From 1edaba43f0ae7939bdf2e54fa1dd52170fb29c92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dirk=20M=C3=BCller?= Date: Fri, 15 Nov 2024 15:01:54 +0100 Subject: [PATCH 1/2] Add a SL Micro 6.0 GA kernel module development container --- src/bci_build/package/basecontainers.py | 62 +++++++++++++++++-- .../slm60-kernel-module-devel/README.md.j2 | 55 ++++++++++++++++ 2 files changed, 113 insertions(+), 4 deletions(-) create mode 100644 src/bci_build/package/slm60-kernel-module-devel/README.md.j2 diff --git a/src/bci_build/package/basecontainers.py b/src/bci_build/package/basecontainers.py index bca87ad49..013d29f95 100644 --- a/src/bci_build/package/basecontainers.py +++ b/src/bci_build/package/basecontainers.py @@ -105,6 +105,13 @@ ] +def _get_asset_script(baseurl: str, binaries: list[str]) -> str: + return "".join( + f"#!RemoteAssetUrl: {baseurl}{binary}\nCOPY {os.path.basename(binary)} .\n" + for binary in binaries + ).strip() + + def _get_fips_base_custom_end(os_version: OsVersion) -> str: bins: list[str] = [] custom_set_fips_mode: str = ( @@ -130,10 +137,7 @@ def _get_fips_base_custom_end(os_version: OsVersion) -> str: ) return ( - "".join( - f"#!RemoteAssetUrl: {_FIPS_ASSET_BASEURL}{binary}\nCOPY {os.path.basename(binary)} .\n" - for binary in bins - ).strip() + _get_asset_script(_FIPS_ASSET_BASEURL, bins) + (custom_install_bins if bins else "") + (custom_set_fips_mode if os_version not in (OsVersion.SP3,) else "") ) @@ -330,6 +334,56 @@ def _get_minimal_kwargs(os_version: OsVersion): ) +# SL Micro 6.0 GA kernel container devel +_SLM60_BASEURL = "https://api.opensuse.org/public/build/SUSE:ALP:Source:Standard:Core:1.0:Build/standard/" +_SLM60_KERNEL_PACKAGES = [ + "x86_64/patchinfo.ga/kernel-devel-6.4.0-17.1.noarch.rpm", + "x86_64/patchinfo.ga/kernel-macros-6.4.0-17.1.noarch.rpm", + "x86_64/patchinfo.ga/kernel-syms-6.4.0-17.1.x86_64.rpm", + "x86_64/patchinfo.ga/kernel-default-devel-6.4.0-17.1.x86_64.rpm", + "aarch64/patchinfo.ga/kernel-syms-6.4.0-17.1.aarch64.rpm", + "aarch64/patchinfo.ga/kernel-default-devel-6.4.0-17.1.aarch64.rpm", + "aarch64/patchinfo.ga/kernel-64kb-devel-6.4.0-17.1.aarch64.rpm", + "s390x/patchinfo.ga/kernel-syms-6.4.0-17.1.s390x.rpm", + "s390x/patchinfo.ga/kernel-default-devel-6.4.0-17.1.s390x.rpm", +] +KERNEL_MODULE_CONTAINERS.append( + OsContainer( + name="slm60-kernel-module-devel", + pretty_name="SUSE Linux Micro 6.0 Kernel module development", + logo_url="https://opensource.suse.com/bci/SLE_BCI_logomark_green.svg", + os_version=OsVersion.SLE16_0, + supported_until=_SUPPORTED_UNTIL_SLE.get(os_version), + is_latest=OsVersion.SLE16_0 in CAN_BE_LATEST_OS_VERSION, + package_list=( + [ + "gcc-build", + "kmod", + "make", + "patch", + "gawk", + "pesign-obs-integration", + "dwarves", + "libelf-devel", + *OsVersion.SLE16_0.release_package_names, + ] + ), + exclusive_arch=[Arch.X86_64, Arch.S390X, Arch.AARCH64], + extra_files={"_constraints": generate_disk_size_constraints(8)}, + custom_end=_get_asset_script(_SLM60_BASEURL, _SLM60_KERNEL_PACKAGES) + + textwrap.dedent( + f""" + {DOCKERFILE_RUN} \\ + [ $(LC_ALL=C rpm --checksig -v *rpm | \\ + grep -c -E "^ *V3.*key ID 09d9ea69:") = {len(_SLM60_KERNEL_PACKAGES)} ] \\ + && rpm -Uvh --oldpackage --force *.$(uname -m).rpm *.noarch.rpm \\ + && rm -vf *.rpm \\ + && rpmqpack | grep -E '^kernel-' | xargs zypper -n addlock\n""" + ), + ) +) + + OSC_CHECKOUT = (Path(__file__).parent / "gitea-runner" / "osc_checkout").read_bytes() GITEA_RUNNER_CONTAINER = OsContainer( diff --git a/src/bci_build/package/slm60-kernel-module-devel/README.md.j2 b/src/bci_build/package/slm60-kernel-module-devel/README.md.j2 new file mode 100644 index 000000000..210fcad36 --- /dev/null +++ b/src/bci_build/package/slm60-kernel-module-devel/README.md.j2 @@ -0,0 +1,55 @@ +# SUSE Linux Micro 6.0 GA Kernel Module Development Container +{% include 'badges.j2' %} + +## Description + +Th Kernel Module Development Container Image includes all necessary tools to build kernel +modules for SUSE Linux Micro 6.0. It is intended to be used for building out-of-tree kernel +modules in restricted environments. + + +## Usage + +The image can be used to launch a container and build a kernel +module. The following example below shows how to do this for the DRBD kernel module: +```ShellSession +$ podman run --rm -it --name drbd-build {{ image.pretty_reference }} +# zypper -n in coccinelle tar +# curl -Lsf -o - https://pkg.linbit.com/downloads/drbd/9/drbd-9.2.11.tar.gz | tar xzf - +# cd drbd-9.2.11/ +# make -C drbd all KDIR=/usr/src/linux-obj/$(uname -m)/default +``` + +The built kernel module is then available in +`/drbd-9.2.11/drbd/build-current/drbd.ko`. It can be copied to the host system +as follows: +```ShellSession +$ podman cp drbd-build:/drbd-9.2.11/drbd/build-current/drbd.ko . +$ sudo modprobe drbd.ko +``` + +Alternatively, the kernel module can be built as part of a container build using +a `Dockerfile`: + +```Dockerfile +FROM {{ image.pretty_reference }} +ENV DRBD_VERSION=9.2.11 +WORKDIR /src/ +RUN zypper -n in coccinelle tar + +RUN set -euxo pipefail; \ + curl -Lsf -o - https://pkg.linbit.com/downloads/drbd/9/drbd-${DRBD_VERSION}.tar.gz | tar xzf - ; \ + cd drbd-${DRBD_VERSION}; \ + make -C drbd all KDIR=/usr/src/linux-obj/$(uname -m)/default +``` + +Build the container image, launch the container, and copy the kernel module to +the local machine: +```ShellSession +$ buildah bud --layers -t drbd-ko . +$ podman run --name drbd drbd-ko +$ podman cp drbd:/src/drbd-9.2.11/drbd/build-current/drbd.ko . +$ podman rm drbd +``` + +{% include 'licensing_and_eula.j2' %} From 131886d46e5341cf3625803164136323b78e38f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dirk=20M=C3=BCller?= Date: Tue, 10 Dec 2024 12:58:05 +0100 Subject: [PATCH 2/2] Make the key identifer for SLFO a variable --- src/bci_build/package/basecontainers.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/bci_build/package/basecontainers.py b/src/bci_build/package/basecontainers.py index 013d29f95..ce6f44e85 100644 --- a/src/bci_build/package/basecontainers.py +++ b/src/bci_build/package/basecontainers.py @@ -347,6 +347,7 @@ def _get_minimal_kwargs(os_version: OsVersion): "s390x/patchinfo.ga/kernel-syms-6.4.0-17.1.s390x.rpm", "s390x/patchinfo.ga/kernel-default-devel-6.4.0-17.1.s390x.rpm", ] +_SLFO_KEY_ID = "09d9ea69" KERNEL_MODULE_CONTAINERS.append( OsContainer( name="slm60-kernel-module-devel", @@ -375,7 +376,7 @@ def _get_minimal_kwargs(os_version: OsVersion): f""" {DOCKERFILE_RUN} \\ [ $(LC_ALL=C rpm --checksig -v *rpm | \\ - grep -c -E "^ *V3.*key ID 09d9ea69:") = {len(_SLM60_KERNEL_PACKAGES)} ] \\ + grep -c -E "^ *V3.*key ID {_SLFO_KEY_ID}:") = {len(_SLM60_KERNEL_PACKAGES)} ] \\ && rpm -Uvh --oldpackage --force *.$(uname -m).rpm *.noarch.rpm \\ && rm -vf *.rpm \\ && rpmqpack | grep -E '^kernel-' | xargs zypper -n addlock\n"""