-
Notifications
You must be signed in to change notification settings - Fork 1.8k
/
rebuild.sh
executable file
·318 lines (263 loc) · 9.46 KB
/
rebuild.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
#!/bin/bash
# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
# fail if we encounter an error, uninitialized variable or a pipe breaks
set -eu -o pipefail
PS4='+\t '
cd $(dirname $0)
ARCH=$(uname -m)
OUTPUT_DIR=$PWD/$ARCH
GIT_ROOT_DIR=$(git rev-parse --show-toplevel)
source "$GIT_ROOT_DIR/tools/functions"
# Make sure we have all the needed tools
function install_dependencies {
apt update
apt install -y bc flex bison gcc make libelf-dev libssl-dev squashfs-tools busybox-static tree cpio curl patch docker.io
}
function prepare_docker {
nohup /usr/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://127.0.0.1:2375 &
# Wait for Docker socket to be created
timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
}
function compile_and_install {
local C_FILE=$1
local BIN_FILE=$2
local OUTPUT_DIR=$(dirname $BIN_FILE)
mkdir -pv $OUTPUT_DIR
gcc -Wall -o $BIN_FILE $C_FILE
}
# Build a rootfs
function build_rootfs {
local ROOTFS_NAME=$1
local flavour=${2}
local FROM_CTR=public.ecr.aws/ubuntu/ubuntu:$flavour
local rootfs="tmp_rootfs"
mkdir -pv "$rootfs"
# Launch Docker
prepare_docker
cp -rvf overlay/* $rootfs
# curl -O https://cloud-images.ubuntu.com/minimal/releases/noble/release/ubuntu-24.04-minimal-cloudimg-amd64-root.tar.xz
#
# TBD use systemd-nspawn instead of Docker
# sudo tar xaf ubuntu-22.04-minimal-cloudimg-amd64-root.tar.xz -C $rootfs
# sudo systemd-nspawn --resolv-conf=bind-uplink -D $rootfs
docker run --env rootfs=$rootfs --privileged --rm -i -v "$PWD:/work" -w /work "$FROM_CTR" bash -s <<'EOF'
./chroot.sh
# Copy everything we need to the bind-mounted rootfs image file
dirs="bin etc home lib lib64 root sbin usr"
for d in $dirs; do tar c "/$d" | tar x -C $rootfs; done
# Make mountpoints
mkdir -pv $rootfs/{dev,proc,sys,run,tmp,var/lib/systemd}
# So apt works
mkdir -pv $rootfs/var/lib/dpkg/
EOF
# TBD what abt /etc/hosts?
echo | tee $rootfs/etc/resolv.conf
rootfs_img="$OUTPUT_DIR/$ROOTFS_NAME.squashfs"
mv $rootfs/root/manifest $OUTPUT_DIR/$ROOTFS_NAME.manifest
mksquashfs $rootfs $rootfs_img -all-root -noappend -comp zstd
rm -rf $rootfs
for bin in fast_page_fault_helper fillmem init readmem; do
rm $PWD/overlay/usr/local/bin/$bin
done
rm -f nohup.out
}
# https://wiki.gentoo.org/wiki/Custom_Initramfs#Busybox
function build_initramfs {
INITRAMFS_BUILD=initramfs
mkdir -p $INITRAMFS_BUILD
pushd $INITRAMFS_BUILD
mkdir bin dev proc sys
cp /bin/busybox bin/sh
ln bin/sh bin/mount
# Report guest boot time back to Firecracker via MMIO
# See arch/src/lib.rs and the BootTimer device
MAGIC_BOOT_ADDRESS=0xd0000000
if [ $ARCH = "aarch64" ]; then
MAGIC_BOOT_ADDRESS=0x40000000
fi
MAGIC_BOOT_VALUE=123
cat > init <<EOF
#!/bin/sh
mount -t devtmpfs devtmpfs /dev
mount -t proc none /proc
devmem $MAGIC_BOOT_ADDRESS 8 $MAGIC_BOOT_VALUE
mount -t sysfs none /sys
exec 0</dev/console
exec 1>/dev/console
exec 2>/dev/console
echo Boot took $(cut -d' ' -f1 /proc/uptime) seconds
echo ">>> Welcome to fcinitrd <<<"
exec /bin/sh
EOF
chmod +x init
find . -print0 |cpio --null -ov --format=newc -R 0:0 > $OUTPUT_DIR/initramfs.cpio
popd
rm -rf $INITRAMFS_BUILD
}
function clone_amazon_linux_repo {
[ -d linux ] || git clone https://github.com/amazonlinux/linux linux
}
# prints the git tag corresponding to the newest and best matching the provided kernel version $1
# this means that if a microvm kernel exists, the tag returned will be of the form
#
# microvm-kernel-$1.<patch number>.amzn2[023]
#
# otherwise choose the newest tag matching
#
# kernel-$1.<patch number>.amzn2[023]
function get_tag {
local KERNEL_VERSION=$1
# list all tags from newest to oldest
(git --no-pager tag -l --sort=-creatordate | grep "microvm-kernel-$1\..*\.amzn2" \
|| git --no-pager tag -l --sort=-creatordate | grep "kernel-$1\..*\.amzn2") | head -n1
}
function build_al_kernel {
local KERNEL_CFG=$1
# Extract the kernel version from the config file provided as parameter.
local KERNEL_VERSION=$(echo $KERNEL_CFG | grep -Po "microvm-kernel-ci-$ARCH-\K(\d+\.\d+)")
pushd linux
make distclean
git checkout $(get_tag $KERNEL_VERSION)
arch=$(uname -m)
if [ "$arch" = "x86_64" ]; then
format="elf"
target="vmlinux"
binary_path="$target"
elif [ "$arch" = "aarch64" ]; then
format="pe"
target="Image"
binary_path="arch/arm64/boot/$target"
else
echo "FATAL: Unsupported architecture!"
exit 1
fi
# Concatenate all config files into one. olddefconfig will then resolve
# as needed. Later values override earlier ones.
cat "$@" >.config
make olddefconfig
make -j $(nproc) $target
LATEST_VERSION=$(cat include/config/kernel.release)
flavour=$(basename $KERNEL_CFG .config |grep -Po "\d+\.\d+\K(-.*)" || true)
# Strip off everything after the last number - sometimes AL kernels have some stuff there.
# e.g. vmlinux-4.14.348-openela -> vmlinux-4.14.348
normalized_version=$(echo "$LATEST_VERSION" | sed -E "s/(.*[[:digit:]]).*/\1/g")
OUTPUT_FILE=$OUTPUT_DIR/vmlinux-$normalized_version$flavour
cp -v $binary_path $OUTPUT_FILE
cp -v .config $OUTPUT_FILE.config
popd &>/dev/null
}
function prepare_and_build_rootfs {
BIN=overlay/usr/local/bin
compile_and_install $BIN/init.c $BIN/init
compile_and_install $BIN/fillmem.c $BIN/fillmem
compile_and_install $BIN/fast_page_fault_helper.c $BIN/fast_page_fault_helper
compile_and_install $BIN/readmem.c $BIN/readmem
if [ $ARCH == "aarch64" ]; then
compile_and_install $BIN/devmemread.c $BIN/devmemread
fi
build_rootfs ubuntu-24.04 noble
build_initramfs
}
function vmlinux_split_debuginfo {
VMLINUX="$1"
DEBUGINFO="$VMLINUX.debug"
VMLINUX_ORIG="$VMLINUX"
if [ $ARCH = "aarch64" ]; then
# in aarch64, the debug info is in vmlinux
VMLINUX_ORIG=linux/vmlinux
fi
objcopy --only-keep-debug $VMLINUX_ORIG $DEBUGINFO
objcopy --preserve-dates --strip-debug --add-gnu-debuglink=$DEBUGINFO $VMLINUX
# gdb does not support compressed files, but compress them because they are huge
gzip -v $DEBUGINFO
}
function build_al_kernels {
if [[ $# = 0 ]]; then
local KERNEL_VERSION="all"
elif [[ $# -ne 1 ]]; then
die "Too many arguments in '$(basename $0) kernels' command. Please use \`$0 help\` for help."
else
KERNEL_VERSION=$1
if [[ "$KERNEL_VERSION" != @(5.10|5.10-no-acpi|6.1) ]]; then
die "Unsupported kernel version: '$KERNEL_VERSION'. Please use \`$0 help\` for help."
fi
fi
clone_amazon_linux_repo
CI_CONFIG="$PWD/guest_configs/ci.config"
if [[ "$KERNEL_VERSION" == @(all|5.10) ]]; then
build_al_kernel $PWD/guest_configs/microvm-kernel-ci-$ARCH-5.10.config "$CI_CONFIG"
fi
if [[ $ARCH == "x86_64" && "$KERNEL_VERSION" == @(all|5.10-no-acpi) ]]; then
build_al_kernel $PWD/guest_configs/microvm-kernel-ci-$ARCH-5.10-no-acpi.config "$CI_CONFIG"
fi
if [[ "$KERNEL_VERSION" == @(all|6.1) ]]; then
build_al_kernel $PWD/guest_configs/microvm-kernel-ci-$ARCH-6.1.config "$CI_CONFIG"
fi
# Build debug kernels
FTRACE_CONFIG="$PWD/guest_configs/ftrace.config"
DEBUG_CONFIG="$PWD/guest_configs/debug.config"
OUTPUT_DIR=$OUTPUT_DIR/debug
mkdir -pv $OUTPUT_DIR
if [[ "$KERNEL_VERSION" == @(all|5.10) ]]; then
build_al_kernel "$PWD/guest_configs/microvm-kernel-ci-$ARCH-5.10.config" "$CI_CONFIG" "$FTRACE_CONFIG" "$DEBUG_CONFIG"
vmlinux_split_debuginfo $OUTPUT_DIR/vmlinux-5.10.*
fi
if [[ "$KERNEL_VERSION" == @(all|6.1) ]]; then
build_al_kernel "$PWD/guest_configs/microvm-kernel-ci-$ARCH-6.1.config" "$CI_CONFIG" "$FTRACE_CONFIG" "$DEBUG_CONFIG"
vmlinux_split_debuginfo $OUTPUT_DIR/vmlinux-6.1.*
fi
}
function print_help {
cat <<EOF
Firecracker CI artifacts build script
Usage: $(basename $0) [<command>] [<command args>]
Available commands:
all (default)
Build CI rootfs and default guest kernels using configurations from
resources/guest_configs.
This will patch the guest configurations with all the patches under
resources/guest_configs/patches.
This is the default command, if no command is chosen.
rootfs
Builds only the CI rootfs.
kernels [version]
Builds our the currently supported CI kernels.
version: Optionally choose a kernel version to build. Supported
versions are: 5.10, 5.10-no-acpi or 6.1.
help
Displays the help message and exits.
EOF
}
function main {
if [[ $# = 0 ]]; then
local MODE="all"
else
case $1 in
all|rootfs|kernels)
local MODE=$1
shift
;;
help)
print_help
exit 0
;;
*)
die "Unknown command: '$1'. Please use \`$0 help\` for help."
esac
fi
set -x
install_dependencies
# Create the directory in which we will store the kernels and rootfs
mkdir -pv $OUTPUT_DIR
if [[ "$MODE" =~ (all|rootfs) ]]; then
say "Building rootfs"
prepare_and_build_rootfs
fi
if [[ "$MODE" =~ (all|kernels) ]]; then
say "Building CI kernels"
build_al_kernels "$@"
fi
tree -h $OUTPUT_DIR
}
main "$@"