Mixed-case directory names break 'podman create'
12036aa FIXES #76: a service extends a service with same name
7222fdb exit if not files
bb7120f Fix stop command runs start instead
7ebbe2e Fix KeyErrors encountered with extended services
29d4cdc Remove unused funtion in setup.py
a9216c3 podman volume inspect mountPoint/Mountpoint
e538852 #57: better ps via label
b1c2b02 podman_compose.py
9e0dd2d extends with external file
72c1992 Remove never-shared options.
3e2381f Support extends
dee813a #47: version command
9684429 #52: fix how we split commands
87e7211 #54: fix ulimits
7269701 Fixed get of ulimit tag, according to docker-compose specification
b369073 Fix podman-compose run command parsing
62f0cc4 Changed -l flag to --label in order to be compatible with Podman 1.0.2.dev
c152d28 Support for generic container-compose format
8e43e69 FIX #41: compare original volume name
751aaa8 Add support for devices in a service
243bdb6 Add support for setting container ulimit
2202e7f Add support for setting container ulimit
f505e49 a test showing yaml anchor magic
2e4378f add string check for cmd line args
2a8d430 FIXES #35: now support multiple composer files
a512c0c #35: test for multiple -f
f008986 release 0.1.5
Signed-off-by: Bruce Ashfield <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.