This makes,
- When a wildcard value '*' is specified, use the first supported
compression algorithm,
- disable compression if Accept-Encoding header is unspecified or
no supported compression algorithm specified in the header,
- ignore all errors in parsing the header.
Follow-ups for cfaf78001c.
- use OrderedHashmap to manage configured compression algorithms, then
drop CompressionArgs,
- rename CompressionOpts -> CompressionConfig,
- refuse 'none' in Compression= setting, but accept boolean false, which
disables compression,
- when Compression= option is unspecified, enable all supported compression
algorithms by default,
- do not set 'none' to the Accept-Encoding header.
For many reasons, we might not actually sign a verity signature
partition, even if ope is specified in the partition definition files.
It might already exist, it might be deferred, it might be excluded, ...
Since we cannot check if partition already exists when reading the
configuration, let's delay the check for whether a certificate and
key have been provided until we're actually about to sign a roothash.
rpm pulls in systemd-standalone-sysusers now by default to get
systemd-sysusers which causes a conflict later on during the prepare
script when systemd is pulled in as a dependency of device-mapper so
let's install systemd in the initial transaction so systemd provides
systemd-sysusers and systemd-standalone-sysusers is never installed
in the first place.
- Add missing '--' delimiter
- Use the new BuildSubdirectory JSON field to figure out the build
subdirectory.
- Remove the /usr/include path mapping for now. This means we can't
jump into system headers anymore if they don't exist on the host,
we can find a way to add this back later if it turns out to be
crucial.
- Add missing '--' delimiter
- Use the new BuildSubdirectory JSON field to figure out the build
subdirectory.
- Remove the /usr/include path mapping for now. This means we can't
jump into system headers anymore if they don't exist on the host,
we can find a way to add this back later if it turns out to be
crucial.
On some distros on some architectures (e.g.: Ubuntu arm64) the kernel is shipped as
a gzipped file, which the UEFI firmware does not understand.
If pefile fails to parse it, try to decompress it.
The header starts with 'zstd', not 'zstd22':
$ ukify build --linux vmlinuz-6.13+unreleased-cloud-arm64 --initrd /boot/initrd.img-6.12.12-amd64 --output uki
Kernel version not specified, starting autodetection 😖.
Real-Mode Kernel Header magic not found
+ readelf --notes vmlinuz-6.13+unreleased-cloud-arm64
readelf: Error: Not an ELF file - it has the wrong magic bytes at the start
Traceback (most recent call last):
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2510, in <module>
main()
~~~~^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2499, in main
make_uki(opts)
~~~~~~~~^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 1328, in make_uki
opts.uname = Uname.scrape(linux, opts=opts)
~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 384, in scrape
version = func(filename, opts=opts)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 374, in scrape_generic
text = maybe_decompress(filename)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 221, in maybe_decompress
return get_zboot_kernel(f)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 201, in get_zboot_kernel
raise NotImplementedError(f'unknown compressed type: {comp_type!r}')
NotImplementedError: unknown compressed type: b'zstd\x00\x00'
The zstd library does not support stream decompression, and it
requires the zstd header to contain extra metadata, that the kernel
build does not append:
$ file -k vmlinuz-6.13+unreleased-cloud-arm64
vmlinuz-6.13+unreleased-cloud-arm64: PE32+ executable (EFI application) Aarch64 (stripped to external PDB), for MS Windows, 2 sections\012- data
$ ukify build --linux vmlinuz-6.13+unreleased-cloud-arm64 --initrd /boot/initrd.img-6.12.12-amd64 --output uki
Kernel version not specified, starting autodetection 😖.
Real-Mode Kernel Header magic not found
+ readelf --notes vmlinuz-6.13+unreleased-cloud-arm64
readelf: Error: Not an ELF file - it has the wrong magic bytes at the start
Traceback (most recent call last):
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2508, in <module>
main()
~~~~^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 2497, in main
make_uki(opts)
~~~~~~~~^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 1326, in make_uki
opts.uname = Uname.scrape(linux, opts=opts)
~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 382, in scrape
version = func(filename, opts=opts)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 372, in scrape_generic
text = maybe_decompress(filename)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 219, in maybe_decompress
return get_zboot_kernel(f)
File "/home/bluca/git/systemd/src/ukify/ukify.py", line 199, in get_zboot_kernel
return cast(bytes, zstd.uncompress(f.read(size)))
~~~~~~~~~~~~~~~^^^^^^^^^^^^^^
zstd.Error: Input data invalid or missing content size in frame header.
This appears to be by design:
https://github.com/sergey-dryabzhinsky/python-zstd/issues/53
Switch to python3-zstandard, which works.
