The instability was not caused by kexec-fiwix logic itself but by oversized early-stage payload pressure in kernel-bootstrap mode.
When too many distfiles are injected before the Fiwix handoff, the early memory/file-table assumptions become fragile and KVM can fail during transition.
This change restores kexec-fiwix.c to the known baseline (matching commit 984b8322...) and fixes the actual failure mode by moving non-early distfiles out of the initial image.
What changed:
- Keep only bootstrap-required distfiles in early init image.
- Generate a separate raw payload image (LBPAYLD1 format) for the remaining distfiles.
- Attach payload image as an extra disk in QEMU/bare-metal kernel-bootstrap flow.
- Add a dedicated C89/tcc-compatible importer (payload-import) that scans payload disks and copies files into /external/distfiles after jump: fiwix.
- Insert improve: import_payload immediately after jump: fiwix so the full distfile set is restored before heavy build steps continue.
- Add PAYLOAD_REQUIRED config gating so this behavior is active only in kernel-bootstrap paths that need it.
Why this design:
- Preserves minimal early environment assumptions (no dependency on full shell utilities for the copy operation itself).
- Avoids adding filesystem-construction toolchain dependencies for the payload container by using a simple length-prefixed raw format.
- Keeps bare-metal and QEMU behavior aligned: both can carry full build artifacts without overloading the early handoff stage.
- Leaves kexec-fiwix behavior deterministic and auditable by reverting to a known-good baseline implementation.
When booting with --stage0-image, mirror ports can change between runs
(e.g. file:// -> transient SimpleMirror port), but the reused image kept
stale MIRRORS/MIRRORS_LEN values in /steps/bootstrap.cfg.
Update stage0-work image preparation to patch bootstrap.cfg on each run:
- rewrite MIRRORS and MIRRORS_LEN from current CLI mirrors
- keep existing --build-guix-also handoff checks/sync behavior
This fixes guest downloads trying old 10.0.2.2:<stale-port> endpoints
during steps-guix builds.
- add --stage0-image in rootfs.py for qemu to boot an existing kernel-bootstrap image
- when --stage0-image is combined with --build-guix-also, update BUILD_GUIX_ALSO in image config and sync /steps-guix into the image
- require stage0 /init to contain guix handoff marker instead of patching /init implicitly
- add run_steps_guix_if_requested() to make_bootable-generated /init so rebooted stage0 images can enter steps-guix directly
- run /steps-guix/0.sh with bash in after.sh
- make script-generator start mode convention-based: /steps stays kaem-first, alternate roots (e.g. /steps-guix) start in bash
- remove redundant explicit /steps config-root argument from seed/preseeded/reconfigure script-generator calls
When using file:// mirrors, rootfs.py will spawn a local HTTP
server at 127.0.0.1.
In combination with --qemu, this poses a problem: downloads
on the host machine will work, but downloads on the guest
machine will not reach the local server.
This commit introduces a change to rewrite the address to
10.0.2.2 inside the guest, only when QEMU=True is set in
the configuration, allowing this combination to build
past the get_network improvement step.
Previously, there was no way to access the additional consoles in
qemu mode, due to qemu running in -nographic mode with a serial
console. This is perfectly fine in non-interactive mode, but we can
make interactive mode more usable by using a graphical console like
on bare metal.
Also drop -no-reboot from interactive mode, since rebooting (e.g.
to load a newly compiled kernel) makes sense in this case.
This was removed as part of the simplify refactor, severely slowing
down qemu and bare-metal builds. Restoring it brings us back to the
same build times that we saw before the refactor.
This adds a new flag, -i / --interactive, which enables opening a
Bash prompt whenever something goes wrong in the bootstrap. This is
highly useful when developing or debugging live-bootstrap, but it
needs to be off by default, for use in automated processes.
In the future, asking for variables at runtime could (and perhaps
should) also be gated behind this flag.
There is nothing temporary about our "tmpdir" - its sole purpose is to
contain the final product of the bootstrap process. Thus, removing it
at the end of bootstrap amounts to doing the entire process for nothing.
To remedy this, --tmpdir is renamed --target, keeping the -t short form,
and defaulting to "target" instead of "tmp" to make its purpose clearer.
The --preserve option is removed, as the target is now always preserved.
* Support specifying the size of the target disk image for qemu
* For bare metal, only pad the image to the next megabyte
* Use truncate() to extend images, instead of writing zeros (faster)
* Return None from get_disk() with nonexistent name
* Leave 1MiB on non-boot disks, or 1GiB on boot disks, unpartitioned
(for proper 4K alignment and to help preserve the srcfs or boot
partition creation)
* Fix qemu invocation when an external.img is not used
* Make -qr work with kernel bootstrap (will need kexec-fiwix fix)
The gap between the chroot and non-chroot bootstrap modes started in,
7ecad37 because BuildStream's sandbox was missing some device nodes.
With the latest version of buildbox-run-bubblewrap, a few of the
missing devices were made available to BuildStream's sandbox and
there is no longer a need to keep this gap. In fact, compatibilty
with newer BuildStream versions now requires these devices to be
present.
This change also partially reverts d0a5221, which had to remove
/dev/ptmx as a consequence of the aforementioned gap.
A tiny bootloader bootstrap has been added to compile the builder-hex0 kernel from hex0 source.
The boot compiler is builder-hex0-x86-stage1.hex0 and builder-hex0-x86-stage1.bin.
The builder-hex0 kernel is now named builder-hex0-x86-stage2.hex0.
The inclusion of a binary seed resolves the problem with the previous strategy which used an
architecture-specific hex0 compiler.
If sysb detects a full disk (i.e. DISK=sda) it now partitions the disk unconditionally because
previously fdisk was reporting existing but empty partitions which resulted in no
parititions being created.
e2fsprogs is now built with --disable-tls because musl was built on Fiwix without full threading
support and mkfs.ext4 was crashing without disabling thread local storage.
kexec-linux writes the linux kernel and initramfs to a RAM drive on Fiwix which ensure
a pre-allocated contiguous memory block. The following is written to the ram drive:
a 32-bit number which is the size of the kernel in bytes, a 32-bit number which is the size
of the initramfs in bytes, followed by the Linux kernel image, followed by the initramfs.
kexec-fiwix invokes a sync syscall to ensure all writes are flushed to
the ram drive and then initiates the kexec by shutting down Fiwix with a reboot syscall.
Fiwix knows whether and how to perform the kexec based on kernel parameters passed to it.
