rpms/supermin
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Add all upstream patches since 5.1.16 was released.

Browse Source
This commit is contained in:
Richard W.M. Jones 2016-07-06 14:20:33 +01:00
parent f69129dcba
commit 4144ae2cf8
8 changed files with 441 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
0001-Add-support-for-a-DAX-root-filesystem.patch
View File

@ -1,7 +1,7 @@
From b4131cefc55ae41862a426bed83aa87c8362866b Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 16 May 2016 18:55:33 +0100
Subject: [PATCH] Add support for a DAX root filesystem.
Subject: [PATCH 1/7] Add support for a DAX root filesystem.
With these changes you can provide an ext4 root filesystem on a
virtual NVDIMM. The filesystem will be mounted using DAX, so files

42
0002-init-Don-t-allocate-modules-on-the-stack-RHBZ-133969.patch Normal file
View File

@ -0,0 +1,42 @@
From 557952500a10513120e90e5118c53030363a778e Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 25 May 2016 17:29:16 +0100
Subject: [PATCH 2/7] init: Don't allocate modules on the stack (RHBZ#1339691).
If the modules are unstripped and/or especially large, then the stack
can overflow.
Thanks: Luiz Capitulino for testing.
---
init/init.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/init/init.c b/init/init.c
index 106be02..733d66e 100644
--- a/init/init.c
+++ b/init/init.c
@@ -314,7 +314,11 @@ insmod (const char *filename)
exit (EXIT_FAILURE);
}
size = st.st_size;
- char buf[size];
+ char *buf = malloc (size);
+ if (buf == NULL) {
+ fprintf (stderr, "insmod: malloc (%s, %zu bytes): %m\n", filename, size);
+ exit (EXIT_FAILURE);
+ }
size_t offset = 0;
do {
ssize_t rc = read (fd, buf + offset, size - offset);
@@ -332,6 +336,8 @@ insmod (const char *filename)
* of a missing device.
*/
}
+
+ free (buf);
}
/* Mount /proc unless it's mounted already. */
--
2.7.4

25
0003-init-Print-size-of-init.patch Normal file
View File

@ -0,0 +1,25 @@
From 272c35b435dd6a71c79f90626567bdddebb72b41 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 14 Jun 2016 16:06:24 +0100
Subject: [PATCH 3/7] init: Print size of 'init'.
Useful for seeing in the build logs if the init program grows in size.
---
src/Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/Makefile.am b/src/Makefile.am
index 443e25d..11adf31 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -143,6 +143,7 @@ ext2init-bin.o: ext2init-bin.S
ext2init-bin.S: ../init/init $(srcdir)/bin2s.pl
strip --strip-all $<
+ ls -l $<
@file $< | grep -isq static || \
(echo "*** error: init is not statically linked"; exit 1)
$(srcdir)/bin2s.pl $< $@
--
2.7.4

100
0004-init-Delete-initramfs-files-before-chrooting-into-th.patch Normal file
View File

@ -0,0 +1,100 @@
From a67c0c5632fe6f68c02b0b5623217782b094c00e Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 14 Jun 2016 16:07:29 +0100
Subject: [PATCH 4/7] init: Delete initramfs files before chrooting into the
appliance.
After supermin has finished running, the initramfs files sit around
occupying non-swappable memory but serving no further purpose.
This saves a little memory, at the cost of about 1ms of extra boot
time.
---
init/init.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 48 insertions(+), 2 deletions(-)
diff --git a/init/init.c b/init/init.c
index 733d66e..5ac53e9 100644
--- a/init/init.c
+++ b/init/init.c
@@ -1,5 +1,5 @@
/* supermin-helper reimplementation in C.
- * Copyright (C) 2009-2014 Red Hat Inc.
+ * Copyright (C) 2009-2016 Red Hat Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -80,6 +80,7 @@ static void mount_proc (void);
static void print_uptime (void);
static void read_cmdline (void);
static void insmod (const char *filename);
+static void delete_initramfs_files (void);
static void show_directory (const char *dir);
static char cmdline[1024];
@@ -264,9 +265,12 @@ main ()
exit (EXIT_FAILURE);
}
+ if (!quiet)
+ fprintf (stderr, "supermin: deleting initramfs files\n");
+ delete_initramfs_files ();
+
/* Note that pivot_root won't work. See the note in
* Documentation/filesystems/ramfs-rootfs-initramfs.txt
- * We could remove the old initramfs files, but let's not bother.
*/
if (!quiet)
fprintf (stderr, "supermin: chroot\n");
@@ -396,6 +400,48 @@ read_cmdline (void)
cmdline[len-1] = '\0';
}
+/* By deleting the files in the initramfs before we chroot, we save a
+ * little bit of memory (or quite a lot of memory if the user is using
+ * unstripped kmods).
+ *
+ * We only delete files in the root directory. We don't delete
+ * directories because they only take a tiny amount of space and
+ * because we must not delete any mountpoints, especially not /root
+ * where we are about to chroot.
+ *
+ * We don't recursively look for files because that would be too
+ * complex and risky, and the normal supermin initramfs doesn't have
+ * any files except in the root directory.
+ */
+static void
+delete_initramfs_files (void)
+{
+ DIR *dir;
+ struct dirent *d;
+ struct stat statbuf;
+
+ if (chdir ("/") == -1) {
+ perror ("chdir: /");
+ return;
+ }
+
+ dir = opendir (".");
+ if (!dir) {
+ perror ("opendir: /");
+ return;
+ }
+
+ while ((d = readdir (dir)) != NULL) {
+ /* "." and ".." are directories, so the S_ISREG test ignores them. */
+ if (lstat (d->d_name, &statbuf) >= 0 && S_ISREG (statbuf.st_mode)) {
+ if (unlink (d->d_name) == -1)
+ perror (d->d_name);
+ }
+ }
+
+ closedir (dir);
+}
+
/* Display a directory on stderr. This is used for debugging only. */
static char
dirtype (int dt)
--
2.7.4

186
0005-ext2-Don-t-load-whole-files-into-memory-when-copying.patch Normal file
View File

@ -0,0 +1,186 @@
From f5a3deef588759c49dc862427a265aced612002d Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 6 Jul 2016 12:12:10 +0100
Subject: [PATCH 5/7] ext2: Don't load whole files into memory when copying to
the appliance (RHBZ#1113065).
Obviously for very large files this is going to be a problem, as well
as not being very cache efficient.
libext2fs can handle writes to parts of files just fine so copy files
in blocks.
Also demote the "Permission denied" error to a warning, and add some
explanatory text telling people not to use sudo.
---
src/ext2fs-c.c | 127 +++++++++++++++++++++++++++++++++++----------------------
1 file changed, 78 insertions(+), 49 deletions(-)
diff --git a/src/ext2fs-c.c b/src/ext2fs-c.c
index cb9282b..96a3de0 100644
--- a/src/ext2fs-c.c
+++ b/src/ext2fs-c.c
@@ -185,6 +185,7 @@ supermin_ext2fs_read_bitmaps (value fsv)
static void ext2_mkdir (ext2_filsys fs, ext2_ino_t dir_ino, const char *dirname, const char *basename, mode_t mode, uid_t uid, gid_t gid, time_t ctime, time_t atime, time_t mtime);
static void ext2_empty_inode (ext2_filsys fs, ext2_ino_t dir_ino, const char *dirname, const char *basename, mode_t mode, uid_t uid, gid_t gid, time_t ctime, time_t atime, time_t mtime, int major, int minor, int dir_ft, ext2_ino_t *ino_ret);
static void ext2_write_file (ext2_filsys fs, ext2_ino_t ino, const char *buf, size_t size, const char *filename);
+static void ext2_write_host_file (ext2_filsys fs, ext2_ino_t ino, const char *src, const char *filename);
static void ext2_link (ext2_filsys fs, ext2_ino_t dir_ino, const char *basename, ext2_ino_t ino, int dir_ft);
static void ext2_clean_path (ext2_filsys fs, ext2_ino_t dir_ino, const char *dirname, const char *basename, int isdir);
static void ext2_copy_file (struct ext2_data *data, const char *src, const char *dest);
@@ -500,6 +501,81 @@ ext2_write_file (ext2_filsys fs,
ext2_error_to_exception ("ext2fs_write_inode", err, filename);
}
+/* Same as ext2_write_file, but it copies the file contents from the
+ * host. You must create the file first with ext2_empty_inode, and
+ * the host file must be a regular file.
+ */
+static void
+ext2_write_host_file (ext2_filsys fs,
+ ext2_ino_t ino,
+ const char *src, /* source (host) file */
+ const char *filename)
+{
+ int fd;
+ char buf[BUFSIZ];
+ ssize_t r;
+ size_t size = 0;
+ errcode_t err;
+ ext2_file_t file;
+ unsigned int written;
+
+ fd = open (src, O_RDONLY);
+ if (fd == -1) {
+ static int warned = 0;
+
+ /* We skip unreadable files. However if the error is -EACCES then
+ * modify the message so as not to frighten the horses.
+ */
+ fprintf (stderr, "supermin: warning: %s: %m (ignored)\n", filename);
+ if (errno == EACCES && !warned) {
+ fprintf (stderr,
+ "Some distro files are not public readable, so supermin cannot copy them\n"
+ "into the appliance. This is a problem with your Linux distro. Please ask\n"
+ "your distro to stop doing pointless security by obscurity.\n"
+ "You can ignore these warnings. You *do not* need to use sudo.\n");
+ warned = 1;
+ }
+ return;
+ }
+
+ err = ext2fs_file_open2 (fs, ino, NULL, EXT2_FILE_WRITE, &file);
+ if (err != 0)
+ ext2_error_to_exception ("ext2fs_file_open2", err, filename);
+
+ while ((r = read (fd, buf, sizeof buf)) > 0) {
+ err = ext2fs_file_write (file, buf, r, &written);
+ if (err != 0)
+ ext2_error_to_exception ("ext2fs_file_open2", err, filename);
+ if ((ssize_t) written != r)
+ caml_failwith ("ext2fs_file_write: requested write size != bytes written");
+ size += written;
+ }
+
+ if (r == -1)
+ unix_error (errno, (char *) "read", caml_copy_string (filename));
+
+ if (close (fd) == -1)
+ unix_error (errno, (char *) "close", caml_copy_string (filename));
+
+ /* Flush out the ext2 file. */
+ err = ext2fs_file_flush (file);
+ if (err != 0)
+ ext2_error_to_exception ("ext2fs_file_flush", err, filename);
+ err = ext2fs_file_close (file);
+ if (err != 0)
+ ext2_error_to_exception ("ext2fs_file_close", err, filename);
+
+ /* Update the true size in the inode. */
+ struct ext2_inode inode;
+ err = ext2fs_read_inode (fs, ino, &inode);
+ if (err != 0)
+ ext2_error_to_exception ("ext2fs_read_inode", err, filename);
+ inode.i_size = size;
+ err = ext2fs_write_inode (fs, ino, &inode);
+ if (err != 0)
+ ext2_error_to_exception ("ext2fs_write_inode", err, filename);
+}
+
/* This is just a wrapper around ext2fs_link which calls
* ext2fs_expand_dir as necessary if the directory fills up. See
* definition of expand_dir in the sources of debugfs.
@@ -589,43 +665,6 @@ ext2_clean_path (ext2_filsys fs, ext2_ino_t dir_ino,
/* else it's a directory, what to do? XXX */
}
-/* Read in the whole file into memory. Check the size is still 'size'. */
-static char *
-read_whole_file (const char *filename, size_t size)
-{
- char *buf = malloc (size);
- if (buf == NULL)
- caml_raise_out_of_memory ();
-
- int fd = open (filename, O_RDONLY);
- if (fd == -1) {
- /* Skip unreadable files. */
- fprintf (stderr, "supermin: open: %s: %m\n", filename);
- free (buf);
- return NULL;
- }
-
- size_t n = 0;
- char *p = buf;
-
- while (n < size) {
- ssize_t r = read (fd, p, size - n);
- if (r == -1)
- unix_error (errno, (char *) "read", caml_copy_string (filename));
- if (r == 0) {
- fprintf (stderr, "supermin: end of file reading '%s'\n", filename);
- caml_invalid_argument ("ext2fs: file has changed size unexpectedly");
- }
- n += r;
- p += r;
- }
-
- if (close (fd) == -1)
- unix_error (errno, (char *) "close", caml_copy_string (filename));
-
- return buf;
-}
-
/* Copy a file (or directory etc) from the host. */
static void
ext2_copy_file (struct ext2_data *data, const char *src, const char *dest)
@@ -766,24 +805,14 @@ ext2_copy_file (struct ext2_data *data, const char *src, const char *dest)
if (S_ISREG (statbuf.st_mode)) {
/* XXX Hard links get duplicated here. */
ext2_ino_t ino;
- char *buf = NULL;
-
- if (statbuf.st_size > 0) {
- buf = read_whole_file (src, statbuf.st_size);
- if (buf == NULL)
- goto skip_unreadable_file;
- }
ext2_empty_inode (data->fs, dir_ino, dirname, basename,
statbuf.st_mode, statbuf.st_uid, statbuf.st_gid,
statbuf.st_ctime, statbuf.st_atime, statbuf.st_mtime,
0, 0, EXT2_FT_REG_FILE, &ino);
- if (statbuf.st_size > 0) {
- ext2_write_file (data->fs, ino, buf, statbuf.st_size, dest);
- free (buf);
- }
- skip_unreadable_file: ;
+ if (statbuf.st_size > 0)
+ ext2_write_host_file (data->fs, ino, src, dest);
}
/* Create a symlink. */
else if (S_ISLNK (statbuf.st_mode)) {
--
2.7.4

41
0006-build-include-packagelist-Use-supermin-tmpdir.patch Normal file
View File

@ -0,0 +1,41 @@
From bc5f01196ebf181b20d43fefe23f7003a5d3aa7c Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 6 Jul 2016 14:01:16 +0100
Subject: [PATCH 6/7] build: --include-packagelist: Use supermin tmpdir.
Fixes commit 535c2cfbf2c8e8cbe5f43dd9e9a0eea8eacb1bed.
---
src/build.ml | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/src/build.ml b/src/build.ml
index e34ec5f..83a0d98 100644
--- a/src/build.ml
+++ b/src/build.ml
@@ -207,9 +207,9 @@ let rec build debug
(* Create a temporary file for packagelist, if requested. *)
let packagelist_file =
if include_packagelist then (
- let filename, chan = Filename.open_temp_file "packagelist." "" in
+ let filename = tmpdir // "packagelist" in
+ let chan = open_out filename in
List.iter (fprintf chan "%s\n") pretty_packages;
- flush chan;
close_out chan;
Some filename
) else None in
@@ -230,11 +230,6 @@ let rec build debug
Ext2.build_ext2 debug basedir files modpath kernel_version appliance size
packagelist_file;
Ext2_initrd.build_initrd debug tmpdir modpath initrd
- );
-
- (match packagelist_file with
- | None -> ()
- | Some filename -> Sys.remove filename
)
and read_appliance debug basedir appliance = function
--
2.7.4

34
0007-Use-var-tmp-instead-of-tmp-if-TMPDIR-is-not-set.patch Normal file
View File

@ -0,0 +1,34 @@
From 12fc339efb1d287593b53da1dfddc88f876f8e7d Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 6 Jul 2016 14:12:28 +0100
Subject: [PATCH 7/7] Use /var/tmp instead of /tmp if TMPDIR is not set.
See: https://bugzilla.redhat.com/show_bug.cgi?id=1316479#c12
Thanks: Junqin Zhou
---
src/supermin.ml | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/supermin.ml b/src/supermin.ml
index b0532e5..a09b498 100644
--- a/src/supermin.ml
+++ b/src/supermin.ml
@@ -57,9 +57,12 @@ let main () =
if try Filename.is_relative (getenv "TMPDIR") with Not_found -> false then
error "error: environment variable $TMPDIR must be an absolute path";
- (* Create a temporary directory for scratch storage. *)
+ (* Create a temporary directory for scratch storage. Because it's
+ * for large files, use /var/tmp if TMPDIR is not set.
+ *)
let tmpdir =
- let tmpdir = Filename.temp_file "supermin" ".tmpdir" in
+ let temp_dir = try getenv "TMPDIR" with Not_found -> "/var/tmp" in
+ let tmpdir = Filename.temp_file ~temp_dir "supermin" ".tmpdir" in
unlink tmpdir;
mkdir tmpdir 0o700;
at_exit
--
2.7.4

16
supermin.spec
View File

@ -23,7 +23,7 @@
Summary: Tool for creating supermin appliances
Name: supermin
Version: 5.1.16
Release: 3%{?dist}
Release: 4%{?dist}
License: GPLv2+
%if 0%{?rhel} >= 7
@ -33,9 +33,14 @@ ExclusiveArch: x86_64
URL: http://people.redhat.com/~rjones/supermin/
Source0: http://libguestfs.org/download/supermin/%{name}-%{version}.tar.gz
# Add support for DAX root filesystem using vNVDIMM.
# Upstream commit b4131cefc55ae41862a426bed83aa87c8362866b.
Patch0001: 0001-Add-support-for-a-DAX-root-filesystem.patch
# All upstream patches since 5.1.16 was released.
Patch1: 0001-Add-support-for-a-DAX-root-filesystem.patch
Patch2: 0002-init-Don-t-allocate-modules-on-the-stack-RHBZ-133969.patch
Patch3: 0003-init-Print-size-of-init.patch
Patch4: 0004-init-Delete-initramfs-files-before-chrooting-into-th.patch
Patch5: 0005-ext2-Don-t-load-whole-files-into-memory-when-copying.patch
Patch6: 0006-build-include-packagelist-Use-supermin-tmpdir.patch
Patch7: 0007-Use-var-tmp-instead-of-tmp-if-TMPDIR-is-not-set.patch
BuildRequires: /usr/bin/pod2man
BuildRequires: /usr/bin/pod2html
@ -159,6 +164,9 @@ make check || {
%changelog
* Wed Jul 06 2016 Richard W.M. Jones <rjones@redhat.com> - 5.1.16-4
- Add all upstream patches since 5.1.16 was released.
* Tue May 17 2016 Richard W.M. Jones <rjones@redhat.com> - 5.1.16-3
- Add upstream patch for DAX / vNVDIMM support.