From 964117a9a27f8c048d646f423ffaf09b57bfad00 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Fri, 24 Mar 2023 15:41:01 +0100 Subject: [PATCH 01/10] overlay app-emulation/docker: "Sync" with Gentoo This is a kinda-sorta sync, because Gentoo has already dropped docker 20.x.y at 20.10.22, whereas we have 20.10.24. I updated our ebuild based on the older version of Gentoo's and adapted the dependency versions to ones mentioned on moby github page. The reason behind this "syncing" is to pull in changes in the kernel config changes as there are changes relevant to kernel 6.1. --- .../docker/docker-20.10.24.ebuild | 90 ++++++++----------- ...nrc-Depend-on-containerd-init-script.patch | 28 ++++++ .../docker/files/50-docker.network | 6 -- .../docker/files/90-docker-veth.network | 5 -- .../app-emulation/docker/files/docker.service | 37 -------- .../app-emulation/docker/files/docker.socket | 13 --- .../app-emulation/docker/files/dockerd | 41 --------- .../docker/files/ppc64-buildmode.patch | 14 +-- .../app-emulation/docker/metadata.xml | 7 +- 9 files changed, 74 insertions(+), 167 deletions(-) create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/50-docker.network delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/90-docker-veth.network delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/dockerd diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-20.10.24.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-20.10.24.ebuild index 28035af927..cbc0f16d21 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-20.10.24.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-20.10.24.ebuild @@ -1,25 +1,21 @@ -# Copyright 1999-2021 Gentoo Authors +# Copyright 1999-2023 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 EGO_PN=github.com/docker/docker +MY_PV=${PV/_/-} GIT_COMMIT=d6cbf44b8c -COREOS_GO_VERSION="go1.18" -COREOS_GO_GO111MODULE="off" - -inherit bash-completion-r1 linux-info systemd udev golang-vcs-snapshot -inherit coreos-go-depend +inherit linux-info systemd udev golang-vcs-snapshot DESCRIPTION="The core functions you need to create Docker images and run Docker containers" HOMEPAGE="https://www.docker.com/" -MY_PV=${PV/_/-} SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" LICENSE="Apache-2.0" SLOT="0" -KEYWORDS="amd64 ~arm arm64 ppc64 ~x86" -# Flatcar: default enable required USE flags -IUSE="apparmor aufs +btrfs +cli +container-init +device-mapper +hardened +overlay +seccomp +journald" +KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86" +IUSE="apparmor aufs btrfs +cli +container-init device-mapper hardened +overlay seccomp selinux" DEPEND=" acct-group/docker @@ -30,20 +26,11 @@ DEPEND=" seccomp? ( >=sys-libs/libseccomp-2.2.1 ) " -# Flatcar: -# For CoreOS builds coreos-kernel must be installed because this ebuild -# checks the kernel config. The kernel config is left by the kernel compile -# or an explicit copy when installing binary packages. See coreos-kernel.eclass -DEPEND+="sys-kernel/coreos-kernel" - # https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies # https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies # https://github.com/moby/moby/tree/master//hack/dockerfile/install # make sure docker-proxy is pinned to exact version from ^, # for appropriate branchch/version of course -# Flatcar: -# containerd ebuild doesn't support apparmor, device-mapper and seccomp use flags -# tini ebuild doesn't support static use flag RDEPEND=" ${DEPEND} >=net-firewall/iptables-1.4 @@ -51,16 +38,17 @@ RDEPEND=" >=dev-vcs/git-1.7 >=app-arch/xz-utils-4.9 dev-libs/libltdl - >=app-emulation/containerd-1.4.6[btrfs?] - ~app-emulation/docker-proxy-0.8.0_p20210525 - cli? ( app-emulation/docker-cli ) - container-init? ( >=sys-process/tini-0.19.0 ) + >=app-containers/containerd-1.6.16[apparmor?,btrfs?,device-mapper?,seccomp?] + ~app-containers/docker-proxy-0.8.0_p20230118 + cli? ( ~app-containers/docker-cli-${PV} ) + container-init? ( >=sys-process/tini-0.19.0[static] ) + selinux? ( sec-policy/selinux-docker ) " # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies -# Flatcar: drop go-md2man BDEPEND=" - >=dev-lang/go-1.13.12 + >=dev-lang/go-1.16.12 + dev-go/go-md2man virtual/pkgconfig " # tests require running dockerd as root and downloading containers @@ -68,8 +56,10 @@ RESTRICT="installsources strip test" S="${WORKDIR}/${P}/src/${EGO_PN}" +# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552 PATCHES=( "${FILESDIR}/ppc64-buildmode.patch" + "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch" ) # see "contrib/check-config.sh" from upstream's sources @@ -87,7 +77,6 @@ CONFIG_CHECK=" ~USER_NS ~SECCOMP ~CGROUP_PIDS - ~MEMCG_SWAP ~BLK_CGROUP ~BLK_DEV_THROTTLING ~CGROUP_PERF @@ -152,6 +141,12 @@ pkg_setup() { " fi + if kernel_is lt 6 1; then + CONFIG_CHECK+=" + ~MEMCG_SWAP + " + fi + if use aufs; then CONFIG_CHECK+=" ~AUFS_FS @@ -177,17 +172,14 @@ pkg_setup() { } src_compile() { - # Flatcar: for cross-compilation - go_export export DOCKER_GITCOMMIT="${GIT_COMMIT}" export GOPATH="${WORKDIR}/${P}" export VERSION=${PV} # setup CFLAGS and LDFLAGS for separate build target # see https://github.com/tianon/docker-overlay/pull/10 - # Flatcar: allow injecting CFLAGS/LDFLAGS, which is needed for torcx rpath - export CGO_CFLAGS="${CGO_CFLAGS} -I${ESYSROOT}/usr/include" - export CGO_LDFLAGS="${CGO_LDFLAGS} -L${ESYSROOT}/usr/$(get_libdir)" + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" # let's set up some optional features :) export DOCKER_BUILDTAGS='' @@ -197,18 +189,16 @@ src_compile() { fi done - for tag in apparmor seccomp journald; do + for tag in apparmor seccomp; do if use $tag; then DOCKER_BUILDTAGS+=" $tag" fi done - # Flatcar: - # inject LDFLAGS for torcx if use hardened; then - sed -i "s#EXTLDFLAGS_STATIC='#&-fno-PIC $LDFLAGS #" hack/make.sh || die + sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed' - sed "s#LDFLAGS_STATIC_DOCKER='#&-extldflags \"-fno-PIC $LDFLAGS\" #" \ + sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \ -i hack/make/dynbinary-daemon || die grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed' fi @@ -227,26 +217,16 @@ src_install() { newinitd contrib/init/openrc/docker.initd docker newconfd contrib/init/openrc/docker.confd docker - # Flatcar: - # install our systemd units/network config and our wrapper into - # /usr/lib/flatcar/docker for backwards compatibility - exeinto /usr/lib/flatcar - doexe "${FILESDIR}/dockerd" - - systemd_dounit "${FILESDIR}/docker.service" - systemd_dounit "${FILESDIR}/docker.socket" - - insinto /usr/lib/systemd/network - doins "${FILESDIR}/50-docker.network" - doins "${FILESDIR}/90-docker-veth.network" + systemd_dounit contrib/init/systemd/docker.{service,socket} udev_dorules contrib/udev/*.rules dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md dodoc -r docs/* - # Flatcar: - # don't install contrib bits + # note: intentionally not using "doins" so that we preserve +x bits + dodir /usr/share/${PN}/contrib + cp -R contrib/* "${ED}/usr/share/${PN}/contrib" } pkg_postinst() { @@ -287,15 +267,15 @@ pkg_postinst() { ewarn "Starting with docker 20.10.2, docker has been split into" ewarn "two packages upstream, so Gentoo has followed suit." ewarn - ewarn "app-emulation/docker contains the daemon and" - ewarn "app-emulation/docker-cli contains the docker command." + ewarn "app-containers/docker contains the daemon and" + ewarn "app-containers/docker-cli contains the docker command." ewarn ewarn "docker currently installs docker-cli using the cli use flag." ewarn ewarn "This use flag is temporary, so you need to take the" ewarn "following actions:" ewarn - ewarn "First, disable the cli use flag for app-emulation/docker" + ewarn "First, disable the cli use flag for app-containers/docker" ewarn ewarn "Then, if you need docker-cli and docker on the same machine," ewarn "run the following command:" @@ -304,3 +284,7 @@ pkg_postinst() { ewarn fi } + +pkg_postrm() { + udev_reload +} diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch new file mode 100644 index 0000000000..22aa145f33 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch @@ -0,0 +1,28 @@ +From bb69104381805014eb7675682d204fe460a52388 Mon Sep 17 00:00:00 2001 +From: Jan Breig +Date: Mon, 16 May 2022 14:58:36 +0200 +Subject: [PATCH] Openrc: Depend on containerd init script + +Signed-off-by: Jan Breig +--- + contrib/init/openrc/docker.initd | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/contrib/init/openrc/docker.initd b/contrib/init/openrc/docker.initd +index 3229223bad..57defb8f57 100644 +--- a/contrib/init/openrc/docker.initd ++++ b/contrib/init/openrc/docker.initd +@@ -17,6 +17,10 @@ rc_ulimit="${DOCKER_ULIMIT:--c unlimited -n 1048576 -u unlimited}" + + retry="${DOCKER_RETRY:-TERM/60/KILL/10}" + ++depend() { ++ need containerd ++} ++ + start_pre() { + checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE" + } +-- +2.35.1 + diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/50-docker.network b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/50-docker.network deleted file mode 100644 index a0d17b5368..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/50-docker.network +++ /dev/null @@ -1,6 +0,0 @@ -[Match] -Type=bridge -Name=docker* br-* - -[Link] -Unmanaged=yes diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/90-docker-veth.network b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/90-docker-veth.network deleted file mode 100644 index 3ca3816c23..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/90-docker-veth.network +++ /dev/null @@ -1,5 +0,0 @@ -[Match] -Driver=veth - -[Link] -Unmanaged=yes diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service deleted file mode 100644 index a8f1bf4ef5..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service +++ /dev/null @@ -1,37 +0,0 @@ -[Unit] -Description=Docker Application Container Engine -Documentation=http://docs.docker.com -After=containerd.service docker.socket network-online.target -Wants=network-online.target -Requires=containerd.service docker.socket - -[Service] -Type=notify -EnvironmentFile=-/run/flannel/flannel_docker_opts.env -Environment=DOCKER_SELINUX=--selinux-enabled=true - -# the default is not to use systemd for cgroups because the delegate issues still -# exists and systemd currently does not support the cgroup feature set required -# for containers run by docker -ExecStart=/usr/bin/dockerd --host=fd:// --containerd=/var/run/docker/libcontainerd/docker-containerd.sock $DOCKER_SELINUX $DOCKER_OPTS $DOCKER_CGROUPS $DOCKER_OPT_BIP $DOCKER_OPT_MTU $DOCKER_OPT_IPMASQ -ExecReload=/bin/kill -s HUP $MAINPID -LimitNOFILE=1048576 -# Having non-zero Limit*s causes performance problems due to accounting overhead -# in the kernel. We recommend using cgroups to do container-local accounting. -LimitNPROC=infinity -LimitCORE=infinity -# Uncomment TasksMax if your systemd version supports it. -# Only systemd 226 and above support this version. -TasksMax=infinity -TimeoutStartSec=0 -# set delegate yes so that systemd does not reset the cgroups of docker containers -Delegate=yes -# kill only the docker process, not all processes in the cgroup -KillMode=process -# restart the docker process if it exits prematurely -Restart=on-failure -StartLimitBurst=3 -StartLimitInterval=60s - -[Install] -WantedBy=multi-user.target diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket deleted file mode 100644 index 53133c4f8f..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=Docker Socket for the API -PartOf=docker.service - -[Socket] -ListenStream=/var/run/docker.sock -SocketMode=0660 -SocketUser=root -SocketGroup=docker - -[Install] -WantedBy=sockets.target - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/dockerd b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/dockerd deleted file mode 100644 index 19c440bdda..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/dockerd +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Wrapper for launching docker daemons with selinux default on -# This wrapper script has been deprecated (euank: 2017-05-09) and is retained -# for backwards compatibility. - -set -e - -parse_docker_args() { - local flag - while [[ $# -gt 0 ]]; do - flag="$1" - shift - - # treat --flag=foo and --flag foo identically - if [[ "${flag}" == *=* ]]; then - set -- "${flag#*=}" "$@" - flag="${flag%=*}" - fi - - case "${flag}" in - --selinux-enabled) - ARG_SELINUX="$1" - shift - ;; - *) - # ignore everything else - ;; - esac - done -} - -parse_docker_args "$@" - -USE_SELINUX="" -# Do not override selinux if it is already explicitly configured. -if [[ -z "${ARG_SELINUX}" ]]; then - # If unspecified, default off - USE_SELINUX="--selinux-enabled=false" -fi - -exec dockerd "$@" ${USE_SELINUX} diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/ppc64-buildmode.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/ppc64-buildmode.patch index 2d677a71ab..f16756e850 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/ppc64-buildmode.patch +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/ppc64-buildmode.patch @@ -17,14 +17,14 @@ index 5ea3e373f2..7a911de15a 100644 --- a/hack/make/.binary +++ b/hack/make/.binary @@ -70,7 +70,7 @@ hash_files() { - if [[ " $BUILDFLAGS " != *" -race "* ]]; then - # -buildmode=pie is not supported on Windows and Linux on mips and riscv64. - case "$(go env GOOS)/$(go env GOARCH)" in -- windows/* | linux/mips* | linux/riscv*) ;; -+ windows/* | linux/mips* | linux/riscv* | linux/ppc64) ;; - *) - BUILDFLAGS+=("-buildmode=pie") + # -buildmode=pie is not supported on Windows and Linux on mips and riscv64. + case "$(go env GOOS)/$(go env GOARCH)" in +- windows/* | linux/mips* | linux/riscv*) ;; ++ windows/* | linux/mips* | linux/riscv* | linux/ppc64) ;; + + *) + BUILDFLAGS+=("-buildmode=pie") -- 2.32.0 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/metadata.xml b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/metadata.xml index 1ec7d35307..5f16394188 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/metadata.xml +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/metadata.xml @@ -1,5 +1,5 @@ - + Docker is an open-source project to easily create lightweight, @@ -21,16 +21,13 @@ Enables dependencies for the "aufs" graph driver, including necessary kernel flags. - - Enable AppArmor support. - Enables dependencies for the "btrfs" graph driver, including necessary kernel flags. This is a temporary use flag which pulls in - app-emulation/docker-cli, the docker command line client. + app-containers/docker-cli, the docker command line client. This flag is here to assist in the transition to split packages and will be removed in a future release. From 9d6af12f1cc48359e0f84654302155b46ad780c7 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Wed, 10 May 2023 18:03:16 +0200 Subject: [PATCH 02/10] overlay app-emulation/docker: Apply Flatcar modifications --- ...10.24.ebuild => docker-20.10.24-r1.ebuild} | 84 ++++++++++++++----- ...nrc-Depend-on-containerd-init-script.patch | 28 ------- .../docker/files/50-docker.network | 6 ++ .../docker/files/90-docker-veth.network | 5 ++ .../app-emulation/docker/files/docker.service | 37 ++++++++ .../app-emulation/docker/files/docker.socket | 13 +++ .../app-emulation/docker/files/dockerd | 41 +++++++++ .../docker/files/ppc64-buildmode.patch | 14 ++-- 8 files changed, 173 insertions(+), 55 deletions(-) rename sdk_container/src/third_party/coreos-overlay/app-emulation/docker/{docker-20.10.24.ebuild => docker-20.10.24-r1.ebuild} (72%) delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/50-docker.network create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/90-docker-veth.network create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/dockerd diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-20.10.24.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-20.10.24-r1.ebuild similarity index 72% rename from sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-20.10.24.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-20.10.24-r1.ebuild index cbc0f16d21..61267209bb 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-20.10.24.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-20.10.24-r1.ebuild @@ -7,6 +7,11 @@ MY_PV=${PV/_/-} GIT_COMMIT=d6cbf44b8c inherit linux-info systemd udev golang-vcs-snapshot +COREOS_GO_VERSION="go1.18" +COREOS_GO_GO111MODULE="off" + +inherit coreos-go-depend + DESCRIPTION="The core functions you need to create Docker images and run Docker containers" HOMEPAGE="https://www.docker.com/" SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" @@ -14,8 +19,9 @@ SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" LICENSE="Apache-2.0" SLOT="0" KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86" -IUSE="apparmor aufs btrfs +cli +container-init device-mapper hardened -overlay seccomp selinux" +# Flatcar: default enable required USE flags +IUSE="apparmor aufs +btrfs +cli +container-init +device-mapper +hardened ++overlay +seccomp selinux" DEPEND=" acct-group/docker @@ -26,11 +32,23 @@ DEPEND=" seccomp? ( >=sys-libs/libseccomp-2.2.1 ) " +# Flatcar: +# For CoreOS builds coreos-kernel must be installed because this ebuild +# checks the kernel config. The kernel config is left by the kernel compile +# or an explicit copy when installing binary packages. See coreos-kernel.eclass +DEPEND+=" + sys-kernel/coreos-kernel +" + # https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies # https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies # https://github.com/moby/moby/tree/master//hack/dockerfile/install # make sure docker-proxy is pinned to exact version from ^, # for appropriate branchch/version of course +# Flatcar: +# containerd ebuild doesn't support apparmor, device-mapper and seccomp use flags +# tini ebuild doesn't support static use flag +# use the old category app-emulation instead of app-containers for containerd, docker-proxy and docker-cli RDEPEND=" ${DEPEND} >=net-firewall/iptables-1.4 @@ -38,17 +56,17 @@ RDEPEND=" >=dev-vcs/git-1.7 >=app-arch/xz-utils-4.9 dev-libs/libltdl - >=app-containers/containerd-1.6.16[apparmor?,btrfs?,device-mapper?,seccomp?] - ~app-containers/docker-proxy-0.8.0_p20230118 - cli? ( ~app-containers/docker-cli-${PV} ) - container-init? ( >=sys-process/tini-0.19.0[static] ) + >=app-emulation/containerd-1.6.16[btrfs?] + ~app-emulation/docker-proxy-0.8.0_p20230118 + cli? ( ~app-emulation/docker-cli-${PV} ) + container-init? ( >=sys-process/tini-0.19.0 ) selinux? ( sec-policy/selinux-docker ) " # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies +# Flatcar: drop go-md2man BDEPEND=" >=dev-lang/go-1.16.12 - dev-go/go-md2man virtual/pkgconfig " # tests require running dockerd as root and downloading containers @@ -56,10 +74,9 @@ RESTRICT="installsources strip test" S="${WORKDIR}/${P}/src/${EGO_PN}" -# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552 +# Flatcar: Dropped outdated bug links, dropped openrc init script patch PATCHES=( "${FILESDIR}/ppc64-buildmode.patch" - "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch" ) # see "contrib/check-config.sh" from upstream's sources @@ -172,14 +189,17 @@ pkg_setup() { } src_compile() { + # Flatcar: for cross-compilation + go_export export DOCKER_GITCOMMIT="${GIT_COMMIT}" export GOPATH="${WORKDIR}/${P}" export VERSION=${PV} # setup CFLAGS and LDFLAGS for separate build target # see https://github.com/tianon/docker-overlay/pull/10 - export CGO_CFLAGS="-I${ESYSROOT}/usr/include" - export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + # Flatcar: allow injecting CFLAGS/LDFLAGS, which is needed for torcx rpath + export CGO_CFLAGS="${CGO_CFLAGS} -I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="${CGO_LDFLAGS} -L${ESYSROOT}/usr/$(get_libdir)" # let's set up some optional features :) export DOCKER_BUILDTAGS='' @@ -194,11 +214,15 @@ src_compile() { DOCKER_BUILDTAGS+=" $tag" fi done + # Flatcar: Add journald to build tags. + DOCKER_BUILDTAGS+=' journald' + # Flatcar: + # inject LDFLAGS for torcx if use hardened; then - sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die + sed -i "s#EXTLDFLAGS_STATIC='#&-fno-PIC $LDFLAGS #" hack/make.sh || die grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed' - sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \ + sed "s#LDFLAGS_STATIC_DOCKER='#&-extldflags \"-fno-PIC $LDFLAGS\" #" \ -i hack/make/dynbinary-daemon || die grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed' fi @@ -217,16 +241,32 @@ src_install() { newinitd contrib/init/openrc/docker.initd docker newconfd contrib/init/openrc/docker.confd docker - systemd_dounit contrib/init/systemd/docker.{service,socket} + # Flatcar: + # install our systemd units/network config and our wrapper into + # /usr/lib/flatcar/docker for backwards compatibility instead of + # the units from contrib/init/systemd directory. + # + # systemd_dounit contrib/init/systemd/docker.{service,socket} + exeinto /usr/lib/flatcar + doexe "${FILESDIR}/dockerd" + + systemd_dounit "${FILESDIR}/docker.service" + systemd_dounit "${FILESDIR}/docker.socket" + + insinto /usr/lib/systemd/network + doins "${FILESDIR}/50-docker.network" + doins "${FILESDIR}/90-docker-veth.network" udev_dorules contrib/udev/*.rules dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md dodoc -r docs/* - # note: intentionally not using "doins" so that we preserve +x bits - dodir /usr/share/${PN}/contrib - cp -R contrib/* "${ED}/usr/share/${PN}/contrib" + # Flatcar: + # don't install contrib bits + # # note: intentionally not using "doins" so that we preserve +x bits + # dodir /usr/share/${PN}/contrib + # cp -R contrib/* "${ED}/usr/share/${PN}/contrib" } pkg_postinst() { @@ -267,15 +307,19 @@ pkg_postinst() { ewarn "Starting with docker 20.10.2, docker has been split into" ewarn "two packages upstream, so Gentoo has followed suit." ewarn - ewarn "app-containers/docker contains the daemon and" - ewarn "app-containers/docker-cli contains the docker command." + # Flatcar: We still use the old app-emulation category, + # instead of app-containers. + ewarn "app-emulation/docker contains the daemon and" + ewarn "app-emulation/docker-cli contains the docker command." ewarn ewarn "docker currently installs docker-cli using the cli use flag." ewarn ewarn "This use flag is temporary, so you need to take the" ewarn "following actions:" ewarn - ewarn "First, disable the cli use flag for app-containers/docker" + # Flatcar: We still use the old app-emulation category, + # instead of app-containers. + ewarn "First, disable the cli use flag for app-emulation/docker" ewarn ewarn "Then, if you need docker-cli and docker on the same machine," ewarn "run the following command:" diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch deleted file mode 100644 index 22aa145f33..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch +++ /dev/null @@ -1,28 +0,0 @@ -From bb69104381805014eb7675682d204fe460a52388 Mon Sep 17 00:00:00 2001 -From: Jan Breig -Date: Mon, 16 May 2022 14:58:36 +0200 -Subject: [PATCH] Openrc: Depend on containerd init script - -Signed-off-by: Jan Breig ---- - contrib/init/openrc/docker.initd | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/contrib/init/openrc/docker.initd b/contrib/init/openrc/docker.initd -index 3229223bad..57defb8f57 100644 ---- a/contrib/init/openrc/docker.initd -+++ b/contrib/init/openrc/docker.initd -@@ -17,6 +17,10 @@ rc_ulimit="${DOCKER_ULIMIT:--c unlimited -n 1048576 -u unlimited}" - - retry="${DOCKER_RETRY:-TERM/60/KILL/10}" - -+depend() { -+ need containerd -+} -+ - start_pre() { - checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE" - } --- -2.35.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/50-docker.network b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/50-docker.network new file mode 100644 index 0000000000..a0d17b5368 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/50-docker.network @@ -0,0 +1,6 @@ +[Match] +Type=bridge +Name=docker* br-* + +[Link] +Unmanaged=yes diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/90-docker-veth.network b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/90-docker-veth.network new file mode 100644 index 0000000000..3ca3816c23 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/90-docker-veth.network @@ -0,0 +1,5 @@ +[Match] +Driver=veth + +[Link] +Unmanaged=yes diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service new file mode 100644 index 0000000000..a8f1bf4ef5 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service @@ -0,0 +1,37 @@ +[Unit] +Description=Docker Application Container Engine +Documentation=http://docs.docker.com +After=containerd.service docker.socket network-online.target +Wants=network-online.target +Requires=containerd.service docker.socket + +[Service] +Type=notify +EnvironmentFile=-/run/flannel/flannel_docker_opts.env +Environment=DOCKER_SELINUX=--selinux-enabled=true + +# the default is not to use systemd for cgroups because the delegate issues still +# exists and systemd currently does not support the cgroup feature set required +# for containers run by docker +ExecStart=/usr/bin/dockerd --host=fd:// --containerd=/var/run/docker/libcontainerd/docker-containerd.sock $DOCKER_SELINUX $DOCKER_OPTS $DOCKER_CGROUPS $DOCKER_OPT_BIP $DOCKER_OPT_MTU $DOCKER_OPT_IPMASQ +ExecReload=/bin/kill -s HUP $MAINPID +LimitNOFILE=1048576 +# Having non-zero Limit*s causes performance problems due to accounting overhead +# in the kernel. We recommend using cgroups to do container-local accounting. +LimitNPROC=infinity +LimitCORE=infinity +# Uncomment TasksMax if your systemd version supports it. +# Only systemd 226 and above support this version. +TasksMax=infinity +TimeoutStartSec=0 +# set delegate yes so that systemd does not reset the cgroups of docker containers +Delegate=yes +# kill only the docker process, not all processes in the cgroup +KillMode=process +# restart the docker process if it exits prematurely +Restart=on-failure +StartLimitBurst=3 +StartLimitInterval=60s + +[Install] +WantedBy=multi-user.target diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket new file mode 100644 index 0000000000..53133c4f8f --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.socket @@ -0,0 +1,13 @@ +[Unit] +Description=Docker Socket for the API +PartOf=docker.service + +[Socket] +ListenStream=/var/run/docker.sock +SocketMode=0660 +SocketUser=root +SocketGroup=docker + +[Install] +WantedBy=sockets.target + diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/dockerd b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/dockerd new file mode 100644 index 0000000000..19c440bdda --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/dockerd @@ -0,0 +1,41 @@ +#!/bin/bash +# Wrapper for launching docker daemons with selinux default on +# This wrapper script has been deprecated (euank: 2017-05-09) and is retained +# for backwards compatibility. + +set -e + +parse_docker_args() { + local flag + while [[ $# -gt 0 ]]; do + flag="$1" + shift + + # treat --flag=foo and --flag foo identically + if [[ "${flag}" == *=* ]]; then + set -- "${flag#*=}" "$@" + flag="${flag%=*}" + fi + + case "${flag}" in + --selinux-enabled) + ARG_SELINUX="$1" + shift + ;; + *) + # ignore everything else + ;; + esac + done +} + +parse_docker_args "$@" + +USE_SELINUX="" +# Do not override selinux if it is already explicitly configured. +if [[ -z "${ARG_SELINUX}" ]]; then + # If unspecified, default off + USE_SELINUX="--selinux-enabled=false" +fi + +exec dockerd "$@" ${USE_SELINUX} diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/ppc64-buildmode.patch b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/ppc64-buildmode.patch index f16756e850..2d677a71ab 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/ppc64-buildmode.patch +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/ppc64-buildmode.patch @@ -17,14 +17,14 @@ index 5ea3e373f2..7a911de15a 100644 --- a/hack/make/.binary +++ b/hack/make/.binary @@ -70,7 +70,7 @@ hash_files() { + if [[ " $BUILDFLAGS " != *" -race "* ]]; then + # -buildmode=pie is not supported on Windows and Linux on mips and riscv64. + case "$(go env GOOS)/$(go env GOARCH)" in +- windows/* | linux/mips* | linux/riscv*) ;; ++ windows/* | linux/mips* | linux/riscv* | linux/ppc64) ;; - # -buildmode=pie is not supported on Windows and Linux on mips and riscv64. - case "$(go env GOOS)/$(go env GOARCH)" in -- windows/* | linux/mips* | linux/riscv*) ;; -+ windows/* | linux/mips* | linux/riscv* | linux/ppc64) ;; - - *) - BUILDFLAGS+=("-buildmode=pie") + *) + BUILDFLAGS+=("-buildmode=pie") -- 2.32.0 From 9d72f1da74bbb0348af3949e213d7c0858b7cd32 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Wed, 10 May 2023 18:24:43 +0200 Subject: [PATCH 03/10] overlay app-emulation/docker-proxy: Sync with Gentoo Needed by synced app-emulation/docker package. --- .../app-emulation/docker-proxy/Manifest | 2 +- .../docker-proxy-0.8.0_p20210525.ebuild | 1 - .../docker-proxy-0.8.0_p20230118.ebuild | 30 +++++++++++++ .../docker-proxy/docker-proxy-9999.ebuild | 43 ------------------- .../app-emulation/docker-proxy/metadata.xml | 14 +++--- 5 files changed, 36 insertions(+), 54 deletions(-) delete mode 120000 sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20210525.ebuild create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-9999.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/Manifest b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/Manifest index f11ead0a94..1e6185c5ff 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/Manifest @@ -1 +1 @@ -DIST docker-proxy-0.8.0_p20210525.tar.gz 3154432 BLAKE2B 3f273cd4c2dd3c797117bebfe06eb3ae8ce3b3f70d495cb0c77a372d64e23f1d9ad31e8efef64df494cc462e9f4fda9311c99ae7e7218f0fc41b6bf44cf8c08d SHA512 6a94fe23ce1bab0a428ee4bbe20089f5a4470e72c5da156b2b1a89de01cca803374fd9cdcd4c5b25b86af1c4e956c75a1a5ad7fb6639def7bcec69859a77c047 \ No newline at end of file +DIST docker-proxy-0.8.0_p20230118.tar.gz 3154267 BLAKE2B 307799d9dab73ed3ed3e537a247d70a65d9b4a51db69ae09518eb9daee949f78478ec104751d088717ca17171f604ff5c450198cc24e79cca266a1c7f61800ad SHA512 079eee720a4e755639e39fd8764f380549e715cbd6be0b46a102771a09f6cce5f085f7e568429c8c35a46f09948aea3e60de5ba2e32e22f0ee1fd9559c2d58f6 diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20210525.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20210525.ebuild deleted file mode 120000 index dafe77c5fe..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20210525.ebuild +++ /dev/null @@ -1 +0,0 @@ -docker-proxy-9999.ebuild \ No newline at end of file diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild new file mode 100644 index 0000000000..a39b18d1ae --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild @@ -0,0 +1,30 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +EGO_PN=github.com/moby/libnetwork +GIT_COMMIT=05b93e0d3a95952f70c113b0bc5bdb538d7afdd7 +inherit golang-vcs-snapshot + +DESCRIPTION="Docker container networking" +HOMEPAGE="https://github.com/docker/libnetwork" +SRC_URI="https://github.com/moby/libnetwork/archive/${GIT_COMMIT}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86" + +S=${WORKDIR}/${P}/src/${EGO_PN} + +# needs dockerd +RESTRICT="strip test" + +src_compile() { + GO111MODULE=auto GOPATH="${WORKDIR}/${P}" \ + go build -o "bin/docker-proxy" ./cmd/proxy || die +} + +src_install() { + dobin bin/docker-proxy + dodoc README.md CHANGELOG.md +} diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-9999.ebuild deleted file mode 100644 index 5646ae3c26..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-9999.ebuild +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -EGO_PN="github.com/docker/libnetwork" - -COREOS_GO_PACKAGE="${EGO_PN}" -COREOS_GO_VERSION="go1.18" -COREOS_GO_GO111MODULE="off" - -if [[ ${PV} == *9999 ]]; then - KEYWORDS="~amd64 ~arm64" - inherit golang-vcs -else - EGIT_COMMIT="64b7a4574d1426139437d20e81c0b6d391130ec8" - SRC_URI="https://${EGO_PN}/archive/${EGIT_COMMIT}.tar.gz -> ${P}.tar.gz" - KEYWORDS="amd64 arm64" - inherit golang-vcs-snapshot -fi - -inherit coreos-go - -DESCRIPTION="Docker container networking" -HOMEPAGE="https://github.com/docker/libnetwork" - -LICENSE="Apache-2.0" -SLOT="0" -IUSE="" - -S=${WORKDIR}/${P}/src/${EGO_PN} - -RDEPEND="! - + - - tianon@dockerproject.org - Tianon - - - mrueg@gentoo.org - Manuel Rüger - williamh@gentoo.org William Hubbs + + gyakovlev@gentoo.org + Georgy Yakovlev + docker/libnetwork From b27fbcc4f89fed5c66ec07ecb576ab43d78d6861 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Wed, 10 May 2023 18:35:28 +0200 Subject: [PATCH 04/10] overlay app-emulation/docker-proxy: Apply Flatcar modifications --- .../docker-proxy-0.8.0_p20230118.ebuild | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild index a39b18d1ae..b6ba34429e 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild @@ -6,6 +6,13 @@ EGO_PN=github.com/moby/libnetwork GIT_COMMIT=05b93e0d3a95952f70c113b0bc5bdb538d7afdd7 inherit golang-vcs-snapshot +# Flatcar: Add coreos go goo. +COREOS_GO_PACKAGE="${EGO_PN}" +COREOS_GO_VERSION="go1.18" +COREOS_GO_GO111MODULE="off" + +inherit coreos-go + DESCRIPTION="Docker container networking" HOMEPAGE="https://github.com/docker/libnetwork" SRC_URI="https://github.com/moby/libnetwork/archive/${GIT_COMMIT}.tar.gz -> ${P}.tar.gz" @@ -19,12 +26,13 @@ S=${WORKDIR}/${P}/src/${EGO_PN} # needs dockerd RESTRICT="strip test" +# Flatcar: Rewrite src_compile src_compile() { - GO111MODULE=auto GOPATH="${WORKDIR}/${P}" \ - go build -o "bin/docker-proxy" ./cmd/proxy || die + go_build "${COREOS_GO_PACKAGE}/cmd/proxy" } +# Flatcar: Rewrite src_install src_install() { - dobin bin/docker-proxy dodoc README.md CHANGELOG.md + newbin "${GOBIN}"/proxy docker-proxy } From 40a3c6be2d92318a785693d0ea92ac2099684173 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Fri, 12 May 2023 14:35:27 +0200 Subject: [PATCH 05/10] overlay app-torcx/docker: Update app-emulation/docker-proxy version --- .../coreos-overlay/app-torcx/docker/docker-20.10.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk_container/src/third_party/coreos-overlay/app-torcx/docker/docker-20.10.ebuild b/sdk_container/src/third_party/coreos-overlay/app-torcx/docker/docker-20.10.ebuild index a4ac2f4f6a..00942f2b78 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-torcx/docker/docker-20.10.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-torcx/docker/docker-20.10.ebuild @@ -14,7 +14,7 @@ RDEPEND=" ~app-emulation/docker-20.10.24 ~app-emulation/docker-cli-20.10.24 ~app-emulation/containerd-1.6.21 - ~app-emulation/docker-proxy-0.8.0_p20210525 + ~app-emulation/docker-proxy-0.8.0_p20230118 ~app-emulation/docker-runc-1.1.7 ~dev-libs/libltdl-2.4.7 ~sys-process/tini-0.19.0 From 1ee6e01db7610fcdf582374c756f566be14e9305 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Mon, 13 Feb 2023 13:53:27 +0100 Subject: [PATCH 06/10] overlay sys-kernel: Bump kernel version to 6.1.27 Linux 6.1.x is the line of LTS kernel releases, so switch to it. Dropped the already-merged patches for hyperv on arm64. The patch for avoiding failures with new compilers is not necessary any more as the build failues are already fixed. --- ...111.ebuild => coreos-kernel-6.1.27.ebuild} | 0 ...11.ebuild => coreos-modules-6.1.27.ebuild} | 0 ...d64_defconfig-5.15 => amd64_defconfig-6.1} | 0 ...m64_defconfig-5.15 => arm64_defconfig-6.1} | 0 .../{commonconfig-5.15 => commonconfig-6.1} | 0 .../sys-kernel/coreos-sources/Manifest | 4 +- ...11.ebuild => coreos-sources-6.1.27.ebuild} | 6 - ...kefile-Don-t-fail-on-fallthrough-wit.patch | 27 -- ...code-arch-neutral-by-adding-arch-spe.patch | 309 ---------------- ...CI-hv-Add-arm64-Hyper-V-vPCI-support.patch | 349 ------------------ ...-Propagate-VMbus-coherence-to-each-V.patch | 132 ------- ...-retarget-interrupt-hypercall-in-irq.patch | 302 --------------- ...ve-unused-hv_set_msi_entry_from_desc.patch | 50 --- ...elative-path-for-srctree-from-CURDIR.patch | 8 +- 14 files changed, 6 insertions(+), 1181 deletions(-) rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/{coreos-kernel-5.15.111.ebuild => coreos-kernel-6.1.27.ebuild} (100%) rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/{coreos-modules-5.15.111.ebuild => coreos-modules-6.1.27.ebuild} (100%) rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/{amd64_defconfig-5.15 => amd64_defconfig-6.1} (100%) rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/{arm64_defconfig-5.15 => arm64_defconfig-6.1} (100%) rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/{commonconfig-5.15 => commonconfig-6.1} (100%) rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/{coreos-sources-5.15.111.ebuild => coreos-sources-6.1.27.ebuild} (71%) delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0002-tools-objtool-Makefile-Don-t-fail-on-fallthrough-wit.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0003-PCI-hv-Make-the-code-arch-neutral-by-adding-arch-spe.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0004-PCI-hv-Add-arm64-Hyper-V-vPCI-support.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0005-Drivers-hv-vmbus-Propagate-VMbus-coherence-to-each-V.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0006-PCI-hv-Avoid-the-retarget-interrupt-hypercall-in-irq.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0007-PCI-hv-Remove-unused-hv_set_msi_entry_from_desc.patch rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/{5.15 => 6.1}/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch (78%) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-5.15.111.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.1.27.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-5.15.111.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.1.27.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-5.15.111.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-6.1.27.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-5.15.111.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-6.1.27.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/amd64_defconfig-5.15 b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/amd64_defconfig-6.1 similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/amd64_defconfig-5.15 rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/amd64_defconfig-6.1 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/arm64_defconfig-5.15 b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/arm64_defconfig-6.1 similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/arm64_defconfig-5.15 rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/arm64_defconfig-6.1 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-5.15 b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.1 similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-5.15 rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.1 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest index d7ab8511bf..32c72c18dc 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest @@ -1,2 +1,2 @@ -DIST linux-5.15.tar.xz 121913744 BLAKE2B 3921274b23f7938abdf3ed9334534b4581e13d7484303d3a5280eddb038999aaa8b836666a487472d9c4a219af0f06b9fecccaf348fb5510ab8762f4ef4b7e83 SHA512 d25ad40b5bcd6a4c6042fd0fd84e196e7a58024734c3e9a484fd0d5d54a0c1d87db8a3c784eff55e43b6f021709dc685eb0efa18d2aec327e4f88a79f405705a -DIST patch-5.15.111.xz 3991492 BLAKE2B 35ed3428b75ccc0c324c77461e242ee8f9cca82116cd4d3c4e9bed1219a7b3d711a378c7ff0f26f7bc23f245cff500307ff7c3a0316b440e7126a0238a83f611 SHA512 42285fcc483ba455b16b7d0d55739c37f72afc82b5b7bd59b6c312047b1ebe470670c5dd20cc3f8733cc590ab2e1d29bd5a3371beb7ade2de06232199f104f35 +DIST linux-6.1.tar.xz 134728520 BLAKE2B ae60257860b2bd1bd708d183f0443afc60ebbd2b3d535c45e44c2e541bd0928530a3b62de6385dd4e4726ebbedcc0a871d4f3ffb4105b9f1f6d8ed7467f5688e SHA512 6ed2a73c2699d0810e54753715635736fc370288ad5ce95c594f2379959b0e418665cd71bc512a0273fe226fe90074d8b10d14c209080a6466498417a4fdda68 +DIST patch-6.1.27.xz 1405244 BLAKE2B cfecf707c26cb84f13a4a9870c4db6d4077d5c98c7cb96ecb97cb2a5182a90fbb9ca367e1c646a983990b6654a1e0d7856d75768e4d340e1c3162da9a52211b8 SHA512 fbb0ef7c234febb76f4a99f5abc69c1aa989e6340a15eae1f035cbfefd15dfd85e93a0edb4e35c498a65602c1f796791a7e03583887a43e3f99f3f6a45380a50 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-5.15.111.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.1.27.ebuild similarity index 71% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-5.15.111.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.1.27.ebuild index e9a1883c76..7e47d146bb 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-5.15.111.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.1.27.ebuild @@ -36,10 +36,4 @@ IUSE="" # local patches overlap with the upstream patch. UNIPATCH_LIST=" ${PATCH_DIR}/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch \ - ${PATCH_DIR}/z0002-tools-objtool-Makefile-Don-t-fail-on-fallthrough-wit.patch \ - ${PATCH_DIR}/z0003-PCI-hv-Make-the-code-arch-neutral-by-adding-arch-spe.patch \ - ${PATCH_DIR}/z0004-PCI-hv-Add-arm64-Hyper-V-vPCI-support.patch \ - ${PATCH_DIR}/z0005-Drivers-hv-vmbus-Propagate-VMbus-coherence-to-each-V.patch \ - ${PATCH_DIR}/z0006-PCI-hv-Avoid-the-retarget-interrupt-hypercall-in-irq.patch \ - ${PATCH_DIR}/z0007-PCI-hv-Remove-unused-hv_set_msi_entry_from_desc.patch \ " diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0002-tools-objtool-Makefile-Don-t-fail-on-fallthrough-wit.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0002-tools-objtool-Makefile-Don-t-fail-on-fallthrough-wit.patch deleted file mode 100644 index af70221f4c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0002-tools-objtool-Makefile-Don-t-fail-on-fallthrough-wit.patch +++ /dev/null @@ -1,27 +0,0 @@ -From f654ed34d7082cad0b0105b8f54fc9d78b982eef Mon Sep 17 00:00:00 2001 -From: David Michael -Date: Thu, 8 Feb 2018 21:23:12 -0500 -Subject: [PATCH 2/7] tools/objtool/Makefile: Don't fail on fallthrough with - new GCCs - ---- - tools/lib/subcmd/Makefile | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/tools/lib/subcmd/Makefile b/tools/lib/subcmd/Makefile -index 1c777a72bb39..0217b7af786a 100644 ---- a/tools/lib/subcmd/Makefile -+++ b/tools/lib/subcmd/Makefile -@@ -40,6 +40,9 @@ ifneq ($(WERROR),0) - CFLAGS += -Werror - endif - -+# Don't fail on fallthrough with newer GCCs. -+CFLAGS += -Wno-error=implicit-fallthrough -+ - CFLAGS += -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE - - CFLAGS += -I$(srctree)/tools/include/ --- -2.25.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0003-PCI-hv-Make-the-code-arch-neutral-by-adding-arch-spe.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0003-PCI-hv-Make-the-code-arch-neutral-by-adding-arch-spe.patch deleted file mode 100644 index 82866e511e..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0003-PCI-hv-Make-the-code-arch-neutral-by-adding-arch-spe.patch +++ /dev/null @@ -1,309 +0,0 @@ -From 80f4d4e5e1042ea78c527d39f44ee16f5a2d3e5a Mon Sep 17 00:00:00 2001 -From: Sunil Muthuswamy -Date: Wed, 5 Jan 2022 11:32:35 -0800 -Subject: [PATCH 3/7] PCI: hv: Make the code arch neutral by adding arch - specific interfaces - -Encapsulate arch dependencies in Hyper-V vPCI through a set of -arch-dependent interfaces. Adding these arch specific interfaces will -allow for an implementation for other architectures, such as arm64. - -There are no functional changes expected from this patch. - -krnowak: Backport to 5.15 - this patch adds the hv_msi_get_int_vector -function for x64, so drop the same function that was brought in by -another patch backported to 5.15 from master. Similar thing goes for -the hv_msi_prepare function, but this time the function brought under -the CONFIG_X86 is amended to match the fixed variant that was already -a part of 5.15. - -Link: https://lore.kernel.org/r/1641411156-31705-2-git-send-email-sunilmut@linux.microsoft.com -Signed-off-by: Sunil Muthuswamy -Signed-off-by: Lorenzo Pieralisi -Signed-off-by: Bjorn Helgaas -Reviewed-by: Boqun Feng -Reviewed-by: Marc Zyngier -Reviewed-by: Michael Kelley ---- - arch/x86/include/asm/hyperv-tlfs.h | 33 ++++++++++ - drivers/pci/controller/pci-hyperv.c | 94 ++++++++++++++++------------- - include/asm-generic/hyperv-tlfs.h | 33 ---------- - 3 files changed, 85 insertions(+), 75 deletions(-) - -diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hyperv-tlfs.h -index 2322d6bd5883..fdf3d28fbdd5 100644 ---- a/arch/x86/include/asm/hyperv-tlfs.h -+++ b/arch/x86/include/asm/hyperv-tlfs.h -@@ -585,6 +585,39 @@ enum hv_interrupt_type { - HV_X64_INTERRUPT_TYPE_MAXIMUM = 0x000A, - }; - -+union hv_msi_address_register { -+ u32 as_uint32; -+ struct { -+ u32 reserved1:2; -+ u32 destination_mode:1; -+ u32 redirection_hint:1; -+ u32 reserved2:8; -+ u32 destination_id:8; -+ u32 msi_base:12; -+ }; -+} __packed; -+ -+union hv_msi_data_register { -+ u32 as_uint32; -+ struct { -+ u32 vector:8; -+ u32 delivery_mode:3; -+ u32 reserved1:3; -+ u32 level_assert:1; -+ u32 trigger_mode:1; -+ u32 reserved2:16; -+ }; -+} __packed; -+ -+/* HvRetargetDeviceInterrupt hypercall */ -+union hv_msi_entry { -+ u64 as_uint64; -+ struct { -+ union hv_msi_address_register address; -+ union hv_msi_data_register data; -+ } __packed; -+}; -+ - #include - - #endif -diff --git a/drivers/pci/controller/pci-hyperv.c b/drivers/pci/controller/pci-hyperv.c -index 9b54715a4b63..601d06fe1adc 100644 ---- a/drivers/pci/controller/pci-hyperv.c -+++ b/drivers/pci/controller/pci-hyperv.c -@@ -43,9 +43,6 @@ - #include - #include - #include --#include --#include --#include - #include - #include - #include -@@ -583,6 +580,44 @@ struct hv_pci_compl { - - static void hv_pci_onchannelcallback(void *context); - -+#ifdef CONFIG_X86 -+#define DELIVERY_MODE APIC_DELIVERY_MODE_FIXED -+#define FLOW_HANDLER handle_edge_irq -+#define FLOW_NAME "edge" -+ -+static int hv_pci_irqchip_init(void) -+{ -+ return 0; -+} -+ -+static struct irq_domain *hv_pci_get_root_domain(void) -+{ -+ return x86_vector_domain; -+} -+ -+static unsigned int hv_msi_get_int_vector(struct irq_data *data) -+{ -+ struct irq_cfg *cfg = irqd_cfg(data); -+ -+ return cfg->vector; -+} -+ -+static int hv_msi_prepare(struct irq_domain *domain, struct device *dev, -+ int nvec, msi_alloc_info_t *info) -+{ -+ int ret = pci_msi_prepare(domain, dev, nvec, info); -+ -+ /* -+ * By using the interrupt remapper in the hypervisor IOMMU, contiguous -+ * CPU vectors is not needed for multi-MSI -+ */ -+ if (info->type == X86_IRQ_ALLOC_TYPE_PCI_MSI) -+ info->flags &= ~X86_IRQ_ALLOC_CONTIGUOUS_VECTORS; -+ -+ return ret; -+} -+#endif /* CONFIG_X86 */ -+ - /** - * hv_pci_generic_compl() - Invoked for a completion packet - * @context: Set up by the sender of the packet. -@@ -1195,41 +1230,11 @@ static void hv_msi_free(struct irq_domain *domain, struct msi_domain_info *info, - put_pcichild(hpdev); - } - --static int hv_set_affinity(struct irq_data *data, const struct cpumask *dest, -- bool force) --{ -- struct irq_data *parent = data->parent_data; -- -- return parent->chip->irq_set_affinity(parent, dest, force); --} -- - static void hv_irq_mask(struct irq_data *data) - { - pci_msi_mask_irq(data); - } - --static unsigned int hv_msi_get_int_vector(struct irq_data *data) --{ -- struct irq_cfg *cfg = irqd_cfg(data); -- -- return cfg->vector; --} -- --static int hv_msi_prepare(struct irq_domain *domain, struct device *dev, -- int nvec, msi_alloc_info_t *info) --{ -- int ret = pci_msi_prepare(domain, dev, nvec, info); -- -- /* -- * By using the interrupt remapper in the hypervisor IOMMU, contiguous -- * CPU vectors is not needed for multi-MSI -- */ -- if (info->type == X86_IRQ_ALLOC_TYPE_PCI_MSI) -- info->flags &= ~X86_IRQ_ALLOC_CONTIGUOUS_VECTORS; -- -- return ret; --} -- - /** - * hv_irq_unmask() - "Unmask" the IRQ by setting its current - * affinity. -@@ -1243,7 +1248,6 @@ static int hv_msi_prepare(struct irq_domain *domain, struct device *dev, - static void hv_irq_unmask(struct irq_data *data) - { - struct msi_desc *msi_desc = irq_data_get_msi_desc(data); -- struct irq_cfg *cfg = irqd_cfg(data); - struct hv_retarget_device_interrupt *params; - struct tran_int_desc *int_desc; - struct hv_pcibus_device *hbus; -@@ -1275,7 +1279,7 @@ static void hv_irq_unmask(struct irq_data *data) - (hbus->hdev->dev_instance.b[7] << 8) | - (hbus->hdev->dev_instance.b[6] & 0xf8) | - PCI_FUNC(pdev->devfn); -- params->int_target.vector = cfg->vector; -+ params->int_target.vector = hv_msi_get_int_vector(data); - - /* - * Honoring apic->delivery_mode set to APIC_DELIVERY_MODE_FIXED by -@@ -1376,7 +1380,7 @@ static u32 hv_compose_msi_req_v1( - int_pkt->wslot.slot = slot; - int_pkt->int_desc.vector = vector; - int_pkt->int_desc.vector_count = vector_count; -- int_pkt->int_desc.delivery_mode = APIC_DELIVERY_MODE_FIXED; -+ int_pkt->int_desc.delivery_mode = DELIVERY_MODE; - - /* - * Create MSI w/ dummy vCPU set, overwritten by subsequent retarget in -@@ -1406,7 +1410,7 @@ static u32 hv_compose_msi_req_v2( - int_pkt->wslot.slot = slot; - int_pkt->int_desc.vector = vector; - int_pkt->int_desc.vector_count = vector_count; -- int_pkt->int_desc.delivery_mode = APIC_DELIVERY_MODE_FIXED; -+ int_pkt->int_desc.delivery_mode = DELIVERY_MODE; - cpu = hv_compose_msi_req_get_cpu(affinity); - int_pkt->int_desc.processor_array[0] = - hv_cpu_number_to_vp_number(cpu); -@@ -1426,7 +1430,7 @@ static u32 hv_compose_msi_req_v3( - int_pkt->int_desc.vector = vector; - int_pkt->int_desc.reserved = 0; - int_pkt->int_desc.vector_count = vector_count; -- int_pkt->int_desc.delivery_mode = APIC_DELIVERY_MODE_FIXED; -+ int_pkt->int_desc.delivery_mode = DELIVERY_MODE; - cpu = hv_compose_msi_req_get_cpu(affinity); - int_pkt->int_desc.processor_array[0] = - hv_cpu_number_to_vp_number(cpu); -@@ -1660,7 +1664,7 @@ static void hv_compose_msi_msg(struct irq_data *data, struct msi_msg *msg) - static struct irq_chip hv_msi_irq_chip = { - .name = "Hyper-V PCIe MSI", - .irq_compose_msi_msg = hv_compose_msi_msg, -- .irq_set_affinity = hv_set_affinity, -+ .irq_set_affinity = irq_chip_set_affinity_parent, - .irq_ack = irq_chip_ack_parent, - .irq_mask = hv_irq_mask, - .irq_unmask = hv_irq_unmask, -@@ -1691,12 +1695,12 @@ static int hv_pcie_init_irq_domain(struct hv_pcibus_device *hbus) - hbus->msi_info.flags = (MSI_FLAG_USE_DEF_DOM_OPS | - MSI_FLAG_USE_DEF_CHIP_OPS | MSI_FLAG_MULTI_PCI_MSI | - MSI_FLAG_PCI_MSIX); -- hbus->msi_info.handler = handle_edge_irq; -- hbus->msi_info.handler_name = "edge"; -+ hbus->msi_info.handler = FLOW_HANDLER; -+ hbus->msi_info.handler_name = FLOW_NAME; - hbus->msi_info.data = hbus; - hbus->irq_domain = pci_msi_create_irq_domain(hbus->fwnode, - &hbus->msi_info, -- x86_vector_domain); -+ hv_pci_get_root_domain()); - if (!hbus->irq_domain) { - dev_err(&hbus->hdev->device, - "Failed to build an MSI IRQ domain\n"); -@@ -3626,9 +3630,15 @@ static void __exit exit_hv_pci_drv(void) - - static int __init init_hv_pci_drv(void) - { -+ int ret; -+ - if (!hv_is_hyperv_initialized()) - return -ENODEV; - -+ ret = hv_pci_irqchip_init(); -+ if (ret) -+ return ret; -+ - /* Set the invalid domain number's bit, so it will not be used */ - set_bit(HVPCI_DOM_INVALID, hvpci_dom_map); - -diff --git a/include/asm-generic/hyperv-tlfs.h b/include/asm-generic/hyperv-tlfs.h -index 56348a541c50..45cc0c3b8ed7 100644 ---- a/include/asm-generic/hyperv-tlfs.h -+++ b/include/asm-generic/hyperv-tlfs.h -@@ -539,39 +539,6 @@ enum hv_interrupt_source { - HV_INTERRUPT_SOURCE_IOAPIC, - }; - --union hv_msi_address_register { -- u32 as_uint32; -- struct { -- u32 reserved1:2; -- u32 destination_mode:1; -- u32 redirection_hint:1; -- u32 reserved2:8; -- u32 destination_id:8; -- u32 msi_base:12; -- }; --} __packed; -- --union hv_msi_data_register { -- u32 as_uint32; -- struct { -- u32 vector:8; -- u32 delivery_mode:3; -- u32 reserved1:3; -- u32 level_assert:1; -- u32 trigger_mode:1; -- u32 reserved2:16; -- }; --} __packed; -- --/* HvRetargetDeviceInterrupt hypercall */ --union hv_msi_entry { -- u64 as_uint64; -- struct { -- union hv_msi_address_register address; -- union hv_msi_data_register data; -- } __packed; --}; -- - union hv_ioapic_rte { - u64 as_uint64; - --- -2.25.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0004-PCI-hv-Add-arm64-Hyper-V-vPCI-support.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0004-PCI-hv-Add-arm64-Hyper-V-vPCI-support.patch deleted file mode 100644 index 05d66b9d6b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0004-PCI-hv-Add-arm64-Hyper-V-vPCI-support.patch +++ /dev/null @@ -1,349 +0,0 @@ -From 802291ee132c756996438afb97dd9d25f9fa5d08 Mon Sep 17 00:00:00 2001 -From: Sunil Muthuswamy -Date: Wed, 5 Jan 2022 11:32:36 -0800 -Subject: [PATCH 4/7] PCI: hv: Add arm64 Hyper-V vPCI support - -Add arm64 Hyper-V vPCI support by implementing the arch specific -interfaces. Introduce an IRQ domain and chip specific to Hyper-v vPCI that -is based on SPIs. The IRQ domain parents itself to the arch GIC IRQ domain -for basic vector management. - -[bhelgaas: squash in fix from Yang Li : -https://lore.kernel.org/r/20220112003324.62755-1-yang.lee@linux.alibaba.com] -Link: https://lore.kernel.org/r/1641411156-31705-3-git-send-email-sunilmut@linux.microsoft.com -Signed-off-by: Sunil Muthuswamy -Signed-off-by: Lorenzo Pieralisi -Signed-off-by: Bjorn Helgaas -Reviewed-by: Marc Zyngier -Reviewed-by: Michael Kelley ---- - arch/arm64/include/asm/hyperv-tlfs.h | 9 + - drivers/pci/Kconfig | 2 +- - drivers/pci/controller/Kconfig | 2 +- - drivers/pci/controller/pci-hyperv.c | 235 ++++++++++++++++++++++++++- - 4 files changed, 245 insertions(+), 3 deletions(-) - -diff --git a/arch/arm64/include/asm/hyperv-tlfs.h b/arch/arm64/include/asm/hyperv-tlfs.h -index 4d964a7f02ee..bc6c7ac934a1 100644 ---- a/arch/arm64/include/asm/hyperv-tlfs.h -+++ b/arch/arm64/include/asm/hyperv-tlfs.h -@@ -64,6 +64,15 @@ - #define HV_REGISTER_STIMER0_CONFIG 0x000B0000 - #define HV_REGISTER_STIMER0_COUNT 0x000B0001 - -+union hv_msi_entry { -+ u64 as_uint64[2]; -+ struct { -+ u64 address; -+ u32 data; -+ u32 reserved; -+ } __packed; -+}; -+ - #include - - #endif -diff --git a/drivers/pci/Kconfig b/drivers/pci/Kconfig -index 43e615aa12ff..d98fafdd0f99 100644 ---- a/drivers/pci/Kconfig -+++ b/drivers/pci/Kconfig -@@ -184,7 +184,7 @@ config PCI_LABEL - - config PCI_HYPERV - tristate "Hyper-V PCI Frontend" -- depends on X86_64 && HYPERV && PCI_MSI && PCI_MSI_IRQ_DOMAIN && SYSFS -+ depends on ((X86 && X86_64) || ARM64) && HYPERV && PCI_MSI && PCI_MSI_IRQ_DOMAIN && SYSFS - select PCI_HYPERV_INTERFACE - help - The PCI device frontend driver allows the kernel to import arbitrary -diff --git a/drivers/pci/controller/Kconfig b/drivers/pci/controller/Kconfig -index 326f7d13024f..b24edba0b870 100644 ---- a/drivers/pci/controller/Kconfig -+++ b/drivers/pci/controller/Kconfig -@@ -280,7 +280,7 @@ config PCIE_BRCMSTB - - config PCI_HYPERV_INTERFACE - tristate "Hyper-V PCI Interface" -- depends on X86 && HYPERV && PCI_MSI && PCI_MSI_IRQ_DOMAIN && X86_64 -+ depends on ((X86 && X86_64) || ARM64) && HYPERV && PCI_MSI && PCI_MSI_IRQ_DOMAIN - help - The Hyper-V PCI Interface is a helper driver allows other drivers to - have a common interface with the Hyper-V PCI frontend driver. -diff --git a/drivers/pci/controller/pci-hyperv.c b/drivers/pci/controller/pci-hyperv.c -index 601d06fe1adc..42c625bc5944 100644 ---- a/drivers/pci/controller/pci-hyperv.c -+++ b/drivers/pci/controller/pci-hyperv.c -@@ -47,6 +47,8 @@ - #include - #include - #include -+#include -+#include - #include - - /* -@@ -616,7 +618,230 @@ static int hv_msi_prepare(struct irq_domain *domain, struct device *dev, - - return ret; - } --#endif /* CONFIG_X86 */ -+#elif defined(CONFIG_ARM64) -+/* -+ * SPI vectors to use for vPCI; arch SPIs range is [32, 1019], but leaving a bit -+ * of room at the start to allow for SPIs to be specified through ACPI and -+ * starting with a power of two to satisfy power of 2 multi-MSI requirement. -+ */ -+#define HV_PCI_MSI_SPI_START 64 -+#define HV_PCI_MSI_SPI_NR (1020 - HV_PCI_MSI_SPI_START) -+#define DELIVERY_MODE 0 -+#define FLOW_HANDLER NULL -+#define FLOW_NAME NULL -+#define hv_msi_prepare NULL -+ -+struct hv_pci_chip_data { -+ DECLARE_BITMAP(spi_map, HV_PCI_MSI_SPI_NR); -+ struct mutex map_lock; -+}; -+ -+/* Hyper-V vPCI MSI GIC IRQ domain */ -+static struct irq_domain *hv_msi_gic_irq_domain; -+ -+/* Hyper-V PCI MSI IRQ chip */ -+static struct irq_chip hv_arm64_msi_irq_chip = { -+ .name = "MSI", -+ .irq_set_affinity = irq_chip_set_affinity_parent, -+ .irq_eoi = irq_chip_eoi_parent, -+ .irq_mask = irq_chip_mask_parent, -+ .irq_unmask = irq_chip_unmask_parent -+}; -+ -+static unsigned int hv_msi_get_int_vector(struct irq_data *irqd) -+{ -+ return irqd->parent_data->hwirq; -+} -+ -+static void hv_set_msi_entry_from_desc(union hv_msi_entry *msi_entry, -+ struct msi_desc *msi_desc) -+{ -+ msi_entry->address = ((u64)msi_desc->msg.address_hi << 32) | -+ msi_desc->msg.address_lo; -+ msi_entry->data = msi_desc->msg.data; -+} -+ -+/* -+ * @nr_bm_irqs: Indicates the number of IRQs that were allocated from -+ * the bitmap. -+ * @nr_dom_irqs: Indicates the number of IRQs that were allocated from -+ * the parent domain. -+ */ -+static void hv_pci_vec_irq_free(struct irq_domain *domain, -+ unsigned int virq, -+ unsigned int nr_bm_irqs, -+ unsigned int nr_dom_irqs) -+{ -+ struct hv_pci_chip_data *chip_data = domain->host_data; -+ struct irq_data *d = irq_domain_get_irq_data(domain, virq); -+ int first = d->hwirq - HV_PCI_MSI_SPI_START; -+ int i; -+ -+ mutex_lock(&chip_data->map_lock); -+ bitmap_release_region(chip_data->spi_map, -+ first, -+ get_count_order(nr_bm_irqs)); -+ mutex_unlock(&chip_data->map_lock); -+ for (i = 0; i < nr_dom_irqs; i++) { -+ if (i) -+ d = irq_domain_get_irq_data(domain, virq + i); -+ irq_domain_reset_irq_data(d); -+ } -+ -+ irq_domain_free_irqs_parent(domain, virq, nr_dom_irqs); -+} -+ -+static void hv_pci_vec_irq_domain_free(struct irq_domain *domain, -+ unsigned int virq, -+ unsigned int nr_irqs) -+{ -+ hv_pci_vec_irq_free(domain, virq, nr_irqs, nr_irqs); -+} -+ -+static int hv_pci_vec_alloc_device_irq(struct irq_domain *domain, -+ unsigned int nr_irqs, -+ irq_hw_number_t *hwirq) -+{ -+ struct hv_pci_chip_data *chip_data = domain->host_data; -+ int index; -+ -+ /* Find and allocate region from the SPI bitmap */ -+ mutex_lock(&chip_data->map_lock); -+ index = bitmap_find_free_region(chip_data->spi_map, -+ HV_PCI_MSI_SPI_NR, -+ get_count_order(nr_irqs)); -+ mutex_unlock(&chip_data->map_lock); -+ if (index < 0) -+ return -ENOSPC; -+ -+ *hwirq = index + HV_PCI_MSI_SPI_START; -+ -+ return 0; -+} -+ -+static int hv_pci_vec_irq_gic_domain_alloc(struct irq_domain *domain, -+ unsigned int virq, -+ irq_hw_number_t hwirq) -+{ -+ struct irq_fwspec fwspec; -+ struct irq_data *d; -+ int ret; -+ -+ fwspec.fwnode = domain->parent->fwnode; -+ fwspec.param_count = 2; -+ fwspec.param[0] = hwirq; -+ fwspec.param[1] = IRQ_TYPE_EDGE_RISING; -+ -+ ret = irq_domain_alloc_irqs_parent(domain, virq, 1, &fwspec); -+ if (ret) -+ return ret; -+ -+ /* -+ * Since the interrupt specifier is not coming from ACPI or DT, the -+ * trigger type will need to be set explicitly. Otherwise, it will be -+ * set to whatever is in the GIC configuration. -+ */ -+ d = irq_domain_get_irq_data(domain->parent, virq); -+ -+ return d->chip->irq_set_type(d, IRQ_TYPE_EDGE_RISING); -+} -+ -+static int hv_pci_vec_irq_domain_alloc(struct irq_domain *domain, -+ unsigned int virq, unsigned int nr_irqs, -+ void *args) -+{ -+ irq_hw_number_t hwirq; -+ unsigned int i; -+ int ret; -+ -+ ret = hv_pci_vec_alloc_device_irq(domain, nr_irqs, &hwirq); -+ if (ret) -+ return ret; -+ -+ for (i = 0; i < nr_irqs; i++) { -+ ret = hv_pci_vec_irq_gic_domain_alloc(domain, virq + i, -+ hwirq + i); -+ if (ret) { -+ hv_pci_vec_irq_free(domain, virq, nr_irqs, i); -+ return ret; -+ } -+ -+ irq_domain_set_hwirq_and_chip(domain, virq + i, -+ hwirq + i, -+ &hv_arm64_msi_irq_chip, -+ domain->host_data); -+ pr_debug("pID:%d vID:%u\n", (int)(hwirq + i), virq + i); -+ } -+ -+ return 0; -+} -+ -+/* -+ * Pick the first cpu as the irq affinity that can be temporarily used for -+ * composing MSI from the hypervisor. GIC will eventually set the right -+ * affinity for the irq and the 'unmask' will retarget the interrupt to that -+ * cpu. -+ */ -+static int hv_pci_vec_irq_domain_activate(struct irq_domain *domain, -+ struct irq_data *irqd, bool reserve) -+{ -+ int cpu = cpumask_first(cpu_present_mask); -+ -+ irq_data_update_effective_affinity(irqd, cpumask_of(cpu)); -+ -+ return 0; -+} -+ -+static const struct irq_domain_ops hv_pci_domain_ops = { -+ .alloc = hv_pci_vec_irq_domain_alloc, -+ .free = hv_pci_vec_irq_domain_free, -+ .activate = hv_pci_vec_irq_domain_activate, -+}; -+ -+static int hv_pci_irqchip_init(void) -+{ -+ static struct hv_pci_chip_data *chip_data; -+ struct fwnode_handle *fn = NULL; -+ int ret = -ENOMEM; -+ -+ chip_data = kzalloc(sizeof(*chip_data), GFP_KERNEL); -+ if (!chip_data) -+ return ret; -+ -+ mutex_init(&chip_data->map_lock); -+ fn = irq_domain_alloc_named_fwnode("hv_vpci_arm64"); -+ if (!fn) -+ goto free_chip; -+ -+ /* -+ * IRQ domain once enabled, should not be removed since there is no -+ * way to ensure that all the corresponding devices are also gone and -+ * no interrupts will be generated. -+ */ -+ hv_msi_gic_irq_domain = acpi_irq_create_hierarchy(0, HV_PCI_MSI_SPI_NR, -+ fn, &hv_pci_domain_ops, -+ chip_data); -+ -+ if (!hv_msi_gic_irq_domain) { -+ pr_err("Failed to create Hyper-V arm64 vPCI MSI IRQ domain\n"); -+ goto free_chip; -+ } -+ -+ return 0; -+ -+free_chip: -+ kfree(chip_data); -+ if (fn) -+ irq_domain_free_fwnode(fn); -+ -+ return ret; -+} -+ -+static struct irq_domain *hv_pci_get_root_domain(void) -+{ -+ return hv_msi_gic_irq_domain; -+} -+#endif /* CONFIG_ARM64 */ - - /** - * hv_pci_generic_compl() - Invoked for a completion packet -@@ -1233,6 +1458,8 @@ static void hv_msi_free(struct irq_domain *domain, struct msi_domain_info *info, - static void hv_irq_mask(struct irq_data *data) - { - pci_msi_mask_irq(data); -+ if (data->parent_data->chip->irq_mask) -+ irq_chip_mask_parent(data); - } - - /** -@@ -1352,6 +1579,8 @@ static void hv_irq_unmask(struct irq_data *data) - dev_err(&hbus->hdev->device, - "%s() failed: %#llx", __func__, res); - -+ if (data->parent_data->chip->irq_unmask) -+ irq_chip_unmask_parent(data); - pci_msi_unmask_irq(data); - } - -@@ -1665,7 +1894,11 @@ static struct irq_chip hv_msi_irq_chip = { - .name = "Hyper-V PCIe MSI", - .irq_compose_msi_msg = hv_compose_msi_msg, - .irq_set_affinity = irq_chip_set_affinity_parent, -+#ifdef CONFIG_X86 - .irq_ack = irq_chip_ack_parent, -+#elif defined(CONFIG_ARM64) -+ .irq_eoi = irq_chip_eoi_parent, -+#endif - .irq_mask = hv_irq_mask, - .irq_unmask = hv_irq_unmask, - }; --- -2.25.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0005-Drivers-hv-vmbus-Propagate-VMbus-coherence-to-each-V.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0005-Drivers-hv-vmbus-Propagate-VMbus-coherence-to-each-V.patch deleted file mode 100644 index 7e5588a061..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0005-Drivers-hv-vmbus-Propagate-VMbus-coherence-to-each-V.patch +++ /dev/null @@ -1,132 +0,0 @@ -From cdbc1cd23ea659b8fc8f67fa0d88654eb90a01fe Mon Sep 17 00:00:00 2001 -From: Michael Kelley -Date: Thu, 24 Mar 2022 09:14:51 -0700 -Subject: [PATCH 5/7] Drivers: hv: vmbus: Propagate VMbus coherence to each - VMbus device - -VMbus synthetic devices are not represented in the ACPI DSDT -- only -the top level VMbus device is represented. As a result, on ARM64 -coherence information in the _CCA method is not specified for -synthetic devices, so they default to not hardware coherent. -Drivers for some of these synthetic devices have been recently -updated to use the standard DMA APIs, and they are incurring extra -overhead of unneeded software coherence management. - -Fix this by propagating coherence information from the VMbus node -in ACPI to the individual synthetic devices. There's no effect on -x86/x64 where devices are always hardware coherent. - -krnowak: Backport to 5.15 - fixed conflict stemming from hv_map_memory -and hv_unmap_memory being in diff context. These functions do not -exist in 5.15. - -Signed-off-by: Michael Kelley -Acked-by: Robin Murphy -Link: https://lore.kernel.org/r/1648138492-2191-2-git-send-email-mikelley@microsoft.com -Signed-off-by: Wei Liu ---- - drivers/hv/hv_common.c | 11 +++++++++++ - drivers/hv/vmbus_drv.c | 31 +++++++++++++++++++++++++++++++ - include/asm-generic/mshyperv.h | 1 + - 3 files changed, 43 insertions(+) - -diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c -index c0d9048a4112..196cedd5f37c 100644 ---- a/drivers/hv/hv_common.c -+++ b/drivers/hv/hv_common.c -@@ -20,6 +20,7 @@ - #include - #include - #include -+#include - #include - #include - -@@ -216,6 +217,16 @@ bool hv_query_ext_cap(u64 cap_query) - } - EXPORT_SYMBOL_GPL(hv_query_ext_cap); - -+void hv_setup_dma_ops(struct device *dev, bool coherent) -+{ -+ /* -+ * Hyper-V does not offer a vIOMMU in the guest -+ * VM, so pass 0/NULL for the IOMMU settings -+ */ -+ arch_setup_dma_ops(dev, 0, 0, NULL, coherent); -+} -+EXPORT_SYMBOL_GPL(hv_setup_dma_ops); -+ - bool hv_is_hibernation_supported(void) - { - return !hv_root_partition && acpi_sleep_state_supported(ACPI_STATE_S4); -diff --git a/drivers/hv/vmbus_drv.c b/drivers/hv/vmbus_drv.c -index 50d9113f5402..1f38d0a6548d 100644 ---- a/drivers/hv/vmbus_drv.c -+++ b/drivers/hv/vmbus_drv.c -@@ -919,6 +919,21 @@ static int vmbus_probe(struct device *child_device) - return ret; - } - -+/* -+ * vmbus_dma_configure -- Configure DMA coherence for VMbus device -+ */ -+static int vmbus_dma_configure(struct device *child_device) -+{ -+ /* -+ * On ARM64, propagate the DMA coherence setting from the top level -+ * VMbus ACPI device to the child VMbus device being added here. -+ * On x86/x64 coherence is assumed and these calls have no effect. -+ */ -+ hv_setup_dma_ops(child_device, -+ device_get_dma_attr(&hv_acpi_dev->dev) == DEV_DMA_COHERENT); -+ return 0; -+} -+ - /* - * vmbus_remove - Remove a vmbus device - */ -@@ -1039,6 +1054,7 @@ static struct bus_type hv_bus = { - .remove = vmbus_remove, - .probe = vmbus_probe, - .uevent = vmbus_uevent, -+ .dma_configure = vmbus_dma_configure, - .dev_groups = vmbus_dev_groups, - .drv_groups = vmbus_drv_groups, - .bus_groups = vmbus_bus_groups, -@@ -2430,6 +2446,21 @@ static int vmbus_acpi_add(struct acpi_device *device) - - hv_acpi_dev = device; - -+ /* -+ * Older versions of Hyper-V for ARM64 fail to include the _CCA -+ * method on the top level VMbus device in the DSDT. But devices -+ * are hardware coherent in all current Hyper-V use cases, so fix -+ * up the ACPI device to behave as if _CCA is present and indicates -+ * hardware coherence. -+ */ -+ ACPI_COMPANION_SET(&device->dev, device); -+ if (IS_ENABLED(CONFIG_ACPI_CCA_REQUIRED) && -+ device_get_dma_attr(&device->dev) == DEV_DMA_NOT_SUPPORTED) { -+ pr_info("No ACPI _CCA found; assuming coherent device I/O\n"); -+ device->flags.cca_seen = true; -+ device->flags.coherent_dma = true; -+ } -+ - result = acpi_walk_resources(device->handle, METHOD_NAME__CRS, - vmbus_walk_resources, NULL); - -diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h -index d3eae6cdbacb..807f1b524af2 100644 ---- a/include/asm-generic/mshyperv.h -+++ b/include/asm-generic/mshyperv.h -@@ -256,6 +256,7 @@ enum hv_isolation_type hv_get_isolation_type(void); - bool hv_is_isolation_supported(void); - void hyperv_cleanup(void); - bool hv_query_ext_cap(u64 cap_query); -+void hv_setup_dma_ops(struct device *dev, bool coherent); - #else /* CONFIG_HYPERV */ - static inline bool hv_is_hyperv_initialized(void) { return false; } - static inline bool hv_is_hibernation_supported(void) { return false; } --- -2.25.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0006-PCI-hv-Avoid-the-retarget-interrupt-hypercall-in-irq.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0006-PCI-hv-Avoid-the-retarget-interrupt-hypercall-in-irq.patch deleted file mode 100644 index e95fbd646c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0006-PCI-hv-Avoid-the-retarget-interrupt-hypercall-in-irq.patch +++ /dev/null @@ -1,302 +0,0 @@ -From 72b9ec2f281657bd50c8acfc0aa297ccd9a9f260 Mon Sep 17 00:00:00 2001 -From: Boqun Feng -Date: Thu, 17 Feb 2022 11:45:19 +0800 -Subject: [PATCH 6/7] PCI: hv: Avoid the retarget interrupt hypercall in - irq_unmask() on ARM64 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -On ARM64 Hyper-V guests, SPIs are used for the interrupts of virtual PCI -devices, and SPIs can be managed directly via GICD registers. Therefore -the retarget interrupt hypercall is not needed on ARM64. - -An arch-specific interface hv_arch_irq_unmask() is introduced to handle -the architecture level differences on this. For x86, the behavior -remains unchanged, while for ARM64 no hypercall is invoked when -unmasking an irq for virtual PCI devices. - -Link: https://lore.kernel.org/r/20220217034525.1687678-1-boqun.feng@gmail.com -Signed-off-by: Boqun Feng -Signed-off-by: Lorenzo Pieralisi -Reviewed-by: Michael Kelley - -jepio: Upstream commit d06957d7a6929e6a4aa959cb59d66f0c095fc974+squashed -455880dfe292a2bdd3b4ad6a107299fce610e64b into this. 5.15 contains 455880d -(35d24b115a407c0a1a73900d025da77be2763ed3) but not the rest of ARM64+PCI -enablement (which we carry) so without this patch there is a build failure: - - drivers/pci/controller/pci-hyperv.c:1509:37: error: request for member ���as_uint32��� in something not a structure or union ---- - drivers/pci/controller/pci-hyperv.c | 239 +++++++++++++++------------- - 1 file changed, 125 insertions(+), 114 deletions(-) - -diff --git a/drivers/pci/controller/pci-hyperv.c b/drivers/pci/controller/pci-hyperv.c -index 42c625bc5944..165dfb98d3d8 100644 ---- a/drivers/pci/controller/pci-hyperv.c -+++ b/drivers/pci/controller/pci-hyperv.c -@@ -618,6 +618,124 @@ static int hv_msi_prepare(struct irq_domain *domain, struct device *dev, - - return ret; - } -+ -+/** -+ * hv_arch_irq_unmask() - "Unmask" the IRQ by setting its current -+ * affinity. -+ * @data: Describes the IRQ -+ * -+ * Build new a destination for the MSI and make a hypercall to -+ * update the Interrupt Redirection Table. "Device Logical ID" -+ * is built out of this PCI bus's instance GUID and the function -+ * number of the device. -+ */ -+static void hv_arch_irq_unmask(struct irq_data *data) -+{ -+ struct msi_desc *msi_desc = irq_data_get_msi_desc(data); -+ struct hv_retarget_device_interrupt *params; -+ struct tran_int_desc *int_desc; -+ struct hv_pcibus_device *hbus; -+ struct cpumask *dest; -+ cpumask_var_t tmp; -+ struct pci_bus *pbus; -+ struct pci_dev *pdev; -+ unsigned long flags; -+ u32 var_size = 0; -+ int cpu, nr_bank; -+ u64 res; -+ -+ dest = irq_data_get_effective_affinity_mask(data); -+ pdev = msi_desc_to_pci_dev(msi_desc); -+ pbus = pdev->bus; -+ hbus = container_of(pbus->sysdata, struct hv_pcibus_device, sysdata); -+ int_desc = data->chip_data; -+ -+ spin_lock_irqsave(&hbus->retarget_msi_interrupt_lock, flags); -+ -+ params = &hbus->retarget_msi_interrupt_params; -+ memset(params, 0, sizeof(*params)); -+ params->partition_id = HV_PARTITION_ID_SELF; -+ params->int_entry.source = HV_INTERRUPT_SOURCE_MSI; -+ params->int_entry.msi_entry.address.as_uint32 = int_desc->address & 0xffffffff; -+ params->int_entry.msi_entry.data.as_uint32 = int_desc->data; -+ params->device_id = (hbus->hdev->dev_instance.b[5] << 24) | -+ (hbus->hdev->dev_instance.b[4] << 16) | -+ (hbus->hdev->dev_instance.b[7] << 8) | -+ (hbus->hdev->dev_instance.b[6] & 0xf8) | -+ PCI_FUNC(pdev->devfn); -+ params->int_target.vector = hv_msi_get_int_vector(data); -+ -+ /* -+ * Honoring apic->delivery_mode set to APIC_DELIVERY_MODE_FIXED by -+ * setting the HV_DEVICE_INTERRUPT_TARGET_MULTICAST flag results in a -+ * spurious interrupt storm. Not doing so does not seem to have a -+ * negative effect (yet?). -+ */ -+ -+ if (hbus->protocol_version >= PCI_PROTOCOL_VERSION_1_2) { -+ /* -+ * PCI_PROTOCOL_VERSION_1_2 supports the VP_SET version of the -+ * HVCALL_RETARGET_INTERRUPT hypercall, which also coincides -+ * with >64 VP support. -+ * ms_hyperv.hints & HV_X64_EX_PROCESSOR_MASKS_RECOMMENDED -+ * is not sufficient for this hypercall. -+ */ -+ params->int_target.flags |= -+ HV_DEVICE_INTERRUPT_TARGET_PROCESSOR_SET; -+ -+ if (!alloc_cpumask_var(&tmp, GFP_ATOMIC)) { -+ res = 1; -+ goto exit_unlock; -+ } -+ -+ cpumask_and(tmp, dest, cpu_online_mask); -+ nr_bank = cpumask_to_vpset(¶ms->int_target.vp_set, tmp); -+ free_cpumask_var(tmp); -+ -+ if (nr_bank <= 0) { -+ res = 1; -+ goto exit_unlock; -+ } -+ -+ /* -+ * var-sized hypercall, var-size starts after vp_mask (thus -+ * vp_set.format does not count, but vp_set.valid_bank_mask -+ * does). -+ */ -+ var_size = 1 + nr_bank; -+ } else { -+ for_each_cpu_and(cpu, dest, cpu_online_mask) { -+ params->int_target.vp_mask |= -+ (1ULL << hv_cpu_number_to_vp_number(cpu)); -+ } -+ } -+ -+ res = hv_do_hypercall(HVCALL_RETARGET_INTERRUPT | (var_size << 17), -+ params, NULL); -+ -+exit_unlock: -+ spin_unlock_irqrestore(&hbus->retarget_msi_interrupt_lock, flags); -+ -+ /* -+ * During hibernation, when a CPU is offlined, the kernel tries -+ * to move the interrupt to the remaining CPUs that haven't -+ * been offlined yet. In this case, the below hv_do_hypercall() -+ * always fails since the vmbus channel has been closed: -+ * refer to cpu_disable_common() -> fixup_irqs() -> -+ * irq_migrate_all_off_this_cpu() -> migrate_one_irq(). -+ * -+ * Suppress the error message for hibernation because the failure -+ * during hibernation does not matter (at this time all the devices -+ * have been frozen). Note: the correct affinity info is still updated -+ * into the irqdata data structure in migrate_one_irq() -> -+ * irq_do_set_affinity() -> hv_set_affinity(), so later when the VM -+ * resumes, hv_pci_restore_msi_state() is able to correctly restore -+ * the interrupt with the correct affinity. -+ */ -+ if (!hv_result_success(res) && hbus->state != hv_pcibus_removing) -+ dev_err(&hbus->hdev->device, -+ "%s() failed: %#llx", __func__, res); -+} - #elif defined(CONFIG_ARM64) - /* - * SPI vectors to use for vPCI; arch SPIs range is [32, 1019], but leaving a bit -@@ -841,6 +959,12 @@ static struct irq_domain *hv_pci_get_root_domain(void) - { - return hv_msi_gic_irq_domain; - } -+ -+/* -+ * SPIs are used for interrupts of PCI devices and SPIs is managed via GICD -+ * registers which Hyper-V already supports, so no hypercall needed. -+ */ -+static void hv_arch_irq_unmask(struct irq_data *data) { } - #endif /* CONFIG_ARM64 */ - - /** -@@ -1462,122 +1586,9 @@ static void hv_irq_mask(struct irq_data *data) - irq_chip_mask_parent(data); - } - --/** -- * hv_irq_unmask() - "Unmask" the IRQ by setting its current -- * affinity. -- * @data: Describes the IRQ -- * -- * Build new a destination for the MSI and make a hypercall to -- * update the Interrupt Redirection Table. "Device Logical ID" -- * is built out of this PCI bus's instance GUID and the function -- * number of the device. -- */ - static void hv_irq_unmask(struct irq_data *data) - { -- struct msi_desc *msi_desc = irq_data_get_msi_desc(data); -- struct hv_retarget_device_interrupt *params; -- struct tran_int_desc *int_desc; -- struct hv_pcibus_device *hbus; -- struct cpumask *dest; -- cpumask_var_t tmp; -- struct pci_bus *pbus; -- struct pci_dev *pdev; -- unsigned long flags; -- u32 var_size = 0; -- int cpu, nr_bank; -- u64 res; -- -- dest = irq_data_get_effective_affinity_mask(data); -- pdev = msi_desc_to_pci_dev(msi_desc); -- pbus = pdev->bus; -- hbus = container_of(pbus->sysdata, struct hv_pcibus_device, sysdata); -- int_desc = data->chip_data; -- -- spin_lock_irqsave(&hbus->retarget_msi_interrupt_lock, flags); -- -- params = &hbus->retarget_msi_interrupt_params; -- memset(params, 0, sizeof(*params)); -- params->partition_id = HV_PARTITION_ID_SELF; -- params->int_entry.source = HV_INTERRUPT_SOURCE_MSI; -- params->int_entry.msi_entry.address.as_uint32 = int_desc->address & 0xffffffff; -- params->int_entry.msi_entry.data.as_uint32 = int_desc->data; -- params->device_id = (hbus->hdev->dev_instance.b[5] << 24) | -- (hbus->hdev->dev_instance.b[4] << 16) | -- (hbus->hdev->dev_instance.b[7] << 8) | -- (hbus->hdev->dev_instance.b[6] & 0xf8) | -- PCI_FUNC(pdev->devfn); -- params->int_target.vector = hv_msi_get_int_vector(data); -- -- /* -- * Honoring apic->delivery_mode set to APIC_DELIVERY_MODE_FIXED by -- * setting the HV_DEVICE_INTERRUPT_TARGET_MULTICAST flag results in a -- * spurious interrupt storm. Not doing so does not seem to have a -- * negative effect (yet?). -- */ -- -- if (hbus->protocol_version >= PCI_PROTOCOL_VERSION_1_2) { -- /* -- * PCI_PROTOCOL_VERSION_1_2 supports the VP_SET version of the -- * HVCALL_RETARGET_INTERRUPT hypercall, which also coincides -- * with >64 VP support. -- * ms_hyperv.hints & HV_X64_EX_PROCESSOR_MASKS_RECOMMENDED -- * is not sufficient for this hypercall. -- */ -- params->int_target.flags |= -- HV_DEVICE_INTERRUPT_TARGET_PROCESSOR_SET; -- -- if (!alloc_cpumask_var(&tmp, GFP_ATOMIC)) { -- res = 1; -- goto exit_unlock; -- } -- -- cpumask_and(tmp, dest, cpu_online_mask); -- nr_bank = cpumask_to_vpset(¶ms->int_target.vp_set, tmp); -- free_cpumask_var(tmp); -- -- if (nr_bank <= 0) { -- res = 1; -- goto exit_unlock; -- } -- -- /* -- * var-sized hypercall, var-size starts after vp_mask (thus -- * vp_set.format does not count, but vp_set.valid_bank_mask -- * does). -- */ -- var_size = 1 + nr_bank; -- } else { -- for_each_cpu_and(cpu, dest, cpu_online_mask) { -- params->int_target.vp_mask |= -- (1ULL << hv_cpu_number_to_vp_number(cpu)); -- } -- } -- -- res = hv_do_hypercall(HVCALL_RETARGET_INTERRUPT | (var_size << 17), -- params, NULL); -- --exit_unlock: -- spin_unlock_irqrestore(&hbus->retarget_msi_interrupt_lock, flags); -- -- /* -- * During hibernation, when a CPU is offlined, the kernel tries -- * to move the interrupt to the remaining CPUs that haven't -- * been offlined yet. In this case, the below hv_do_hypercall() -- * always fails since the vmbus channel has been closed: -- * refer to cpu_disable_common() -> fixup_irqs() -> -- * irq_migrate_all_off_this_cpu() -> migrate_one_irq(). -- * -- * Suppress the error message for hibernation because the failure -- * during hibernation does not matter (at this time all the devices -- * have been frozen). Note: the correct affinity info is still updated -- * into the irqdata data structure in migrate_one_irq() -> -- * irq_do_set_affinity() -> hv_set_affinity(), so later when the VM -- * resumes, hv_pci_restore_msi_state() is able to correctly restore -- * the interrupt with the correct affinity. -- */ -- if (!hv_result_success(res) && hbus->state != hv_pcibus_removing) -- dev_err(&hbus->hdev->device, -- "%s() failed: %#llx", __func__, res); -+ hv_arch_irq_unmask(data); - - if (data->parent_data->chip->irq_unmask) - irq_chip_unmask_parent(data); --- -2.34.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0007-PCI-hv-Remove-unused-hv_set_msi_entry_from_desc.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0007-PCI-hv-Remove-unused-hv_set_msi_entry_from_desc.patch deleted file mode 100644 index 4fb50b3db4..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0007-PCI-hv-Remove-unused-hv_set_msi_entry_from_desc.patch +++ /dev/null @@ -1,50 +0,0 @@ -From d840bda57a70e672dcd2d5adbac5ef1f76c3082a Mon Sep 17 00:00:00 2001 -From: YueHaibing -Date: Thu, 17 Mar 2022 16:51:30 +0800 -Subject: [PATCH 7/7] PCI: hv: Remove unused hv_set_msi_entry_from_desc() -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Fix the following build error: - - drivers/pci/controller/pci-hyperv.c:769:13: error: ‘hv_set_msi_entry_from_desc’ defined but not used [-Werror=unused-function] - 769 | static void hv_set_msi_entry_from_desc(union hv_msi_entry *msi_entry, - -The arm64 implementation of hv_set_msi_entry_from_desc() is not used after -d06957d7a692 ("PCI: hv: Avoid the retarget interrupt hypercall in -irq_unmask() on ARM64"), so remove it. - -Fixes: d06957d7a692 ("PCI: hv: Avoid the retarget interrupt hypercall in irq_unmask() on ARM64") -Link: https://lore.kernel.org/r/20220317085130.36388-1-yuehaibing@huawei.com -Signed-off-by: YueHaibing -Signed-off-by: Bjorn Helgaas -Reviewed-by: Nathan Chancellor -Acked-by: Boqun Feng -(cherry picked from commit 22ef7ee3eeb2a41e07f611754ab9a2663232fedf) ---- - drivers/pci/controller/pci-hyperv.c | 8 -------- - 1 file changed, 8 deletions(-) - -diff --git a/drivers/pci/controller/pci-hyperv.c b/drivers/pci/controller/pci-hyperv.c -index 165dfb98d3d8..2db98b4fbc1f 100644 ---- a/drivers/pci/controller/pci-hyperv.c -+++ b/drivers/pci/controller/pci-hyperv.c -@@ -771,14 +771,6 @@ static unsigned int hv_msi_get_int_vector(struct irq_data *irqd) - return irqd->parent_data->hwirq; - } - --static void hv_set_msi_entry_from_desc(union hv_msi_entry *msi_entry, -- struct msi_desc *msi_desc) --{ -- msi_entry->address = ((u64)msi_desc->msg.address_hi << 32) | -- msi_desc->msg.address_lo; -- msi_entry->data = msi_desc->msg.data; --} -- - /* - * @nr_bm_irqs: Indicates the number of IRQs that were allocated from - * the bitmap. --- -2.34.1 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch similarity index 78% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch index e82a1e084f..3a2a63e6a9 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.15/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch @@ -1,7 +1,7 @@ -From 5ae7cedb969c1a392e29653e7a1275ee5ffa9e50 Mon Sep 17 00:00:00 2001 +From dcf70e8275cf5cc964a0657312af9210996ae2e7 Mon Sep 17 00:00:00 2001 From: Vito Caputo Date: Wed, 25 Nov 2015 02:59:45 -0800 -Subject: [PATCH 1/7] kbuild: derive relative path for srctree from CURDIR +Subject: [PATCH] kbuild: derive relative path for srctree from CURDIR This enables relocating source and build trees to different roots, provided they stay reachable relative to one another. Useful for @@ -12,10 +12,10 @@ by some undesirable path component. 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile -index d7ba0de250cb..4da8ba21cab8 100644 +index a5cfcd0a85a9..b81055b65169 100644 --- a/Makefile +++ b/Makefile -@@ -243,8 +243,10 @@ else +@@ -262,8 +262,10 @@ else building_out_of_srctree := 1 endif From 38118667f4fec719c7a0b37498948813b53efc8c Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Mon, 13 Feb 2023 15:56:58 +0100 Subject: [PATCH 07/10] overlay sys-kernel/coreos-modules: Clean up config for linux 6.1.27 CLEANCACHE config was dropped in commit 0a4ee518185e902758191d968600399f3bc2be31 ("mm: remove cleancache"). EFI_VARS config was dropped in commit 0f5b2c69a4cbe4166ca24b76d5ada98ed2867741 ("efi: vars: Remove deprecated 'efivars' sysfs interface"). DEBUG_INFO config became a config that is selected when kernel debug info option other than "None" was selected. There are "toolchain default", "dwarf4" and "dwarf5" choices. Picking "toolchain default" as it was the default used in 5.15. FRONTSWAP config was hidden and is normally selected by ZSWAP config. We don't enable ZSWAP so drop FRONTSWAP. MEMCG_SWAP config was dropped in commit e55b9f96860f6c6026cff97966a740576285e07b ("mm: memcontrol: drop dead CONFIG_MEMCG_SWAP config symbol"). It effectively meant MEMCG && SWAP, which are enabled by us explicitly and implicitly, respectively. NFT_COUNTER config was dropped in commit 023223dfbfb34fcc9b7dd41e21fbf9a5d5237989 ("netfilter: nf_tables: make counter support built-in"). As the title says, this functionality is built-in now. VXGE was dropped in commit f05643a0f60bf67c09a5276b81258b845b0c73b4 ("eth: remove neterion/vxge"). Looks like the driver was completely dropped, because it was unmaintained. ARCH_BCM2835 and ARCH_BCM_IPROC configs can be enabled only if menuconfig ARCH_BCM is enabled, so enable ARCH_BCM too then. It's a result of some reorganization in commit 96796c914b841a7658e9617b1325175b4d02c574 ("arm64: Kconfig.platforms: Re-organized Broadcom menu"). ARM64_CRYPTO config was dropped in commit 4a329fecc9aaebb27a53fa7abfa53bbc2ee42f3f ("crypto: Kconfig - submenus for arm and arm64"). Crypto algos can be selected without this config now. --- .../sys-kernel/coreos-modules/files/amd64_defconfig-6.1 | 1 - .../sys-kernel/coreos-modules/files/arm64_defconfig-6.1 | 2 +- .../sys-kernel/coreos-modules/files/commonconfig-6.1 | 7 +------ 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/amd64_defconfig-6.1 b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/amd64_defconfig-6.1 index 348b17f861..989faa3a57 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/amd64_defconfig-6.1 +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/amd64_defconfig-6.1 @@ -40,7 +40,6 @@ CONFIG_EDAC_I7CORE=m CONFIG_EDAC_I82975X=m CONFIG_EDAC_SBRIDGE=m CONFIG_EDAC_X38=m -CONFIG_EFI_VARS=m CONFIG_FB_VESA=y CONFIG_FCOE_FNIC=m CONFIG_FTRACE_SYSCALLS=y diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/arm64_defconfig-6.1 b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/arm64_defconfig-6.1 index 352a79a0f9..8aee06a05a 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/arm64_defconfig-6.1 +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/arm64_defconfig-6.1 @@ -1,5 +1,6 @@ CONFIG_AHCI_CEVA=y CONFIG_AHCI_XGENE=y +CONFIG_ARCH_BCM=y CONFIG_ARCH_BCM2835=y CONFIG_ARCH_BCM_IPROC=y # CONFIG_ARCH_MEDIATEK is not set @@ -13,7 +14,6 @@ CONFIG_ARCH_VEXPRESS=y CONFIG_ARCH_XGENE=y # CONFIG_ARCH_ZYNQMP is not set CONFIG_ARM64_ACPI_PARKING_PROTOCOL=y -CONFIG_ARM64_CRYPTO=y CONFIG_ARM64_VA_BITS_48=y CONFIG_ARM_SMMU=y CONFIG_ARM_SMMU_V3=y diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.1 b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.1 index cac008e737..b385d7147f 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.1 +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.1 @@ -111,7 +111,6 @@ CONFIG_CIFS_POSIX=y CONFIG_CIFS_STATS2=y CONFIG_CIFS_UPCALL=y CONFIG_CIFS_XATTR=y -CONFIG_CLEANCACHE=y CONFIG_CLS_U32_MARK=y CONFIG_CLS_U32_PERF=y CONFIG_CMDLINE="rootflags=rw mount.usrflags=ro" @@ -142,8 +141,8 @@ CONFIG_CUSE=m CONFIG_DCB=y CONFIG_DEBUG_CREDENTIALS=y CONFIG_DEBUG_FS=y -CONFIG_DEBUG_INFO=y CONFIG_DEBUG_INFO_BTF=y +CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y CONFIG_DEBUG_SHIRQ=y # CONFIG_DEVKMEM is not set CONFIG_DEVTMPFS=y @@ -197,7 +196,6 @@ CONFIG_FORTIFY_SOURCE=y CONFIG_FRAMEBUFFER_CONSOLE=y CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y CONFIG_FRAMEBUFFER_CONSOLE_ROTATION=y -CONFIG_FRONTSWAP=y CONFIG_FSCACHE=m CONFIG_FSCACHE_STATS=y CONFIG_FS_ENCRYPTION=y @@ -444,7 +442,6 @@ CONFIG_MEGARAID_MM=m CONFIG_MEGARAID_NEWGEN=y CONFIG_MEGARAID_SAS=m CONFIG_MEMCG=y -CONFIG_MEMCG_SWAP=y CONFIG_MEMTEST=y CONFIG_MINIX_SUBPARTITION=y # CONFIG_MLX4_DEBUG is not set @@ -653,7 +650,6 @@ CONFIG_NFS_V4_2=y CONFIG_NFT_BRIDGE_META=m CONFIG_NFT_BRIDGE_REJECT=m CONFIG_NFT_COMPAT=m -CONFIG_NFT_COUNTER=m CONFIG_NFT_CT=m CONFIG_NFT_DUP_IPV4=m CONFIG_NFT_DUP_IPV6=m @@ -938,7 +934,6 @@ CONFIG_VLAN_8021Q=m CONFIG_VLAN_8021Q_GVRP=y CONFIG_VLAN_8021Q_MVRP=y CONFIG_VSOCKETS=m -CONFIG_VXGE=m CONFIG_VXLAN=m CONFIG_WATCHDOG=y CONFIG_WIREGUARD=m From f4dc89a00a19bf5dc3a6cd8cfbf223c31f8cd81d Mon Sep 17 00:00:00 2001 From: Jeremi Piotrowski Date: Wed, 10 May 2023 06:51:22 +0000 Subject: [PATCH 08/10] overlay sys-kernel/coreos-sources: Revert patch which parallelizes btf generation This patch causes btf mismatches between coreos-kernel and coreos-modules, which prevents modules from being loaded. Signed-off-by: Jeremi Piotrowski --- .../coreos-sources-6.1.27.ebuild | 1 + ...elative-path-for-srctree-from-CURDIR.patch | 2 +- ...ahole-flags.sh-Parse-DWARF-and-gener.patch | 32 +++++++++++++++++++ 3 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0002-Revert-scripts-pahole-flags.sh-Parse-DWARF-and-gener.patch diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.1.27.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.1.27.ebuild index 7e47d146bb..6c6a1252a1 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.1.27.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.1.27.ebuild @@ -36,4 +36,5 @@ IUSE="" # local patches overlap with the upstream patch. UNIPATCH_LIST=" ${PATCH_DIR}/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch \ + ${PATCH_DIR}/z0002-Revert-scripts-pahole-flags.sh-Parse-DWARF-and-gener.patch \ " diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch index 3a2a63e6a9..8f269fd9de 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0001-kbuild-derive-relative-path-for-srctree-from-CURDIR.patch @@ -1,7 +1,7 @@ From dcf70e8275cf5cc964a0657312af9210996ae2e7 Mon Sep 17 00:00:00 2001 From: Vito Caputo Date: Wed, 25 Nov 2015 02:59:45 -0800 -Subject: [PATCH] kbuild: derive relative path for srctree from CURDIR +Subject: [PATCH 1/2] kbuild: derive relative path for srctree from CURDIR This enables relocating source and build trees to different roots, provided they stay reachable relative to one another. Useful for diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0002-Revert-scripts-pahole-flags.sh-Parse-DWARF-and-gener.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0002-Revert-scripts-pahole-flags.sh-Parse-DWARF-and-gener.patch new file mode 100644 index 0000000000..7b9125992c --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.1/z0002-Revert-scripts-pahole-flags.sh-Parse-DWARF-and-gener.patch @@ -0,0 +1,32 @@ +From 7246ee058019099c59f9cce29b861df0613c0236 Mon Sep 17 00:00:00 2001 +From: Jeremi Piotrowski +Date: Wed, 10 May 2023 08:48:09 +0200 +Subject: [PATCH 2/2] Revert "scripts/pahole-flags.sh: Parse DWARF and generate + BTF with multithreading." + +This breaks reproducibility of vmlinux btf output. The '--sort' arg does not +seem to work. + +This reverts commit b4f72786429cc57383ff41e02407726313ca178d. + +Signed-off-by: Jeremi Piotrowski +--- + scripts/pahole-flags.sh | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/scripts/pahole-flags.sh b/scripts/pahole-flags.sh +index 0d99ef17e4a5..c293941612e7 100755 +--- a/scripts/pahole-flags.sh ++++ b/scripts/pahole-flags.sh +@@ -16,8 +16,5 @@ fi + if [ "${pahole_ver}" -ge "121" ]; then + extra_paholeopt="${extra_paholeopt} --btf_gen_floats" + fi +-if [ "${pahole_ver}" -ge "122" ]; then +- extra_paholeopt="${extra_paholeopt} -j" +-fi + + echo ${extra_paholeopt} +-- +2.25.1 + From 0bd5089fdf976abe0c3c6612c3d1c93b242dba69 Mon Sep 17 00:00:00 2001 From: Jeremi Piotrowski Date: Wed, 10 May 2023 06:52:16 +0000 Subject: [PATCH 09/10] overlay sys-kernel: Unify kernel config between coreos-kernel and coreos-modules The kernel config can affect btf generation, and we need btf information to match between the two builds otherwise modules don't load. Accomplish that by including an empty user specified initramfs in the vmlinux built by coreos-modules. This vmlinux file is only used as a base for btf generation, and is discarded after the build. Signed-off-by: Jeremi Piotrowski --- .../sys-kernel/coreos-kernel/coreos-kernel-6.1.27.ebuild | 1 - .../sys-kernel/coreos-modules/coreos-modules-6.1.27.ebuild | 2 ++ .../sys-kernel/coreos-modules/files/commonconfig-6.1 | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.1.27.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.1.27.ebuild index 1217ba82cb..a49884384e 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.1.27.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.1.27.ebuild @@ -67,7 +67,6 @@ src_prepare() { # Symlink to bootengine.cpio so we can stick with relative paths in .config ln -sv "${SYSROOT%/}"/usr/share/bootengine/bootengine.cpio build/ || die config_update 'CONFIG_INITRAMFS_SOURCE="bootengine.cpio"' - config_update 'CONFIG_INITRAMFS_COMPRESSION_ZSTD=y' # include all intel and amd microcode files, avoiding the signatures local fw_dir="${SYSROOT%/}/lib/firmware" diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-6.1.27.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-6.1.27.ebuild index 73f19c25fb..1741f4238e 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-6.1.27.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-6.1.27.ebuild @@ -18,10 +18,12 @@ src_prepare() { elog "Building using config ${archconfig} and ${commonconfig}" cat "${archconfig}" "${commonconfig}" >> build/.config || die fi + cpio -ov build/bootengine.cpio # Check that an old pre-ebuild-split config didn't leak in. grep -q "^CONFIG_INITRAMFS_SOURCE=" build/.config && \ die "CONFIG_INITRAMFS_SOURCE must be removed from kernel config" + config_update 'CONFIG_INITRAMFS_SOURCE="bootengine.cpio"' } src_compile() { diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.1 b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.1 index b385d7147f..3b822fc8a8 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.1 +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/files/commonconfig-6.1 @@ -281,6 +281,7 @@ CONFIG_INFINIBAND_OCRDMA=m CONFIG_INFINIBAND_SRP=m CONFIG_INFINIBAND_USER_MAD=m CONFIG_INIT_STACK_NONE=y +CONFIG_INITRAMFS_COMPRESSION_ZSTD=y CONFIG_INPUT_EVDEV=m CONFIG_INPUT_MISC=y CONFIG_INPUT_MOUSEDEV=m From 6c5a3fbe9e191bea7cd5a9da43ea8e814d841448 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Thu, 11 May 2023 15:56:48 +0200 Subject: [PATCH 10/10] changelog: Add an entry --- changelog/updates/2023-05-11-kernel-6.1.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog/updates/2023-05-11-kernel-6.1.md diff --git a/changelog/updates/2023-05-11-kernel-6.1.md b/changelog/updates/2023-05-11-kernel-6.1.md new file mode 100644 index 0000000000..168e94b2ad --- /dev/null +++ b/changelog/updates/2023-05-11-kernel-6.1.md @@ -0,0 +1 @@ +- Linux ([6.1.27](https://lwn.net/Articles/930597/) (includes [6.1](https://kernelnewbies.org/Linux_6.1)))