| # Copyright 2018 The Fuchsia Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| import("//build/board.gni") |
| import("//build/config/fuchsia/zbi.gni") |
| import("//build/images/args.gni") |
| import("//build/images/boot.gni") |
| import("//build/images/custom_signing.gni") |
| import("//build/images/custom_signing.gni") |
| import("//build/images/manifest.gni") |
| import("//build/images/ta.gni") |
| import("//build/images/vbmeta.gni") |
| import("//build/images/zedboot/zedboot_args.gni") |
| import("//build/images/zxcrypt.gni") |
| |
| # Construct a minimal manifest containing only the few user binaries |
| # that constitute zedboot, and the libraries they depend on. |
| # TODO(36888): This could be made smaller by constraining the drivers |
| # included, but we don't currently have a good way to determine the |
| # subset that is useful to Zedboot. |
| zedboot_binary_patterns = [ |
| # These are the core things needed for booting (local and netboot). |
| "bin/bootsvc", |
| "bin/console", |
| "bin/device-name-provider", |
| "bin/dlog", |
| "bin/fshost", |
| "bin/miscsvc", |
| "bin/netsvc", |
| "bin/ptysvc", |
| "bin/pwrbtn-monitor", |
| "bin/svchost", |
| "bin/virtual-console", |
| "driver/*", |
| |
| # These are needed for installer runs. |
| "bin/blobfs", |
| "bin/install-disk-image", |
| "bin/minfs", |
| "bin/mount", |
| |
| # These are useful for debugging. |
| "bin/dd", |
| "bin/driverctl", |
| "bin/fsck*", |
| "bin/gpt", |
| "bin/killall", |
| "bin/ktrace", |
| "bin/lsblk", |
| "bin/lsdev", |
| "bin/lsusb", |
| "bin/mkfs*", |
| "bin/nand-util", |
| "bin/ping", |
| "bin/ps", |
| "bin/sh", |
| "bin/syscall-check", |
| "bin/umount", |
| "bin/unbind", |
| |
| # These are used by Infra. |
| "bin/waitfor", |
| ] |
| |
| generate_manifest("zedboot.manifest") { |
| visibility = [ ":*" ] |
| args = [] |
| foreach(pattern, zedboot_binary_patterns) { |
| args += [ "--binary=" + pattern ] |
| } |
| |
| # The --binary switch only matches binaries, not other files. |
| # Get the non-binary files from the manifest directly. |
| args += [ "--include=lib/firmware/*" ] |
| deps = zircon_boot_manifests_deps |
| foreach(manifest, zircon_boot_manifests) { |
| args += [ |
| "--cwd=.", |
| "--manifest=" + rebase_path(manifest, root_build_dir), |
| ] |
| } |
| |
| # Inject virtcon into zedboot. |
| # TODO(41410): Remove when unified build exists. |
| deps += [ "//src/bringup/virtcon:virtual-console" ] |
| args += [ "--entry=bin/virtual-console=" + |
| rebase_path("$root_build_dir/virtual-console", root_build_dir) ] |
| } |
| manifest_outputs = get_target_outputs(":zedboot.manifest") |
| manifest_file = manifest_outputs[0] |
| |
| action("devmgr_config.txt") { |
| visibility = [ |
| ":zbi", |
| ":zedboot.vbmeta", |
| ":zedboot.vbmeta__zbi_props", |
| ":zedboot.vbmeta__vb_desc", |
| ] |
| |
| script = "../manifest.py" |
| outputs = [ "$target_out_dir/$target_name" ] |
| |
| args = [ "--output=" + rebase_path(outputs[0], root_build_dir) ] |
| entries = [ |
| "netsvc.netboot=true", |
| "netsvc.all-features=true", |
| ] + zedboot_devmgr_config |
| foreach(entry, entries) { |
| args += [ "--entry=$entry" ] |
| } |
| } |
| |
| generated_file("zxcrypt_config.txt") { |
| outputs = [ "$target_out_dir/$target_name" ] |
| contents = zxcrypt_key_source |
| } |
| |
| component_manager_label = "//src/sys/component_manager:component_manager.bootfs" |
| component_manager_target_dir = |
| get_label_info(component_manager_label, "target_out_dir") |
| component_manager_target_name = get_label_info(component_manager_label, "name") |
| component_manager_manifest = |
| component_manager_target_dir + "/" + component_manager_target_name |
| |
| coordinator_label = "//src/devices:devices.bootfs" |
| coordinator_target_dir = get_label_info(coordinator_label, "target_out_dir") |
| coordinator_target_name = get_label_info(coordinator_label, "name") |
| coordinator_manifest = coordinator_target_dir + "/" + coordinator_target_name |
| |
| installer_label = "//src/sys/installer:installer.bootfs" |
| installer_target_dir = get_label_info(installer_label, "target_out_dir") |
| installer_target_name = get_label_info(installer_label, "name") |
| installer_manifest = installer_target_dir + "/" + installer_target_name |
| |
| root_manifests_label = "//src/sys/bootstrap:root_manifests.bootfs" |
| root_manifests_target_dir = |
| get_label_info(root_manifests_label, "target_out_dir") |
| root_manifests_target_name = get_label_info(root_manifests_label, "name") |
| root_manifests_manifest = |
| root_manifests_target_dir + "/" + root_manifests_target_name |
| |
| # Note: This output is also used by a script in //scripts/verify_cmdline_params. |
| zbi("zbi") { |
| output_name = "zedboot" |
| deps = [ |
| ":devmgr_config.txt", |
| ":zedboot.manifest", |
| ":zxcrypt_config.txt", |
| component_manager_label, |
| coordinator_label, |
| installer_label, |
| root_manifests_label, |
| ] |
| inputs = [ |
| component_manager_manifest, |
| coordinator_manifest, |
| installer_manifest, |
| root_manifests_manifest, |
| zircon_kernel_zbi, |
| manifest_file, |
| ] |
| manifest = |
| [ "config/zxcrypt=" + |
| rebase_path("$target_out_dir/zxcrypt_config.txt", root_build_dir) ] |
| foreach(ta_uuid, zedboot_ta_uuids) { |
| manifest += [ |
| { |
| outputs = [ "lib/firmware/$ta_uuid$ta_dest_suffix" ] |
| sources = [ rebase_path("$ta_path/$ta_uuid$ta_src_suffix") ] |
| }, |
| ] |
| } |
| if (!include_devmgr_config_in_vbmeta) { |
| manifest += [ |
| { |
| outputs = [ "config/devmgr" ] |
| sources = get_target_outputs(":devmgr_config.txt") |
| }, |
| ] |
| } |
| cmdline = [ |
| "console.shell=true", |
| "netsvc.disable=false", |
| "kernel.enable-debugging-syscalls=true", |
| "kernel.enable-serial-syscalls=true", |
| ] + zedboot_cmdline_args + board_zedboot_cmdline_args |
| cmdline_inputs = zedboot_cmdline_files |
| |
| metadata = { |
| images = [ |
| { |
| if (custom_signing_script == "" && !use_vboot) { |
| archive = true |
| bootserver_pave = [ "--zirconr" ] |
| bootserver_pave_zedboot = [ "--zircona" ] |
| } |
| name = "zircon-r" |
| path = "zedboot.zbi" |
| type = "zbi" |
| }, |
| ] |
| image_paths = [ |
| "IMAGE_ZEDBOOT_ZBI=zedboot.zbi", |
| "IMAGE_ZIRCONR_ZBI=zedboot.zbi", |
| ] |
| } |
| } |
| |
| if (custom_signing_script != "") { |
| custom_signed_zbi("signed") { |
| output_name = "zedboot.zbi" |
| deps = [ ":zbi" ] |
| zbi = get_target_outputs(":zbi") |
| |
| metadata = { |
| images = [ |
| { |
| archive = true |
| bootserver_pave = [ "--zirconr" ] |
| bootserver_pave_zedboot = [ "--zircona" ] |
| name = "zircon-r.signed" |
| path = "zedboot.zbi.signed" |
| type = "zbi.signed" |
| }, |
| ] |
| image_paths = [ "IMAGE_ZIRCONR_SIGNEDZBI=zedboot.zbi.signed" ] |
| } |
| } |
| } else if (use_vboot) { |
| vboot("signed") { |
| output_name = "zedboot" |
| deps = [ ":zbi" ] |
| metadata = { |
| images = [ |
| { |
| archive = true |
| bootserver_pave = [ "--zirconr" ] |
| bootserver_pave_zedboot = [ "--zircona" ] |
| name = "zircon-r.signed" |
| path = "zedboot.vboot" |
| type = "zbi.signed" |
| }, |
| ] |
| image_paths = [ "IMAGE_ZIRCONR_SIGNEDZBI=zedboot.vboot" ] |
| } |
| } |
| } |
| |
| if (use_vbmeta) { |
| vbmeta("zedboot.vbmeta") { |
| output_name = "zedboot" |
| testonly = true |
| if (custom_signing_script != "") { |
| deps = [ ":signed" ] |
| zbi = get_target_outputs(":signed") |
| } else { |
| deps = [ ":zbi" ] |
| zbi = get_target_outputs(":zbi") |
| } |
| if (include_devmgr_config_in_vbmeta) { |
| deps += [ ":devmgr_config.txt" ] |
| |
| boot_args_file = get_target_outputs(":devmgr_config.txt") |
| |
| # expecting a single file |
| assert([ boot_args_file[0] ] == boot_args_file, |
| "expect a single output file form 'devmgr_config.txt' target") |
| |
| prop_from_file = [ |
| { |
| # zbi item type w/o ZBI_TYPE_ prefix |
| type = "IMAGE_ARGS" |
| file = boot_args_file[0] |
| }, |
| ] |
| } |
| |
| metadata = { |
| images = [ |
| { |
| archive = true |
| bootserver_pave = [ "--vbmetar" ] |
| bootserver_pave_zedboot = [ "--vbmetaa" ] |
| name = "zircon-r" |
| path = "zedboot.vbmeta" |
| type = "vbmeta" |
| }, |
| ] |
| image_paths = [ "IMAGE_VBMETAR_RAW=zedboot.vbmeta" ] |
| } |
| } |
| } |
| |
| if (target_cpu != "arm64" && !use_vboot) { |
| esp("esp") { |
| output_name = "zedboot" |
| cmdline = "efi_cmdline.txt" |
| deps = [ ":zbi" ] |
| zedboot_zbi_outputs = get_target_outputs(":zbi") |
| zedboot = zedboot_zbi_outputs[0] |
| |
| metadata = { |
| images = [ |
| { |
| name = "zedboot-efi" |
| path = "zedboot.esp.blk" |
| type = "blk" |
| }, |
| ] |
| image_paths = [ "IMAGE_ZEDBOOT_ESP=zedboot.esp.blk" ] |
| } |
| } |
| } |
| |
| group("zedboot") { |
| deps = [ ":zbi" ] |
| if (target_cpu != "arm64" && !use_vboot) { |
| deps += [ ":esp" ] |
| } |
| if (custom_signing_script != "" || use_vboot) { |
| deps += [ ":signed" ] |
| } |
| } |