tools-hardened: tools and templates for hardened stages

2013-01-05 08:44:17 -05:00 · 2013-01-05 08:44:17 -05:00 · 5f31f81c16
parent d3d7152aa7
commit 5f31f81c16
6 changed files with 186 additions and 0 deletions
--- a/tools-hardened/clean.sh
+++ b/tools-hardened/clean.sh
@ -0,0 +1,6 @@
+#!/bin/bash
+
+# This just removes the temporary conf err and log
+# files generated during a run
+
+rm -f *conf *err *log
--- a/tools-hardened/fixup.sh
+++ b/tools-hardened/fixup.sh
@ -0,0 +1,29 @@
+#!/bin/bash
+
+# This just fixes up the symbolic links
+# to the latest stage{1,2,3} tarballs
+
+mydate=$1
+mypwd=/var/tmp/catalyst/builds
+
+find ${mypwd} -type f -size 0 -exec rm {} +
+find -L  ${mypwd} -type l -exec rm {} +
+
+for arch in amd64 i686; do
+  for flavor in hardened vanilla; do
+    for s in 1 2 3; do
+      file=stage${s}-${arch}-uclibc-${flavor}-${mydate}.tar.bz2
+      link=stage${s}-${arch}-uclibc-${flavor}.tar.bz2
+      cd "${mypwd}/${flavor}/${arch}"
+      if [[ -f ${file} ]]; then
+        ln -sf ${file} ${link}
+      else
+        echo "!!! ${file} doesn't exist!"
+        echo "!!! make sure \${mydate} is right!"
+        exit 1
+      fi
+    done
+  done
+done
+
+tree ${mypwd}
--- a/tools-hardened/run-armv7a.sh
+++ b/tools-hardened/run-armv7a.sh
@ -0,0 +1,128 @@
+#!/bin/bash
+
+#
+# Usage: ./run-armv7a.sh <mode>
+# where
+# <mode> = "", it will actually do the runs
+# <mode> = "test", it will just pretend
+#
+
+source /etc/catalyst/catalyst.conf
+
+mydate=`date +%Y%m%d`
+
+prepare_confs() {
+  local arch=$1
+  local flavor=$2
+
+  for s in 1 2 3; do
+    cat stage${s}-${arch}-hardfloat-${flavor}.conf.template | \
+      sed -e "s/\(^version_stamp.*$\)/\1-${mydate}/" >  stage${s}-${arch}-hardfloat-${flavor}.conf
+  done
+}
+
+banner() {
+cat << EOF | tee -a zzz.log > stage$1-$2-uclibc-$3.log
+
+************************************************************************
+*    stage$1-$2-uclibc-$3
+************************************************************************"
+
+EOF
+}
+
+
+do_stages() {
+  local arch=$1
+  local flavor=$2
+  local pretend=$3
+
+  for s in 1 2 3; do
+    local tgpath="${storedir}/builds/${flavor}/${arch}"
+    local target="stage${s}-${arch}-hardfloat-${flavor}-${mydate}.tar.bz2"
+    local tglink="stage${s}-${arch}-hardfloat-${flavor}.tar.bz2"
+
+    if [[ ! -f "${tgpath}/${tglink}" ]]; then
+       touch stage${s}-${arch}-hardfloat-${flavor}.log
+       echo "!!! ${target} at ${tgpath} doesn't exit" \
+         | tee -a zzz.log \
+         > stage${s}-${arch}-hardfloat-${flavor}.err
+       return 1
+    fi
+
+    if [[ "x${pretend}" != "xtest" ]]; then
+      banner ${s} ${arch} ${flavor}
+      catalyst -f stage${s}-${arch}-hardfloat-${flavor}.conf \
+        | tee -a zzz.log \
+        > stage${s}-${arch}-hardfloat-${flavor}.log \
+        2> stage${s}-${arch}-hardfloat-${flavor}.err
+    else
+      touch stage${s}-${arch}-hardfloat-${flavor}.log
+      touch stage${s}-${arch}-hardfloat-${flavor}.err
+      touch "${tgpath}/${target}"
+      echo "PRETEND: catalyst -f stage${s}-${arch}-hardfloat-${flavor}.conf \ "
+      echo "PRETEND:   > stage${s}-${arch}-hardfloat-${flavor}.log \ "
+      echo "PRETEND:   2> stage${s}-${arch}-hardfloat-${flavor}.err"
+    fi
+
+    if [[ -f "${tgpath}/${target}" ]]; then
+      rm -f "${tgpath}/${tglink}"
+      ln -s ${target} "${tgpath}/${tglink}"
+    else
+      echo "!!! ${target} was not generated" \
+        | tee -a zzz.log \
+        >stage${s}-${arch}-hardfloat-${flavor}.err
+      return 1
+    fi
+  done
+
+  return 0
+}
+
+
+#
+# approximate timings:
+#
+# catalyst -s current	3 minutes
+# catalyst -f stage1  130 minutes
+#
+
+main() {
+  local pretend=$1
+
+  >zzz.log
+
+  if [[ "x${pretend}" != "xtest" ]]; then
+     catalyst -s current | tee -a zzz.log >snapshot.log 2>snapshot.err
+  else
+     >snapshot.log
+     >snapshot.err
+     echo "PRETEND: catalyst -s current > snapshot.log 2> snapshot.err"
+  fi
+
+  for arch in armv7a; do
+    for flavor in hardened; do
+      prepare_confs ${arch} ${flavor}
+    done
+  done
+  
+  for arch in armv7a; do
+    for flavor in hardened; do
+      do_stages ${arch} ${flavor} ${pretend}
+      ret=$?
+      if [[ $? == 1 ]]; then
+         echo "FAILURE at ${arch} ${flavor} ${pretend} " | tee zzz.log
+         return 1
+      fi
+    done
+  done
+
+  if [[ "x${pretend}" == "xtest" ]]; then
+    tree /var/tmp/catalyst/builds
+    echo
+    echo "!!! Run fixup.sh to clean up!"
+    echo
+  fi
+}
+
+main $1 &
--- a/tools-hardened/stage1-armv7a-hardfloat-hardened.conf.template
+++ b/tools-hardened/stage1-armv7a-hardfloat-hardened.conf.template
@ -0,0 +1,8 @@
+subarch: armv7a
+target: stage1
+version_stamp: hardfloat-hardened
+rel_type: hardened/armv7a
+profile: hardened/linux/arm/armv7a
+snapshot: current
+source_subpath: hardened/armv7a/stage3-armv7a-hardfloat-hardened
+chost: armv7a-hardfloat-linux-gnueabi
--- a/tools-hardened/stage2-armv7a-hardfloat-hardened.conf.template
+++ b/tools-hardened/stage2-armv7a-hardfloat-hardened.conf.template
@ -0,0 +1,8 @@
+subarch: armv7a
+target: stage2
+version_stamp: hardfloat-hardened
+rel_type: hardened/armv7a
+profile: hardened/linux/arm/armv7a
+snapshot: current
+source_subpath: hardened/armv7a/stage1-armv7a-hardfloat-hardened
+chost: armv7a-hardfloat-linux-gnueabi
--- a/tools-hardened/stage3-armv7a-hardfloat-hardened.conf.template
+++ b/tools-hardened/stage3-armv7a-hardfloat-hardened.conf.template
@ -0,0 +1,7 @@
+subarch: armv7a
+target: stage3
+version_stamp: hardfloat-hardened
+rel_type: hardened/armv7a
+profile: hardened/linux/arm/armv7a
+snapshot: current
+source_subpath: hardened/armv7a/stage2-armv7a-hardfloat-hardened