We need to ship some PCR measurements alongside images in order to make it
easier for admins to provide an appropriate policy. Add some tooling to
generate the appropriate hashes during build, pack those into a zip file
and upload it.
ldconfig does not work for non-native arches. Create a new
build_image routine run_ldconfig that uses qemu user emulation
to run the board ldconfig on the board rootfs when the board and
SDK arches are different.
See: http://code.google.com/p/chromium/issues/detail?id=378377
Prior to calling run_ldconfig the board rootfs must have ldconfig
installed. To arrange this move the call of run_ldconfig to after
the base package install.
Fixes build_image errors like these when building for arm64:
/sbin/ldconfig: /lib64/libXXX is for unknown machine 183.
Signed-off-by: Geoff Levand <geoff@infradead.org>
There isn't a sane way for users to know the licenses of individual
packages in CoreOS images in built images. The information is hidden
away back in the original ebuilds. This extends our existing package
list with a new file that also includes licenses:
```
app-admin/flannel-0.3.0-r3::coreos Apache-2.0
app-admin/fleet-0.9.1::coreos Apache-2.0
app-admin/locksmith-0.2.3::coreos Apache-2.0
app-admin/sdnotify-proxy-0.1.0::coreos Apache-2.0
app-admin/sudo-1.8.10_p2::portage-stable ISC BSD
app-admin/toolbox-0.0.0-r4::coreos Apache-2.0
app-arch/bzip2-1.0.6-r6::portage-stable BZIP2
app-arch/gzip-1.5::portage-stable GPL-3
app-arch/tar-1.27.1-r2::portage-stable GPL-3+
...
```
- "./build_image prod" already has the ability to specify which package will specify all the packages that should be pulled in and built into an image by specifying a package name using the --base_pkg command line flag. This creates an equivalent option for "./build_image dev" creating a --base_dev_pkg flag that passes a package name into the create_dev_img() function in dev_image_util.sh the same way that --base_pkg is passed into create_prod_image() inside prod_image_util.sh.
Needed for portage 2.2. Sync URIs are included but not very useful yet
because portage only can do `git pull` but not `git clone`. An extra
helper script will be required to do the initial clone it seems.
Binary packages may be useful for re-installing a package with a
different INSTALL_MASK. Can be used to install debug symbols.
Instead of gluing in a special PROD_INSTALL_MASK for all images use
profiles to configure the differences between the base build root,
production images, and developer images. This offers much more
flexibility and is needed for providing a full dev environment in
developer images.
Use what was the base image build function as setup/finalize steps in
the dev and prod build functions. This eliminates duplicate code
that mounted and unmounted the filesystem images.
- Remove custom COREOS_* attributes from /etc/lsb-release
- Move dev image logic to dev_image_util
For extra fun fix detection of local host URL for devserver.
- Remove weirdly verbose "DESCRIPTION" format.
- Add COREOS_RELEASE_BOARD back to /usr/share/coreos/release
This is mostly just so update_engine and gmerge report the correct
board name to devserver, informative-only on prod images.
- Remove version info from /etc/gentoo-release
- Switch from 'track' to 'group' terminology.
cros_make_image_bootable now only is relevant for prod images, so move
the remaining code to prod_image_util in a similar scheme that base and
dev images use.
Lots of things are either unused or meaningless. A particularly creative
one is the fact that there are command line flags for mount point
locations that are then overwritten.
We don't have any particular reason for the weird hackery required to
install packages into /usr/local instead of root. The rootfs image is
already being modified a little might as well modify it a lot. :)
If git is installed via coreos-dev in the STATE partition it will need
some help finding its install location since it was built thinking it
would be installed in /usr rather than /usr/local.
As of Linux 3.2 loopback supports discard by punching holes in the
underlying file. This doesn't actually seem to impact things right now
since we are writing to fresh filesystems but might as well do this to
prevent wasted space from sneaking in later on.
As outlined here we need a new partition layout, this patch makes the
necessary changes:
https://groups.google.com/forum/#!topic/coreos-dev/bA7gwGGoTng
The first big change is making all of the scripts obey partition numbers
based on labels in the disk_layout.json. This makes it much easier to
change later on.
The second big change is in the layout itself. The json file was updated
to reflect the document above.
And finally the grub boot configuration needed for pv-grub and pygrub
were added to the create_legacy_bootloader_templates.sh library utlity.
Everything seems to work and boot now.
so it is a bit complicated but essentially gtest pulls in python which
pulls in pyton-updater which wants portage so portage gets installed in
teh real root not the dev one. Just leave it for now.
CrOS could be used in devices that dont have custom firmware to
interpret the Kernelblock (Part2,4). In such devices skip trying
to make the kernelblock
BUG=none
TEST=./build_image --board=chronos test and verify we dont build the kernel block
Change-Id: I3e9a8dd765ea00db2ebf112553d96c08960e544f
Reviewed-on: https://gerrit.chromium.org/gerrit/40219
Commit-Queue: Anush Elangovan <anush@chromium.org>
Reviewed-by: Anush Elangovan <anush@chromium.org>
Tested-by: Anush Elangovan <anush@chromium.org>
This removes files only used at link time, or when manually debugging,
or by glibc's charset routines (gconv) which are not used by Chromium.
BUG=chromium-os:22939
BUG=chromium-os:23105
TEST=build_image for daisy works
TEST=`cbuildbot {x86,x86_64,arm}-generic-full` worked
TEST=`cbuildbot chromiumos-sdk` worked
TEST=build_image boots & runs fine on an alex
Original-Change-Id: I68d848c2e307c98d53a8faa73924f57571f7887b
Change-Id: I25ffda36d28fd114715053c3a2590cc2248688bf
Reviewed-on: https://gerrit.chromium.org/gerrit/39214
Reviewed-by: David James <davidjames@chromium.org>
Commit-Ready: Darren Krahn <dkrahn@chromium.org>
Tested-by: Darren Krahn <dkrahn@chromium.org>
This removes files only used at link time, or when manually debugging,
or by glibc's charset routines (gconv) which are not used by Chromium.
BUG=chromium-os:22939
BUG=chromium-os:23105
TEST=build_image for daisy works
TEST=`cbuildbot {x86,x86_64,arm}-generic-full` worked
TEST=`cbuildbot chromiumos-sdk` worked
TEST=build_image boots & runs fine on an alex
Change-Id: I68d848c2e307c98d53a8faa73924f57571f7887b
Reviewed-on: https://gerrit.chromium.org/gerrit/37378
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: David James <davidjames@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
This change adds support for building the disk layout from a
configuration file. It also cleans up much of the image creation
code.
install_gpt no longer exists, and has been replaced by cgpt.py's
write action. This spits out a file that has two functions that can
be called to write a partition layout to a disk/file. This gets rid
of the gigantic nest of calculations that built the layout previously.
All instances of partition/filesystem sizes in build scripts should now
be gone in favour of calls to the cgpt.py tool.
create_boot_desc has moved inside the base image creation, in an effort
to simplify build_image.
load_kernel_test is gone since it's apparently not supposed to be called
here anyway (asked wfrichar/rspangler about this one).
Base image creation now uses files rather than loop devices when
building an image. This means we can simply umount them once we're
done and not worry about cleaning up the loop device, since it's
been done for us.
Hash pad calculation has been removed. This is now set manually inside
the partition config file.
Hybrid MBR creation is gone, since it's now possible to do that in a board
specific hook (see overlay-beaglebone/scripts/board_specific_setup.sh).
OEM partition now has a filesystem, which is mounted at /usr/share/oem
during emerge so that packages can stash files here.
root_fs_dir and friends are still globals, but the long-term idea
is to make this not the case.
BUG=chromium-os:33817
TEST=All types of images and their respective flows
(VM, recovery, test, factory etc)
Change-Id: I8a596728a4d1845c930e837bea627f5b6a11c098
Reviewed-on: https://gerrit.chromium.org/gerrit/29931
Commit-Ready: Liam McLoughlin <lmcloughlin@chromium.org>
Reviewed-by: Liam McLoughlin <lmcloughlin@chromium.org>
Tested-by: Liam McLoughlin <lmcloughlin@chromium.org>
We also remove some dead mod_for_test scripts.
BUG=chromium-os:9729, chromium-os:14091
TEST=build_packages, build_image dev test
CQ-DEPEND=If58678ab4fe7abd9142a619850be07249d159781
Change-Id: Iff6a143dbf8ce58878dc1b07629c52bbb7f02ded
Reviewed-on: https://gerrit.chromium.org/gerrit/32998
Reviewed-by: Chris Sosa <sosa@chromium.org>
Tested-by: Chris Sosa <sosa@chromium.org>
Commit-Ready: Chris Sosa <sosa@chromium.org>
Gives a minor speed up.
BUG=None
TEST=`./build_image --board=x86-alex dev` still works
Change-Id: I2c5251b788c557e9c76d05140aaed255003bb1e3
Reviewed-on: https://gerrit.chromium.org/gerrit/26258
Reviewed-by: David James <davidjames@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
gdb only looks in /usr/lib/debug, not anywhere in /usr/local. So
unpack the C library stuff into the common /usr/local/usr/lib/debug
and symlink /usr/lib/debug to the /usr/local tree. This way gdb can
find all these things automatically.
BUG=None
TEST=run gdb on board and see it find .debug files automatically
Change-Id: I93bd352ccac52d9d0179537d2eb520da6f684697
Reviewed-on: https://gerrit.chromium.org/gerrit/25270
Reviewed-by: Caroline Tice <cmtice@chromium.org>
Reviewed-by: Brian Harring <ferringb@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
File is compiled with a path to the default magic database, but since we
install it into /usr/local rather than the normal /usr, that default path
does not work. Add a smaller wrapper script around `file` to specify the
new database location so people don't have to manually do so.
BUG=chromium-os:27725
TEST=`./build_image --board=x86-alex dev` produced an image where `file /bin/bash` worked
Change-Id: I3862cb368437a14bf1e4b6ccf4e2df3e4f774817
Reviewed-on: https://gerrit.chromium.org/gerrit/19137
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Chris Sosa <sosa@chromium.org>
Reviewed-by: Richard Barnette <jrbarnette@chromium.org>
Commit-Ready: Mike Frysinger <vapier@chromium.org>
BUG=chromium-os:27362
TEST=Built a test image.
Change-Id: I884acd534f06d9070b28d5cd74862e2774822578
Reviewed-on: https://gerrit.chromium.org/gerrit/17759
Reviewed-by: Chris Sosa <sosa@chromium.org>
Tested-by: Chris Sosa <sosa@chromium.org>
Commit-Ready: Chris Sosa <sosa@chromium.org>
