Hi, This series adds support for both Chromium OS (or particularly, its kernel-payload signing and disk layout) and for a device using it (the first generation Google WiFi).
Google WiFi (code-named "Gale") is an IPQ4019-based AP. Its hardware is decently supported by the existing ipq40xx target -- see patch 5 for more notes. Notably missing: reboot does not work properly -- I have some separate TrustZone/SCM-related patches I'd like to clean up to enable this later. The "RFC" is mostly for the first part of the series: supporting the verified boot payload utilities and disk layout needed for building images that can be booted by Gale's bootloader (or by other Chromium OS systems). Chromium OS (the open-source OS on which Google builds its Chrome OS) -- "CrOS" for short -- typically boots via Coreboot, plus Depthcharge as a second stage. Such bootloaders utilize a verified boot toolkit [1] to verify each subsequent stage. Of note: 1. The kernel should be placed in a GPT partition with a custom "Chrome OS kernel" GUID type and a few custom flags (to manage the A/B OS updates employed by Chromium OS). CrOS vboot provides the `cgpt` utility for creating and managing such partitions. 2. That partition should hold a vboot payload, signed and packaged per the format documented and implemented at [1]. Using the vboot utilities, this involves the `vbutil_kernel --pack ...` command. My main questions are: (a) How should we establish this custom partition layout (i.e., #1)? In this series, I extend OpenWRT's ptgen to help customize partition types, instead of packaging vboot's `cgpt`. (b) How should we package and sign kernels (#2)? In this series, I adapt and reimplement the `vbutil_kernel` command as a custom `cros-vbutil` utility, rather than packaging Google's utility. (c) How should this integrate into the ipq40xx target? In this series, I add kernel and rootfs partition-size parameters, but it's not clear to me if this fits well into the existing ipq40xx target, or if it should be done differently. For some alternatives (especially on (b)), I did package futility/vbutil_kernel here: https://github.com/openwrt/packages/pull/12829 I could adapt this into tools/ instead, so OpenWRT doesn't have to carry my re-implementation. This would carry some extra build complexity, as the vboot tools are >10,000 lines of code, compared to my reimplementation of a few hundred lines. The library dependencies are similar (mostly just crypto/ssl, and potentially libuuid (for GPT)), as the vboot project tries to keep the code semi-portable / reusable. Packaging the vboot utilities might give us some future flexibility, if the formats grow and change for future systems. So far, I think the format has been pretty stable. Also, there are potentially some quirks I missed in my port related the ${ARCH} -- I ported the ARM support, but there may be some small tweaks I missed that are applicable only to x86 systems. For (c): adding this to the common ipq40xx target means that there will be a new CONFIG_TARGET_KERNEL_PARTSIZE and CONFIG_TARGET_ROOTFS_PARTSIZE, which are only applicable to a single device but are present for all: FEATURES:=boot-part rootfs-part Is this reason for a new subtarget? Anyway, this is a working device port as-is, so feel free to take a look even if you don't have opinions on any of my "RFC" questions! Regards, Brian [1] https://chromium.googlesource.com/chromiumos/platform/vboot_reference Brian Norris (5): firmware-utils/ptgen: add Chromium OS kernel partition support firmware-utils/cros-vbutil: add Chrome OS vboot kernel-signing utility image-commands: support Chromium OS image-type creation ipq40xx: add open-drain support to pinctrl-msm ipq40xx: add target for Google WiFi (Gale) include/image-commands.mk | 17 + scripts/gen_image_vboot.sh | 29 + target/linux/ipq40xx/Makefile | 2 +- .../ipq40xx/base-files/etc/board.d/02_network | 1 + .../base-files/lib/upgrade/platform.sh | 13 + .../arm/boot/dts/qcom-ipq4019-gale-v2.dts | 402 ++++++++++++ target/linux/ipq40xx/image/Makefile | 14 + .../090-pinctrl-msm-open-drain.patch | 90 +++ .../901-arm-boot-add-dts-files.patch | 3 +- tools/firmware-utils/Makefile | 1 + tools/firmware-utils/src/cros-vbutil.c | 609 ++++++++++++++++++ tools/firmware-utils/src/ptgen.c | 39 +- 12 files changed, 1215 insertions(+), 5 deletions(-) create mode 100755 scripts/gen_image_vboot.sh create mode 100644 target/linux/ipq40xx/files/arch/arm/boot/dts/qcom-ipq4019-gale-v2.dts create mode 100644 target/linux/ipq40xx/patches-5.4/090-pinctrl-msm-open-drain.patch create mode 100644 tools/firmware-utils/src/cros-vbutil.c -- 2.27.0 _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel