diff --git a/packages/initrd-alpine/build.yaml b/packages/initrd-alpine/build.yaml new file mode 100644 index 0000000..af96325 --- /dev/null +++ b/packages/initrd-alpine/build.yaml @@ -0,0 +1,27 @@ +image: alpine + +copy: + - package: + category: "system" + name: "immucore" + version: ">=0" + source: "/usr/bin/immucore" + destination: "/usr/bin/immucore" + - package: + category: "system" + name: "kairos-agent" + version: ">=0" + source: "/usr/bin/kairos-agent" + destination: "/usr/bin/kairos-agent" + +prelude: +- apk add linux-lts mkinitfs linux-firmware-none udev lvm2 findmnt rsync parted +- rm /boot/initramfs-lts + +steps: +- /usr/bin/immucore version +- cp files/immucore.files /etc/mkinitfs/features.d/immucore.files +- kernel=$(ls /lib/modules | head -n1) && mkinitfs -o /boot/initrd -i files/initramfs-init -c files/mkinitfs.conf $kernel + +include: + - ^/boot/initrd$ \ No newline at end of file diff --git a/packages/initrd-alpine/collection.yaml b/packages/initrd-alpine/collection.yaml new file mode 100644 index 0000000..ff88d23 --- /dev/null +++ b/packages/initrd-alpine/collection.yaml @@ -0,0 +1,4 @@ +packages: +- name: "alpine" + category: "distro-initrd" + version: "0.1.0" \ No newline at end of file diff --git a/packages/initrd-alpine/files/immucore.files b/packages/initrd-alpine/files/immucore.files new file mode 100644 index 0000000..5944e52 --- /dev/null +++ b/packages/initrd-alpine/files/immucore.files @@ -0,0 +1,12 @@ +/usr/bin/immucore +/usr/bin/kairos-agent +/sbin/lvm +/bin/findmnt +/bin/udevadm +/sbin/udevadm +/sbin/udevd +/etc/udev/* +/lib/udev/* +/usr/lib/libudev* +/usr/bin/rsync +/usr/sbin/parted \ No newline at end of file diff --git a/packages/initrd-alpine/files/initramfs-init b/packages/initrd-alpine/files/initramfs-init new file mode 100755 index 0000000..afd473f --- /dev/null +++ b/packages/initrd-alpine/files/initramfs-init @@ -0,0 +1,381 @@ +#!/bin/sh + +VERSION=3.8.0-kairos1 +INIT=/sbin/init +sysroot="$ROOT"/sysroot + +# some helpers +ebegin() { + last_emsg="$*" + echo "$last_emsg..." > "$ROOT"/dev/kmsg + echo -n " * $last_emsg: " +} +eend() { + if [ "$1" = 0 ] || [ $# -lt 1 ] ; then + echo "$last_emsg: ok." > "$ROOT"/dev/kmsg + echo "ok." + else + shift + echo "$last_emsg: failed. $*" > "$ROOT"/dev/kmsg + echo "failed. $*" + echo "initramfs emergency recovery shell launched. Type 'exit' to continue boot" + /bin/busybox sh + fi +} + +# find mount dir and mount opts for given device in an fstab +get_fstab_mount_info() { + local search_dev="$1" + local fstab="$2" + local mntopts= + case "$search_dev" in + UUID*|LABEL*) search_dev=$(findfs "$search_dev");; + esac + [ -r "$fstab" ] || return 1 + local search_maj_min=$(stat -L -c '%t,%T' $search_dev) + while read dev mnt fs mntopts chk; do + case "$dev" in + UUID*|LABEL*) dev=$(findfs "$dev");; + esac + if [ -b "$dev" ] || [ -n "$ROOT" ]; then + local maj_min=$(stat -L -c '%t,%T' $dev) + if [ "$maj_min" = "$search_maj_min" ]; then + echo "$mnt $mntopts" + return + fi + fi + done < $fstab +} + +# add a boot service to $sysroot +rc_add() { + mkdir -p $sysroot/etc/runlevels/$2 + ln -sf /etc/files.d/$1 $sysroot/etc/runlevels/$2/$1 +} + +# Recursively resolve tty aliases like console or tty0 +list_console_devices() { + if ! [ -e "$ROOT"/sys/class/tty/$1/active ]; then + echo $1 + return + fi + + for dev in $(cat "$ROOT"/sys/class/tty/$1/active); do + list_console_devices $dev + done +} + +detect_serial_console() { + local n=$(awk '$7 ~ /CTS/ || $7 ~ /DSR/ { print $1 }' "$ROOT"/proc/tty/driver/serial 2>/dev/null) + if [ -n "$n" ]; then + echo ttyS${n%:} + fi +} + +setup_inittab_console() { + term=vt100 + # Inquire the kernel for list of console= devices + consoles="$(for c in console $(detect_serial_console); do list_console_devices $c; done)" + for tty in $consoles; do + # ignore tty devices that gives I/O error + if ! stty -g -F /dev/$tty >/dev/null 2>/dev/null; then + continue + fi + # do nothing if inittab already have the tty set up + if ! grep -q "^$tty:" $sysroot/etc/inittab 2>/dev/null; then + echo "# enable login on alternative console" \ + >> $sysroot/etc/inittab + # Baudrate of 0 keeps settings from kernel + echo "$tty::respawn:/sbin/getty -L 0 $tty $term" \ + >> $sysroot/etc/inittab + fi + if [ -e "$sysroot"/etc/securetty ] && ! grep -q -w "$tty" "$sysroot"/etc/securetty; then + echo "$tty" >> "$sysroot"/etc/securetty + fi + done +} + +# relocate mountpoint according given fstab and set mount options +remount_fstab_entry() { + local fstab="${1}" + local dir= + if ! [ -e "$repofile" ]; then + return + fi + cat - "$repofile" | while read dir; do + # skip http(s)/ftp repos for netboot + if [ -z "$dir" ] || ! [ -d "$ROOT/$dir" -o -f "$ROOT/$dir" ]; then + continue + fi + local dev=$(df -P "$dir" | tail -1 | awk '{print $1}') + local mntinfo="$(get_fstab_mount_info "$dev" "$fstab")" + local mnt="${mntinfo% *}" + local mntopts="${mntinfo#* }" + if [ -n "$mnt" ]; then + local oldmnt=$(awk -v d=$ROOT$dev '$1==d {print $2}' "$ROOT"/proc/mounts 2>/dev/null) + if [ "$oldmnt" != "$mnt" ]; then + mkdir -p "$mnt" + $MOCK mount -o move "$oldmnt" "$mnt" + fi + if [ -n "$mntopts" ]; then + $MOCK mount -o remount,"$mntopts" "$mnt" + fi + fi + done +} +rtc_exists() { + local rtc= + for rtc in /dev/rtc /dev/rtc[0-9]*; do + [ -e "$rtc" ] && break + done + [ -e "$rtc" ] +} + +# This is used to predict if network access will be necessary +is_url() { + case "$1" in + http://*|https://*|ftp://*) + return 0;; + *) + return 1;; + esac +} + +# support for eudev. see /etc/init.d/udev* +eudev_start() +{ + ebegin "Start udev" + if [ -e /proc/sys/kernel/hotplug ]; then + echo "" >/proc/sys/kernel/hotplug + fi + + udevd -d + + # store persistent-rules that got created while booting + # when / was still read-only + # create /etc/udev/rules.d + [ -d /etc/udev/rules.d ] || mkdir -p /etc/udev/rules.d + + local file dest + for file in /run/udev/tmp-rules--*; do + dest=${file##*tmp-rules--} + [ "$dest" = '*' ] && break + type=${dest##70-persistent-} + type=${type%%.rules} + cat "$file" >> /etc/udev/rules.d/"$dest" && rm -f "$file" + done + + # Populating /dev with existing devices through uevents + udevadm trigger --type=subsystems --action=add + udevadm trigger --type=devices --action=add + eend $? +} + + +/bin/busybox mkdir -p "$ROOT"/usr/bin \ + "$ROOT"/usr/sbin \ + "$ROOT"/proc \ + "$ROOT"/sys \ + "$ROOT"/dev \ + "$sysroot" \ + "$ROOT"/media/cdrom \ + "$ROOT"/media/usb \ + "$ROOT"/tmp \ + "$ROOT"/etc \ + "$ROOT"/run/cryptsetup + +# Spread out busybox symlinks and make them available without full path +/bin/busybox --install -s +export PATH="$PATH:/usr/bin:/bin:/usr/sbin:/sbin" + + + +$MOCK mount -t sysfs -o noexec,nosuid,nodev sysfs /sys +$MOCK mount -t devtmpfs -o exec,nosuid,mode=0755,size=2M devtmpfs /dev 2>/dev/null \ + || $MOCK mount -t tmpfs -o exec,nosuid,mode=0755,size=2M tmpfs /dev + +# Make sure /dev/null is a device node. If /dev/null does not exist yet, the command +# mounting the devtmpfs will create it implicitly as an file with the "2>" redirection. +# The -c check is required to deal with initramfs with pre-seeded device nodes without +# error message. +[ -c /dev/null ] || mknod -m 666 /dev/null c 1 3 + +# Make sure /dev/kmsg is a device node. Writing to /dev/kmsg allows the use of the +# earlyprintk kernel option to monitor early files progress. As above, the -c check +# prevents an error if the device node has already been seeded. +[ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11 + +$MOCK mount -t proc -o noexec,nosuid,nodev proc /proc +# pty device nodes (later system will need it) +[ -c /dev/ptmx ] || mknod -m 666 /dev/ptmx c 5 2 +[ -d /dev/pts ] || mkdir -m 755 /dev/pts +$MOCK mount -t devpts -o gid=5,mode=0620,noexec,nosuid devpts /dev/pts + +# shared memory area (later system will need it) +[ -d /dev/shm ] || mkdir /dev/shm +$MOCK mount -t tmpfs -o nodev,nosuid,noexec shm /dev/shm + +# mount run +$MOCK mount -t tmpfs -o nodev,nosuid,noexec,rw tmpfs /run + +echo "Alpine Init $VERSION" > "$ROOT"/dev/kmsg +echo "Alpine Init $VERSION" + +# pick first keymap if found +for map in "$ROOT"/etc/keymap/*; do + if [ -f "$map" ]; then + ebegin "Setting keymap ${map##*/}" + zcat "$map" | loadkmap + eend + break + fi +done + +# hide kernel messages +dmesg -n 1 + +# load available drivers to get access to modloop media +ebegin "Loading boot drivers" +$MOCK modprobe -a ahci virtio_blk virtio_net virtio_console virtio_pci nvme overlay usb_storage libata cdrom sr_mod iso9660 loop squashfs simpledrm unix 2> /dev/null +eend $? + +# persistent device names from eudev in order for immucore to mount stuff +[ -x "/sbin/udevadm" ] && eudev_start + +# Path for booting from livecd/netboot/rd.{cos,immucore}.disable +if grep -q cdroot /proc/cmdline || grep -q netboot /proc/cmdline || grep -q "rd.immucore.disable" /proc/cmdline || grep -q "rd.cos.disable" /proc/cmdline;then + ebegin "Mounting LiveCD" + $MOCK sync + # Create mountpoints + mkdir -p /media/root-ro /media/root-rw /run/rootfsbase $sysroot/media/root-ro $sysroot/media/root-rw $sysroot/run/rootfsbase + # Mount read-only livecd + $MOCK mount /dev/sr0 /media/root-ro + $MOCK sync + # Mount squashfs into loop device + losetup /dev/loop0 /media/root-ro/rootfs.squashfs + $MOCK sync + # Mount loop device into the rootfsbase + $MOCK mount /dev/loop0 /run/rootfsbase + $MOCK sync + # Mount writable overlay tmpfs + $MOCK mount -t tmpfs -o "mode=0755,rw,size=25%" root-tmpfs /media/root-rw + $MOCK sync + # Create additional mountpoints and do the overlay mount + mkdir -p /media/root-rw/work /media/root-rw/root + $MOCK mount -t overlay -o lowerdir=/run/rootfsbase,upperdir=/media/root-rw/root,workdir=/media/root-rw/work overlayfs $sysroot + $MOCK sync + eend + $MOCK sync + # immucore to run the initramfs and rootfs stages + ebegin "Immucore" + immucore + eend $? + # Move current mounts into sysroot mounts + # shellcheck disable=SC2002 + cat "$ROOT"/proc/mounts 2>/dev/null | while read DEV DIR TYPE OPTS ; do + # shellcheck disable=SC2166 + if [ "$DIR" != "/" -a "$DIR" != "$sysroot" -a -d "$DIR" ]; then + ebegin "Moving $DIR to $sysroot/$DIR" + mkdir -p $sysroot/$DIR + $MOCK mount -o move $DIR $sysroot/$DIR + eend $? + fi + done + # shellcheck disable=SC2093 + exec switch_root "$sysroot" "$INIT" + echo "initramfs emergency recovery shell launched" + exec /bin/busybox sh +fi + + +# Path for booting active/passive/recovery +ebegin "Immucore" +immucore +eend $? + +# by now the system should be mounted in /sysroot +if [ -f "$sysroot/etc/.default_boot_services" ]; then + # add some boot services by default + ebegin "Adding default boot services" + rc_add devfs sysinit + rc_add dmesg sysinit + rc_add mdev sysinit + rc_add hwdrivers sysinit + rc_add modloop sysinit + rc_add sshd default + rc_add udev sysinit + + rc_add modules boot + rc_add sysctl boot + rc_add hostname boot + rc_add bootmisc boot + rc_add syslog boot + + rc_add mount-ro shutdown + rc_add killprocs shutdown + rc_add savecache shutdown + rc_add firstboot default + + + rm -f "$sysroot/etc/.default_boot_services" + eend +fi + + +# copy keys so apk finds them. apk looks for stuff relative --root +mkdir -p $sysroot/etc/apk/keys/ +cp -a /etc/apk/keys $sysroot/etc/apk + + +# silently fix apk arch in case the apkovl does not match +if [ -r "$sysroot"/etc/apk/arch ]; then + apk_arch="$(apk --print-arch)" + if [ -n "$apk_arch" ]; then + echo "$apk_arch" > "$sysroot"/etc/apk/arch + fi +fi + + +# use swclock if no RTC is found +if rtc_exists || [ "$(uname -m)" = "s390x" ]; then + rc_add hwclock boot +else + rc_add swclock boot +fi + + +# Mount bind system mounts to sysroot to keep them going +mkdir -p $sysroot/sys $sysroot/proc $sysroot/dev $sysroot/run +$MOCK mount -o bind /sys $sysroot/sys +$MOCK mount -o bind /proc $sysroot/proc +$MOCK mount -o bind /dev $sysroot/dev +$MOCK mount -o bind /run $sysroot/run + +# remount according default fstab from package +if [ -z "$has_fstab" ] && [ -f "$sysroot"/etc/fstab ]; then + remount_fstab_entry "$sysroot"/etc/fstab +fi + + +# fix inittab if alternative console +setup_inittab_console + +! [ -f "$sysroot"/etc/resolv.conf ] && [ -f /etc/resolv.conf ] && \ + cp /etc/resolv.conf "$sysroot"/etc + +if [ ! -x "${sysroot}${INIT}" ]; then + echo "$INIT not found in new root. Launching emergency recovery shell" + echo "Type exit to continue boot." + /bin/busybox sh +fi + +# switch over to new root +echo "" +# shellcheck disable=SC2093 +exec switch_root "$sysroot" "$INIT" + +# If it fails, drop to recovery shell +echo "initramfs emergency recovery shell launched" +# shellcheck disable=SC2093 +exec /bin/busybox sh +reboot diff --git a/packages/initrd-alpine/files/mkinitfs.conf b/packages/initrd-alpine/files/mkinitfs.conf new file mode 100644 index 0000000..651abbb --- /dev/null +++ b/packages/initrd-alpine/files/mkinitfs.conf @@ -0,0 +1 @@ +features="ata base cdrom ext4 keymap kms mmc lvm nvme raid scsi usb network dhcp virtio zfs squashfs immucore" diff --git a/packages/kernels/linux-tegra/build.yaml b/packages/kernels/linux-tegra/build.yaml index cfcc64d..a924811 100644 --- a/packages/kernels/linux-tegra/build.yaml +++ b/packages/kernels/linux-tegra/build.yaml @@ -1,3 +1,4 @@ +{{ if .Values.arch }} {{ if eq .Values.arch "arm64" }} # There is no arm64 package. There is only a linux-tegra, generic, for ARM64, built from x86. {{ else }} @@ -29,4 +30,5 @@ steps: - cd Linux_for_Tegra/source/public/kernel/kernel-4.9/ && make CROSS_COMPILE=/luetbuild/gcc-linaro-7.3.1-2018.05-x86_64_aarch64-linux-gnu/ LOCALVERSION="-tegra" ARCH=arm64 O=/luetbuild/Linux_for_Tegra/source/public/kernel_out modules_install INSTALL_MOD_PATH=/out # https://blog.kevmo314.com/compiling-custom-kernel-modules-on-the-jetson-nano.html package_dir: /out -{{ end }} \ No newline at end of file +{{ end }} +{{end}} \ No newline at end of file diff --git a/packages/static/grub-efi/build.yaml b/packages/static/grub-efi/build.yaml index 170396d..aebbd6c 100644 --- a/packages/static/grub-efi/build.yaml +++ b/packages/static/grub-efi/build.yaml @@ -3,6 +3,7 @@ image: {{.Values.image}} {{if eq .Values.distribution "opensuse"}} +{{ if .Values.arch }} {{ if eq .Values.arch "arm64" }} prelude: - zypper in -y grub2-arm64-efi grub2 @@ -13,6 +14,7 @@ prelude: - zypper in -y grub2-i386-pc grub2-x86_64-efi grub2 {{ end }} {{end}} +{{end}} package_dir: "/output" steps: