Add arm64 builds for host-containers

[jahkeup]

Issue #, if available:

#468

Description of changes:

container.mk has been added to consolidate the shared bits of host-container container image builds and also to support the arm64 builds.

The logic within container.mk supports both native builds on each platform (eg: amd64, arm64) but also allows for adding stubs to permit building all architectures with binfmt stubs supporting the other arches. N.B: I've provided binfmt as a convenience for development, we'll likely use automated builds on each target platform.

A single call to make will build the thar-control container images for amd64 and arm64:

$ cd extras/host-containers/thar-control
# Release requires that builds for all arches are performed. The user will have
# to ACK by passing USE_BINFMT=1 to confirm the use of binfmt (qemu) to do so.
$ make release USE_BINFMT=1

Marked as Draft as I'm waiting on the bash build to wrap up
Waiting to drop this in on a host and see it do the things!
The containers work!

See also: #689

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[jahkeup]

The build finished and the statically built /opt/bin/bash works!

bash-4.2# uname -a
Linux f32b8666ae76 4.19.91 #1-NixOS SMP Sat Dec 21 09:57:45 UTC 2019 aarch64 aarch64 aarch64 GNU/Linux

bash-4.2# readelf -h -d /opt/bin/bash 
ELF Header:
  Magic:   7f 45 4c 46 02 01 01 03 00 00 00 00 00 00 00 00 
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - GNU
  ABI Version:                       0
  Type:                              EXEC (Executable file)
  Machine:                           AArch64
  Version:                           0x1
  Entry point address:               0x401a48
  Start of program headers:          64 (bytes into file)
  Start of section headers:          3293192 (bytes into file)
  Flags:                             0x0
  Size of this header:               64 (bytes)
  Size of program headers:           56 (bytes)
  Number of program headers:         6
  Size of section headers:           64 (bytes)
  Number of section headers:         33
  Section header string table index: 32

There is no dynamic section in this file.

bash-4.2# /opt/bin/bash 
bash-5.0# exit

[jahkeup]

Rebased on the latest changes to the control container image (#709) and tidied up much of the Makefiles. The current state of changes uses a separate container.mk that has been greatly reduced in size and incorporates @bcressey and @webern 's feedback (thanks!).

Ignore the fixups and such for the time being - they're there for my own benefit if folks have feedback that affect any of them. I'll rebase to squash them down before merging! 👍

[bcressey]

LGTM.

Do you want to add the second make invocation for the additional architecture (and binfmt setup) to the CI steps here, or save that for a follow-up PR?

[zmrow]

🎐

[jahkeup]

Do you want to add the second make invocation for the additional architecture (and binfmt setup) to the CI steps here, or save that for a follow-up PR?

@bcressey we'll do CI integration as a follow up, getting ARM builds isn't yet prioritized work (at the moment). We'll include handling binfmt explicitly in that work. Seeing as there's been recent CVEs associated with QEMU, I think we'll try to roll a minimal solution of our own using AL2 packages if possible to avoid relying on the more (as of right now) stale image that was being used in earlier revisions of this PR.