diff mbox series

[v3,6/6] CI: Include microcode for x86 hardware jobs

Message ID 20250414110903.2355303-7-andrew.cooper3@citrix.com (mailing list archive)
State New
Headers show
Series CI: switch to CPIO archives | expand

Commit Message

Andrew Cooper April 14, 2025, 11:09 a.m. UTC
All the x86 hardware runners are out of date, to varying degrees, in terms of
microcode.

Microcode must be uncompressed and prepended to the initrd in order for Xen to
be able to use it during early boot.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Anthony PERARD <anthony.perard@vates.tech>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Michal Orzel <michal.orzel@amd.com>
CC: Doug Goldstein <cardoe@cardoe.com>
CC: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>

v3:
 * New

https://gitlab.com/xen-project/hardware/xen-staging/-/pipelines/1766187024
---
 automation/gitlab-ci/build.yaml                | 1 +
 automation/gitlab-ci/test.yaml                 | 6 ++++++
 automation/scripts/qubes-x86-64.sh             | 3 ++-
 automation/scripts/xilinx-smoke-dom0-x86_64.sh | 3 ++-
 4 files changed, 11 insertions(+), 2 deletions(-)

Comments

Anthony PERARD April 14, 2025, 5:45 p.m. UTC | #1
On Mon, Apr 14, 2025 at 12:09:03PM +0100, Andrew Cooper wrote:
> diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
> index 1b82b359d01f..ac5367874526 100644
> --- a/automation/gitlab-ci/build.yaml
> +++ b/automation/gitlab-ci/build.yaml
> @@ -306,6 +306,7 @@ alpine-3.18-gcc-debug:
>        CONFIG_ARGO=y
>        CONFIG_UBSAN=y
>        CONFIG_UBSAN_FATAL=y
> +      CONFIG_UCODE_SCAN_DEFAULT=y

Is there a change that this patch series gets backported? Because that
new Kconfig option won't exist.

Othewise, patch looks fine:
Reviewed-by: Anthony PERARD <anthony.perard@vates.tech>

Thanks,
Andrew Cooper April 14, 2025, 5:47 p.m. UTC | #2
On 14/04/2025 6:45 pm, Anthony PERARD wrote:
> On Mon, Apr 14, 2025 at 12:09:03PM +0100, Andrew Cooper wrote:
>> diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
>> index 1b82b359d01f..ac5367874526 100644
>> --- a/automation/gitlab-ci/build.yaml
>> +++ b/automation/gitlab-ci/build.yaml
>> @@ -306,6 +306,7 @@ alpine-3.18-gcc-debug:
>>        CONFIG_ARGO=y
>>        CONFIG_UBSAN=y
>>        CONFIG_UBSAN_FATAL=y
>> +      CONFIG_UCODE_SCAN_DEFAULT=y
> Is there a change

DYM "chance" ?

>  that this patch series gets backported? Because that
> new Kconfig option won't exist.

Yes, I do intend to backport this whole series in due course, and yes,
I'm aware.

> Othewise, patch looks fine:
> Reviewed-by: Anthony PERARD <anthony.perard@vates.tech>

Thanks.

~Andrew
Marek Marczykowski-Górecki April 14, 2025, 5:55 p.m. UTC | #3
On Mon, Apr 14, 2025 at 06:47:07PM +0100, Andrew Cooper wrote:
> On 14/04/2025 6:45 pm, Anthony PERARD wrote:
> > On Mon, Apr 14, 2025 at 12:09:03PM +0100, Andrew Cooper wrote:
> >> diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
> >> index 1b82b359d01f..ac5367874526 100644
> >> --- a/automation/gitlab-ci/build.yaml
> >> +++ b/automation/gitlab-ci/build.yaml
> >> @@ -306,6 +306,7 @@ alpine-3.18-gcc-debug:
> >>        CONFIG_ARGO=y
> >>        CONFIG_UBSAN=y
> >>        CONFIG_UBSAN_FATAL=y
> >> +      CONFIG_UCODE_SCAN_DEFAULT=y
> > Is there a change
> 
> DYM "chance" ?
> 
> >  that this patch series gets backported? Because that
> > new Kconfig option won't exist.
> 
> Yes, I do intend to backport this whole series in due course, and yes,
> I'm aware.

A more backport-friendly way would be add ucode=scan to xen cmdline.

> > Othewise, patch looks fine:
> > Reviewed-by: Anthony PERARD <anthony.perard@vates.tech>
> 
> Thanks.
> 
> ~Andrew
Andrew Cooper April 14, 2025, 6:01 p.m. UTC | #4
On 14/04/2025 6:55 pm, Marek Marczykowski-Górecki wrote:
> On Mon, Apr 14, 2025 at 06:47:07PM +0100, Andrew Cooper wrote:
>> On 14/04/2025 6:45 pm, Anthony PERARD wrote:
>>> On Mon, Apr 14, 2025 at 12:09:03PM +0100, Andrew Cooper wrote:
>>>> diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
>>>> index 1b82b359d01f..ac5367874526 100644
>>>> --- a/automation/gitlab-ci/build.yaml
>>>> +++ b/automation/gitlab-ci/build.yaml
>>>> @@ -306,6 +306,7 @@ alpine-3.18-gcc-debug:
>>>>        CONFIG_ARGO=y
>>>>        CONFIG_UBSAN=y
>>>>        CONFIG_UBSAN_FATAL=y
>>>> +      CONFIG_UCODE_SCAN_DEFAULT=y
>>> Is there a change
>> DYM "chance" ?
>>
>>>  that this patch series gets backported? Because that
>>> new Kconfig option won't exist.
>> Yes, I do intend to backport this whole series in due course, and yes,
>> I'm aware.
> A more backport-friendly way would be add ucode=scan to xen cmdline.

Yeah, but they're too long already IMO.

Needing to override defaults to make our CI system useful is a good hint
that the defaults are wrong.

Same for console_timestamps, which isn't even deployed consistently
across the testing.

~Andrew
diff mbox series

Patch

diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
index 1b82b359d01f..ac5367874526 100644
--- a/automation/gitlab-ci/build.yaml
+++ b/automation/gitlab-ci/build.yaml
@@ -306,6 +306,7 @@  alpine-3.18-gcc-debug:
       CONFIG_ARGO=y
       CONFIG_UBSAN=y
       CONFIG_UBSAN_FATAL=y
+      CONFIG_UCODE_SCAN_DEFAULT=y
       CONFIG_XHCI=y
 
 debian-12-x86_64-gcc-debug:
diff --git a/automation/gitlab-ci/test.yaml b/automation/gitlab-ci/test.yaml
index d46da1c43d05..ef17def0120a 100644
--- a/automation/gitlab-ci/test.yaml
+++ b/automation/gitlab-ci/test.yaml
@@ -26,6 +26,9 @@ 
   - project: xen-project/hardware/test-artifacts
     job: alpine-3.18-x86_64-rootfs
     ref: master
+  - project: xen-project/hardware/test-artifacts
+    job: microcode-x86_64
+    ref: master
 
 .qemu-arm64:
   extends: .test-jobs-common
@@ -250,6 +253,9 @@  xilinx-smoke-dom0-x86_64-gcc-debug-argo:
     - project: xen-project/hardware/test-artifacts
       job: x86_64-argo-linux-6.6.56
       ref: master
+    - project: xen-project/hardware/test-artifacts
+      job: microcode-x86_64
+      ref: master
 
 adl-smoke-x86-64-gcc-debug:
   extends: .adl-x86-64
diff --git a/automation/scripts/qubes-x86-64.sh b/automation/scripts/qubes-x86-64.sh
index 3947027d6e4d..1f90e7002c73 100755
--- a/automation/scripts/qubes-x86-64.sh
+++ b/automation/scripts/qubes-x86-64.sh
@@ -188,7 +188,8 @@  Kernel \r on an \m (\l)
 fi
 
 # Dom0 rootfs
-cp binaries/rootfs.cpio.gz binaries/dom0-rootfs.cpio.gz
+cp binaries/ucode.cpio binaries/dom0-rootfs.cpio.gz
+cat binaries/rootfs.cpio.gz >> binaries/dom0-rootfs.cpio.gz
 cat binaries/xen-tools.cpio.gz >> binaries/dom0-rootfs.cpio.gz
 
 # test-local configuration
diff --git a/automation/scripts/xilinx-smoke-dom0-x86_64.sh b/automation/scripts/xilinx-smoke-dom0-x86_64.sh
index 1f8cc172c630..5bb44188dc3d 100755
--- a/automation/scripts/xilinx-smoke-dom0-x86_64.sh
+++ b/automation/scripts/xilinx-smoke-dom0-x86_64.sh
@@ -106,7 +106,8 @@  cd ..
 rm -rf rootfs
 
 # Dom0 rootfs
-cp binaries/rootfs.cpio.gz binaries/dom0-rootfs.cpio.gz
+cp binaries/ucode.cpio binaries/dom0-rootfs.cpio.gz
+cat binaries/rootfs.cpio.gz >> binaries/dom0-rootfs.cpio.gz
 cat binaries/xen-tools.cpio.gz >> binaries/dom0-rootfs.cpio.gz
 if [[ "${TEST}" == argo ]]; then
     cat binaries/argo.cpio.gz >> binaries/dom0-rootfs.cpio.gz