Add make-boot-image service#11
Conversation
|
Hi @XECDesign , would it be possible to get some feedback on this packaging approach? This service aims to create replacement images for linux-image--2712 packages that include the kernel directly into a signed ramdisk. I suspect I'll probably need a replacement linux-image-rpi-2712 meta-package too? |
|
Sorry, afraid I can't be of much help here. |
tdewey-rpi
left a comment
tdewey-rpi
left a comment
There was a problem hiding this comment.
No issues with the approach, but your point on systemd service restarting is taken.
We do, however, need it to support 2711 first - as CM4 is a commercially available platform, and there are no 2712 platforms where we actively support secure boot at this time.
roliver-rpi
force-pushed
the
make-boot-image
branch
from
9f8ea1e to
a1dddd1
Compare
roliver-rpi
force-pushed
the
make-boot-image
branch
from
69e9903 to
65eb33b
Compare
Signed-off-by: Richard Oliver <richard.oliver@raspberrypi.com>
roliver-rpi
force-pushed
the
make-boot-image
branch
from
65eb33b to
fe4467c
Compare
|
Updated documentation, validator.py, inserted preinst script to remove /boot/firmware/config.txt This will have to be parked for-now as the cryptroot initramfs is unable to insmod the compressed .ko.xz modules. We can revisit this once the cryptroot image has been updated. |
|
|
||
| A display name and email address in RFC 5322 mailbox format of the individual / | ||
| team responsible for creating your boot-image packages. e.g. | ||
| `Packaging Team <packaging-team@example.com>' |
There was a problem hiding this comment.
Inconsistent formatting - maybe get this through a asciidoc preview tool?
| @@ -1,5 +1,6 @@ | |||
| ## Format of return will be [Happy: bool, error: str] | |||
| from os import path | |||
| from email.utils import parseaddr, formataddr | |||
There was a problem hiding this comment.
Is this a core dep, or does it require an additional package?
There was a problem hiding this comment.
It's part of the Python standard library. It's provided by libpython3-stdlib in Debian, but this is a hard-dep of the python3 package. Even if we were to use python3-minimal, we would still get email.utils as part of libpython3.11-minimal
| > [!CAUTION] | ||
| > Support only exists for v8 kernels at this time. | ||
|
|
||
| ## Configuration |
There was a problem hiding this comment.
Does this need to be expanded to include the vendor fields?
| rpi-package-download@"$(systemd-escape "${1}")".service | ||
| } | ||
|
|
||
| KERNEL_2711="linux-image-${LINUX_IMAGE}" |
There was a problem hiding this comment.
Apologies for the run-around, but I would prefer this was named 'kernel_v8' or similar. Not a blocker.
|
@roliver-rpi Is this ready to review in earnest? |
No, the current cryptroot initramfs is unable to insmod the compressed .ko.xz modules that we take from the linux-image package. This should be parked until we update the cryptroot initramfs. |
4 participants
No description provided.