From 81775ab1b3ef52d6380cf0abc198f8ded99e7148 Mon Sep 17 00:00:00 2001 From: Jeremi Piotrowski Date: Tue, 25 Jul 2023 11:56:34 +0200 Subject: [PATCH 1/2] cache: kernel: Fix SEV kernel caching The SEV kernel cache calls create_cache_asset() twice, once for the kernel and once for modules. Both calls need to use the same version string, otherwise the second call overwrites the "latest" file of the first one and the cache is not used. Fixes: #7403 Signed-off-by: Jeremi Piotrowski --- tools/packaging/static-build/cache_components_main.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tools/packaging/static-build/cache_components_main.sh b/tools/packaging/static-build/cache_components_main.sh index a971c98aa..f61bb29c1 100755 --- a/tools/packaging/static-build/cache_components_main.sh +++ b/tools/packaging/static-build/cache_components_main.sh @@ -60,13 +60,14 @@ cache_kernel_artifacts() { ;; esac - create_cache_asset "${kernel_tarball_name}" "${current_kernel_version}-${current_kernel_kata_config_version}-${kernel_last_commit}" "${current_kernel_image}" + local current_component_version="${current_kernel_version}-${current_kernel_kata_config_version}-${kernel_last_commit}" + create_cache_asset "${kernel_tarball_name}" "${current_component_version}" "${current_kernel_image}" if [[ "${KERNEL_FLAVOUR}" == "kernel-sev" ]]; then module_dir="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build/kernel-sev/builddir/kata-linux-${current_kernel_version#v}-${current_kernel_kata_config_version}/lib/modules/${current_kernel_version#v}" if [ ! -f "${kernel_modules_tarball_path}" ]; then tar cvfJ "${kernel_modules_tarball_path}" "${module_dir}/kernel/drivers/virt/coco/efi_secret/" fi - create_cache_asset "kata-static-kernel-sev-modules.tar.xz" "${current_kernel_version}-${current_kernel_kata_config_version}" "${current_kernel_image}" + create_cache_asset "kata-static-kernel-sev-modules.tar.xz" "${current_component_version}" "${current_kernel_image}" fi } From c8ac56569a4354bbdd94b8d4ff74e74129ee94d6 Mon Sep 17 00:00:00 2001 From: Jeremi Piotrowski Date: Tue, 25 Jul 2023 12:22:46 +0200 Subject: [PATCH 2/2] cache: kernel: Harmonize commit with fetching side kata-deploy-binaries.sh uses the last commit in tools/packaging/static-build/kernel for its version check, while the cache generation uses tools/packaging/kernel. Use tools/packaging/static-build/kernel as $kata_config_version is already part of the version string and covers any changes to tools/packaging/kernel. Fixes: #7403 Signed-off-by: Jeremi Piotrowski --- tools/packaging/static-build/cache_components_main.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/packaging/static-build/cache_components_main.sh b/tools/packaging/static-build/cache_components_main.sh index f61bb29c1..dbfa66f63 100755 --- a/tools/packaging/static-build/cache_components_main.sh +++ b/tools/packaging/static-build/cache_components_main.sh @@ -33,7 +33,8 @@ cache_kernel_artifacts() { local kernel_tarball_name="kata-static-${KERNEL_FLAVOUR}.tar.xz" local current_kernel_image="$(get_kernel_image_name)" local current_kernel_kata_config_version="$(cat ${repo_root_dir}/tools/packaging/kernel/kata_config_version)" - local kernel_last_commit="$(get_last_modification ${repo_root_dir}/tools/packaging/kernel)" + # Changes to tools/packaging/kernel are covered by the kata_config_version check + local kernel_last_commit="$(get_last_modification ${repo_root_dir}/tools/packaging/static-build/kernel)" local kernel_modules_tarball_path="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build/kata-static-kernel-sev-modules.tar.xz" # The ${vendor}-gpu kernels are based on an already existing entry, and does not require