1. Patchew
  2. Xen
  3. View series

[PATCH] CI: Create initrd fragments explicitly as root

Andrew Cooper posted 1 patch 4 days, 10 hours ago
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/20250909171527.1813097-1-andrew.cooper3@citrix.com
automation/scripts/build                          | 2 +-
automation/scripts/qemu-alpine-x86_64.sh          | 4 ++--
automation/scripts/qemu-smoke-dom0-arm32.sh       | 4 ++--
automation/scripts/qemu-smoke-dom0-arm64.sh       | 4 ++--
automation/scripts/qemu-smoke-dom0less-arm32.sh   | 2 +-
automation/scripts/qemu-smoke-dom0less-arm64.sh   | 4 ++--
automation/scripts/qubes-x86-64.sh                | 6 +++---
automation/scripts/xilinx-smoke-dom0-x86_64.sh    | 6 +++---
automation/scripts/xilinx-smoke-dom0less-arm64.sh | 4 ++--
9 files changed, 18 insertions(+), 18 deletions(-)
[PATCH] CI: Create initrd fragments explicitly as root
Posted by Andrew Cooper 4 days, 10 hours ago 
We have a mix of root and non-root containers, and are trying to become
rootless.  This can cause the local CPIO fragements to end up being user:user
in the test environment.

Nothing seems to go wrong so far, but it's a trap waiting to happen.

Make everything consistently root for the initrds, irrespective of the
rootness of the container the test is running in.

No practical change.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Anthony PERARD <anthony.perard@vates.tech>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>

Best reviewed with `git show --colour-words`

I'm intending to backport this all trees as part of the fixes for the root vs
rootless mismatch.
---
 automation/scripts/build                          | 2 +-
 automation/scripts/qemu-alpine-x86_64.sh          | 4 ++--
 automation/scripts/qemu-smoke-dom0-arm32.sh       | 4 ++--
 automation/scripts/qemu-smoke-dom0-arm64.sh       | 4 ++--
 automation/scripts/qemu-smoke-dom0less-arm32.sh   | 2 +-
 automation/scripts/qemu-smoke-dom0less-arm64.sh   | 4 ++--
 automation/scripts/qubes-x86-64.sh                | 6 +++---
 automation/scripts/xilinx-smoke-dom0-x86_64.sh    | 6 +++---
 automation/scripts/xilinx-smoke-dom0less-arm64.sh | 4 ++--
 9 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/automation/scripts/build b/automation/scripts/build
index 0e7494ff6d87..d0511843e7ea 100755
--- a/automation/scripts/build
+++ b/automation/scripts/build
@@ -108,6 +108,6 @@ else
     # Note: Some smoke tests depending on finding binaries/xen on a full build
     # even though dist/ contains everything, while some containers don't even
     # build Xen
-    (cd dist/install; find | cpio -o -H newc | gzip) > binaries/xen-tools.cpio.gz
+    (cd dist/install; find | cpio -R 0:0 -o -H newc | gzip) > binaries/xen-tools.cpio.gz
     collect_xen_artefacts
 fi
diff --git a/automation/scripts/qemu-alpine-x86_64.sh b/automation/scripts/qemu-alpine-x86_64.sh
index c4666b9507dc..242ffca693fe 100755
--- a/automation/scripts/qemu-alpine-x86_64.sh
+++ b/automation/scripts/qemu-alpine-x86_64.sh
@@ -25,7 +25,7 @@ mount -t devtmpfs devtmpfs /dev
 chmod +x initrd/init
 # DomU rootfs
 cd initrd
-find . | cpio -H newc -o | gzip > ../domU-rootfs.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip > ../domU-rootfs.cpio.gz
 cd ..
 
 # Dom0 rootfs
@@ -57,7 +57,7 @@ xl -vvv create -c /root/domU.cfg
 
 " > etc/local.d/xen.start
 chmod +x etc/local.d/xen.start
-find . | cpio -H newc -o | gzip >> ../dom0-rootfs.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip >> ../dom0-rootfs.cpio.gz
 cd ../..
 
 cat >> binaries/pxelinux.0 << EOF
diff --git a/automation/scripts/qemu-smoke-dom0-arm32.sh b/automation/scripts/qemu-smoke-dom0-arm32.sh
index 36c47daa4212..58797f7d30d3 100755
--- a/automation/scripts/qemu-smoke-dom0-arm32.sh
+++ b/automation/scripts/qemu-smoke-dom0-arm32.sh
@@ -30,13 +30,13 @@ curl --fail --silent --show-error --location --output initrd.tar.gz https://dl-c
 mkdir rootfs
 cd rootfs
 tar xvzf ../initrd.tar.gz
-find . | cpio -H newc -o | gzip > ../root/initrd.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip > ../root/initrd.cpio.gz
 cd ..
 rm -rf rootfs
 rm initrd.tar.gz
 
 cp ../zImage ./root
-find . | cpio -H newc -o | gzip > ../initrd.gz
+find . | cpio -R 0:0 -H newc -o | gzip > ../initrd.gz
 cd ..
 
 # XXX QEMU looks for "efi-virtio.rom" even if it is unneeded
diff --git a/automation/scripts/qemu-smoke-dom0-arm64.sh b/automation/scripts/qemu-smoke-dom0-arm64.sh
index ee682015a061..05962bdc0203 100755
--- a/automation/scripts/qemu-smoke-dom0-arm64.sh
+++ b/automation/scripts/qemu-smoke-dom0-arm64.sh
@@ -24,7 +24,7 @@ mount -t devtmpfs devtmpfs /dev
 /bin/sh" > initrd/init
 chmod +x initrd/init
 cd initrd
-find . | cpio -H newc -o | gzip > ../domU-rootfs.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip > ../domU-rootfs.cpio.gz
 cd ..
 
 # Dom0 rootfs
@@ -54,7 +54,7 @@ xl -vvv create -c /root/domU.cfg
 
 " > etc/local.d/xen.start
 chmod +x etc/local.d/xen.start
-find . | cpio -H newc -o | gzip >> ../dom0-rootfs.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip >> ../dom0-rootfs.cpio.gz
 cd ../..
 
 # XXX QEMU looks for "efi-virtio.rom" even if it is unneeded
diff --git a/automation/scripts/qemu-smoke-dom0less-arm32.sh b/automation/scripts/qemu-smoke-dom0less-arm32.sh
index e27636dc9e8f..627d890a3926 100755
--- a/automation/scripts/qemu-smoke-dom0less-arm32.sh
+++ b/automation/scripts/qemu-smoke-dom0less-arm32.sh
@@ -75,7 +75,7 @@ mount -t devtmpfs devtmpfs /dev
 ${domU_check}
 /bin/sh" > init
 chmod +x init
-find . | cpio -H newc -o | gzip > ../initrd.gz
+find . | cpio -R 0:0 -H newc -o | gzip > ../initrd.gz
 cd ..
 
 # XXX QEMU looks for "efi-virtio.rom" even if it is unneeded
diff --git a/automation/scripts/qemu-smoke-dom0less-arm64.sh b/automation/scripts/qemu-smoke-dom0less-arm64.sh
index e660485f3a41..05c4a6acbb59 100755
--- a/automation/scripts/qemu-smoke-dom0less-arm64.sh
+++ b/automation/scripts/qemu-smoke-dom0less-arm64.sh
@@ -111,7 +111,7 @@ ${domU_check}
 /bin/sh" > initrd/init
 chmod +x initrd/init
 cd initrd
-find . | cpio --create --format='newc' | gzip > ../binaries/initrd
+find . | cpio -R 0:0 -o -H newc | gzip > ../binaries/initrd
 cd ..
 
 # Dom0 rootfs
@@ -139,7 +139,7 @@ xl network-attach 1 type=vif
 ${dom0_check}
 " > etc/local.d/xen.start
 chmod +x etc/local.d/xen.start
-find . | cpio -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz
 cd ..
 
 # ImageBuilder
diff --git a/automation/scripts/qubes-x86-64.sh b/automation/scripts/qubes-x86-64.sh
index bd939dc94894..7a59fa5f1116 100755
--- a/automation/scripts/qubes-x86-64.sh
+++ b/automation/scripts/qubes-x86-64.sh
@@ -184,7 +184,7 @@ ${domU_check}
 Kernel \r on an \m (\l)
 
 " > etc/issue
-    find . | cpio -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz
+    find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz
     cd ..
     rm -rf rootfs
 
@@ -193,7 +193,7 @@ Kernel \r on an \m (\l)
     cd rootfs
     cp ../binaries/bzImage boot/vmlinuz-domU
     cp ../binaries/domU-rootfs.cpio.gz boot/initrd-domU
-    find . | cpio -H newc -o > ../binaries/domU-in-dom0.cpio
+    find . | cpio -R 0:0 -H newc -o > ../binaries/domU-in-dom0.cpio
     cd ..
     rm -rf rootfs
 
@@ -252,7 +252,7 @@ mkdir -p etc/default
 echo "XENCONSOLED_TRACE=all" >> etc/default/xencommons
 echo "QEMU_XEN=/bin/false" >> etc/default/xencommons
 mkdir -p var/log/xen/console
-find . | cpio -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz
 cd ..
 
 
diff --git a/automation/scripts/xilinx-smoke-dom0-x86_64.sh b/automation/scripts/xilinx-smoke-dom0-x86_64.sh
index 96f534f3aaa7..5379738019a7 100755
--- a/automation/scripts/xilinx-smoke-dom0-x86_64.sh
+++ b/automation/scripts/xilinx-smoke-dom0-x86_64.sh
@@ -102,7 +102,7 @@ echo "domU Welcome to Alpine Linux
 Kernel \r on an \m (\l)
 
 " > etc/issue
-find . | cpio -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz
 cd ..
 rm -rf rootfs
 
@@ -111,7 +111,7 @@ mkdir -p rootfs/boot
 cd rootfs
 cp ../binaries/bzImage boot/vmlinuz-domU
 cp ../binaries/domU-rootfs.cpio.gz boot/initrd-domU
-find . | cpio -H newc -o > ../binaries/domU-in-dom0.cpio
+find . | cpio -R 0:0 -H newc -o > ../binaries/domU-in-dom0.cpio
 cd ..
 rm -rf rootfs
 
@@ -141,7 +141,7 @@ echo "${DOMU_CFG}${DOMU_CFG_EXTRA}" > etc/xen/domU.cfg
 echo "XENCONSOLED_TRACE=all" >> etc/default/xencommons
 echo "QEMU_XEN=/bin/false" >> etc/default/xencommons
 mkdir -p var/log/xen/console
-find . | cpio -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz
 cd ..
 
 # Load software into TFTP server directory.
diff --git a/automation/scripts/xilinx-smoke-dom0less-arm64.sh b/automation/scripts/xilinx-smoke-dom0less-arm64.sh
index a6da7a830c35..61d6c686f745 100755
--- a/automation/scripts/xilinx-smoke-dom0less-arm64.sh
+++ b/automation/scripts/xilinx-smoke-dom0less-arm64.sh
@@ -50,7 +50,7 @@ echo "#!/bin/sh
 ${domU_check}
 /bin/sh" > etc/local.d/xen.start
 chmod +x etc/local.d/xen.start
-find . | cpio -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz
 cd ..
 rm -rf rootfs
 
@@ -71,7 +71,7 @@ bash /etc/init.d/xencommons start
 ${dom0_check}
 " > etc/local.d/xen.start
 chmod +x etc/local.d/xen.start
-find . | cpio -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz
+find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz
 cd ..
 
 

base-commit: 2275bf83a1db579661b27fc4b310a7d92594dbc0
-- 
2.39.5
Re: [PATCH] CI: Create initrd fragments explicitly as root
Posted by dmukhin@xen.org 4 days, 8 hours ago 
On Tue, Sep 09, 2025 at 06:15:27PM +0100, Andrew Cooper wrote:
> We have a mix of root and non-root containers, and are trying to become
> rootless.  This can cause the local CPIO fragements to end up being user:user
> in the test environment.
> 
> Nothing seems to go wrong so far, but it's a trap waiting to happen.
> 
> Make everything consistently root for the initrds, irrespective of the
> rootness of the container the test is running in.
> 
> No practical change.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>


Reviewed-by: Denis Mukhin <dmukhin@ford.com>
Re: [PATCH] CI: Create initrd fragments explicitly as root
Posted by Stefano Stabellini 4 days, 3 hours ago 
On Tue, 9 Sep 2025, dmukhin@xen.org wrote:
> On Tue, Sep 09, 2025 at 06:15:27PM +0100, Andrew Cooper wrote:
> > We have a mix of root and non-root containers, and are trying to become
> > rootless.  This can cause the local CPIO fragements to end up being user:user
> > in the test environment.
> > 
> > Nothing seems to go wrong so far, but it's a trap waiting to happen.
> > 
> > Make everything consistently root for the initrds, irrespective of the
> > rootness of the container the test is running in.
> > 
> > No practical change.
> > 
> > Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> 
> 
> Reviewed-by: Denis Mukhin <dmukhin@ford.com> 

Acked-by: Stefano Stabellini <sstabellini@kernel.org>

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.