mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-06 04:26:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Switch from raw (.fd) EDK2 firmware images to QCOW2, plus 4MB on amd64

Browse Source 
The new arm64 firmware supporting Secure Boot (see next commit) is in
QCOW2 format only, avoiding the extra space taken up by the 64MB
padding. Supporting both raw and QCOW2 images would be messy, so switch
entirely to QCOW2.

Only the 4MB images are in QCOW2 format on amd64, so also switch away
from the 2MB images. 4MB images are now the default for most
distributions as they are needed to apply certain Windows updates.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
This commit is contained in:
James Le Cuirot 2024-10-02 11:15:57 +01:00
parent d67c395456
commit d1ba9b19fb
No known key found for this signature in database
GPG Key ID: 1226415D00DD3137
8 changed files with 24 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/ci.yaml vendored
View File

@ -278,7 +278,7 @@ jobs:
scripts/artifacts/images/flatcar_production_image*.txt scripts/artifacts/images/flatcar_production_image*.txt
scripts/artifacts/images/flatcar_production_image*.json scripts/artifacts/images/flatcar_production_image*.json
scripts/artifacts/images/flatcar_production_image_pcr_policy.zip scripts/artifacts/images/flatcar_production_image_pcr_policy.zip
scripts/artifacts/images/flatcar_production_*_efi_*.fd scripts/artifacts/images/flatcar_production_*_efi_*.qcow2
scripts/artifacts/images/flatcar_production_qemu.sh scripts/artifacts/images/flatcar_production_qemu.sh
- name: Upload developer container - name: Upload developer container
@ -317,7 +317,7 @@ jobs:
path: | path: |
scripts/artifacts/images/*.img scripts/artifacts/images/*.img
scripts/artifacts/images/*.bin scripts/artifacts/images/*.bin
scripts/artifacts/images/flatcar_production_*_efi_*.fd scripts/artifacts/images/flatcar_production_*_efi_*.qcow2
scripts/artifacts/images/*.txt scripts/artifacts/images/*.txt
scripts/artifacts/images/flatcar-*.raw scripts/artifacts/images/flatcar-*.raw
scripts/artifacts/images/flatcar_production_*.sh scripts/artifacts/images/flatcar_production_*.sh

6
.github/workflows/run-kola-tests.yaml vendored
View File

@ -162,7 +162,7 @@ jobs:
# Extract the generic image we'll use for qemu tests. # Extract the generic image we'll use for qemu tests.
# Note that the qemu[_uefi] tests use the generic image instead of the # Note that the qemu[_uefi] tests use the generic image instead of the
# qemu vendor VM image ("Astronaut: [...] Always have been."). # qemu vendor VM image ("Astronaut: [...] Always have been.").
mv flatcar_production_image.bin flatcar_production_qemu_uefi_efi_code.fd flatcar_production_qemu_uefi_efi_vars.fd scripts/ mv flatcar_production_image.bin flatcar_production_qemu_uefi_efi_code.qcow2 flatcar_production_qemu_uefi_efi_vars.qcow2 scripts/
mv flatcar_test_update.gz scripts/ mv flatcar_test_update.gz scripts/
@ -197,8 +197,8 @@ jobs:
cat > sdk_container/.env <<EOF cat > sdk_container/.env <<EOF
# export the QEMU_IMAGE_NAME to avoid to download it. # export the QEMU_IMAGE_NAME to avoid to download it.
export QEMU_IMAGE_NAME="/work/flatcar_production_image.bin" export QEMU_IMAGE_NAME="/work/flatcar_production_image.bin"
export QEMU_UEFI_FIRMWARE="/work/flatcar_production_qemu_uefi_efi_code.fd" export QEMU_UEFI_FIRMWARE="/work/flatcar_production_qemu_uefi_efi_code.qcow2"
export QEMU_UEFI_OVMF_VARS="/work/flatcar_production_qemu_uefi_efi_vars.fd" export QEMU_UEFI_OVMF_VARS="/work/flatcar_production_qemu_uefi_efi_vars.qcow2"
export QEMU_UPDATE_PAYLOAD="/work/flatcar_test_update.gz" export QEMU_UPDATE_PAYLOAD="/work/flatcar_test_update.gz"
export QEMU_DEVCONTAINER_URL="http://${TESTS_WEBSERVER_IP}:${TESTS_WEBSERVER_PORT}" export QEMU_DEVCONTAINER_URL="http://${TESTS_WEBSERVER_IP}:${TESTS_WEBSERVER_PORT}"
export QEMU_DEVCONTAINER_BINHOST_URL="http://${TESTS_WEBSERVER_IP}:${TESTS_WEBSERVER_PORT}" export QEMU_DEVCONTAINER_BINHOST_URL="http://${TESTS_WEBSERVER_IP}:${TESTS_WEBSERVER_PORT}"

4
build_library/qemu_template.sh
View File

@ -274,8 +274,8 @@ fi
if [ -n "${VM_PFLASH_RO}" ] && [ -n "${VM_PFLASH_RW}" ]; then if [ -n "${VM_PFLASH_RO}" ] && [ -n "${VM_PFLASH_RW}" ]; then
set -- \ set -- \
-drive if=pflash,unit=0,file="${SCRIPT_DIR}/${VM_PFLASH_RO}",format=raw,readonly=on \ -drive if=pflash,unit=0,file="${SCRIPT_DIR}/${VM_PFLASH_RO}",format=qcow2,readonly=on \
-drive if=pflash,unit=1,file="${SCRIPT_DIR}/${VM_PFLASH_RW}",format=raw "$@" -drive if=pflash,unit=1,file="${SCRIPT_DIR}/${VM_PFLASH_RW}",format=qcow2 "$@"
fi fi
if [ -n "${IGNITION_CONFIG_FILE}" ]; then if [ -n "${IGNITION_CONFIG_FILE}" ]; then

20
build_library/vm_image_util.sh
View File

@ -825,25 +825,23 @@ _write_qemu_conf() {
} }
_write_qemu_uefi_conf() { _write_qemu_uefi_conf() {
local flash_ro="$(_dst_name "_efi_code.fd")" local flash_ro="$(_dst_name "_efi_code.qcow2")"
local flash_rw="$(_dst_name "_efi_vars.fd")" local flash_rw="$(_dst_name "_efi_vars.qcow2")"
local script="$(_dst_dir)/$(_dst_name ".sh")" local script="$(_dst_dir)/$(_dst_name ".sh")"
_write_qemu_conf _write_qemu_conf
case $BOARD in case $BOARD in
amd64-usr) amd64-usr)
cp "/usr/share/edk2-ovmf/OVMF_CODE.fd" "$(_dst_dir)/${flash_ro}" cp "/usr/share/edk2/OvmfX64/OVMF_CODE_4M.qcow2" "$(_dst_dir)/${flash_ro}"
cp "/usr/share/edk2-ovmf/OVMF_VARS.fd" "$(_dst_dir)/${flash_rw}" cp "/usr/share/edk2/OvmfX64/OVMF_VARS_4M.qcow2" "$(_dst_dir)/${flash_rw}"
;; ;;
arm64-usr) arm64-usr)
# Get edk2 files into local build workspace. # Get edk2 files into local build workspace.
info "Updating edk2 in /build/${BOARD}" info "Updating edk2 in /build/${BOARD}"
emerge-${BOARD} --nodeps --select --verbose --update --getbinpkg --newuse sys-firmware/edk2-aarch64 emerge-${BOARD} --nodeps --select --verbose --update --getbinpkg --newuse sys-firmware/edk2-aarch64
cp "${BOARD_ROOT}/usr/share/AAVMF/AAVMF_CODE.fd" "$(_dst_dir)/${flash_ro}" cp "${BOARD_ROOT}/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.qcow2" "$(_dst_dir)/${flash_ro}"
cp "${BOARD_ROOT}/usr/share/AAVMF/AAVMF_VARS.fd" "$(_dst_dir)/${flash_rw}" cp "${BOARD_ROOT}/usr/share/edk2/aarch64/vars-template-pflash.qcow2" "$(_dst_dir)/${flash_rw}"
truncate -s 64M "$(_dst_dir)/${flash_ro}"
truncate -s 64M "$(_dst_dir)/${flash_rw}"
;; ;;
esac esac
@ -866,13 +864,13 @@ _write_qemu_uefi_conf() {
} }
_write_qemu_uefi_secure_conf() { _write_qemu_uefi_secure_conf() {
local flash_rw="$(_dst_name "_efi_vars.fd")" local flash_rw="$(_dst_name "_efi_vars.qcow2")"
local flash_ro="$(_dst_name "_efi_code.fd")" local flash_ro="$(_dst_name "_efi_code.qcow2")"
local script="$(_dst_dir)/$(_dst_name ".sh")" local script="$(_dst_dir)/$(_dst_name ".sh")"
local owner="00000000-0000-0000-0000-000000000000" local owner="00000000-0000-0000-0000-000000000000"
_write_qemu_uefi_conf _write_qemu_uefi_conf
cp "/usr/share/edk2-ovmf/OVMF_CODE.secboot.fd" "$(_dst_dir)/${flash_ro}" cp "/usr/share/edk2/OvmfX64/OVMF_CODE_4M.secboot.qcow2" "$(_dst_dir)/${flash_ro}"
virt-fw-vars \ virt-fw-vars \
--inplace "$(_dst_dir)/${flash_rw}" \ --inplace "$(_dst_dir)/${flash_rw}" \

1
changelog/changes/2024-11-08-uefi-firmware.md Normal file
View File

@ -0,0 +1 @@
- The UEFI firmware has changed from raw (.fd) format to QCOW2 format. In addition, the amd64 firmware variables are now held in a 4MB image rather than a 2MB image. Note that this firmware is only intended for testing with QEMU. Do not use it in production. ([scripts#2434](https://github.com/flatcar/scripts/pull/2434))

8
ci-automation/ci-config.env
View File

@ -65,10 +65,10 @@ QEMU_FIRMWARE="/usr/share/qemu/bios-256k.bin"
# UEFI firmware filename on build cache. # UEFI firmware filename on build cache.
# Published by vms.sh as part of the qemu vendor build. # Published by vms.sh as part of the qemu vendor build.
QEMU_UEFI_FIRMWARE="${QEMU_UEFI_FIRMWARE:-flatcar_production_qemu_uefi_efi_code.fd}" QEMU_UEFI_FIRMWARE="${QEMU_UEFI_FIRMWARE:-flatcar_production_qemu_uefi_efi_code.qcow2}"
QEMU_UEFI_SECURE_FIRMWARE="${QEMU_UEFI_SECURE_FIRMWARE:-flatcar_production_qemu_uefi_secure_efi_code.fd}" QEMU_UEFI_SECURE_FIRMWARE="${QEMU_UEFI_SECURE_FIRMWARE:-flatcar_production_qemu_uefi_secure_efi_code.qcow2}"
QEMU_UEFI_OVMF_VARS="${QEMU_UEFI_OVMF_VARS:-flatcar_production_qemu_uefi_efi_vars.fd}" QEMU_UEFI_OVMF_VARS="${QEMU_UEFI_OVMF_VARS:-flatcar_production_qemu_uefi_efi_vars.qcow2}"
QEMU_UEFI_SECURE_OVMF_VARS="${QEMU_UEFI_SECURE_OVMF_VARS:-flatcar_production_qemu_uefi_secure_efi_vars.fd}" QEMU_UEFI_SECURE_OVMF_VARS="${QEMU_UEFI_SECURE_OVMF_VARS:-flatcar_production_qemu_uefi_secure_efi_vars.qcow2}"
# Update payload for the qemu_update.sh test. # Update payload for the qemu_update.sh test.
# The default path set below is relative to TEST_WORK_DIR # The default path set below is relative to TEST_WORK_DIR

2
jenkins/kola/qemu_common.sh
View File

@ -7,7 +7,7 @@ if [ "${PLATFORM}" = qemu ]; then
BIOS="bios-256k.bin" BIOS="bios-256k.bin"
elif [ "${PLATFORM}" = qemu_uefi ]; then elif [ "${PLATFORM}" = qemu_uefi ]; then
TIMEOUT="14h" TIMEOUT="14h"
BIOS="/mnt/host/source/tmp/flatcar_production_qemu_uefi_efi_code.fd" BIOS="/mnt/host/source/tmp/flatcar_production_qemu_uefi_efi_code.qcow2"
else else
echo "Unknown platform: \"${PLATFORM}\"" echo "Unknown platform: \"${PLATFORM}\""
fi fi

4
run_local_tests.sh
View File

@ -52,8 +52,8 @@ function set_vars() {
# The local directory ("pwd") will be mounted to /work/ in the container. # The local directory ("pwd") will be mounted to /work/ in the container.
cat > sdk_container/.env <<EOF cat > sdk_container/.env <<EOF
export QEMU_IMAGE_NAME=/work/__build__/images/images/${arch@Q}-usr/latest/flatcar_production_image.bin export QEMU_IMAGE_NAME=/work/__build__/images/images/${arch@Q}-usr/latest/flatcar_production_image.bin
export QEMU_UEFI_FIRMWARE=/work/__build__/images/images/${arch@Q}-usr/latest/flatcar_production_qemu_uefi_efi_code.fd export QEMU_UEFI_FIRMWARE=/work/__build__/images/images/${arch@Q}-usr/latest/flatcar_production_qemu_uefi_efi_code.qcow2
export QEMU_UEFI_OVMF_VARS=/work/__build__/images/images/${arch@Q}-usr/latest/flatcar_production_qemu_uefi_efi_vars.fd export QEMU_UEFI_OVMF_VARS=/work/__build__/images/images/${arch@Q}-usr/latest/flatcar_production_qemu_uefi_efi_vars.qcow2
export QEMU_UPDATE_PAYLOAD=/work/__build__/images/images/${arch@Q}-usr/latest/flatcar_test_update.gz export QEMU_UPDATE_PAYLOAD=/work/__build__/images/images/${arch@Q}-usr/latest/flatcar_test_update.gz
export PARALLEL_TESTS=${parallel@Q} export PARALLEL_TESTS=${parallel@Q}
EOF EOF