diff options
| author | Alyssa Ross <hi@alyssa.is> | 2022-01-08 19:37:47 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2022-01-11 14:30:35 +0000 |
| commit | f7c31462751b3536f88acc2aac07b2fd4a2eaf4c (patch) | |
| tree | aa6c99f7e0761bd2abe9a334e31f96683b59f710 /host/rootfs | |
| parent | afe325db597aec5088b69579cd645585dbf35508 (diff) | |
| download | spectrum-f7c31462751b3536f88acc2aac07b2fd4a2eaf4c.tar spectrum-f7c31462751b3536f88acc2aac07b2fd4a2eaf4c.tar.gz spectrum-f7c31462751b3536f88acc2aac07b2fd4a2eaf4c.tar.bz2 spectrum-f7c31462751b3536f88acc2aac07b2fd4a2eaf4c.tar.lz spectrum-f7c31462751b3536f88acc2aac07b2fd4a2eaf4c.tar.xz spectrum-f7c31462751b3536f88acc2aac07b2fd4a2eaf4c.tar.zst spectrum-f7c31462751b3536f88acc2aac07b2fd4a2eaf4c.zip | |
host/rootfs: let ext partition be overridden
This fixes make run, which didn't work before because there was no verity to look at, and makes it so that we don't have to build a GPT image every time we want to test any change, which was very slow.
Diffstat (limited to 'host/rootfs')
| -rw-r--r-- | host/rootfs/Makefile | 16 | ||||
| -rw-r--r-- | host/rootfs/default.nix | 5 | ||||
| -rwxr-xr-x | host/rootfs/etc/init | 3 | ||||
| -rw-r--r-- | host/rootfs/etc/mdev.conf | 3 | ||||
| -rwxr-xr-x | host/rootfs/etc/mdev/block/add | 39 | ||||
| -rw-r--r-- | host/rootfs/etc/s6-rc/ext/up | 24 | ||||
| -rwxr-xr-x | host/rootfs/scripts/make-gpt.sh | 58 |
7 files changed, 54 insertions, 94 deletions
diff --git a/host/rootfs/Makefile b/host/rootfs/Makefile index abbb5ba..88b8d63 100644 --- a/host/rootfs/Makefile +++ b/host/rootfs/Makefile @@ -1,5 +1,5 @@ # SPDX-License-Identifier: EUPL-1.2 -# SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2021-2022 Alyssa Ross <hi@alyssa.is> # qemu-kvm is non-standard, but is present in at least Fedora and # Nixpkgs. If you don't have qemu-kvm, you'll need to set e.g. @@ -13,12 +13,6 @@ build/rootfs.ext4: build/rootfs.tar tar2ext4 -i build/rootfs.tar -o $@.tmp mv $@.tmp $@ -build/test.img: scripts/make-gpt.sh build/rootfs.ext4 $(EXT_FS) - scripts/make-gpt.sh $@.tmp \ - build/rootfs.ext4:4f68bce3-e8cd-4db1-96e7-fbcaf984b709 \ - $(EXT_FS):9293e1ff-cee4-4658-88be-898ec863944f - mv $@.tmp $@ - FILES = \ etc/fonts/fonts.conf \ etc/fstab \ @@ -26,6 +20,7 @@ FILES = \ etc/init \ etc/login \ etc/mdev.conf \ + etc/mdev/block/add \ etc/mdev/listen \ etc/mdev/net/add \ etc/mdev/wait \ @@ -114,15 +109,16 @@ clean: rm -rf build .PHONY: clean -run: build/test.img +run: build/rootfs.ext4 $(EXT_FS) $(QEMU_KVM) -cpu host -m 2G \ -machine q35,kernel=$(KERNEL),kernel-irqchip=split \ -display gtk,gl=on \ -qmp unix:vmm.sock,server,nowait \ -monitor vc \ -parallel none \ - -drive file=build/test.img,if=virtio,format=raw,readonly=on \ - -append "console=ttyS0 root=/dev/vda1 intel_iommu=on" \ + -drive file=build/rootfs.ext4,if=virtio,format=raw,readonly=on \ + -drive file=$(EXT_FS),if=virtio,format=raw,readonly=on \ + -append "console=ttyS0 root=/dev/vda ext=/dev/vdb intel_iommu=on" \ -device intel-iommu,intremap=on \ -device virtio-vga-gl .PHONY: run diff --git a/host/rootfs/default.nix b/host/rootfs/default.nix index 21a9818..f637a6b 100644 --- a/host/rootfs/default.nix +++ b/host/rootfs/default.nix @@ -1,5 +1,5 @@ # SPDX-License-Identifier: EUPL-1.2 -# SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2021-2022 Alyssa Ross <hi@alyssa.is> { pkgs ? import <nixpkgs> {} }: pkgs.pkgsStatic.callPackage ( @@ -23,6 +23,7 @@ let pkgs.pkgsMusl.cryptsetup (busybox.override { extraConfig = '' + CONFIG_FINDFS n CONFIG_INIT n ''; }) @@ -53,7 +54,7 @@ let # TODO: this is a hack and we should just build the util-linux # programs we want. # https://lore.kernel.org/util-linux/87zgrl6ufb.fsf@alyssa.is/ - ln -s ${util-linux.override { systemd = null; }}/bin/lsblk $out/usr/bin + ln -s ${util-linux.override { systemd = null; }}/bin/{findfs,lsblk} $out/usr/bin ''; packagesTar = runCommand "packages.tar" {} '' diff --git a/host/rootfs/etc/init b/host/rootfs/etc/init index 4f3ed66..a4c6c60 100755 --- a/host/rootfs/etc/init +++ b/host/rootfs/etc/init @@ -1,12 +1,13 @@ #!/bin/execlineb -P # SPDX-License-Identifier: EUPL-1.2 -# SPDX-FileCopyrightText: 2020-2021 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2020-2022 Alyssa Ross <hi@alyssa.is> /bin/export PATH /bin /bin/s6-setsid -qb -- umask 022 if { mount -t tmpfs -o mode=0755 tmpfs /run } +if { s6-dumpenv /run/param } if { s6-hiercopy /etc/service /run/service } emptyenv -p diff --git a/host/rootfs/etc/mdev.conf b/host/rootfs/etc/mdev.conf index 0882ee5..82630ec 100644 --- a/host/rootfs/etc/mdev.conf +++ b/host/rootfs/etc/mdev.conf @@ -1,6 +1,7 @@ # SPDX-License-Identifier: EUPL-1.2 -# SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2021-2022 Alyssa Ross <hi@alyssa.is> -$MODALIAS=.* 0:0 660 +/etc/mdev/modalias.sh +-$DEVTYPE=(disk|partition) 0:0 660 +/etc/mdev/block/add kvm 0:0 660 dri/card0 0:0 660 +/etc/mdev/listen card0 diff --git a/host/rootfs/etc/mdev/block/add b/host/rootfs/etc/mdev/block/add new file mode 100755 index 0000000..84aac73 --- /dev/null +++ b/host/rootfs/etc/mdev/block/add @@ -0,0 +1,39 @@ +#!/bin/execlineb -P +# SPDX-License-Identifier: EUPL-1.2 +# SPDX-FileCopyrightText: 2022 Alyssa Ross <hi@alyssa.is> + +cd /dev +importas -i devname DEVNAME + +backtick -E ext { + backtick -x extspec { redirfd -w 2 /dev/null cat /run/param/ext } + ifelse { redirfd -w 1 /dev/null printenv extspec } + + { + importas -iu extspec extspec + findfs $extspec + } + + pipeline { + backtick -E diskpath { + pipeline { lsblk -lnpo KNAME,PKNAME } + backtick -E rootpart { + pipeline { veritysetup status root-verity } + awk -F ":[[:blank:]]*" "$1 ~ /^[[:blank:]]*data device$/ {print $2; exit}" + } + awk -v rootpart=${rootpart} "$1 == rootpart {print $2; exit}" + } + lsblk -lnpo PARTTYPE,NAME $diskpath + } + awk "$1 == \"9293e1ff-cee4-4658-88be-898ec863944f\" {print $2; exit}" +} + +if { + backtick -E extinode { redirfd -w 2 /dev/null stat -Lc %d:%i $ext } + backtick -E inode { stat -Lc %d:%i $devname } + test $inode = $extinode +} + +if { ln -s $devname ext } +if { mount ext /ext } +/etc/mdev/listen ext diff --git a/host/rootfs/etc/s6-rc/ext/up b/host/rootfs/etc/s6-rc/ext/up index 4400814..63bbe81 100644 --- a/host/rootfs/etc/s6-rc/ext/up +++ b/host/rootfs/etc/s6-rc/ext/up @@ -1,24 +1,4 @@ # SPDX-License-Identifier: EUPL-1.2 -# SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2021-2022 Alyssa Ross <hi@alyssa.is> -# For now, we only support ext partitions on the same disk as the -# rootfs. This could be relaxed in future, but probably requires some -# careful thought, including support for doing it asynchronously -# e.g. if the ext partition is on a USB device. - -backtick -E rootpart { - pipeline { veritysetup status root-verity } - awk -F ":[[:blank:]]*" "$1 ~ /^[[:blank:]]*data device$/ {print $2; exit}" -} - -backtick -E diskpath { - pipeline { lsblk -lnpo KNAME,PKNAME } - awk -v rootpart=${rootpart} "$1 == rootpart {print $2; exit}" -} - -backtick -E extpart { - pipeline { lsblk -lnpo PARTTYPE,NAME $diskpath } - awk "$1 == \"9293e1ff-cee4-4658-88be-898ec863944f\" {print $2; exit}" -} - -mount $extpart /ext +/etc/mdev/wait ext diff --git a/host/rootfs/scripts/make-gpt.sh b/host/rootfs/scripts/make-gpt.sh deleted file mode 100755 index 00042d3..0000000 --- a/host/rootfs/scripts/make-gpt.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/sh -eu -# -# SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> -# SPDX-License-Identifier: EUPL-1.2 -# -# usage: make-gpt.sh GPT_PATH PATH:UUID... - -ONE_MiB=1048576 -TWO_MiB=2097152 - -# Prints the number of 1MiB blocks required to store the file named -# $1. We use 1MiB blocks because that's what sfdisk uses for -# alignment. It would be possible to get a slightly smaller image -# using actual normal-sized 512-byte blocks, but it's probably not -# worth it to configure sfdisk to do that. -sizeMiB() { - wc -c "$1" | awk -v ONE_MiB=$ONE_MiB \ - '{printf "%d\n", ($1 + ONE_MiB - 1) / ONE_MiB}' -} - -# Copies from path $3 into partition number $2 in partition table $1. -fillPartition() { - sfdisk -J "$1" | jq -r --argjson index "$2" \ - '.partitiontable.partitions[$index] | "\(.start) \(.size)"' | - (read start size; - dd if="$3" of="$1" seek="$start" count="$size" conv=notrunc) -} - -# Prints the partition path from a PATH:UUID string. -partitionPath() { - printf "%s" "$1" | awk -F: '{NF--; print}' -} -# Prints the partition UUID from a PATH:UUID string. -partitionUuid() { - printf "%s" "$1" | awk -F: '{print $NF}' -} - -out="$1" -shift - -# Keep 1MiB free at the start, and 1MiB free at the end. -gptBytes=$TWO_MiB -for partition; do - sizeMiB="$(sizeMiB "$(partitionPath "$partition")")" - gptBytes="$(expr "$gptBytes" + "$sizeMiB" \* $ONE_MiB)" -done - -truncate -s "$gptBytes" "$out" -(printf "label: gpt\n"; for partition; do - sizeMiB="$(sizeMiB "$(partitionPath "$partition")")" - printf "%s\n" "- ${sizeMiB}MiB $(partitionUuid "$partition") -" -done) | tee /dev/stderr | sfdisk "$out" - -n=0 -for partition; do - fillPartition "$out" "$n" "$(partitionPath "$partition")" - n="$(expr "$n" + 1)" -done |