From cbe53bdb14e303830fa9f2d5a7f3c9161a32f033 Mon Sep 17 00:00:00 2001 From: Jose Carlos Venegas Munoz Date: Mon, 20 Jul 2020 22:57:30 +0000 Subject: [PATCH 1/2] qemu-virtiofs: Update to qemu 5.0 + virtiofs + dax Update build scripts for qemu-virtiofs. - virtiofs-0.3 patches are not needed - Sync build on how vanilla qemu is built - Apply patches for virtiofsd if any (none today) - Apply patches that are used for the qemu vanilla - Apply patches in order Depends-on: github.com/kata-containers/runtime#2840 Depends-on: github.com/kata-containers/tests#2737 Fixes: github.com/kata-containers/runtime#2848 Signed-off-by: Jose Carlos Venegas Munoz --- .../virtiofsd/0001-add-time-to-seccomp.patch | 26 ---------- ...x-the-VHOST_USER_PROTOCOL_F_SLAVE_SE.patch | 50 ------------------- static-build/qemu-virtiofs/Dockerfile | 36 ++++++++++--- 3 files changed, 28 insertions(+), 84 deletions(-) delete mode 100644 qemu/patches/virtiofsd/0001-add-time-to-seccomp.patch delete mode 100644 qemu/patches/virtiofsd/0002-libvhost-user-Fix-the-VHOST_USER_PROTOCOL_F_SLAVE_SE.patch diff --git a/qemu/patches/virtiofsd/0001-add-time-to-seccomp.patch b/qemu/patches/virtiofsd/0001-add-time-to-seccomp.patch deleted file mode 100644 index deadcb5b..00000000 --- a/qemu/patches/virtiofsd/0001-add-time-to-seccomp.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 2317a63d2acab16be4655ec87542a2bf3d75551b Mon Sep 17 00:00:00 2001 -From: "Dr. David Alan Gilbert" -Date: Thu, 26 Sep 2019 18:41:34 +0100 -Subject: [PATCH] virtiofsd: Add time to seccomp - -Needed by static builds - -Signed-off-by: Dr. David Alan Gilbert ---- - contrib/virtiofsd/seccomp.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/contrib/virtiofsd/seccomp.c b/contrib/virtiofsd/seccomp.c -index 3b92c6ee13..374bab2bef 100644 ---- a/contrib/virtiofsd/seccomp.c -+++ b/contrib/virtiofsd/seccomp.c -@@ -75,6 +75,7 @@ static const int syscall_whitelist[] = { - SCMP_SYS(setresuid), - SCMP_SYS(set_robust_list), - SCMP_SYS(symlinkat), -+ SCMP_SYS(time), /* Rarely needed, except on static builds */ - SCMP_SYS(tgkill), - SCMP_SYS(unlinkat), - SCMP_SYS(utimensat), --- -2.21.0 diff --git a/qemu/patches/virtiofsd/0002-libvhost-user-Fix-the-VHOST_USER_PROTOCOL_F_SLAVE_SE.patch b/qemu/patches/virtiofsd/0002-libvhost-user-Fix-the-VHOST_USER_PROTOCOL_F_SLAVE_SE.patch deleted file mode 100644 index 03f8f5c1..00000000 --- a/qemu/patches/virtiofsd/0002-libvhost-user-Fix-the-VHOST_USER_PROTOCOL_F_SLAVE_SE.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 47adda63e398a179b6211763377c8f61c5d62f5a Mon Sep 17 00:00:00 2001 -From: Sebastien Boeuf -Date: Wed, 7 Aug 2019 07:15:32 -0700 -Subject: [PATCH] libvhost-user: Fix the VHOST_USER_PROTOCOL_F_SLAVE_SEND_FD - check - -Vhost user protocol features are set as a bitmask. And the following -constant VHOST_USER_PROTOCOL_F_SLAVE_SEND_FD value is 10 because the bit -10 indicates if the features is set or not. - -The proper way to check for the presence or absence of this feature is -to shift 1 by the value of this constant and then mask it with the -actual bitmask representing the supported protocol features. - -This patch aims to fix the current code as it was not doing the -shifting, but instead it was masking directly with the value of the -constant itself. - -Signed-off-by: Sebastien Boeuf ---- - contrib/libvhost-user/libvhost-user.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/contrib/libvhost-user/libvhost-user.c b/contrib/libvhost-user/libvhost-user.c -index 215ce22b79..626e2a035f 100644 ---- a/contrib/libvhost-user/libvhost-user.c -+++ b/contrib/libvhost-user/libvhost-user.c -@@ -1129,7 +1129,8 @@ bool vu_set_queue_host_notifier(VuDev *dev, VuVirtq *vq, int fd, - - vmsg.fd_num = fd_num; - -- if ((dev->protocol_features & VHOST_USER_PROTOCOL_F_SLAVE_SEND_FD) == 0) { -+ if ((dev->protocol_features & -+ (1ULL << VHOST_USER_PROTOCOL_F_SLAVE_SEND_FD)) == 0) { - return false; - } - -@@ -2554,7 +2555,8 @@ int64_t vu_fs_cache_request(VuDev *dev, VhostUserSlaveRequest req, int fd, - - vmsg.fd_num = fd_num; - -- if ((dev->protocol_features & VHOST_USER_PROTOCOL_F_SLAVE_SEND_FD) == 0) { -+ if ((dev->protocol_features & -+ (1ULL << VHOST_USER_PROTOCOL_F_SLAVE_SEND_FD)) == 0) { - return -EINVAL; - } - --- -2.20.1 - diff --git a/static-build/qemu-virtiofs/Dockerfile b/static-build/qemu-virtiofs/Dockerfile index 9f68ce8d..2a906d69 100644 --- a/static-build/qemu-virtiofs/Dockerfile +++ b/static-build/qemu-virtiofs/Dockerfile @@ -1,4 +1,4 @@ -from ubuntu:18.04 +from ubuntu:20.04 ARG QEMU_VIRTIOFS_REPO # commit/tag/branch @@ -19,37 +19,57 @@ RUN apt-get --no-install-recommends install -y \ flex \ gawk \ libaudit-dev \ + libblkid-dev \ libcap-dev \ libcap-ng-dev \ libdw-dev \ libelf-dev \ + libffi-dev \ libglib2.0-0 \ libglib2.0-dev \ libglib2.0-dev git \ libltdl-dev \ + libmount-dev \ libpixman-1-dev \ libpmem-dev \ libseccomp-dev \ + libseccomp2 \ + libselinux1-dev \ libtool \ - patch \ + make \ pkg-config \ pkg-config \ python \ python-dev \ rsync \ seccomp \ - libseccomp2 \ zlib1g-dev RUN cd .. && git clone "${QEMU_VIRTIOFS_REPO}" qemu-virtiofs RUN git checkout "${QEMU_VIRTIOFS_TAG}" -ADD qemu/patches/virtiofsd/0001-add-time-to-seccomp.patch /root/0001-add-time-to-seccomp.patch -ADD qemu/patches/virtiofsd/0002-libvhost-user-Fix-the-VHOST_USER_PROTOCOL_F_SLAVE_SE.patch /root/0002-libvhost-user-Fix-the-VHOST_USER_PROTOCOL_F_SLAVE_SE.patch -RUN patch -p1 < /root/0001-add-time-to-seccomp.patch -RUN patch -p1 < /root/0002-libvhost-user-Fix-the-VHOST_USER_PROTOCOL_F_SLAVE_SE.patch + ADD scripts/configure-hypervisor.sh /root/configure-hypervisor.sh -RUN PREFIX="${PREFIX}" /root/configure-hypervisor.sh -s kata-qemu | sed -e 's|--enable-rbd||g' -e 's|--disable-seccomp||g' | xargs ./configure \ +ADD qemu/patches/ /root/kata_qemu_patches + +# Apply experimental specific patches +# Patches to quick fix virtiofs fork +ENV VIRTIOFS_PATCHES_DIR=/root/kata_qemu_patches/${QEMU_VIRTIOFS_TAG}/ +RUN find "${VIRTIOFS_PATCHES_DIR}" -name '*.patch' -type f |sort -t- -k1,1n > patches_virtiofs +RUN echo "Patches to apply for virtiofs fixes:" +RUN cat patches_virtiofs +RUN [ ! -s patches_virtiofs ] || git apply $(cat patches_virtiofs) + +RUN cat VERSION | awk 'BEGIN{FS=OFS="."}{print $1 "." $2 ".x"}' > stable_branch +RUN echo "root/kata_qemu_patches/$(cat stable_branch)/" > patches_qemu_dir +RUN echo "patches dir $(cat patches_qemu_dir)" +RUN find "$(cat patches_qemu_dir)" -name '*.patch' -type f |sort -t- -k1,1n > patches_qemu +RUN echo "Patches to apply for qemu:" +RUN cat patches_qemu +RUN [ ! -s patches_qemu ] || git apply $(cat patches_qemu ) + +RUN PREFIX="${PREFIX}" /root/configure-hypervisor.sh -s kata-qemu | sed -e 's|--disable-seccomp||g' | xargs ./configure \ --with-pkgversion=kata-static + RUN make -j$(nproc) RUN make -j$(nproc) virtiofsd RUN make install DESTDIR=/tmp/qemu-virtiofs-static From 4e1b5729f47d5f67902e1344521bc5b121673046 Mon Sep 17 00:00:00 2001 From: Jose Carlos Venegas Munoz Date: Thu, 6 Aug 2020 15:37:32 +0000 Subject: [PATCH 2/2] clh: enable build using Podman Build clh with Podman, allow build the vmm in the Podman CI Virtiofs qemu has to be build as this is requried by clh. Signed-off-by: Jose Carlos Venegas Munoz --- static-build/cloud-hypervisor/docker-build/build.sh | 10 ++++++++-- .../qemu-virtiofs/build-static-qemu-virtiofs.sh | 12 +++++++++--- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/static-build/cloud-hypervisor/docker-build/build.sh b/static-build/cloud-hypervisor/docker-build/build.sh index d29c933d..f7e3e988 100755 --- a/static-build/cloud-hypervisor/docker-build/build.sh +++ b/static-build/cloud-hypervisor/docker-build/build.sh @@ -11,7 +11,13 @@ set -o pipefail script_dir=$(dirname $(readlink -f "$0")) docker_image="cloud-hypervisor-builder" -sudo docker build -t "${docker_image}" "${script_dir}" +DOCKER_CLI="docker" + +if ! command -v docker && command -v podman; then + DOCKER_CLI="podman" +fi + +sudo "${DOCKER_CLI}" build -t "${docker_image}" "${script_dir}" if test -t 1; then USE_TTY="-ti" @@ -20,7 +26,7 @@ else echo "INFO: not tty build" fi -sudo docker run \ +sudo "${DOCKER_CLI}" run \ --rm \ -v "$(pwd):/$(pwd)" \ -w "$(pwd)" \ diff --git a/static-build/qemu-virtiofs/build-static-qemu-virtiofs.sh b/static-build/qemu-virtiofs/build-static-qemu-virtiofs.sh index dd89c32f..48233931 100755 --- a/static-build/qemu-virtiofs/build-static-qemu-virtiofs.sh +++ b/static-build/qemu-virtiofs/build-static-qemu-virtiofs.sh @@ -13,11 +13,17 @@ script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "${script_dir}/../../scripts/lib.sh" source "${script_dir}/../qemu.blacklist" +DOCKER_CLI="docker" + +if ! command -v docker &>/dev/null && command -v podman &>/dev/null; then + DOCKER_CLI="podman" +fi + kata_version="${kata_version:-}" packaging_dir="${script_dir}/../.." qemu_virtiofs_repo=$(get_from_kata_deps "assets.hypervisor.qemu-experimental.url" "${kata_version}") # This tag will be supported on the runtime versions.yaml -qemu_virtiofs_tag=$(get_from_kata_deps "assets.hypervisor.qemu-experimental.tag" "${kata_version}") +qemu_virtiofs_tag=$(get_from_kata_deps "assets.hypervisor.qemu-experimental.tag" "${kata_version}") qemu_virtiofs_tar="kata-static-qemu-virtiofsd.tar.gz" qemu_tmp_tar="kata-static-qemu-virtiofsd-tmp.tar.gz" @@ -27,7 +33,7 @@ http_proxy="${http_proxy:-}" https_proxy="${https_proxy:-}" prefix="${prefix:-"/opt/kata"}" -sudo docker build \ +sudo "${DOCKER_CLI}" build \ --no-cache \ --build-arg http_proxy="${http_proxy}" \ --build-arg https_proxy="${https_proxy}" \ @@ -39,7 +45,7 @@ sudo docker build \ -f "${script_dir}/Dockerfile" \ -t qemu-virtiofs-static -sudo docker run \ +sudo "${DOCKER_CLI}" run \ -i \ -v "${PWD}":/share qemu-virtiofs-static \ mv "/tmp/qemu-virtiofs-static/${qemu_virtiofs_tar}" /share/