Date   

CIP IRC weekly meeting today on libera.chat

Jan Kiszka
 

Hi all,

Kindly be reminded to attend the weekly meeting through IRC to discuss
technical topics with CIP kernel today.

Please note that we moved from Freenode to libera.chat. Our channel is
the following:

irc:irc.libera.chat:6667/cip

Furthermore note that the IRC meeting is now scheduled to UTC (GMT) 13:00:

https://www.timeanddate.com/worldclock/meetingdetails.html?year=2021&month=11&day=25&hour=13&min=0&sec=0&p1=224&p2=179&p3=136&p4=37&p5=241&p6=248

USWest USEast UK DE TW JP
06:00 09:00 13:00 14:00 21:00 22:00

Last meeting minutes:

https://irclogs.baserock.org/meetings/cip/2021/11/cip.2021-11-18-13.00.log.html

* Action item
1. Combine root filesystem with kselftest binary - iwamatsu & alicef
2. Look into S3 artifact upload issues - patersonc
* Kernel maintenance updates
* Kernel testing
* AOB

Jan


Re: [isar-cip-core][PATCH 0/2] start-qemu add missing option

Jan Kiszka
 

On 24.11.21 16:17, Q. Gylstorff wrote:
From: Quirin Gylstorff <quirin.gylstorff@...>

Add the missing option for cip-core-image-security.
Add documentation for start-qemu.sh defaults from kas-container menu

Quirin Gylstorff (2):
start-qemu.sh: Add defaults for IMAGE_SECURITY
README: Add information about start-qemu-defaults with menu config

README.md | 6 ++++--
doc/README.secureboot.md | 7 +++++++
start-qemu.sh | 3 +++
3 files changed, 14 insertions(+), 2 deletions(-)
Both applied, I've just made the wording in README.md even clearer.

Thanks,
Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux


Re: New CVE entries in this week

Masami Ichikawa
 

Hi !

On Thu, Nov 25, 2021 at 11:42 AM Masami Ichikawa via
lists.cip-project.org
<masami.ichikawa=miraclelinux.com@...> wrote:

Hi !

It's this week's CVE report.

This week reported two new CVEs.

* New CVEs

CVE-2021-33098: Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

CVSS v3 score is 5.5 MEDIUM.

Intel released fixed version of driver kit. Not sure this CVE affects mainline's source code.

Fixed status

Intel released fixed version of driver kit.

CVE-2021-4001: bpf: Fix toctou on read-only map''s constant scalar tracking

CVSS v3 score is not provided.

This bug was introduced in 5.5-rc1 and fixed in 5.16-rc2. Patch for 5.15 is in stable-rt tree. Patch for 5.4(https://lore.kernel.org/stable/163757721744154@kroah.com/) and 5.10(https://lore.kernel.org/stable/1637577215186161@kroah.com/) are failed to apply. However, this bug was introduced in 5.5-rc1 so 5.4 can be ignored?
Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]
I attached a patch for 5.10.

* Updated CVEs

CVE-2021-3640: UAF in sco_send_frame function

5.10 and 5.15 are fixed this week.

Fixed status

mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]

CVE-2021-43975: atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait

The mainline kernel was fixed in 5.16-rc2.

Fixed status

mainline: [b922f622592af76b57cbc566eaeccda0b31a3496]

Currently tracking CVEs

CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2

There is no fix information.

CVE-2020-26555: BR/EDR pin code pairing broken

No fix information

CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM

No fix information.

CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning

No fix information.

Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
:masami.ichikawa@...


New CVE entries in this week

Masami Ichikawa
 

Hi !

It's this week's CVE report.

This week reported two new CVEs.

* New CVEs

CVE-2021-33098: Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

CVSS v3 score is 5.5 MEDIUM.

Intel released fixed version of driver kit. Not sure this CVE affects mainline's source code.

Fixed status

Intel released fixed version of driver kit.

CVE-2021-4001: bpf: Fix toctou on read-only map''s constant scalar tracking

CVSS v3 score is not provided.

This bug was introduced in 5.5-rc1 and fixed in 5.16-rc2.  Patch for 5.15 is in stable-rt tree. Patch for 5.4(https://lore.kernel.org/stable/163757721744154@.../) and 5.10(https://lore.kernel.org/stable/1637577215186161@.../) are failed to apply. However, this bug was introduced in 5.5-rc1 so 5.4 can be ignored?
Fixed status

mainline: [353050be4c19e102178ccc05988101887c25ae53]

* Updated CVEs

CVE-2021-3640: UAF in sco_send_frame function

5.10 and 5.15 are fixed this week.

Fixed status

mainline: [99c23da0eed4fd20cae8243f2b51e10e66aa0951]
stable/5.10: [4dfba42604f08a505f1a1efc69ec5207ea6243de]
stable/5.14: [2c2b295af72e4e30d17556375e100ae65ac0b896]
stable/5.15: [b990c219c4c9d4993ef65ea9db73d9497e70f697]
stable/5.4: [d416020f1a9cc5f903ae66649b2c56d9ad5256ab]

CVE-2021-43975: atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait

The mainline kernel was fixed in 5.16-rc2.

Fixed status

mainline: [b922f622592af76b57cbc566eaeccda0b31a3496]

Currently tracking CVEs

CVE-2021-31615: Unencrypted Bluetooth Low Energy baseband links in
Bluetooth Core Specifications 4.0 through 5.2

There is no fix information.

CVE-2020-26555: BR/EDR pin code pairing broken

No fix information

CVE-2020-26556: kernel: malleable commitment Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26557: kernel: predictable Authvalue in Bluetooth Mesh
Provisioning Leads to MITM

No fix information.

CVE-2020-26559: kernel: Authvalue leak in Bluetooth Mesh Provisioning

No fix information.

CVE-2020-26560: kernel: impersonation attack in Bluetooth Mesh Provisioning

No fix information.

Regards,

--
Masami Ichikawa
Cybertrust Japan Co., Ltd.

Email :masami.ichikawa@...
          :masami.ichikawa@...


Re: [PATCH v2 0/3] start-qemu.sh: Add some ease of use functionality

Quirin Gylstorff
 

Hi Jan,

please Ignore v2. I sent the changes in a extra patchset.

Quirin

On 11/24/21 3:31 PM, Quirin Gylstorff via lists.cip-project.org wrote:
From: Quirin Gylstorff <quirin.gylstorff@...>
Fix booting of secure-boot image
Parse .config.yaml for ease of use and reduced commandline clutter
Changes V2:
- Add Sentence to README
- Add default cip-core-image-security
Quirin Gylstorff (3):
start-qemu.sh: set bootindex for SECURE_BOOT
start-qemu.sh: parse .config.yaml for ease of use
start-qemu.sh: Simplify qemu call
README.md | 6 ++++--
start-qemu.sh | 36 +++++++++++++++++++++++++++---------
2 files changed, 31 insertions(+), 11 deletions(-)


[isar-cip-core][PATCH 0/2] start-qemu add missing option

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@...>

Add the missing option for cip-core-image-security.
Add documentation for start-qemu.sh defaults from kas-container menu

Quirin Gylstorff (2):
start-qemu.sh: Add defaults for IMAGE_SECURITY
README: Add information about start-qemu-defaults with menu config

README.md | 6 ++++--
doc/README.secureboot.md | 7 +++++++
start-qemu.sh | 3 +++
3 files changed, 14 insertions(+), 2 deletions(-)

--
2.30.2


[isar-cip-core][PATCH 1/2] start-qemu.sh: Add defaults for IMAGE_SECURITY

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@...>

for ease of use

Suggested-by: Jan Kiszka <jan.kiszka@...>
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...>
---
start-qemu.sh | 3 +++
1 file changed, 3 insertions(+)

diff --git a/start-qemu.sh b/start-qemu.sh
index 4817790..a92e9f4 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -40,6 +40,9 @@ fi

if [ -z "${TARGET_IMAGE}" ];then
TARGET_IMAGE="cip-core-image"
+ if grep -s -q "IMAGE_SECURITY: true" .config.yaml; then
+ TARGET_IMAGE="cip-core-image-security"
+ fi
fi

case "$1" in
--
2.30.2


[isar-cip-core][PATCH 2/2] README: Add information about start-qemu-defaults with menu config

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@...>

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...>
---
README.md | 6 ++++--
doc/README.secureboot.md | 7 +++++++
2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 53ef679..bd707a4 100644
--- a/README.md
+++ b/README.md
@@ -38,8 +38,10 @@ Run, e.g.,

./start-qemu.sh x86

-when having built a QEMU AMD64 image. A security image for QEMU can be started
-like this:
+when having built a QEMU AMD64 image. Using the image configuration menu will
+initialize variables used by start-qemu.sh with fitting defaults.
+
+A security image for QEMU can be started like this:

TARGET_IMAGE=cip-core-image-security ./start-qemu.sh x86

diff --git a/doc/README.secureboot.md b/doc/README.secureboot.md
index b5056f2..3c2d524 100644
--- a/doc/README.secureboot.md
+++ b/doc/README.secureboot.md
@@ -181,6 +181,13 @@ SECURE_BOOT=y \
./start-qemu.sh amd64
```

+The image configuration menu will set default values for start-qemu.sh for secureboot
+and the following command is sufficient:
+
+```
+./start-qemu.sh amd64
+```
+
The default `OVMF_VARS.snakeoil_4M.fd` boot to the EFI shell. To boot Linux enter the following command:
```
FS0:\EFI\BOOT\bootx64.efi
--
2.30.2


[PATCH v2 2/3] start-qemu.sh: parse .config.yaml for ease of use

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@...>

Suggested-by: Jan Kiszka <jan.kiszka@...>
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...>
---
README.md | 6 ++++--
start-qemu.sh | 16 +++++++++++++++-
2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 53ef679..bd707a4 100644
--- a/README.md
+++ b/README.md
@@ -38,8 +38,10 @@ Run, e.g.,

./start-qemu.sh x86

-when having built a QEMU AMD64 image. A security image for QEMU can be started
-like this:
+when having built a QEMU AMD64 image. Using the image configuration menu will
+initialize variables used by start-qemu.sh with fitting defaults.
+
+A security image for QEMU can be started like this:

TARGET_IMAGE=cip-core-image-security ./start-qemu.sh x86

diff --git a/start-qemu.sh b/start-qemu.sh
index 2c0a751..94c3611 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -20,15 +20,29 @@ usage()
exit 1
}

+if grep -s -q "IMAGE_SECURE_BOOT: true" .config.yaml; then
+ SECURE_BOOT="true"
+fi
+
if [ -n "${QEMU_PATH}" ]; then
QEMU_PATH="${QEMU_PATH}/"
fi

if [ -z "${DISTRO_RELEASE}" ]; then
- DISTRO_RELEASE="buster"
+ if grep -s -q "DEBIAN_BULLSEYE: true" .config.yaml; then
+ DISTRO_RELEASE="bullseye"
+ elif grep -s -q "DEBIAN_STRETCH: true" .config.yaml; then
+ DISTRO_RELEASE="stretch"
+ else
+ DISTRO_RELEASE="buster"
+ fi
fi
+
if [ -z "${TARGET_IMAGE}" ];then
TARGET_IMAGE="cip-core-image"
+ if grep -s -q "IMAGE_SECURITY: true" .config.yaml; then
+ TARGET_IMAGE="cip-core-image-security"
+ fi
fi

case "$1" in
--
2.30.2


[PATCH v2 3/3] start-qemu.sh: Simplify qemu call

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@...>

Move qemu call out of if clause to avoid code duplications and
use the same behavior for secure boot and non secure boot images.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...>
---
start-qemu.sh | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/start-qemu.sh b/start-qemu.sh
index 94c3611..a92e9f4 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -123,18 +123,16 @@ if [ -n "${SECURE_BOOT}" ]; then
BOOT_FILES="-drive if=pflash,format=raw,unit=0,readonly=on,file=${ovmf_code} \
-drive if=pflash,format=raw,file=${ovmf_vars} \
-drive file=${IMAGE_PREFIX}.wic.img,discard=unmap,if=none,id=disk,format=raw"
- ${QEMU_PATH}${QEMU} \
- -m 1G -serial mon:stdio -netdev user,id=net \
- ${BOOT_FILES} ${QEMU_EXTRA_ARGS} "$@"
else
IMAGE_FILE=$(ls ${IMAGE_PREFIX}.ext4.img)

KERNEL_FILE=$(ls ${IMAGE_PREFIX}-vmlinu* | tail -1)
INITRD_FILE=$(ls ${IMAGE_PREFIX}-initrd.img* | tail -1)

- ${QEMU_PATH}${QEMU} \
- -m 1G -serial mon:stdio -netdev user,id=net \
- -drive file=${IMAGE_FILE},discard=unmap,if=none,id=disk,format=raw \
+ BOOT_FILES="-drive file=${IMAGE_FILE},discard=unmap,if=none,id=disk,format=raw \
-kernel ${KERNEL_FILE} -append "${KERNEL_CMDLINE}" \
- -initrd ${INITRD_FILE} ${QEMU_EXTRA_ARGS} "$@"
+ -initrd ${INITRD_FILE}"
fi
+${QEMU_PATH}${QEMU} \
+ -m 1G -serial mon:stdio -netdev user,id=net \
+ ${BOOT_FILES} ${QEMU_EXTRA_ARGS} "$@"
--
2.30.2


[PATCH v2 1/3] start-qemu.sh: set bootindex for SECURE_BOOT

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@...>

Set the bootindex to avoid booting into the default uefi shell.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...>
---
start-qemu.sh | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/start-qemu.sh b/start-qemu.sh
index 3f62257..2c0a751 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -39,8 +39,14 @@ case "$1" in
-cpu qemu64 \
-smp 4 \
-machine q35,accel=kvm:tcg \
- -device ide-hd,drive=disk \
-device virtio-net-pci,netdev=net"
+ if [ -n "${SECURE_BOOT}" ]; then
+ QEMU_EXTRA_ARGS=" \
+ ${QEMU_EXTRA_ARGS} -device ide-hd,drive=disk,bootindex=0"
+ else
+ QEMU_EXTRA_ARGS=" \
+ ${QEMU_EXTRA_ARGS} -device ide-hd,drive=disk"
+ fi
KERNEL_CMDLINE=" \
root=/dev/sda"
;;
--
2.30.2


[PATCH v2 0/3] start-qemu.sh: Add some ease of use functionality

Quirin Gylstorff
 

From: Quirin Gylstorff <quirin.gylstorff@...>

Fix booting of secure-boot image
Parse .config.yaml for ease of use and reduced commandline clutter

Changes V2:
- Add Sentence to README
- Add default cip-core-image-security

Quirin Gylstorff (3):
start-qemu.sh: set bootindex for SECURE_BOOT
start-qemu.sh: parse .config.yaml for ease of use
start-qemu.sh: Simplify qemu call

README.md | 6 ++++--
start-qemu.sh | 36 +++++++++++++++++++++++++++---------
2 files changed, 31 insertions(+), 11 deletions(-)

--
2.30.2


Re: [isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality

Quirin Gylstorff
 

On 11/24/21 1:38 PM, Jan Kiszka wrote:
On 24.11.21 13:07, Gylstorff Quirin wrote:


On 11/24/21 12:45 PM, Jan Kiszka wrote:
On 24.11.21 12:44, Jan Kiszka wrote:
On 24.11.21 12:12, Q. Gylstorff wrote:
From: Quirin Gylstorff <quirin.gylstorff@...>

Fix booting of secure-boot image
Parse .config.yaml for ease of use and reduced commandline clutter

Quirin Gylstorff (3):
   start-qemu.sh: set bootindex for SECURE_BOOT
   start-qemu.sh: parse .config.yaml for ease of use
   start-qemu.sh: Simplify qemu call

  start-qemu.sh | 33 ++++++++++++++++++++++++---------
  1 file changed, 24 insertions(+), 9 deletions(-)
Definitely an improvement! But the fact that secure boot comes with a
different target image is not reflected yet.
...or is that only the case with your dm-verity series? Let me check.

Jan
Only dm-verity introduces the new target.
Yep, confirmed.
Will take all three if you could also update the documentation (on-top),
stating that building via "menu" will initialize the start-qemu vars
with fitting defaults.
Jan
I will send a v2. Did miss cip-core-image-security.

Quirin


Re: Replacing BBB kernel config: Status and AIs

Kazuhiro Hayashi
 

Hi Quirin,

[...]

Sorry, v2 was lying around at [1].


[1]:
https://gitlab.com/Quirin.Gy/cip-kernel-config/-/tree/feature/bbb-isar-config
OK, thanks for creating these patches!


Testing is missing.
Toshiba members can test them using our BBB.
Please let me know if you already have the steps to testing.

Best regards,
Kazu



Best regards,
Kazu
Quirin


Re: [isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality

Jan Kiszka
 

On 24.11.21 13:07, Gylstorff Quirin wrote:


On 11/24/21 12:45 PM, Jan Kiszka wrote:
On 24.11.21 12:44, Jan Kiszka wrote:
On 24.11.21 12:12, Q. Gylstorff wrote:
From: Quirin Gylstorff <quirin.gylstorff@...>

Fix booting of secure-boot image
Parse .config.yaml for ease of use and reduced commandline clutter

Quirin Gylstorff (3):
   start-qemu.sh: set bootindex for SECURE_BOOT
   start-qemu.sh: parse .config.yaml for ease of use
   start-qemu.sh: Simplify qemu call

  start-qemu.sh | 33 ++++++++++++++++++++++++---------
  1 file changed, 24 insertions(+), 9 deletions(-)
Definitely an improvement! But the fact that secure boot comes with a
different target image is not reflected yet.
...or is that only the case with your dm-verity series? Let me check.

Jan
Only dm-verity introduces the new target.
Yep, confirmed.

Will take all three if you could also update the documentation (on-top),
stating that building via "menu" will initialize the start-qemu vars
with fitting defaults.

Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux


Re: Replacing BBB kernel config: Status and AIs

Quirin Gylstorff
 

Hi,

On 11/24/21 1:02 PM, Kazuhiro Hayashi via lists.cip-project.org wrote:
Hello Jan, Quirin,
In CIP Core meeting today, we tried to discuss the current status of the activity[0]
to replace the kernel config for BBB in isar-cip-core (bbb_defconfig)
by cip-kernel-configs (cip_bbb_defconfig), but there was no enough time to conclude this.
Questions:
Do you have any plan to create the patch v2[1] to add some configs to cip_bbb_defconfig (for both 4.4 and 4.19?)
If yes, is the next step to create the patch v2 then test swupdate with 4.4 and 4.19 kernel on BBB?
You can find the meeting note[2] related to this topic.
[0] https://lore.kernel.org/cip-dev/f8f989ef-7ee2-42ee-a922-f53c6d2b07fe@siemens.com/T/#m864738e612f98752d216bc976135c274fd73eaa4
[1] https://lore.kernel.org/cip-dev/f8f989ef-7ee2-42ee-a922-f53c6d2b07fe@siemens.com/T/#m4b75aee175603bd1f06a8eec2b47ac08bda85c5a
[2] https://docs.google.com/document/d/1MwHdFd6QuXcdQfxvaLkcm1sqo9zEC-CWxjof8OJFXLM/edit#heading=h.e88ar5knf3z8
Sorry, v2 was lying around at [1].


[1]: https://gitlab.com/Quirin.Gy/cip-kernel-config/-/tree/feature/bbb-isar-config

Testing is missing.

Best regards,
Kazu
Quirin


Re: [isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality

Quirin Gylstorff
 

On 11/24/21 12:45 PM, Jan Kiszka wrote:
On 24.11.21 12:44, Jan Kiszka wrote:
On 24.11.21 12:12, Q. Gylstorff wrote:
From: Quirin Gylstorff <quirin.gylstorff@...>

Fix booting of secure-boot image
Parse .config.yaml for ease of use and reduced commandline clutter

Quirin Gylstorff (3):
start-qemu.sh: set bootindex for SECURE_BOOT
start-qemu.sh: parse .config.yaml for ease of use
start-qemu.sh: Simplify qemu call

start-qemu.sh | 33 ++++++++++++++++++++++++---------
1 file changed, 24 insertions(+), 9 deletions(-)
Definitely an improvement! But the fact that secure boot comes with a
different target image is not reflected yet.
...or is that only the case with your dm-verity series? Let me check.
Jan
Only dm-verity introduces the new target.

Quirin


Replacing BBB kernel config: Status and AIs

Kazuhiro Hayashi
 

Hello Jan, Quirin,

In CIP Core meeting today, we tried to discuss the current status of the activity[0]
to replace the kernel config for BBB in isar-cip-core (bbb_defconfig)
by cip-kernel-configs (cip_bbb_defconfig), but there was no enough time to conclude this.

Questions:
Do you have any plan to create the patch v2[1] to add some configs to cip_bbb_defconfig (for both 4.4 and 4.19?)
If yes, is the next step to create the patch v2 then test swupdate with 4.4 and 4.19 kernel on BBB?

You can find the meeting note[2] related to this topic.

[0] https://lore.kernel.org/cip-dev/f8f989ef-7ee2-42ee-a922-f53c6d2b07fe@siemens.com/T/#m864738e612f98752d216bc976135c274fd73eaa4
[1] https://lore.kernel.org/cip-dev/f8f989ef-7ee2-42ee-a922-f53c6d2b07fe@siemens.com/T/#m4b75aee175603bd1f06a8eec2b47ac08bda85c5a
[2] https://docs.google.com/document/d/1MwHdFd6QuXcdQfxvaLkcm1sqo9zEC-CWxjof8OJFXLM/edit#heading=h.e88ar5knf3z8

Best regards,
Kazu


Re: [isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality

Jan Kiszka
 

On 24.11.21 12:44, Jan Kiszka wrote:
On 24.11.21 12:12, Q. Gylstorff wrote:
From: Quirin Gylstorff <quirin.gylstorff@...>

Fix booting of secure-boot image
Parse .config.yaml for ease of use and reduced commandline clutter

Quirin Gylstorff (3):
start-qemu.sh: set bootindex for SECURE_BOOT
start-qemu.sh: parse .config.yaml for ease of use
start-qemu.sh: Simplify qemu call

start-qemu.sh | 33 ++++++++++++++++++++++++---------
1 file changed, 24 insertions(+), 9 deletions(-)
Definitely an improvement! But the fact that secure boot comes with a
different target image is not reflected yet.
...or is that only the case with your dm-verity series? Let me check.

Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux


Re: [isar-cip-core][PATCH 0/3] start-qemu.sh: Add some ease of use functionality

Jan Kiszka
 

On 24.11.21 12:12, Q. Gylstorff wrote:
From: Quirin Gylstorff <quirin.gylstorff@...>

Fix booting of secure-boot image
Parse .config.yaml for ease of use and reduced commandline clutter

Quirin Gylstorff (3):
start-qemu.sh: set bootindex for SECURE_BOOT
start-qemu.sh: parse .config.yaml for ease of use
start-qemu.sh: Simplify qemu call

start-qemu.sh | 33 ++++++++++++++++++++++++---------
1 file changed, 24 insertions(+), 9 deletions(-)
Definitely an improvement! But the fact that secure boot comes with a
different target image is not reflected yet.

Jan

--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux

3161 - 3180 of 10169