1#!/bin/bash 2 3# Copyright (C) 2018-2022 Intel Corporation. 4# SPDX-License-Identifier: BSD-3-Clause 5 6 7usage() { 8 echo "Usage: $0 [options]" 9 echo "This script builds images for Slim Boot Loader (SBL) based platforms" 10 echo "options:" 11 echo "--mirror-url default: 'https://cdn.download.clearlinux.org/releases/', for swupd" 12 echo "--acrn-code-path: Specify acrn-hypervisor code path for ACRN SBL build. If acrn-sbl-path is provided, acrn-code-path will be ignored" 13 echo "--acrn-sbl-path: Specify ACRN SBL binary path. If acrn-sbl-path isn't provided, --acrn-code-path must be set" 14 echo "--clearlinux-version: mandatory option for sos image build" 15 echo "--images-type: Specify the type of OS image to build (sos/laag/all, default value is all)" 16 echo "--sign-key: Specify the debug key for signing, default value provided" 17 echo "--sos-rootfs-size: Specify the sos_rootfs image size in MB, default value is 3584" 18 echo "--laag-image-size: Specify the laag image size in MB, default value is 10240" 19 echo "--sos-bundle-append: Specify additional bundles to be installed in the sos" 20 echo "--laag-json: mandatory option, used by ister.py to build the uos" 21} 22 23 24create_sos_images() { 25 mkdir sos_rootfs 26 echo "Clean previously generated images" 27 rm -fv sos_boot.img 28 rm -fv sos_rootfs.img 29 30 fallocate -l ${SOS_ROOTFS_SIZE}M sos_rootfs.img || return 1 31 mkfs.ext4 sos_rootfs.img 32 mount sos_rootfs.img sos_rootfs 33 echo mount sos_rootfs >> .cleanup 34 35 mountpoint sos_rootfs || return 1 36 37 swupd os-install --path=sos_rootfs --contenturl=$MIRRORURL --versionurl=$MIRRORURL --format=staging -V ${VERSION} -N -b || 38 { 39 echo "Failed to swupd install" 40 return 1 41 } 42 43 swupd bundle-add --path=sos_rootfs --contenturl=$MIRRORURL --versionurl=$MIRRORURL --format=staging $SOS_BUNDLE_LIST || 44 { 45 echo "Failed to swupd bundle add" 46 return 1 47 } 48 49 if [[ ! ${ACRN_SBL} || ! -f ${ACRN_SBL} ]] 50 then 51 ACRN_SBL=sos_rootfs/usr/lib/acrn/acrn.apl-up2.sbl.sdc.32.out 52 fi 53 54 if [ ${ACRN_HV_CODE_PATH} ] 55 then 56 make -C ${ACRN_HV_CODE_PATH} clean || return 1 57 make -C ${ACRN_HV_CODE_PATH} hypervisor BOARD=apl-up2 FIRMWARE=sbl || return 1 58 ACRN_SBL=${ACRN_HV_CODE_PATH}/build/hypervisor/acrn.32.out 59 fi 60 61 if [ ! -f ${ACRN_SBL} ] 62 then 63 echo "ACRN SBL is not found." 64 return 1 65 fi 66 67 echo "ACRN_SBL:"${ACRN_SBL} 68 69 echo -n "Linux_bzImage" > tmp/linux.txt 70 SOS_KERNEL=$(ls sos_rootfs/usr/lib/kernel/org.clearlinux.iot-lts2018-sos*) 71 touch tmp/hv_cmdline 72 73 iasimage create -o iasImage -i 0x40300 -d tmp/bxt_dbg_priv_key.pem -p 4 tmp/hv_cmdline ${ACRN_SBL} tmp/linux.txt ${SOS_KERNEL} || 74 { 75 echo "stitch iasimage for sos_boot failed!" 76 return 1 77 } 78 79 if [ -f iasImage ]; then 80 mv iasImage sos_boot.img 81 fi 82 83 return 84} 85 86 87create_uos_images() { 88 echo "Start to create the up2_laag.img..." 89 rm -fv up2_laag.img 90 fallocate -l ${LAAG_IMAGE_SIZE}M up2_laag.img || return 1 91 mkfs.ext4 up2_laag.img 92 mkdir laag_image 93 mount -v up2_laag.img laag_image 94 echo mount laag_image >> .cleanup 95 96 mkdir -p laag_image/clearlinux 97 ister.py -t $LAAG_JSON --format=staging -V $MIRRORURL -C $MIRRORURL || 98 { 99 echo "ister create clearlinux.img failed" 100 return 1 101 } 102 103 mv clearlinux.img laag_image/clearlinux 104 devloop=`losetup --partscan --find --show laag_image/clearlinux/clearlinux.img` 105 echo loopdev $devloop >> .cleanup 106 107 mkdir laag_rootfs 108 mount "$devloop"p2 laag_rootfs 109 echo mount laag_rootfs >> .cleanup 110 111 mount "$devloop"p1 laag_rootfs/boot 112 echo mount laag_rootfs/boot >> .cleanup 113 114 kernel_version=`readlink laag_rootfs/usr/lib/kernel/default-iot-lts2018 | awk -F '2018.' '{print $2}'` 115 116 echo "" > tmp/uos_cmdline 117 iasimage create -o laag_rootfs/boot/iasImage -i 0x30300 -d tmp/bxt_dbg_priv_key.pem tmp/uos_cmdline laag_rootfs/usr/lib/kernel/default-iot-lts2018 118 119} 120 121cleanup() { 122 # Process .cleanup file in reverse order 123 [ -e .cleanup ] && tac .cleanup | while read key val; do 124 case $key in 125 loopdev) 126 losetup --detach $val 127 ;; 128 mount) 129 umount -R -v $val && rmdir $val 130 ;; 131 mkdir) 132 rm -rfv $val 133 esac 134 done 135 rm -fv .cleanup 136} 137 138# Default values 139SOS_BASE_BUNDLE_LIST="service-os os-core-update openssh-server x11-server" 140SOS_BUNDLE_APPEND="" 141LAAG_BUNDLE_APPEND="" 142SOS_ROOTFS_SIZE=3584 143LAAG_IMAGE_SIZE=10240 144LAAG_VDISK_SIZE=5120 145MIRRORURL="https://cdn.download.clearlinux.org/update/" 146SIGN_KEY="https://download.clearlinux.org/secureboot/DefaultIASSigningPrivateKey.pem" 147IMAGE=all 148 149while [ $# -gt 0 ]; do 150 case $1 in 151 --mirror-url) 152 MIRRORURL=$2 153 shift 2 154 ;; 155 --acrn-code-path) 156 ACRN_HV_CODE_PATH=$2 157 shift 2 158 ;; 159 --acrn-sbl-path) 160 ACRN_SBL=$2 161 shift 2 162 ;; 163 --clearlinux-version) 164 VERSION=$2 165 echo ${VERSION} 166 shift 2 167 ;; 168 --images-type) 169 IMAGE=$2 170 shift 2 171 ;; 172 --sign-key) 173 SIGN_KEY=$2 174 shift 2 175 ;; 176 --sos-rootfs-size) 177 SOS_ROOTFS_SIZE=$2 178 shift 2 179 ;; 180 --laag-image-size) 181 LAAG_IMAGE_SIZE=$2 182 shift 2 183 ;; 184 --sos-bundle-append) 185 SOS_BUNDLE_APPEND=$2 186 shift 2 187 ;; 188 --laag-json) 189 LAAG_JSON=$2 190 shift 2 191 ;; 192 -h|--help) 193 usage 194 exit -1 195 ;; 196 *) 197 echo Invalid argument: $1 198 usage 199 exit -1 200 ;; 201 esac 202done 203 204SOS_BUNDLE_LIST=${SOS_BASE_BUNDLE_LIST}" "${SOS_BUNDLE_APPEND} 205 206 207# check valid images type 208if [[ ${IMAGE} != "sos" && ${IMAGE} != "laag" && ${IMAGE} != "all" ]]; then 209 echo "--images-type: must be one of sos, laag, all, and default is all" 210 exit 1 211fi 212 213# check valid LaaG image and vdisk sizes 214if [[ ${IMAGE} == "sos" || ${IMAGE} == "all" ]]; then 215 if [[ ! ${VERSION} ]]; then 216 echo "--clearlinux-version: must be provided for SOS images building." 217 exit 1 218 fi 219fi 220 221# check valid LaaG image and vdisk sizes 222if [[ ${IMAGE} == "laag" || ${IMAGE} == "all" ]] && [[ ! ${LAAG_JSON} ]]; then 223 echo "--laag-uos is mandatory option for laag image build" 224 exit 1 225fi 226 227# check superuser privileges 228if [[ $EUID -ne 0 ]]; then 229 echo "Need to be run as root" 230 exit 1 231fi 232 233trap cleanup EXIT 234 235# mkdir tmp for tempoaray files 236mkdir tmp 237echo mkdir tmp >> .cleanup 238 239#download debug key for iasimage signing 240curl -o tmp/bxt_dbg_priv_key.pem -k ${SIGN_KEY} || 241{ 242 echo "Failed to retrieve debug key" 243 exit 1 244} 245 246# Add iasimage bundle 247swupd bundle-add iasimage --contenturl=$MIRRORURL --versionurl=$MIRRORURL || 248{ 249 echo "Failed to swupd add iasimage" 250 exit 1 251} 252 253if [[ ${IMAGE} == 'sos' || ${IMAGE} == 'all' ]] 254then 255 if create_sos_images 256 then 257 echo "Successful create sos images" 258 else 259 echo "Failed to create sos images" 260 exit 1 261 fi 262fi 263 264if [[ ${IMAGE} == 'laag' || ${IMAGE} == 'all' ]] 265then 266 if create_uos_images 267 then 268 echo "Successful create uos images" 269 else 270 echo "Failed to create uos images" 271 exit 1 272 fi 273fi 274 275exit 0 276 277