nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-03 12:23:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
ccf0c5bd42
nixpkgs/pkgs/os-specific/linux/kernel/update.sh
Maximilian Bosch ccf0c5bd42
linux: make main update script slightly more robust 
On #249636 I had to manually run the updaters for hardened & libre kernels.
The cause was that `update-rt.sh` suddenly broke. Because I didn't want to
inhibit other kernel updates because of a rather niche variant, I decided to
move forward temporarily and take care of it later.

One issue was that the script failed silently, i.e. I only saw that the
script terminated early from my prompt. This is fixed now by making each
niche kernel updater print its exit code code if it failed. Also, errors
are allowed, i.e. a broken `update-rt.sh` doesn't block
`hardened/update.py` etc..

The issue itself is rather simple. When I updated the kernels in #249636,
the sha256sums.asc for rt kernels[1] looked like this:

    199bbb0cdb97ead22732473b95c8b2e8da62dfd71bde2339163119fb537a2b7c  patch-6.1.38-rt13-rc1.patch.gz
    a1af54f6987e96de06cad0a3226c5b5a992b60df084a904b6b94ea247fb46027  patch-6.1.38-rt13-rc1.patch.xz
    7bb68561787e46e3c433d9b514373ce368d587ac459b91df41934e70280d008f  patches-6.1.38-rt13-rc1.tar.gz
    ee65336dd6ae0be398796e7b75291918811a23e10121dc09bd84b244b12402fa  patches-6.1.38-rt13-rc1.tar.xz

However, the script itself skips any RC versions of the realtime
patches, so no releases were usable and the script failed. It's probably
possible to use the overview over all releases instead[2], however
that'd complicate the script notably. Anyways, since RT kernels don't
bump to each patch-level release, I don't think it hurts too much if
such an update is slightly more delayed. However if we want to fix this, I'd prefer
this to be fixed by folks who care more about rt kernels than I do.

[1] https://kernel.org/pub/linux/kernel/projects/rt/6.1/sha256sums.asc
[2] https://mirrors.edge.kernel.org/pub/linux/kernel/projects/rt/6.1/older/sha256sums.asc
2023-08-19 14:03:08 +02:00

73 lines
2.4 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -e
# Get the latest versions from kernel.org
LINUXSED='s/.*linux-\([0-9]\+\(.[0-9]\+\)*\).*/\1/p'
KDATA="$(curl -s https://www.kernel.org | sed -n -e '/Download complete/p')"
VERSIONS=($(sed -n -e $LINUXSED <<< "$KDATA" | sort -Vr))
# Remove mainline version if there is a stable update
# Note due to sorting these two will always exist at the bottom
if grep -q "^${VERSIONS[1]}" <<< "${VERSIONS[0]}"; then
VERSIONS=(${VERSIONS[@]:0:1} ${VERSIONS[@]:2})
fi
# Inspect each file and see if it has the latest version
NIXPKGS="$(git rev-parse --show-toplevel)"
ls $NIXPKGS/pkgs/os-specific/linux/kernel | while read FILE; do
KERNEL="$(sed -n -e $LINUXSED <<< "$FILE")"
[ -z "$KERNEL" ] && continue
# Find the matching new kernel version
MATCHING=""
for V in "${VERSIONS[@]}"; do
if grep -q "^$KERNEL" <<< "$V"; then
MATCHING="$V"
break
fi
done
if [ -z "$MATCHING" ]; then
echo "Out-of-support $KERNEL"
continue
fi
# Inspect the nix expression to check for changes
DATA="$(<$NIXPKGS/pkgs/os-specific/linux/kernel/$FILE)"
URL="$(sed -n -e 's/.*url = "\(.*\)";.*/\1/p' <<< "$DATA" | sed -e "s/\${version}/$MATCHING/g")"
OLDVER=$(sed -n -e 's/.*version = "\(.*\)".*/\1/p' <<< "$DATA")
if [ "$OLDVER" = "$V" ]; then
echo "No updates for $KERNEL"
continue
fi
# Download the new file for the hash
if ! HASH="$(nix-prefetch-url $URL 2>/dev/null)"; then
echo "Failed to get hash of $URL"
continue
fi
sed -i -e "s/sha256 = \".*\"/sha256 = \"$HASH\"/g" $NIXPKGS/pkgs/os-specific/linux/kernel/$FILE
# Rewrite the expression
sed -i -e '/version = /d' $NIXPKGS/pkgs/os-specific/linux/kernel/$FILE
sed -i -e "\#buildLinux (args // rec {#a \ version = \"$V\";" $NIXPKGS/pkgs/os-specific/linux/kernel/$FILE
# Commit the changes
git add -u $NIXPKGS/pkgs/os-specific/linux/kernel/$FILE
git commit -m "linux: $OLDVER -> $V" >/dev/null 2>&1
echo "Updated $OLDVER -> $V"
done
# Allowing errors again: one broken update script shouldn't inhibit the
# update of other kernel variants.
set +e
echo Update linux-rt
COMMIT=1 $NIXPKGS/pkgs/os-specific/linux/kernel/update-rt.sh || echo "update-rt failed with exit code $?"
echo Update linux-libre
COMMIT=1 $NIXPKGS/pkgs/os-specific/linux/kernel/update-libre.sh || echo "update-libre failed with exit code $?"
echo Update linux-hardened
COMMIT=1 $NIXPKGS/pkgs/os-specific/linux/kernel/hardened/update.py || echo "update-hardened failed with exit code $?"
Reference in New Issue View Git Blame Copy Permalink