xref: /aosp_15_r20/kernel/tests/net/test/rootfs/bullseye-common.sh (revision 2f2c4c7ab4226c71756b9c31670392fdd6887c4f) 
1#!/bin/bash
2#
3# Copyright (C) 2021 The Android Open Source Project
4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9#      http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16#
17
18. $SCRIPT_DIR/common.sh
19
20iptables=iptables-1.8.7
21debian_iptables=1.8.7-1
22cuttlefish=android-cuttlefish
23
24setup_and_build_iptables() {
25  get_installed_packages >/root/originally-installed
26
27  # Install everything needed from bullseye to build iptables
28  apt-get install -y \
29    build-essential \
30    autoconf \
31    automake \
32    bison \
33    debhelper \
34    devscripts \
35    fakeroot \
36    flex \
37    libmnl-dev \
38    libnetfilter-conntrack-dev \
39    libnfnetlink-dev \
40    libnftnl-dev \
41    libtool
42
43  # Construct the iptables source package to build
44  mkdir -p /usr/src/$iptables
45
46  cd /usr/src/$iptables
47    # Download a specific revision of iptables from AOSP
48    wget -qO - \
49      https://android.googlesource.com/platform/external/iptables/+archive/master.tar.gz | \
50      tar -zxf -
51    # Download a compatible 'debian' overlay from Debian salsa
52    # We don't want all of the sources, just the Debian modifications
53    # NOTE: This will only work if Android always uses a version of iptables
54    #       that exists for Debian as well.
55    debian_iptables_dir=pkg-iptables-debian-$debian_iptables
56    wget -qO - \
57      https://salsa.debian.org/pkg-netfilter-team/pkg-iptables/-/archive/debian/$debian_iptables/$debian_iptables_dir.tar.gz | \
58      tar --strip-components 1 -zxf - \
59      $debian_iptables_dir/debian
60  cd -
61
62  cd /usr/src
63    # Generate a source package to leave in the filesystem. This is done for
64    # license compliance and build reproducibility.
65    tar --exclude=debian -cf - $iptables | \
66      xz -9 >$(echo $iptables | tr -s '-' '_').orig.tar.xz
67  cd -
68
69  cd /usr/src/$iptables
70    # Build debian packages from the integrated iptables source
71    dpkg-buildpackage -F -d -us -uc
72  cd -
73
74  get_installed_packages >/root/installed
75  remove_installed_packages /root/originally-installed /root/installed
76  apt-get clean
77}
78
79install_and_cleanup_iptables() {
80  cd /usr/src
81    # Find any packages generated, resolve to the debian package name, then
82    # exclude any compat, header or symbol packages
83    packages=$(find -maxdepth 1 -name '*.deb' | colrm 1 2 | cut -d'_' -f1 |
84               grep -ve '-compat$\|-dbg$\|-dbgsym$\|-dev$' | xargs)
85    # Install the patched iptables packages, and 'hold' then so
86    # "apt-get dist-upgrade" doesn't replace them
87    apt-get install --allow-downgrades -y -f \
88      $(for package in $packages; do echo ./${package}_*.deb; done | xargs)
89    for package in $packages; do
90      echo "$package hold" | LANG=C dpkg --set-selections
91    done
92    update-alternatives --set iptables /usr/sbin/iptables-legacy
93
94    # Tidy up the mess we left behind, leaving just the source tarballs
95    rm -rf $iptables *.{buildinfo,changes,deb,dsc}
96  cd -
97}
98
99setup_and_build_cuttlefish() {
100  if [ "$(uname -m)" = "aarch64" ]; then
101    apt-get install -y libc6:amd64
102  fi
103
104  get_installed_packages >/root/originally-installed
105
106  # Install everything needed from bullseye to build android-cuttlefish
107  apt-get install -y \
108    cdbs \
109    debhelper \
110    devscripts \
111    dpkg-dev \
112    equivs \
113    git
114
115  # Fetch android-cuttlefish and build it
116  git clone https://github.com/google/android-cuttlefish.git /usr/src/$cuttlefish
117  for subdir in base frontend; do
118    cd /usr/src/$cuttlefish/$subdir
119      mk-build-deps --install --tool='apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes' debian/control
120      dpkg-buildpackage -d -uc -us
121    cd -
122  done
123
124  get_installed_packages >/root/installed
125  remove_installed_packages /root/originally-installed /root/installed
126  apt-get clean
127}
128
129install_and_cleanup_cuttlefish() {
130  # Install and clean up cuttlefish host packages
131  cd /usr/src/$cuttlefish
132    apt-get install -y -f ./cuttlefish-base_*.deb
133    apt-get install -y -f ./cuttlefish-user_*.deb
134    apt-get install -y -f ./cuttlefish-integration_*.deb
135    apt-get install -y -f ./cuttlefish-common_*.deb
136  cd -
137  rm -rf /usr/src/$cuttlefish
138}
139
140bullseye_cleanup() {
141  # SELinux is supported by our kernels, but we don't install the policy files
142  # which causes an error to be printed by systemd. Disable selinux.
143  echo "SELINUX=disabled" >/etc/selinux/config
144
145  # Switch binfmt misc over to a static mount, to avoid an autofs4 dependency
146  systemctl mask proc-sys-fs-binfmt_misc.automount
147  systemctl enable proc-sys-fs-binfmt_misc.mount
148
149  # This package gets pulled in as a phantom dependency. Remove it
150  apt-get purge -y gcc-9-base
151
152  cleanup
153}
154