@@ -358,6 +358,14 @@ alpine-3.18-gcc-debug:
variables:
CONTAINER: alpine:3.18
+alpine-3.18-gcc-livepatch:
+ extends: .gcc-x86-64-build
+ variables:
+ CONTAINER: alpine:3.18
+ LIVEPATCH: y
+ EXTRA_XEN_CONFIG: |
+ CONFIG_LIVEPATCH=y
+
debian-stretch-gcc-debug:
extends: .gcc-x86-64-build-debug
variables:
@@ -459,3 +459,11 @@ qemu-smoke-ppc64le-powernv9-gcc:
needs:
- qemu-system-ppc64-8.1.0-ppc64-export
- debian-bullseye-gcc-ppc64le-debug
+
+qemu-alpine-x86_64-gcc-livepatch:
+ extends: .qemu-x86-64
+ script:
+ - ./automation/scripts/qemu-alpine-x86_64-livepatch.sh 2>&1 | tee ${LOGFILE}
+ needs:
+ - *x86-64-test-needs
+ - alpine-3.18-gcc-livepatch
@@ -103,3 +103,16 @@ else
cp -r dist binaries/
if [[ -f xen/xen ]] ; then cp xen/xen binaries/xen; fi
fi
+
+if [[ "$LIVEPATCH" == "y" ]]; then
+ # Build a test livepatch using livepatch-build-tools.
+
+ BUILDID=$(readelf -Wn xen/xen-syms | sed -n -e 's/^.*Build ID: //p')
+
+ git clone https://xenbits.xen.org/git-http/livepatch-build-tools.git
+ cd livepatch-build-tools
+ make
+ ./livepatch-build -s ../ -p ../xen/test/livepatch/patches/test1.patch \
+ -o out -c ../xen/.config --depends $BUILDID --xen-depends $BUILDID
+ cp out/test1.livepatch ../binaries/test1.livepatch
+fi
new file mode 100755
@@ -0,0 +1,79 @@
+#!/bin/bash
+
+set -ex
+
+cd binaries
+# initrd.tar.gz is Dom0 rootfs
+mkdir -p rootfs
+cd rootfs
+tar xvzf ../initrd.tar.gz
+mkdir proc
+mkdir run
+mkdir srv
+mkdir sys
+rm var/run
+cp -ar ../dist/install/* .
+cp ../test1.livepatch ./root/
+cat << "EOF" >> etc/local.d/xen.start
+#!/bin/bash
+
+set -ex
+
+trap poweroff EXIT
+
+export LD_LIBRARY_PATH=/usr/local/lib
+
+result=`xen-livepatch test`
+if [ "$result" != "1" ]; then
+ echo "FAIL"
+ exit 1
+fi
+
+xen-livepatch load /root/test1.livepatch
+
+result=`xen-livepatch test`
+if [ "$result" != "2" ]; then
+ echo "FAIL"
+ exit 1
+fi
+
+xen-livepatch revert test1
+xen-livepatch unload test1
+
+result=`xen-livepatch test`
+if [ "$result" != "1" ]; then
+ echo "FAIL"
+ exit 1
+fi
+
+echo "SUCCESS"
+EOF
+chmod +x etc/local.d/xen.start
+echo "rc_verbose=yes" >> etc/rc.conf
+# rebuild Dom0 rootfs
+find . |cpio -H newc -o|gzip > ../xen-rootfs.cpio.gz
+cd ../..
+
+cat >> binaries/pxelinux.0 << EOF
+#!ipxe
+
+kernel xen console=com1 console_timestamps=boot
+module bzImage console=hvc0
+module xen-rootfs.cpio.gz
+boot
+EOF
+
+# Run the test
+rm -f smoke.serial
+timeout -k 1 360 \
+qemu-system-x86_64 \
+ -cpu qemu64,+svm \
+ -m 2G -smp 2 \
+ -monitor none -serial stdio \
+ -nographic \
+ -device virtio-net-pci,netdev=n0 \
+ -netdev user,id=n0,tftp=binaries,bootfile=/pxelinux.0 |& \
+ tee smoke.serial | sed 's/\r//'
+
+grep -q "SUCCESS" smoke.serial
+exit 0
Introduce a new gitlab tests for livepatching, using livepatch-build-tools, which better reflects how downstreams build live patches rather than the in-tree tests. The tests applies the dummy in-tree patch example, checks that the patch is applied correctly and then reverts and unloads it. Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> --- automation/gitlab-ci/build.yaml | 8 ++ automation/gitlab-ci/test.yaml | 8 ++ automation/scripts/build | 13 +++ .../scripts/qemu-alpine-x86_64-livepatch.sh | 79 +++++++++++++++++++ 4 files changed, 108 insertions(+) create mode 100755 automation/scripts/qemu-alpine-x86_64-livepatch.sh