From e18d9b87a820462b06337f4549da4e1b10366f93 Mon Sep 17 00:00:00 2001
From: Patrick Vogelaar <patrick.vogelaar@belden.com>
Date: Sun, 25 Feb 2024 20:33:34 +0100
Subject: [PATCH 1/2] fix(qemu-coreos-arm64): fix several issues and
 refactoring

* rework machine conf to only build necessary stuff
* in *.wks file switch from ondisk to use-uuid the solves an issue that during
  boot the user data partition could not be mounted because user data was set
  to mmcblk1 in fstab but actually was sda
* kenrel options were missing for dmcrypt to create secure storage. those are
  now added to all machines using linux-yocto source and use the
  meta-belden-coreos-bsp layer
---
 .../conf/machine/qemu-coreos-arm64.conf              |  4 ++--
 .../recipes-kernel/linux/files/secure-storage.cfg    |  4 ++++
 .../recipes-kernel/linux/linux-yocto_%.bbappend      |  2 ++
 .../wic/qemu-efi-coreos-generic.wks.in               | 12 ++++++------
 4 files changed, 14 insertions(+), 8 deletions(-)
 create mode 100644 layers/meta-belden-coreos-bsp/recipes-kernel/linux/files/secure-storage.cfg
 create mode 100644 layers/meta-belden-coreos-bsp/recipes-kernel/linux/linux-yocto_%.bbappend

diff --git a/layers/meta-belden-coreos-bsp/conf/machine/qemu-coreos-arm64.conf b/layers/meta-belden-coreos-bsp/conf/machine/qemu-coreos-arm64.conf
index 3507392..c40e3d4 100644
--- a/layers/meta-belden-coreos-bsp/conf/machine/qemu-coreos-arm64.conf
+++ b/layers/meta-belden-coreos-bsp/conf/machine/qemu-coreos-arm64.conf
@@ -6,9 +6,9 @@
 require conf/machine/qemu-generic-arm64.conf
 MACHINEOVERRIDES =. "qemu-generic-arm64:"
 
-IMAGE_FSTYPES += "wic.xz wic.bmap"
+COREOS_IMAGE_GENERATE_INSTALLER = "0"
+
 WKS_FILE = "qemu-efi-coreos-generic.wks.in"
-QB_DRIVE_TYPE = "/dev/sd"
 
 EFIBOOTGUARD_TIMEOUT ?= "0"
 require conf/machine/include/coreos-generic-features/efi.inc
diff --git a/layers/meta-belden-coreos-bsp/recipes-kernel/linux/files/secure-storage.cfg b/layers/meta-belden-coreos-bsp/recipes-kernel/linux/files/secure-storage.cfg
new file mode 100644
index 0000000..07ef65b
--- /dev/null
+++ b/layers/meta-belden-coreos-bsp/recipes-kernel/linux/files/secure-storage.cfg
@@ -0,0 +1,4 @@
+CONFIG_BLK_DEV_DM=y
+CONFIG_KEYS=y
+CONFIG_ENCRYPTED_KEYS=y
+CONFIG_DM_CRYPT=y
\ No newline at end of file
diff --git a/layers/meta-belden-coreos-bsp/recipes-kernel/linux/linux-yocto_%.bbappend b/layers/meta-belden-coreos-bsp/recipes-kernel/linux/linux-yocto_%.bbappend
new file mode 100644
index 0000000..e2c6aba
--- /dev/null
+++ b/layers/meta-belden-coreos-bsp/recipes-kernel/linux/linux-yocto_%.bbappend
@@ -0,0 +1,2 @@
+# Set kernel config needed by secure-storage
+SRC_URI += "file://secure-storage.cfg"
diff --git a/layers/meta-belden-coreos-bsp/wic/qemu-efi-coreos-generic.wks.in b/layers/meta-belden-coreos-bsp/wic/qemu-efi-coreos-generic.wks.in
index dfcd3d7..1db9345 100644
--- a/layers/meta-belden-coreos-bsp/wic/qemu-efi-coreos-generic.wks.in
+++ b/layers/meta-belden-coreos-bsp/wic/qemu-efi-coreos-generic.wks.in
@@ -2,11 +2,11 @@
 # long-description: Creates a partitioned EFI disk image that the user
 # can directly dd to boot media.
 
-part --source efibootguard-efi --label efi --part-type=EF00 --ondisk mmcblk1 --offset 20480S --size 64M --extra-space 0 --overhead-factor 1
-part / --source rootfs --fstype=ext4 --label rootfs0 --ondisk mmcblk1 --size ${WKS_PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
-part --fstype=ext4 --label rootfs1 --ondisk mmcblk1 --size ${WKS_PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
-part --source efibootguard-boot --label ebg0 --part-type=0700 --sourceparams "args=coreos.root=rootfs0,watchdog=${EFIBOOTGUARD_TIMEOUT},revision=2,kernel=${COREOS_KERNEL_FILENAME};KERNEL.EFI" --ondisk mmcblk1  --align 1024 --size 128M --extra-space 0 --overhead-factor 1
-part --source efibootguard-boot --label ebg1 --part-type=0700 --sourceparams "args=coreos.root=rootfs1,watchdog=${EFIBOOTGUARD_TIMEOUT},revision=1,kernel=${COREOS_KERNEL_FILENAME};KERNEL.EFI" --ondisk mmcblk1  --align 1024 --size 128M --extra-space 0 --overhead-factor 1
-${WKS_PART_USERDATA} --ondisk mmcblk1 --size ${WKS_PART_USERDATA_SIZE} --extra-space 0 --overhead-factor 1
+part --source efibootguard-efi --label efi --part-type=EF00 --use-uuid --offset 20480S --size 64M --extra-space 0 --overhead-factor 1
+part / --source rootfs --fstype=ext4 --label rootfs0 --use-uuid --size ${WKS_PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
+part --fstype=ext4 --label rootfs1 --use-uuid --size ${WKS_PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
+part --source efibootguard-boot --label ebg0 --part-type=0700 --sourceparams "args=coreos.root=rootfs0,watchdog=${EFIBOOTGUARD_TIMEOUT},revision=2,kernel=${COREOS_KERNEL_FILENAME};KERNEL.EFI" --use-uuid  --align 1024 --size 128M --extra-space 0 --overhead-factor 1
+part --source efibootguard-boot --label ebg1 --part-type=0700 --sourceparams "args=coreos.root=rootfs1,watchdog=${EFIBOOTGUARD_TIMEOUT},revision=1,kernel=${COREOS_KERNEL_FILENAME};KERNEL.EFI" --use-uuid  --align 1024 --size 128M --extra-space 0 --overhead-factor 1
+${WKS_PART_USERDATA} --use-uuid --size ${WKS_PART_USERDATA_SIZE} --extra-space 0 --overhead-factor 1
 
 bootloader --ptable gpt
\ No newline at end of file

From c2ebce47f1dee56f10bd196601896b27f797852d Mon Sep 17 00:00:00 2001
From: Patrick Vogelaar <patrick.vogelaar@belden.com>
Date: Sun, 25 Feb 2024 23:23:23 +0100
Subject: [PATCH 2/2] fix(qemu-coreos-arm64): add image to k-stufen

---
 .../classes/coreos-image-ci.bbclass                 | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/layers/meta-belden-coreos/classes/coreos-image-ci.bbclass b/layers/meta-belden-coreos/classes/coreos-image-ci.bbclass
index 890cbd9..95d4ec1 100644
--- a/layers/meta-belden-coreos/classes/coreos-image-ci.bbclass
+++ b/layers/meta-belden-coreos/classes/coreos-image-ci.bbclass
@@ -3,6 +3,7 @@
 # > COREOS_IMAGE_EXTRACLASSES += "coreos-image-ci"
 # in auto.conf (or local.conf)
 
+inherit kernel-artifact-names
 
 def get_coreos_ci_artifacts(d):
     artifacts = []
@@ -12,11 +13,11 @@ def get_coreos_ci_artifacts(d):
 
     # Container handling
     # ==========================================================================
-    
+
     if bb.utils.contains('IMAGE_FSTYPES', 'oci', True, False, d):
 
         artifacts.append(d.getVar('IMAGE_LINK_NAME') + '.rootfs-oci.tar')
-        
+
         # Special case for container, we just need the OCI tarball
         return " ".join(artifacts)
 
@@ -25,10 +26,14 @@ def get_coreos_ci_artifacts(d):
 
     if bb.utils.contains('IMAGE_FSTYPES', 'wic.xz', True, False, d):
         artifacts.append(d.getVar('IMAGE_LINK_NAME') + '.wic.xz')
-    
+
     if bb.utils.contains('IMAGE_FSTYPES', 'wic.bmap', True, False, d):
         artifacts.append(d.getVar('IMAGE_LINK_NAME') + '.wic.bmap')
 
+    # This is used for qemu-coreos-arm64
+    if bb.utils.contains('IMAGE_FSTYPES', 'wic.qcow2', True, False, d):
+        artifacts.append(d.getVar('IMAGE_LINK_NAME') + '.wic.qcow2')
+
     if d.getVar('COREOS_IMAGE_GENERATE_SWU') == '1':
         artifacts.append(d.getVar('IMAGE_LINK_NAME') + '.swu')
 
@@ -90,5 +95,5 @@ do_deploy_ci() {
     for file in ${COREOS_CI_DEPLOY_ARTIFACTS}; do
         echo $file >> $output
     done
-} 
+}
 addtask deploy_ci after do_image before do_build
\ No newline at end of file