refactor: adds GCP support, refactors machine, kernel and image configuration

conf/distro/cvm.conf

@@ -41,7 +41,7 @@ FULL_OPTIMIZATION="-Os -pipe ${DEBUG_FLAGS}"
 # Distro config is evaluated after the machine config, so we have to explicitly
 # set the kernel provider to override a machine config.
 PREFERRED_PROVIDER_virtual/kernel = "linux-yocto-tiny"
-PREFERRED_VERSION_linux-yocto-tiny ?= "6.6%"
+PREFERRED_VERSION_linux-yocto-tiny ?= "6.10%"
 
 # We can use packagegroup-core-boot, but in the future we may need a new packagegroup-core-tiny
 #POKY_DEFAULT_EXTRA_RDEPENDS += "packagegroup-core-boot"
@@ -65,7 +65,7 @@ IMAGE_LINGUAS = ""
 
 # Comment out any of the lines below to disable them in the build
 # DISTRO_FEATURES options:
-DISTRO_FEATURES_TINY = "pci ext4"
+DISTRO_FEATURES_TINY = "pci ext4 sysvinit"
 DISTRO_FEATURES_CVM = "cvm"
 DISTRO_FEATURES_NET = "ipv4 ipv6"
 
@@ -76,14 +76,11 @@ DISTRO_FEATURES = "${DISTRO_FEATURES_TINY} \
 
 CVM_DISTRO_FEATURES_NATIVE = "acl debuginfod ext2 ipv4 ipv6 xattr nfs zeroconf pci vfat seccomp ptest"
 
-DISTRO_FEATURES:class-native = "${CVM_DISTRO_FEATURES_NATIVE} tpm2"
-DISTRO_FEATURES:class-nativesdk = "${CVM_DISTRO_FEATURES_NATIVE} tpm2"
+#DISTRO_FEATURES:class-native = "${CVM_DISTRO_FEATURES_NATIVE} tpm2"
+#DISTRO_FEATURES:class-nativesdk = "${CVM_DISTRO_FEATURES_NATIVE} tpm2"
 
-# add /dev/sd* disk config
-KERNEL_EXTRA_FEATURES:append = " features/scsi/disk.scc"
-
-# enable mdev/busybox for init
-#POKY_INIT_MANAGER:cvm = "mdev-busybox"
+DISTRO_EXTRA_RDEPENDS = "date-sync ca-certificates"
+DISTRO_EXTRA_RDEPENDS:append = '${@bb.utils.contains_any("IMAGE_FEATURES", [ "debug-tweaks" ], " dropbear", "",d)}'
 
 # FIXME: Consider adding "modules" to MACHINE_FEATURES and using that in
 # packagegroup-core-base to select modutils-initscripts or not.  Similar with "net" and
@@ -93,10 +90,10 @@ KERNEL_EXTRA_FEATURES:append = " features/scsi/disk.scc"
 # pulls in a lot of dependencies for the live image and the installer, like
 # udev, grub, etc.  These pull in gettext, which fails to build with wide
 # character support.
-IMAGE_FSTYPES = "wic wic.vhd"
+IMAGE_FSTYPES = "wic"
 QB_DEFAULT_FSTYPE = "wic"
 
-INITRAMFS_IMAGE = "cvm-initramfs"
+INITRAMFS_IMAGE = "core-image-tiny-initramfs"
 
 # Drop v86d from qemu dependency list (we support serial)
 # Drop grub from meta-intel BSPs
@@ -121,3 +118,8 @@ SKIP_RECIPE[core-image-weston] = "not buildable with poky-tiny"
 
 # Disable python usage in opkg-utils since it won't build with tiny config
 PACKAGECONFIG:remove:pn-opkg-utils = "python"
+
+# add cvm.scc cfg changes
+KERNEL_FEATURES:append:pn-linux-yocto-tiny = " cvm.scc"
+KERNEL_FEATURES:append:pn-linux-yocto = " cvm.scc"
+KERNEL_FEATURES:append:pn-linux-yocto-rt = " cvm.scc"

conf/machine/include/gcp.inc

@@ -0,0 +1,13 @@
+MACHINEOVERRIDES =. "gcp:"
+
+# gcp tdx depends on kvm and virtio
+KERNEL_FEATURES:append:pn-linux-yocto-tiny = " gcp.scc cfg/virtio.scc cfg/paravirt_kvm.scc"
+KERNEL_FEATURES:append:pn-linux-yocto = " gcp.scc cfg/virtio.scc cfg/paravirt_kvm.scc"
+KERNEL_FEATURES:append:pn-linux-yocto-rt = " gcp.scc cfg/virtio.scc cfg/paravirt_kvm.scc"
+
+# gcp is not compatible with udhcpc, needs dhcpcd
+MACHINE_ESSENTIAL_EXTRA_RDEPENDS:append = " dhcpcd"
+
+
+# doesnt work, no idea why
+# IMAGE_FSTYPES:append = " wic.tar.gz"

conf/machine/include/hyperv.inc

@@ -0,0 +1,12 @@
+MACHINEOVERRIDES =. "hyperv:"
+
+# Provide the tdx guest driver kernel module for all images
+KERNEL_FEATURES:append:pn-linux-yocto-tiny = " hyperv.scc features/tpm/tpm-2.0.scc features/tpm/tpm-2.0-crb.scc"
+KERNEL_FEATURES:append:pn-linux-yocto = " hyperv.scc features/tpm/tpm-2.0.scc features/tpm/tpm-2.0-crb.scc"
+KERNEL_FEATURES:append:pn-linux-yocto-rt = " hyperv.scc features/tpm/tpm-2.0.scc features/tpm/tpm-2.0-crb.scc"
+
+
+MACHINE_FEATURES:append = " tpm2"
+
+# doesnt work, no idea why
+# IMAGE_FSTYPES:append:core-image-minimal = " wic.vhd"

conf/machine/include/qemu-x86.inc

@@ -0,0 +1,6 @@
+KERNEL_FEATURES:append:pn-linux-yocto-tiny = " cfg/virtio.scc cfg/paravirt_kvm.scc"
+KERNEL_FEATURES:append:pn-linux-yocto = " cfg/virtio.scc cfg/paravirt_kvm.scc"
+KERNEL_FEATURES:append:pn-linux-yocto-rt = " cfg/virtio.scc cfg/paravirt_kvm.scc"
+
+# doesnt work, no idea why
+# IMAGE_FSTYPES:append:core-image-minimal = " wic.qcow2"

conf/machine/include/sev-snp-guest.inc

@@ -0,0 +1,8 @@
+require conf/machine/include/x86.inc
+
+MACHINEOVERRIDES =. "sev-snp-guest:"
+
+# Provide the tdx guest driver kernel module for all images
+KERNEL_FEATURES:append:pn-linux-yocto-tiny = " sev-snp-guest.scc"
+KERNEL_FEATURES:append:pn-linux-yocto = " sev-snp-guest.scc"
+KERNEL_FEATURES:append:pn-linux-yocto-rt = " sev-snp-guest.scc"

conf/machine/include/tdx-guest.inc

@@ -0,0 +1,8 @@
+require conf/machine/include/x86.inc
+
+MACHINEOVERRIDES =. "tdx-guest:"
+
+# Provide the tdx guest driver kernel module for all images
+KERNEL_FEATURES:append:pn-linux-yocto-tiny = " tdx-guest.scc"
+KERNEL_FEATURES:append:pn-linux-yocto = " tdx-guest.scc"
+KERNEL_FEATURES:append:pn-linux-yocto-rt = " tdx-guest.scc"

conf/machine/include/x86.inc

@@ -0,0 +1,18 @@
+DEFAULTTUNE ?= "x86-64-v3"
+
+require conf/machine/include/x86/tune-x86-64-v3.inc
+
+KERNEL_IMAGETYPE = "bzImage"
+SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1"
+
+MACHINE_FEATURES:append = "x86 pci"
+
+do_image_wic[depends] += "syslinux:do_populate_sysroot syslinux-native:do_populate_sysroot mtools-native:do_populate_sysroot dosfstools-native:do_populate_sysroot"
+
+# For runqemu
+IMAGE_CLASSES += "qemuboot"
+
+QB_CPU:x86-64 ?= "-cpu IvyBridge -machine q35,i8042=off"
+QB_CPU_KVM:x86-64 ?= "-cpu IvyBridge -machine q35,i8042=off"
+
+QB_SYSTEM_NAME = "qemu-system-x86_64"

conf/machine/sev-snp-azure.conf

@@ -0,0 +1,6 @@
+#@TYPE: Machine
+#@NAME: Azure x86-64 SEV-SNP enabled machine
+#@DESCRIPTION: Machine configuration for running a SEV-SNP enabled x86-64 system on Azure
+
+require conf/machine/include/sev-snp-guest.inc
+require conf/machine/include/hyperv.inc

conf/machine/tdx-azure.conf

@@ -0,0 +1,6 @@
+#@TYPE: Machine
+#@NAME: Azure x86-64 tdx enabled machine
+#@DESCRIPTION: Machine configuration for running a TDX enabled x86-64 system on Azure
+
+require conf/machine/include/tdx-guest.inc
+require conf/machine/include/hyperv.inc

conf/machine/tdx-gcp.conf

@@ -0,0 +1,6 @@
+#@TYPE: Machine
+#@NAME: GCP x86-64 tdx enabled machine
+#@DESCRIPTION: Machine configuration for running a TDX enabled x86-64 system on GCP
+
+require conf/machine/include/tdx-guest.inc
+require conf/machine/include/gcp.inc

conf/machine/tdx-qemu.conf

@@ -0,0 +1,6 @@
+#@TYPE: Machine
+#@NAME: QEMU x86-64 tdx enabled machine
+#@DESCRIPTION: Machine configuration for running an x86-64 system on QEMU
+
+require conf/machine/include/qemu-x86.inc
+require conf/machine/include/tdx-guest.inc

conf/machine/tdx.conf

@@ -1,43 +1,8 @@
 #@TYPE: Machine
-#@NAME: QEMU x86-64 machine
-#@DESCRIPTION: Machine configuration for running an x86-64 system on QEMU
-#
-# from require conf/machine/include/qemu.inc
-# Don't include kernels in standard images
-RDEPENDS:${KERNEL_PACKAGE_NAME}-base = ""
+#@NAME: x86-64 tdx enabled machine
+#@DESCRIPTION: Machine configuration for running a TDX enabled x86-64 system on Azure and Qemu, GCP pending
 
-# Use a common kernel recipe for all QEMU machines
-PREFERRED_PROVIDER_virtual/kernel ??= "linux-yocto-tiny"
-
-EXTRA_IMAGEDEPENDS += "qemu-system-native qemu-helper-native:do_addto_recipe_sysroot"
-
-# from require conf/machine/include/x86/qemuboot-x86.inc
-# For runqemu
-IMAGE_CLASSES += "qemuboot"
-QB_SMP ?= "-smp 4"
-QB_CPU:x86 ?= "-cpu IvyBridge -machine q35,i8042=off"
-QB_CPU_KVM:x86 ?= "-cpu IvyBridge -machine q35,i8042=off"
-
-QB_CPU:x86-64 ?= "-cpu IvyBridge -machine q35,i8042=off"
-QB_CPU_KVM:x86-64 ?= "-cpu IvyBridge -machine q35,i8042=off"
-
-QB_KERNEL_CMDLINE_APPEND = "oprofile.timer=1 tsc=reliable no_timer_check rcupdate.rcu_expedited=1 nospectre_v2 spec_store_bypass_disable=on"
-QB_OPT_APPEND = "-usb -device usb-tablet -usb -device usb-kbd"
-
-
-
-
-DEFAULTTUNE ?= "x86-64-v3"
-
-require conf/machine/include/x86/tune-x86-64-v3.inc
-
-KERNEL_IMAGETYPE = "bzImage"
-
-SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1"
-
-MACHINE_FEATURES += "x86 pci tpm2"
-
-do_image_wic[depends] += "syslinux:do_populate_sysroot syslinux-native:do_populate_sysroot mtools-native:do_populate_sysroot dosfstools-native:do_populate_sysroot"
-
-# For runqemu
-QB_SYSTEM_NAME = "tdx"
+require conf/machine/include/tdx-guest.inc
+require conf/machine/include/qemu-x86.inc
+require conf/machine/include/hyperv.inc
+require conf/machine/include/gcp.inc

recipes-core/images/core-image-minimal.bbappend

@@ -0,0 +1,16 @@
+SUMMARY = "Placeholder image to using IMAGE_FSTYPES to create wic based images of the initramfs."
+
+IMAGE_INSTALL = ""
+
+IMAGE_LINGUAS = " "
+
+# override vhd conversion cmd - azure rquirements of virtual size aligned to 1 MiB
+CONVERSION_CMD:vhd:prepend = "truncate -s %1MiB ${IMAGE_NAME}.wic; \
+                              qemu-img convert -O vpc -o subformat=fixed,force_size ${IMAGE_NAME}.wic ${IMAGE_NAME}.wic.vhd; \
+                              echo "
+
+CONVERSION_CMD:tar = "tar --format=oldgnu -Scf ${IMAGE_NAME}.${type}.tar --transform='s|${IMAGE_NAME}.${type}|disk.raw|' ${IMAGE_NAME}.${type}"
+CONVERSION_DEPENDS_tar = "tar-native"
+CONVERSIONTYPES:append = " tar"
+
+IMAGE_FSTYPES:append = " wic.tar.gz wic.vhd wic.qcow2"

recipes-core/images/core-image-tiny-initramfs.bbappend

@@ -0,0 +1,8 @@
+PACKAGE_INSTALL = "${DISTRO_EXTRA_RDEPENDS} packagegroup-core-boot ${VIRTUAL-RUNTIME_base-utils} ${VIRTUAL-RUNTIME_dev_manager} base-passwd ${ROOTFS_BOOTSTRAP_INSTALL}"
+
+IMAGE_FEATURES = "${EXTRA_IMAGE_FEATURES}"
+
+INITRAMFS_MAXSIZE = "20000000"
+
+python tinyinitrd () {
+}