diff --git a/build_library/build_image_util.sh b/build_library/build_image_util.sh index 70603c9830..3dde0d6ec1 100755 --- a/build_library/build_image_util.sh +++ b/build_library/build_image_util.sh @@ -103,6 +103,8 @@ generate_update() { run_ldconfig() { local root_fs_dir=$1 case ${ARCH} in + arm64) + sudo qemu-aarch64 "${root_fs_dir}"/usr/sbin/ldconfig -r "${root_fs_dir}";; x86|amd64) sudo ldconfig -r "${root_fs_dir}";; *) @@ -113,6 +115,8 @@ run_ldconfig() { run_localedef() { local root_fs_dir="$1" loader=() case ${ARCH} in + arm64) + loader=( qemu-aarch64 -L "${root_fs_dir}" );; amd64) loader=( "${root_fs_dir}/usr/lib64/ld-linux-x86-64.so.2" \ --library-path "${root_fs_dir}/usr/lib64" );; @@ -456,6 +460,7 @@ finish_image() { # Only enable rootfs verification on supported boards. case "${FLAGS_board}" in amd64-usr) verity_offset=64 ;; + arm64-usr) verity_offset=512 ;; *) disable_read_write=${FLAGS_FALSE} ;; esac @@ -527,6 +532,7 @@ EOF # Magic alert! Root hash injection works by writing the hash value to a # known unused SHA256-sized location in the kernel image. # For amd64 the rdev error message is used. + # For arm64 an area between the EFI headers and the kernel text is used. # Our modified GRUB extracts the hash and adds it to the cmdline. printf %s "$(cat ${BUILD_DIR}/${image_name%.bin}_verity.txt)" | \ sudo dd of="${root_fs_dir}/boot/flatcar/vmlinuz-a" conv=notrunc \ @@ -564,6 +570,9 @@ EOF if [[ "${install_grub}" -eq 1 ]]; then local target local target_list="i386-pc x86_64-efi x86_64-xen" + if [[ ${BOARD} == "arm64-usr" ]]; then + target_list="arm64-efi" + fi local grub_args=() if [[ ${disable_read_write} -eq ${FLAGS_TRUE} ]]; then grub_args+=(--verity) diff --git a/build_library/check_root b/build_library/check_root index c3c4ee17a2..2efb15e3c4 100755 --- a/build_library/check_root +++ b/build_library/check_root @@ -29,11 +29,39 @@ IGNORE_MISSING = { SonameAtom("x86_64", "libc.so.6")], # RPATHs and symlinks apparently confuse the perl-5.24 package - "dev-lang/perl": [SonameAtom("x86_64", "libperl.so.5.26.2")], - "sys-apps/texinfo": [SonameAtom("x86_64", "libperl.so.5.26")], + "dev-lang/perl": [SonameAtom("arm_64", "libperl.so.5.26.2"), + SonameAtom("x86_64", "libperl.so.5.26.2")], + "dev-perl/XML-Parser": [SonameAtom("x86_64", "libc.so.6"), + SonameAtom("x86_64", "libexpat.so.1")], + "dev-perl/libintl-perl": [SonameAtom("x86_64", "libc.so.6")], + "dev-util/boost-build": [SonameAtom("x86_64", "libc.so.6")], + "net-dns/dnsmasq": [SonameAtom("x86_64", "libc.so.6")], + "sys-apps/texinfo": [SonameAtom("x86_64", "libc.so.6"), + SonameAtom("x86_64", "libperl.so.5.26")], # https://bugs.gentoo.org/show_bug.cgi?id=554582 - "net-firewall/ebtables": [SonameAtom("x86_64", "libebt_802_3.so"), + "net-firewall/ebtables": [SonameAtom("arm_64", "libebt_802_3.so"), + SonameAtom("arm_64", "libebt_among.so"), + SonameAtom("arm_64", "libebt_arp.so"), + SonameAtom("arm_64", "libebt_arpreply.so"), + SonameAtom("arm_64", "libebt_ip.so"), + SonameAtom("arm_64", "libebt_ip6.so"), + SonameAtom("arm_64", "libebt_limit.so"), + SonameAtom("arm_64", "libebt_log.so"), + SonameAtom("arm_64", "libebt_mark.so"), + SonameAtom("arm_64", "libebt_mark_m.so"), + SonameAtom("arm_64", "libebt_nat.so"), + SonameAtom("arm_64", "libebt_nflog.so"), + SonameAtom("arm_64", "libebt_pkttype.so"), + SonameAtom("arm_64", "libebt_redirect.so"), + SonameAtom("arm_64", "libebt_standard.so"), + SonameAtom("arm_64", "libebt_stp.so"), + SonameAtom("arm_64", "libebt_ulog.so"), + SonameAtom("arm_64", "libebt_vlan.so"), + SonameAtom("arm_64", "libebtable_broute.so"), + SonameAtom("arm_64", "libebtable_filter.so"), + SonameAtom("arm_64", "libebtable_nat.so"), + SonameAtom("x86_64", "libebt_802_3.so"), SonameAtom("x86_64", "libebt_among.so"), SonameAtom("x86_64", "libebt_arp.so"), SonameAtom("x86_64", "libebt_arpreply.so"), @@ -56,13 +84,23 @@ IGNORE_MISSING = { SonameAtom("x86_64", "libebtable_nat.so")], # Ignore the Rust libraries in their own libdir. - "dev-libs/rustlib": [SonameAtom("x86_64", "librustc_data_structures.so"), + "dev-libs/rustlib": [SonameAtom("arm_64", "librustc_data_structures.so"), + SonameAtom("arm_64", "librustc_errors.so"), + SonameAtom("arm_64", "libserialize.so"), + SonameAtom("arm_64", "libstd.so"), + SonameAtom("arm_64", "libsyntax.so"), + SonameAtom("arm_64", "libsyntax_pos.so"), + SonameAtom("arm_64", "libterm.so"), + SonameAtom("x86_64", "librustc_data_structures.so"), SonameAtom("x86_64", "librustc_errors.so"), SonameAtom("x86_64", "libserialize.so"), SonameAtom("x86_64", "libstd.so"), SonameAtom("x86_64", "libsyntax.so"), SonameAtom("x86_64", "libsyntax_pos.so"), SonameAtom("x86_64", "libterm.so")], + + "sys-kernel/coreos-modules": [SonameAtom("x86_64", "libc.so.6"), + SonameAtom("x86_64", "libcrypto.so.1.0.0")], } USR_LINKS = ("/bin/", "/sbin/", "/lib/", "/lib32/", "/lib64/") diff --git a/build_library/ebuild_aci_util.sh b/build_library/ebuild_aci_util.sh index 691e35b115..4fc2a5eeff 100644 --- a/build_library/ebuild_aci_util.sh +++ b/build_library/ebuild_aci_util.sh @@ -40,6 +40,7 @@ ebuild_aci_write_manifest() { case "${BOARD}" in amd64-usr) appc_arch=amd64 ;; + arm64-usr) appc_arch=aarch64 ;; *) die_notrace "Cannot map \"${BOARD}\" to an appc arch" ;; esac diff --git a/build_library/grub.cfg b/build_library/grub.cfg index c229cf35cd..90c7675cb4 100644 --- a/build_library/grub.cfg +++ b/build_library/grub.cfg @@ -91,21 +91,32 @@ if [ -z "$linux_console" ]; then terminal_input console serial_com0 terminal_output console serial_com0 elif [ "$grub_platform" = efi ]; then - set linux_console="console=ttyS0,115200n8 console=tty0" + if [ "$grub_cpu" = arm64 ]; then + set linux_console="console=ttyAMA0,115200n8" + else + set linux_console="console=ttyS0,115200n8 console=tty0" + fi elif [ "$grub_platform" = xen ]; then set linux_console="console=hvc0" fi fi +set extra_options="" +if [ "$grub_cpu" = arm64 ]; then + set extra_options="acpi=force" +fi + set suf="" -# UEFI uses linuxefi/initrdefi instead of linux/initrd +# UEFI uses linuxefi/initrdefi instead of linux/initrd except for arm64 if [ "$grub_platform" = efi ]; then - set suf="efi" + if [ "$grub_cpu" != arm64 ]; then + set suf="efi" + fi fi # Assemble the options applicable to all the kernels below -set linux_cmdline="rootflags=rw mount.usrflags=ro consoleblank=0 $linux_root $linux_console $first_boot $randomize_disk_guid $oem $linux_append" +set linux_cmdline="rootflags=rw mount.usrflags=ro consoleblank=0 $linux_root $linux_console $first_boot $randomize_disk_guid $extra_options $oem $linux_append" # Re-implement grub_abort() since no command exposes it. function abort { diff --git a/build_library/grub_install.sh b/build_library/grub_install.sh index 06ca3c57a9..b046e981d0 100755 --- a/build_library/grub_install.sh +++ b/build_library/grub_install.sh @@ -48,6 +48,10 @@ CORE_MODULES=( normal search test fat part_gpt search_fs_uuid gzio search_part_l # Name of the core image, depends on target CORE_NAME= +# Whether the SDK's grub or the board root's grub is used. Once amd64 is +# fixed up the board root's grub will always be used. +BOARD_GRUB=0 + case "${FLAGS_target}" in i386-pc) CORE_MODULES+=( biosdisk serial ) @@ -60,11 +64,21 @@ case "${FLAGS_target}" in x86_64-xen) CORE_NAME="core.elf" ;; + arm64-efi) + CORE_MODULES+=( serial linux efi_gop getenv smbios efinet verify http tftp ) + CORE_NAME="core.efi" + BOARD_GRUB=1 + ;; *) die_notrace "Unknown GRUB target ${FLAGS_target}" ;; esac +if [[ $BOARD_GRUB -eq 1 ]]; then + info "Updating GRUB in ${BOARD_ROOT}" + emerge-${BOARD} --nodeps --select -qugKN sys-boot/grub + GRUB_SRC="${BOARD_ROOT}/usr/lib/grub/${FLAGS_target}" +fi [[ -d "${GRUB_SRC}" ]] || die "GRUB not installed at ${GRUB_SRC}" # In order for grub-setup-bios to properly detect the layout of the disk @@ -216,6 +230,18 @@ case "${FLAGS_target}" in sudo cp "${BUILD_LIBRARY_DIR}/menu.lst" \ "${ESP_DIR}/boot/grub/menu.lst" ;; + arm64-efi) + info "Installing default arm64 UEFI bootloader." + sudo mkdir -p "${ESP_DIR}/EFI/boot" + #FIXME(andrejro): shim not ported to aarch64 + sudo cp "${ESP_DIR}/${GRUB_DIR}/${CORE_NAME}" \ + "${ESP_DIR}/EFI/boot/bootaa64.efi" + if [[ -n "${FLAGS_copy_efi_grub}" ]]; then + # copying from vfat so ignore permissions + cp --no-preserve=mode "${ESP_DIR}/EFI/boot/bootaa64.efi" \ + "${FLAGS_copy_efi_grub}" + fi + ;; esac cleanup diff --git a/build_library/oem_aci_util.sh b/build_library/oem_aci_util.sh index 8cc9a7eca0..90fcd4d700 100644 --- a/build_library/oem_aci_util.sh +++ b/build_library/oem_aci_util.sh @@ -74,6 +74,7 @@ oem_aci_write_manifest() { case "${BOARD}" in amd64-usr) appc_arch=amd64 ;; + arm64-usr) appc_arch=aarch64 ;; *) die_notrace "Cannot map \"${BOARD}\" to an appc arch" ;; esac diff --git a/build_library/prod_image_util.sh b/build_library/prod_image_util.sh index 83400892c6..b3b707381d 100755 --- a/build_library/prod_image_util.sh +++ b/build_library/prod_image_util.sh @@ -85,7 +85,7 @@ create_prod_image() { # Assert that if this is supposed to be an official build that the # official update keys have been used. - if [[ ${COREOS_OFFICIAL:-0} -eq 1 ]]; then + if [[ ${COREOS_OFFICIAL:-0} -eq 1 && "${BOARD}" != arm64-usr ]]; then grep -q official \ "${root_fs_dir}"/var/db/pkg/coreos-base/coreos-au-key-*/USE \ || die_notrace "coreos-au-key is missing the 'official' use flag" @@ -141,8 +141,11 @@ EOF "${BUILD_DIR}/${image_kernel}" "${BUILD_DIR}/${image_pcr_policy}" "${BUILD_DIR}/${image_grub}" - "${BUILD_DIR}/${image_shim}" "${BUILD_DIR}/${image_kconfig}" ) + # FIXME(bgilbert): no shim on arm64 + if [[ -f "${BUILD_DIR}/${image_shim}" ]]; then + to_upload+=("${BUILD_DIR}/${image_shim}") + fi upload_image -d "${BUILD_DIR}/${image_name}.bz2.DIGESTS" "${to_upload[@]}" } diff --git a/build_library/qemu_template.sh b/build_library/qemu_template.sh index ed8d226992..cd84b2116d 100755 --- a/build_library/qemu_template.sh +++ b/build_library/qemu_template.sh @@ -155,6 +155,10 @@ else set -- -machine accel=kvm -cpu host -smp "${VM_NCPUS}" "$@" ;; amd64-usr+*) set -- -machine pc-q35-2.8 -cpu kvm64 -smp 1 -nographic "$@" ;; + arm64-usr+aarch64) + set -- -machine virt,accel=kvm,gic-version=3 -cpu host -smp "${VM_NCPUS}" -nographic "$@" ;; + arm64-usr+*) + set -- -machine virt -cpu cortex-a57 -smp 1 -nographic "$@" ;; *) die "Unsupported arch" ;; esac @@ -175,6 +179,10 @@ if [ -n "${VM_IMAGE}" ]; then case "${VM_BOARD}" in amd64-usr) set -- -drive if=virtio,file="${SCRIPT_DIR}/${VM_IMAGE}" "$@" ;; + arm64-usr) + set -- -drive if=none,id=blk,file="${SCRIPT_DIR}/${VM_IMAGE}" \ + -device virtio-blk-device,drive=blk "$@" + ;; *) die "Unsupported arch" ;; esac fi @@ -217,6 +225,15 @@ case "${VM_BOARD}" in -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0 \ "$@" ;; + arm64-usr) + qemu-system-aarch64 \ + -name "$VM_NAME" \ + -m ${VM_MEMORY} \ + -netdev user,id=eth0,hostfwd=tcp::"${SSH_PORT}"-:22,hostname="${VM_NAME}" \ + -device virtio-net-device,netdev=eth0 \ + -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0 \ + "$@" + ;; *) die "Unsupported arch" ;; esac diff --git a/build_library/set_lsb_release b/build_library/set_lsb_release index 97b278c8e9..c6a680135d 100755 --- a/build_library/set_lsb_release +++ b/build_library/set_lsb_release @@ -31,7 +31,12 @@ OS_ID="flatcar" OS_ID_LIKE="coreos" OS_PRETTY_NAME="$OS_NAME $FLATCAR_VERSION (${OS_CODENAME})" +# temporarily point arm at a different appid until update support +# is completed in update_engine and the CoreUpdate service. FLATCAR_APPID="{e96281a6-d1af-4bde-9a0a-97b76e56dc57}" +if [[ "${FLAGS_board}" == arm64-* ]]; then + FLATCAR_APPID="{103867da-e3a2-4c92-b0b3-7fbd7f7d8b71}" +fi # DISTRIB_* are the standard lsb-release names sudo mkdir -p "${ROOT_FS_DIR}/usr/share/flatcar" "${ROOT_FS_DIR}/etc/flatcar" diff --git a/build_library/test_image_content.sh b/build_library/test_image_content.sh index 260acc0c61..476eb3445d 100644 --- a/build_library/test_image_content.sh +++ b/build_library/test_image_content.sh @@ -5,6 +5,7 @@ GLSA_WHITELIST=( 201412-09 # incompatible CA certificate version numbers 201908-14 # backported both CVE fixes + 201904-13 # git 201909-01 # Perl, SDK only 201909-08 # backported fix ) diff --git a/build_library/toolchain_util.sh b/build_library/toolchain_util.sh index 293d9656af..5ab2c6e470 100644 --- a/build_library/toolchain_util.sh +++ b/build_library/toolchain_util.sh @@ -15,6 +15,7 @@ TOOLCHAIN_PKGS=( # compiler to build a full native toolchain. Packages are not uploaded. declare -A CROSS_PROFILES CROSS_PROFILES["x86_64-cros-linux-gnu"]="coreos:coreos/amd64/generic" +CROSS_PROFILES["aarch64-cros-linux-gnu"]="coreos:coreos/arm64/generic" # Map board names to CHOSTs and portage profiles. This is the # definitive list, there is assorted code new and old that either @@ -23,6 +24,9 @@ declare -A BOARD_CHOSTS BOARD_PROFILES BOARD_CHOSTS["amd64-usr"]="x86_64-cros-linux-gnu" BOARD_PROFILES["amd64-usr"]="coreos:coreos/amd64/generic" +BOARD_CHOSTS["arm64-usr"]="aarch64-cros-linux-gnu" +BOARD_PROFILES["arm64-usr"]="coreos:coreos/arm64/generic" + BOARD_NAMES=( "${!BOARD_CHOSTS[@]}" ) # Declare the above globals as read-only to avoid accidental conflicts. @@ -39,6 +43,7 @@ declare -r \ # Usage: get_portage_arch chost get_portage_arch() { case "$1" in + aarch64*) echo arm64;; alpha*) echo alpha;; arm*) echo arm;; hppa*) echo hppa;; diff --git a/build_library/vm_image_util.sh b/build_library/vm_image_util.sh index edc4749e5a..631ad37720 100644 --- a/build_library/vm_image_util.sh +++ b/build_library/vm_image_util.sh @@ -303,6 +303,9 @@ get_default_vm_type() { amd64-usr) echo "qemu" ;; + arm64-usr) + echo "qemu_uefi" + ;; *) return 1 ;; @@ -619,6 +622,7 @@ _write_cpio_disk() { local grub_arch case $BOARD in amd64-usr) grub_arch="x86_64-efi" ;; + arm64-usr) grub_arch="arm64-efi" ;; esac cp "${base_dir}/boot/flatcar/grub/${grub_arch}/core.efi" "${dst_dir}/${grub_name}" @@ -715,6 +719,19 @@ _write_qemu_uefi_conf() { cp "/usr/share/edk2-ovmf/OVMF_CODE.fd" "$(_dst_dir)/${flash_ro}" cp "/usr/share/edk2-ovmf/OVMF_VARS.fd" "$(_dst_dir)/${flash_rw}" ;; + arm64-usr) + # Get edk2 files into local build workspace. + info "Updating edk2 in /build/${BOARD}" + emerge-${BOARD} --nodeps --select -qugN sys-firmware/edk2-aarch64 + # Create 64MiB flash device image files. + dd if=/dev/zero bs=1M count=64 of="$(_dst_dir)/${flash_rw}" \ + status=none + cp "/build/${BOARD}/usr/share/edk2-aarch64/QEMU_EFI.fd" \ + "$(_dst_dir)/${flash_ro}.work" + truncate --reference="$(_dst_dir)/${flash_rw}" \ + "$(_dst_dir)/${flash_ro}.work" + mv "$(_dst_dir)/${flash_ro}.work" "$(_dst_dir)/${flash_ro}" + ;; esac sed -e "s%^VM_PFLASH_RO=.*%VM_PFLASH_RO='${flash_ro}'%" \ diff --git a/check_out_of_date.py b/check_out_of_date.py index f0b99f072c..0f32991cab 100755 --- a/check_out_of_date.py +++ b/check_out_of_date.py @@ -67,11 +67,11 @@ def process_emerge_output(eout): def get_board_packages(board): - """ gets a list of packages used by a board. valid boards are amd64-usr, sdk, and bootstrap""" + """ gets a list of packages used by a board. valid boards are {arm,amd}64-usr, sdk, and bootstrap""" emerge_args = "--emptytree --pretend --verbose --unordered-display" if board == "sdk": cmd = "emerge {} @system sdk-depends sdk-extras".format(emerge_args) - elif board == "amd64-usr": + elif board == "amd64-usr" or board == "arm64-usr": cmd = "emerge-{} {} @system board-packages".format(board, emerge_args) elif board == "bootstrap": pkgs = exec_command_strict("/usr/lib64/catalyst/targets/stage1/build.py") @@ -92,6 +92,7 @@ def print_table(report, head, line_head, line_tail, tail, joiner, pkg_joiner): "upstream": ["Upstream"], "tag": "Tag", "sdk": ["sdk"], + "arm64-usr": ["arm64-usr"], "amd64-usr": ["amd64-usr"], "bootstrap": ["bootstrap"], "modified": "Modified"}) @@ -102,6 +103,7 @@ def print_table(report, head, line_head, line_tail, tail, joiner, pkg_joiner): pkg_joiner.join(entry.get("upstream",[])), entry.get("tag",""), pkg_joiner.join(entry.get("sdk", [])), + pkg_joiner.join(entry.get("arm64-usr", [])), pkg_joiner.join(entry.get("amd64-usr", [])), pkg_joiner.join(entry.get("bootstrap", [])), entry.get("modified","")]) + line_tail) @@ -138,7 +140,7 @@ def main(): subprocess.check_call(["git", "-C", args.upstream_path, "pull"]) pkg_lists = {} - sources = ["sdk", "bootstrap", "amd64-usr", "image"] + sources = ["sdk", "bootstrap", "amd64-usr", "arm64-usr", "image"] for i in sources: pkg_lists[i] = get_board_packages(i) diff --git a/common.sh b/common.sh index 4ad736ca20..37cee5e809 100644 --- a/common.sh +++ b/common.sh @@ -46,6 +46,9 @@ fi # Turn on bash debug support if available for backtraces. shopt -s extdebug 2>/dev/null +# Source qemu library path +. /etc/profile.d/qemu-aarch64.sh 2> /dev/null || true + # Output a backtrace all the way back to the raw invocation, suppressing # only the _dump_trace frame itself. _dump_trace() { @@ -383,9 +386,8 @@ if [[ -f ${GCLIENT_ROOT}/src/scripts/.default_board ]]; then die ".default_board: invalid name detected; please fix:" \ "'${DEFAULT_BOARD}'" fi -elif [ -z "${DEFAULT_BOARD-}" ]; then - DEFAULT_BOARD=amd64-usr fi +DEFAULT_BOARD="${DEFAULT_BOARD-amd64-usr}" # Directory to store built images. Should be set by sourcing script when used. BUILD_DIR= @@ -928,10 +930,21 @@ BOAT } # The binfmt_misc support in the kernel is required. +# The aarch64 binaries should be executed through +# "/usr/bin/qemu-aarch64-static" setup_qemu_static() { local root_fs_dir="$1" case "${BOARD}" in amd64-usr) return 0;; + arm64-usr) + if [[ -f "${root_fs_dir}/sbin/ldconfig" ]]; then + sudo cp /usr/bin/qemu-aarch64 "${root_fs_dir}"/usr/bin/qemu-aarch64-static + echo export QEMU_LD_PREFIX=\"/build/arm64-usr/\" | sudo tee /etc/profile.d/qemu-aarch64.sh + . /etc/profile.d/qemu-aarch64.sh + else + die "Missing basic layout in target rootfs" + fi + ;; *) die "Unsupported arch" ;; esac } @@ -940,6 +953,13 @@ clean_qemu_static() { local root_fs_dir="$1" case "${BOARD}" in amd64-usr) return 0;; + arm64-usr) + if [[ -f "${root_fs_dir}/usr/bin/qemu-aarch64-static" ]]; then + sudo rm "${root_fs_dir}"/usr/bin/qemu-aarch64-static + else + die "File not found" + fi + ;; *) die "Unsupported arch" ;; esac } diff --git a/core_dev_sign_update b/core_dev_sign_update index d08b9a5c71..46704653a4 100755 --- a/core_dev_sign_update +++ b/core_dev_sign_update @@ -6,7 +6,7 @@ SCRIPT_ROOT=$(dirname $(readlink -f "$0")) assert_inside_chroot DEFINE_string data_dir "" "Directory containing downloaded release artifacts" -DEFINE_string board "amd64-usr" "Board to sign artifacts for" +DEFINE_string board "" "Board to sign artifacts for" DEFINE_string version "" "Version to sign artifacts for" DEFINE_integer n_signatures "2" "Number of signatures this release will be signed with" DEFINE_string output_dir "" "Output directory" diff --git a/image_inject_bootchain b/image_inject_bootchain index 5c768ba86c..721f86da1d 100755 --- a/image_inject_bootchain +++ b/image_inject_bootchain @@ -77,9 +77,11 @@ if [[ -n "${FLAGS_kernel_path}" ]]; then do_copy "${FLAGS_kernel_path}" "/boot/flatcar/vmlinuz-a" fi +# FIXME(bgilbert): no shim on arm64 if [[ -n "${FLAGS_efi_grub_path}" ]]; then case "${BOARD}" in amd64-usr) image_name="grub.efi" ;; + arm64-usr) image_name="bootaa64.efi" ;; *) die "GRUB filename not known for this board" ;; esac diff --git a/jenkins/formats-arm64-usr.txt b/jenkins/formats-arm64-usr.txt new file mode 100644 index 0000000000..fe6f2e2598 --- /dev/null +++ b/jenkins/formats-arm64-usr.txt @@ -0,0 +1,5 @@ +openstack +openstack_mini +packet +pxe +qemu_uefi diff --git a/oem/openstack/glance_load.sh b/oem/openstack/glance_load.sh index c6810a331f..162753bf6e 100755 --- a/oem/openstack/glance_load.sh +++ b/oem/openstack/glance_load.sh @@ -34,6 +34,9 @@ while [[ $# -gt 0 ]]; do amd64|amd64-usr) board="amd64-usr" ;; + arm64|arm64-usr) + board="arm64-usr" + ;; *) echo "Error: Unknown arg: $1" exit 1 diff --git a/setup_board b/setup_board index 7c7ce16f9b..24e3fa11cf 100755 --- a/setup_board +++ b/setup_board @@ -27,6 +27,8 @@ DEFINE_boolean getbinpkg "${FLAGS_TRUE}" \ "Download binary packages from remote repository." DEFINE_string getbinpkgver "" \ "Use binary packages from a specific version." +DEFINE_string binhost "" \ + "Use binary packages from a specific location (e.g. https://storage.googleapis.com/flatcar-jenkins/sdk/amd64/2000.0.0/pkgs)" DEFINE_boolean toolchainpkgonly "${FLAGS_FALSE}" \ "Use binary packages only for the board toolchain." DEFINE_integer jobs "${NUM_JOBS}" \ @@ -59,7 +61,7 @@ DEFINE_string variant "" \ "Board variant." -# builds wrappers like equery-amd64-usr. +# builds wrappers like equery-arm-generic. # args: # $1: command to wrap # rest: extra arguments to pass to the command @@ -159,7 +161,7 @@ BOARD_ETC="${BOARD_ROOT}/etc" BOARD_ARCH=$(get_board_arch "$BOARD") BOARD_CHOST=$(get_board_chost ${BOARD}) PORTAGE_PROFILE=$(get_board_profile "$BOARD") -BOARD_BINHOST=$(generate_binhost_list) +BOARD_BINHOST="$FLAGS_binhost $(generate_binhost_list)" if [[ ${FLAGS_regen_configs_only} -eq ${FLAGS_TRUE} ]]; then FLAGS_regen_configs=${FLAGS_TRUE} @@ -198,6 +200,9 @@ if [ "${FLAGS_usepkg}" -eq "${FLAGS_TRUE}" ]; then else UPDATE_ARGS+=" --nogetbinpkg " fi + if [[ -n "${FLAGS_binhost}" ]]; then + UPDATE_ARGS+=" --binhost=${FLAGS_binhost} " + fi else UPDATE_ARGS+=" --nousepkg" fi @@ -318,6 +323,10 @@ if [[ ${FLAGS_regen_configs} -eq ${FLAGS_FALSE} ]]; then info "Installing toolchain build dependencies" install_cross_libs "${BOARD_CHOST}" ${EMERGE_FLAGS} --buildpkg=n + info "Building toolchain dependencies" + "${EMERGE_WRAPPER}" --buildpkg --buildpkgonly --onlydeps -e \ + --root="/usr/${BOARD_CHOST}" --sysroot="/usr/${BOARD_CHOST}" \ + ${EMERGE_TOOLCHAIN_FLAGS} "${TOOLCHAIN_PKGS[@]}" info "Building toolchain" "${EMERGE_WRAPPER}" --buildpkg --buildpkgonly \ --root="/usr/${BOARD_CHOST}" --sysroot="/usr/${BOARD_CHOST}" \ diff --git a/signing/transfer.sh b/signing/transfer.sh index 387aec5eac..361146c773 100755 --- a/signing/transfer.sh +++ b/signing/transfer.sh @@ -2,8 +2,9 @@ set -eux -APPID=e96281a6-d1af-4bde-9a0a-97b76e56dc57 -BOARD=amd64-usr +declare -A APPID +APPID[amd64-usr]=e96281a6-d1af-4bde-9a0a-97b76e56dc57 +APPID[arm64-usr]=103867da-e3a2-4c92-b0b3-7fbd7f7d8b71 declare -A RELEASE_CHANNEL RELEASE_CHANNEL[alpha]=Alpha @@ -13,9 +14,10 @@ RELEASE_CHANNEL[stable]=Stable download() { local channel="$1" local version="$2" + local board="$3" - local gs="gs://builds.release.core-os.net/${channel}/boards/${BOARD}/${version}" - local dir="${BASEDIR}/${BOARD}/${version}" + local gs="gs://builds.release.core-os.net/${channel}/boards/${board}/${version}" + local dir="${BASEDIR}/${board}/${version}" mkdir -p "${dir}" pushd "${dir}" >/dev/null @@ -31,7 +33,7 @@ download() { local torcx_base="gs://builds.release.core-os.net/embargoed/devfiles/torcx/manifests/${board}/${version}" if ! gsutil -q stat "${torcx_base}/torcx_manifest.json"; then # Non-embargoed release - local torcx_base="gs://builds.developer.core-os.net/torcx/manifests/${board}/${version}" + local torcx_base="gs://builds.developer.core-os.net/torcx/manifests/${BOARD}/${version}" fi gsutil -m cp \ "${torcx_base}/torcx_manifest.json" \ @@ -49,6 +51,7 @@ download() { devsign() { local channel="$1" local version="$2" + local board="$3" "$(dirname $0)/../core_dev_sign_update" \ --data_dir "${BASEDIR}" \ @@ -62,17 +65,19 @@ devsign() { sign() { local channel="$1" local version="$2" + local board="$3" "$(dirname $0)/sign.sh" \ - "${BASEDIR}/${BOARD}/${version}" \ - "${SIGDIR}/${BOARD}/${version}" + "${BASEDIR}/${board}/${version}" \ + "${SIGDIR}/${board}/${version}" } upload() { local channel="$1" local version="$2" + local board="$3" - local dir="${BASEDIR}/${BOARD}/${version}" + local dir="${BASEDIR}/${board}/${version}" local payload="${dir}/flatcar_production_update.gz" local torcx_manifest="${dir}/torcx_manifest.json" local torcx_manifest_sig="${dir}/torcx_manifest.json.asc" @@ -87,8 +92,8 @@ upload() { "$(dirname $0)/../core_roller_upload" \ --user="${ROLLER_USERNAME}" \ --api_key="${ROLLER_API_KEY}" \ - --app_id="${APPID}" \ - --board="${BOARD}" \ + --app_id="${APPID[${board}]}" \ + --board="${board}" \ --version="${version}" \ --payload="${payload}" @@ -96,7 +101,7 @@ upload() { gsutil cp \ "${torcx_manifest}" \ "${torcx_manifest_sig}" \ - "gs://coreos-tectonic-torcx/manifests/${BOARD}/${version}/" + "gs://coreos-tectonic-torcx/manifests/${board}/${version}/" # Update version in a canary channel if one is defined. local -n canary_channel="ROLLER_CANARY_CHANNEL_${channel^^}" @@ -106,7 +111,7 @@ upload() { --user="${ROLLER_USERNAME}" \ --key="${ROLLER_API_KEY}" \ channel update \ - --app-id="${APPID}" \ + --app-id="${APPID[${board}]}" \ --channel="${canary_channel}" \ --version="${version}" fi @@ -115,16 +120,17 @@ upload() { ready() { local channel="$1" local version="$2" + local board="$3" # setting the percent will deactivate (not delete) any existing rollouts for # this specific group. - echo "Rollout set to 0%" + echo "Rollout set to 0% for ${board}" updateservicectl \ --server="https://public.update.core-os.net" \ --user="${ROLLER_USERNAME}" \ --key="${ROLLER_API_KEY}" \ group percent \ - --app-id="${APPID}" \ + --app-id="${APPID[${board}]}" \ --group-id="${channel}" \ --update-percent=0 @@ -135,7 +141,7 @@ ready() { --user="${ROLLER_USERNAME}" \ --key="${ROLLER_API_KEY}" \ channel update \ - --app-id="${APPID}" \ + --app-id="${APPID[${board}]}" \ --channel="${RELEASE_CHANNEL[${channel}]}" \ --publish=true \ --version="${version}" @@ -144,26 +150,40 @@ ready() { roll() { local channel="$1" local hours="$2" + local board="$3" local seconds=$((${hours} * 3600)) - # creating a new rollout deletes any existing rollout for this group and - # automatically activates the new one. - echo "Creating linear rollout that will get to 100% in ${hours}h" - updateservicectl \ - --server="https://public.update.core-os.net" \ - --user="${ROLLER_USERNAME}" \ - --key="${ROLLER_API_KEY}" \ - rollout create linear \ - --app-id="${APPID}" \ - --group-id="${channel}" \ - --duration="${seconds}" \ - --frame-size="60" + # Only ramp rollouts on AMD64; ARM64 is too small + if [[ "$board" = "arm64-usr" ]]; then + echo "Setting rollout for arm64-usr to 100%" + updateservicectl \ + --server="https://public.update.core-os.net" \ + --user="${ROLLER_USERNAME}" \ + --key="${ROLLER_API_KEY}" \ + group percent \ + --app-id="${APPID[${board}]}" \ + --group-id="${channel}" \ + --update-percent=100 + else + # creating a new rollout deletes any existing rollout for this group and + # automatically activates the new one. + echo "Creating linear rollout for ${board} that will get to 100% in ${hours}h" + updateservicectl \ + --server="https://public.update.core-os.net" \ + --user="${ROLLER_USERNAME}" \ + --key="${ROLLER_API_KEY}" \ + rollout create linear \ + --app-id="${APPID[${board}]}" \ + --group-id="${channel}" \ + --duration="${seconds}" \ + --frame-size="60" + fi } usage() { echo "Usage: $0 {download|upload} [{-a|-b|-s} ]..." >&2 - echo "Usage: $0 {devsign|sign} [{-a|-b|-s} ]..." >&2 + echo "Usage: $0 {devsign|sign} [{-a|-b|-s} ]..." >&2 echo "Usage: $0 ready [{-a|-b|-s} ]..." >&2 echo "Usage: $0 roll [{-a|-b|-s} ]..." >&2 exit 1 @@ -226,13 +246,15 @@ while [[ $# > 0 ]]; do case "${c}" in -a) - $CMD "alpha" "${v}" + $CMD "alpha" "${v}" "amd64-usr" + $CMD "alpha" "${v}" "arm64-usr" ;; -b) - $CMD "beta" "${v}" + $CMD "beta" "${v}" "amd64-usr" + $CMD "beta" "${v}" "arm64-usr" ;; -s) - $CMD "stable" "${v}" + $CMD "stable" "${v}" "amd64-usr" ;; *) usage diff --git a/update_chroot b/update_chroot index 254b89dc5f..3e93c7e8fd 100755 --- a/update_chroot +++ b/update_chroot @@ -27,6 +27,8 @@ DEFINE_boolean skip_toolchain_update "${FLAGS_FALSE}" \ "Don't update the toolchains." DEFINE_string toolchain_boards "" \ "Extra toolchains to setup for the specified boards." +DEFINE_string binhost "" \ + "Use binary packages from a specific location (e.g. https://storage.googleapis.com/flatcar-jenkins/sdk/amd64/2000.0.0/pkgs)" FLAGS_HELP="usage: $(basename $0) [flags] Performs an update of the chroot. This script is called as part of @@ -57,6 +59,7 @@ PORTAGE_STABLE_OVERLAY="${REPO_ROOT}/src/third_party/portage-stable" CROSSDEV_OVERLAY="/usr/local/portage/crossdev" COREOS_OVERLAY="${REPO_ROOT}/src/third_party/coreos-overlay" COREOS_CONFIG="${COREOS_OVERLAY}/coreos/config" +PORTAGE_BINHOST="$FLAGS_binhost $(get_sdk_binhost)" # PORTAGE_USERNAME may already be in the env but set just to be safe. : ${PORTAGE_USERNAME:=${USER}} @@ -83,7 +86,7 @@ PORTDIR_OVERLAY="${CROSSDEV_OVERLAY} ${COREOS_OVERLAY}" DISTDIR="${REPO_CACHE_DIR}/distfiles" PKGDIR="/var/lib/portage/pkgs" PORT_LOGDIR="/var/log/portage" -PORTAGE_BINHOST="$(get_sdk_binhost)" +PORTAGE_BINHOST="$PORTAGE_BINHOST" PORTAGE_USERNAME="${PORTAGE_USERNAME}" MAKEOPTS="--jobs=${NUM_JOBS} --load-average=$((NUM_JOBS * 2))" CCACHE_UMASK="002"