From patchwork Mon Sep 11 13:31:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Venkata Pyla X-Patchwork-Id: 13379345 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 644FCEEB580 for ; Mon, 11 Sep 2023 13:32:01 +0000 (UTC) Received: from mo-csw.securemx.jp (mo-csw.securemx.jp [210.130.202.132]) by mx.groups.io with SMTP id smtpd.web11.58502.1694439113272338093 for ; Mon, 11 Sep 2023 06:31:53 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: toshiba-tsip.com, ip: 210.130.202.132, mailfrom: venkata.pyla@toshiba-tsip.com) Received: by mo-csw.securemx.jp (mx-mo-csw1121) id 38BDVo1d4004639; Mon, 11 Sep 2023 22:31:50 +0900 X-Iguazu-Qid: 2rWgSWj5NCjynch5AP X-Iguazu-QSIG: v=2; s=0; t=1694439109; q=2rWgSWj5NCjynch5AP; m=3YWGVQHNIZjj1T13myVdMxgS5esq33bJuKwX6326FQo= Received: from imx12-a.toshiba.co.jp ([38.106.60.135]) by relay.securemx.jp (mx-mr1120) id 38BDVmg64133164 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Mon, 11 Sep 2023 22:31:49 +0900 From: venkata.pyla@toshiba-tsip.com To: cip-dev@lists.cip-project.org, jan.kiszka@siemens.com Cc: venkata pyla , dinesh.kumar@toshiba-tsip.com, kazuhiro3.hayashi@toshiba.co.jp Subject: [isar-cip-core 1/5] .reproducible-check-ci.yml: Set default values in base job Date: Mon, 11 Sep 2023 19:01:43 +0530 X-TSB-HOP2: ON Message-Id: <20230911133147.3164-2-venkata.pyla@toshiba-tsip.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20230911133147.3164-1-venkata.pyla@toshiba-tsip.com> References: <20230911133147.3164-1-venkata.pyla@toshiba-tsip.com> MIME-Version: 1.0 X-OriginalArrivalTime: 11 Sep 2023 13:31:46.0754 (UTC) FILETIME=[4FC29A20:01D9E4B4] List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 11 Sep 2023 13:32:01 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/13020 From: venkata pyla The 'wic_targz' and 'extension' values will be same for all repro-build targets so define them in the base job `report-build` Signed-off-by: venkata pyla --- .reproducible-check-ci.yml | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/.reproducible-check-ci.yml b/.reproducible-check-ci.yml index 5628b1b..75c8cef 100644 --- a/.reproducible-check-ci.yml +++ b/.reproducible-check-ci.yml @@ -13,13 +13,14 @@ .repro-build: variables: use_rt: disable - wic_targz: disable - targz: enable + wic_targz: enable + targz: disable deploy: disable deploy_kernelci: disable artifact_suffix: ".tar.gz" base_yaml: "kas-cip.yml:kas/board/${target}.yml" release: bookworm + extension: ebg-swu stage: build tags: - large @@ -71,24 +72,18 @@ build:qemu-amd64-repro-build: - .repro-build variables: target: qemu-amd64 - extension: ebg-swu - wic_targz: enable build:qemu-arm64-repro-build: extends: - .repro-build variables: target: qemu-arm64 - extension: ebg-swu - wic_targz: enable build:qemu-arm-repro-build: extends: - .repro-build variables: target: qemu-arm - extension: ebg-swu - wic_targz: enable # repro build test test:qemu-amd64-repro-test: From patchwork Mon Sep 11 13:31:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Venkata Pyla X-Patchwork-Id: 13379344 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 653D3EEB581 for ; Mon, 11 Sep 2023 13:32:01 +0000 (UTC) Received: from mo-csw.securemx.jp (mo-csw.securemx.jp [210.130.202.134]) by mx.groups.io with SMTP id smtpd.web11.58503.1694439113635634268 for ; Mon, 11 Sep 2023 06:31:53 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: toshiba-tsip.com, ip: 210.130.202.134, mailfrom: venkata.pyla@toshiba-tsip.com) Received: by mo-csw.securemx.jp (mx-mo-csw1800) id 38BDVpC32060801; Mon, 11 Sep 2023 22:31:51 +0900 X-Iguazu-Qid: 2yAamNv3HFGkklX1t2 X-Iguazu-QSIG: v=2; s=0; t=1694439110; q=2yAamNv3HFGkklX1t2; m=QkPJsjM94RfbhAnbWe/w2875x9Hi87H4Tx/JU22MR44= Received: from imx12-a.toshiba.co.jp ([38.106.60.135]) by relay.securemx.jp (mx-mr1801) id 38BDVnDA2379201 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Mon, 11 Sep 2023 22:31:50 +0900 From: venkata.pyla@toshiba-tsip.com To: cip-dev@lists.cip-project.org, jan.kiszka@siemens.com Cc: venkata pyla , dinesh.kumar@toshiba-tsip.com, kazuhiro3.hayashi@toshiba.co.jp Subject: [isar-cip-core 2/5] .reproducible-check-ci.yml: Enable security target Date: Mon, 11 Sep 2023 19:01:44 +0530 X-TSB-HOP2: ON Message-Id: <20230911133147.3164-3-venkata.pyla@toshiba-tsip.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20230911133147.3164-1-venkata.pyla@toshiba-tsip.com> References: <20230911133147.3164-1-venkata.pyla@toshiba-tsip.com> MIME-Version: 1.0 X-OriginalArrivalTime: 11 Sep 2023 13:31:46.0832 (UTC) FILETIME=[4FCE8100:01D9E4B4] List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 11 Sep 2023 13:32:01 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/13021 From: venkata pyla This security extension image includes the following features * security customizations * swupdate * secure boot Signed-off-by: venkata pyla --- .reproducible-check-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.reproducible-check-ci.yml b/.reproducible-check-ci.yml index 75c8cef..35acb01 100644 --- a/.reproducible-check-ci.yml +++ b/.reproducible-check-ci.yml @@ -20,7 +20,8 @@ artifact_suffix: ".tar.gz" base_yaml: "kas-cip.yml:kas/board/${target}.yml" release: bookworm - extension: ebg-swu + # This target include base + swupdate + secureboot + security + extension: security stage: build tags: - large From patchwork Mon Sep 11 13:31:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Venkata Pyla X-Patchwork-Id: 13379343 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4EDBCEE7FF4 for ; Mon, 11 Sep 2023 13:32:01 +0000 (UTC) Received: from mo-csw.securemx.jp (mo-csw.securemx.jp [210.130.202.132]) by mx.groups.io with SMTP id smtpd.web11.58501.1694439112881168397 for ; Mon, 11 Sep 2023 06:31:53 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: toshiba-tsip.com, ip: 210.130.202.132, mailfrom: venkata.pyla@toshiba-tsip.com) Received: by mo-csw.securemx.jp (mx-mo-csw1121) id 38BDVpSh4004664; Mon, 11 Sep 2023 22:31:51 +0900 X-Iguazu-Qid: 2rWgJRkMW8EkpEctgf X-Iguazu-QSIG: v=2; s=0; t=1694439110; q=2rWgJRkMW8EkpEctgf; m=X5+txn9rNfzQI0yWoWXZsGYaML3MfANSXB0qbRCzSDA= Received: from imx12-a.toshiba.co.jp ([38.106.60.135]) by relay.securemx.jp (mx-mr1121) id 38BDVopO3610357 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Mon, 11 Sep 2023 22:31:50 +0900 From: venkata.pyla@toshiba-tsip.com To: cip-dev@lists.cip-project.org, jan.kiszka@siemens.com Cc: venkata pyla , dinesh.kumar@toshiba-tsip.com, kazuhiro3.hayashi@toshiba.co.jp Subject: [isar-cip-core 3/5] reproducible-check: Add option to pass extensions of the image Date: Mon, 11 Sep 2023 19:01:45 +0530 X-TSB-HOP2: ON Message-Id: <20230911133147.3164-4-venkata.pyla@toshiba-tsip.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20230911133147.3164-1-venkata.pyla@toshiba-tsip.com> References: <20230911133147.3164-1-venkata.pyla@toshiba-tsip.com> MIME-Version: 1.0 X-OriginalArrivalTime: 11 Sep 2023 13:31:46.0832 (UTC) FILETIME=[4FCE8100:01D9E4B4] List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 11 Sep 2023 13:32:01 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/13019 From: venkata pyla Images build with extentions like `security` have different name than base image, so prepare filename based on the extension passed to the script. Signed-off-by: venkata pyla --- .reproducible-check-ci.yml | 3 ++- scripts/repro-tests.sh | 9 +++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/.reproducible-check-ci.yml b/.reproducible-check-ci.yml index 35acb01..dec28e2 100644 --- a/.reproducible-check-ci.yml +++ b/.reproducible-check-ci.yml @@ -55,10 +55,11 @@ variables: GIT_STRATEGY: none release: bookworm + extension: security before_script: - apt update && DEBIAN_FRONTEND=noninteractive apt install -y diffoscope script: - - ./scripts/repro-tests.sh --release ${release} --target ${target} image1 image2 + - ./scripts/repro-tests.sh --release ${release} --target ${target} --extension ${extension} image1 image2 artifacts: when: always expire_in: 1 day diff --git a/scripts/repro-tests.sh b/scripts/repro-tests.sh index ab3dbce..2143058 100755 --- a/scripts/repro-tests.sh +++ b/scripts/repro-tests.sh @@ -31,6 +31,7 @@ GREEN='\033[0;32m' IMAGE_BASE="cip-core-image-cip-core" RELEASE="bullseye" TARGET="qemu-amd64" +EXTENSION="" DIFFOSCOPE="diffoscope" while [ "$1" != "" ]; do @@ -43,6 +44,10 @@ while [ "$1" != "" ]; do TARGET="$2" shift 2 ;; + -e | --extension ) + EXTENSION="$2" + shift 2 + ;; -h | --help ) usage exit @@ -63,6 +68,10 @@ if [ -z "$artifacts1" ] || [ -z "$artifacts2" ]; then exit 1 fi +if [ "${EXTENSION}" = "security" ]; then + IMAGE_BASE="cip-core-image-security-cip-core" +fi + # Define files in the artifacts for checking the reproducibility set -- \ "${IMAGE_BASE}-${RELEASE}-${TARGET}.wic.p1" \ From patchwork Mon Sep 11 13:31:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Venkata Pyla X-Patchwork-Id: 13379347 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 825E2EEB58C for ; Mon, 11 Sep 2023 13:32:01 +0000 (UTC) Received: from mo-csw.securemx.jp (mo-csw.securemx.jp [210.130.202.131]) by mx.groups.io with SMTP id smtpd.web10.58427.1694439114247851976 for ; Mon, 11 Sep 2023 06:31:54 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: toshiba-tsip.com, ip: 210.130.202.131, mailfrom: venkata.pyla@toshiba-tsip.com) Received: by mo-csw.securemx.jp (mx-mo-csw1120) id 38BDVq2a3930803; Mon, 11 Sep 2023 22:31:52 +0900 X-Iguazu-Qid: 2rWgLYQMf54wBpwWOm X-Iguazu-QSIG: v=2; s=0; t=1694439111; q=2rWgLYQMf54wBpwWOm; m=PTsNzoNUQeeBTY1SaakZQOX/vpBK2Z86lb9iLGDw6ZY= Received: from imx12-a.toshiba.co.jp ([38.106.60.135]) by relay.securemx.jp (mx-mr1123) id 38BDVoI53612988 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Mon, 11 Sep 2023 22:31:51 +0900 From: venkata.pyla@toshiba-tsip.com To: cip-dev@lists.cip-project.org, jan.kiszka@siemens.com Cc: venkata pyla , dinesh.kumar@toshiba-tsip.com, kazuhiro3.hayashi@toshiba.co.jp Subject: [isar-cip-core 4/5] .reproducible-check-ci.yml: Add BBB target Date: Mon, 11 Sep 2023 19:01:46 +0530 X-TSB-HOP2: ON Message-Id: <20230911133147.3164-5-venkata.pyla@toshiba-tsip.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20230911133147.3164-1-venkata.pyla@toshiba-tsip.com> References: <20230911133147.3164-1-venkata.pyla@toshiba-tsip.com> MIME-Version: 1.0 X-OriginalArrivalTime: 11 Sep 2023 13:31:46.0989 (UTC) FILETIME=[4FE675D0:01D9E4B4] List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 11 Sep 2023 13:32:01 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/13022 From: venkata pyla Signed-off-by: venkata pyla --- .reproducible-check-ci.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/.reproducible-check-ci.yml b/.reproducible-check-ci.yml index dec28e2..6bcc215 100644 --- a/.reproducible-check-ci.yml +++ b/.reproducible-check-ci.yml @@ -87,6 +87,13 @@ build:qemu-arm-repro-build: variables: target: qemu-arm +build:bbb-repro-build: + extends: + - .repro-build + variables: + target: bbb + extension: "none" + # repro build test test:qemu-amd64-repro-test: extends: @@ -111,3 +118,12 @@ test:qemu-arm-repro-test: target: qemu-arm dependencies: - build:qemu-arm-repro-build + +test:bbb-repro-test: + extends: + - .repro-test + variables: + target: bbb + extension: "none" + dependencies: + - build:bbb-repro-build From patchwork Mon Sep 11 13:31:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Venkata Pyla X-Patchwork-Id: 13379346 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 518D3EE57DF for ; Mon, 11 Sep 2023 13:32:01 +0000 (UTC) Received: from mo-csw.securemx.jp (mo-csw.securemx.jp [210.130.202.131]) by mx.groups.io with SMTP id smtpd.web10.58428.1694439114834215172 for ; Mon, 11 Sep 2023 06:31:55 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: toshiba-tsip.com, ip: 210.130.202.131, mailfrom: venkata.pyla@toshiba-tsip.com) Received: by mo-csw.securemx.jp (mx-mo-csw1120) id 38BDVqne3930806; Mon, 11 Sep 2023 22:31:52 +0900 X-Iguazu-Qid: 2rWgyA9ooqJgITHMAr X-Iguazu-QSIG: v=2; s=0; t=1694439112; q=2rWgyA9ooqJgITHMAr; m=6F7U3Er/e8a6R852hqBoxrOWLKy+SZrp3CgQQjBLfeY= Received: from imx12-a.toshiba.co.jp ([38.106.60.135]) by relay.securemx.jp (mx-mr1123) id 38BDVpOY3612992 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Mon, 11 Sep 2023 22:31:51 +0900 From: venkata.pyla@toshiba-tsip.com To: cip-dev@lists.cip-project.org, jan.kiszka@siemens.com Cc: venkata pyla , dinesh.kumar@toshiba-tsip.com, kazuhiro3.hayashi@toshiba.co.jp Subject: [isar-cip-core 5/5] scripts/repro-tests.sh: Add *wic.p0 image into reproducible tests Date: Mon, 11 Sep 2023 19:01:47 +0530 X-TSB-HOP2: ON Message-Id: <20230911133147.3164-6-venkata.pyla@toshiba-tsip.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20230911133147.3164-1-venkata.pyla@toshiba-tsip.com> References: <20230911133147.3164-1-venkata.pyla@toshiba-tsip.com> MIME-Version: 1.0 X-OriginalArrivalTime: 11 Sep 2023 13:31:47.0067 (UTC) FILETIME=[4FF25CB0:01D9E4B4] List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 11 Sep 2023 13:32:01 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/13023 From: venkata pyla BBB disk image contains raw partitions that creates as *.wic.p0, so add them to reproducible tests. Signed-off-by: venkata pyla --- scripts/repro-tests.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/repro-tests.sh b/scripts/repro-tests.sh index 2143058..127484f 100755 --- a/scripts/repro-tests.sh +++ b/scripts/repro-tests.sh @@ -74,6 +74,7 @@ fi # Define files in the artifacts for checking the reproducibility set -- \ + "${IMAGE_BASE}-${RELEASE}-${TARGET}.wic.p0" \ "${IMAGE_BASE}-${RELEASE}-${TARGET}.wic.p1" \ "${IMAGE_BASE}-${RELEASE}-${TARGET}.wic.p2" \ "${IMAGE_BASE}-${RELEASE}-${TARGET}.wic.p3" \ @@ -86,8 +87,8 @@ set -- \ res=0 for file in "$@"; do if [ -f "${artifacts1}/${file}" ] && [ -f "${artifacts2}/${file}" ]; then - label=$(blkid -s LABEL -o value ${artifacts1}/${file}) - fstype=$(blkid -s TYPE -o value ${artifacts1}/${file}) + label=$(blkid -s LABEL -o value ${artifacts1}/${file} || true) + fstype=$(blkid -s TYPE -o value ${artifacts1}/${file} || true) if $DIFFOSCOPE --text "${file}.diffoscope_output.txt" \ --html-dir diffoscope_output \ --html "${file}.diffoscope_output.html" \