The instability was not caused by kexec-fiwix logic itself but by oversized early-stage payload pressure in kernel-bootstrap mode.
When too many distfiles are injected before the Fiwix handoff, the early memory/file-table assumptions become fragile and KVM can fail during transition.
This change restores kexec-fiwix.c to the known baseline (matching commit 984b8322...) and fixes the actual failure mode by moving non-early distfiles out of the initial image.
What changed:
- Keep only bootstrap-required distfiles in early init image.
- Generate a separate raw payload image (LBPAYLD1 format) for the remaining distfiles.
- Attach payload image as an extra disk in QEMU/bare-metal kernel-bootstrap flow.
- Add a dedicated C89/tcc-compatible importer (payload-import) that scans payload disks and copies files into /external/distfiles after jump: fiwix.
- Insert improve: import_payload immediately after jump: fiwix so the full distfile set is restored before heavy build steps continue.
- Add PAYLOAD_REQUIRED config gating so this behavior is active only in kernel-bootstrap paths that need it.
Why this design:
- Preserves minimal early environment assumptions (no dependency on full shell utilities for the copy operation itself).
- Avoids adding filesystem-construction toolchain dependencies for the payload container by using a simple length-prefixed raw format.
- Keeps bare-metal and QEMU behavior aligned: both can carry full build artifacts without overloading the early handoff stage.
- Leaves kexec-fiwix behavior deterministic and auditable by reverting to a known-good baseline implementation.
base.tar.bz2 will contain the "steps" and "external" subdirectories, which we later try to create - ensure that they are deleted when restoring an early preseed; this way base.tar.bz2 works without any modification as a preseed tarball
If multiple URLs are entered in a sources listing for the same file,
each will be tried in turn, until either one succeeds, or we fail
having run out of mirrors.
In kernel bootstrap mode, the kernel (builder-hex0) includes the
ability to assemble hex0 source code, and to execute basic commands,
obviating the need for the bootstrap-seeds subdirectory.
With the bootstrap-seeds directory excluded, the image consists of
purely source code, with the exception of the boot sector, which is
assembled from hex0 code by rootfs.py, and delivered ready for BIOS
to boot.
And while we're at it, use a more sustainable way of getting the
address of the next file to be written to.
Since builder-hex0 doesn't distinguish directories from zero-length
files, this has a limitation that it won't copy any zero-length
files or empty directories. Only one such file is important for the
bootstrap process (mes/config.h), which is recreated using an
improve step.
This ends the reliance on the precompiled stage1 image in ootstrap-seeds,
and the locally committed copy of the stage2 hex0 code. Instead, both
stages are taken from the new builder-hex0 submodule, with stage1 compiled
by generator.py on the fly. The local copy of stage2 is dropped.
This way, updating to a newer builder-hex0 becomes much easier: just update
the submodule.
`mke2fs` has a `-d` option that allows to populate the newly created filesystem without needing to temporarily mount it. That allows to use `parted` and `mkfs.ext3` on regular files without needing root access.
There is nothing temporary about our "tmpdir" - its sole purpose is to
contain the final product of the bootstrap process. Thus, removing it
at the end of bootstrap amounts to doing the entire process for nothing.
To remedy this, --tmpdir is renamed --target, keeping the -t short form,
and defaulting to "target" instead of "tmp" to make its purpose clearer.
The --preserve option is removed, as the target is now always preserved.
Unless --external-sources is given, only download distfiles that
need to be included in srcfs. The rest will be downloaded anyway
by the bootstrap system once it gets network access.
To accomplish this, instead of searching steps for sources files,
we now parse steps/manifest. As a side effect, source_manifest.py
now outputs source files in the order they appear in the manifest.
* Support specifying the size of the target disk image for qemu
* For bare metal, only pad the image to the next megabyte
* Use truncate() to extend images, instead of writing zeros (faster)
* Return None from get_disk() with nonexistent name
* Leave 1MiB on non-boot disks, or 1GiB on boot disks, unpartitioned
(for proper 4K alignment and to help preserve the srcfs or boot
partition creation)
* Fix qemu invocation when an external.img is not used
* Make -qr work with kernel bootstrap (will need kexec-fiwix fix)
