Demi Marie Obenour writes: > On 11/13/25 06:46, Alyssa Ross wrote: >> Demi Marie Obenour writes: >> >>> diff --git a/host/initramfs/Makefile b/host/initramfs/Makefile >>> index cb13fbb35f065b67d291d4a35591d6f12720060c..102870ecba4456303414e2531ea592473ddfc1cf 100644 >>> --- a/host/initramfs/Makefile >>> +++ b/host/initramfs/Makefile >>> @@ -35,26 +35,10 @@ build/mountpoints: >>> cd build/mountpoints && mkdir -p $(MOUNTPOINTS) >>> find build/mountpoints -mindepth 1 -exec touch -d @0 {} ';' >>> >>> -# veritysetup format produces two files, but Make only (portably) >>> -# supports one output per rule, so we combine the two outputs then >>> -# define two more rules to separate them again. >>> -build/rootfs.verity: $(ROOT_FS) >>> - mkdir -p build >>> - $(VERITYSETUP) format $(ROOT_FS) build/rootfs.verity.superblock.tmp \ >>> - | awk -F ':[[:blank:]]*' '$$1 == "Root hash" {print $$2; exit}' \ >>> - > build/rootfs.verity.roothash.tmp >>> - cat build/rootfs.verity.roothash.tmp build/rootfs.verity.superblock.tmp \ >>> - > $@ >>> - rm build/rootfs.verity.roothash.tmp build/rootfs.verity.superblock.tmp >>> -build/rootfs.verity.roothash: build/rootfs.verity >>> - head -n 1 build/rootfs.verity > $@ >>> -build/rootfs.verity.superblock: build/rootfs.verity >>> - tail -n +2 build/rootfs.verity > $@ >>> - >>> -build/live.img: ../../scripts/format-uuid.sh ../../scripts/make-gpt.sh ../../scripts/sfdisk-field.awk build/rootfs.verity.superblock build/rootfs.verity.roothash $(ROOT_FS) >>> +build/live.img: ../../scripts/format-uuid.sh ../../scripts/make-gpt.sh ../../scripts/sfdisk-field.awk $(ROOT_FS_VERITY) $(ROOT_FS_VERITY_ROOTHASH) $(ROOT_FS) >>> ../../scripts/make-gpt.sh $@.tmp \ >>> - build/rootfs.verity.superblock:verity:$$(../../scripts/format-uuid.sh "$$(dd if=build/rootfs.verity.roothash bs=32 skip=1 count=1 status=none)") \ >>> - $(ROOT_FS):root:$$(../../scripts/format-uuid.sh "$$(head -c 32 build/rootfs.verity.roothash)") >>> + "$$ROOT_FS_VERITY:verity:$$(../../scripts/format-uuid.sh "$$(dd "if=$$ROOT_FS_VERITY_ROOTHASH" bs=32 skip=1 count=1 status=none)")" \ >> >> Indentation got messed up here. >> >> Given rootfs has a well-defined output structure, maybe we could just >> write $(ROOT_FS)/rootfs.verity.roothash, so we don't need to define lots >> of different environment variables in each component that uses the >> verity data. >> >> I think we should consistently use Make variable expansion rather than >> shell variable expansion when we're using the variable in a Make >> dependency line too, to avoid the possibility of them being different. > > Make expansion followed by shell expansion and just Make expansion aren't > even consistent with each other. Can you elaborate? > >> build/fifo: >>> mkdir -p build >>> @@ -83,25 +95,10 @@ clean: >>> rm -rf build >>> .PHONY: clean >>> >>> -# veritysetup format produces two files, but Make only (portably) >>> -# supports one output per rule, so we combine the two outputs then >>> -# define two more rules to separate them again. >>> -build/rootfs.verity: $(dest) >>> - $(VERITYSETUP) format $(dest) build/rootfs.verity.superblock.tmp \ >>> - | awk -F ':[[:blank:]]*' '$$1 == "Root hash" {print $$2; exit}' \ >>> - > build/rootfs.verity.roothash.tmp >>> - cat build/rootfs.verity.roothash.tmp build/rootfs.verity.superblock.tmp \ >>> - > $@ >>> - rm build/rootfs.verity.roothash.tmp build/rootfs.verity.superblock.tmp >>> -build/rootfs.verity.roothash: build/rootfs.verity >>> - head -n 1 build/rootfs.verity > $@ >>> -build/rootfs.verity.superblock: build/rootfs.verity >>> - tail -n +2 build/rootfs.verity > $@ >>> - >>> -build/live.img: ../../scripts/format-uuid.sh ../../scripts/make-gpt.sh ../../scripts/sfdisk-field.awk build/rootfs.verity.superblock build/rootfs.verity.roothash $(dest) >>> +build/live.img: ../../scripts/format-uuid.sh ../../scripts/make-gpt.sh ../../scripts/sfdisk-field.awk $(dest)/timestamp >>> ../../scripts/make-gpt.sh $@.tmp \ >>> - build/rootfs.verity.superblock:verity:$$(../../scripts/format-uuid.sh "$$(dd if=build/rootfs.verity.roothash bs=32 skip=1 count=1 status=none)") \ >>> - $(dest):root:$$(../../scripts/format-uuid.sh "$$(head -c 32 build/rootfs.verity.roothash)") >>> + $(dest)/rootfs.verity.superblock:verity:$$(../../scripts/format-uuid.sh "$$(dd if=$(dest)/rootfs.verity.roothash bs=32 skip=1 count=1 status=none)") \ >>> + $(dest)/rootfs:root:$$(../../scripts/format-uuid.sh "$$(head -c 32 $(dest)/rootfs.verity.roothash)") >>> mv $@.tmp $@ >>> >>> debug: >>> @@ -111,7 +108,7 @@ debug: >>> $(VMLINUX) >>> .PHONY: debug >>> >>> -run: build/live.img $(EXT_FS) build/rootfs.verity.roothash >>> +run: build/live.img >> >> What happened to $(EXT_FS)? > > Since commit 12b64009d9cde56b5629a832086d2c2311908ebe > ("host/initramfs/extfs.nix: remove") it has been unused. > I deleted it while changing other stuff in this line. Got it. I'll just push a drop of $(EXT_FS) now then.