boot2

lib-runscm.sh (9873B)

---

 # lib-runscm.sh — driver-agnostic harness for run.scm-driven stages.
 #
 # Boot3/4/5 each drive a per-stage pipeline by invoking scheme1 against a
 # host-generated run.scm. Two transports:
 #   DRIVER=podman → bind-mount in/ ro and out/ rw under /work in a
 #                   scratch+busybox container, exec in/scheme1
 #                   in/combined.scm with cwd=/work.
 #   DRIVER=seed   → pack the staging dir into a cpio on a virtio-blk read-
 #                   only disk (init at cpio root + in/ subtree), boot the
 #                   seed kernel with init=init and combined.scm, recover
 #                   outputs via the SEEDFS dump on a second virtio-blk
 #                   disk. The host extractor filters to out/-prefixed
 #                   entries, strips the prefix, writes to $STAGE/out/.
 #
 # Both drivers see the same flat namespace; run.scm uses explicit
 # in/<name> for reads and out/<name> for writes.
 #
 # DSL (source as `. boot/lib-runscm.sh`):
 #
 #     runscm_init <staging-dir> <out-dir>
 #     runscm_scheme1 <path>                       # init=scheme1 (boot2)
 #     runscm_prelude <path>                       # scheme1/prelude.scm
 #     runscm_runscm  <path>                       # driver script (run.scm)
 #     runscm_input   <name> <host-path>           # repeatable; staged at in/<name>
 #     runscm_input_tree <prefix> <src-root>       # repeatable; tree under in/<prefix>
 #     runscm_export  <name>...                    # one or more output names
 #     runscm_run     [timeout-s]                  # default 600s
 #
 # Required env per driver:
 #   podman: IMAGE, PLATFORM
 #   seed:   KERNEL_IMAGE, EXTRACT, optional QEMU_MEM (default 2048M)
 #   both:   DRIVER=podman|seed
 
 S_STAGE_DIR=
 S_OUT_DIR=
 S_SCHEME1=
 S_PRELUDE=
 S_RUNSCM=
 S_EXPORTS=
 
 runscm_init() {
     S_STAGE_DIR=$1; S_OUT_DIR=$2
     rm -rf "$S_STAGE_DIR"
     mkdir -p "$S_STAGE_DIR/in" "$S_STAGE_DIR/out" "$S_OUT_DIR"
     S_SCHEME1=; S_PRELUDE=; S_RUNSCM=
     S_EXPORTS=
 }
 
 runscm_scheme1() { S_SCHEME1=$1; }
 runscm_prelude() { S_PRELUDE=$1; }
 runscm_runscm()  { S_RUNSCM=$1; }
 
 runscm_input() {
     name=$1; src=$2
     case "$name" in
         */*) mkdir -p "$S_STAGE_DIR/in/$(dirname "$name")" ;;
     esac
     cp "$src" "$S_STAGE_DIR/in/$name"
 }
 
 # Stage every regular file under <src-root> into in/<prefix>/...,
 # preserving the relative directory tree.
 runscm_input_tree() {
     prefix=$1; src_root=$2
     [ -d "$src_root" ] || { echo "runscm: input_tree: $src_root not a dir" >&2; exit 2; }
     ( cd "$src_root" && find . -type f ) | sed 's|^\./||' | sort | while read -r rel; do
         [ -n "$rel" ] || continue
         mkdir -p "$S_STAGE_DIR/in/$prefix/$(dirname "$rel")"
         cp "$src_root/$rel" "$S_STAGE_DIR/in/$prefix/$rel"
     done
 }
 
 # runscm_input_from_src <subpath> [<name>]
 #   Pull a file from the canonical generated source tree at
 #   build/$ARCH/src/src/<subpath>. Stages it under in/<name>;
 #   <name> defaults to basename(subpath). For the rare `bin/` case,
 #   call runscm_input directly with build/$ARCH/src/bin/<file>.
 runscm_input_from_src() {
     _subpath=$1; _name=${2:-}
     [ -n "$_name" ] || _name=$(basename "$_subpath")
     runscm_input "$_name" "build/$ARCH/src/src/$_subpath"
 }
 
 # runscm_input_tree_from_src <prefix> <subpath>
 #   Same as runscm_input_tree, but the source root is
 #   build/$ARCH/src/src/<subpath>.
 runscm_input_tree_from_src() {
     _prefix=$1; _subpath=$2
     runscm_input_tree "$_prefix" "build/$ARCH/src/src/$_subpath"
 }
 
 runscm_export() {
     for _n in "$@"; do S_EXPORTS="$S_EXPORTS $_n"; done
 }
 
 runscm_run() {
     timeout=${1:-600}
     [ -n "$S_SCHEME1" ] || { echo "runscm: scheme1 not set" >&2; exit 2; }
     [ -n "$S_PRELUDE" ] || { echo "runscm: prelude not set" >&2; exit 2; }
     [ -n "$S_RUNSCM"  ] || { echo "runscm: run.scm not set" >&2; exit 2; }
     cp "$S_SCHEME1" "$S_STAGE_DIR/in/scheme1"
     chmod +x "$S_STAGE_DIR/in/scheme1"
     cat "$S_PRELUDE" "$S_RUNSCM" > "$S_STAGE_DIR/in/combined.scm"
     # Top-level reference copy of run.scm for human inspection.
     cp "$S_RUNSCM" "$S_STAGE_DIR/run.scm"
 
     case "${DRIVER:-podman}" in
         podman) _runscm_run_podman "$timeout" ;;
         seed)   _runscm_run_seed   "$timeout" ;;
         *) echo "runscm: unknown DRIVER=$DRIVER (expected podman|seed)" >&2; exit 2 ;;
     esac
 
     for n in $S_EXPORTS; do
         if [ ! -f "$S_STAGE_DIR/out/$n" ]; then
             echo "[runscm/$DRIVER] FAIL: missing output '$n'" >&2
             ls "$S_STAGE_DIR/out" >&2 || true
             exit 5
         fi
         cp "$S_STAGE_DIR/out/$n" "$S_OUT_DIR/$n"
         chmod 0700 "$S_OUT_DIR/$n"
     done
 }
 
 # Podman: bind-mount in/ ro and out/ rw under /work; exec in/scheme1.
 # Outputs land in $S_STAGE_DIR/out/ directly via the rw bind mount.
 _runscm_run_podman() {
     : "${IMAGE:?lib-runscm: IMAGE not set}"
     : "${PLATFORM:?lib-runscm: PLATFORM not set}"
     in_abs=$(cd "$S_STAGE_DIR/in"  && pwd)
     out_abs=$(cd "$S_STAGE_DIR/out" && pwd)
     echo "[runscm/podman] scheme1 combined.scm under $IMAGE" >&2
     podman run --rm -i --pull=never --platform "$PLATFORM" \
         -v "$in_abs:/work/in:ro" \
         -v "$out_abs:/work/out:rw" \
         -w /work "$IMAGE" \
         in/scheme1 in/combined.scm
 }
 
 # Seed: pack cpio with `init` at the root and the in/ subtree under it;
 # boot kernel with init=init combined.scm; recover outputs from the
 # SEEDFS dump on hd1; extract filters out/-prefixed entries directly
 # into $S_STAGE_DIR/out/.
 _runscm_run_seed() {
     timeout=$1
     : "${KERNEL_IMAGE:?lib-runscm: KERNEL_IMAGE not set}"
     : "${EXTRACT:?lib-runscm: EXTRACT not set}"
     mem=${QEMU_MEM:-2048M}
     cp "$S_STAGE_DIR/in/scheme1" "$S_STAGE_DIR/init"
     chmod +x "$S_STAGE_DIR/init"
     ( cd "$S_STAGE_DIR" && { echo init; find in -type f; } | sort -u | cpio -o -H newc 2>/dev/null ) \
         > "$S_STAGE_DIR/initramfs.cpio"
     sz=$(wc -c < "$S_STAGE_DIR/initramfs.cpio")
     pad=$(( (512 - sz % 512) % 512 ))
     if [ "$pad" -gt 0 ]; then
         head -c "$pad" /dev/zero >> "$S_STAGE_DIR/initramfs.cpio"
     fi
     mv "$S_STAGE_DIR/initramfs.cpio" "$S_STAGE_DIR/in.img"
     truncate -s 256M "$S_STAGE_DIR/out.img"
 
     TRANSCRIPT=$S_STAGE_DIR/transcript.txt
     echo "[runscm/seed] booting scheme1 + run.scm (timeout ${timeout}s)" >&2
     seed_arch=${SEED_ARCH:-aarch64}
     case "$seed_arch" in
         aarch64)
             qemu-system-aarch64 \
                 -machine virt,gic-version=3,accel=hvf -cpu host -m "$mem" \
                 -nographic -no-reboot \
                 -global virtio-mmio.force-legacy=false \
                 -kernel "$KERNEL_IMAGE" \
                 -drive file="$S_STAGE_DIR/in.img",if=none,format=raw,id=hd0,readonly=on \
                 -device virtio-blk-device,drive=hd0 \
                 -drive file="$S_STAGE_DIR/out.img",if=none,format=raw,id=hd1 \
                 -device virtio-blk-device,drive=hd1 \
                 -append "init in/combined.scm" \
                 > "$TRANSCRIPT" 2>&1 &
             ;;
         riscv64)
             # No hvf accel on Apple Silicon for riscv64 — TCG only.
             qemu-system-riscv64 \
                 -machine virt -m "$mem" \
                 -nographic -no-reboot \
                 -global virtio-mmio.force-legacy=false \
                 -kernel "$KERNEL_IMAGE" \
                 -drive file="$S_STAGE_DIR/in.img",if=none,format=raw,id=hd0,readonly=on \
                 -device virtio-blk-device,drive=hd0 \
                 -drive file="$S_STAGE_DIR/out.img",if=none,format=raw,id=hd1 \
                 -device virtio-blk-device,drive=hd1 \
                 -append "init in/combined.scm" \
                 > "$TRANSCRIPT" 2>&1 &
             ;;
         amd64)
             # microvm + isa-debug-exit mirrors seed-kernel/run.sh: the
             # kernel writes to port 0x501 on user exit_group(0) so QEMU
             # exits cleanly (no `-no-reboot` triple-fault gymnastics).
             qemu-system-x86_64 \
                 -machine microvm,acpi=off,pic=off,pit=off,rtc=off,isa-serial=on,auto-kernel-cmdline=off \
                 -cpu max -m "$mem" \
                 -nodefaults -display none -serial stdio -no-reboot \
                 -global virtio-mmio.force-legacy=false \
                 -device isa-debug-exit,iobase=0x501,iosize=2 \
                 -kernel "$KERNEL_IMAGE" \
                 -drive file="$S_STAGE_DIR/in.img",if=none,format=raw,id=hd0,readonly=on \
                 -device virtio-blk-device,drive=hd0 \
                 -drive file="$S_STAGE_DIR/out.img",if=none,format=raw,id=hd1 \
                 -device virtio-blk-device,drive=hd1 \
                 -append "init in/combined.scm" \
                 > "$TRANSCRIPT" 2>&1 &
             ;;
         *)
             echo "[runscm/seed] unsupported SEED_ARCH=$seed_arch" >&2
             exit 2
             ;;
     esac
     QPID=$!
     ( sleep "$timeout"; kill -9 $QPID 2>/dev/null ) </dev/null >/dev/null 2>&1 &
     WATCHER=$!
     # `disown` removes the watcher from the shell's job table so that
     # killing it on the happy path doesn't trigger bash's
     # "Terminated: 15  PID  ( sleep … )" job-status message — that
     # message looks like a real failure but is just a noisy SIGTERM
     # notification fired when qemu exited normally before the watcher's
     # sleep elapsed.
     disown $WATCHER 2>/dev/null || true
     wait $QPID 2>/dev/null || true
     kill $WATCHER 2>/dev/null || true
 
     if ! "$EXTRACT" "$S_STAGE_DIR/out" "$S_STAGE_DIR/out.img" >/dev/null 2>&1; then
         echo "[runscm/seed] FAIL: extract-blk failed (kernel didn't reach exit?)" >&2
         tail -40 "$TRANSCRIPT" >&2
         exit 3
     fi
     EXIT_LINE=$(grep -E "user exit_group" "$TRANSCRIPT" | tail -1 || true)
     case "$EXIT_LINE" in
       *"exit_group(0)"*) : ;;
       *) echo "[runscm/seed] FAIL: driver did not exit 0: $EXIT_LINE" >&2
          tail -40 "$TRANSCRIPT" >&2
          exit 4 ;;
     esac
 }