| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
The tools have broader platform compatibility than the hypervisor.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds patches for packaged scripts to enable deployment with python3
where they have been ported to python 3 upstream.
setuptools3 inherits distutils3 which modifies ${B}, so cd ${S} is
needed in the do_configure, do_compile and do_install steps.
Remove python 2 dependency from the Xen recipes by adding a new
separate recipe, xen-python2, for packaging the remaining optional
scripts which are yet to be ported to python 3. Package naming in
the separate recipe is chosen to support transition back into the
xen-tools recipe if the scripts are ported later.
Use RSUGGESTS to support inclusion of the xen-python2 scripts in
images that include python 2.
Drop the remus package python dependency since the script was removed
in 2014: commit 5b66f84e37a45038f9e5dae7a5768a5525d1e6ba
Add python3 RDEPENDS needed to run xenmon.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A text editor can interpret /* as the beginning of a comment
and then fail to find the matching */ it expects as a terminator.
This causes it to mishighlight the rest of the file. Avoid this
by using a different matching pattern.
Fixes an annoyance when editing the file. No functional change intended.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Launching HVM guest VMs requires a BIOS firmware binary.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change changes the names of many packages produced: the
xen-tools recipe now builds packages previous built by the xen
recipe, so the package prefix changes from "xen-" to "xen-tools-".
A temporary bbappend is provided for qemu to ease the transition.
Multiple motivations for recipe separation:
- improves efficiency of incremental build and development
- supports building the hypervisor and tools with different toolchains
and for different architectures
Switch to using a git recipe on the Xen stable branch:
- enables easier tracking of critical XSA security updates applied
upstream by just advancing SRCREV along the branch
Revision has been set to the tip of the stable-4.12 branch, which
has the one XSA-312 patch applied on top of RELEASE-4.12.2.
The recipe refactor externalizes the block tap components, to enable optional
building of blktap in a separate recipe outside xen-tools, needed by OpenXT.
xenstored is made a virtual package to support switching between
alternative implementations (several exist).
Update xen-image-minimal to install the xen-tools package, which
replaces what was previously xen-base.
Determine the flask policy filename, which is Xen-version specific,
using the same method as the Xen build system.
qemu: update PACKAGECONFIG[xen] for xen package renaming: allows builds
to continue correctly in the meantime while openembedded core and poky
are updated.
OpenXT ticket reference: OXT-1694
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Modern Qemu supports Xen and the qemu binary to be used with Xen should
be built with the Qemu recipe.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Fixes the build failure with 4.12.0 seen with the newer OE compiler.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the method of passing compiler flags into the Xen build, which is
needed to fix compilation of hvmloader, a 32-bit firmware binary that is
required for Xen to be able to run HVM-mode guest VMs. It must not be
compiled with SSE compiler options enabled, so the Xen build clears
CFLAGS, which is a problem with _FORTIFY_SOURCE present in CC because
it must be paired with a compiler optimization flag that was in CFLAGS.
This change fixes the compilation failure that stated
"_FORTIFY_SOURCE requires compiling with optimization (-O)".
32-bit ARM needs the TUNE_CCARGS to be retained as passed via CC
to ensure that configure is able to generate binaries for the
correct ABI, so is handled as a separate case.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Reviewed-by: Jason Andryuk <jandryuk@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Xen commit a0f98145 changed the installation directory for pkgconfig
files, so update recipe to include the .pc files at their new location.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Remove the requirement for x86 tools when building for ARM platforms.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Retiring these as the components are not in use and work on updating
the recipes to build with the OE native tools rather than host tools
has been discontinued.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Under FHS 3.0: /var/run -> /run
http://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch03s15.html
systemd-tmpfiles throws some warnings with /var/run in xen.conf:
systemd-tmpfiles[981]: [/etc/tmpfiles.d/xen.conf:1] Line references path below legacy directory /var/run/, updating /var/run/xenstored → /run/xenstored; please update the tmpfiles.d/ drop-in file accordingly.
systemd-tmpfiles[981]: [/etc/tmpfiles.d/xen.conf:2] Line references path below legacy directory /var/run/, updating /var/run/xend → /run/xend; please update the tmpfiles.d/ drop-in file accordingly.
systemd-tmpfiles[981]: [/etc/tmpfiles.d/xen.conf:3] Line references path below legacy directory /var/run/, updating /var/run/xend/boot → /run/xend/boot; please update the tmpfiles.d/ drop-in file accordingly.
systemd-tmpfiles[981]: [/etc/tmpfiles.d/xen.conf:4] Line references path below legacy directory /var/run/, updating /var/run/xen → /run/xen; please update the tmpfiles.d/ drop-in file accordingly.
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Jed <jed.openxt@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Strip out the sse4.2 tuning flag to prevent sse instructions
from being generated in the build, which breaks the hvmloader
on some machine types (specifically core-i7 from meta-intel).
Signed-off-by: Brendan Kerrigan <kerriganb@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Many "real" (other then genericx86-64) x86-64 target machine configurations
set BASELIB to lib64. For example the intel-corei7-64 or the AMD
machines.
In such case packaging xen-python fails because items are
installed to /usr/lib/, but FILES_xen-python points to package
/usr/lib64/ items. Exposing the DISTUTILS variables from OE build makes
the python installation somewhat similar to what happens in the distutils
class and python items are installed to the /usr/lib64 as expected.
Another issue was that the xen-efi package was picking up too much stuff
from the /usr/lib64 path on such machines. Being more explicit at least
allows to package things correctly.
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
It is out of date, causes compilation errors, and is replacable
with acpica. This commit removes the iasl recipe as well
as updating references within seabios and xen, even though
acpcica PROVIDES iasl.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Apply upstream-reviewed patch to fix compilation.
Patch reorders header includes to issue a pragma to disable SSE before
including any potentially always_inline functions that would use SSE.
Also modify the recipe to supply compiler flags via the tools variables where
they will get used, necessary as _FORTIFY_SOURCE requires optimization flags to
be supplied.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Enable recipe for COMPATIBLE_HOST = 'arm-.*-linux-gnueabi'
Tested with a cubietruck, upstream's reference device for this class.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Adds xen-tools-xenpmd-snprintf.patch to fix string format compiler
truncation warning in xenpmd: assists the compiler by masking the
value to provide an obvious low upper bound for the value range.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Adds patch for compatibility with gcc 8.2, to fix string lengths
for copied values to prevent array-bounds warnings.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Enable reproducible builds of the hypervisor binaries by defining
build variables and setting compiler flags to support this.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
A new tool introduced in the Xen 4.12 dev cycle.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystem.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
drops the gcc7 compatibility patch -- no longer required as
it is present in the upstream version.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
| tpm_emulator-0.7.4/tpm/tpm_deprecated.c:437:7:
| error: 'memcmp' reading 20 bytes from a region of size 8
| [-Werror=stringop-overflow=]
| if (memcmp(&b1, &newAuthLink, sizeof(TPM_HMAC))) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Apply patch from Xen: vtpm_TPM_ChangeAuthAsymFinish.patch
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Adds packaging for new binary: xen-shim.
Builds the hypervisor before building the tools to workaround an upstream
parallel build bug that causes the shim to be rebuilt during install.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Matches sysvinit packaging.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vTPM stubdomain allows a virtual TPM to be created and used to
provide TPM functionality to Xen guest domains. The vTPM Manager
stubdomain seals the secrets of each vTPM to the physical TPM, thereby
extending the chain of trust to the virtual machines in Xen. More
information on Xen vTPMs found at
https://xenbits.xen.org/docs/unstable/man/xen-vtpm.7.html This xen-vtpm
recipe uses Xen/stubdom source tree to build the Xen vTPM and vTPM
Manager binaries and MiniOS source tree to build the Xen vTPM and vTPM
Manager stubdomains.
This recipe provides the ability to modify how the vTPM stubdomains are
created and the ability to independently patch the vTPM stubdomain
source code as necessary.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TPM Emulator is a software-based TPM and MTM emulator. This TPM Emulator
recipe creates a static library that is cross-compiled against MiniOS,
Xen, LWIP, Newlib, PolarSSL, and the stubdom-specific GMP headers and
subsequently used during the cross-compilation and linking of the Xen
vTPM and vTPM Manager stubdomains.
The current Xen source code is hardcoded to fetch a specific version of
this package. The patch files originate from the Xen/stubdom source
tree. This recipe provides the flexibility to change version or modify
the patches.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
GMP is a fast precision arithmetic library targeted for cryptographic
applications. This GMP recipe creates a static library that is
cross-compiled against that is cross-compiled against MiniOS, Xen, LWIP,
Newlib, and PolarSSL headers and subsquently used during the
cross-compilation and linking of the TPM Emulator and the Xen vTPM and
vTPM Manager stubdomains.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PolarSSL (now mbedTLS) is a lightweight SSL library optimized for
embedded systems. In the case of Xen stubdomains, we are using MiniOS.
This PolarSSL recipe creates a static library that is cross-compiled
against MiniOS, Xen, LWIP, and Newlib headers and subsequently used
during the cross-compilation and linking of the stubdom specific GMP,
TPM Emulator, and the Xen vTPM and vTPM Manager stubdomains. The
current Xen source code is hardcoded to fetch a specific version of this
package. The patch files originate from the Xen/stubdom source tree.
This recipe provides the flexibility to change version or modify the
patches.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Newlib provides a fast, C library optimized for embedded systems. In the
case of Xen stubdomains, we are using MiniOS. This Newlib recipe creates
static libraries that are cross-compiled against MiniOS, Xen, and LWIP
headers and subsequently used during the cross-compilation and linking
of PolarSSL, the stubdom specific GMP, TPM Emulator, and the Xen vTPM
and vTPM Manager stubdomains. The current Xen source code is hardcoded
to fetch a specific version of this package. The patch files originate
from the Xen/stubdom source tree. This recipe provides the flexibility
to change version or modify the patches.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mini-OS is a tiny OS kernel distributed with the Xen Project Hypervisor
sources. It is mainly used as operating system for stub domains that are
used for Dom0 Disaggregation.
The Mini-OS source tree is updated and released in coordination with Xen
releases. The Mini-OS source tree and architecture-specific symbolic
links are required for building the dependencies used to build Xen
stubodmains. For convenience, the make links target was executed before
packaging. Otherwise, this is a source package. The current build
methods for Xen stubdomains require either a source archive which
contains the Mini-OS source code or execution of a make target that will
fetch the appropriate Mini-OS source tree from it's git repository. This
recipe removes the mysticism of relating to the version of Mini-OS being
used and it's origins and provides the flexibility to easily changes
versions or patch as necessary.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
lwIP is a small implementation of the TCP/IP stack designed for use in
embedded systems. This lwIP recipe does not configure nor does it build
the product. Instead, this recipe applies the patches normally found in
the Xen/stubdom source tree and creates a source package that can be
used for cross-compiling for MiniOS.
The current Xen source code is hardcoded to fetch a specific version of
this package. The patch files originate from the Xen/stubdom source
tree. This recipe provides the flexibility to change version or modify
the patches.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This commit introduces the stubdom.inc file that is required for each
recipe that is/will be built for Xen stubdomains. This file defines the
standard values to be used such as common dependencies, compiler and
linker flags, and unsets every flag and build tool that is exported into
the OE environment.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
oe_filter_out is not available in oe-core anymore so use
oe.utils.str_filter_out instead.
Signed-off-by: Ricardo Salveti <ricardo@opensourcefoundries.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Fix a memory leak with MSR emulation on x86.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Introduce the recipe for Xen 4.10.0.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In Xen 4.10, blktap is deprecated and no longer built by default,
so make the xen-blktap, xen-libblktap and xen-libvhd packages optional
instead of required dependencies for the xen-base package.
Move xen-blktap and related packages to RRECOMMENDS to preserve
xen.inc compatability with previous Xen releases.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Package a new library, libxentoolstore, introduced in Xen 4.10.
Also package the xen-diag tool in the xen-misc package.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade the Xen 4.9.x series recipe to latest 4.9.1
and apply patches for:
XSA-245 / CVE-2017-17046
XSA-246 / CVE-2017-17044
XSA-247 / CVE-2017-17045
XSA-248 / CVE-2017-17566
XSA-249 / CVE-2017-17563
XSA-250 / CVE-2017-17564
XSA-251 / CVE-2017-17565
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
