Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OSModifier: Extend EMU API to update verity and root device #33

Open
wants to merge 4 commits into
base: main
Choose a base branch
from

Conversation

elainezhao96
Copy link
Contributor

@elainezhao96 elainezhao96 commented Dec 13, 2024


This is a pr that moved from https://github.com/microsoft/azurelinux/pull/10584/files from old repo with comments addressed.

Changes included:

  • Add verity and root device to EMU API (Did not make Verity a list like in MIC because Trident logic filters root Verity)
  • Add a dedicated verity type for EMU as there are less fields needed in trident (see here)
  • revised EMU GRUB update logic to create bootCustomizer and call WriteToFile just once

Checklist

  • Code conforms to style guidelines

@elainezhao96 elainezhao96 marked this pull request as ready for review December 13, 2024 21:49
@elainezhao96 elainezhao96 requested a review from a team as a code owner December 13, 2024 21:49
// Must be 'root' for the rootfs (/) filesystem.
Name string `yaml:"name"`
// The ID of the 'Partition' to use as the data partition.
DataDeviceId string `yaml:"dataDeviceId"`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rename to DataDevice and HashDevice.

(The Id suffix refers to the Id property on Partition type.)

if err != nil {
return err
}
err = imagecustomizerlib.AddKernelCommandLine(osConfig.KernelCommandLine.ExtraCommandLine, dummyChroot)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You could call bootCustomizer.AddKernelCommandLine here.

@fintelia
Copy link
Contributor

Might be worth checking whether the differences between MIC and Trident's verity handling are because Trident doesn't need all the same functionality, or if they're partly things that Trident just hasn't implemented yet. For instance, I know that /usr verity is something that we've talked about wanting for Trident, though that would be instead of root verity so there'd still only be one verity device.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants