From f68e26ec08e9e54388735b9b31376afc1ea16437 Mon Sep 17 00:00:00 2001 From: Piotr Korkus Date: Mon, 11 May 2026 10:16:12 +0200 Subject: [PATCH] Add QNX8 aarch64 build support --- .bazelrc | 15 + MODULE.bazel.lock | 19 +- bazel_common/score_images.MODULE.bazel | 9 + .../score_qnx_toolchains.MODULE.bazel | 1 + images/qnx_aarch64/BUILD | 30 ++ images/qnx_aarch64/build/BUILD | 72 +++++ images/qnx_aarch64/build/init.build | 98 ++++++ images/qnx_aarch64/build/system.build | 289 ++++++++++++++++++ images/qnx_aarch64/configs/BUILD | 28 ++ images/qnx_aarch64/configs/dhcpcd.conf | 42 +++ images/qnx_aarch64/configs/group | 16 + images/qnx_aarch64/configs/hostname | 1 + images/qnx_aarch64/configs/network_capture.sh | 225 ++++++++++++++ images/qnx_aarch64/configs/network_setup.sh | 34 +++ .../qnx_aarch64/configs/network_setup_dhcp.sh | 100 ++++++ images/qnx_aarch64/configs/passwd | 17 ++ images/qnx_aarch64/configs/profile | 18 ++ images/qnx_aarch64/configs/qcrypto.conf | 1 + images/qnx_aarch64/configs/ssh_host_rsa_key | 38 +++ .../qnx_aarch64/configs/ssh_host_rsa_key.pub | 1 + images/qnx_aarch64/configs/sshd_config | 64 ++++ images/qnx_aarch64/configs/startup.sh | 77 +++++ runners/qemu_aarch64/scripts/BUILD | 5 +- runners/qemu_aarch64/scripts/run_qemu_qnx.sh | 40 +++ score_starter | 5 + showcases/cli/main.rs | 26 +- 26 files changed, 1261 insertions(+), 10 deletions(-) create mode 100644 images/qnx_aarch64/BUILD create mode 100644 images/qnx_aarch64/build/BUILD create mode 100644 images/qnx_aarch64/build/init.build create mode 100644 images/qnx_aarch64/build/system.build create mode 100644 images/qnx_aarch64/configs/BUILD create mode 100755 images/qnx_aarch64/configs/dhcpcd.conf create mode 100644 images/qnx_aarch64/configs/group create mode 100644 images/qnx_aarch64/configs/hostname create mode 100644 images/qnx_aarch64/configs/network_capture.sh create mode 100644 images/qnx_aarch64/configs/network_setup.sh create mode 100644 images/qnx_aarch64/configs/network_setup_dhcp.sh create mode 100644 images/qnx_aarch64/configs/passwd create mode 100644 images/qnx_aarch64/configs/profile create mode 100644 images/qnx_aarch64/configs/qcrypto.conf create mode 100644 images/qnx_aarch64/configs/ssh_host_rsa_key create mode 100644 images/qnx_aarch64/configs/ssh_host_rsa_key.pub create mode 100644 images/qnx_aarch64/configs/sshd_config create mode 100644 images/qnx_aarch64/configs/startup.sh create mode 100755 runners/qemu_aarch64/scripts/run_qemu_qnx.sh diff --git a/.bazelrc b/.bazelrc index 05a6f5ba36a..fef47a1fbbd 100644 --- a/.bazelrc +++ b/.bazelrc @@ -30,6 +30,11 @@ build:_common --@score_logging//score/datarouter/build_configuration_flags:enabl build:_common --@score_logging//score/datarouter/build_configuration_flags:file_transfer=False build:_common --@score_logging//score/datarouter/build_configuration_flags:use_local_vlan=True +# ─── QNX common flags (shared by all QNX configs) ──────────────────────────── +build:_qnx_common --host_platform=@score_bazel_platforms//:x86_64-linux-gcc_12.2.0-posix +build:_qnx_common --action_env=BAZEL_DO_NOT_DETECT_CPP_TOOLCHAIN=1 +build:_qnx_common --incompatible_enable_cc_toolchain_resolution + build:qnx-x86_64 --config=_common build:qnx-x86_64 --noexperimental_merged_skyframe_analysis_execution build:qnx-x86_64 --action_env=BAZEL_DO_NOT_DETECT_CPP_TOOLCHAIN=1 @@ -41,6 +46,16 @@ build:qnx-x86_64 --extra_toolchains=@score_qcc_x86_64_toolchain//:x86_64-qnx-sdp build:qnx-x86_64 --extra_toolchains=@score_qnx_x86_64_ifs_toolchain//:ifs-x86_64-qnx-sdp_8.0.0 build:qnx-x86_64 --extra_toolchains=@score_toolchains_rust//toolchains/ferrocene:ferrocene_x86_64_pc_nto_qnx800 +# ─── QNX aarch64 cross-compilation config ──────────────────────────────────── +# Usage: bazel build --config=qnx-aarch64 //target +build:qnx-aarch64 --config=_common +build:qnx-aarch64 --config=_qnx_common +build:qnx-aarch64 --platforms=@score_bazel_platforms//:aarch64-qnx-sdp_8.0.0-posix +build:qnx-aarch64 --extra_toolchains=@score_qcc_aarch64_toolchain//:aarch64-qnx-sdp_8.0.0 +build:qnx-aarch64 --extra_toolchains=@score_toolchains_rust//toolchains/ferrocene:ferrocene_aarch64_unknown_nto_qnx800 +build:qnx-aarch64 --extra_toolchains=@score_qnx_aarch64_ifs_toolchain//:ifs-aarch64-qnx-sdp_8.0.0 + + build:linux-x86_64 --config=_common build:linux-x86_64 --extra_toolchains=@score_gcc_x86_64_toolchain//:x86_64-linux-gcc_12.2.0 build:linux-x86_64 --platforms=@score_bazel_platforms//:x86_64-linux-gcc_12.2.0-posix diff --git a/MODULE.bazel.lock b/MODULE.bazel.lock index e8bede55e60..3abb5c0e7e4 100644 --- a/MODULE.bazel.lock +++ b/MODULE.bazel.lock @@ -8658,7 +8658,7 @@ "https://github.com/eclipse-score/inc_os_autosd/releases/download/continuous/autosd-toolchain-x86_64.tar.gz" ], "build_file": "@@score_bazel_cpp_toolchains+//packages/linux/x86_64/autosd/10.0:autosd.BUILD", - "sha256": "bb5324ec04895eb70b1fcb1787d25856b137962b0381d11f5b3406c37ee15984", + "sha256": "39091c500a31bc58d5934cc9c27f5fec4326f30d8bff88fe67737c86385bf39f", "strip_prefix": "sysroot" } }, @@ -8920,7 +8920,7 @@ "@@score_rules_imagefs+//extensions:imagefs.bzl%imagefs": { "general": { "bzlTransitiveDigest": "xJRMfKyb9krj7tW8mc7qHSmndlgVIywefmDXwdvj7kQ=", - "usagesDigest": "GMHtxI+4YucbcpHyCkckiYlsIpRkukV22uXhDgqkuPo=", + "usagesDigest": "/TmbRDKbrKvzgUh1kgwmBgikEuIonP0fOz164yCxbIw=", "recordedFileInputs": {}, "recordedDirentsInputs": {}, "envVariables": {}, @@ -8934,9 +8934,24 @@ "sdp_version": "8.0.0", "tc_type": "ifs" } + }, + "score_qnx_aarch64_ifs_toolchain": { + "repoRuleId": "@@score_rules_imagefs+//rules/qnx:imagefs_toolchain.bzl%imagefs_toolchain", + "attributes": { + "tc_cpu": "aarch64", + "tc_os": "qnx", + "tc_pkg_repo": "'@@score_bazel_cpp_toolchains++gcc+score_qcc_aarch64_toolchain_pkg'", + "sdp_version": "8.0.0", + "tc_type": "ifs" + } } }, "recordedRepoMappingEntries": [ + [ + "", + "score_qcc_aarch64_toolchain_pkg", + "score_bazel_cpp_toolchains++gcc+score_qcc_aarch64_toolchain_pkg" + ], [ "", "score_qcc_x86_64_toolchain_pkg", diff --git a/bazel_common/score_images.MODULE.bazel b/bazel_common/score_images.MODULE.bazel index abc54d4e04c..264c6f00daa 100644 --- a/bazel_common/score_images.MODULE.bazel +++ b/bazel_common/score_images.MODULE.bazel @@ -47,7 +47,16 @@ imagefs.toolchain( target_os = "qnx", type = "ifs", ) +imagefs.toolchain( + name = "score_qnx_aarch64_ifs_toolchain", + sdp_to_import = "@score_qcc_aarch64_toolchain_pkg", + sdp_version = "8.0.0", + target_cpu = "aarch64", + target_os = "qnx", + type = "ifs", +) use_repo( imagefs, + "score_qnx_aarch64_ifs_toolchain", "score_qnx_x86_64_ifs_toolchain", ) diff --git a/bazel_common/score_qnx_toolchains.MODULE.bazel b/bazel_common/score_qnx_toolchains.MODULE.bazel index aee7c8f7eed..46372e6a0d6 100644 --- a/bazel_common/score_qnx_toolchains.MODULE.bazel +++ b/bazel_common/score_qnx_toolchains.MODULE.bazel @@ -30,6 +30,7 @@ qcc.toolchain( use_repo( qcc, "score_qcc_aarch64_toolchain", + "score_qcc_aarch64_toolchain_pkg", "score_qcc_x86_64_toolchain", "score_qcc_x86_64_toolchain_pkg", ) diff --git a/images/qnx_aarch64/BUILD b/images/qnx_aarch64/BUILD new file mode 100644 index 00000000000..446c1d92945 --- /dev/null +++ b/images/qnx_aarch64/BUILD @@ -0,0 +1,30 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* +load("@rules_shell//shell:sh_binary.bzl", "sh_binary") + +alias( + name = "image", + actual = "//images/qnx_aarch64/build:init", + visibility = ["//visibility:public"], +) + +sh_binary( + name = "run", + srcs = ["//runners/qemu_aarch64/scripts:run_qemu_qnx.sh"], + args = [ + "$(location :image)", + ], + data = [ + ":image", + ], +) diff --git a/images/qnx_aarch64/build/BUILD b/images/qnx_aarch64/build/BUILD new file mode 100644 index 00000000000..ca5c4d35043 --- /dev/null +++ b/images/qnx_aarch64/build/BUILD @@ -0,0 +1,72 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + +load("@score_rules_imagefs//rules/qnx:ifs.bzl", "qnx_ifs") + +filegroup( + name = "scripts", + srcs = [ + "//images/qnx_aarch64/configs:startup.sh", + ], + visibility = ["//visibility:private"], +) + +filegroup( + name = "configs", + srcs = [ + "//images/qnx_aarch64/configs:dhcpcd.conf", + "//images/qnx_aarch64/configs:group", + "//images/qnx_aarch64/configs:hostname", + "//images/qnx_aarch64/configs:network_capture.sh", + "//images/qnx_aarch64/configs:network_setup.sh", + "//images/qnx_aarch64/configs:network_setup_dhcp.sh", + "//images/qnx_aarch64/configs:passwd", + "//images/qnx_aarch64/configs:profile", + "//images/qnx_aarch64/configs:qcrypto.conf", + "//images/qnx_aarch64/configs:ssh_host_rsa_key", + "//images/qnx_aarch64/configs:ssh_host_rsa_key.pub", + "//images/qnx_aarch64/configs:sshd_config", + ], + visibility = ["//visibility:private"], +) + +qnx_ifs( + name = "init", + srcs = [ + ":configs", + ":scripts", + ":system.build", + ":system_dir", + "//feature_integration_tests/configs:etc_configs", + "//feature_integration_tests/configs/datarouter:etc_configs", + "//showcases", + "@score_logging//score/datarouter", + "@score_persistency//tests/test_scenarios/cpp:test_scenarios", + ], + build_file = "init.build", + ext_repo_maping = { + "BUNDLE_PATH": "$(location //showcases:showcases)", + "DATAROUTER_PATH": "$(location @score_logging//score/datarouter:datarouter)", + }, + visibility = [ + "//visibility:public", + ], +) + +filegroup( + name = "system_dir", + srcs = [ + "init.build", + "system.build", + ], +) diff --git a/images/qnx_aarch64/build/init.build b/images/qnx_aarch64/build/init.build new file mode 100644 index 00000000000..3f8be6768df --- /dev/null +++ b/images/qnx_aarch64/build/init.build @@ -0,0 +1,98 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + + +############################################################################### +# +# Example image built based on minimal configuration from QNX +# +############################################################################### + +[-optional] + +[image=0x3600000] # Set image size to 56MB (0x3600000 bytes) +[virtual=aarch64le,raw -compress] boot = { # Configure for aarch64le architecture with raw compressed boot + # TODO: replace startup-virt with the actual aarch64 startup binary for the target BSP. + # QNX SDP 8.0.0 ships no generic QEMU-virt startup; source one from the appropriate BSP. + startup-virt -v # Start aarch64 kernel - board-specific startup binary required + PATH=/proc/boot # Set executable search path to boot directory + LD_LIBRARY_PATH=/proc/boot # Set library search path to boot directory + [+keeplinked] procnto-smp-instr # Keep process manager linked and instrumented for SMP +} + +[+script] startup-script = { # Define startup script that runs during boot + procmgr_symlink /dev/shmem /tmp # Create symbolic link from shared memory to /tmp + # /tmp will be mounted later as a proper RAM disk + + display_msg Welcome to QNX OS 8.0 on aarch64 tweaked for S-CORE! # Display welcome message + + # These env variables get inherited by all programs which follow + SYSNAME=nto # Set system name to "nto" (Neutrino) + TERM=qansi # Set terminal type to QNX ANSI + + devc-ser8250 & # Start serial driver in background + waitfor /dev/ser1 # Wait for serial device to be available + reopen /dev/ser1 # Reopen serial device for console I/O + + display_msg Placeholder for startup script # Display startup message + etc/startup.sh # Execute main startup script + + [+session] /bin/sh & # Start shell session in background +} + +# Essential utilities - core system commands needed for basic operation +# These binaries provide fundamental system functionality and process management + +# Process and system management utilities +on # Command execution utility - runs commands with specific options +[type=link] waitfor=on # Create symbolic link: waitfor -> on (waits for resources to become available) +[type=link] ability=on # Create symbolic link: ability -> on (manages process abilities/privileges) + +# Shell and command interpreter +ksh # Korn shell - provides command-line interface and scripting +pidin # Process information display - shows running processes (like 'ps' on Linux) +[type=link] /bin/sh=/proc/boot/ksh # Create symbolic link: sh -> ksh (standard shell link) + +# File system utilities +mount # File system mount utility - mounts/unmounts file systems +getconf # System configuration query utility - retrieves system parameters +[type=link] setconf=getconf # Create symbolic link: setconf -> getconf (sets configuration parameters) + +# Device drivers for hardware access +devc-ser8250 # Serial port driver for 8250/16550 UART controllers (console access) + +# System logging utilities +slog2info # System log viewer - displays logged messages +slogger2 # System logging daemon - collects and manages log messages + +# Essential libraries - core runtime libraries required for system operation +# These libraries provide fundamental services like C runtime, networking, and logging + +# Standard C library - provides basic C runtime functions +libc.so.6 # Main C library (malloc, printf, file I/O, etc.) + +# Dynamic linker/loader - handles dynamic library loading at runtime +/usr/lib/ldqnx-64.so.2=ldqnx-64.so.2 # 64-bit QNX dynamic linker (loads shared libraries) + +# Networking library - provides socket and network communication functions +libsocket.so.4 # Socket library (TCP/IP, UDP, network I/O functions) +[type=link] libsocket.so=libsocket.so.4 # Create version-neutral symbolic link + +# System logging library - provides logging services for applications +libslog2.so.1 # System logging library (slog2_* functions) +[type=link] libslog2.so=libslog2.so.1 # Create version-neutral symbolic link + +# Orchestrator example needed +[type=link] /data=/tmp_ram + +[+include] ${MAIN_BUILD_FILE_DIR}/system.build # Include additional system build configurations diff --git a/images/qnx_aarch64/build/system.build b/images/qnx_aarch64/build/system.build new file mode 100644 index 00000000000..190f56fa7ff --- /dev/null +++ b/images/qnx_aarch64/build/system.build @@ -0,0 +1,289 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + + +# ============================================================================ +# QNX System Build File - Defines system partition contents +# ============================================================================ +# This file defines the contents of the QNX system partition, including +# essential utilities, libraries, configuration files, and system services +# needed for a minimal QNX QEMU environment. + +############################################# +### SHARED LIBRARIES ### +############################################# +# Essential shared libraries for system operation + +libfsnotify.so.1 # File system notification library +cam-cdrom.so # CAM (Common Access Method) CD-ROM driver +cam-disk.so # CAM disk driver for storage devices +fs-dos.so # DOS file system support +fs-qnx6.so # QNX6 file system support +io-blk.so # Block I/O manager +libbz2.so.1 # BZip2 compression library +libc++.so.2 # C++ standard library +libc.so # C standard library (essential) +libcam.so.2 # CAM library for device access +libcatalog.so.1 # Message catalog support +libcrypto.so.3 # OpenSSL crypto library (disabled) +libfscrypto.so.1 # File system encryption support +libgcc_s.so.1 # GCC runtime support library +libiconv.so.1 # Character encoding conversion +liblzma.so.5 # LZMA compression library +libm.so # Math library +libpci.so.3.0 # PCI library v3.0 for hardware access +libqcrypto.so.1.0 # QNX cryptographic library +libqh.so # QNX helper library +libregex.so.1 # Regular expression library +libsecpol.so.1 # Security policy library +libslog2parse.so.1 # System log parsing library +libssl.so.3 # OpenSSL SSL/TLS library (disabled) +libtracelog.so.1 # Trace logging library +libxml2.so.2 # XML parsing library +libz.so # Zlib compression library +libexpat.so.2 # Expat XML parser library +libjail.so.1 # QNX jail library for process containment +qcrypto-openssl-3.so # QNX cryptographic library with OpenSSL 3 support +libpam.so.2 # Pluggable Authentication Modules library + + +############################################# +### FILE MANIPULATION UTILITIES ### +############################################# +# Core file system utilities - most are provided by toybox (minimal Unix utilities) + +[type=link] /bin/ls=/proc/boot/ls # Link ls to IFS version for compatibility +# Note: /bin/sh symlink already defined in init.build as /proc/boot/ksh +toybox # Minimal Unix utilities collection (replaces many GNU tools) +[type=link] cp=toybox # Copy files and directories +[type=link] ls=toybox # List directory contents +[type=link] cat=toybox # Display file contents +[type=link] chmod=toybox # Change file permissions +[type=link] rm=toybox # Remove files and directories +[type=link] dd=toybox # Convert and copy files with specified I/O block size +[type=link] echo=toybox # Display text +[type=link] grep=toybox # Search text patterns in files +[type=link] mkdir=toybox # Create directories +[type=link] ascii=toybox # Display ASCII character set +[type=link] base64=toybox # Base64 encoding/decoding utility +[type=link] basename=toybox # Extract filename from path +[type=link] bc=toybox # Basic calculator +[type=link] bunzip2=toybox # Decompress bzip2 files +[type=link] bzcat=toybox # Display contents of bzip2 files +[type=link] cal=toybox # Display calendar +[type=link] chgrp=toybox # Change group ownership +[type=link] chown=toybox # Change file ownership +[type=link] cksum=toybox # Calculate checksums +[type=link] clear=toybox # Clear terminal screen +[type=link] cmp=toybox # Compare files byte by byte +[type=link] comm=toybox # Compare sorted files line by line +[type=link] cpio=toybox # Copy files to/from archives +[type=link] crc32=toybox # Calculate CRC32 checksums +[type=link] cut=toybox # Extract columns from files +[type=link] date=toybox # Display or set system date +[type=link] diff=toybox # Compare files line by line +[type=link] dirname=toybox # Extract directory from path +[type=link] dos2unix=toybox # Convert DOS line endings to Unix +[type=link] du=toybox # Display disk usage +[type=link] egrep=toybox # Extended grep with regular expressions +[type=link] env=toybox # Display or set environment variables +[type=link] expand=toybox # Convert tabs to spaces +[type=link] expr=toybox # Evaluate expressions +[type=link] false=toybox # Return false status +[type=link] fgrep=toybox # Fast grep for fixed strings +[type=link] file=toybox # Determine file type +[type=link] find=toybox # Search for files and directories +[type=link] fmt=toybox # Format text paragraphs +[type=link] groups=toybox # Display user group membership +[type=link] gunzip=toybox # Decompress gzip files +[type=link] gzip=toybox # Compress files with gzip +[type=link] hd=toybox # Hexadecimal dump (alias for hexdump) +[type=link] head=toybox # Display first lines of files +[type=link] hexdump=toybox # Display files in hexadecimal format +[type=link] id=toybox # Display user and group IDs +[type=link] install=toybox # Copy files and set attributes +[type=link] link=toybox # Create hard links +[type=link] logname=toybox # Display login name +[type=link] md5sum=toybox # Calculate MD5 checksums +[type=link] mkfifo=toybox # Create named pipes (FIFOs) +[type=link] mktemp=toybox # Create temporary files/directories +[type=link] more=toybox # Display files page by page +[type=link] mv=toybox # Move/rename files and directories +[type=link] nl=toybox # Number lines in files +[type=link] nohup=toybox # Run commands immune to hangups +[type=link] od=toybox # Dump files in octal format +[type=link] paste=toybox # Merge lines from files +[type=link] patch=toybox # Apply patches to files +[type=link] printenv=toybox # Print environment variables +[type=link] printf=toybox # Format and print data +[type=link] pwd=toybox # Print working directory +[type=link] readlink=toybox # Display target of symbolic links +[type=link] realpath=toybox # Display absolute path +[type=link] rmdir=toybox # Remove empty directories +[type=link] sed=toybox # Stream editor for filtering/transforming text +[type=link] seq=toybox # Generate sequences of numbers +[type=link] sha1sum=toybox # Calculate SHA1 checksums +[type=link] sleep=toybox # Suspend execution for specified time +[type=link] sort=toybox # Sort lines in text files +[type=link] split=toybox # Split files into pieces +[type=link] stat=toybox # Display file/filesystem status +[type=link] strings=toybox # Extract printable strings from files +[type=link] tail=toybox # Display last lines of files +[type=link] tee=toybox # Copy input to files and stdout +[type=link] test=toybox # Evaluate conditional expressions +[type=link] time=toybox # Time command execution +[type=link] timeout=toybox # Run command with time limit +[type=link] touch=toybox # Update file timestamps +[type=link] tr=toybox # Translate or delete characters +[type=link] true=toybox # Return true status +[type=link] truncate=toybox # Truncate files to specified size +[type=link] tty=toybox # Display terminal name +[type=link] uname=toybox # Display system information +[type=link] uniq=toybox # Remove duplicate lines +[type=link] unix2dos=toybox # Convert Unix line endings to DOS +[type=link] unlink=toybox # Remove files (system call interface) +[type=link] uudecode=toybox # Decode uuencoded files +[type=link] uuencode=toybox # Encode files using uuencoding +[type=link] uuidgen=toybox # Generate UUIDs +[type=link] wc=toybox # Count lines, words, and characters +[type=link] which=toybox # Locate commands in PATH +[type=link] whoami=toybox # Display current username +[type=link] xargs=toybox # Execute commands from standard input +[type=link] xxd=toybox # Make hexdump or reverse +[type=link] yes=toybox # Output string repeatedly +[type=link] zcat=toybox # Display contents of compressed files +[type=link] nc=toybox # Netcat for network connections and packet streaming +[type=link] netcat=toybox # Netcat alias for network connections +[type=link] pkill=slay # Process killer Linux compatibility layer +############################################# +### Tools ### +############################################# +awk # Text processing and pattern scanning +devb-ram # RAM disk block device manager +devc-pty # Pseudo-terminal device manager +fsencrypt # File system encryption utility +fsevmgr # File system event manager +if_up # Network interface configuration +ifconfig # Network interface configuration tool +ln # Create file links +mkqnx6fs # Create QNX6 file systems +mount_ifs # Mount Image File System (IFS) +mqueue # POSIX message queue manager +openssl # SSL/TLS cryptographic toolkit +pci-server # PCI bus server +pdebug # Process debugger +pfctl # Packet filter control utility +pipe # Named pipe manager +random # Random number generator service +shutdown # System shutdown utility +sync # Synchronize file system buffers to disk +tar # Archive utility for creating/extracting tar files +umount # Unmount file systems +sysctl # Configure kernel parameters at runtime +sshd # SSH daemon for remote access +ssh # SSH client for remote connections +ssh-keygen # SSH key generation utility +hostname # Set or display system hostname +route +dhcpcd # DHCP client daemon for automatic network configuration +tcpdump # Network packet capture tool for Wireshark analysis +slay +/usr/lib/ssh/sftp-server=${QNX_TARGET}/${PROCESSOR}/usr/libexec/sftp-server # File transfer server to enable scp + +############################################# +### NETWORKING COMPONENTS ### +############################################# +io-sock # Network socket manager +mods-pci.so # PCI module support for network hardware +mods-phy.so # Physical layer module for network interfaces +mods-usb.so # USB module support +libfdt.so.1 # Flattened Device Tree library +libusbdci.so.2 # USB device controller interface library +devs-vtnet_pci.so # VirtIO network device driver for QEMU/KVM +librpc.so.2 # For TCP dump + + +############################################# +### PCI COMPONENTS ### +############################################# +# PCI-related shared libraries and modules (no hardware-specific HW module for QEMU virt) +pci/pci_slog2.so # PCI system logging support +pci/pci_cap-0x05.so # PCI capability handler for MSI +pci/pci_cap-0x10.so # PCI Express capability handler +pci/pci_cap-0x11.so # MSI-X capability handler +pci/pci_strings.so # PCI device string database +pci/pci_bkwd_compat.so # Backward compatibility support +pci/pci_debug2.so # Enhanced PCI debugging support + + +############################################# +### SYSTEM DIRECTORIES ### +############################################# +# Create SSH and system directories with appropriate permissions +[gid=0 uid=0 dperms=755 type=dir] /var/chroot/sshd # SSH chroot directory for privilege separation +[gid=0 uid=0 dperms=700 type=dir] /var/ssh # SSH configuration and key storage directory + + +############################################# +### SCRIPTS ### +############################################# +# System startup and initialization scripts +[perms=700] /etc/startup.sh = ${MAIN_BUILD_FILE_DIR}/../configs/startup.sh # Main system startup script +[perms=700] /etc/network_setup.sh = ${MAIN_BUILD_FILE_DIR}/../configs/network_setup.sh # Network configuration script +[perms=700] /etc/network_setup_dhcp.sh = ${MAIN_BUILD_FILE_DIR}/../configs/network_setup_dhcp.sh # Network configuration script +[perms=755] /etc/network_capture = ${MAIN_BUILD_FILE_DIR}/../configs/network_capture.sh # Network packet capture utility + + +############################################# +### CONFIGURATION FILES ### +############################################# +# This section defines critical configuration files that control system +# behavior, hardware access, security policies, and user environment setup. + +[perms=0444] qcrypto.conf = ${MAIN_BUILD_FILE_DIR}/../configs/qcrypto.conf # QNX cryptographic library configuration + +# System hostname configuration +/etc/hostname = ${MAIN_BUILD_FILE_DIR}/../configs/hostname # System hostname definition file +/etc/profile = ${MAIN_BUILD_FILE_DIR}/../configs/profile + +# System user and group databases +/etc/passwd = ${MAIN_BUILD_FILE_DIR}/../configs/passwd # User account database with login information +/etc/group = ${MAIN_BUILD_FILE_DIR}/../configs/group # Group membership database + + +############################################# +### SSH CONFIGURATION ### +############################################# +# SSH server configuration (no static host keys - generated at runtime) +[perms=444] /var/ssh/sshd_config = ${MAIN_BUILD_FILE_DIR}/../configs/sshd_config # SSH daemon configuration file + +[uid=0 gid=0 perms=400] /var/ssh/ssh_host_rsa_key = ${MAIN_BUILD_FILE_DIR}/../configs/ssh_host_rsa_key # SSH server private key +[uid=0 gid=0 perms=400] /var/ssh/ssh_host_rsa_key.pub = ${MAIN_BUILD_FILE_DIR}/../configs/ssh_host_rsa_key.pub # SSH server public key + +# DHCP client configuration +[perms=644] /etc/dhcpcd.conf = ${MAIN_BUILD_FILE_DIR}/../configs/dhcpcd.conf # DHCP client configuration file + +# Communication configuration files +[perms=777] /etc/logging.json = ${MAIN_BUILD_FILE_DIR}/../../../feature_integration_tests/configs/etc/logging.json +[perms=777] /etc/mw_com_config.json = ${MAIN_BUILD_FILE_DIR}/../../../feature_integration_tests/configs/etc/mw_com_config.json + +# Executable files from external repositories +[perms=777] /scrample = ${SCRAMPLE_PATH} +[perms=777] /cpp_tests_persistency = ${CPP_TEST_SCENARIOS_PATH} + +[perms=777] /usr/bin/datarouter/datarouter = ${DATAROUTER_PATH} +[perms=644] /usr/bin/datarouter/etc/logging.json = ${MAIN_BUILD_FILE_DIR}/../../../feature_integration_tests/configs/datarouter/etc/logging.json +[perms=644] /usr/bin/datarouter/etc/log-channels.json = ${MAIN_BUILD_FILE_DIR}/../../../feature_integration_tests/configs/datarouter/etc/log-channels.json + +# Common showcases bundle +[perms=777] / = ${BUNDLE_PATH} diff --git a/images/qnx_aarch64/configs/BUILD b/images/qnx_aarch64/configs/BUILD new file mode 100644 index 00000000000..d563b3ff346 --- /dev/null +++ b/images/qnx_aarch64/configs/BUILD @@ -0,0 +1,28 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + +exports_files([ + "startup.sh", + "network_setup.sh", + "network_setup_dhcp.sh", + "dhcpcd.conf", + "qcrypto.conf", + "passwd", + "group", + "sshd_config", + "ssh_host_rsa_key", + "ssh_host_rsa_key.pub", + "hostname", + "profile", + "network_capture.sh", +]) diff --git a/images/qnx_aarch64/configs/dhcpcd.conf b/images/qnx_aarch64/configs/dhcpcd.conf new file mode 100755 index 00000000000..8a2ce0b86a0 --- /dev/null +++ b/images/qnx_aarch64/configs/dhcpcd.conf @@ -0,0 +1,42 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + + +# ******************************************************************************* +# Minimal DHCP Client Configuration for QNX QEMU System +# ******************************************************************************* +# This is a minimal dhcpcd.conf file for basic DHCP functionality + +# Allow all interfaces starting with vtnet +allowinterfaces vtnet0 + +# Use the hardware address of the interface for the Client ID +duid + +# Request essential network configuration +option routers +option domain_name_servers +option subnet_mask +option broadcast_address + +# Set timeout for DHCP requests (30 seconds) +timeout 30 + +# Disable IPv6 to simplify configuration +noipv6 + +# Don't send hostname for privacy +nohook hostname + +# Background after getting lease +background diff --git a/images/qnx_aarch64/configs/group b/images/qnx_aarch64/configs/group new file mode 100644 index 00000000000..925ba062f3e --- /dev/null +++ b/images/qnx_aarch64/configs/group @@ -0,0 +1,16 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + +root::0:root +qnxuser::1000:qnxuser +sshd::6:sshd diff --git a/images/qnx_aarch64/configs/hostname b/images/qnx_aarch64/configs/hostname new file mode 100644 index 00000000000..c98f8c67fd2 --- /dev/null +++ b/images/qnx_aarch64/configs/hostname @@ -0,0 +1 @@ +Qnx_S-core diff --git a/images/qnx_aarch64/configs/network_capture.sh b/images/qnx_aarch64/configs/network_capture.sh new file mode 100644 index 00000000000..b0d187cbd49 --- /dev/null +++ b/images/qnx_aarch64/configs/network_capture.sh @@ -0,0 +1,225 @@ +#!/bin/sh + +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + + +# Network Packet Capture Script for QNX +# Provides tcpdump-based packet capture with remote access via netcat + +# Configuration +CAPTURE_INTERFACE="vtnet0" +CAPTURE_PORT="9999" +LOG_DIR="/tmp_ram/capture" +MAX_PACKETS="10000" +CAPTURE_FILTER="" + +usage() { + echo "Network Packet Capture for QNX" + echo "Usage: $0 [command] [options]" + echo "" + echo "Commands:" + echo " start [filter] - Start packet capture (optionally with filter)" + echo " stop - Stop all running captures" + echo " status - Show capture status" + echo " stream [filter] - Start real-time streaming to port $CAPTURE_PORT" + echo " list - List saved capture files" + echo " help - Show this help" + echo "" + echo "Examples:" + echo " $0 start # Capture all packets" + echo " $0 start \"tcp port 22\" # Capture SSH traffic only" + echo " $0 start \"icmp\" # Capture ping traffic only" + echo " $0 stream \"tcp\" # Stream TCP traffic to port $CAPTURE_PORT" + echo "" + echo "For Wireshark analysis:" + echo " 1. Run: $0 stream [filter]" + echo " 2. In Wireshark: Capture -> Options -> Manage Interfaces" + echo " 3. Add remote interface: TCP@:$CAPTURE_PORT" + echo " 4. Or with port forwarding: TCP@localhost:" + echo "" + echo "Saved captures: $LOG_DIR" + echo "Network interface: $CAPTURE_INTERFACE" +} + +# Ensure capture directory exists +mkdir -p "$LOG_DIR" + +case "${1:-help}" in + start) + CAPTURE_FILTER="${2:-}" + TIMESTAMP=$(date +%Y%m%d_%H%M%S) + CAPTURE_FILE="$LOG_DIR/capture_${TIMESTAMP}.pcap" + + echo "Starting packet capture..." + echo "Interface: $CAPTURE_INTERFACE" + echo "File: $CAPTURE_FILE" + echo "Max packets: $MAX_PACKETS" + if [ -n "$CAPTURE_FILTER" ]; then + echo "Filter: $CAPTURE_FILTER" + else + echo "Filter: none (capturing all traffic)" + fi + echo "" + + # Start tcpdump in background + if [ -n "$CAPTURE_FILTER" ]; then + tcpdump -i "$CAPTURE_INTERFACE" -w "$CAPTURE_FILE" -c "$MAX_PACKETS" "$CAPTURE_FILTER" & + else + tcpdump -i "$CAPTURE_INTERFACE" -w "$CAPTURE_FILE" -c "$MAX_PACKETS" & + fi + + TCPDUMP_PID=$! + echo "Capture started with PID: $TCPDUMP_PID" + echo "Capture file: $CAPTURE_FILE" + echo "" + echo "To stop: $0 stop" + echo "To check status: $0 status" + ;; + + stream) + CAPTURE_FILTER="${2:-}" + + echo "Starting real-time packet streaming..." + echo "Interface: $CAPTURE_INTERFACE" + echo "Streaming port: $CAPTURE_PORT" + if [ -n "$CAPTURE_FILTER" ]; then + echo "Filter: $CAPTURE_FILTER" + else + echo "Filter: none (streaming all traffic)" + fi + echo "" + echo "Connect Wireshark to: TCP@:$CAPTURE_PORT" + echo "With port forwarding: TCP@localhost:" + echo "" + echo "Press Ctrl+C to stop streaming" + echo "" + + # Create named pipe for tcpdump output + PIPE_FILE="/tmp_ram/tcpdump_pipe" + mkfifo "$PIPE_FILE" 2>/dev/null || true + + # Start tcpdump writing to pipe in background + if [ -n "$CAPTURE_FILTER" ]; then + tcpdump -i "$CAPTURE_INTERFACE" -w "$PIPE_FILE" -U "$CAPTURE_FILTER" & + else + tcpdump -i "$CAPTURE_INTERFACE" -w "$PIPE_FILE" -U & + fi + TCPDUMP_PID=$! + + # Stream pipe content via netcat + # Note: This requires netcat to be available + if command -v nc >/dev/null 2>&1; then + nc -l -p "$CAPTURE_PORT" < "$PIPE_FILE" & + NC_PID=$! + echo "Streaming via netcat (PID: $NC_PID)" + else + echo "Warning: netcat not available - streaming not possible" + echo "Install netcat or use file-based capture instead" + kill $TCPDUMP_PID 2>/dev/null + rm -f "$PIPE_FILE" + exit 1 + fi + + # Wait for user interruption + trap 'echo ""; echo "Stopping streaming..."; kill $TCPDUMP_PID $NC_PID 2>/dev/null; rm -f "$PIPE_FILE"; exit 0' INT TERM + + echo "Streaming active - tcpdump PID: $TCPDUMP_PID, netcat PID: $NC_PID" + wait + ;; + + stop) + echo "Stopping all packet captures..." + + # Find and kill tcpdump processes + TCPDUMP_PIDS=$(pidin arg | grep tcpdump | awk '{print $1}') + if [ -n "$TCPDUMP_PIDS" ]; then + for pid in $TCPDUMP_PIDS; do + echo "Killing tcpdump process: $pid" + kill "$pid" 2>/dev/null || true + done + else + echo "No tcpdump processes found" + fi + + # Find and kill netcat processes on capture port + NC_PIDS=$(pidin arg | grep nc | awk '{print $1}') + if [ -n "$NC_PIDS" ]; then + for pid in $NC_PIDS; do + echo "Killing netcat process: $pid" + kill "$pid" 2>/dev/null || true + done + fi + + # Clean up pipes + rm -f /tmp_ram/tcpdump_pipe + + echo "All captures stopped" + ;; + + status) + echo "Packet Capture Status" + echo "====================" + echo "" + + # Check for running tcpdump processes + TCPDUMP_PIDS=$(pidin arg | grep tcpdump | awk '{print $1}') + if [ -n "$TCPDUMP_PIDS" ]; then + echo "Active tcpdump processes:" + for pid in $TCPDUMP_PIDS; do + echo " PID: $pid" + done + else + echo "No tcpdump processes running" + fi + + # Check for netcat processes + NC_PIDS=$(pidin arg | grep nc | awk '{print $1}') + if [ -n "$NC_PIDS" ]; then + echo "Active netcat processes:" + for pid in $NC_PIDS; do + echo " PID: $pid" + done + fi + + echo "" + echo "Network interface status:" + ifconfig "$CAPTURE_INTERFACE" 2>/dev/null || echo "Interface $CAPTURE_INTERFACE not found" + + echo "" + echo "Capture files:" + if [ -d "$LOG_DIR" ] && [ "$(ls -A $LOG_DIR 2>/dev/null)" ]; then + ls -la "$LOG_DIR" + else + echo "No capture files found" + fi + ;; + + list) + echo "Saved capture files in $LOG_DIR:" + echo "" + if [ -d "$LOG_DIR" ] && [ "$(ls -A $LOG_DIR 2>/dev/null)" ]; then + ls -la "$LOG_DIR" + echo "" + echo "To analyze with Wireshark:" + echo "1. Copy files from QNX: scp -P 2222 root@localhost:$LOG_DIR/*.pcap ." + echo "2. Open in Wireshark: wireshark .pcap" + else + echo "No capture files found" + fi + ;; + + help|*) + usage + ;; +esac diff --git a/images/qnx_aarch64/configs/network_setup.sh b/images/qnx_aarch64/configs/network_setup.sh new file mode 100644 index 00000000000..184a7c0a5ba --- /dev/null +++ b/images/qnx_aarch64/configs/network_setup.sh @@ -0,0 +1,34 @@ +#!/bin/sh + +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + + +# ******************************************************************************* +# Network Configuration Script +# Configures networking interfaces and settings for QNX system +# ******************************************************************************* + +echo "---> Starting Networking" +io-sock -m phy -m pci -d vtnet_pci # Start network stack with PHY and PCI modules, load VirtIO network driver +waitfor /dev/socket # Wait for socket device to become available before proceeding + +echo "---> Configuring network interface" +# Bring up the interface and configure with bridge-accessible IP for direct ping +if_up -p vtnet0 # Bring up the vtnet0 network interface in promiscuous mode +ifconfig vtnet0 10.0.2.15 netmask 255.255.255.0 # Configure IP address and subnet mask for vtnet0 +ifconfig vtnet0 169.254.158.190 netmask 255.255.0.0 # Configure IP address and subnet mask for vtnet0 + +# Configure system network settings +sysctl -w net.inet.icmp.bmcastecho=1 > /dev/null # Enable ICMP broadcast echo (responds to broadcast pings) +sysctl -w qnx.sec.droproot=33:33 > /dev/null # Set user/group ID (33:33) for dropping root privileges diff --git a/images/qnx_aarch64/configs/network_setup_dhcp.sh b/images/qnx_aarch64/configs/network_setup_dhcp.sh new file mode 100644 index 00000000000..da2b1db8b15 --- /dev/null +++ b/images/qnx_aarch64/configs/network_setup_dhcp.sh @@ -0,0 +1,100 @@ +#!/bin/sh + +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + + +# ******************************************************************************* +# Simple DHCP Network Configuration Script +# Configures networking using DHCP with minimal configuration +# ******************************************************************************* + +echo "---> Starting Networking with simple DHCP" +io-sock -m phy -m pci -d vtnet_pci # Start network stack with PHY and PCI modules, load VirtIO network driver +waitfor /dev/socket # Wait for socket device to become available before proceeding + +echo "---> Bringing up network interface" +if_up -p vtnet0 # Bring up the vtnet0 network interface in promiscuous mode + +echo "---> Starting DHCP client with minimal config" +# Start DHCP client with minimal configuration +dhcpcd -b -f /etc/dhcpcd.conf vtnet0 & +DHCP_PID=$! # Store DHCP process ID + +# Wait for DHCP to complete (up to 30 seconds) +echo "---> Waiting for DHCP lease acquisition..." +sleep 3 # Initial wait for DHCP negotiation + +# Check if we got an IP address +RETRY_COUNT=0 +MAX_RETRIES=10 # 10 retries * 3 seconds = 30 seconds total + +while [ $RETRY_COUNT -lt $MAX_RETRIES ]; do + # Get current IP address for vtnet0 + IP_ADDR=$(ifconfig vtnet0 | grep 'inet ' | awk '{print $2}') + + if [ -n "$IP_ADDR" ] && [ "$IP_ADDR" != "0.0.0.0" ]; then + echo "---> DHCP successful! Acquired IP" + # Get additional network info + NETMASK=$(ifconfig vtnet0 | grep 'inet ' | awk '{print $4}') + echo "---> Network configuration:" + + # Save basic DHCP status + echo "DHCP_SUCCESS" > /tmp_ram/dhcp_status + IP_ADDR=$(ifconfig vtnet0 | grep 'inet ' | awk '{print $2}') + echo "IP address set to: $IP_ADDR" + echo "IP: $IP_ADDR" >> /tmp_ram/dhcp_status + echo "Date: $(date)" >> /tmp_ram/dhcp_status + break + fi + + echo "---> Still waiting for DHCP lease... (attempt $((RETRY_COUNT + 1))/$MAX_RETRIES)" + sleep 3 + RETRY_COUNT=$((RETRY_COUNT + 1)) +done + +# Check final status +IP_ADDR=$(ifconfig vtnet0 | grep 'inet ' | awk '{print $2}') +if [ -z "$IP_ADDR" ] || [ "$IP_ADDR" = "0.0.0.0" ]; then + echo "---> DHCP failed! Falling back to static IP configuration..." + # Kill DHCP client if still running + if kill -0 $DHCP_PID 2>/dev/null; then + kill $DHCP_PID 2>/dev/null + fi + + # Configure static IP as fallback + echo "---> Configuring static IP fallback: 192.168.122.100" + ifconfig vtnet0 192.168.122.100 netmask 255.255.255.0 + route add default 192.168.122.1 # Add default gateway + + # Save fallback status + echo "DHCP_FAILED_STATIC_FALLBACK" > /tmp_ram/dhcp_status + echo "IP address set to: 192.168.122.100" + echo "IP: 192.168.122.100" >> /tmp_ram/dhcp_status + echo "Date: $(date)" >> /tmp_ram/dhcp_status +else + echo "---> DHCP configuration completed successfully" +fi + +# Configure system network settings +sysctl -w net.inet.icmp.bmcastecho=1 > /dev/null # Enable ICMP broadcast echo (responds to broadcast pings) + +# The datarouter sends DLT messages via UDP multicast to +# '239.255.42.99:3490' (configured in log-channels.json). +# Adding multicast route via vtnet0 interface directs all +# multicast traffic ('224.0.0.0/4') out the guest network +# interface so it reaches the host via the QEMU TAP device. +echo "Adding multicast route" +route add -net 224.0.0.0 -netmask 240.0.0.0 -interface vtnet0 + +echo "---> Network configuration completed" diff --git a/images/qnx_aarch64/configs/passwd b/images/qnx_aarch64/configs/passwd new file mode 100644 index 00000000000..bcd2c608547 --- /dev/null +++ b/images/qnx_aarch64/configs/passwd @@ -0,0 +1,17 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + + +root::0:0:Superuser:/:/bin/sh +qnxuser::1000:1000:QNX User:/:/bin/sh +sshd::15:6:sshd:/:/bin/false diff --git a/images/qnx_aarch64/configs/profile b/images/qnx_aarch64/configs/profile new file mode 100644 index 00000000000..97e7e7ef30d --- /dev/null +++ b/images/qnx_aarch64/configs/profile @@ -0,0 +1,18 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + + +export TERM=qansi +export PATH=/proc/boot +export LD_LIBRARY_PATH=/proc/boot +export MAGIC=/system/etc/magic diff --git a/images/qnx_aarch64/configs/qcrypto.conf b/images/qnx_aarch64/configs/qcrypto.conf new file mode 100644 index 00000000000..b65b4c4a0e1 --- /dev/null +++ b/images/qnx_aarch64/configs/qcrypto.conf @@ -0,0 +1 @@ +openssl-3 tags=* diff --git a/images/qnx_aarch64/configs/ssh_host_rsa_key b/images/qnx_aarch64/configs/ssh_host_rsa_key new file mode 100644 index 00000000000..aff51a2418f --- /dev/null +++ b/images/qnx_aarch64/configs/ssh_host_rsa_key @@ -0,0 +1,38 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn +NhAAAAAwEAAQAAAYEArR4LKpPGS2mqmnj+d4Y/0DLdYUVQ7hBaR/aYnNbZFUvO3nOFixa4 +u8pjRQbNFsERvY8o3Q1+SEg/xq+WC4vxhS9bjfMOxO29ncicvcDZR9kVOc/dNCLv6amdOy +9V/wN8rb7vy5KhPKF/uubj/HmcwRYZAYV3spR7C4OpN1tSZFBu/rcOYYYC7VxKcshEj8Yt +8QX7Bil+MIJHPLu7HTktgxDSp4Y3NUORoV9In1qM+rTJsxDHr3gfCOaN4OnQElwS7RfXx2 +BFcvA3d4JreynHocpLWUO6rrs1qjCsQZFPqQwBC7SDn8eiKy0XH+yPpioUaJ6L+YFqrk3c +KxijWKP5/aDuCQrw230mLtWatspHpNUXQSN1FQby6kqLUSV8gXX7lS91AMjdb3sqJ9ebxJ +xGARbp8ow1yRtTfqk6H04q2QgVQZ/Idso3TzQokt0K/feEdj7SwH3LsaAeMWPyo0WLUOk1 +8j46LUEayluF4UcIm8dnjoTywW9A/MS1C+2p4eTbAAAFeAU74GcFO+BnAAAAB3NzaC1yc2 +EAAAGBAK0eCyqTxktpqpp4/neGP9Ay3WFFUO4QWkf2mJzW2RVLzt5zhYsWuLvKY0UGzRbB +Eb2PKN0NfkhIP8avlguL8YUvW43zDsTtvZ3InL3A2UfZFTnP3TQi7+mpnTsvVf8DfK2+78 +uSoTyhf7rm4/x5nMEWGQGFd7KUewuDqTdbUmRQbv63DmGGAu1cSnLIRI/GLfEF+wYpfjCC +Rzy7ux05LYMQ0qeGNzVDkaFfSJ9ajPq0ybMQx694HwjmjeDp0BJcEu0X18dgRXLwN3eCa3 +spx6HKS1lDuq67NaowrEGRT6kMAQu0g5/HoistFx/sj6YqFGiei/mBaq5N3CsYo1ij+f2g +7gkK8Nt9Ji7VmrbKR6TVF0EjdRUG8upKi1ElfIF1+5UvdQDI3W97KifXm8ScRgEW6fKMNc +kbU36pOh9OKtkIFUGfyHbKN080KJLdCv33hHY+0sB9y7GgHjFj8qNFi1DpNfI+Oi1BGspb +heFHCJvHZ46E8sFvQPzEtQvtqeHk2wAAAAMBAAEAAAGAQMkziJWQ6fv7Wp/ZK0XUb8f5TU +Oxi8YW40OHzXoh93RNULaOzYSNUcnl6Jko+1D5oKUIt+Eq10Yih+qCDoQquJsGelLxvgTy +py/CaMjZB6hX5zDBKZfBjQJq0xFd73eQmz0PZHHVYWlW8c0imQOyBBiO9yDJsM0cVyzIkO +zeIqhvQWekPB74zXdybQ5BikSyQLbqQF4a2XCH1FS1K7SQMbKEAymZU5eb0nZkKS6r/87U +hOzMrgAYLS6K/hbCRXyrAlz61x2hMKTngb/ERWWilqJSGlF8Q4p2LmIxyUnll/C2cq2dvU +gMARPvZ3DL/QFl4fhLa20vTg83CQNaw6zuEAhTP8lmvDP+4DhtqUPno1T7161OpEHD/ZRb +oiwXmkwg+0yiR8a9OFiolAhwiqPhqC1W39+coEutjpbXQ1uJVoC0kWHMY9biBa7cb9Cxrq +boYLOs31sLhTWTrHgIgpsf/FSWYLF5hknZKpVhWQsfowyCtjn6uvVh+bcfUwOMCDthAAAA +wQDSHJTmW6o6uK53KE6t4c7x+G/qO2Y6FSRQuAbojL1o7gG0SYDFRR3k5fMQ/zqQ1pWrqR +5Im+InsfO5KG9489z/SCIXwPq6zev8WJjZV2P3A8qTBPzEeYmicZtJGH/sBuk8Oj/CdOKV ++GBzkqJdxruiNzLEIGS1gjserT6YJxmA5Q/j1Hiz+bSf66cHhGzmQ092tQ+gGvWPtbFn+D +YQVbp1GW8E6lbAOBew7IDcWp7LVDZuShBrDvFWtsaupZ7wYxoAAADBAOXzYeYNyrKsFCju +Qh1Bj0uVOf8lVvygGOzFA/OdqWuRr/h2aPsNYJFbdIiP61mvVd1umJ8BQDiXNlm/YpXOXu +jOm9a8BVKpMTtoohEkUbqBtv9vx+XHnhLCFYYL4GHJ9Dhj50L3djf++/HkahtZJlTkpSbt +/ukoZKI1m8MgpyC3xk2UDu1yWNizT2l1L7RnE+ZO4b5U9cONANiYBD8jcnZAvh4ld3ojo0 +iNXEVEGAKIodMUsgASxGwmoxuX3ugJIwAAAMEAwLp7eVBjg27eflRNYuW8akfDyq9zB1rp +YGo3GbPytb14WVJuyNL1tJ/B/rdFBg0IXf1FQJEL99kKJP5yDxjOx9kyXBhIWjm8arz39h +uw0wrsuRl2rrCfMABGS51GohtYmKETZ6x7/2n3l6iz/5mhRN8hW0JluJhKtj6ogO6GZERr +PTYwQs+9Q7QI1cPx7G5cEPhWhEd+OmKZuXRjhMQQ+ADj/lnUAhhGQatM9/bohJOdObWCRl +Fu+/MLbJQuA1zpAAAAAAEC +-----END OPENSSH PRIVATE KEY----- diff --git a/images/qnx_aarch64/configs/ssh_host_rsa_key.pub b/images/qnx_aarch64/configs/ssh_host_rsa_key.pub new file mode 100644 index 00000000000..eee47d4f304 --- /dev/null +++ b/images/qnx_aarch64/configs/ssh_host_rsa_key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCtHgsqk8ZLaaqaeP53hj/QMt1hRVDuEFpH9pic1tkVS87ec4WLFri7ymNFBs0WwRG9jyjdDX5ISD/Gr5YLi/GFL1uN8w7E7b2dyJy9wNlH2RU5z900Iu/pqZ07L1X/A3ytvu/LkqE8oX+65uP8eZzBFhkBhXeylHsLg6k3W1JkUG7+tw5hhgLtXEpyyESPxi3xBfsGKX4wgkc8u7sdOS2DENKnhjc1Q5GhX0ifWoz6tMmzEMeveB8I5o3g6dASXBLtF9fHYEVy8Dd3gmt7KcehyktZQ7quuzWqMKxBkU+pDAELtIOfx6IrLRcf7I+mKhRonov5gWquTdwrGKNYo/n9oO4JCvDbfSYu1Zq2ykek1RdBI3UVBvLqSotRJXyBdfuVL3UAyN1veyon15vEnEYBFunyjDXJG1N+qTofTirZCBVBn8h2yjdPNCiS3Qr994R2PtLAfcuxoB4xY/KjRYtQ6TXyPjotQRrKW4XhRwibx2eOhPLBb0D8xLUL7anh5Ns= diff --git a/images/qnx_aarch64/configs/sshd_config b/images/qnx_aarch64/configs/sshd_config new file mode 100644 index 00000000000..4be18c46bab --- /dev/null +++ b/images/qnx_aarch64/configs/sshd_config @@ -0,0 +1,64 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + + +# Port number for SSH +Port 22 + +# Protocol version +Protocol 2 + +# Host key location +HostKey /var/ssh/ssh_host_rsa_key + +# Enable port forwarding +AllowTcpForwarding yes + +# Enable SCP/SFTP +Subsystem sftp /usr/lib/ssh/sftp-server + +# AUTHENTICATION SETTINGS - Simple passwordless authentication +# Enable password authentication to check for empty passwords +PasswordAuthentication yes + +# Allow empty passwords (no password required) +PermitEmptyPasswords yes + +# Disable all other authentication methods completely +PubkeyAuthentication no +ChallengeResponseAuthentication no +HostbasedAuthentication no + +# Allow root login without authentication +PermitRootLogin yes + +# Allow user environment variables +PermitUserEnvironment yes + +# Don't create PID file +PidFile none + +# Log level for debugging +LogLevel DEBUG + +# Disable strict modes for easier setup +StrictModes no + +# Disable DNS lookups for faster connection +UseDNS no + +# Maximum authentication attempts +MaxAuthTries 3 + +# Disable login grace time +LoginGraceTime 30 diff --git a/images/qnx_aarch64/configs/startup.sh b/images/qnx_aarch64/configs/startup.sh new file mode 100644 index 00000000000..43400eeef88 --- /dev/null +++ b/images/qnx_aarch64/configs/startup.sh @@ -0,0 +1,77 @@ +#!/bin/sh + +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + + +# ******************************************************************************* +# System Startup Script +# Executed during system initialization to start essential services +# ******************************************************************************* +echo "---> Starting slogger2" +slogger2 -s 4096 # Start system logger with 4KB buffer size for log messages +waitfor /dev/slog # Wait for system log device to become available + +echo "---> Starting Pipe" +pipe # Start named pipe resource manager for IPC +waitfor /dev/pipe # Wait for pipe device to become available + +echo "---> Starting Random" +random # Start random number generator device +waitfor /dev/random # Wait for random device to become available + +echo "---> Starting fsevmgr" +fsevmgr # Start file system event manager for file notifications +waitfor /dev/fsnotify # Wait for filesystem notification device + +echo "---> Starting devb-ram" +devb-ram ram capacity=1 blk ramdisk=10m,cache=512k,vnode=256 2>/dev/null # Create 10MB RAM disk with 512KB cache +waitfor /dev/ram0 # Wait for RAM disk device to be ready + +echo "---> mounting ram disk" +mkqnx6fs -q /dev/ram0 # Create QNX6 filesystem on RAM disk (quiet mode) +waitfor /dev/ram0 # Wait for filesystem creation to complete +mount -t qnx6 /dev/ram0 /tmp_ram # Mount RAM disk as QNX6 filesystem at /tmp_ram + +echo "---> Starting mqueue" +mqueue # Start POSIX message queue resource manager +waitfor /dev/mqueue # Wait for message queue device to be available + +echo "---> Starting devc-pty" +devc-pty -n 32 # Start pseudo-terminal driver with 32 PTY pairs + +echo "---> Configuring network" +/etc/network_setup.sh # fixed IP setup +mkdir -p /tmp_ram/var/run/dhcpcd +mkdir -p /tmp_ram/var/db +ln -sP /tmp_ram/var/db /var/db +ln -sP /tmp_ram/var/run/dhcpcd /var/run/dhcpcd +/etc/network_setup_dhcp.sh # Execute network configuration script + +echo "---> Setting hostname" +if [ -f /etc/hostname ]; then # Check if hostname file exists + HOSTNAME=$(cat /etc/hostname) # Read hostname from file + hostname "$HOSTNAME" # Set system hostname + echo "Hostname set to: $HOSTNAME" +else + hostname qnx-score # Set default hostname if no file exists + echo "Qnx_S-core" > /tmp/hostname # Create temporary hostname file + echo "Default hostname set to: Qnx_S-core" +fi + +echo "---> adding /tmp_discovery folder" +mkdir -p /tmp_ram/tmp_discovery +ln -sP /tmp_ram/tmp_discovery /tmp_discovery + +/proc/boot/sshd -f /var/ssh/sshd_config # Start SSH daemon with specified configuration file +/showcases/bin/cli # Start the CLI application from the mounted showcases directory diff --git a/runners/qemu_aarch64/scripts/BUILD b/runners/qemu_aarch64/scripts/BUILD index 44ff61c805e..6ba2ec15b80 100644 --- a/runners/qemu_aarch64/scripts/BUILD +++ b/runners/qemu_aarch64/scripts/BUILD @@ -1 +1,4 @@ -exports_files(["run_qemu.sh"]) +exports_files([ + "run_qemu.sh", + "run_qemu_qnx.sh", +]) diff --git a/runners/qemu_aarch64/scripts/run_qemu_qnx.sh b/runners/qemu_aarch64/scripts/run_qemu_qnx.sh new file mode 100755 index 00000000000..7549337229f --- /dev/null +++ b/runners/qemu_aarch64/scripts/run_qemu_qnx.sh @@ -0,0 +1,40 @@ +#!/bin/bash + +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* + +set -euo pipefail + +IFS_IMAGE=$1 + +if ! command -v qemu-system-aarch64 > /dev/null; then + echo "Please install qemu-system-aarch64" + exit 1 +fi + +echo "Starting QEMU with IFS image: ${IFS_IMAGE}" +qemu-system-aarch64 \ + -m 1G \ + -machine virt,virtualization=true,gic-version=3 \ + -cpu cortex-a53 \ + -smp 2 \ + -pidfile /tmp/qemu.pid \ + -nographic \ + -kernel "${IFS_IMAGE}" \ + -chardev stdio,id=char0,signal=on,mux=on \ + -mon chardev=char0,mode=readline \ + -serial chardev:char0 \ + -object rng-random,filename=/dev/urandom,id=rng0 \ + -netdev user,id=net0,net=192.168.7.0/24,dhcpstart=192.168.7.2,dns=192.168.7.3,host=192.168.7.5,hostfwd=tcp::2222-:22,hostfwd=tcp::3333-:3333 \ + -device virtio-net-device,netdev=net0 \ + -device virtio-rng-device,rng=rng0 diff --git a/score_starter b/score_starter index cb77dd6729c..244e62f48d1 100755 --- a/score_starter +++ b/score_starter @@ -14,6 +14,11 @@ mEntries = [ "bazel --output_base=build/qnx-x86_64 run --config qnx-x86_64 //images/qnx_x86_64:run", "qnx-x86_64", ), + ( + "Run QNX aarch64 QEMU", + "bazel --output_base=build/qnx-aarch64 run --config qnx-aarch64 //images/qnx_aarch64:run", + "qnx-aarch64", + ), ( "Run Linux x86_64 Docker", "bazel --output_base=build/linux-x86_64 run --config linux-x86_64 //images/linux_x86_64:run", diff --git a/showcases/cli/main.rs b/showcases/cli/main.rs index 55cfa62224b..e3a39dc4b3c 100644 --- a/showcases/cli/main.rs +++ b/showcases/cli/main.rs @@ -143,7 +143,7 @@ fn main() -> Result<()> { }; for index in selected { - run_score(&configs[index])?; + run_score(&configs[index], &root_dir)?; } outro("All done!")?; @@ -190,7 +190,16 @@ fn is_score_file(path: &Path) -> bool { .unwrap_or(false) } -fn run_score(config: &ScoreConfig) -> Result<()> { +fn resolve_path(path: &str, root_dir: &str) -> String { + const CANONICAL_ROOT: &str = "/showcases"; + if let Some(suffix) = path.strip_prefix(CANONICAL_ROOT) { + format!("{}{}", root_dir, suffix) + } else { + path.to_string() + } +} + +fn run_score(config: &ScoreConfig, root_dir: &str) -> Result<()> { println!("▶ Running example: {}", config.name); let mut children: Vec<(usize, String, Child)> = Vec::new(); @@ -212,22 +221,25 @@ fn run_score(config: &ScoreConfig) -> Result<()> { } } - println!("{:?} App {}: starting {}", now.elapsed(), i + 1, app.path); + let resolved_path = resolve_path(&app.path, root_dir); + let resolved_dir = app.dir.as_deref().map(|d| resolve_path(d, root_dir)); + + println!("{:?} App {}: starting {}", now.elapsed(), i + 1, resolved_path); - let mut cmd = Command::new(&app.path); + let mut cmd = Command::new(&resolved_path); cmd.args(&app.args); cmd.envs(&app.env); - if let Some(ref dir) = app.dir { + if let Some(ref dir) = resolved_dir { cmd.current_dir(dir); } let child = cmd .spawn() - .with_context(|| format!("Failed to start app {}: {}", i + 1, app.path))?; + .with_context(|| format!("Failed to start app {}: {}", i + 1, resolved_path))?; println!("App {}: spawned command {:?}", i + 1, cmd); - children.push((i + 1, app.path.clone(), child)); + children.push((i + 1, resolved_path, child)); } // Wait for all children