boot2

lib-pipeline.sh (11221B)

---

 # lib-pipeline.sh — driver-agnostic DSL for boot stage pipelines.
 #
 # A bootN.sh's "wiring" is a sequence of file→file program invocations
 # in a flat namespace. This library exposes that as four primitives so
 # the same wiring can run under different transports:
 #
 #     podman — accumulate stages into one /work/run.sh, run once in a
 #              container against $IMAGE / $PLATFORM (env-set by caller).
 #     seed   — run each stage as one qemu boot of seed-kernel via
 #              tier1-gate.sh's pattern (cpio /init + in/<inputs> on
 #              virtio-blk hd0, output dumped to virtio-blk hd1 as SEEDFS,
 #              extract). aarch64 only.
 #
 # Both drivers respect the `in/`+`out/` convention: inputs read from
 # `in/<name>`, outputs written to `out/<name>`. The stage primitive
 # rewrites argv tokens that match input/output names with the
 # appropriate prefix; bare flag/literal tokens pass through untouched.
 #
 # DSL (source as `. boot/lib-pipeline.sh`):
 #
 #     pipeline_init <staging-dir> <out-dir> <driver>
 #     pipeline_input <name> <host-path>           # repeatable
 #     pipeline_input_from_src <subpath> [<name>]  # from build/$ARCH/src/src/
 #     stage <bin> <argv...> -- <inputs...> -- <outputs...>
 #     pipeline_export <name>...                   # one or more
 #     pipeline_run
 #
 # `stage` semantics: invoke `<bin>` with argv=[<bin>, <argv1>, ...]; the
 # stage reads the listed input names and produces the listed output
 # names. <bin> is also a name in the flat namespace — typically a
 # pipeline_input, but may be the output of an earlier stage.
 #
 # Required env for podman driver: PLATFORM, IMAGE.
 # Required env for seed driver:   KERNEL_IMAGE, EXTRACT.
 
 P_DRIVER=
 P_STAGE_DIR=
 P_OUT_DIR=
 P_SCRIPT=
 P_IDX=0
 P_EXPORTS=
 P_INPUT_NAMES=
 P_PRODUCED_NAMES=
 
 pipeline_init() {
     P_STAGE_DIR=$1; P_OUT_DIR=$2; P_DRIVER=$3
     rm -rf "$P_STAGE_DIR"
     mkdir -p "$P_STAGE_DIR/in" "$P_STAGE_DIR/out" "$P_OUT_DIR"
     P_IDX=0
     P_EXPORTS=
     P_INPUT_NAMES=
     P_PRODUCED_NAMES=
     case "$P_DRIVER" in
       podman)
         P_SCRIPT=$P_STAGE_DIR/run.sh
         {
             echo '#!/bin/sh'
             echo 'set -eu'
             # Stage everything in /tmp (RAM tmpfs) — the seed-stage tools
             # do one syscall per byte, virtiofs round-trips would dominate.
             # Mirror the in/ + out/ split so argv references resolve.
             echo 'mkdir -p /tmp/in /tmp/out'
             echo 'cp /work/in/* /tmp/in/'
             echo 'cd /tmp'
         } > "$P_SCRIPT"
         ;;
       seed)
         mkdir -p "$P_STAGE_DIR/work"
         : "${KERNEL_IMAGE:?lib-pipeline:seed: KERNEL_IMAGE not set}"
         : "${EXTRACT:?lib-pipeline:seed: EXTRACT not set}"
         ;;
       *)
         echo "lib-pipeline: unknown driver '$P_DRIVER'" >&2; exit 2 ;;
     esac
 }
 
 pipeline_input() {
     name=$1; src=$2
     cp "$src" "$P_STAGE_DIR/in/$name"
     if [ "$P_DRIVER" = "seed" ]; then
         cp "$src" "$P_STAGE_DIR/work/$name"
     fi
     P_INPUT_NAMES="$P_INPUT_NAMES $name"
 }
 
 # pipeline_input_from_src <subpath> [<name>]
 #   Pull a file from the canonical generated source tree at
 #   build/$ARCH/src/src/<subpath>. Stages it under in/<name>;
 #   <name> defaults to basename(subpath). For the rare `bin/` case
 #   (the seed hex0-seed binary), call pipeline_input directly with
 #   build/$ARCH/src/bin/<file>.
 pipeline_input_from_src() {
     _subpath=$1; _name=${2:-}
     [ -n "$_name" ] || _name=$(basename "$_subpath")
     pipeline_input "$_name" "build/$ARCH/src/src/$_subpath"
 }
 
 # Look up a token: if it names an input, prefix `in/`; if it names a
 # previously produced output, prefix `out/`; else leave unchanged.
 _p_lookup() {
     tok=$1
     for n in $P_IN;  do [ "$tok" = "$n" ] && { echo "in/$tok";  return; }; done
     for n in $P_OUT; do [ "$tok" = "$n" ] && { echo "out/$tok"; return; }; done
     echo "$tok"
 }
 
 # Resolve where the bin binary lives: in/ if it's a pipeline_input, out/
 # if a prior stage produced it. Stages with the same name as both an
 # input and a produced output use the produced one.
 _p_bin_path() {
     b=$1
     for n in $P_PRODUCED_NAMES; do [ "$b" = "$n" ] && { echo "out/$b"; return; }; done
     for n in $P_INPUT_NAMES;    do [ "$b" = "$n" ] && { echo "in/$b";  return; }; done
     echo "$b"
 }
 
 # stage <bin> <argv...> -- <inputs...> -- <outputs...>
 #
 # The explicit input/output lists look redundant — most names already
 # appear in <argv...> — but they are not. argv positions are tool-
 # specific: a token like `M0.combined.hex2` is an output of one stage
 # (catm produces it) and an input of the next (hex2 reads it). The
 # framework cannot tell which from the token alone, so each stage
 # declares both lists. Don't try to "simplify" by inferring from argv.
 stage() {
     bin=$1; shift
     P_HEAD_RAW=""; P_IN=""; P_OUT=""; _s=head
     while [ $# -gt 0 ]; do
         if [ "$1" = "--" ]; then
             case "$_s" in
                 head) _s=in ;;
                 in)   _s=out ;;
                 *)    echo "lib-pipeline: too many --" >&2; exit 2 ;;
             esac
             shift; continue
         fi
         case "$_s" in
             head) P_HEAD_RAW="$P_HEAD_RAW $1" ;;
             in)   P_IN="$P_IN $1" ;;
             out)  P_OUT="$P_OUT $1" ;;
         esac
         shift
     done
     [ "$_s" = "out" ] || { echo "lib-pipeline: stage needs '<bin> argv... -- inputs... -- outputs...'" >&2; exit 2; }
 
     # Rewrite head tokens with in/ or out/ prefixes.
     P_HEAD=""
     for tok in $P_HEAD_RAW; do
         P_HEAD="$P_HEAD $(_p_lookup "$tok")"
     done
     P_BIN_PATH=$(_p_bin_path "$bin")
 
     P_IDX=$((P_IDX + 1))
     case "$P_DRIVER" in
       podman) _stage_podman ;;
       seed)   _stage_seed ;;
     esac
 
     # Track produced names so later stages can locate the binary if a
     # subsequent `stage` uses one of these as its bin.
     for o in $P_OUT; do P_PRODUCED_NAMES="$P_PRODUCED_NAMES $o"; done
 }
 
 _stage_podman() {
     {
         echo "# stage $P_IDX: $bin$P_HEAD"
         echo "chmod +x ./$P_BIN_PATH"
         echo "./$P_BIN_PATH$P_HEAD"
         # Mirror this stage's outputs back into in/ so a later stage that
         # declares one of them as an input finds it under in/<name>.
         # (The seed driver does this naturally via its per-stage cpio.)
         for o in $P_OUT; do
             echo "cp -f out/$o in/$o"
         done
     } >> "$P_SCRIPT"
 }
 
 _stage_seed() {
     cpio_dir=$P_STAGE_DIR/s$(printf '%02d' "$P_IDX")
     rm -rf "$cpio_dir"; mkdir -p "$cpio_dir/cpio/in"
     cp "$P_STAGE_DIR/work/$bin" "$cpio_dir/cpio/init"
     chmod +x "$cpio_dir/cpio/init"
     NAMES="init"
     for inp in $P_IN; do
         cp "$P_STAGE_DIR/work/$inp" "$cpio_dir/cpio/in/$inp"
         NAMES="$NAMES
 in/$inp"
     done
     ( cd "$cpio_dir/cpio" && printf '%s\n' "$NAMES" | cpio -o -H newc 2>/dev/null ) > "$cpio_dir/initramfs.cpio"
     sz=$(wc -c < "$cpio_dir/initramfs.cpio")
     pad=$(( (512 - sz % 512) % 512 ))
     if [ "$pad" -gt 0 ]; then
         head -c "$pad" /dev/zero >> "$cpio_dir/initramfs.cpio"
     fi
     mv "$cpio_dir/initramfs.cpio" "$cpio_dir/in.img"
     truncate -s 256M "$cpio_dir/out.img"
 
     APPEND="$bin$P_HEAD"
     TRANSCRIPT=$cpio_dir/transcript.txt
     echo "[lib-pipeline:seed] stage $P_IDX:$P_HEAD  (bin=$bin)" >&2
     seed_arch=${SEED_ARCH:-aarch64}
     case "$seed_arch" in
         aarch64)
             qemu-system-aarch64 \
                 -machine virt,gic-version=3,accel=hvf -cpu host -m 2048M \
                 -nographic -no-reboot \
                 -global virtio-mmio.force-legacy=false \
                 -kernel "$KERNEL_IMAGE" \
                 -drive file="$cpio_dir/in.img",if=none,format=raw,id=hd0,readonly=on \
                 -device virtio-blk-device,drive=hd0 \
                 -drive file="$cpio_dir/out.img",if=none,format=raw,id=hd1 \
                 -device virtio-blk-device,drive=hd1 \
                 -append "$APPEND" \
                 > "$TRANSCRIPT" 2>&1 &
             ;;
         riscv64)
             qemu-system-riscv64 \
                 -machine virt -m 2048M \
                 -nographic -no-reboot \
                 -global virtio-mmio.force-legacy=false \
                 -kernel "$KERNEL_IMAGE" \
                 -drive file="$cpio_dir/in.img",if=none,format=raw,id=hd0,readonly=on \
                 -device virtio-blk-device,drive=hd0 \
                 -drive file="$cpio_dir/out.img",if=none,format=raw,id=hd1 \
                 -device virtio-blk-device,drive=hd1 \
                 -append "$APPEND" \
                 > "$TRANSCRIPT" 2>&1 &
             ;;
         amd64)
             qemu-system-x86_64 \
                 -machine microvm,acpi=off,pic=off,pit=off,rtc=off,isa-serial=on,auto-kernel-cmdline=off \
                 -cpu max -m 2048M \
                 -nodefaults -display none -serial stdio -no-reboot \
                 -global virtio-mmio.force-legacy=false \
                 -device isa-debug-exit,iobase=0x501,iosize=2 \
                 -kernel "$KERNEL_IMAGE" \
                 -drive file="$cpio_dir/in.img",if=none,format=raw,id=hd0,readonly=on \
                 -device virtio-blk-device,drive=hd0 \
                 -drive file="$cpio_dir/out.img",if=none,format=raw,id=hd1 \
                 -device virtio-blk-device,drive=hd1 \
                 -append "$APPEND" \
                 > "$TRANSCRIPT" 2>&1 &
             ;;
         *) echo "[lib-pipeline:seed] unsupported SEED_ARCH=$seed_arch" >&2; exit 2 ;;
     esac
     QPID=$!
     ( sleep 240; kill -9 $QPID 2>/dev/null ) </dev/null >/dev/null 2>&1 &
     WATCHER=$!
     disown $WATCHER 2>/dev/null || true
     wait $QPID 2>/dev/null || true
     kill $WATCHER 2>/dev/null || true
 
     mkdir -p "$cpio_dir/dump"
     if ! "$EXTRACT" "$cpio_dir/dump" "$cpio_dir/out.img" >/dev/null 2>&1; then
         echo "[lib-pipeline:seed] FAIL stage $P_IDX (bin=$bin): extract-blk failed" >&2
         tail -40 "$TRANSCRIPT" >&2
         exit 3
     fi
 
     for o in $P_OUT; do
         if [ ! -f "$cpio_dir/dump/$o" ]; then
             echo "[lib-pipeline:seed] FAIL stage $P_IDX: missing output '$o'" >&2
             ls "$cpio_dir/dump" >&2 || true
             exit 3
         fi
         cp "$cpio_dir/dump/$o" "$P_STAGE_DIR/work/$o"
     done
 }
 
 pipeline_export() {
     for _n in "$@"; do P_EXPORTS="$P_EXPORTS $_n"; done
 }
 
 pipeline_run() {
     case "$P_DRIVER" in
       podman) _run_podman ;;
       seed)   : ;;
     esac
     for n in $P_EXPORTS; do
         case "$P_DRIVER" in
           podman) cp "$P_STAGE_DIR/out/$n" "$P_OUT_DIR/$n" ;;
           seed)   cp "$P_STAGE_DIR/work/$n" "$P_OUT_DIR/$n" ;;
         esac
         chmod 0700 "$P_OUT_DIR/$n"
     done
 }
 
 _run_podman() {
     : "${PLATFORM:?lib-pipeline:podman: PLATFORM not set}"
     : "${IMAGE:?lib-pipeline:podman: IMAGE not set}"
     if [ -n "$P_EXPORTS" ]; then
         cmd="cp"
         for n in $P_EXPORTS; do cmd="$cmd out/$n"; done
         cmd="$cmd /work/out/"
         echo "$cmd" >> "$P_SCRIPT"
     fi
     chmod +x "$P_SCRIPT"
     SDIR=$(cd "$P_STAGE_DIR" && pwd)
     podman run --rm -i --pull=never --platform "$PLATFORM" \
         --tmpfs /tmp:size=512M \
         -v "$SDIR/run.sh:/work/run.sh:ro" \
         -v "$SDIR/in:/work/in:ro" \
         -v "$SDIR/out:/work/out:rw" \
         -w /work "$IMAGE" \
         sh -eu /work/run.sh
 }