omarabdul3ziz/zosbuilder
1
0
Fork 0
forked from tfgrid/zosbuilder
Code Pull Requests Activity
Files
6193d241ea35ed7caa59e12f112d5bd018cc785f
zosbuilder/docs/review-rfs-integration.md
Jan De Landtsheer ad0a06e267 initramfs+modules: robust copy aliasing, curated stage1 + PHYs, firmware policy via firmware.conf, runtime readiness, build ID; docs sync 
Summary of changes (with references):\n\nModules + PHY coverage\n- Curated and normalized stage1 list in [config.modules.conf](config/modules.conf:1):\n  - Boot-critical storage, core virtio, common NICs (Intel/Realtek/Broadcom), overlay/fuse, USB HCD/HID.\n  - Added PHY drivers required by NIC MACs:\n    * realtek (for r8169, etc.)\n    * broadcom families: broadcom, bcm7xxx, bcm87xx, bcm_phy_lib, bcm_phy_ptp\n- Robust underscore↔hyphen aliasing during copy so e.g. xhci_pci → xhci-pci.ko, hid_generic → hid-generic.ko:\n  - [bash.initramfs_copy_resolved_modules()](scripts/lib/initramfs.sh:990)\n\nFirmware policy and coverage\n- Firmware selection now authoritative via [config/firmware.conf](config/firmware.conf:1); ignore modules.conf firmware hints:\n  - [bash.initramfs_setup_modules()](scripts/lib/initramfs.sh:229)\n  - Count from firmware.conf for reporting; remove stale required-firmware.list.\n- Expanded NIC firmware set (bnx2, bnx2x, tigon, intel, realtek, rtl_nic, qlogic, e100) in [config.firmware.conf](config/firmware.conf:1).\n- Installer enforces firmware.conf source-of-truth in [bash.alpine_install_firmware()](scripts/lib/alpine.sh:392).\n\nEarly input & build freshness\n- Write a runtime build stamp to /etc/zero-os-build-id for embedded initramfs verification:\n  - [bash.initramfs_finalize_customization()](scripts/lib/initramfs.sh:568)\n- Minor init refinements in [config.init](config/init:1) (ensures /home, consistent depmod path).\n\nRebuild helper improvements\n- [scripts/rebuild-after-zinit.sh](scripts/rebuild-after-zinit.sh:1):\n  - Added --verify-only; container-aware execution; selective marker clears only.\n  - Prints stage status before/after; avoids --rebuild-from; resolves full kernel version for diagnostics.\n\nRemote flist readiness + zinit\n- Init scripts now probe BASE_URL readiness and accept FLISTS_BASE_URL/FLIST_BASE_URL; firmware target is /lib/firmware:\n  - [sh.firmware.sh](config/zinit/init/firmware.sh:1)\n  - [sh.modules.sh](config/zinit/init/modules.sh:1)\n\nContainer, docs, and utilities\n- Stream container build logs by calling runtime build directly in [bash.docker_build_container()](scripts/lib/docker.sh:56).\n- Docs updated to reflect firmware policy, runtime readiness, rebuild helper, early input, and GRUB USB:\n  - [docs.NOTES.md](docs/NOTES.md)\n  - [docs.PROMPT.md](docs/PROMPT.md)\n  - [docs.review-rfs-integration.md](docs/review-rfs-integration.md)\n- Added GRUB USB creator (referenced in docs): [scripts/make-grub-usb.sh](scripts/make-grub-usb.sh)\n\nCleanup\n- Removed legacy/duplicated config trees under configs/ and config/zinit.old/.\n- Minor newline and ignore fixes: [.gitignore](.gitignore:1)\n\nNet effect\n- Runtime now has correct USB HCDs/HID-generic and NIC+PHY coverage (Realtek/Broadcom), with matching firmware installed in initramfs.\n- Rebuild workflow is minimal and host/container-aware; docs are aligned with implemented behavior.\n
2025-09-23 14:03:01 +02:00

7.4 KiB
Raw Blame History

Review: Current Build Flow and RFS Integration Hook Points

This document reviews the current Zero-OS Alpine initramfs build flow, identifies reliable sources for kernel versioning and artifacts, and specifies clean integration points for RFS flist generation and later runtime overmounts without modifying existing code paths.

Build flow overview

Primary orchestrator: scripts/build.sh

Key sourced libraries:

Main stages executed (incremental via stage_run()):

  1. alpine_extract, alpine_configure, alpine_packages
  2. alpine_firmware
  3. components_build, components_verify
  4. kernel_modules
  5. init_script, components_copy, zinit_setup
  6. modules_setup, modules_copy
  7. cleanup, validation
  8. initramfs_create, initramfs_test, kernel_build
  9. boot_tests

Where key artifacts come from

udev and module load sequencing at runtime

Current integration gaps for RFS flists

  • There is no existing code that:
    • Packs modules or firmware into RFS flists (.fl sqlite manifests)
    • Publishes associated content-addressed blobs to a store
    • Uploads the .fl manifest to an S3 bucket (separate from the blob store)
    • Mounts these flists at runtime prior to udev coldplug

Reliable inputs for RFS pack

  • Kernel full version: use kernel_get_full_version() logic (never uname -r inside container)
  • Modules source tree candidates (priority):
    1. /lib/modules/<FULL_VERSION> (from kernel_build_modules())
    2. initramfs/lib/modules/<FULL_VERSION> (if container path unavailable; less ideal)
  • Firmware source tree candidates (priority):
    1. $PROJECT_ROOT/firmware (external provided tree; user-preferred)
    2. initramfs/lib/firmware (APK-installed fallback)

S3 configuration needs

A new configuration file is required to avoid touching existing code:

  • Path: config/rfs.conf (to be created)
  • Required keys:
    • S3_ENDPOINT (e.g., https://s3.example.com:9000)
    • S3_REGION
    • S3_BUCKET
    • S3_PREFIX (path prefix under bucket for blobs/optionally manifests)
    • S3_ACCESS_KEY
    • S3_SECRET_KEY
  • These values will be consumed by standalone scripts (not existing build flow)

Proposed standalone scripts (no existing code changes)

Directory: scripts/rfs

  • common.sh

  • pack-modules.sh

    • Name: modules-<FULL_KERNEL_VERSION>.fl
    • Command: rfs pack -m dist/flists/modules-...fl -s s3://... /lib/modules/<FULL_VERSION>
    • Then upload the .fl manifest to s3://BUCKET/PREFIX/manifests/ via aws CLI if available

  • pack-firmware.sh

    • Name: firmware-.fl by default, overridable via FIRMWARE_TAG
    • Source: $PROJECT_ROOT/firmware preferred, else initramfs/lib/firmware
    • Pack with rfs and upload the .fl manifest similarly

  • verify-flist.sh

    • rfs flist inspect dist/flists/NAME.fl
    • rfs flist tree dist/flists/NAME.fl | head
    • Optional test mount with a temporary mountpoint when requested

Future runtime units (deferred)

Will be added as new zinit units once flist generation is validated:

  • Mount firmware flist read-only at /lib/firmware (overmount to hide initramfs firmware beneath)
  • Mount modules flist read-only at /lib/modules/<FULL_VERSION>
  • Run depmod -a <FULL_VERSION>
  • Run udev coldplug sequence (reload, trigger add, settle)

Placement relative to current units:

Flow summary (Mermaid)

flowchart TD
  A[Build start] --> B[alpine_extract/configure/packages]
  B --> C[components_build verify]
  C --> D[kernel_modules
  install modules in container
  set KERNEL_FULL_VERSION]
  D --> E[init_script zinit_setup]
  E --> F[modules_setup copy]
  F --> G[cleanup validation]
  G --> H[initramfs_create test kernel_build]
  H --> I[boot_tests]

  subgraph RFS standalone
    R1[Compute FULL_VERSION
    from configs]
    R2[Select sources:
    modules /lib/modules/FULL_VERSION
    firmware PROJECT_ROOT/firmware or initramfs/lib/firmware]
    R3[Pack modules flist
    rfs pack -s s3://...]
    R4[Pack firmware flist
    rfs pack -s s3://...]
    R5[Upload .fl manifests
    to S3 manifests/]
    R6[Verify flists
    inspect/tree/mount opt]
  end

  H -. post-build manual .-> R1
  R1 --> R2 --> R3 --> R5
  R2 --> R4 --> R5
  R3 --> R6
  R4 --> R6

Conclusion

  • The existing build flow provides deterministic kernel versioning and installs modules into the container at /lib/modules/<FULL_VERSION>, which is ideal for RFS packing.
  • Firmware can be sourced from the user-provided tree or the initramfs fallback.
  • RFS flist creation and publishing can be introduced entirely as standalone scripts and configuration without modifying current code.
  • Runtime overmounting and coldplug can be added later via new zinit units once flist generation is validated.