Merge commit '9b9221b162f924069f40d72d77566409088b8a14' into main
Updating cros-sdk to version 13729.0.0
BUG=b/177232752
TEST=local build executor run with lakitu, kumo, anthos-amd64-vsphere
RELEASE_NOTE=None
Signed-off-by: Robert Kolchmeyer <rkolchmeyer@google.com>
Change-Id: I837da08db40b88a256b03ffd23062d56dcb4390d
diff --git a/OWNERS b/OWNERS
index 22f19f2..4b66b87 100644
--- a/OWNERS
+++ b/OWNERS
@@ -1,5 +1,6 @@
per-file update_kernel.sh = file:/OWNERS.kernel
# remote_access.sh is mostly used by update_kernel.sh.
per-file remote_access.sh = file:/OWNERS.kernel
+per-file create_remote_test_driver = file:chromiumos/chromite:/OWNERS.testplatform
include chromiumos/chromite:/OWNERS.build
diff --git a/build_kernel_image.sh b/build_kernel_image.sh
index 364524f..590ca31 100755
--- a/build_kernel_image.sh
+++ b/build_kernel_image.sh
@@ -6,6 +6,12 @@
# Helper script that generates the signed kernel image
+# All kernel command line changes must update the security base lines in
+# the signer. It rejects any settings it does not recognize and breaks the
+# build. So any kernel parameter changes that are made here needs to be
+# reflected in ensure_secure_kernelparams.config and deployed to production
+# signing before landed here.
+
SCRIPT_ROOT=$(dirname $(readlink -f "$0"))
. "${SCRIPT_ROOT}/common.sh" || exit 1
@@ -283,7 +289,6 @@
noresume
noswap
i915.modeset=1
-nmi_watchdog=panic,lapic
EOF
WORK="${WORK} ${FLAGS_working_dir}/config.txt"
diff --git a/build_library/base_image_util.sh b/build_library/base_image_util.sh
index d506718..a00576c 100755
--- a/build_library/base_image_util.sh
+++ b/build_library/base_image_util.sh
@@ -499,16 +499,28 @@
else
cpmv="mv"
fi
- [ -e "${root_fs_dir}"/boot/Image-* ] && \
- sudo "${cpmv}" "${root_fs_dir}"/boot/Image-* "${BUILD_DIR}/boot_images"
- [ -L "${root_fs_dir}"/boot/zImage-* ] && \
- sudo "${cpmv}" "${root_fs_dir}"/boot/zImage-* "${BUILD_DIR}/boot_images"
- [ -e "${root_fs_dir}"/boot/vmlinuz-* ] && \
- sudo "${cpmv}" "${root_fs_dir}"/boot/vmlinuz-* "${BUILD_DIR}/boot_images"
- [ -L "${root_fs_dir}"/boot/vmlinuz ] && \
- sudo "${cpmv}" "${root_fs_dir}"/boot/vmlinuz "${BUILD_DIR}/boot_images"
- [ -L "${root_fs_dir}"/boot/vmlinux.uimg ] && \
- sudo "${cpmv}" "${root_fs_dir}"/boot/vmlinux.uimg \
+
+ # Bootable kernel image for ManaTEE enabled targets is located at
+ # directory /build/manatee/boot and included only in bootable partition.
+ # If no manatee USE flag is specified the standard /boot location
+ # is used, optionally including kernel image in final build image.
+ local boot_dir
+ if has "manatee" "$(portageq-${FLAGS_board} envvar USE)"; then
+ boot_dir="${root_fs_dir}/build/manatee/boot"
+ else
+ boot_dir="${root_fs_dir}/boot"
+ fi
+
+ [ -e "${boot_dir}"/Image-* ] && \
+ sudo "${cpmv}" "${boot_dir}"/Image-* "${BUILD_DIR}/boot_images"
+ [ -L "${boot_dir}"/zImage-* ] && \
+ sudo "${cpmv}" "${boot_dir}"/zImage-* "${BUILD_DIR}/boot_images"
+ [ -e "${boot_dir}"/vmlinuz-* ] && \
+ sudo "${cpmv}" "${boot_dir}"/vmlinuz-* "${BUILD_DIR}/boot_images"
+ [ -L "${boot_dir}"/vmlinuz ] && \
+ sudo "${cpmv}" "${boot_dir}"/vmlinuz "${BUILD_DIR}/boot_images"
+ [ -L "${boot_dir}"/vmlinux.uimg ] && \
+ sudo "${cpmv}" "${boot_dir}"/vmlinux.uimg \
"${BUILD_DIR}/boot_images"
# Calculate package sizes within the built rootfs for reporting purposes.
diff --git a/build_library/cgpt.py b/build_library/cgpt.py
index ac524ae..1316abe 100755
--- a/build_library/cgpt.py
+++ b/build_library/cgpt.py
@@ -838,7 +838,7 @@
': $(( curr += blocks * block_size ))',
]
- if stateful != None:
+ if stateful is not None:
lines += fs_align_snippet + [
'blocks=$(( numsecs - (curr + %d) / block_size ))' %
SECONDARY_GPT_BYTES,
@@ -1581,7 +1581,7 @@
arg, text = line.split(':', 1)
args_help[arg.strip()] = text.strip()
- argspec = inspect.getargspec(func)
+ argspec = inspect.getfullargspec(func)
# Skip the first argument as that'll be the options field.
args = argspec.args[1:]
diff --git a/build_packages b/build_packages
index dfda48d..3e1ee38 100755
--- a/build_packages
+++ b/build_packages
@@ -311,7 +311,9 @@
# Collect all installed packages that depend on active cros_workon packages.
WORKON_PKG_CONSUMERS=()
mapfile -t WORKON_PKG_CONSUMERS < <( \
- equery-${FLAGS_board} -q depends "${CROS_WORKON_PKGS[@]}" | sort -u )
+ equery-${FLAGS_board} -q depends "${CROS_WORKON_PKGS[@]}" | \
+ sort -u | \
+ grep -Ev "^\s*$" )
# Transform this list of packages with versions in to a list of just
# $CATEGORY/$NAME entries, since we don't want to pass packages with explicit
diff --git a/create_remote_test_driver b/create_remote_test_driver
new file mode 100755
index 0000000..0b1abd7
--- /dev/null
+++ b/create_remote_test_driver
@@ -0,0 +1,82 @@
+#!/bin/bash
+
+# Copyright 2020 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+# Populates a directory with everything necessary to build a remote test driver
+# container.
+
+# BuildAndCopyTastItems builds and copies all Tast related executables
+# and data to targets.
+BuildAndCopyTastItems() {
+ # Emerge tast related executables.
+ sudo emerge tast-cmd
+ sudo emerge tast-remote-tests-cros
+ local tast_dir="$1/tast"
+ local tast_bin_dir="${tast_dir}/bin"
+ # Copy tast related items.
+ mkdir -p "${tast_bin_dir}"
+ cp /usr/bin/tast "${tast_bin_dir}"
+ cp /usr/bin/tast_rtd "${tast_bin_dir}"
+ cp /usr/bin/remote_test_runner "${tast_bin_dir}"
+ cp -pdr /usr/libexec/tast/bundles "${tast_dir}"
+ cp -pdr /usr/share/tast/data "${tast_dir}"
+ cp -pdr /etc/tast/vars "${tast_dir}"
+ cp -pdr /home/"${USER}"/trunk/chromite/ssh_keys "${tast_dir}"
+}
+
+readonly script_dir="$(dirname "$(realpath -e "${BASH_SOURCE[0]}")")"
+. "${script_dir}/common.sh" || exit 1
+
+# Script must run inside the chroot
+assert_inside_chroot "$@"
+
+# Do not run as root
+assert_not_root_user
+
+DEFINE_string output_dir "" "Dir in which to put Dockerfile and dependencies"
+
+# Parse command line flags
+FLAGS "$@" || exit 1
+eval set -- "${FLAGS_ARGV}"
+
+# Only now can we die on error. shflags functions leak non-zero error codes,
+# so will die prematurely if 'switch_to_strict_mode' is specified before now.
+switch_to_strict_mode
+
+output_dir="${FLAGS_output_dir}"
+if [[ -z "${FLAGS_output_dir}" ]]; then
+ info "No --output_dir provided. Using temp dir instead"
+ output_dir=$(mktemp -d)
+fi
+
+if [[ ! -d "${output_dir}" ]]; then
+ error "output_dir ${output_dir} must exist as a directory"
+ exit 1
+fi
+
+if [[ -n "$(ls -A "${output_dir}")" ]]; then
+ error "output_dir ${output_dir} must be empty"
+ exit 1
+fi
+
+# Write out a simple Dockerfile.
+cat > "${output_dir}/Dockerfile" <<- EOF
+FROM ubuntu:bionic
+WORKDIR /usr/src/rtd/
+COPY rtd/ .
+EOF
+
+# Create the remote test driver folder and copy test content into it.
+rtd_dir="${output_dir}/rtd"
+mkdir "${rtd_dir}"
+# Build and copy the tnull (fake) RTD.
+sudo emerge tnull
+cp /usr/bin/tnull "${rtd_dir}/"
+
+# tast and tauto entries will eventually go here.
+BuildAndCopyTastItems "${rtd_dir}"
+
+command_completed
+info "Done. Wrote output to ${output_dir}"
diff --git a/cros_workon_make b/cros_workon_make
new file mode 100755
index 0000000..9a469ae
--- /dev/null
+++ b/cros_workon_make
@@ -0,0 +1,147 @@
+#!/bin/bash
+
+# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+#
+# Simple wrapper script to build a cros_workon package incrementally.
+# You must already be cros_workon'ing the package in question.
+
+. /usr/share/misc/shflags || exit 1
+
+GCLIENT_ROOT="/mnt/host/source"
+DEFAULT_BOARD="$(cat "${GCLIENT_ROOT}"/src/scripts/.default_board 2>/dev/null)"
+
+info() { echo "INFO: $*"; }
+warn() { echo "WARN: $*"; }
+error() { echo "ERROR: $*"; }
+die() { error "$@"; exit 1; }
+
+DEFINE_string board "${DEFAULT_BOARD}" \
+ "Board for which to build the package."
+DEFINE_boolean test "${FLAGS_FALSE}" \
+ "Compile and run tests as well."
+DEFINE_boolean reconf "${FLAGS_FALSE}" \
+ "Re-run configure and prepare steps."
+DEFINE_boolean install "${FLAGS_FALSE}" \
+ "Incrementally build and install your package."
+DEFINE_boolean scrub "${FLAGS_FALSE}" \
+ "Blow away all in-tree files not managed by git."
+
+set -e
+# Parse command line.
+FLAGS "$@" || exit 1
+eval set -- "${FLAGS_ARGV}"
+
+if [ $# -lt 1 ]; then
+ echo "Usage: ${0} [OPTIONS] <package (read: ebuild) basename> [target args]"
+ exit 1
+fi
+
+if [ -z "${FLAGS_board}" ]; then
+ die "--board is required"
+fi
+
+if [ -n "${FLAGS_board}" ]; then
+ EBUILDCMD=ebuild-"${FLAGS_board}"
+ EMERGECMD=emerge-"${FLAGS_board}"
+ EQUERYCMD=equery-"${FLAGS_board}"
+ BOARD="${FLAGS_board}"
+fi
+
+pkg="${1}"
+shift
+if [ "${pkg}" = "." ]; then
+ if ! pkg=$(git config workon.pkg); then
+ die "workon.pkg not set in git config for this project"
+ fi
+fi
+
+unstable_suffix="9999"
+workon_name="${pkg}-${unstable_suffix}"
+pkgfile=
+
+# Find the ebuild file, ensure the caller is workon'ing the package.
+if ! pkgfile=$("${EQUERYCMD}" which "${workon_name}" 2> /dev/null); then
+ BOARD_KEYWORD="$(portageq-${FLAGS_board} envvar ARCH)"
+ if ACCEPT_KEYWORDS="~${BOARD_KEYWORD}" "${EQUERYCMD}" which "${workon_name}" \
+ > /dev/null 2>&1; then
+ die "run 'cros_workon --board ${BOARD} start ${pkg}' first!" 1>&2
+ fi
+ die "error looking up package ${pkg}"
+fi
+
+if [ "${FLAGS_scrub}" = "${FLAGS_TRUE}" ]; then
+ warn "--scrub will destroy ALL FILES unknown to git!"
+ read -p "Are you sure you want to do this? [y|N]" resp
+ if egrep -qi "^y(es)?$" <(echo -n "${resp}"); then
+ eval $(${EBUILDCMD} $(${EQUERYCMD} which ${workon_name}) info)
+ srcdir=$(readlink -m ${CROS_WORKON_SRCDIR})
+ project_path=${srcdir#${GCLIENT_ROOT}/}
+ if ! (cd "${GCLIENT_ROOT}/${project_path}" && git clean -dxf); then
+ die "Could not scrub source directory"
+ fi
+ else
+ info "Not scrubbing; exiting gracefully"
+ fi
+ exit 0
+fi
+
+# Find the portage work directory for this package.
+workpath=$(\
+ echo "${pkgfile}" | \
+ awk -F '/' '{ print $(NF-2) "/" $(NF-1) }')-"${unstable_suffix}"
+workpath="/build/${BOARD}/tmp/portage/${workpath}"
+
+# Export vars that the ebuild env needs from us.
+export SANDBOX_WRITE=~/trunk
+export CROS_WORKON_INPLACE=1
+export CROS_WORKON_MAKE_COMPILE_ARGS="$*"
+
+# The ebuild commands we run rely on portage automatically running earlier
+# phases for us. Append in case there is something already in the env.
+FEATURES+=" -noauto"
+export FEATURES
+
+# Vars that we want to pass through for the user.
+PASS_THROUGH_VARS=(
+ # cros-workon.eclass vars.
+ CROS_WORKON_MAKE_COMPILE_ARGS
+ # Common test vars.
+ GTEST_ARGS
+ # Platform eclass vars.
+ P2_TEST_FILTER
+ P2_VMODULE
+)
+
+# Determine if we're going to do tests, set up commands appropriately.
+to_do="compile"
+if [ "${FLAGS_test}" = "${FLAGS_TRUE}" ]; then
+ to_do="test"
+ FEATURES+=" test"
+ rm -f "${workpath}/.tested"
+fi
+
+workdir="${workpath}/work/${workon_name}"
+if [ ! -h "${workdir}" ]; then
+ warn "Cleaning up stale workdir: ${workdir}"
+ FLAGS_reconf="${FLAGS_TRUE}" # To force symlinking in the user's src dir.
+fi
+
+if [ "${FLAGS_install}" = "${FLAGS_TRUE}" ]; then
+ exec "${EMERGECMD}" --nodeps "${pkg}"
+fi
+
+clean=
+if [ "${FLAGS_reconf}" = "${FLAGS_TRUE}" ]; then
+ clean="clean"
+else
+ rm -f "${workpath}/.compiled"
+ envf="${workpath}/temp/environment"
+ for v in ${PASS_THROUGH_VARS[@]}; do
+ # We delete it independently in case the var wasn't set initially.
+ sed -i -e "/^declare .. ${v}=/d" "${envf}"
+ printf 'declare -x %s="%s"\n' "${v}" "${!v}" >> "${envf}"
+ done
+fi
+exec "${EBUILDCMD}" "${pkgfile}" ${clean} "${to_do}"
diff --git a/hooks/filesystem-sanity.py b/hooks/filesystem-layout.py
similarity index 98%
rename from hooks/filesystem-sanity.py
rename to hooks/filesystem-layout.py
index a749528..71efaf9 100755
--- a/hooks/filesystem-sanity.py
+++ b/hooks/filesystem-layout.py
@@ -105,9 +105,6 @@
'chromeos-base/chromeos-initramfs',
# https://crbug.com/1054646
'chromeos-base/devserver',
- # https://crbug.com/1007402
- 'chromeos-base/factory',
- 'chromeos-base/factory-board',
'dev-python/django',
'media-gfx/sane-backends',
'media-sound/alsa-utils',
diff --git a/hooks/install/filesystem-sanity.sh b/hooks/install/filesystem-layout.sh
similarity index 72%
rename from hooks/install/filesystem-sanity.sh
rename to hooks/install/filesystem-layout.sh
index 7083932..2877a68 100755
--- a/hooks/install/filesystem-sanity.sh
+++ b/hooks/install/filesystem-layout.sh
@@ -6,8 +6,8 @@
main() {
SCRIPT="$(realpath "$0")"
SCRIPT_DIR="$(dirname "${SCRIPT}")"
- if ! "${SCRIPT_DIR}/../filesystem-sanity.py" "${ED:-${D:-}}"; then
- die "Filesystem layout is not sane"
+ if ! "${SCRIPT_DIR}/../filesystem-layout.py" "${ED:-${D:-}}"; then
+ die "Filesystem layout is not valid"
fi
}
main "$@"
diff --git a/hooks/install/multilib-sanity.sh b/hooks/install/multilib-check.sh
similarity index 100%
rename from hooks/install/multilib-sanity.sh
rename to hooks/install/multilib-check.sh
diff --git a/update_kernel.sh b/update_kernel.sh
index f872208..03243a9 100755
--- a/update_kernel.sh
+++ b/update_kernel.sh
@@ -21,7 +21,8 @@
DEFINE_string arch "" "Override architecture reported by target"
DEFINE_boolean clean $FLAGS_FALSE "Remove old files before sending new files"
DEFINE_boolean hv $FLAGS_TRUE "Use hypervisor kernel if available."
-DEFINE_boolean ignore_verity $FLAGS_FALSE "Update kernel even if system is using verity"
+DEFINE_boolean ignore_verity $FLAGS_FALSE "Update kernel even if system is using verity \
+(WARNING: likely to make the system unable to boot)"
DEFINE_boolean reboot $FLAGS_TRUE "Reboot system after update"
DEFINE_boolean vboot $FLAGS_TRUE "Update the vboot kernel"
DEFINE_boolean syslinux $FLAGS_TRUE "Update the syslinux kernel (including /boot)"
@@ -81,7 +82,7 @@
else
warn "System is using verity: First remove rootfs verification using"
warn "/usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification"
- warn "on the DUT, or add --ignore_verity parameter to this command."
+ warn "on the DUT."
die_notrace
fi
else
@@ -154,10 +155,13 @@
make_kernelimage() {
local bootloader_path
local kernel_image
- local boot_path="/build/${FLAGS_board}/boot"
+ local boot_path="/build/${FLAGS_board}"
local config_path="$(mktemp /tmp/config.txt.XXXXX)"
- if [[ ${FLAGS_hv} -eq ${FLAGS_TRUE} && -d "${boot_path}/hv" ]]; then
- boot_path+="/hv"
+ if [[ ${FLAGS_hv} -eq ${FLAGS_TRUE} && \
+ -d "${boot_path}/build/manatee/boot" ]]; then
+ boot_path+="/build/manatee/boot"
+ else
+ boot_path+="/boot"
fi
if [[ "${FLAGS_arch}" == "arm" || "${FLAGS_arch}" == "arm64" ]]; then
name="bootloader.bin"