[v2,01/11] systemd: enable efi support if in MACHINE_FEATURES too

For example genericarm64 enables "efi" in MACHINE_FEATURES
and in u-boot. Boot without "efi" in systemd works with
EFI protocols but for example efivars is not mounted at
all so various checks fail in userspace. Fix these by
enabling "efi" support if it's in MACHINE_FEATURES.
Fixes efivars mount to /sys/firmware/efi/efivars etc.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
---
 meta/recipes-core/systemd/systemd_257.3.bb | 1 +
 1 file changed, 1 insertion(+)

On Fri, 2025-03-21 at 15:25 +0200, Mikko Rapeli via lists.openembedded.org wrote:
> For example genericarm64 enables "efi" in MACHINE_FEATURES
> and in u-boot. Boot without "efi" in systemd works with
> EFI protocols but for example efivars is not mounted at
> all so various checks fail in userspace. Fix these by
> enabling "efi" support if it's in MACHINE_FEATURES.
> Fixes efivars mount to /sys/firmware/efi/efivars etc.
> 
> Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
> ---
>  meta/recipes-core/systemd/systemd_257.3.bb | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/meta/recipes-core/systemd/systemd_257.3.bb b/meta/recipes-core/systemd/systemd_257.3.bb
> index 64fb8fe69a..9bc4532021 100644
> --- a/meta/recipes-core/systemd/systemd_257.3.bb
> +++ b/meta/recipes-core/systemd/systemd_257.3.bb
> @@ -69,6 +69,7 @@ PAM_PLUGINS = " \
>  
>  PACKAGECONFIG ??= " \
>      ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit apparmor efi ldconfig pam pni-names selinux smack polkit seccomp', d)} \
> +    ${@bb.utils.filter('MACHINE_FEATURES', 'efi', d)} \
>      ${@bb.utils.contains('DISTRO_FEATURES', 'minidebuginfo', 'coredump elfutils', '', d)} \
>      ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \
>      ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \

This makes the systemd recipe machine specific which isn't currently the case.

Cheers,

Richard

Hi,

On Sun, Mar 23, 2025 at 10:53:59AM +0000, Richard Purdie wrote:
> On Fri, 2025-03-21 at 15:25 +0200, Mikko Rapeli via lists.openembedded.org wrote:
> > For example genericarm64 enables "efi" in MACHINE_FEATURES
> > and in u-boot. Boot without "efi" in systemd works with
> > EFI protocols but for example efivars is not mounted at
> > all so various checks fail in userspace. Fix these by
> > enabling "efi" support if it's in MACHINE_FEATURES.
> > Fixes efivars mount to /sys/firmware/efi/efivars etc.
> > 
> > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
> > ---
> > �meta/recipes-core/systemd/systemd_257.3.bb | 1 +
> > �1 file changed, 1 insertion(+)
> > 
> > diff --git a/meta/recipes-core/systemd/systemd_257.3.bb b/meta/recipes-core/systemd/systemd_257.3.bb
> > index 64fb8fe69a..9bc4532021 100644
> > --- a/meta/recipes-core/systemd/systemd_257.3.bb
> > +++ b/meta/recipes-core/systemd/systemd_257.3.bb
> > @@ -69,6 +69,7 @@ PAM_PLUGINS = " \
> > �
> > �PACKAGECONFIG ??= " \
> > ���� ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit apparmor efi ldconfig pam pni-names selinux smack polkit seccomp', d)} \
> > +��� ${@bb.utils.filter('MACHINE_FEATURES', 'efi', d)} \
> > ���� ${@bb.utils.contains('DISTRO_FEATURES', 'minidebuginfo', 'coredump elfutils', '', d)} \
> > ���� ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \
> > ���� ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \
> 
> This makes the systemd recipe machine specific which isn't currently the case.

Can we enable "efi" in DISTRO_FEATURES by default?

That would solve the issue without checking MACHINE_FEATURES in systemd recipe.

Cheers,

-Mikko

On Mon, Mar 24, 2025 at 09:29:48AM +0200, Mikko Rapeli via lists.openembedded.org wrote:
> Hi,
> 
> On Sun, Mar 23, 2025 at 10:53:59AM +0000, Richard Purdie wrote:
> > On Fri, 2025-03-21 at 15:25 +0200, Mikko Rapeli via lists.openembedded.org wrote:
> > > For example genericarm64 enables "efi" in MACHINE_FEATURES
> > > and in u-boot. Boot without "efi" in systemd works with
> > > EFI protocols but for example efivars is not mounted at
> > > all so various checks fail in userspace. Fix these by
> > > enabling "efi" support if it's in MACHINE_FEATURES.
> > > Fixes efivars mount to /sys/firmware/efi/efivars etc.
> > > 
> > > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
> > > ---
> > > �meta/recipes-core/systemd/systemd_257.3.bb | 1 +
> > > �1 file changed, 1 insertion(+)
> > > 
> > > diff --git a/meta/recipes-core/systemd/systemd_257.3.bb b/meta/recipes-core/systemd/systemd_257.3.bb
> > > index 64fb8fe69a..9bc4532021 100644
> > > --- a/meta/recipes-core/systemd/systemd_257.3.bb
> > > +++ b/meta/recipes-core/systemd/systemd_257.3.bb
> > > @@ -69,6 +69,7 @@ PAM_PLUGINS = " \
> > > �
> > > �PACKAGECONFIG ??= " \
> > > ���� ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit apparmor efi ldconfig pam pni-names selinux smack polkit seccomp', d)} \
> > > +��� ${@bb.utils.filter('MACHINE_FEATURES', 'efi', d)} \
> > > ���� ${@bb.utils.contains('DISTRO_FEATURES', 'minidebuginfo', 'coredump elfutils', '', d)} \
> > > ���� ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \
> > > ���� ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \
> > 
> > This makes the systemd recipe machine specific which isn't currently the case.
> 
> Can we enable "efi" in DISTRO_FEATURES by default?
> 
> That would solve the issue without checking MACHINE_FEATURES in systemd recipe.

Or we just enable "efi" support in systemd by default, or bind it to the new
"systemd-initramfs" DISTRO_FEATURE.

systemd in initrd doesn't work if the EFI ESP partition isn't mounted
and for that the 'efi' support needs to be enabled.

Cheers,

-Mikko

On Mon, 2025-03-24 at 09:43 +0200, Mikko Rapeli wrote:
> On Mon, Mar 24, 2025 at 09:29:48AM +0200, Mikko Rapeli via lists.openembedded.org wrote:
> > Hi,
> > 
> > On Sun, Mar 23, 2025 at 10:53:59AM +0000, Richard Purdie wrote:
> > > On Fri, 2025-03-21 at 15:25 +0200, Mikko Rapeli via lists.openembedded.org wrote:
> > > > For example genericarm64 enables "efi" in MACHINE_FEATURES
> > > > and in u-boot. Boot without "efi" in systemd works with
> > > > EFI protocols but for example efivars is not mounted at
> > > > all so various checks fail in userspace. Fix these by
> > > > enabling "efi" support if it's in MACHINE_FEATURES.
> > > > Fixes efivars mount to /sys/firmware/efi/efivars etc.
> > > > 
> > > > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
> > > > ---
> > > >  meta/recipes-core/systemd/systemd_257.3.bb | 1 +
> > > >  1 file changed, 1 insertion(+)
> > > > 
> > > > diff --git a/meta/recipes-core/systemd/systemd_257.3.bb b/meta/recipes-core/systemd/systemd_257.3.bb
> > > > index 64fb8fe69a..9bc4532021 100644
> > > > --- a/meta/recipes-core/systemd/systemd_257.3.bb
> > > > +++ b/meta/recipes-core/systemd/systemd_257.3.bb
> > > > @@ -69,6 +69,7 @@ PAM_PLUGINS = " \
> > > >  
> > > >  PACKAGECONFIG ??= " \
> > > >      ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit apparmor efi ldconfig pam pni-names selinux smack polkit seccomp', d)} \
> > > > +    ${@bb.utils.filter('MACHINE_FEATURES', 'efi', d)} \
> > > >      ${@bb.utils.contains('DISTRO_FEATURES', 'minidebuginfo', 'coredump elfutils', '', d)} \
> > > >      ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \
> > > >      ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \
> > > 
> > > This makes the systemd recipe machine specific which isn't currently the case.
> > 
> > Can we enable "efi" in DISTRO_FEATURES by default?
> > 
> > That would solve the issue without checking MACHINE_FEATURES in systemd recipe.
> 
> Or we just enable "efi" support in systemd by default, or bind it to the new
> "systemd-initramfs" DISTRO_FEATURE.
> 
> systemd in initrd doesn't work if the EFI ESP partition isn't mounted
> and for that the 'efi' support needs to be enabled.

I suspect enabling it by default might be the simpler solution.

Cheers,

Richard

> Op 24 mrt 2025, om 08:29 heeft Mikko Rapeli via lists.openembedded.org <mikko.rapeli=linaro.org@lists.openembedded.org> het volgende geschreven:
> 
> Hi,
> 
> On Sun, Mar 23, 2025 at 10:53:59AM +0000, Richard Purdie wrote:
>> On Fri, 2025-03-21 at 15:25 +0200, Mikko Rapeli via lists.openembedded.org wrote:
>>> For example genericarm64 enables "efi" in MACHINE_FEATURES
>>> and in u-boot. Boot without "efi" in systemd works with
>>> EFI protocols but for example efivars is not mounted at
>>> all so various checks fail in userspace. Fix these by
>>> enabling "efi" support if it's in MACHINE_FEATURES.
>>> Fixes efivars mount to /sys/firmware/efi/efivars etc.
>>> 
>>> Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
>>> ---
>>>  meta/recipes-core/systemd/systemd_257.3.bb | 1 +
>>>  1 file changed, 1 insertion(+)
>>> 
>>> diff --git a/meta/recipes-core/systemd/systemd_257.3.bb b/meta/recipes-core/systemd/systemd_257.3.bb
>>> index 64fb8fe69a..9bc4532021 100644
>>> --- a/meta/recipes-core/systemd/systemd_257.3.bb
>>> +++ b/meta/recipes-core/systemd/systemd_257.3.bb
>>> @@ -69,6 +69,7 @@ PAM_PLUGINS = " \
>>>  
>>>  PACKAGECONFIG ??= " \
>>>      ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit apparmor efi ldconfig pam pni-names selinux smack polkit seccomp', d)} \
>>> +    ${@bb.utils.filter('MACHINE_FEATURES', 'efi', d)} \
>>>      ${@bb.utils.contains('DISTRO_FEATURES', 'minidebuginfo', 'coredump elfutils', '', d)} \
>>>      ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \
>>>      ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \
>> 
>> This makes the systemd recipe machine specific which isn't currently the case.
> 
> Can we enable "efi" in DISTRO_FEATURES by default?
> 
> That would solve the issue without checking MACHINE_FEATURES in systemd recipe.

If your DISTRO doesn't enable it you can either pick a more suitable DISTRO or send patches to fix your DISTRO. Changing OE-core wide defaults is the wrong thing to do.

regards,

Koen

> Op 23 mrt 2025, om 11:53 heeft Richard Purdie via lists.openembedded.org <richard.purdie=linuxfoundation.org@lists.openembedded.org> het volgende geschreven:
> 
> On Fri, 2025-03-21 at 15:25 +0200, Mikko Rapeli via lists.openembedded.org wrote:
>> For example genericarm64 enables "efi" in MACHINE_FEATURES
>> and in u-boot. Boot without "efi" in systemd works with
>> EFI protocols but for example efivars is not mounted at
>> all so various checks fail in userspace. Fix these by
>> enabling "efi" support if it's in MACHINE_FEATURES.
>> Fixes efivars mount to /sys/firmware/efi/efivars etc.
>> 
>> Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
>> ---
>>  meta/recipes-core/systemd/systemd_257.3.bb | 1 +
>>  1 file changed, 1 insertion(+)
>> 
>> diff --git a/meta/recipes-core/systemd/systemd_257.3.bb b/meta/recipes-core/systemd/systemd_257.3.bb
>> index 64fb8fe69a..9bc4532021 100644
>> --- a/meta/recipes-core/systemd/systemd_257.3.bb
>> +++ b/meta/recipes-core/systemd/systemd_257.3.bb
>> @@ -69,6 +69,7 @@ PAM_PLUGINS = " \
>>  
>>  PACKAGECONFIG ??= " \
>>      ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit apparmor efi ldconfig pam pni-names selinux smack polkit seccomp', d)} \
>> +    ${@bb.utils.filter('MACHINE_FEATURES', 'efi', d)} \
>>      ${@bb.utils.contains('DISTRO_FEATURES', 'minidebuginfo', 'coredump elfutils', '', d)} \
>>      ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \
>>      ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \
> 
> This makes the systemd recipe machine specific which isn't currently the case.

And it also side steps DISTRO configs that don't enable 'efi' in DISTRO_FEATURES, which breaks the belief that DISTROs get the final say on policy.

regards,

Koen

Hi,

On Mon, Mar 24, 2025 at 09:50:42AM +0100, Koen Kooi wrote:
> 
> > Op 24 mrt 2025, om 08:29 heeft Mikko Rapeli via lists.openembedded.org <mikko.rapeli=linaro.org@lists.openembedded.org> het volgende geschreven:
> > 
> > Hi,
> > 
> > On Sun, Mar 23, 2025 at 10:53:59AM +0000, Richard Purdie wrote:
> >> On Fri, 2025-03-21 at 15:25 +0200, Mikko Rapeli via lists.openembedded.org wrote:
> >>> For example genericarm64 enables "efi" in MACHINE_FEATURES
> >>> and in u-boot. Boot without "efi" in systemd works with
> >>> EFI protocols but for example efivars is not mounted at
> >>> all so various checks fail in userspace. Fix these by
> >>> enabling "efi" support if it's in MACHINE_FEATURES.
> >>> Fixes efivars mount to /sys/firmware/efi/efivars etc.
> >>> 
> >>> Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
> >>> ---
> >>>  meta/recipes-core/systemd/systemd_257.3.bb | 1 +
> >>>  1 file changed, 1 insertion(+)
> >>> 
> >>> diff --git a/meta/recipes-core/systemd/systemd_257.3.bb b/meta/recipes-core/systemd/systemd_257.3.bb
> >>> index 64fb8fe69a..9bc4532021 100644
> >>> --- a/meta/recipes-core/systemd/systemd_257.3.bb
> >>> +++ b/meta/recipes-core/systemd/systemd_257.3.bb
> >>> @@ -69,6 +69,7 @@ PAM_PLUGINS = " \
> >>>  
> >>>  PACKAGECONFIG ??= " \
> >>>      ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit apparmor efi ldconfig pam pni-names selinux smack polkit seccomp', d)} \
> >>> +    ${@bb.utils.filter('MACHINE_FEATURES', 'efi', d)} \
> >>>      ${@bb.utils.contains('DISTRO_FEATURES', 'minidebuginfo', 'coredump elfutils', '', d)} \
> >>>      ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \
> >>>      ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \
> >> 
> >> This makes the systemd recipe machine specific which isn't currently the case.
> > 
> > Can we enable "efi" in DISTRO_FEATURES by default?
> > 
> > That would solve the issue without checking MACHINE_FEATURES in systemd recipe.
> 
> If your DISTRO doesn't enable it you can either pick a more suitable DISTRO or send patches to fix your DISTRO. Changing OE-core wide defaults is the wrong thing to do.

The DISTROs I care about with this patch set are poky or poky-altcfg.

When systemd is selected as init, it currently doesn't work in initramfs
on UEFI systemd even when MACHINE_FEATURES has "efi" enabled.

Cheers,

-Mikko