From c0365df3ca95b99a0d28d7bc553847993acbc7e9 Mon Sep 17 00:00:00 2001
From: RageLtMan <rageltman [at] sempervictus>
Date: Thu, 20 Jun 2024 20:14:50 -0400
Subject: T6231: Mellanox OFED Kernel and Userspace Packages

Build OFED drivers and userspace components against the kernel
source tree similar to Intel's NIC drivers.

OFED installers create Debian packages of their own tageting the
kernel version defined in the build invocation if DKMS is omitted.
Script builds with supporting components for VPP to permit handoff
of function to the underlying hardware as appropriate. Updating the
version is fairly trivial along with adding patching as needed to
handle kCFI and hardening measures as they are introduced.

Testing:
  Tested against GCC-built Linux Hardened kernel with the various
additions from PR 132 - sustained line-rate testing against 4x100g
links on a single machine at a hair below 200g for each LACP pair.
---
 packages/linux-kernel/Jenkinsfile            |  3 +
 packages/linux-kernel/build-mellanox-ofed.sh | 87 ++++++++++++++++++++++++++++
 2 files changed, 90 insertions(+)
 create mode 100755 packages/linux-kernel/build-mellanox-ofed.sh

(limited to 'packages')

diff --git a/packages/linux-kernel/Jenkinsfile b/packages/linux-kernel/Jenkinsfile
index 9d88663a..ba4a5a1c 100644
--- a/packages/linux-kernel/Jenkinsfile
+++ b/packages/linux-kernel/Jenkinsfile
@@ -62,6 +62,9 @@ def pkgList = [
     // Intel IXGBEVF
     ['name': 'ixgbevf', 'buildCmd': 'cd ..; ./build-intel-ixgbevf.sh'],
 
+    // Mellanox OFED
+    ['name': 'ofed', 'buildCmd': 'cd ..; ./build-mellanox-ofed.sh'],
+
     // Jool
     ['name': 'jool', 'buildCmd': 'cd ..; ./build-jool.py'],
 
diff --git a/packages/linux-kernel/build-mellanox-ofed.sh b/packages/linux-kernel/build-mellanox-ofed.sh
new file mode 100755
index 00000000..0ddf084e
--- /dev/null
+++ b/packages/linux-kernel/build-mellanox-ofed.sh
@@ -0,0 +1,87 @@
+#!/bin/sh
+DROP_DEV_DBG_DEBS=1
+DEB_DISTRO='debian12.1'
+CWD=$(pwd)
+KERNEL_VAR_FILE=${CWD}/kernel-vars
+
+if ! dpkg-architecture -iamd64; then
+    echo "Mellanox OFED is only buildable on amd64 platforms"
+    exit 0
+fi
+
+if [ ! -f ${KERNEL_VAR_FILE} ]; then
+    echo "Kernel variable file '${KERNEL_VAR_FILE}' does not exist, run ./build_kernel.sh first"
+    exit 1
+fi
+
+. ${KERNEL_VAR_FILE}
+
+url="https://www.mellanox.com/downloads/ofed/MLNX_OFED-24.04-0.6.6.0/MLNX_OFED_SRC-debian-24.04-0.6.6.0.tgz"
+
+cd ${CWD}
+
+DRIVER_FILE=$(basename ${url} | sed -e s/tar_0/tar/)
+DRIVER_DIR="${DRIVER_FILE%.tgz}"
+DRIVER_NAME="ofed"
+DRIVER_PRFX="MLNX_OFED"
+DRIVER_VERSION=$(echo ${DRIVER_DIR} | awk -F${DRIVER_PRFX} '{print $2}' | sed 's/^-//;s|_SRC-debian-||')
+DRIVER_VERSION_EXTRA=""
+
+# Build up Debian related variables required for packaging
+DEBIAN_ARCH=$(dpkg --print-architecture)
+DEBIAN_DIR="${CWD}/vyos-mellanox-${DRIVER_NAME}_${DRIVER_VERSION}_${DEBIAN_ARCH}"
+DEBIAN_CONTROL="${DEBIAN_DIR}/DEBIAN/control"
+DEBIAN_POSTINST="${CWD}/vyos-mellanox-ofed.postinst"
+
+# Fetch OFED driver source from Nvidia
+if [ -e ${DRIVER_FILE} ]; then
+    rm -f ${DRIVER_FILE}
+fi
+curl -L -o ${DRIVER_FILE} ${url}
+if [ "$?" -ne "0" ]; then
+    exit 1
+fi
+
+# Unpack archive
+if [ -d ${DRIVER_DIR} ]; then
+    rm -rf ${DRIVER_DIR}
+fi
+mkdir -p ${DRIVER_DIR}
+tar -C ${DRIVER_DIR} --strip-components=1 -xf ${DRIVER_FILE}
+
+# Build/install debs
+cd ${DRIVER_DIR}
+if [ -z $KERNEL_DIR ]; then
+    echo "KERNEL_DIR not defined"
+    exit 1
+fi
+
+sudo ./install.pl \
+  --basic --dpdk \
+  --without-dkms \
+  --without-mlnx-nvme-modules \
+  --with-vma --vma-vpi --vma-eth \
+  --guest --hypervisor \
+  --builddir $DEBIAN_DIR/mlx \
+  --distro $DEB_DISTRO \
+  -s $KERNEL_DIR \
+  -k $KERNEL_VERSION
+
+if [ $DROP_DEV_DBG_DEBS -eq 1 ]; then
+  echo "I: Removing development and debug packages"
+  sudo rm $(find $CWD/$DRIVER_DIR/DEBS/$DEB_DISTRO -type f | grep -E '\-dev|\-dbg')
+fi
+
+cp $(find $CWD/$DRIVER_DIR/DEBS/$DEB_DISTRO -type f | grep '\.deb$') "$CWD/"
+
+echo "I: Cleanup ${DRIVER_NAME} source"
+cd ${CWD}
+if [ -e ${DRIVER_FILE} ]; then
+    rm -f ${DRIVER_FILE}
+fi
+if [ -d ${DRIVER_DIR} ]; then
+    sudo rm -rf ${DRIVER_DIR}
+fi
+if [ -d ${DEBIAN_DIR} ]; then
+    sudo rm -rf ${DEBIAN_DIR}
+fi
-- 
cgit v1.2.3


From 9cbc700aee4f05aab5f2c2d223c3af173ebeb4db Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Thu, 25 Jul 2024 15:30:57 +0200
Subject: Kernel: T6231: update .gitignore for mellanox drivers

---
 packages/linux-kernel/.gitignore | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'packages')

diff --git a/packages/linux-kernel/.gitignore b/packages/linux-kernel/.gitignore
index 97e392e3..a3e9257c 100644
--- a/packages/linux-kernel/.gitignore
+++ b/packages/linux-kernel/.gitignore
@@ -23,3 +23,5 @@ vyos-intel-*/
 vyos-linux-firmware*/
 kernel-vars
 r8152-*.tar.bz2
+/MLNX_OFED_SRC*
+/vyos-mellanox-ofed*
-- 
cgit v1.2.3


From 0ce12e4c1a9d3aeffb4d59f262667d1f9e4d3de7 Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Thu, 25 Jul 2024 15:31:26 +0200
Subject: Kernel: T6231: verify mellanox driver source by SHA1 hash

---
 packages/linux-kernel/build-mellanox-ofed.sh | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'packages')

diff --git a/packages/linux-kernel/build-mellanox-ofed.sh b/packages/linux-kernel/build-mellanox-ofed.sh
index 0ddf084e..7418af61 100755
--- a/packages/linux-kernel/build-mellanox-ofed.sh
+++ b/packages/linux-kernel/build-mellanox-ofed.sh
@@ -21,6 +21,8 @@ url="https://www.mellanox.com/downloads/ofed/MLNX_OFED-24.04-0.6.6.0/MLNX_OFED_S
 cd ${CWD}
 
 DRIVER_FILE=$(basename ${url} | sed -e s/tar_0/tar/)
+DRIVER_SHA1="003c1c022f9f6558d45750eacc0a64d06cf9cd42"
+
 DRIVER_DIR="${DRIVER_FILE%.tgz}"
 DRIVER_NAME="ofed"
 DRIVER_PRFX="MLNX_OFED"
@@ -42,6 +44,13 @@ if [ "$?" -ne "0" ]; then
     exit 1
 fi
 
+# Verify integrity
+echo "${DRIVER_SHA1} ${DRIVER_FILE}" | sha1sum -c -
+if [[ $? != 0 ]]; then
+    echo SHA1 checksum missmatch
+    exit 1
+fi
+
 # Unpack archive
 if [ -d ${DRIVER_DIR} ]; then
     rm -rf ${DRIVER_DIR}
-- 
cgit v1.2.3


From 404fec71d1c0a262f831689a7bc79df518e15981 Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Thu, 25 Jul 2024 15:32:04 +0200
Subject: mellanox: T6231: add missing KERNEL_SUFFIX for module installation
 path

All VyOS kernel modules must live in the appropriate module directory,
example: /lib/modules/6.6.41-amd64-vyos/

In addition we do not abbreviate script options to make reading easier,
without call --help all the time.
---
 packages/linux-kernel/build-mellanox-ofed.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'packages')

diff --git a/packages/linux-kernel/build-mellanox-ofed.sh b/packages/linux-kernel/build-mellanox-ofed.sh
index 7418af61..d0b4dbfc 100755
--- a/packages/linux-kernel/build-mellanox-ofed.sh
+++ b/packages/linux-kernel/build-mellanox-ofed.sh
@@ -71,10 +71,10 @@ sudo ./install.pl \
   --without-mlnx-nvme-modules \
   --with-vma --vma-vpi --vma-eth \
   --guest --hypervisor \
-  --builddir $DEBIAN_DIR/mlx \
-  --distro $DEB_DISTRO \
-  -s $KERNEL_DIR \
-  -k $KERNEL_VERSION
+  --builddir ${DEBIAN_DIR}/mlx \
+  --distro ${DEB_DISTRO} \
+  --kernel-sources ${KERNEL_DIR} \
+  --kernel ${KERNEL_VERSION}${KERNEL_SUFFIX}
 
 if [ $DROP_DEV_DBG_DEBS -eq 1 ]; then
   echo "I: Removing development and debug packages"
-- 
cgit v1.2.3


From f33a22bcf36d52a1150ce048a9b60db774416c49 Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Thu, 25 Jul 2024 15:34:06 +0200
Subject: mellanox: T6231: we do not need to build all packages, delete all
 unused ones

---
 packages/linux-kernel/build-mellanox-ofed.sh | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

(limited to 'packages')

diff --git a/packages/linux-kernel/build-mellanox-ofed.sh b/packages/linux-kernel/build-mellanox-ofed.sh
index d0b4dbfc..0dffcfdb 100755
--- a/packages/linux-kernel/build-mellanox-ofed.sh
+++ b/packages/linux-kernel/build-mellanox-ofed.sh
@@ -65,6 +65,33 @@ if [ -z $KERNEL_DIR ]; then
     exit 1
 fi
 
+rm -f SOURCES/ibarr_0.1.3.orig.tar.gz
+rm -f SOURCES/ibdump_6.0.0.orig.tar.gz
+rm -f SOURCES/ibsim_0.12.orig.tar.gz
+rm -f SOURCES/iser_24.04.OFED.24.04.0.6.6.1.orig.tar.gz
+rm -f SOURCES/isert_24.04.OFED.24.04.0.6.6.1.orig.tar.gz
+rm -f SOURCES/kernel-mft_4.28.0.92.orig.tar.gz
+rm -f SOURCES/knem_1.1.4.90mlnx3.orig.tar.gz
+rm -f SOURCES/libvma_9.8.60.orig.tar.gz
+rm -f SOURCES/libxlio_3.30.5.orig.tar.gz
+rm -f SOURCES/mlnx-ethtool_6.7.orig.tar.gz
+rm -f SOURCES/mlnx-iproute2_6.7.0.orig.tar.gz
+rm -f SOURCES/mlnx-nfsrdma_24.04.OFED.24.04.0.6.6.1.orig.tar.gz
+rm -f SOURCES/mlnx-nvme_24.04.OFED.24.04.0.6.6.1.orig.tar.gz
+rm -f SOURCES/mlx-steering-dump_1.0.0.orig.tar.gz
+rm -f SOURCES/mpitests_3.2.23.orig.tar.gz
+rm -f SOURCES/mstflint_4.16.1.orig.tar.gz
+rm -f SOURCES/ofed-scripts_24.04.OFED.24.04.0.6.6.orig.tar.gz
+rm -f SOURCES/openmpi_4.1.7a1.orig.tar.gz
+rm -f SOURCES/openvswitch_2.17.8.orig.tar.gz
+rm -f SOURCES/perftest_24.04.0.orig.tar.gz
+rm -f SOURCES/rdma-core_2404mlnx51.orig.tar.gz
+rm -f SOURCES/rshim_2.0.28.orig.tar.gz
+rm -f SOURCES/sockperf_3.10.orig.tar.gz
+rm -f SOURCES/srp_24.04.OFED.24.04.0.6.6.1.orig.tar.gz
+rm -f SOURCES/ucx_1.17.0.orig.tar.gz
+
+
 sudo ./install.pl \
   --basic --dpdk \
   --without-dkms \
-- 
cgit v1.2.3