feat: initial code upload

Signed-off-by: Marvin Drees <marvin.drees@9elements.com>

.github/workflows/build.yml

@@ -2,15 +2,15 @@ name: Build
 on:
   push:
     branches:
-      - master
+      - main
   pull_request:
     types:
       - opened
       - reopened
       - synchronize
       - ready_for_review
     branches:
-     - master
+     - main
 permissions:
   contents: read
 jobs:

.github/workflows/lint.yml

@@ -2,18 +2,30 @@ name: Linting
 on:
   push:
     branches:
-      - master
+      - main
   pull_request:
     types:
       - opened
       - reopened
       - synchronize
       - ready_for_review
     branches:
-     - master
+     - main
 permissions:
   contents: read
 jobs:
+  commitlint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: ${{ github.event.pull_request.commits }}
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: Commit-Lint
+        uses: bugbundle/commits@v1.1.0
+        id: commits
+      - run: echo ${{ steps.commits.outputs.major }}.${{ steps.commits.outputs.minor }}.${{ steps.commits.outputs.patch }}
   golangci-lint:
     runs-on: ubuntu-latest
     steps:

.github/workflows/release.yml

@@ -1,8 +1,8 @@
 name: Release
-on: 
+on:
   push:
-   tags:
-     - "v*"
+    tags:
+      - "v*"
 permissions:
   contents: read
 jobs:

.github/workflows/tests.yml

@@ -2,15 +2,15 @@ name: Tests
 on:
   push:
     branches:
-      - master
+      - main
   pull_request:
     types:
       - opened
       - reopened
       - synchronize
       - ready_for_review
     branches:
-     - master
+     - main
 permissions:
   contents: read
 jobs:

.gitignore

@@ -1 +1 @@
-output
+init

README.md

@@ -1,51 +1,6 @@
-# Template Repository
+# u-bmc system init
 
-## Files
+[![License](https://img.shields.io/badge/License-BSD_3--Clause-blue.svg)](https://opensource.org/licenses/BSD-3-Clause)
 
-### `.golangci.yml`
-
-The configuration of the main linter in use. Visit the [golangci](https://golangci-lint.run/) website for more details.
-
-### `.goreleaser.yml`
-
-The configuration of the release tool in use. Visit the [goreleaser](https://goreleaser.com/) website for more details.
-
-### `renovate.json`
-
-The configuration of the dependency monitoring bot. Visit the [renovate](https://docs.renovatebot.com/) website for more details.
-
-## Directories
-
-### `/.github`
-
-Directory for GitHub specific configuration, but GitHub Actions and Issue Templates.
-
-### `/ci`
-
-This directory contains the sources for the CI helper tool which is based on Dagger. It allows easier reproduction of CI results locally.
-
----
-
-The following general directory structure recommendations are taken from the [project layout](https://github.com/golang-standards/project-layout)
-
-### `/cmd`
-
-Main applications for this project.
-
-The directory name for each application should match the name of the executable you want to have (e.g., `/cmd/myapp`).
-
-Don't put a lot of code in the application directory. If you think the code can be imported and used in other projects, then it should live in the `/pkg` directory. If the code is not reusable or if you don't want others to reuse it, put that code in the `/internal` directory. You'll be surprised what others will do, so be explicit about your intentions!
-
-It's common to have a small `main` function that imports and invokes the code from the `/internal` and `/pkg` directories and nothing else.
-
-### `/pkg`
-
-Library code that's ok to use by external applications (e.g., `/pkg/mypubliclib`). Other projects will import these libraries expecting them to work, so think twice before you put something here :-) Note that the `internal` directory is a better way to ensure your private packages are not importable because it's enforced by Go. The `/pkg` directory is still a good way to explicitly communicate that the code in that directory is safe for use by others. The [`I'll take pkg over internal`](https://travisjeffery.com/b/2019/11/i-ll-take-pkg-over-internal/) blog post by Travis Jeffery provides a good overview of the `pkg` and `internal` directories and when it might make sense to use them.
-
-### `/internal`
-
-Private application and library code. This is the code you don't want others importing in their applications or libraries. Note that this layout pattern is enforced by the Go compiler itself. See the Go 1.4 [`release notes`](https://golang.org/doc/go1.4#internalpackages) for more details. Note that you are not limited to the top level `internal` directory. You can have more than one `internal` directory at any level of your project tree.
-
-### `/tools`
-
-Supporting tools for this project. Note that these tools can import code from the `/pkg` and `/internal` directories.
+This is a small init program meant to be run from inside an initramfs as the first program the Linux Kernel launches.
+While this tool can be built standalone it is designed to be built and bundled by the [u-bmc](https://github.com/u-bmc/u-bmc) build process.

go.mod

@@ -1,8 +1,11 @@
-module github.com/u-bmc/go-project-template
+module github.com/u-bmc/init
 
 go 1.21
 
-require dagger.io/dagger v0.9.3
+require (
+	dagger.io/dagger v0.9.3
+	golang.org/x/sys v0.13.0
+)
 
 require (
 	github.com/99designs/gqlgen v0.17.31 // indirect
@@ -12,5 +15,4 @@ require (
 	github.com/vektah/gqlparser/v2 v2.5.6 // indirect
 	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
 	golang.org/x/sync v0.4.0 // indirect
-	golang.org/x/sys v0.13.0 // indirect
 )

main.go

@@ -1,3 +1,69 @@
 // SPDX-License-Identifier: BSD-3-Clause
 
-package template
+package main
+
+import (
+	"flag"
+	"log"
+
+	"github.com/u-bmc/init/pkg/keyring"
+	"github.com/u-bmc/init/pkg/mount"
+	"github.com/u-bmc/init/pkg/switchroot"
+	"golang.org/x/sys/unix"
+)
+
+const logo = `
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⣤⣤⣤⣤⣤⣀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⣴⣿⠟⠉⠁⠀⠈⠉⠛⢿⣦⡀
+⠀⠀⠀⠀⠀⠀⠀⣠⣿⠋⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⣿⣆
+⠀⠀⠀⠀⠀⠀⢠⣿⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⡆
+⠀⠀⠀⠀⠀⠀⣿⡇⠀⠀⣶⣶⣦⠀⠀⠀⣠⣾⣶⡀⠀⠸⣿
+⠀⠀⠀⠀⠀⠀⣿⠀⠀⠘⠛⠀⠟⠀⠀⠀⠻⠁⠙⠃⠀⠀⣿
+⠀⠀⠀⠀⠀⠀⣿⡇⠀⠀⠀⠀⣴⡆⠀⢠⣦⠀⠀⠀⠀⢠⣿
+⠀⠀⠀⠀⠀⠀⠘⣿⠀⠀⠀⠀⠘⣿⣶⣿⠃⠀⠀⠀⠀⣿⠇
+⠀⠀⠀⠀⠀⠀⠀⠙⣿⣾⠿⠀⠀⠀⠀⠀⠀⠀⠿⣿⣾⠟
+⠀⠀⠀⠀⠀⠀⢀⣿⠛⠀⠀⠀⢀⣤⣤⣤⡀⠀⠀⠀⠙⣿⡄
+⠀⠀⠀⠀⠀⢀⣿⠃⠀⠀⠀⣴⡿⠋⠉⠉⢿⣷⠀⠀⠀⠈⣿⡄
+⠀⠀⠀⠀⠀⣼⡏⠀⠀⠀⢠⣿⠀⠀⠀⠀⠀⣿⡇⠀⠀⠀⢸⣿
+⠀⠀⠀⠀⠀⣿⡇⠀⠀⠀⢸⣿⠀⠀⠀⠀⠀⣿⡇⠀⠀⠀⢀⣿
+⠀⠀⠀⢰⣿⠛⠻⣿⠀⠀⢸⣿⠀⠀⠀⠀⠀⣿⡇⠀⠀⣾⠟⠛⢿⣦
+⠀⠀⠀⢿⣇⠀⠀⣿⠇⠀⢸⣿⠀⠀⠀⠀⠀⣿⡇⠀⠀⣿⠀⠀⢠⣿
+⠀⠀⠀⠈⠻⣿⡿⠋⠀⠀⢸⣿⠀⠀⠀⠀⠀⣿⡇⠀⠀⠙⠿⣿⠿⠁
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⣼⣿⣤⠀⠀⠀⣠⣿⣧⣄
+⠀⠀⠀⠀⠀⠀⠀⠀⢠⣿⠁⠀⢻⣷⠀⣸⡟⠀⠈⣿⡆
+⠀⠀⠀⠀⠀⠀⠀⠀⠈⣿⣄⣀⣾⠏⠀⠸⣷⣄⣠⣿⠃
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⠛⠁⠀⠀⠀⠈⠛⠛
+
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣶⡄
+⠀⣠⣄⠀⢠⣦⠀⠀⠀⠀⣿⣁⣶⣤⡀⠀⢀⣤⣦⣀⣴⣦⡀⠀⠀⣤⣶⣤⡀
+⠀⣿⡷⠀⢸⣿⢀⣤⣤⠀⣿⡟⠉⢻⣿⠀⣿⠏⠉⣿⠋⠙⣿⠀⣿⡟⠉⠛⠃
+⠀⢻⣷⣀⣾⡟⠀⠉⠉⠀⣿⣧⣀⣼⣿⠀⣿⠀⠀⣿⠀⠀⣿⠀⣿⣧⣀⣴⡆
+⠀⠀⠉⠛⠋⠀⠀⠀⠀⠀⠛⠉⠛⠋⠀⠀⠛⠀⠀⠛⠀⠀⠛⠀⠀⠙⠛⠋
+`
+
+func main() {
+	log.Print(logo)
+
+	key := flag.String("key", "", "Filesystem authentication key")
+	rootfs := flag.String("rootfs", "", "Root filesystem")
+	flag.Parse()
+
+	log.Println("Mounting all file systems")
+	m := mount.NewMounter(
+		mount.WithDefaultMounts(),
+		mount.WithMount(mount.Mount{
+			Source:       *rootfs,
+			Destination:  "/newroot",
+			Type:         "ubifs",
+			GenericFlags: unix.MS_NOSUID | unix.MS_RELATIME | unix.MS_LAZYTIME | unix.MS_RDONLY,
+			Flags:        []string{"ro", "auth_key=ubifs:auth", "auth_hash_name=sha256", "chk_data_crc", "bulk_read"},
+		}),
+	)
+	m.MountAll()
+
+	log.Println("Populating kernel keyring")
+	keyring.AddUbifsAuthKey([]byte(*key))
+
+	log.Println("Changing into new rootfs")
+	switchroot.SwitchRoot("/newroot", "/sbin/operator")
+}

pkg/keyring/keyring.go

@@ -0,0 +1,18 @@
+// SPDX-License-Identifier: BSD-3-Clause
+
+package keyring
+
+import (
+	"log"
+
+	"golang.org/x/sys/unix"
+)
+
+func AddUbifsAuthKey(key []byte) {
+	id, err := unix.AddKey("logon", "ubifs:auth", key, unix.KEY_SPEC_SESSION_KEYRING)
+	if err != nil {
+		log.Printf("Unable to add ubifs auth key: %v", err)
+	}
+
+	log.Printf("Added ubifs auth key with id %d", id)
+}

pkg/mount/mount.go

@@ -0,0 +1,42 @@
+// SPDX-License-Identifier: BSD-3-Clause
+
+package mount
+
+import (
+	"log"
+	"strings"
+
+	"golang.org/x/sys/unix"
+)
+
+type Mount struct {
+	Source       string
+	Destination  string
+	Type         string
+	GenericFlags uintptr
+	Flags        []string
+}
+
+type Mounter struct {
+	config config
+}
+
+func NewMounter(options ...Option) *Mounter {
+	cfg := config{}
+
+	for _, opt := range options {
+		opt.apply(&cfg)
+	}
+
+	return &Mounter{
+		config: cfg,
+	}
+}
+
+func (m *Mounter) MountAll() {
+	for _, m := range m.config.mounts {
+		if err := unix.Mount(m.Source, m.Destination, m.Type, 0, strings.Join(m.Flags, ",")); err != nil {
+			log.Printf("Unable to mount file system %s\n", m.Destination)
+		}
+	}
+}