diff --git a/.github/workflows/lib-e2e.yaml b/.github/workflows/lib-e2e.yaml index bbc84f315..743bd1899 100644 --- a/.github/workflows/lib-e2e.yaml +++ b/.github/workflows/lib-e2e.yaml @@ -12,20 +12,18 @@ jobs: matrix: include: - name: e2e-dsa-gnr - targetjob: e2e-dsa + targetjob: e2e-dsa SKIP="(App:(dpdk-test|accel-config))" runner: simics-gnr images: - intel-dsa-plugin - intel-idxd-config-initcontainer - - accel-config-demo - intel-deviceplugin-operator - name: e2e-iaa-gnr - targetjob: e2e-iaa + targetjob: e2e-iaa SKIP="(App:accel-config)" runner: simics-gnr images: - intel-iaa-plugin - intel-idxd-config-initcontainer - - accel-config-demo - intel-deviceplugin-operator - name: e2e-qat-gnrd targetjob: e2e-qat FOCUS="Mode:dpdk" SKIP="(App:(crypto-perf|compress-perf|qat-engine)|Functionality)" @@ -34,13 +32,6 @@ jobs: - intel-qat-plugin - intel-qat-initcontainer - openssl-qat-engine - - name: e2e-fpga - runner: fpga - images: - - intel-fpga-plugin - - intel-fpga-initcontainer - - intel-fpga-admissionwebhook - - opae-nlb-demo - name: e2e-spr targetjob: e2e-spr SKIP="App:compress-perf" runner: spr diff --git a/.trivyignore b/.trivyignore index 84a705526..62b573045 100644 --- a/.trivyignore +++ b/.trivyignore @@ -29,3 +29,7 @@ AVD-KSV-0014 # Trivy invalidly detects securityContext issues from yaml # files that are patch files AVD-KSV-0118 + +# Ignore GitRepo volume vulnerability as we don't use it and it might not +# receive a fix due to being a deprecated feature. +CVE-2025-1767 diff --git a/build/docker/intel-deviceplugin-operator.Dockerfile b/build/docker/intel-deviceplugin-operator.Dockerfile index f606d3dea..c7368dbca 100644 --- a/build/docker/intel-deviceplugin-operator.Dockerfile +++ b/build/docker/intel-deviceplugin-operator.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_deviceplugin_operator"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-deviceplugin-operator' LABEL summary='Intel® device plugin operator for Kubernetes' diff --git a/build/docker/intel-dlb-initcontainer.Dockerfile b/build/docker/intel-dlb-initcontainer.Dockerfile index a24cb0044..715d772c0 100644 --- a/build/docker/intel-dlb-initcontainer.Dockerfile +++ b/build/docker/intel-dlb-initcontainer.Dockerfile @@ -40,8 +40,8 @@ ARG DIR=/intel-device-plugins-for-kubernetes WORKDIR $DIR COPY . . RUN install -D ${DIR}/LICENSE /install_root/licenses/intel-device-plugins-for-kubernetes/LICENSE -ARG TOYBOX_VERSION="0.8.11" -ARG TOYBOX_SHA256="83a3a88cbe1fa30f099c2f58295baef4637aaf988085aaea56e03aa29168175d" +ARG TOYBOX_VERSION="0.8.12" +ARG TOYBOX_SHA256="3c529d93923dde67d048e7bcbd5d1bc0dd1ad09362269e2415f5f2eaab349b5b" ARG ROOT=/install_root RUN apt-get update && apt-get --no-install-recommends -y install musl musl-tools musl-dev SHELL ["/bin/bash", "-o", "pipefail", "-c"] @@ -58,6 +58,7 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION FROM ${FINAL_BASE} LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' COPY --from=builder /install_root / COPY demo/dlb-init.sh /usr/local/bin/ diff --git a/build/docker/intel-dlb-plugin.Dockerfile b/build/docker/intel-dlb-plugin.Dockerfile index 757c2240b..b13b70669 100644 --- a/build/docker/intel-dlb-plugin.Dockerfile +++ b/build/docker/intel-dlb-plugin.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_dlb_device_plugin"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-dlb-plugin' LABEL summary='Intel® DLB device plugin for Kubernetes' diff --git a/build/docker/intel-dsa-plugin.Dockerfile b/build/docker/intel-dsa-plugin.Dockerfile index 4213bb35f..0f08d11f0 100644 --- a/build/docker/intel-dsa-plugin.Dockerfile +++ b/build/docker/intel-dsa-plugin.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_dsa_device_plugin"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-dsa-plugin' LABEL summary='Intel® DSA device plugin for Kubernetes' diff --git a/build/docker/intel-fpga-admissionwebhook.Dockerfile b/build/docker/intel-fpga-admissionwebhook.Dockerfile index 76530fb41..89377f44d 100644 --- a/build/docker/intel-fpga-admissionwebhook.Dockerfile +++ b/build/docker/intel-fpga-admissionwebhook.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_fpga_admissionwebhook"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-fpga-admissionwebhook' LABEL summary='Intel® FPGA admission controller webhook for Kubernetes' diff --git a/build/docker/intel-fpga-initcontainer.Dockerfile b/build/docker/intel-fpga-initcontainer.Dockerfile index 7da437876..7b73e100e 100644 --- a/build/docker/intel-fpga-initcontainer.Dockerfile +++ b/build/docker/intel-fpga-initcontainer.Dockerfile @@ -66,8 +66,8 @@ RUN install -D ${DIR}/LICENSE /install_root/licenses/intel-device-plugins-for-ku --save_path /install_root/licenses/$CMD/go-licenses ; \ else mkdir -p /install_root/licenses/$CMD/go-licenses/ && cd licenses/$CMD && cp -r * /install_root/licenses/$CMD/go-licenses/ ; fi ### -ARG TOYBOX_VERSION="0.8.11" -ARG TOYBOX_SHA256="83a3a88cbe1fa30f099c2f58295baef4637aaf988085aaea56e03aa29168175d" +ARG TOYBOX_VERSION="0.8.12" +ARG TOYBOX_SHA256="3c529d93923dde67d048e7bcbd5d1bc0dd1ad09362269e2415f5f2eaab349b5b" ARG ROOT=/install_root RUN apt-get update && apt-get --no-install-recommends -y install musl musl-tools musl-dev SHELL ["/bin/bash", "-o", "pipefail", "-c"] @@ -84,6 +84,7 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION FROM ${FINAL_BASE} LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-fpga-initcontainer' LABEL summary='Intel® FPGA programming CDI hook for Kubernetes' diff --git a/build/docker/intel-fpga-plugin.Dockerfile b/build/docker/intel-fpga-plugin.Dockerfile index 8afa7a730..2e74670f7 100644 --- a/build/docker/intel-fpga-plugin.Dockerfile +++ b/build/docker/intel-fpga-plugin.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_fpga_device_plugin"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-fpga-plugin' LABEL summary='Intel® FPGA device plugin for Kubernetes' diff --git a/build/docker/intel-gpu-fakedev.Dockerfile b/build/docker/intel-gpu-fakedev.Dockerfile index 56a32201e..0df03b1a3 100644 --- a/build/docker/intel-gpu-fakedev.Dockerfile +++ b/build/docker/intel-gpu-fakedev.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_gpu_fakedev"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-gpu-fakedev' LABEL summary='Fake device file generator for Intel® GPU plugin' diff --git a/build/docker/intel-gpu-initcontainer.Dockerfile b/build/docker/intel-gpu-initcontainer.Dockerfile index 4347006a6..c7d6c8dc9 100644 --- a/build/docker/intel-gpu-initcontainer.Dockerfile +++ b/build/docker/intel-gpu-initcontainer.Dockerfile @@ -56,8 +56,8 @@ RUN install -D ${DIR}/LICENSE /install_root/licenses/intel-device-plugins-for-ku --save_path /install_root/licenses/$CMD/go-licenses ; \ else mkdir -p /install_root/licenses/$CMD/go-licenses/ && cd licenses/$CMD && cp -r * /install_root/licenses/$CMD/go-licenses/ ; fi ### -ARG TOYBOX_VERSION="0.8.11" -ARG TOYBOX_SHA256="83a3a88cbe1fa30f099c2f58295baef4637aaf988085aaea56e03aa29168175d" +ARG TOYBOX_VERSION="0.8.12" +ARG TOYBOX_SHA256="3c529d93923dde67d048e7bcbd5d1bc0dd1ad09362269e2415f5f2eaab349b5b" ARG ROOT=/install_root RUN apt-get update && apt-get --no-install-recommends -y install musl musl-tools musl-dev SHELL ["/bin/bash", "-o", "pipefail", "-c"] @@ -74,6 +74,7 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION FROM ${FINAL_BASE} LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-gpu-initcontainer' LABEL summary='Intel® GPU NFD hook for Kubernetes' diff --git a/build/docker/intel-gpu-levelzero.Dockerfile b/build/docker/intel-gpu-levelzero.Dockerfile index 49a050ee8..b38f52345 100644 --- a/build/docker/intel-gpu-levelzero.Dockerfile +++ b/build/docker/intel-gpu-levelzero.Dockerfile @@ -85,6 +85,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_gpu_levelzero"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-gpu-levelzero' LABEL summary='Intel® GPU levelzero for Kubernetes' diff --git a/build/docker/intel-gpu-plugin.Dockerfile b/build/docker/intel-gpu-plugin.Dockerfile index 5e7cb7305..69a022e5a 100644 --- a/build/docker/intel-gpu-plugin.Dockerfile +++ b/build/docker/intel-gpu-plugin.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_gpu_device_plugin"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-gpu-plugin' LABEL summary='Intel® GPU device plugin for Kubernetes' diff --git a/build/docker/intel-iaa-plugin.Dockerfile b/build/docker/intel-iaa-plugin.Dockerfile index c9c2c5f47..3302c5900 100644 --- a/build/docker/intel-iaa-plugin.Dockerfile +++ b/build/docker/intel-iaa-plugin.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_iaa_device_plugin"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-iaa-plugin' LABEL summary='Intel® IAA device plugin for Kubernetes' diff --git a/build/docker/intel-qat-initcontainer.Dockerfile b/build/docker/intel-qat-initcontainer.Dockerfile index 3ebb3e4fe..a5009a008 100644 --- a/build/docker/intel-qat-initcontainer.Dockerfile +++ b/build/docker/intel-qat-initcontainer.Dockerfile @@ -40,8 +40,8 @@ ARG DIR=/intel-device-plugins-for-kubernetes WORKDIR $DIR COPY . . RUN install -D ${DIR}/LICENSE /install_root/licenses/intel-device-plugins-for-kubernetes/LICENSE -ARG TOYBOX_VERSION="0.8.11" -ARG TOYBOX_SHA256="83a3a88cbe1fa30f099c2f58295baef4637aaf988085aaea56e03aa29168175d" +ARG TOYBOX_VERSION="0.8.12" +ARG TOYBOX_SHA256="3c529d93923dde67d048e7bcbd5d1bc0dd1ad09362269e2415f5f2eaab349b5b" ARG ROOT=/install_root RUN apt-get update && apt-get --no-install-recommends -y install musl musl-tools musl-dev SHELL ["/bin/bash", "-o", "pipefail", "-c"] @@ -58,6 +58,7 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION FROM ${FINAL_BASE} LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-qat-initcontainer' LABEL summary='Intel® QAT initcontainer for Kubernetes' diff --git a/build/docker/intel-qat-plugin-kerneldrv.Dockerfile b/build/docker/intel-qat-plugin-kerneldrv.Dockerfile index 0de13d08a..f7e529acf 100644 --- a/build/docker/intel-qat-plugin-kerneldrv.Dockerfile +++ b/build/docker/intel-qat-plugin-kerneldrv.Dockerfile @@ -61,6 +61,7 @@ RUN install -D ${DIR}/LICENSE /install_root/licenses/intel-device-plugins-for-ku FROM debian:unstable-slim LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-qat-plugin-kerneldrv' LABEL summary='Intel® QAT device plugin kerneldrv for Kubernetes' diff --git a/build/docker/intel-qat-plugin.Dockerfile b/build/docker/intel-qat-plugin.Dockerfile index 909853c00..6b95bdcb2 100644 --- a/build/docker/intel-qat-plugin.Dockerfile +++ b/build/docker/intel-qat-plugin.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_qat_device_plugin"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-qat-plugin' LABEL summary='Intel® QAT device plugin for Kubernetes' diff --git a/build/docker/intel-sgx-admissionwebhook.Dockerfile b/build/docker/intel-sgx-admissionwebhook.Dockerfile index 1675d81e9..b70e6743d 100644 --- a/build/docker/intel-sgx-admissionwebhook.Dockerfile +++ b/build/docker/intel-sgx-admissionwebhook.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_sgx_admissionwebhook"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-sgx-admissionwebhook' LABEL summary='Intel® SGX admission controller webhook for Kubernetes' diff --git a/build/docker/intel-sgx-initcontainer.Dockerfile b/build/docker/intel-sgx-initcontainer.Dockerfile index 7b03e09bf..fec5445cc 100644 --- a/build/docker/intel-sgx-initcontainer.Dockerfile +++ b/build/docker/intel-sgx-initcontainer.Dockerfile @@ -56,8 +56,8 @@ RUN install -D ${DIR}/LICENSE /install_root/licenses/intel-device-plugins-for-ku --save_path /install_root/licenses/$CMD/go-licenses ; \ else mkdir -p /install_root/licenses/$CMD/go-licenses/ && cd licenses/$CMD && cp -r * /install_root/licenses/$CMD/go-licenses/ ; fi ### -ARG TOYBOX_VERSION="0.8.11" -ARG TOYBOX_SHA256="83a3a88cbe1fa30f099c2f58295baef4637aaf988085aaea56e03aa29168175d" +ARG TOYBOX_VERSION="0.8.12" +ARG TOYBOX_SHA256="3c529d93923dde67d048e7bcbd5d1bc0dd1ad09362269e2415f5f2eaab349b5b" ARG ROOT=/install_root RUN apt-get update && apt-get --no-install-recommends -y install musl musl-tools musl-dev SHELL ["/bin/bash", "-o", "pipefail", "-c"] @@ -74,6 +74,7 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION FROM ${FINAL_BASE} LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-sgx-initcontainer' LABEL summary='Intel® SGX NFD hook for Kubernetes' diff --git a/build/docker/intel-sgx-plugin.Dockerfile b/build/docker/intel-sgx-plugin.Dockerfile index aba50a1eb..86ebcc6de 100644 --- a/build/docker/intel-sgx-plugin.Dockerfile +++ b/build/docker/intel-sgx-plugin.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_sgx_device_plugin"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-sgx-plugin' LABEL summary='Intel® SGX device plugin for Kubernetes' diff --git a/build/docker/intel-xpumanager-sidecar.Dockerfile b/build/docker/intel-xpumanager-sidecar.Dockerfile index 4b6526a4f..3bca21efc 100644 --- a/build/docker/intel-xpumanager-sidecar.Dockerfile +++ b/build/docker/intel-xpumanager-sidecar.Dockerfile @@ -60,6 +60,7 @@ COPY --from=builder /install_root / ENTRYPOINT ["/usr/local/bin/intel_xpumanager_sidecar"] LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' LABEL name='intel-xpumanager-sidecar' LABEL summary='Intel® xpumanager sidecar' diff --git a/build/docker/lib/default_labels.docker b/build/docker/lib/default_labels.docker index 08cde1d21..4d7f1315a 100644 --- a/build/docker/lib/default_labels.docker +++ b/build/docker/lib/default_labels.docker @@ -1,3 +1,4 @@ LABEL vendor='Intel®' LABEL version='0.32.0' +LABEL maintainer="Intel®" LABEL release='1' diff --git a/build/docker/lib/toybox_build.docker b/build/docker/lib/toybox_build.docker index 203a97721..b22325898 100644 --- a/build/docker/lib/toybox_build.docker +++ b/build/docker/lib/toybox_build.docker @@ -1,5 +1,5 @@ -ARG TOYBOX_VERSION="0.8.11" -ARG TOYBOX_SHA256="83a3a88cbe1fa30f099c2f58295baef4637aaf988085aaea56e03aa29168175d" +ARG TOYBOX_VERSION="0.8.12" +ARG TOYBOX_SHA256="3c529d93923dde67d048e7bcbd5d1bc0dd1ad09362269e2415f5f2eaab349b5b" ARG ROOT=/install_root diff --git a/build/docker/toybox-config-static b/build/docker/toybox-config-static index c0dd9434b..203cb5bac 100644 --- a/build/docker/toybox-config-static +++ b/build/docker/toybox-config-static @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit # ToyBox version: KCONFIG_VERSION -# Tue Apr 23 18:03:07 2024 +# Wed Mar 19 11:18:16 2025 # # CONFIG_TOYBOX_ON_ANDROID is not set CONFIG_TOYBOX_FORK=y @@ -105,6 +105,7 @@ CONFIG_TEST_GLUE=y # # CONFIG_ARP is not set # CONFIG_ARPING is not set +# CONFIG_AWK is not set # CONFIG_BC is not set # CONFIG_BOOTCHARTD is not set # CONFIG_BRCTL is not set @@ -138,22 +139,18 @@ CONFIG_TEST_GLUE=y # CONFIG_IPCRM is not set # CONFIG_IPCS is not set # CONFIG_KLOGD is not set -# CONFIG_KLOGD_SOURCE_RING_BUFFER is not set # CONFIG_LAST is not set # CONFIG_LSOF is not set # CONFIG_MAN is not set # CONFIG_MDEV is not set # CONFIG_MDEV_CONF is not set -# CONFIG_MKE2FS is not set -# CONFIG_MKE2FS_JOURNAL is not set -# CONFIG_MKE2FS_GEN is not set -# CONFIG_MKE2FS_LABEL is not set -# CONFIG_MKE2FS_EXTENDED is not set # CONFIG_MODPROBE is not set # CONFIG_MORE is not set # CONFIG_ROUTE is not set CONFIG_SH=y +# CONFIG_BREAK is not set # CONFIG_CD is not set +# CONFIG_CONTINUE is not set # CONFIG_DECLARE is not set # CONFIG_EXIT is not set # CONFIG_SET is not set @@ -163,6 +160,7 @@ CONFIG_SH=y # CONFIG_EXPORT is not set # CONFIG_JOBS is not set # CONFIG_LOCAL is not set +# CONFIG_RETURN is not set # CONFIG_SHIFT is not set # CONFIG_SOURCE is not set # CONFIG_WAIT is not set @@ -237,7 +235,7 @@ CONFIG_SH=y # CONFIG_LSATTR is not set # CONFIG_CHATTR is not set # CONFIG_LSMOD is not set -CONFIG_LSPCI=y +# CONFIG_LSPCI is not set # CONFIG_LSUSB is not set # CONFIG_MAKEDEVS is not set # CONFIG_MCOOKIE is not set diff --git a/build/docker/toybox-config-ubi9-micro b/build/docker/toybox-config-ubi9-micro index b734a9525..e37766b6f 100644 --- a/build/docker/toybox-config-ubi9-micro +++ b/build/docker/toybox-config-ubi9-micro @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit # ToyBox version: KCONFIG_VERSION -# Wed Sep 6 10:24:35 2023 +# Wed Mar 19 11:21:03 2025 # # CONFIG_TOYBOX_ON_ANDROID is not set CONFIG_TOYBOX_FORK=y @@ -35,6 +35,7 @@ CONFIG_TOYBOX_FORK=y # CONFIG_FALSE is not set # CONFIG_FILE is not set # CONFIG_FIND is not set +# CONFIG_FOLD is not set # CONFIG_GETCONF is not set CONFIG_GREP=y CONFIG_EGREP=y @@ -86,10 +87,10 @@ CONFIG_FGREP=y # CONFIG_TIME is not set # CONFIG_TOUCH is not set # CONFIG_TRUE is not set +# CONFIG_TSORT is not set # CONFIG_TTY is not set # CONFIG_ULIMIT is not set # CONFIG_ARCH is not set -# CONFIG_LINUX32 is not set # CONFIG_UNAME is not set # CONFIG_UNIQ is not set # CONFIG_UNLINK is not set @@ -104,12 +105,14 @@ CONFIG_FGREP=y # # CONFIG_ARP is not set # CONFIG_ARPING is not set +# CONFIG_AWK is not set # CONFIG_BC is not set # CONFIG_BOOTCHARTD is not set # CONFIG_BRCTL is not set # CONFIG_CHSH is not set # CONFIG_CROND is not set # CONFIG_CRONTAB is not set +# CONFIG_CSPLIT is not set # CONFIG_DHCP is not set # CONFIG_DHCP6 is not set # CONFIG_DHCPD is not set @@ -118,10 +121,8 @@ CONFIG_FGREP=y # CONFIG_DUMPLEASES is not set # CONFIG_EXPR is not set # CONFIG_FDISK is not set -# CONFIG_FOLD is not set # CONFIG_FSCK is not set # CONFIG_GETFATTR is not set -# CONFIG_GETOPT is not set # CONFIG_GETTY is not set # CONFIG_GITCOMPAT is not set # CONFIG_GITCLONE is not set @@ -138,22 +139,18 @@ CONFIG_FGREP=y # CONFIG_IPCRM is not set # CONFIG_IPCS is not set # CONFIG_KLOGD is not set -# CONFIG_KLOGD_SOURCE_RING_BUFFER is not set # CONFIG_LAST is not set # CONFIG_LSOF is not set # CONFIG_MAN is not set # CONFIG_MDEV is not set # CONFIG_MDEV_CONF is not set -# CONFIG_MKE2FS is not set -# CONFIG_MKE2FS_JOURNAL is not set -# CONFIG_MKE2FS_GEN is not set -# CONFIG_MKE2FS_LABEL is not set -# CONFIG_MKE2FS_EXTENDED is not set # CONFIG_MODPROBE is not set # CONFIG_MORE is not set # CONFIG_ROUTE is not set # CONFIG_SH is not set +# CONFIG_BREAK is not set # CONFIG_CD is not set +# CONFIG_CONTINUE is not set # CONFIG_DECLARE is not set # CONFIG_EXIT is not set # CONFIG_SET is not set @@ -163,6 +160,7 @@ CONFIG_FGREP=y # CONFIG_EXPORT is not set # CONFIG_JOBS is not set # CONFIG_LOCAL is not set +# CONFIG_RETURN is not set # CONFIG_SHIFT is not set # CONFIG_SOURCE is not set # CONFIG_WAIT is not set @@ -213,6 +211,7 @@ CONFIG_FGREP=y # CONFIG_FREERAMDISK is not set # CONFIG_FSFREEZE is not set # CONFIG_FSYNC is not set +# CONFIG_GETOPT is not set # CONFIG_GPIODETECT is not set # CONFIG_GPIOFIND is not set # CONFIG_GPIOINFO is not set @@ -230,15 +229,17 @@ CONFIG_FGREP=y # CONFIG_INSMOD is not set # CONFIG_IONICE is not set # CONFIG_IORENICE is not set +# CONFIG_LINUX32 is not set # CONFIG_LOGIN is not set # CONFIG_LOSETUP is not set # CONFIG_LSATTR is not set # CONFIG_CHATTR is not set # CONFIG_LSMOD is not set -CONFIG_LSPCI=y +# CONFIG_LSPCI is not set # CONFIG_LSUSB is not set # CONFIG_MAKEDEVS is not set # CONFIG_MCOOKIE is not set +# CONFIG_MEMEATER is not set # CONFIG_MIX is not set # CONFIG_MKPASSWD is not set # CONFIG_MKSWAP is not set @@ -282,6 +283,7 @@ CONFIG_LSPCI=y # CONFIG_TASKSET is not set # CONFIG_TIMEOUT is not set # CONFIG_TRUNCATE is not set +# CONFIG_TS is not set # CONFIG_UCLAMPSET is not set # CONFIG_UPTIME is not set # CONFIG_USLEEP is not set @@ -382,6 +384,7 @@ CONFIG_TOYBOX_LSM_NONE=y # CONFIG_TOYBOX_FLOAT is not set # CONFIG_TOYBOX_HELP is not set # CONFIG_TOYBOX_HELP_DASHDASH is not set +# CONFIG_TOYBOX_ZHELP is not set # CONFIG_TOYBOX_FREE is not set # CONFIG_TOYBOX_NORECURSE is not set # CONFIG_TOYBOX_DEBUG is not set diff --git a/demo/qat-autoreset.sh b/demo/qat-autoreset.sh index 0e1441759..49cd36d5a 100755 --- a/demo/qat-autoreset.sh +++ b/demo/qat-autoreset.sh @@ -1,12 +1,20 @@ #!/usr/bin/env bash NODE_NAME="${NODE_NAME:-}" ENABLED_QAT_PF_PCIIDS=${ENABLED_QAT_PF_PCIIDS:-37c8 4940 4942 4944 4946} -DEVS=$(for pf in $ENABLED_QAT_PF_PCIIDS; do lspci -n | grep -e "$pf" | grep -o -e "^\\S*"; done) AUTORESET_ENABLED="NONE" AUTORESET_ENABLED_FOUND="FALSE" AUTORESET_OPTIONS_LIST="on off" +DEVS="" +for DEV in $(realpath /sys/bus/pci/devices/*); do + for PF in $ENABLED_QAT_PF_PCIIDS; do + if grep -q "$PF" "$DEV"/device; then + DEVS="$DEV $DEVS" + fi + done +done + check_config() { [ -f "conf/qat.conf" ] && AUTORESET_ENABLED=$(grep "^AutoresetEnabled=" conf/qat.conf | cut -d= -f 2 | grep '\S') [ -f "conf/qat-$NODE_NAME.conf" ] && AUTORESET_ENABLED=$(grep "^AutoresetEnabled=" conf/qat-"$NODE_NAME".conf | cut -d= -f 2 | grep '\S') @@ -25,9 +33,8 @@ check_config() { enable_auto_reset() { if [ "$AUTORESET_ENABLED_FOUND" = "TRUE" ]; then - for dev in $DEVS; do - devpath="/sys/bus/pci/devices/0000:$dev" - autoreset_path="$devpath/qat/auto_reset" + for devpath in $DEVS; do + autoreset_path="$devpath"/qat/auto_reset if ! test -w "$autoreset_path"; then echo "error: $autoreset_path is not found or not writable. Check if QAT driver module is loaded. Skipping..." exit 1 diff --git a/demo/qat-init.sh b/demo/qat-init.sh index 98a3e337e..a3ad6a842 100755 --- a/demo/qat-init.sh +++ b/demo/qat-init.sh @@ -2,7 +2,6 @@ # This script is based on qatlib's qat_init.sh NODE_NAME="${NODE_NAME:-}" ENABLED_QAT_PF_PCIIDS=${ENABLED_QAT_PF_PCIIDS:-37c8 4940 4942 4944 4946} -DEVS=$(for pf in $ENABLED_QAT_PF_PCIIDS; do lspci -n | grep -e "$pf" | grep -o -e "^\\S*"; done) SERVICES_LIST="sym asym sym;asym dc sym;dc asym;dc" QAT_4XXX_DEVICE_PCI_ID="0x4940" QAT_401XX_DEVICE_PCI_ID="0x4942" @@ -11,6 +10,15 @@ QAT_420XX_DEVICE_PCI_ID="0x4946" SERVICES_ENABLED="NONE" SERVICES_ENABLED_FOUND="FALSE" +DEVS="" +for DEV in $(realpath /sys/bus/pci/devices/*); do + for PF in $ENABLED_QAT_PF_PCIIDS; do + if grep -q "$PF" "$DEV"/device; then + DEVS="$DEV $DEVS" + fi + done +done + check_config() { [ -f "conf/qat.conf" ] && SERVICES_ENABLED=$(grep "^ServicesEnabled=" conf/qat.conf | cut -d= -f 2 | grep '\S') [ -f "conf/qat-$NODE_NAME.conf" ] && SERVICES_ENABLED=$(grep "^ServicesEnabled=" conf/qat-"$NODE_NAME".conf | cut -d= -f 2 | grep '\S') @@ -29,8 +37,7 @@ check_config() { sysfs_config() { if [ "$SERVICES_ENABLED_FOUND" = "TRUE" ]; then - for dev in $DEVS; do - DEVPATH="/sys/bus/pci/devices/0000:$dev" + for DEVPATH in $DEVS; do PCI_DEV=$(cat "$DEVPATH"/device 2> /dev/null) if [ "$PCI_DEV" != "$QAT_4XXX_DEVICE_PCI_ID" ] && [ "$PCI_DEV" != "$QAT_401XX_DEVICE_PCI_ID" ] && [ "$PCI_DEV" != "$QAT_402XX_DEVICE_PCI_ID" ] && [ "$PCI_DEV" != "$QAT_420XX_DEVICE_PCI_ID" ]; then continue @@ -45,15 +52,14 @@ sysfs_config() { echo "$SERVICES_ENABLED" > "$DEVPATH"/qat/cfg_services CURRENT_SERVICES=$(cat "$DEVPATH"/qat/cfg_services) fi - echo "Device $dev configured with services: $CURRENT_SERVICES" + echo "Device $DEVPATH configured with services: $CURRENT_SERVICES" done fi } enable_sriov() { - for dev in $DEVS; do - DEVPATH="/sys/bus/pci/devices/0000:$dev" - NUMVFS="$DEVPATH/sriov_numvfs" + for DEVPATH in $DEVS; do + NUMVFS="$DEVPATH"/sriov_numvfs if ! test -w "$NUMVFS"; then echo "error: $NUMVFS is not found or not writable. Check if QAT driver module is loaded" exit 1 @@ -65,7 +71,7 @@ enable_sriov() { if [ "$(cat "$NUMVFS")" -ne 0 ]; then echo "$DEVPATH already configured" else - tee "$NUMVFS" < "$DEVPATH/sriov_totalvfs" + tee "$NUMVFS" < "$DEVPATH"/sriov_totalvfs VFDEVS=$(realpath -L "$DEVPATH"/virtfn*) for vfdev in $VFDEVS; do BSF=$(basename "$vfdev") diff --git a/go.mod b/go.mod index ed508b7c5..3802acff4 100644 --- a/go.mod +++ b/go.mod @@ -13,8 +13,8 @@ require ( github.com/pkg/errors v0.9.1 github.com/prometheus/client_model v0.6.1 github.com/prometheus/common v0.62.0 - golang.org/x/sys v0.29.0 - golang.org/x/text v0.21.0 + golang.org/x/sys v0.30.0 + golang.org/x/text v0.22.0 google.golang.org/grpc v1.69.4 google.golang.org/protobuf v1.36.3 gopkg.in/yaml.v2 v2.4.0 @@ -24,7 +24,7 @@ require ( k8s.io/component-base v0.32.1 k8s.io/klog/v2 v2.130.1 k8s.io/kubelet v0.32.1 - k8s.io/kubernetes v1.32.1 + k8s.io/kubernetes v1.32.3 k8s.io/pod-security-admission v0.0.0 k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 sigs.k8s.io/controller-runtime v0.20.0 @@ -120,13 +120,13 @@ require ( go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect - golang.org/x/crypto v0.31.0 // indirect + golang.org/x/crypto v0.35.0 // indirect golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect golang.org/x/mod v0.22.0 // indirect - golang.org/x/net v0.33.0 // indirect + golang.org/x/net v0.36.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect - golang.org/x/sync v0.10.0 // indirect - golang.org/x/term v0.27.0 // indirect + golang.org/x/sync v0.11.0 // indirect + golang.org/x/term v0.29.0 // indirect golang.org/x/time v0.7.0 // indirect golang.org/x/tools v0.28.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index 4b08f7aef..7043c6ca5 100644 --- a/go.sum +++ b/go.sum @@ -295,8 +295,8 @@ go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.35.0 h1:b15kiHdrGCHrP6LvwaQ3c03kgNhhiMgvlhxHQhmg2Xs= +golang.org/x/crypto v0.35.0/go.mod h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ= golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -307,29 +307,29 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= -golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= +golang.org/x/net v0.36.0 h1:vWF2fRbw4qslQsQzgFqZff+BItCvGFQqKzKIzx1rmoA= +golang.org/x/net v0.36.0/go.mod h1:bFmbeoIPfrw4sMHNhb4J9f6+tPziuGjq7Jk/38fxi1I= golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= -golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w= +golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= -golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU= +golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM= +golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY= golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ= golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -406,8 +406,8 @@ k8s.io/kubectl v0.32.1 h1:/btLtXLQUU1rWx8AEvX9jrb9LaI6yeezt3sFALhB8M8= k8s.io/kubectl v0.32.1/go.mod h1:sezNuyWi1STk4ZNPVRIFfgjqMI6XMf+oCVLjZen/pFQ= k8s.io/kubelet v0.32.1 h1:bB91GvMsZb+LfzBxnjPEr1Fal/sdxZtYphlfwAaRJGw= k8s.io/kubelet v0.32.1/go.mod h1:4sAEZ6PlewD0GroV3zscY7llym6kmNNTVmUI/Qshm6w= -k8s.io/kubernetes v1.32.1 h1:46YPpIBCT9dkmeglstZ2Gg4LGaAdro1/3IQ+1AfbF1s= -k8s.io/kubernetes v1.32.1/go.mod h1:tiIKO63GcdPRBHW2WiUFm3C0eoLczl3f7qi56Dm1W8I= +k8s.io/kubernetes v1.32.3 h1:2A58BlNME8NwsMawmnM6InYo3Jf35Nw5G79q46kXwoA= +k8s.io/kubernetes v1.32.3/go.mod h1:GvhiBeolvSRzBpFlgM0z/Bbu3Oxs9w3P6XfEgYaMi8k= k8s.io/mount-utils v0.32.1 h1:RJOD6xXzEJT/OOJoG1KstfVa8ZXJJPlHb+t2MoulPHM= k8s.io/mount-utils v0.32.1/go.mod h1:Kun5c2svjAPx0nnvJKYQWhfeNW+O0EpzHgRhDcYoSY0= k8s.io/pod-security-admission v0.32.1 h1:jcQjcxSwMsqcnr8ADiYe3Yhts0zEvY8BPEIFY6ducxU=