Digi
/
meta-digi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

trusfence-initramfs: generalize recipe to avoid redefinitions 

Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit is contained in:
Arturo Buzarra 2020-01-09 18:37:22 +01:00
parent 95c636d327
commit 3c5fd58866
5 changed files with 9 additions and 180 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
meta-digi-dey/recipes-core/trustfence/trustfence-initramfs.bb
View File

@ -5,13 +5,18 @@ LICENSE = "GPL-2.0"
LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
SRC_URI = " \ SRC_URI = " \
file://trustfence-initramfs-init \ ${@bb.utils.contains('STORAGE_MEDIA', 'mmc', 'file://trustfence-initramfs-init_mmc', '', d)} \
${@bb.utils.contains('STORAGE_MEDIA', 'mtd', 'file://trustfence-initramfs-init_mtd', '', d)} \
" "
S = "${WORKDIR}" S = "${WORKDIR}"
do_install() { do_install() {
install -m 0755 trustfence-initramfs-init ${D}/init if [ "${STORAGE_MEDIA}" = "mmc" ]; then
install -m 0755 trustfence-initramfs-init_mmc ${D}/init
else
install -m 0755 trustfence-initramfs-init_mtd ${D}/init
fi
} }
# Do not create debug/devel packages # Do not create debug/devel packages
@ -21,27 +26,13 @@ FILES_${PN} = "/"
# Runtime packages used in 'trustfence-initramfs-init' # Runtime packages used in 'trustfence-initramfs-init'
RDEPENDS_${PN} = " \ RDEPENDS_${PN} = " \
${@bb.utils.contains('STORAGE_MEDIA', 'mmc', 'cryptsetup', '', d)} \
${@bb.utils.contains('STORAGE_MEDIA', 'mtd', 'mtd-utils-ubifs', '', d)} \
trustfence-tool \ trustfence-tool \
util-linux-findfs \ util-linux-findfs \
wipe \ wipe \
u-boot-fw-utils \ u-boot-fw-utils \
" "
RDEPENDS_${PN}_append_ccimx6 = " \
cryptsetup \
"
RDEPENDS_${PN}_append_ccimx6ul = " \
mtd-utils-ubifs \
"
RDEPENDS_${PN}_append_ccimx8x = " \
cryptsetup \
"
RDEPENDS_${PN}_append_ccimx8m = " \
cryptsetup \
"
PACKAGE_ARCH = "${MACHINE_ARCH}" PACKAGE_ARCH = "${MACHINE_ARCH}"
COMPATIBLE_MACHINE = "(ccimx6|ccimx6ul|ccimx8x|ccimx8m)" COMPATIBLE_MACHINE = "(ccimx6|ccimx6ul|ccimx8x|ccimx8m)"

81
meta-digi-dey/recipes-core/trustfence/trustfence-initramfs/ccimx6/trustfence-initramfs-init
View File

@ -1,81 +0,0 @@
#!/bin/sh
#===============================================================================
#
# trustfence-initramfs-init
#
# Copyright (C) 2016, 2017 by Digi International Inc.
# All rights reserved.
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 as published by
# the Free Software Foundation.
#
#
# !Description: Init script for Trustfence initramfs
#
#===============================================================================
POWEROFF_TIME="10"
error() {
[ "${#}" != "0" ] && printf "\n[ERROR]: %s\n\n" "${1}"
echo "The system will poweroff in ${POWEROFF_TIME} seconds"
sleep "${POWEROFF_TIME}"
sync && poweroff -f
}
# Main
#------------------------------------------------------------------------------
# Setup the environment.
export PATH=/bin:/sbin:/usr/bin:/usr/sbin
mkdir -p /proc /sys /dev
mount -t proc proc /proc
mount -t sysfs sysfs /sys
mount -t devtmpfs devtmpfs /dev
# Set kernel console loglevel
LOGLEVEL="$(sysctl -n kernel.printk)"
sysctl -q -w kernel.printk=4
for arg in $(cat /proc/cmdline); do
case "${arg}" in
init=*|rescue=1|root=*) eval ${arg};;
esac
done
# Translate "PARTUUID=..." to real device
root="$(findfs ${root})"
# Jump to a rescue shell if requested
if [ -n "${rescue}" ]; then
# Expand console and respawn if exited
while true; do
setsid cttyhack sh -l
sleep 1
done
fi
# Open LUKS encrypted device
if trustfence-tool ${root} cryptroot; then
# Reset root variable to the decrypted mapped device
root="/dev/mapper/cryptroot"
else
error "unable to open encrypted partition."
fi
# Mount mapped device
mkdir -p /newroot
FSTYPE="$(blkid ${root} | sed -e 's,.*TYPE="\([^"]\+\)".*,\1,g')"
mount ${FSTYPE:+-t ${FSTYPE}} ${root} /newroot
#
# Clean-up and do the switch_root to the final rootfs
#
# - restore previous kernel console loglevel
# - umount virtual filesystems
#
[ -n "${LOGLEVEL}" ] && sysctl -q -w kernel.printk="${LOGLEVEL}"
mount --move /dev /newroot/dev
umount /sys /proc
exec switch_root /newroot ${init:-/sbin/init}

81
meta-digi-dey/recipes-core/trustfence/trustfence-initramfs/ccimx8mn/trustfence-initramfs-init
View File

@ -1,81 +0,0 @@
#!/bin/sh
#===============================================================================
#
# trustfence-initramfs-init
#
# Copyright (C) 2020 by Digi International Inc.
# All rights reserved.
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 as published by
# the Free Software Foundation.
#
#
# !Description: Init script for Trustfence initramfs
#
#===============================================================================
POWEROFF_TIME="10"
error() {
[ "${#}" != "0" ] && printf "\n[ERROR]: %s\n\n" "${1}"
echo "The system will poweroff in ${POWEROFF_TIME} seconds"
sleep "${POWEROFF_TIME}"
sync && poweroff -f
}
# Main
#------------------------------------------------------------------------------
# Setup the environment.
export PATH=/bin:/sbin:/usr/bin:/usr/sbin
mkdir -p /proc /sys /dev
mount -t proc proc /proc
mount -t sysfs sysfs /sys
mount -t devtmpfs devtmpfs /dev
# Set kernel console loglevel
LOGLEVEL="$(sysctl -n kernel.printk)"
sysctl -q -w kernel.printk=4
for arg in $(cat /proc/cmdline); do
case "${arg}" in
init=*|rescue=1|root=*) eval ${arg};;
esac
done
# Translate "PARTUUID=..." to real device
root="$(findfs ${root})"
# Jump to a rescue shell if requested
if [ -n "${rescue}" ]; then
# Expand console and respawn if exited
while true; do
setsid cttyhack sh -l
sleep 1
done
fi
# Open LUKS encrypted device
if trustfence-tool ${root} cryptroot; then
# Reset root variable to the decrypted mapped device
root="/dev/mapper/cryptroot"
else
error "unable to open encrypted partition."
fi
# Mount mapped device
mkdir -p /newroot
FSTYPE="$(blkid ${root} | sed -e 's,.*TYPE="\([^"]\+\)".*,\1,g')"
mount ${FSTYPE:+-t ${FSTYPE}} ${root} /newroot
#
# Clean-up and do the switch_root to the final rootfs
#
# - restore previous kernel console loglevel
# - umount virtual filesystems
#
[ -n "${LOGLEVEL}" ] && sysctl -q -w kernel.printk="${LOGLEVEL}"
mount --move /dev /newroot/dev
umount /sys /proc
exec switch_root /newroot ${init:-/sbin/init}

0
meta-digi-dey/recipes-core/trustfence/trustfence-initramfs/ccimx8x/trustfence-initramfs-init → meta-digi-dey/recipes-core/trustfence/trustfence-initramfs/trustfence-initramfs-init_mmc
View File

0
meta-digi-dey/recipes-core/trustfence/trustfence-initramfs/ccimx6ul/trustfence-initramfs-init → meta-digi-dey/recipes-core/trustfence/trustfence-initramfs/trustfence-initramfs-init_mtd
View File