| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aW-JJ5DT-LRSZkdF@derry.ads.avm.de> Date: Tue, 20 Jan 2026 14:54:47 +0100 From: Nicolas Schier <nsc@...nel.org> To: Guillaume Tucker <gtucker@...cker.io> Cc: Nathan Chancellor <nathan@...nel.org>, Miguel Ojeda <ojeda@...nel.org>, David Gow <davidgow@...gle.com>, Onur Özkan <work@...rozkan.dev>, Arnd Bergmann <arnd@...db.de>, linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org, linux-kbuild@...r.kernel.org, automated-testing@...ts.yoctoproject.org, workflows@...r.kernel.org, llvm@...ts.linux.dev Subject: Re: [PATCH v3 0/2] scripts: introduce containerized builds On Wed, Dec 31, 2025 at 05:51:48PM +0100, Guillaume Tucker wrote: > This proposal emerged from discussions over email and after a talk at > Plumbers 2024: > > https://lore.kernel.org/all/affb7aff-dc9b-4263-bbd4-a7965c19ac4e@gtucker.io/ > > The aim is to facilitate reproducing builds for CI bots as well as > developers using containers. Here's an illustrative example with a > kernel.org toolchain in a Docker image from tuxmake: > > $ scripts/container -i tuxmake/korg-clang-21 make LLVM=1 defconfig > HOSTCC scripts/basic/fixdep > HOSTCC scripts/kconfig/conf.o > [...] > HOSTCC scripts/kconfig/util.o > HOSTLD scripts/kconfig/conf > *** Default configuration is based on 'x86_64_defconfig' > # > # configuration written to .config > # > > This patch series also includes a documentation page with all the > relevant details and further examples about how to use the tool. > > To go one step further, I'm in the process of preparing reference > container images with kernel.org toolchains and no third-party > dependencies other than the base Debian distro. See this thread for > more details and options to host them in an upstream way: > > https://lore.kernel.org/all/cc737636-2a43-4a97-975e-4725733f7ee4@gtucker.io/ > > Say, to run KUnit using the latest kernel.org GCC toolchain: > > scripts/container --shell \ > -i registry.gitlab.com/gtucker/korg-containers/gcc:kunit -- \ > tools/testing/kunit/kunit.py \ > run \ > --arch=x86_64 \ > --cross_compile=x86_64-linux- > > --- > Changes in v3: > - Refactor common code for Docker and Podman > - Add docs.kernel.org URL in help message > - Use pathlib Python package > - Handle signals in parent process by default > - Add --shell option to use an interactive shell > - Tweak debug messages in verbose mode > - Specify Python 3.10 as minimum version in the docs > - Provide an example env file in the docs > - Update docs regarding interactive shell usage > > Changes in v2: > - Drop default image but make -i option required > - Look for Docker and Podman if no runtime specified > - Catch SIGINT from user to abort container with Docker > - Explicitly name each container with a UUID > - Update documentation accordingly > > --- > > Guillaume Tucker (2): > scripts: add tool to run containerized builds > Documentation: dev-tools: add container.rst page > > Documentation/dev-tools/container.rst | 201 ++++++++++++++++++++++++++ > Documentation/dev-tools/index.rst | 1 + > scripts/container | 199 +++++++++++++++++++++++++ > 3 files changed, 401 insertions(+) > create mode 100644 Documentation/dev-tools/container.rst > create mode 100755 scripts/container > > -- > 2.47.3 > > Out-of-source builds do not work on my system with podman. If this is expected, I think it would be great to mention that somewhere in the documentation. Nevertheless, thanks a lot! I expect me to use that a lot in the future! For the whole patch set: Tested-by: Nicolas Schier <nsc@...nel.org> Acked-by: Nicolas Schier <nsc@...nel.org> Kind regards, Nicolas -- Nicolas
Powered by blists - more mailing lists