* Update SymCrypt and SCOSSL SPEC files
+ Preparing for certification, rev SymCrypt to 103.0.1 and SCOSSL to
1.3.0
+ Add basic %check sections to the SPECs
* Move %check sections after %install sections
* Use clang for SymCrypt Arm64 build
* Follow linting advice to refer to gcc directly for x86_64
* added timestamp feature for image-building process
* Update toolkit/docs/how_it_works/1_initial_prep.md
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Update toolkit/tools/pkggen/worker/create_worker_chroot.sh
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Removed test with direct filepath to home directory
* Removed unused imports in timestamp testing file
* Update toolkit/tools/roast/roast.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Pluralize timestamp flag description message
* add timestamp in create_worker_chroot; fix format in roast.go; removed unnecessary tests
* fix boilerplate template; relocate 'bldtracker' in go_tool_list to be alphabetical
* fixed formatting
* changed alphabetical order of go tools
* removed timestamp.TrackToFile (not used)
* Update toolkit/tools/bldtracker/bldtracker.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Update toolkit/tools/bldtracker/bldtracker.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Update toolkit/tools/pkggen/worker/create_worker_chroot.sh
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Update toolkit/tools/pkggen/worker/create_worker_chroot.sh
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* fixed formatting & naming; changed log file output for bldtracker
* fixed minor mistakes
* replace raw strings with well-named constants
* csvparser now dynamically gets the list of CSV files to parse
* Address feedback
- Fix magic numbers in csvparser.go.
- Delete timestamp_test.go for this PR.
- Change initialize mode in bldtracker.go to "i".
* Fix formatting
* Fix formatting again
* Rename csvparser to timestampcsvparser
timestampcsvparser is a more accurate name than csvparser because it
indicates that the parser is not generic to all CSVs.
* Address syntax errors
- moved "$(go-bldtracker)" into "$(worker_chroot_deps)" in tools.mk
- wrapped “$timestamp_dir” with ""s when
calling bldtracker.go in create_worker_chroot.sh
- added missing space after "record" in the description for the "mode"
variable in bldtracker.go
* Fix calls to bldtracker tool
- add bldtracker back as an input for create_worker_chroot
- create the variable "script_name" to avoid duplicated operations
* Fix boilerplate
- Remove unnecessary CSV file generated as an output from
calling boilerplate.go
- Removed unnecessary comments
* Refined bldtracker variables
- made the modes constants
- changed the scope of "completePath" from global to local (in main())
* Use join for filepath concatenation.
* Move init filepath to above the err conditional.
* dashboard
* path finding adapted to user directories
* Added error handling; now checks every file in a list
* Change output from number of bytes to number of lines
* Rename dashboard function
* combined two slices into a map
* Done with the MVP
* changed output location to build/timestamp
* added progress bar visualization
* update bar
* progress bar in chronological order
* added timestamp at the beginning of any bash script; fixed progress bar to display the correct %
* a
* multiple progress bar
* added goroutine calls
* Recalculated the image build start time and duration using the init file modTime
* Modify timestamp descriptions and add dashboard labels
* Optimize dashboard label
* Remove comment
* fix formatting issues
* Change padleft and modify step names
* Modify step name in imager
* fixed dashboard length for smaller screens
* initialized new branch
* explained tests; moved /demo into /internal
* moved demo folder back to tools
* demo now adds timestamps in intervals
* done with generating json for demo
* fixed json name
* create wrapper around uiprogress to enable removing bars
* Nested progress bar on updating JSON file
* delayed progress bar removal
* new files
* fixed target dir and code structure
* fixed naming format
* cleaned up code
* Fixup after rebase
* wip
* wip 2
* wip 3
* bit of cleanup
* why is this a separate set of changes?
* WIP
* remove binary output file
* update manifests to stable
* use up to date toolchain versions
* wip
* fix build
* migrate from timestamp_v2 and fix logic
* resolve deadlock
* add comments
* formatting
* revert timestamp change
* remove unused scripts
* sync with main
* sync with main
* remove weighted stuff
* make sure CompleteTiming can only be run once
* Fix null ptr and add some test cases
* add test cases
* Add timestamp code to existing tooling (#5465)
* Revert "revert timestamp change"
This reverts commit 6f07ef16a3.
* Revert "revert timestamp change"
This reverts commit 6f07ef16a3.
* stop collecting timestamp on sigterm
* Address comments
* remove toolchain_download_timestamp.sh
* more test coverage
---------
Co-authored-by: (Apple) Xuanchen Li <apple20010209@163.com>
Co-authored-by: Applelxc <59279209+Applelxc@users.noreply.github.com>
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
Co-authored-by: james-zhou1 <james.zhou@berkeley.edu>
Co-authored-by: James Zhou <91182187+james-zhou1@users.noreply.github.com>
Co-authored-by: Daniel McIlvaney <damcilva@microsoft.com>
Co-authored-by: james-zhou1 <james@james-Virtual-Machine>
Co-authored-by: Michelle <t-michelin@microsoft.com>
This change is backwards-compatible with the old loader.
Introduces mariner-mshv.cfg which symlinks to the kernel used for the
dom0 host.
Signed-off-by: Cameron Baird <cameronbaird@microsoft.com>
* Update runliveinstaller to exit mount retry early
There is a race condition where we check if the cdrom mount is created, if not we go to mount it with `retry`. But the mount might be established during that period, and `mount` returns an error code if its target is already mounted so the retry will never exit early. Switch to using `eval` so we can pass a more complex bash command: `{ <check> || mount... ; }`.
* codeowners: Add maintainers for openssl engines
Symcrypt and KeysInUse are OpenSSL engines, so changes to these should
be reviewed by our openssl maintainers groups.
Signed-off-by: Chris Co <chrco@microsoft.com>
* codeowners: Add missing wildcard
Signed-off-by: Chris Co <chrco@microsoft.com>
---------
Signed-off-by: Chris Co <chrco@microsoft.com>
* Update CVE-2022-37601.patch to fix multiple occurances
loader-utils module is used by multiple other modules which reaper is
depending upon. Instead of reusing already downloaded code, npm
redownloades the same module at different subtree level of node_modules.
So the same CVE has to be fixed in other two places as well.
* Addressed review comments
* Upgrade lua to 5.4.4 to fix CVE-2021-44964
* Update signature file manually
* Update toolchain build scripts for lua
* Remove patches that were already merged to lua-5.4.4
* Fix typo in changelog
* updating to v1.11.2
* Fixing bogus date warning
* Removing patch for CVE-2023-25165 as it is patched in the upgrade
* Removing patch for CVE-2023-25165 as it is patched in the upgrade
* Updating prep section to work withouth patch
* Fixing linting error
* Add ldap support to sudo
ALlow ldap to be used to configure sudo
* Updated 1.8.15-4 of commit in change log
rpmlint was failing as date and day did not match up, correcting
day to pass rpmlint
* Address PR commnts
- Removing ldap path and defauting to default config path
- Changing openldap to openldap-devel
CBL-Mariner-Bot