[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 4/5] CI: Add a Debian 13 (Trixie) arm64 container

  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: "Orzel, Michal" <michal.orzel@xxxxxxx>
  • Date: Wed, 13 May 2026 08:32:02 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=citrix.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4nnedsHeDiEFp1HsXvQiXNMLNfyxh1rOKP1OQLerBsQ=; b=BrLH6toO2dCwl8wcMvarSKLHGzWzfpgwPnFy3MJWYZThKMiMkhPIG3uFprRxtsYirgU7hIoH8Q7A8bWGbaj3+tK4vjkTvq74E+V+uPkDp85UNriDx7E/iVkn0qBrh/cUSSMfz21pQQhGcJHu9USimSpnfmi0wNg0dzoJ1i2KQI12Oyd/aHMzADJEugwoKzcqnLO67iCzuy5wWoFZADQ0Xkxnn0v+Uyak9/aCM5/SM5uQzxvGF6POgCx+Wh6sVglD59QaCbAf1D3NDilL7DrqUbSCy0mmmsEaVojUsQxA7Rbior1qIHPqatzn4SHVIQ4iYakr75pnSG2OMNmYpLNrAA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=vT1+dYOuO4FtmIZ3bnoicz69/al2XIubd+Z20q5Omynl+xUTjaPbpROmQs20D/jHsRCzydRg9AX2rtuM2/IWEfYqSI9+iUnXj02kxwRf6QXQjqBz69snzDU/KZWqsPEnXe/tLYY5JLz+wVVZstXt1vcbYMVCTJVhpfWWUcpeLr1y82RbxEEH6cU+kgqmwel8PiBJNcc/yRJIxZ8ONhcfh6k/yAFnnecnzcE0Cups9CvGNw4Ho9A/Qm1+4j6kvPC5i/RL09NVehnwqlSPCAXTmZWOiNziWcqjstU5YZqntlOesHeQLX6r51er0sTeVg8Mqc60L3odD85LXKRCSSyBzQ==
  • Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=amd.com header.i="@amd.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"
  • Cc: Anthony PERARD <anthony.perard@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>
  • Delivery-date: Wed, 13 May 2026 06:32:31 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 11-May-26 11:21, Andrew Cooper wrote:
> On 11/05/2026 7:29 am, Orzel, Michal wrote:
>>
>> On 08-May-26 23:29, Andrew Cooper wrote:
>>> Exactly as per the Bookworm container, but additionally with the ipxe-qemu 
>>> and
>>> qemu-system-aarch64 packages.  These will be used to remove the export jobs.
>>>
>>> Switch qemu-arm{32,64} jobs to use this container.
>>>
>>> No functional change.
>>>
>>> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>>> ---
>>> CC: Anthony PERARD <anthony.perard@xxxxxxxxxx>
>>> CC: Stefano Stabellini <sstabellini@xxxxxxxxxx>
>>> CC: Michal Orzel <michal.orzel@xxxxxxx>
>>> CC: Doug Goldstein <cardoe@xxxxxxxxxx>
>>>
>>> We should probably wire up some build tests too, but it's too late on a 
>>> Friday
>>> for me to be thinking about that for this posting.
>>> ---
>>>  automation/build/debian/13-arm64v8.dockerfile | 71 +++++++++++++++++++
>>>  automation/gitlab-ci/test.yaml                |  4 +-
>>>  automation/scripts/containerize               |  1 +
>>>  3 files changed, 74 insertions(+), 2 deletions(-)
>>>  create mode 100644 automation/build/debian/13-arm64v8.dockerfile
>>>
>>> diff --git a/automation/build/debian/13-arm64v8.dockerfile 
>>> b/automation/build/debian/13-arm64v8.dockerfile
>>> new file mode 100644
>>> index 000000000000..b9062ee8b443
>>> --- /dev/null
>>> +++ b/automation/build/debian/13-arm64v8.dockerfile
>>> @@ -0,0 +1,71 @@
>>> +# syntax=docker/dockerfile:1
>>> +FROM --platform=linux/arm64/v8 debian:trixie-slim
>>> +LABEL maintainer.name="The Xen Project"
>>> +LABEL maintainer.email="xen-devel@xxxxxxxxxxxxxxxxxxxx"
>>> +
>>> +ENV DEBIAN_FRONTEND=noninteractive
>>> +
>>> +RUN <<EOF
>>> +#!/bin/bash
>>> +    set -eu
>>> +
>>> +    useradd --create-home user
>>> +
>>> +    apt-get update
>>> +
>>> +    DEPS=(
>>> +        # Xen
>>> +        bison
>>> +        build-essential
>>> +        checkpolicy
>>> +        flex
>>> +
>>> +        # Tools (general)
>>> +        ca-certificates
>>> +        cpio
>>> +        git-core
>>> +        pkg-config
>>> +        wget
>>> +        # libxenguest dombuilder
>>> +        libbz2-dev
>>> +        liblzma-dev
>>> +        liblzo2-dev
>>> +        libzstd-dev
>>> +        zlib1g-dev
>>> +        # libacpi
>>> +        acpica-tools
>>> +        # libxl
>>> +        libfdt-dev
>>> +        libjson-c-dev
>>> +        uuid-dev
>>> +        # xentop
>>> +        libncurses5-dev
>>> +        # Python bindings
>>> +        python3-dev
>>> +        python3-setuptools
>>> +        # Golang bindings
>>> +        golang-go
>>> +        # Ocaml bindings/oxenstored
>>> +        ocaml-nox
>>> +        ocaml-findlib
>> Since this is a container used only for tests, why listing packages required 
>> for
>> Xen and tools build?
> 
> I did leave a note about that.
> 
>>
>>> +
>>> +        # for test phase, qemu-* jobs
>>> +        busybox-static
>>> +        curl
>>> +        device-tree-compiler
>>> +        expect
>>> +        file
>>> +        ipxe-qemu
>>> +        ovmf
>>> +        qemu-system-aarch64
>>> +        u-boot-qemu
>>> +        u-boot-tools
>> So after this change, even though you replace debian-12 with debian-13 for 
>> all
>> the tests, the debian-12 still contains the unneeded packages (i.e. for a 
>> test
>> phase that it no longer runs).
> 
> Yes.  I can't do this series bisectably without it.  Also, in the past
Ok, I understand the bisectibility problem.
> people have explicitly requested to be able to run the qemu smoke
> testing from the build container, which is why it's like this and not split.
Unless it's a rule that every container follows and is documented somewhere I
don't like this argument. My plan then is to do the clean up of Arm containers
in the future to remove packages not used. It creates more confusion for people
willing to create their own dockerfiles for testing (or just to see what it
takes to build e.g. Xen on Arm) than it gives benefits.
> 
> Honestly, I was hoping to leave the Trixie update to the ARM
> maintainers, but despite the Bookworm QEMU (7.2) being newer than the
> 6.0 in the export jobs, it contains the SYSREG interception bugs which
> prevents hiding ThumbEE from guests, and breaks all the arm32 testing
> with a Linux dom0.
Does it make sense to have both Debian 12 and Debian 13 build/test? Can't we
have just the latest one?

All of the remarks above are not something that should prevent this patch from
going in, so:
Reviewed-by: Michal Orzel <michal.orzel@xxxxxxx>

~Michal

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.