Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add checksum checks for toybox and qat driver #701

Merged
merged 1 commit into from
Sep 15, 2021
Merged

Add checksum checks for toybox and qat driver #701

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions build/docker/intel-fpga-initcontainer.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,13 @@ RUN echo "{\n\
\"annotation\": [ \"fpga.intel.com/region\" ]\n\
}\n">>$ROOT/$SRC_DIR/$CRI_HOOK.json

ARG TOYBOX_VERSION="0.8.4"
ARG TOYBOX_VERSION="0.8.5"
ARG TOYBOX_SHA256="27cc073222f3b726ee10d96c4f32ac2c4c936b07ea195227736755971e6d90c9"
RUN apt update && apt -y install musl musl-tools musl-dev
RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION.tar.gz | tar xz \
RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION.tar.gz -o toybox.tar.gz \
&& echo "$TOYBOX_SHA256 toybox.tar.gz" | sha256sum -c - \
&& tar -xzf toybox.tar.gz \
&& rm toybox.tar.gz \
&& cd toybox-$TOYBOX_VERSION \
&& KCONFIG_CONFIG=${DIR}/build/docker/toybox-config LDFLAGS="--static" CC=musl-gcc PREFIX=$ROOT V=2 make toybox install \
&& install -D LICENSE $ROOT/usr/local/share/package-licenses/toybox \
Expand Down
9 changes: 7 additions & 2 deletions build/docker/intel-gpu-initcontainer.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,14 @@ ARG SRC_DIR=/usr/local/bin/gpu-sw

RUN install -D /go/bin/gpu_nfdhook $ROOT/$SRC_DIR/$NFD_HOOK

ARG TOYBOX_VERSION="0.8.4"
ARG TOYBOX_VERSION="0.8.5"
ARG TOYBOX_SHA256="27cc073222f3b726ee10d96c4f32ac2c4c936b07ea195227736755971e6d90c9"

RUN apt update && apt -y install musl musl-tools musl-dev
RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION.tar.gz | tar xz \
RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION.tar.gz -o toybox.tar.gz \
&& echo "$TOYBOX_SHA256 toybox.tar.gz" | sha256sum -c - \
&& tar -xzf toybox.tar.gz \
&& rm toybox.tar.gz \
&& cd toybox-$TOYBOX_VERSION \
&& KCONFIG_CONFIG=${DIR}/build/docker/toybox-config LDFLAGS="--static" CC=musl-gcc PREFIX=$ROOT V=2 make toybox install \
&& install -D LICENSE $ROOT/usr/local/share/package-licenses/toybox \
Expand Down
4 changes: 3 additions & 1 deletion build/docker/intel-qat-plugin-kerneldrv.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,10 +29,12 @@ WORKDIR $DIR
COPY . .

ARG QAT_DRIVER_RELEASE="qat1.7.l.4.14.0-00031"
ARG QAT_DRIVER_SHA256="a68dfaea4308e0bb5f350b7528f1a076a0c6ba3ec577d60d99dc42c49307b76e"

RUN mkdir -p /usr/src/qat \
&& cd /usr/src/qat \
&& wget https://downloadmirror.intel.com/30178/eng/${QAT_DRIVER_RELEASE}.tar.gz \
&& wget https://downloadmirror.intel.com/30178/eng/$QAT_DRIVER_RELEASE.tar.gz \
&& echo "$QAT_DRIVER_SHA256 $QAT_DRIVER_RELEASE.tar.gz" | sha256sum -c - \
&& tar xf *.tar.gz \
&& cd /usr/src/qat/quickassist/utilities/adf_ctl \
&& make KERNEL_SOURCE_DIR=/usr/src/qat/quickassist/qat \
Expand Down
9 changes: 7 additions & 2 deletions build/docker/intel-sgx-initcontainer.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,14 @@ ARG SRC_DIR=/usr/local/bin/sgx-sw

RUN install -D /go/bin/sgx_epchook $ROOT/$SRC_DIR/$NFD_HOOK

ARG TOYBOX_VERSION="0.8.4"
ARG TOYBOX_VERSION="0.8.5"
ARG TOYBOX_SHA256="27cc073222f3b726ee10d96c4f32ac2c4c936b07ea195227736755971e6d90c9"

RUN apt update && apt -y install musl musl-tools musl-dev
RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION.tar.gz | tar xz \
RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION.tar.gz -o toybox.tar.gz \
&& echo "$TOYBOX_SHA256 toybox.tar.gz" | sha256sum -c - \
&& tar -xzf toybox.tar.gz \
&& rm toybox.tar.gz \
&& cd toybox-$TOYBOX_VERSION \
&& KCONFIG_CONFIG=${DIR}/build/docker/toybox-config LDFLAGS="--static" CC=musl-gcc PREFIX=$ROOT V=2 make toybox install \
&& install -D LICENSE $ROOT/usr/local/share/package-licenses/toybox \
Expand Down
13 changes: 10 additions & 3 deletions build/docker/toybox-config
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
# ToyBox version: KCONFIG_VERSION
# Sat May 15 08:23:52 2021
# Tue Sep 14 22:53:41 2021
#
CONFIG_TOYBOX_CONTAINER=y
CONFIG_TOYBOX_FIFREEZE=y
Expand Down Expand Up @@ -92,6 +92,7 @@ CONFIG_LS=y
# CONFIG_TAR is not set
# CONFIG_TEE is not set
# CONFIG_TEST is not set
# CONFIG_TEST_GLUE is not set
# CONFIG_TIME is not set
# CONFIG_TOUCH is not set
# CONFIG_TRUE is not set
Expand All @@ -115,6 +116,7 @@ CONFIG_LS=y
# CONFIG_BC is not set
# CONFIG_BOOTCHARTD is not set
# CONFIG_BRCTL is not set
# CONFIG_CHSH is not set
# CONFIG_CROND is not set
# CONFIG_CRONTAB is not set
# CONFIG_DD is not set
Expand Down Expand Up @@ -154,18 +156,20 @@ CONFIG_LS=y
# CONFIG_MORE is not set
# CONFIG_OPENVT is not set
# CONFIG_DEALLOCVT is not set
# CONFIG_READELF is not set
# CONFIG_ROUTE is not set
CONFIG_SH=y
# CONFIG_CD is not set
# CONFIG_EXIT is not set
# CONFIG_SET is not set
# CONFIG_UNSET is not set
# CONFIG_EVAL is not set
# CONFIG_EXEC is not set
# CONFIG_EXPORT is not set
# CONFIG_JOBS is not set
# CONFIG_LOCAL is not set
# CONFIG_SHIFT is not set
# CONFIG_SOURCE is not set
# CONFIG_WAIT is not set
# CONFIG_STTY is not set
# CONFIG_SULOGIN is not set
# CONFIG_SYSLOGD is not set
Expand All @@ -187,7 +191,9 @@ CONFIG_SH=y
#
# CONFIG_ACPI is not set
# CONFIG_ASCII is not set
# CONFIG_UNICODE is not set
# CONFIG_BASE64 is not set
# CONFIG_BASE32 is not set
# CONFIG_BLKDISCARD is not set
# CONFIG_BLKID is not set
# CONFIG_FSTYPE is not set
Expand Down Expand Up @@ -247,7 +253,9 @@ CONFIG_SH=y
# CONFIG_PMAP is not set
# CONFIG_PRINTENV is not set
# CONFIG_PWDX is not set
# CONFIG_PWGEN is not set
# CONFIG_READAHEAD is not set
# CONFIG_READELF is not set
# CONFIG_READLINK is not set
# CONFIG_REALPATH is not set
# CONFIG_REBOOT is not set
Expand Down Expand Up @@ -365,7 +373,6 @@ CONFIG_TOYBOX_LSM_NONE=y
# CONFIG_TOYBOX_FLOAT is not set
# CONFIG_TOYBOX_HELP is not set
# CONFIG_TOYBOX_HELP_DASHDASH is not set
# CONFIG_TOYBOX_I18N is not set
# CONFIG_TOYBOX_FREE is not set
# CONFIG_TOYBOX_NORECURSE is not set
# CONFIG_TOYBOX_DEBUG is not set
Expand Down
2 changes: 2 additions & 0 deletions demo/openssl-qat-engine/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ ARG FINAL_BASE_IMAGE=clearlinux:base
FROM clearlinux:base as builder

ARG QAT_DRIVER_RELEASE="qat1.7.l.4.14.0-00031"
ARG QAT_DRIVER_SHA256="a68dfaea4308e0bb5f350b7528f1a076a0c6ba3ec577d60d99dc42c49307b76e"
ARG QAT_ENGINE_VERSION="v0.6.1"
ARG IPSEC_MB_VERSION="v0.55"
ARG IPP_CRYPTO_VERSION="ippcp_2020u3"
Expand All @@ -12,6 +13,7 @@ RUN swupd bundle-add --skip-diskspace-check devpkg-systemd devpkg-openssl c-basi
git clone -b $IPP_CRYPTO_VERSION https://github.com/intel/ipp-crypto && \
git clone -b $IPSEC_MB_VERSION https://github.com/intel/intel-ipsec-mb && \
wget https://downloadmirror.intel.com/30178/eng/$QAT_DRIVER_RELEASE.tar.gz && \
echo "$QAT_DRIVER_SHA256 $QAT_DRIVER_RELEASE.tar.gz" | sha256sum -c - && \
tar xf *.tar.gz

RUN sed -i -e 's/cmn_ko$//' -e 's/lac_kernel$//' quickassist/Makefile && \
Expand Down