github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-08-17 15:38:00 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #4967 from arronwy/generate_root_hash

Browse Source 
CC | image-build: generate root hash as an separate partition for rootfs
This commit is contained in:
Fabiano Fidêncio 2022-08-31 13:18:39 +02:00 committed by GitHub
commit 20b999c479
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
tools/osbuilder/image-builder/Dockerfile
View File

@ -14,5 +14,6 @@ RUN ([ -n "$http_proxy" ] && \
gdisk \
parted \
qemu-img \
veritysetup \
xfsprogs && \
dnf clean all

22
tools/osbuilder/image-builder/image_builder.sh
View File

@ -11,6 +11,7 @@ set -o errexit
set -o pipefail
DOCKER_RUNTIME=${DOCKER_RUNTIME:-runc}
KATA_BUILD_CC=${KATA_BUILD_CC:-no}
readonly script_name="${0##*/}"
readonly script_dir=$(dirname "$(readlink -f "$0")")
@ -170,6 +171,7 @@ build_with_container() {
--env BLOCK_SIZE="${block_size}" \
--env ROOT_FREE_SPACE="${root_free_space}" \
--env NSDAX_BIN="${nsdax_bin}" \
--env KATA_BUILD_CC="${KATA_BUILD_CC}" \
--env DEBUG="${DEBUG}" \
-v /dev:/dev \
-v "${script_dir}":"/osbuilder" \
@ -371,9 +373,21 @@ create_disk() {
# Kata runtime expect an image with just one partition
# The partition is the rootfs content
info "Creating partitions"
if [ "${KATA_BUILD_CC}" == "yes" ]; then
info "Creating partitions with hash device"
# The hash data will take less than one percent disk space to store
hash_start=$(echo $img_size | awk '{print $1 * 0.99}' |cut -d $(locale decimal_point) -f 1)
partition_param="mkpart primary ${fs_type} ${part_start}M ${hash_start}M "
partition_param+="mkpart primary ${fs_type} ${hash_start}M ${rootfs_end}M "
partition_param+="set 1 boot on"
else
partition_param="mkpart primary ${fs_type} ${part_start}M ${rootfs_end}M"
fi
parted -s -a optimal "${image}" -- \
mklabel msdos \
mkpart primary "${fs_type}" "${part_start}"M "${rootfs_end}"M
"${partition_param}"
OK "Partitions created"
}
@ -429,6 +443,12 @@ create_rootfs_image() {
fsck.ext4 -D -y "${device}p1"
fi
if [ "${KATA_BUILD_CC}" == "yes" ] && [ -b "${device}p2" ]; then
info "veritysetup format rootfs device: ${device}p1, hash device: ${device}p2"
local image_dir=$(dirname "${image}")
veritysetup format "${device}p1" "${device}p2" > "${image_dir}"/root_hash.txt 2>&1
fi
losetup -d "${device}"
rmdir "${mount_dir}"
}