From 9ceb2c27e08b4e6f76145b0c30858fd9908c9497 Mon Sep 17 00:00:00 2001
From: Hyounggyu Choi <Hyounggyu.Choi@ibm.com>
Date: Thu, 1 Jun 2023 10:23:14 +0200
Subject: [PATCH] local-build: consider cross-compilation env

This is to make a base builder image build genprotimg without a package
manager under the cross-compilation environment.

Signed-off-by: Hyounggyu Choi <Hyounggyu.Choi@ibm.com>
---
 tools/packaging/guest-image/build_se_image.sh |  5 +-
 .../local-build/dockerbuild/Dockerfile        | 46 +++++++++++++++----
 .../kata-deploy-binaries-in-docker.sh         |  1 +
 3 files changed, 43 insertions(+), 9 deletions(-)

diff --git a/tools/packaging/guest-image/build_se_image.sh b/tools/packaging/guest-image/build_se_image.sh
index e25ce84822..9fb3ed8a57 100755
--- a/tools/packaging/guest-image/build_se_image.sh
+++ b/tools/packaging/guest-image/build_se_image.sh
@@ -17,7 +17,10 @@ readonly kata_root_dir="$(cd "${packaging_root_dir}/../../" && pwd)"
 source "$kata_root_dir/ci/lib.sh"
 source "${packaging_root_dir}/scripts/lib.sh"
 
-[ "$(uname -m)" = s390x ] || die "Building a Secure Execution image is currently only supported on s390x."
+ARCH=${ARCH:-$(uname -m)}
+if [ $(uname -m) == "${ARCH}" ]; then
+	[ "${ARCH}" == "s390x" ] || die "Building a Secure Execution image is currently only supported on s390x."
+fi
 
 finish() {
 	if [ -e "${parmfile}" ]; then
diff --git a/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile b/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile
index c5a9a2f527..f4ba5cc60e 100644
--- a/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile
+++ b/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile
@@ -5,6 +5,9 @@
 FROM ubuntu:20.04
 ENV DEBIAN_FRONTEND=noninteractive
 ENV INSTALL_IN_GOPATH=false
+# Required for libxml2-dev
+ENV TZ=Etc/UTC
+ARG ARCH
 
 COPY install_yq.sh /usr/bin/install_yq.sh
 COPY install_oras.sh /usr/bin/install_oras.sh
@@ -40,16 +43,43 @@ RUN if [ ${IMG_USER} != "root" ] && [ ! -z ${HOST_DOCKER_GID} ]; then groupadd -
 RUN if [ ${IMG_USER} != "root" ] && [ ! -z ${HOST_DOCKER_GID} ]; then usermod -a -G docker_on_host ${IMG_USER};fi
 RUN sh -c "echo '${IMG_USER} ALL=NOPASSWD: ALL' >> /etc/sudoers"
 
+RUN if [ "${ARCH}" != "$(uname -m)" ] && [ "${ARCH}" == "s390x" ]; then sed -i 's/^deb/deb [arch=amd64]/g' /etc/apt/sources.list && \
+    dpkg --add-architecture "s390x" && \
+    echo "deb [arch=s390x] http://ports.ubuntu.com/ focal main multiverse universe" >> /etc/apt/sources.list && \
+    echo "deb [arch=s390x] http://ports.ubuntu.com/ focal-security main multiverse universe" >> /etc/apt/sources.list && \
+    echo "deb [arch=s390x] http://ports.ubuntu.com/ focal-backports main multiverse universe" >> /etc/apt/sources.list && \
+    echo "deb [arch=s390x] http://ports.ubuntu.com/ focal-updates main multiverse universe" >> /etc/apt/sources.list; fi
+
 #FIXME: gcc is required as agent is build out of a container build.
 RUN apt-get update && \
-  apt-get install --no-install-recommends -y \
-  build-essential \
-  cpio \
-  gcc \
-  unzip \
-  xz-utils && \
-  if uname -m | grep -Eq 's390x'; then apt-get install -y s390-tools; fi && \
-  apt-get clean && rm -rf /var/lib/apt/lists
+    apt-get install --no-install-recommends -y \
+    build-essential \
+    cpio \
+    gcc \
+    unzip \
+    xz-utils && \
+    if [ "${ARCH}" != "$(uname -m)" ] && [ "${ARCH}" == "s390x" ]; then \
+        apt-get install -y --no-install-recommends \
+        gcc-s390x-linux-gnu \
+        g++-s390x-linux-gnu \
+        binutils-s390x-linux-gnu \
+        dpkg-dev \
+        apt-utils \
+        libssl-dev:s390x \
+        libcurl4-openssl-dev:s390x \
+        libjson-c-dev:s390x \
+        pkg-config:s390x \
+        libxml2-dev:s390x \
+        libjson-c-dev:s390x \
+        libglib2.0-0:s390x \
+        libglib2.0-dev:s390x; \
+    elif uname -m | grep -Eq 's390x'; then apt-get install -y s390-tools; fi && \
+    apt-get clean && rm -rf /var/lib/apt/lists
+
+RUN if [ "${ARCH}" != "$(uname -m)" ] && [ "${ARCH}" == "s390x" ]; then \
+        git clone -b v2.25.0 https://github.com/ibm-s390-linux/s390-tools.git && cd s390-tools && \
+        pushd genprotimg && pushd boot && make CROSS_COMPILE=s390x-linux-gnu- && popd && pushd src && \
+        make CROSS_COMPILE=s390x-linux-gnu- && popd && make install && popd || return; fi
 
 ENV USER ${IMG_USER}
 USER ${IMG_USER}
diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
index f01744c406..46133159ab 100755
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
@@ -75,6 +75,7 @@ docker build -q -t build-kata-deploy \
 	--build-arg http_proxy="${http_proxy}" \
 	--build-arg https_proxy="${https_proxy}" \
 	--build-arg HOST_DOCKER_GID=${docker_gid} \
+	--build-arg ARCH="${ARCH}" \
 	"${script_dir}/dockerbuild/"
 
 CI="${CI:-}"