From 5e72595a736f35d8edc0e2edf4e51d5191e257d5 Mon Sep 17 00:00:00 2001 From: Riccardo Pittau Date: Fri, 6 Mar 2020 17:15:22 +0100 Subject: [PATCH] Use tinycore 11 to build tinyipa We should take advantage of the latest tinycore image version to build ipa ramdisks, just to be able to use kernel from series 5.x Depends-On: https://review.opendev.org/739448 Depends-On: https://review.opendev.org/756353 Story: 2007855 Task: 40158 Change-Id: I852aeac090bb38dbb20f8484e191ba76b42c9dd9 --- tinyipa/build-instance-images.sh | 4 -- tinyipa/build-tinyipa.sh | 9 +-- tinyipa/build_files/buildreqs.lst | 7 +- tinyipa/build_files/fakeuname | 2 +- tinyipa/build_files/finalreqs.lst | 8 +-- tinyipa/finalise-tinyipa.sh | 4 -- tinyipa/patches/ipmitool-openssl.patch | 86 +++++++++++++++++++++++++ tinyipa/patches/tce-load_squashfs.patch | 20 ------ 8 files changed, 97 insertions(+), 43 deletions(-) create mode 100644 tinyipa/patches/ipmitool-openssl.patch delete mode 100644 tinyipa/patches/tce-load_squashfs.patch diff --git a/tinyipa/build-instance-images.sh b/tinyipa/build-instance-images.sh index 4368363..0fd0221 100755 --- a/tinyipa/build-instance-images.sh +++ b/tinyipa/build-instance-images.sh @@ -22,10 +22,6 @@ setup_tce $DST_DIR # NOTE(rpittau) change ownership of the tce info dir to prevent writing issues sudo chown $TC:$STAFF $DST_DIR/usr/local/tce.installed -# NOTE(rpittau) patch tce-load to adapt to changes in squashfs module in -# latest kernel -sudo patch ${DST_DIR}/usr/bin/tce-load < patches/tce-load_squashfs.patch - $TC_CHROOT_CMD tce-load -wci grub2-multi.tcz cleanup_tce $DST_DIR diff --git a/tinyipa/build-tinyipa.sh b/tinyipa/build-tinyipa.sh index 962cbb3..bb7694b 100755 --- a/tinyipa/build-tinyipa.sh +++ b/tinyipa/build-tinyipa.sh @@ -9,10 +9,10 @@ TINYIPA_REQUIRE_BIOSDEVNAME=${TINYIPA_REQUIRE_BIOSDEVNAME:-false} TINYIPA_REQUIRE_IPMITOOL=${TINYIPA_REQUIRE_IPMITOOL:-true} IRONIC_LIB_SOURCE=${IRONIC_LIB_SOURCE:-} USE_PYTHON3=${USE_PYTHON3:-True} -TC_RELEASE="10.x" +TC_RELEASE="11.x" TGT_RELEASE="v1.0.79" -QEMU_RELEASE="v3.1.1" +QEMU_RELEASE="v4.2.0" LSHW_RELEASE="B.02.18" BIOSDEVNAME_RELEASE="0.7.2" @@ -76,6 +76,7 @@ if $TINYIPA_REQUIRE_BIOSDEVNAME; then fi if $TINYIPA_REQUIRE_IPMITOOL; then wget -N -O - https://github.com/ipmitool/ipmitool/archive/IPMITOOL_${IPMITOOL_RELASE}.tar.gz | tar -xz -C "${BUILDDIR}/tmp" -f - + patch ${BUILDDIR}/tmp/ipmitool-IPMITOOL_${IPMITOOL_RELASE}/src/plugins/lanplus/lanplus_crypt_impl.c < patches/ipmitool-openssl.patch fi # Create directory for python local mirror @@ -170,10 +171,6 @@ fi # NOTE(rpittau) change ownership of the tce info dir to prevent writing issues sudo chown $TC:$STAFF $BUILDDIR/usr/local/tce.installed -# NOTE(rpittau) patch tce-load to adapt to changes in squashfs module in -# latest kernel -sudo patch ${BUILDDIR}/usr/bin/tce-load < patches/tce-load_squashfs.patch - while read line; do sudo chroot --userspec=$TC:$STAFF $BUILDDIR /usr/bin/env -i PATH=$CHROOT_PATH http_proxy=$http_proxy https_proxy=$https_proxy no_proxy=$no_proxy tce-load -wci $line done < <(paste $WORKDIR/build_files/$PY_REQS $WORKDIR/build_files/buildreqs.lst) diff --git a/tinyipa/build_files/buildreqs.lst b/tinyipa/build_files/buildreqs.lst index f68e36e..09b960a 100644 --- a/tinyipa/build_files/buildreqs.lst +++ b/tinyipa/build_files/buildreqs.lst @@ -11,16 +11,15 @@ gdisk.tcz git.tcz glib2-dev.tcz hdparm.tcz -ipv6-4.19.10-tinycore64.tcz +ipv6-netfilter-5.4.3-tinycore64.tcz libpci-dev.tcz libtool-dev.tcz libtool.tcz parted.tcz pciutils.tcz pixman-dev.tcz -pkg-config.tcz -raid-dm-4.19.10-tinycore64.tcz -scsi-4.19.10-tinycore64.tcz +raid-dm-5.4.3-tinycore64.tcz +scsi-5.4.3-tinycore64.tcz udev-lib.tcz util-linux.tcz zlib_base-dev.tcz diff --git a/tinyipa/build_files/fakeuname b/tinyipa/build_files/fakeuname index 615363f..34dfac9 100755 --- a/tinyipa/build_files/fakeuname +++ b/tinyipa/build_files/fakeuname @@ -2,7 +2,7 @@ S="Linux" N="box" -R="4.19.10-tinycore64" +R="5.4.3-tinycore64" P="unknown" V="#2017 SMP" M="x86_64" diff --git a/tinyipa/build_files/finalreqs.lst b/tinyipa/build_files/finalreqs.lst index 917056b..8d2fe75 100644 --- a/tinyipa/build_files/finalreqs.lst +++ b/tinyipa/build_files/finalreqs.lst @@ -9,15 +9,15 @@ glib2.tcz haveged.tcz hdparm.tcz iproute2.tcz -ipv6-4.19.10-tinycore64.tcz +ipv6-netfilter-5.4.3-tinycore64.tcz libxml2.tcz mdadm.tcz parted.tcz popt.tcz pciutils.tcz -raid-dm-4.19.10-tinycore64.tcz -scsi-4.19.10-tinycore64.tcz -filesystems-4.19.10-tinycore64.tcz +raid-dm-5.4.3-tinycore64.tcz +scsi-5.4.3-tinycore64.tcz +filesystems-5.4.3-tinycore64.tcz smartmontools.tcz udev-lib.tcz util-linux.tcz diff --git a/tinyipa/finalise-tinyipa.sh b/tinyipa/finalise-tinyipa.sh index 422aa06..34dd482 100755 --- a/tinyipa/finalise-tinyipa.sh +++ b/tinyipa/finalise-tinyipa.sh @@ -110,10 +110,6 @@ fi # NOTE(rpittau) change ownership of the tce info dir to prevent writing issues sudo chown $TC:$STAFF $FINALDIR/usr/local/tce.installed -# NOTE(rpittau) patch tce-load to adapt to changes in squashfs module in -# latest kernel -sudo patch ${FINALDIR}/usr/bin/tce-load < patches/tce-load_squashfs.patch - while read line; do $TC_CHROOT_CMD tce-load -wic $line done < <(paste $WORKDIR/build_files/finalreqs.lst $WORKDIR/build_files/$PY_REQS) diff --git a/tinyipa/patches/ipmitool-openssl.patch b/tinyipa/patches/ipmitool-openssl.patch new file mode 100644 index 0000000..ca9b913 --- /dev/null +++ b/tinyipa/patches/ipmitool-openssl.patch @@ -0,0 +1,86 @@ +@@ -164,10 +164,10 @@ + uint8_t * output, + uint32_t * bytes_written) + { +- EVP_CIPHER_CTX ctx; +- EVP_CIPHER_CTX_init(&ctx); +- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); ++ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); ++ EVP_CIPHER_CTX_init(ctx); ++ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); ++ EVP_CIPHER_CTX_set_padding(ctx, 0); + + + *bytes_written = 0; +@@ -191,7 +191,7 @@ + assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + + +- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) ++ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) + { + /* Error */ + *bytes_written = 0; +@@ -201,7 +201,7 @@ + { + uint32_t tmplen; + +- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) ++ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) + { + *bytes_written = 0; + return; /* Error */ +@@ -210,7 +210,8 @@ + { + /* Success */ + *bytes_written += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_cleanup(ctx); ++ EVP_CIPHER_CTX_free(ctx); + } + } + } +@@ -239,10 +240,10 @@ + uint8_t * output, + uint32_t * bytes_written) + { +- EVP_CIPHER_CTX ctx; +- EVP_CIPHER_CTX_init(&ctx); +- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); ++ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); ++ EVP_CIPHER_CTX_init(ctx); ++ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); ++ EVP_CIPHER_CTX_set_padding(ctx, 0); + + + if (verbose >= 5) +@@ -266,7 +267,7 @@ + assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + + +- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) ++ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) + { + /* Error */ + lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); +@@ -277,7 +278,7 @@ + { + uint32_t tmplen; + +- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) ++ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) + { + char buffer[1000]; + ERR_error_string(ERR_get_error(), buffer); +@@ -290,7 +291,8 @@ + { + /* Success */ + *bytes_written += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_cleanup(ctx); ++ EVP_CIPHER_CTX_free(ctx); + } + } + diff --git a/tinyipa/patches/tce-load_squashfs.patch b/tinyipa/patches/tce-load_squashfs.patch deleted file mode 100644 index 36ceed1..0000000 --- a/tinyipa/patches/tce-load_squashfs.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- tce-load 2020-05-11 14:53:49.281851377 +0200 -+++ tce-load-new 2020-05-11 14:54:33.300890003 +0200 -@@ -81,7 +81,7 @@ - - copyInstall() { - [ -d /mnt/test ] || sudo /bin/mkdir -p /mnt/test -- sudo /bin/mount $1 /mnt/test -t squashfs -o loop,ro,bs=4096 -+ sudo /bin/mount $1 /mnt/test -t squashfs -o loop,ro - if [ "$?" == 0 ]; then - if [ "$(ls -A /mnt/test)" ]; then - yes "$FORCE" | sudo /bin/cp -ai /mnt/test/. / 2>/dev/null -@@ -135,7 +135,7 @@ - else - [ -d /tmp/tcloop/"$APPNAME" ] || sudo /bin/mkdir -p /tmp/tcloop/"$APPNAME" - awk -v appname="/tmp/tcloop/$APPNAME" ' { if ( $2 == appname ) exit 1 }' /etc/mtab -- [ "$?" == 1 ] || sudo /bin/mount "$THISAPP" /tmp/tcloop/"$APPNAME" -t squashfs -o loop,ro,bs=4096 2>&1 -+ [ "$?" == 1 ] || sudo /bin/mount "$THISAPP" /tmp/tcloop/"$APPNAME" -t squashfs -o loop,ro 2>&1 - [ "$?" == 0 ] || abort_to_saved_dir - [ "`find /tmp/tcloop/${APPNAME} -mindepth 1 -maxdepth 2 | wc -l`" -le 1 ] && EMPTYEXT=1 -