diff options
Diffstat (limited to 'external/meta-virtualization/recipes-extended')
124 files changed, 4453 insertions, 8479 deletions
diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-Correct-the-path-to-find-version.h-in-rocksdb.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-Correct-the-path-to-find-version.h-in-rocksdb.patch deleted file mode 100644 index 788505b2..00000000 --- a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-Correct-the-path-to-find-version.h-in-rocksdb.patch +++ /dev/null @@ -1,40 +0,0 @@ -From a53605694d5301b7bb543464b17f74bbbd35d372 Mon Sep 17 00:00:00 2001 -From: Dengke Du <dengke.du@windriver.com> -Date: Tue, 28 Aug 2018 10:04:40 +0800 -Subject: [PATCH] Correct the path to find version.h in rocksdb - -Signed-off-by: Dengke Du <dengke.du@windriver.com> ---- - cmake/modules/Findrocksdb.cmake | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/cmake/modules/Findrocksdb.cmake b/cmake/modules/Findrocksdb.cmake -index f8369f7..36b67ea 100644 ---- a/cmake/modules/Findrocksdb.cmake -+++ b/cmake/modules/Findrocksdb.cmake -@@ -9,17 +9,17 @@ - # ROCKSDB_VERSION_MINOR - # ROCKSDB_VERSION_PATCH - --find_path(ROCKSDB_INCLUDE_DIR rocksdb/db.h) -+find_path(ROCKSDB_INCLUDE_DIR rocksdb/db.h ${CMAKE_SYSROOT}) - --find_library(ROCKSDB_LIBRARIES rocksdb) -+find_library(ROCKSDB_LIBRARIES rocksdb ${CMAKE_SYSROOT}) - - if(ROCKSDB_INCLUDE_DIR AND EXISTS "${ROCKSDB_INCLUDE_DIR}/rocksdb/version.h") - foreach(ver "MAJOR" "MINOR" "PATCH") -- file(STRINGS "${ROCKSDB_INCLUDE_DIR}/version.h" ROCKSDB_VER_${ver}_LINE -+ file(STRINGS "${ROCKSDB_INCLUDE_DIR}/rocksdb/version.h" ROCKSDB_VER_${ver}_LINE - REGEX "^#define[ \t]+ROCKSDB_${ver}[ \t]+[0-9]+$") - string(REGEX REPLACE "^#define[ \t]+ROCKSDB_${ver}[ \t]+([0-9]+)$" -- "\\1" ROCKSDB_VERSION_${ver} "${ROCKDB_VER_${ver}_LINE}") -- unset(${ROCKDB_VER_${ver}_LINE}) -+ "\\1" ROCKSDB_VERSION_${ver} "${ROCKSDB_VER_${ver}_LINE}") -+ unset(ROCKSDB_VER_${ver}_LINE) - endforeach() - set(ROCKSDB_VERSION_STRING - "${ROCKSDB_VERSION_MAJOR}.${ROCKSDB_VERSION_MINOR}.${ROCKSDB_VERSION_PATCH}") --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-add-pybind-support-in-OE.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-add-pybind-support-in-OE.patch deleted file mode 100644 index f9c53406..00000000 --- a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-add-pybind-support-in-OE.patch +++ /dev/null @@ -1,129 +0,0 @@ -From 00d44940c2e83bf73101a05d2aa8f88c2e2fca58 Mon Sep 17 00:00:00 2001 -From: Dengke Du <dengke.du@windriver.com> -Date: Tue, 23 Oct 2018 15:34:53 +0800 -Subject: [PATCH] ceph: add pybind support in OE - -1. add sysroot to CFLAGS when cross compiling pybind -2. change the pybind's INSTALL path to OE's INSTALL path -3. delete the check for header files, because the check method using - host compiler. - -Signed-off-by: Dengke Du <dengke.du@windriver.com> -Upstream-Status: Inappropriate [oe specific] ---- - cmake/modules/Distutils.cmake | 12 +++--------- - src/pybind/cephfs/setup.py | 8 -------- - src/pybind/rados/setup.py | 8 -------- - src/pybind/rbd/setup.py | 8 -------- - src/pybind/rgw/setup.py | 8 -------- - 5 files changed, 3 insertions(+), 41 deletions(-) - -diff --git a/cmake/modules/Distutils.cmake b/cmake/modules/Distutils.cmake -index d6e9f38..3091d97 100644 ---- a/cmake/modules/Distutils.cmake -+++ b/cmake/modules/Distutils.cmake -@@ -47,7 +47,7 @@ function(distutils_add_cython_module name src) - LDFLAGS=-L${CMAKE_LIBRARY_OUTPUT_DIRECTORY} - CYTHON_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR} - CEPH_LIBDIR=${CMAKE_LIBRARY_OUTPUT_DIRECTORY} -- CFLAGS=\"-iquote${CMAKE_SOURCE_DIR}/src/include -w\" -+ CFLAGS=\"-iquote${CMAKE_SOURCE_DIR}/src/include -w --sysroot=${CMAKE_SYSROOT}\" - ${PYTHON${PYTHON_VERSION}_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/setup.py - build --verbose --build-base ${CYTHON_MODULE_DIR} - --build-platlib ${CYTHON_MODULE_DIR}/lib.${PYTHON${PYTHON_VERSION}_VERSION_MAJOR} -@@ -69,14 +69,8 @@ function(distutils_install_cython_module name) - set(ENV{CEPH_LIBDIR} \"${CMAKE_LIBRARY_OUTPUT_DIRECTORY}\") - - set(options --prefix=${CMAKE_INSTALL_PREFIX}) -- if(DEFINED ENV{DESTDIR}) -- if(EXISTS /etc/debian_version) -- list(APPEND options --install-layout=deb) -- endif() -- list(APPEND options --root=\$ENV{DESTDIR}) -- else() -- list(APPEND options --root=/) -- endif() -+ list(APPEND options --root=${CMAKE_DESTDIR}) -+ list(APPEND options --install-lib=${PYTHON_SITEPACKAGES_DIR}) - execute_process( - COMMAND - ${PYTHON${PYTHON_VERSION}_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/setup.py -diff --git a/src/pybind/cephfs/setup.py b/src/pybind/cephfs/setup.py -index 6533f41..1ee4a59 100755 ---- a/src/pybind/cephfs/setup.py -+++ b/src/pybind/cephfs/setup.py -@@ -121,14 +121,6 @@ def check_sanity(): - finally: - shutil.rmtree(tmp_dir) - -- --if 'BUILD_DOC' in os.environ.keys(): -- pass --elif check_sanity(): -- pass --else: -- sys.exit(1) -- - cmdclass = {} - try: - from Cython.Build import cythonize -diff --git a/src/pybind/rados/setup.py b/src/pybind/rados/setup.py -index ef7c307..5204017 100755 ---- a/src/pybind/rados/setup.py -+++ b/src/pybind/rados/setup.py -@@ -117,14 +117,6 @@ def check_sanity(): - finally: - shutil.rmtree(tmp_dir) - -- --if 'BUILD_DOC' in os.environ.keys(): -- pass --elif check_sanity(): -- pass --else: -- sys.exit(1) -- - cmdclass = {} - try: - from Cython.Build import cythonize -diff --git a/src/pybind/rbd/setup.py b/src/pybind/rbd/setup.py -index bcf96f2..d4cbbeb 100755 ---- a/src/pybind/rbd/setup.py -+++ b/src/pybind/rbd/setup.py -@@ -120,14 +120,6 @@ def check_sanity(): - finally: - shutil.rmtree(tmp_dir) - -- --if 'BUILD_DOC' in os.environ.keys(): -- pass --elif check_sanity(): -- pass --else: -- sys.exit(1) -- - cmdclass = {} - try: - from Cython.Build import cythonize -diff --git a/src/pybind/rgw/setup.py b/src/pybind/rgw/setup.py -index f14f30c..ee7570b 100755 ---- a/src/pybind/rgw/setup.py -+++ b/src/pybind/rgw/setup.py -@@ -120,14 +120,6 @@ def check_sanity(): - finally: - shutil.rmtree(tmp_dir) - -- --if 'BUILD_DOC' in os.environ.keys(): -- pass --elif check_sanity(): -- pass --else: -- sys.exit(1) -- - cmdclass = {} - try: - from Cython.Build import cythonize --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-detect-init-correct-the-installation-for-OE.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-detect-init-correct-the-installation-for-OE.patch deleted file mode 100644 index 875501bf..00000000 --- a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-detect-init-correct-the-installation-for-OE.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 6aaf04036f0affbeddda123bff111990c4d5fd72 Mon Sep 17 00:00:00 2001 -From: Dengke Du <dengke.du@windriver.com> -Date: Fri, 26 Oct 2018 14:31:10 +0800 -Subject: [PATCH] ceph-detect-init: correct the installation for OE - -Signed-off-by: Dengke Du <dengke.du@windriver.com> -Upstream-Status: Inappropriate [oe specific] ---- - cmake/modules/Distutils.cmake | 11 ++--------- - 1 file changed, 2 insertions(+), 9 deletions(-) - -diff --git a/cmake/modules/Distutils.cmake b/cmake/modules/Distutils.cmake -index 3091d97..c50fe77 100644 ---- a/cmake/modules/Distutils.cmake -+++ b/cmake/modules/Distutils.cmake -@@ -16,15 +16,8 @@ function(distutils_install_module name) - cmake_parse_arguments(DU "" INSTALL_SCRIPT "" ${ARGN}) - install(CODE " - set(options --prefix=${CMAKE_INSTALL_PREFIX}) -- if(DEFINED ENV{DESTDIR}) -- if(EXISTS /etc/debian_version) -- list(APPEND options --install-layout=deb) -- endif() -- list(APPEND options --root=\$ENV{DESTDIR}) -- if(NOT \"${DU_INSTALL_SCRIPT}\" STREQUAL \"\") -- list(APPEND options --install-script=${DU_INSTALL_SCRIPT}) -- endif() -- endif() -+ list(APPEND options --root=${CMAKE_DESTDIR}) -+ list(APPEND options --install-lib=${PYTHON_SITEPACKAGES_DIR}) - execute_process( - COMMAND ${PYTHON${PYTHON_VERSION}_EXECUTABLE} - setup.py install \${options} --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-fix-build-errors-for-cross-compile.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-fix-build-errors-for-cross-compile.patch new file mode 100644 index 00000000..4d54549f --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-fix-build-errors-for-cross-compile.patch @@ -0,0 +1,184 @@ +From 4712fe18405ffea31405308357a8e7fca358bcce Mon Sep 17 00:00:00 2001 +From: Dengke Du <dengke.du@windriver.com> +Date: Mon, 11 Mar 2019 09:14:09 +0800 +Subject: [PATCH] ceph: fix build errors for cross compile + +1. set the cross compile sysroot to find the rocksdb library +2. correct the install path for library in Distutils.cmake + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Dengke Du <dengke.du@windriver.com> + +Adjust context for v14.2.3 + +Signed-off-by: He Zhe <zhe.he@windriver.com> +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + cmake/modules/Distutils.cmake | 25 +++++-------------------- + cmake/modules/FindRocksDB.cmake | 4 ++-- + src/compressor/zstd/CMakeLists.txt | 2 +- + src/pybind/cephfs/setup.py | 8 -------- + src/pybind/rados/setup.py | 8 -------- + src/pybind/rbd/setup.py | 8 -------- + src/pybind/rgw/setup.py | 8 -------- + 7 files changed, 8 insertions(+), 55 deletions(-) + +diff --git a/cmake/modules/Distutils.cmake b/cmake/modules/Distutils.cmake +index 5fe929499d..802eb37e32 100644 +--- a/cmake/modules/Distutils.cmake ++++ b/cmake/modules/Distutils.cmake +@@ -18,17 +18,8 @@ function(distutils_install_module name) + cmake_parse_arguments(DU "" "INSTALL_SCRIPT" "" ${ARGN}) + install(CODE " + set(options --prefix=${CMAKE_INSTALL_PREFIX}) +- if(DEFINED ENV{DESTDIR}) +- if(EXISTS /etc/debian_version) +- list(APPEND options --install-layout=deb) +- endif() +- list(APPEND options +- --root=\$ENV{DESTDIR} +- --single-version-externally-managed) +- if(NOT \"${DU_INSTALL_SCRIPT}\" STREQUAL \"\") +- list(APPEND options --install-script=${DU_INSTALL_SCRIPT}) +- endif() +- endif() ++ list(APPEND options --root=${CMAKE_DESTDIR}) ++ list(APPEND options --install-lib=${PYTHON_SITEPACKAGES_DIR}) + execute_process( + COMMAND ${Python3_EXECUTABLE} + setup.py install \${options} +@@ -50,7 +41,7 @@ function(distutils_add_cython_module target name src) + # Note: no quotes, otherwise distutils will execute "/usr/bin/ccache gcc" + # CMake's implicit conversion between strings and lists is wonderful, isn't it? + string(REPLACE " " ";" cflags ${CMAKE_C_FLAGS}) +- list(APPEND cflags -iquote${CMAKE_SOURCE_DIR}/src/include -w) ++ list(APPEND cflags -iquote${CMAKE_SOURCE_DIR}/src/include -w --sysroot=${CMAKE_SYSROOT}) + # This little bit of magic wipes out __Pyx_check_single_interpreter() + # Note: this is reproduced in distutils_install_cython_module + list(APPEND cflags -D'void0=dead_function\(void\)') +@@ -108,14 +99,8 @@ function(distutils_install_cython_module name) + set(ENV{CEPH_LIBDIR} \"${CMAKE_LIBRARY_OUTPUT_DIRECTORY}\") + + set(options --prefix=${CMAKE_INSTALL_PREFIX}) +- if(DEFINED ENV{DESTDIR}) +- if(EXISTS /etc/debian_version) +- list(APPEND options --install-layout=deb) +- endif() +- list(APPEND options --root=\$ENV{DESTDIR}) +- else() +- list(APPEND options --root=/) +- endif() ++ list(APPEND options --root=${CMAKE_DESTDIR}) ++ list(APPEND options --install-lib=${PYTHON_SITEPACKAGES_DIR}) + execute_process( + COMMAND + ${Python3_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/setup.py +diff --git a/cmake/modules/FindRocksDB.cmake b/cmake/modules/FindRocksDB.cmake +index c5dd3dfaf6..be38597af2 100644 +--- a/cmake/modules/FindRocksDB.cmake ++++ b/cmake/modules/FindRocksDB.cmake +@@ -9,9 +9,9 @@ + # ROCKSDB_VERSION_MINOR + # ROCKSDB_VERSION_PATCH + +-find_path(ROCKSDB_INCLUDE_DIR rocksdb/db.h) ++find_path(ROCKSDB_INCLUDE_DIR rocksdb/db.h ${CMAKE_SYSROOT}) + +-find_library(ROCKSDB_LIBRARIES rocksdb) ++find_library(ROCKSDB_LIBRARIES rocksdb ${CMAKE_SYSROOT}) + + if(ROCKSDB_INCLUDE_DIR AND EXISTS "${ROCKSDB_INCLUDE_DIR}/rocksdb/version.h") + foreach(ver "MAJOR" "MINOR" "PATCH") +diff --git a/src/compressor/zstd/CMakeLists.txt b/src/compressor/zstd/CMakeLists.txt +index a5ebdaf538..a234068150 100644 +--- a/src/compressor/zstd/CMakeLists.txt ++++ b/src/compressor/zstd/CMakeLists.txt +@@ -9,7 +9,7 @@ ExternalProject_Add(zstd_ext + CMAKE_ARGS -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER} + -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER} + -DCMAKE_C_FLAGS=${ZSTD_C_FLAGS} +- -DCMAKE_AR=${CMAKE_AR} ++ -DCMAKE_SYSROOT=${CMAKE_SYSROOT} + -DCMAKE_POSITION_INDEPENDENT_CODE=${ENABLE_SHARED} + -G${CMAKE_GENERATOR} + BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR}/libzstd +diff --git a/src/pybind/cephfs/setup.py b/src/pybind/cephfs/setup.py +index 19ae6c329a..c9a25ccfff 100755 +--- a/src/pybind/cephfs/setup.py ++++ b/src/pybind/cephfs/setup.py +@@ -135,14 +135,6 @@ def check_sanity(): + finally: + shutil.rmtree(tmp_dir) + +- +-if 'BUILD_DOC' in os.environ.keys(): +- pass +-elif check_sanity(): +- pass +-else: +- sys.exit(1) +- + cmdclass = {} + try: + from Cython.Build import cythonize +diff --git a/src/pybind/rados/setup.py b/src/pybind/rados/setup.py +index e2c5696404..4e99d26721 100755 +--- a/src/pybind/rados/setup.py ++++ b/src/pybind/rados/setup.py +@@ -134,14 +134,6 @@ def check_sanity(): + finally: + shutil.rmtree(tmp_dir) + +- +-if 'BUILD_DOC' in os.environ.keys(): +- pass +-elif check_sanity(): +- pass +-else: +- sys.exit(1) +- + cmdclass = {} + try: + from Cython.Build import cythonize +diff --git a/src/pybind/rbd/setup.py b/src/pybind/rbd/setup.py +index 634484f140..f5bbbdab4f 100755 +--- a/src/pybind/rbd/setup.py ++++ b/src/pybind/rbd/setup.py +@@ -133,14 +133,6 @@ def check_sanity(): + finally: + shutil.rmtree(tmp_dir) + +- +-if 'BUILD_DOC' in os.environ.keys(): +- pass +-elif check_sanity(): +- pass +-else: +- sys.exit(1) +- + cmdclass = {} + try: + from Cython.Build import cythonize +diff --git a/src/pybind/rgw/setup.py b/src/pybind/rgw/setup.py +index eb1591a460..b9f2428cf9 100755 +--- a/src/pybind/rgw/setup.py ++++ b/src/pybind/rgw/setup.py +@@ -134,14 +134,6 @@ def check_sanity(): + finally: + shutil.rmtree(tmp_dir) + +- +-if 'BUILD_DOC' in os.environ.keys(): +- pass +-elif check_sanity(): +- pass +-else: +- sys.exit(1) +- + cmdclass = {} + try: + from Cython.Build import cythonize +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-fix-host-library-paths-were-used.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-fix-host-library-paths-were-used.patch new file mode 100644 index 00000000..310bfa47 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-fix-host-library-paths-were-used.patch @@ -0,0 +1,96 @@ +From bbf1cba8feb0e43492a1f6a6b31d024117cad262 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Mon, 13 Apr 2020 23:35:41 -0700 +Subject: [PATCH] fix host library paths were used + +Test the existence of recipe-sysrooot, add it back if lost + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + src/pybind/cephfs/setup.py | 6 +++++- + src/pybind/rados/setup.py | 6 +++++- + src/pybind/rbd/setup.py | 6 +++++- + src/pybind/rgw/setup.py | 6 +++++- + 4 files changed, 20 insertions(+), 4 deletions(-) + +diff --git a/src/pybind/cephfs/setup.py b/src/pybind/cephfs/setup.py +index c9a25ccf..972f936c 100755 +--- a/src/pybind/cephfs/setup.py ++++ b/src/pybind/cephfs/setup.py +@@ -63,9 +63,13 @@ def get_python_flags(libs): + distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + compiler = new_compiler() + distutils.sysconfig.customize_compiler(compiler) ++ libpl = distutils.sysconfig.get_config_var('LIBPL') ++ sysroot = os.environ.get('STAGING_DIR_HOST') ++ if not libpl.startswith(sysroot): ++ libpl = sysroot + libpl + return dict( + include_dirs=[distutils.sysconfig.get_python_inc()], +- library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), ++ library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], + libraries=libs + [lib.replace('-l', '') for lib in py_libs], + extra_compile_args=filter_unsupported_flags( + compiler.compiler[0], +diff --git a/src/pybind/rados/setup.py b/src/pybind/rados/setup.py +index 4e99d267..de24f766 100755 +--- a/src/pybind/rados/setup.py ++++ b/src/pybind/rados/setup.py +@@ -66,9 +66,13 @@ def get_python_flags(libs): + distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + compiler = new_compiler() + distutils.sysconfig.customize_compiler(compiler) ++ libpl = distutils.sysconfig.get_config_var('LIBPL') ++ sysroot = os.environ.get('STAGING_DIR_HOST') ++ if not libpl.startswith(sysroot): ++ libpl = sysroot + libpl + return dict( + include_dirs=[distutils.sysconfig.get_python_inc()], +- library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), ++ library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], + libraries=libs + [lib.replace('-l', '') for lib in py_libs], + extra_compile_args=filter_unsupported_flags( + compiler.compiler[0], +diff --git a/src/pybind/rbd/setup.py b/src/pybind/rbd/setup.py +index f5bbbdab..a1f70e1d 100755 +--- a/src/pybind/rbd/setup.py ++++ b/src/pybind/rbd/setup.py +@@ -63,9 +63,13 @@ def get_python_flags(libs): + distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + compiler = new_compiler() + distutils.sysconfig.customize_compiler(compiler) ++ libpl = distutils.sysconfig.get_config_var('LIBPL') ++ sysroot = os.environ.get('STAGING_DIR_HOST') ++ if not libpl.startswith(sysroot): ++ libpl = sysroot + libpl + return dict( + include_dirs=[distutils.sysconfig.get_python_inc()], +- library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), ++ library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], + libraries=libs + [lib.replace('-l', '') for lib in py_libs], + extra_compile_args=filter_unsupported_flags( + compiler.compiler[0], +diff --git a/src/pybind/rgw/setup.py b/src/pybind/rgw/setup.py +index b9f2428c..f5119f73 100755 +--- a/src/pybind/rgw/setup.py ++++ b/src/pybind/rgw/setup.py +@@ -64,9 +64,13 @@ def get_python_flags(libs): + distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + compiler = new_compiler() + distutils.sysconfig.customize_compiler(compiler) ++ libpl = distutils.sysconfig.get_config_var('LIBPL') ++ sysroot = os.environ.get('STAGING_DIR_HOST') ++ if not libpl.startswith(sysroot): ++ libpl = sysroot + libpl + return dict( + include_dirs=[distutils.sysconfig.get_python_inc()], +- library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), ++ library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], + libraries=libs + [lib.replace('-l', '') for lib in py_libs], + extra_compile_args=filter_unsupported_flags( + compiler.compiler[0], +-- +2.21.0 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch new file mode 100644 index 00000000..de191bf8 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch @@ -0,0 +1,100 @@ +From de67c1dab5597c91538970421b25f6ec667af492 Mon Sep 17 00:00:00 2001 +From: Josh Durgin <jdurgin@redhat.com> +Date: Mon, 4 May 2020 17:03:35 -0400 +Subject: [PATCH 1/3] mgr: require all caps for pre-octopus tell commands + +This matches the requirements for admin socket commands +sent via tell elsewhere. + +Signed-off-by: Josh Durgin <jdurgin@redhat.com> + +Upstream-status: Backport +[https://github.com/ceph/ceph/commit/347003e13167c428187a5450517850f4d85e09ad] + +Signed-off-by: Liu Haitao <haitao.liu@windriver.com> +--- + src/mgr/DaemonServer.cc | 37 ++++++++++++++++++++++--------------- + 1 file changed, 22 insertions(+), 15 deletions(-) + +diff --git a/src/mgr/DaemonServer.cc b/src/mgr/DaemonServer.cc +index becd428a..527326e3 100644 +--- a/src/mgr/DaemonServer.cc ++++ b/src/mgr/DaemonServer.cc +@@ -808,20 +808,12 @@ public: + bool DaemonServer::handle_command(const ref_t<MCommand>& m) + { + std::lock_guard l(lock); +- // a blank fsid in MCommand signals a legacy client sending a "mon-mgr" CLI +- // command. +- if (m->fsid != uuid_d()) { +- cct->get_admin_socket()->queue_tell_command(m); ++ auto cmdctx = std::make_shared<CommandContext>(m); ++ try { ++ return _handle_command(cmdctx); ++ } catch (const bad_cmd_get& e) { ++ cmdctx->reply(-EINVAL, e.what()); + return true; +- } else { +- // legacy client; send to CLI processing +- auto cmdctx = std::make_shared<CommandContext>(m); +- try { +- return _handle_command(cmdctx); +- } catch (const bad_cmd_get& e) { +- cmdctx->reply(-EINVAL, e.what()); +- return true; +- } + } + } + +@@ -853,8 +845,12 @@ bool DaemonServer::_handle_command( + std::shared_ptr<CommandContext>& cmdctx) + { + MessageRef m; ++ bool admin_socket_cmd = false; + if (cmdctx->m_tell) { + m = cmdctx->m_tell; ++ // a blank fsid in MCommand signals a legacy client sending a "mon-mgr" CLI ++ // command. ++ admin_socket_cmd = (cmdctx->m_tell->fsid != uuid_d()); + } else { + m = cmdctx->m_mgr; + } +@@ -888,7 +884,10 @@ bool DaemonServer::_handle_command( + + dout(10) << "decoded-size=" << cmdctx->cmdmap.size() << " prefix=" << prefix << dendl; + +- if (prefix == "get_command_descriptions") { ++ // this is just for mgr commands - admin socket commands will fall ++ // through and use the admin socket version of ++ // get_command_descriptions ++ if (prefix == "get_command_descriptions" && !admin_socket_cmd) { + dout(10) << "reading commands from python modules" << dendl; + const auto py_commands = py_modules.get_commands(); + +@@ -925,7 +924,10 @@ bool DaemonServer::_handle_command( + + bool is_allowed = false; + ModuleCommand py_command; +- if (!mgr_cmd) { ++ if (admin_socket_cmd) { ++ // admin socket commands require all capabilities ++ is_allowed = session->caps.is_allow_all(); ++ } else if (!mgr_cmd) { + // Resolve the command to the name of the module that will + // handle it (if the command exists) + auto py_commands = py_modules.get_py_commands(); +@@ -958,6 +960,11 @@ bool DaemonServer::_handle_command( + << "entity='" << session->entity_name << "' " + << "cmd=" << cmdctx->cmd << ": dispatch"; + ++ if (admin_socket_cmd) { ++ cct->get_admin_socket()->queue_tell_command(cmdctx->m_tell); ++ return true; ++ } ++ + // ---------------- + // service map commands + if (prefix == "service dump") { +-- +2.25.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-ProtocolV2-avoid-AES-GCM-nonce-reuse-vulne.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-ProtocolV2-avoid-AES-GCM-nonce-reuse-vulne.patch new file mode 100644 index 00000000..54156698 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-ProtocolV2-avoid-AES-GCM-nonce-reuse-vulne.patch @@ -0,0 +1,256 @@ +From 20b7bb685c5ea74c651ca1ea547ac66b0fee7035 Mon Sep 17 00:00:00 2001 +From: Ilya Dryomov <idryomov@gmail.com> +Date: Fri, 6 Mar 2020 20:16:45 +0100 +Subject: [PATCH] msg/async/ProtocolV2: avoid AES-GCM nonce reuse + vulnerabilities + +The secure mode uses AES-128-GCM with 96-bit nonces consisting of a +32-bit counter followed by a 64-bit salt. The counter is incremented +after processing each frame, the salt is fixed for the duration of +the session. Both are initialized from the session key generated +during session negotiation, so the counter starts with essentially +a random value. It is allowed to wrap, and, after 2**32 frames, it +repeats, resulting in nonce reuse (the actual sequence numbers that +the messenger works with are 64-bit, so the session continues on). + +Because of how GCM works, this completely breaks both confidentiality +and integrity aspects of the secure mode. A single nonce reuse reveals +the XOR of two plaintexts and almost completely reveals the subkey +used for producing authentication tags. After a few nonces get used +twice, all confidentiality and integrity goes out the window and the +attacker can potentially encrypt-authenticate plaintext of their +choice. + +We can't easily change the nonce format to extend the counter to +64 bits (and possibly XOR it with a longer salt). Instead, just +remember the initial nonce and cut the session before it repeats, +forcing renegotiation. + +Signed-off-by: Ilya Dryomov <idryomov@gmail.com> +Reviewed-by: Radoslaw Zarzynski <rzarzyns@redhat.com> +Reviewed-by: Sage Weil <sage@redhat.com> + +Conflicts: + src/msg/async/ProtocolV2.h [ context: commit ed3ec4c01d17 + ("msg: Build target 'common' without using namespace in + headers") not in octopus ] + +CVE: CVE-2020-1759 +Upstream Status: Backport [20b7bb685c5ea74c651ca1ea547ac66b0fee7035] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/msg/async/ProtocolV2.cc | 62 ++++++++++++++++++++++++---------- + src/msg/async/ProtocolV2.h | 5 +-- + src/msg/async/crypto_onwire.cc | 17 ++++++++-- + src/msg/async/crypto_onwire.h | 5 +++ + 4 files changed, 67 insertions(+), 22 deletions(-) + +diff --git a/src/msg/async/ProtocolV2.cc b/src/msg/async/ProtocolV2.cc +index 8fc02db6e5..c69f2ccf79 100644 +--- a/src/msg/async/ProtocolV2.cc ++++ b/src/msg/async/ProtocolV2.cc +@@ -533,7 +533,10 @@ ssize_t ProtocolV2::write_message(Message *m, bool more) { + m->get_payload(), + m->get_middle(), + m->get_data()); +- connection->outgoing_bl.append(message.get_buffer(session_stream_handlers)); ++ if (!append_frame(message)) { ++ m->put(); ++ return -EILSEQ; ++ } + + ldout(cct, 5) << __func__ << " sending message m=" << m + << " seq=" << m->get_seq() << " " << *m << dendl; +@@ -566,15 +569,17 @@ ssize_t ProtocolV2::write_message(Message *m, bool more) { + return rc; + } + +-void ProtocolV2::append_keepalive() { +- ldout(cct, 10) << __func__ << dendl; +- auto keepalive_frame = KeepAliveFrame::Encode(); +- connection->outgoing_bl.append(keepalive_frame.get_buffer(session_stream_handlers)); +-} +- +-void ProtocolV2::append_keepalive_ack(utime_t ×tamp) { +- auto keepalive_ack_frame = KeepAliveFrameAck::Encode(timestamp); +- connection->outgoing_bl.append(keepalive_ack_frame.get_buffer(session_stream_handlers)); ++template <class F> ++bool ProtocolV2::append_frame(F& frame) { ++ ceph::bufferlist bl; ++ try { ++ bl = frame.get_buffer(session_stream_handlers); ++ } catch (ceph::crypto::onwire::TxHandlerError &e) { ++ ldout(cct, 1) << __func__ << " " << e.what() << dendl; ++ return false; ++ } ++ connection->outgoing_bl.append(bl); ++ return true; + } + + void ProtocolV2::handle_message_ack(uint64_t seq) { +@@ -612,7 +617,15 @@ void ProtocolV2::write_event() { + connection->write_lock.lock(); + if (can_write) { + if (keepalive) { +- append_keepalive(); ++ ldout(cct, 10) << __func__ << " appending keepalive" << dendl; ++ auto keepalive_frame = KeepAliveFrame::Encode(); ++ if (!append_frame(keepalive_frame)) { ++ connection->write_lock.unlock(); ++ connection->lock.lock(); ++ fault(); ++ connection->lock.unlock(); ++ return; ++ } + keepalive = false; + } + +@@ -663,13 +676,16 @@ void ProtocolV2::write_event() { + if (r == 0) { + uint64_t left = ack_left; + if (left) { +- auto ack = AckFrame::Encode(in_seq); +- connection->outgoing_bl.append(ack.get_buffer(session_stream_handlers)); + ldout(cct, 10) << __func__ << " try send msg ack, acked " << left + << " messages" << dendl; +- ack_left -= left; +- left = ack_left; +- r = connection->_try_send(left); ++ auto ack_frame = AckFrame::Encode(in_seq); ++ if (append_frame(ack_frame)) { ++ ack_left -= left; ++ left = ack_left; ++ r = connection->_try_send(left); ++ } else { ++ r = -EILSEQ; ++ } + } else if (is_queued()) { + r = connection->_try_send(); + } +@@ -769,7 +785,13 @@ template <class F> + CtPtr ProtocolV2::write(const std::string &desc, + CONTINUATION_TYPE<ProtocolV2> &next, + F &frame) { +- ceph::bufferlist bl = frame.get_buffer(session_stream_handlers); ++ ceph::bufferlist bl; ++ try { ++ bl = frame.get_buffer(session_stream_handlers); ++ } catch (ceph::crypto::onwire::TxHandlerError &e) { ++ ldout(cct, 1) << __func__ << " " << e.what() << dendl; ++ return _fault(); ++ } + return write(desc, next, bl); + } + +@@ -1672,7 +1694,11 @@ CtPtr ProtocolV2::handle_keepalive2(ceph::bufferlist &payload) + ldout(cct, 30) << __func__ << " got KEEPALIVE2 tag ..." << dendl; + + connection->write_lock.lock(); +- append_keepalive_ack(keepalive_frame.timestamp()); ++ auto keepalive_ack_frame = KeepAliveFrameAck::Encode(keepalive_frame.timestamp()); ++ if (!append_frame(keepalive_ack_frame)) { ++ connection->write_lock.unlock(); ++ return _fault(); ++ } + connection->write_lock.unlock(); + + ldout(cct, 20) << __func__ << " got KEEPALIVE2 " +diff --git a/src/msg/async/ProtocolV2.h b/src/msg/async/ProtocolV2.h +index 2dbe647ae5..9897d18cf2 100644 +--- a/src/msg/async/ProtocolV2.h ++++ b/src/msg/async/ProtocolV2.h +@@ -129,6 +129,9 @@ private: + CONTINUATION_TYPE<ProtocolV2> &next, + bufferlist &buffer); + ++ template <class F> ++ bool append_frame(F& frame); ++ + void requeue_sent(); + uint64_t discard_requeued_up_to(uint64_t out_seq, uint64_t seq); + void reset_recv_state(); +@@ -140,8 +143,6 @@ private: + void prepare_send_message(uint64_t features, Message *m); + out_queue_entry_t _get_next_outgoing(); + ssize_t write_message(Message *m, bool more); +- void append_keepalive(); +- void append_keepalive_ack(utime_t ×tamp); + void handle_message_ack(uint64_t seq); + + CONTINUATION_DECL(ProtocolV2, _wait_for_peer_banner); +diff --git a/src/msg/async/crypto_onwire.cc b/src/msg/async/crypto_onwire.cc +index acf3f66689..07e7fe6553 100644 +--- a/src/msg/async/crypto_onwire.cc ++++ b/src/msg/async/crypto_onwire.cc +@@ -22,6 +22,10 @@ static constexpr const std::size_t AESGCM_BLOCK_LEN{16}; + struct nonce_t { + std::uint32_t random_seq; + std::uint64_t random_rest; ++ ++ bool operator==(const nonce_t& rhs) const { ++ return !memcmp(this, &rhs, sizeof(*this)); ++ } + } __attribute__((packed)); + static_assert(sizeof(nonce_t) == AESGCM_IV_LEN); + +@@ -35,7 +39,8 @@ class AES128GCM_OnWireTxHandler : public ceph::crypto::onwire::TxHandler { + CephContext* const cct; + std::unique_ptr<EVP_CIPHER_CTX, decltype(&::EVP_CIPHER_CTX_free)> ectx; + ceph::bufferlist buffer; +- nonce_t nonce; ++ nonce_t nonce, initial_nonce; ++ bool used_initial_nonce; + static_assert(sizeof(nonce) == AESGCM_IV_LEN); + + public: +@@ -44,7 +49,7 @@ public: + const nonce_t& nonce) + : cct(cct), + ectx(EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free), +- nonce(nonce) { ++ nonce(nonce), initial_nonce(nonce), used_initial_nonce(false) { + ceph_assert_always(ectx); + ceph_assert_always(key.size() * CHAR_BIT == 128); + +@@ -61,6 +66,7 @@ public: + + ~AES128GCM_OnWireTxHandler() override { + ::ceph::crypto::zeroize_for_security(&nonce, sizeof(nonce)); ++ ::ceph::crypto::zeroize_for_security(&initial_nonce, sizeof(initial_nonce)); + } + + std::uint32_t calculate_segment_size(std::uint32_t size) override +@@ -78,6 +84,13 @@ public: + void AES128GCM_OnWireTxHandler::reset_tx_handler( + std::initializer_list<std::uint32_t> update_size_sequence) + { ++ if (nonce == initial_nonce) { ++ if (used_initial_nonce) { ++ throw ceph::crypto::onwire::TxHandlerError("out of nonces"); ++ } ++ used_initial_nonce = true; ++ } ++ + if(1 != EVP_EncryptInit_ex(ectx.get(), nullptr, nullptr, nullptr, + reinterpret_cast<const unsigned char*>(&nonce))) { + throw std::runtime_error("EVP_EncryptInit_ex failed"); +diff --git a/src/msg/async/crypto_onwire.h b/src/msg/async/crypto_onwire.h +index bd682e8c71..0c544f205a 100644 +--- a/src/msg/async/crypto_onwire.h ++++ b/src/msg/async/crypto_onwire.h +@@ -45,6 +45,11 @@ struct MsgAuthError : public std::runtime_error { + } + }; + ++struct TxHandlerError : public std::runtime_error { ++ TxHandlerError(const char* what) ++ : std::runtime_error(std::string("tx handler error: ") + what) {} ++}; ++ + struct TxHandler { + virtual ~TxHandler() = default; + +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-crypto_onwire-fix-endianness-of-nonce_t.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-crypto_onwire-fix-endianness-of-nonce_t.patch new file mode 100644 index 00000000..ad8a2055 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-crypto_onwire-fix-endianness-of-nonce_t.patch @@ -0,0 +1,61 @@ +From dfd1d81cec62e21e21696dc87d4db5f920e51a67 Mon Sep 17 00:00:00 2001 +From: Ilya Dryomov <idryomov@gmail.com> +Date: Fri, 6 Mar 2020 20:16:45 +0100 +Subject: [PATCH] msg/async/crypto_onwire: fix endianness of nonce_t + +As a AES-GCM IV, nonce_t is implicitly shared between server and +client. Currently, if their endianness doesn't match, they are unable +to communicate in secure mode because each gets its own idea of what +the next nonce should be after the counter is incremented. + +Several RFCs state that the nonce counter should be BE, but since we +use LE for everything on-disk and on-wire, make it LE. + +Signed-off-by: Ilya Dryomov <idryomov@gmail.com> +Reviewed-by: Radoslaw Zarzynski <rzarzyns@redhat.com> +Reviewed-by: Sage Weil <sage@redhat.com> + +CVE: CVE-2020-1759 +Upstream Status: Backport [dfd1d81cec62e21e21696dc87d4db5f920e51a67] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/msg/async/crypto_onwire.cc | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/msg/async/crypto_onwire.cc b/src/msg/async/crypto_onwire.cc +index 07e7fe6553..c39632cbd6 100644 +--- a/src/msg/async/crypto_onwire.cc ++++ b/src/msg/async/crypto_onwire.cc +@@ -20,8 +20,8 @@ static constexpr const std::size_t AESGCM_TAG_LEN{16}; + static constexpr const std::size_t AESGCM_BLOCK_LEN{16}; + + struct nonce_t { +- std::uint32_t random_seq; +- std::uint64_t random_rest; ++ ceph_le32 random_seq; ++ ceph_le64 random_rest; + + bool operator==(const nonce_t& rhs) const { + return !memcmp(this, &rhs, sizeof(*this)); +@@ -99,7 +99,7 @@ void AES128GCM_OnWireTxHandler::reset_tx_handler( + buffer.reserve(std::accumulate(std::begin(update_size_sequence), + std::end(update_size_sequence), AESGCM_TAG_LEN)); + +- ++nonce.random_seq; ++ nonce.random_seq = nonce.random_seq + 1; + } + + void AES128GCM_OnWireTxHandler::authenticated_encrypt_update( +@@ -204,7 +204,7 @@ void AES128GCM_OnWireRxHandler::reset_rx_handler() + reinterpret_cast<const unsigned char*>(&nonce))) { + throw std::runtime_error("EVP_DecryptInit_ex failed"); + } +- ++nonce.random_seq; ++ nonce.random_seq = nonce.random_seq + 1; + } + + ceph::bufferlist AES128GCM_OnWireRxHandler::authenticated_decrypt_update( +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-EPERM-to-ERR_INVALID_REQUEST.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-EPERM-to-ERR_INVALID_REQUEST.patch new file mode 100644 index 00000000..30906d7c --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-EPERM-to-ERR_INVALID_REQUEST.patch @@ -0,0 +1,33 @@ +From 92da834cababc4dddd5dbbab5837310478d1e6d4 Mon Sep 17 00:00:00 2001 +From: Abhishek Lekshmanan <abhishek@suse.com> +Date: Fri, 27 Mar 2020 19:29:01 +0100 +Subject: [PATCH] rgw: EPERM to ERR_INVALID_REQUEST + +As per Robin's comments and S3 spec + +Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com> + +CVE: CVE-2020-1760 +Upstream Status: Backport [92da834cababc4dddd5dbbab5837310478d1e6d4] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/rgw/rgw_rest_s3.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc +index 1bfc8312de..f13ae23dd6 100644 +--- a/src/rgw/rgw_rest_s3.cc ++++ b/src/rgw/rgw_rest_s3.cc +@@ -301,7 +301,7 @@ int RGWGetObj_ObjStore_S3::send_response_data(bufferlist& bl, off_t bl_ofs, + /* reject unauthenticated response header manipulation, see + * https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html */ + if (s->auth.identity->is_anonymous()) { +- return -EPERM; ++ return -ERR_INVALID_REQUEST; + } + if (strcmp(p->param, "response-content-type") != 0) { + response_attrs[p->http_attr] = val; +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-control-characters-in-response-header-act.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-control-characters-in-response-header-act.patch new file mode 100644 index 00000000..af0fc79a --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-control-characters-in-response-header-act.patch @@ -0,0 +1,64 @@ +From be7679007c3dfab3e19c22c38c36ccac91828e3b Mon Sep 17 00:00:00 2001 +From: "Robin H. Johnson" <rjohnson@digitalocean.com> +Date: Fri, 27 Mar 2020 20:48:13 +0100 +Subject: [PATCH] rgw: reject control characters in response-header actions + +S3 GetObject permits overriding response header values, but those inputs +need to be validated to insure only characters that are valid in an HTTP +header value are present. + +Credit: Initial vulnerability discovery by William Bowling (@wcbowling) +Credit: Further vulnerability discovery by Robin H. Johnson <rjohnson@digitalocean.com> +Signed-off-by: Robin H. Johnson <rjohnson@digitalocean.com> + +CVE: CVE-2020-1760 +Upstream Status: Backport [be7679007c3dfab3e19c22c38c36ccac91828e3b] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/rgw/rgw_rest_s3.cc | 22 ++++++++++++++++++++++ + 1 file changed, 22 insertions(+) + +diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc +index f13ae23dd6..0de040968c 100644 +--- a/src/rgw/rgw_rest_s3.cc ++++ b/src/rgw/rgw_rest_s3.cc +@@ -189,6 +189,15 @@ int decode_attr_bl_single_value(map<string, bufferlist>& attrs, const char *attr + return 0; + } + ++inline bool str_has_cntrl(const std::string s) { ++ return std::any_of(s.begin(), s.end(), ::iscntrl); ++} ++ ++inline bool str_has_cntrl(const char* s) { ++ std::string _s(s); ++ return str_has_cntrl(_s); ++} ++ + int RGWGetObj_ObjStore_S3::send_response_data(bufferlist& bl, off_t bl_ofs, + off_t bl_len) + { +@@ -303,6 +312,19 @@ int RGWGetObj_ObjStore_S3::send_response_data(bufferlist& bl, off_t bl_ofs, + if (s->auth.identity->is_anonymous()) { + return -ERR_INVALID_REQUEST; + } ++ /* HTTP specification says no control characters should be present in ++ * header values: https://tools.ietf.org/html/rfc7230#section-3.2 ++ * field-vchar = VCHAR / obs-text ++ * ++ * Failure to validate this permits a CRLF injection in HTTP headers, ++ * whereas S3 GetObject only permits specific headers. ++ */ ++ if(str_has_cntrl(val)) { ++ /* TODO: return a more distinct error in future; ++ * stating what the problem is */ ++ return -ERR_INVALID_REQUEST; ++ } ++ + if (strcmp(p->param, "response-content-type") != 0) { + response_attrs[p->http_attr] = val; + } else { +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-unauthenticated-response-header-actions.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-unauthenticated-response-header-actions.patch new file mode 100644 index 00000000..ae241473 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-unauthenticated-response-header-actions.patch @@ -0,0 +1,36 @@ +From 8f90658c731499722d5f4393c8ad70b971d05f77 Mon Sep 17 00:00:00 2001 +From: Matt Benjamin <mbenjamin@redhat.com> +Date: Fri, 27 Mar 2020 18:13:48 +0100 +Subject: [PATCH] rgw: reject unauthenticated response-header actions + +Signed-off-by: Matt Benjamin <mbenjamin@redhat.com> +Reviewed-by: Casey Bodley <cbodley@redhat.com> +(cherry picked from commit d8dd5e513c0c62bbd7d3044d7e2eddcd897bd400) + +CVE: CVE-2020-1760 +Upstream Status: Backport [8f90658c731499722d5f4393c8ad70b971d05f77] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/rgw/rgw_rest_s3.cc | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc +index 532d738b58..1bfc8312de 100644 +--- a/src/rgw/rgw_rest_s3.cc ++++ b/src/rgw/rgw_rest_s3.cc +@@ -298,6 +298,11 @@ int RGWGetObj_ObjStore_S3::send_response_data(bufferlist& bl, off_t bl_ofs, + bool exists; + string val = s->info.args.get(p->param, &exists); + if (exists) { ++ /* reject unauthenticated response header manipulation, see ++ * https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html */ ++ if (s->auth.identity->is_anonymous()) { ++ return -EPERM; ++ } + if (strcmp(p->param, "response-content-type") != 0) { + response_attrs[p->http_attr] = val; + } else { +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-zstd-fix-error-for-cross-compile.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-zstd-fix-error-for-cross-compile.patch deleted file mode 100644 index 66b5f0a5..00000000 --- a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-zstd-fix-error-for-cross-compile.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 3e86b6d9db2682b123839e38e9bf45060e2bb2ab Mon Sep 17 00:00:00 2001 -From: Dengke Du <dengke.du@windriver.com> -Date: Wed, 29 Aug 2018 16:57:52 +0800 -Subject: [PATCH] zstd: fix error for cross compile - -Signed-off-by: Dengke Du <dengke.du@windriver.com> ---- - src/compressor/zstd/CMakeLists.txt | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/compressor/zstd/CMakeLists.txt b/src/compressor/zstd/CMakeLists.txt -index e30cb89..b298a3d 100644 ---- a/src/compressor/zstd/CMakeLists.txt -+++ b/src/compressor/zstd/CMakeLists.txt -@@ -9,7 +9,7 @@ ExternalProject_Add(zstd_ext - CMAKE_ARGS -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER} - -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER} - -DCMAKE_C_FLAGS=${ZSTD_C_FLAGS} -- -DCMAKE_AR=${CMAKE_AR} -+ -DCMAKE_SYSROOT=${CMAKE_SYSROOT} - BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR}/libzstd - BUILD_COMMAND $(MAKE) libzstd_static - INSTALL_COMMAND "true") --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0002-mon-enforce-caps-for-pre-octopus-client-tell-command.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0002-mon-enforce-caps-for-pre-octopus-client-tell-command.patch new file mode 100644 index 00000000..79f2174b --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0002-mon-enforce-caps-for-pre-octopus-client-tell-command.patch @@ -0,0 +1,95 @@ +From ddbac9b2779172876ebd2d26b68b04b02350a125 Mon Sep 17 00:00:00 2001 +From: Josh Durgin <jdurgin@redhat.com> +Date: Thu, 23 Apr 2020 00:22:10 -0400 +Subject: [PATCH 2/3] mon: enforce caps for pre-octopus client tell commands + +This affects only the commands whitelisted here - in particular +injectargs requires write access to the monitors. + +Signed-off-by: Josh Durgin <jdurgin@redhat.com> + +Upstream-status: Backport +[https://github.com/ceph/ceph/commit/fc5e56b75a97c4652c87e9959aad1c4dec45010d] + +Signed-off-by: Liu Haitao <haitao.liu@windriver.com> +--- + src/mon/Monitor.cc | 56 +++++++++++++++++++++++----------------------- + 1 file changed, 28 insertions(+), 28 deletions(-) + +diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc +index b7cb3eae..eecd2f68 100644 +--- a/src/mon/Monitor.cc ++++ b/src/mon/Monitor.cc +@@ -3226,34 +3226,6 @@ void Monitor::handle_command(MonOpRequestRef op) + return; + } + +- // compat kludge for legacy clients trying to tell commands that are +- // new. see bottom of MonCommands.h. we need to handle both (1) +- // pre-octopus clients and (2) octopus clients with a mix of pre-octopus +- // and octopus mons. +- if ((!HAVE_FEATURE(m->get_connection()->get_features(), SERVER_OCTOPUS) || +- monmap->min_mon_release < ceph_release_t::octopus) && +- (prefix == "injectargs" || +- prefix == "smart" || +- prefix == "mon_status" || +- prefix == "heap")) { +- if (m->get_connection()->get_messenger() == 0) { +- // Prior to octopus, monitors might forward these messages +- // around. that was broken at baseline, and if we try to process +- // this message now, it will assert out when we try to send a +- // message in reply from the asok/tell worker (see +- // AnonConnection). Just reply with an error. +- dout(5) << __func__ << " failing forwarded command from a (presumably) " +- << "pre-octopus peer" << dendl; +- reply_command( +- op, -EBUSY, +- "failing forwarded tell command in mixed-version mon cluster", 0); +- return; +- } +- dout(5) << __func__ << " passing command to tell/asok" << dendl; +- cct->get_admin_socket()->queue_tell_command(m); +- return; +- } +- + string module; + string err; + +@@ -3368,6 +3340,34 @@ void Monitor::handle_command(MonOpRequestRef op) + << "entity='" << session->entity_name << "' " + << "cmd=" << m->cmd << ": dispatch"; + ++ // compat kludge for legacy clients trying to tell commands that are ++ // new. see bottom of MonCommands.h. we need to handle both (1) ++ // pre-octopus clients and (2) octopus clients with a mix of pre-octopus ++ // and octopus mons. ++ if ((!HAVE_FEATURE(m->get_connection()->get_features(), SERVER_OCTOPUS) || ++ monmap->min_mon_release < ceph_release_t::octopus) && ++ (prefix == "injectargs" || ++ prefix == "smart" || ++ prefix == "mon_status" || ++ prefix == "heap")) { ++ if (m->get_connection()->get_messenger() == 0) { ++ // Prior to octopus, monitors might forward these messages ++ // around. that was broken at baseline, and if we try to process ++ // this message now, it will assert out when we try to send a ++ // message in reply from the asok/tell worker (see ++ // AnonConnection). Just reply with an error. ++ dout(5) << __func__ << " failing forwarded command from a (presumably) " ++ << "pre-octopus peer" << dendl; ++ reply_command( ++ op, -EBUSY, ++ "failing forwarded tell command in mixed-version mon cluster", 0); ++ return; ++ } ++ dout(5) << __func__ << " passing command to tell/asok" << dendl; ++ cct->get_admin_socket()->queue_tell_command(m); ++ return; ++ } ++ + if (mon_cmd->is_mgr()) { + const auto& hdr = m->get_header(); + uint64_t size = hdr.front_len + hdr.middle_len + hdr.data_len; +-- +2.25.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0003-PendingReleaseNotes-note-about-security-fix.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0003-PendingReleaseNotes-note-about-security-fix.patch new file mode 100644 index 00000000..ed2a63e7 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0003-PendingReleaseNotes-note-about-security-fix.patch @@ -0,0 +1,31 @@ +From 56800925651857821034ac9c8ec82d45635cc3b8 Mon Sep 17 00:00:00 2001 +From: Josh Durgin <jdurgin@redhat.com> +Date: Wed, 13 May 2020 21:34:56 -0700 +Subject: [PATCH 3/3] PendingReleaseNotes: note about security fix + +Signed-off-by: Josh Durgin <jdurgin@redhat.com> + +Upstream-status: Backport +[https://github.com/ceph/ceph/commit/06f239fc35f35865d2cf92dda1ac8f4d5fe82bde] + +Signed-off-by: Liu Haitao <haitao.liu@windriver.com> +--- + PendingReleaseNotes | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/PendingReleaseNotes b/PendingReleaseNotes +index c9fd4c79..6e07ce6d 100644 +--- a/PendingReleaseNotes ++++ b/PendingReleaseNotes +@@ -1,6 +1,8 @@ + >=15.0.0 + -------- + ++* CVE-2020-10736: Fixes an authorization bypass in monitor and manager daemons ++ + * The RGW "num_rados_handles" has been removed. + * If you were using a value of "num_rados_handles" greater than 1 + multiply your current "objecter_inflight_ops" and +-- +2.25.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph_13.2.2.bb b/external/meta-virtualization/recipes-extended/ceph/ceph_13.2.2.bb deleted file mode 100644 index 08021cf7..00000000 --- a/external/meta-virtualization/recipes-extended/ceph/ceph_13.2.2.bb +++ /dev/null @@ -1,103 +0,0 @@ -SUMMARY = "User space components of the Ceph file system" -LICENSE = "LGPLv2.1 & GPLv2 & Apache-2.0 & MIT" -LIC_FILES_CHKSUM = "file://COPYING-LGPL2.1;md5=fbc093901857fcd118f065f900982c24 \ - file://COPYING-GPL2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://COPYING;md5=92d301c8fccd296f2221a68a8dd53828 \ -" -inherit cmake pythonnative python-dir systemd -# Disable python pybind support for ceph temporary, when corss compiling pybind, -# pybind mix cmake and python setup environment, would case a lot of errors. - -SRC_URI = "http://download.ceph.com/tarballs/ceph-${PV}.tar.gz \ - file://0001-Correct-the-path-to-find-version.h-in-rocksdb.patch \ - file://0001-zstd-fix-error-for-cross-compile.patch \ - file://0001-ceph-add-pybind-support-in-OE.patch \ - file://0001-ceph-detect-init-correct-the-installation-for-OE.patch \ - file://ceph.conf \ -" -SRC_URI[md5sum] = "ce118be451dcb6b89e9e0a45057827dd" -SRC_URI[sha256sum] = "f3a61db4c90e00c38a2dac7239b956ec367ef56f601e07335ed3011f931d8840" - -DEPENDS = "boost bzip2 curl expat gperf-native \ - keyutils libaio libibverbs lz4 \ - nspr nss \ - oath openldap openssl \ - python python-cython-native rocksdb snappy udev \ - valgrind xfsprogs zlib \ -" -SYSTEMD_SERVICE_${PN} = " \ - ceph-radosgw@.service \ - ceph-radosgw.target \ - ceph-mon@.service \ - ceph-mon.target \ - ceph-mds@.service \ - ceph-mds.target \ - ceph-disk@.service \ - ceph-osd@.service \ - ceph-osd.target \ - ceph.target \ - ceph-fuse@.service \ - ceph-fuse.target \ - ceph-rbd-mirror@.service \ - ceph-rbd-mirror.target \ - ceph-volume@.service \ - ceph-mgr@.service \ - ceph-mgr.target \ - rbdmap.service \ -" -OECMAKE_GENERATOR = "Unix Makefiles" - -EXTRA_OECMAKE = "-DWITH_MANPAGE=OFF \ - -DWITH_FUSE=OFF \ - -DWITH_SPDK=OFF \ - -DWITH_LEVELDB=OFF \ - -DWITH_LTTNG=OFF \ - -DWITH_BABELTRACE=OFF \ - -DWITH_TESTS=OFF \ - -DWITH_MGR=OFF \ - -DWITH_MGR_DASHBOARD_FRONTEND=OFF \ - -DWITH_SYSTEM_BOOST=ON \ - -DWITH_SYSTEM_ROCKSDB=ON \ -" - -do_configure_prepend () { - echo "set( CMAKE_SYSROOT \"${RECIPE_SYSROOT}\" )" >> ${WORKDIR}/toolchain.cmake - echo "set( CMAKE_DESTDIR \"${D}\" )" >> ${WORKDIR}/toolchain.cmake - echo "set( PYTHON_SITEPACKAGES_DIR \"${PYTHON_SITEPACKAGES_DIR}\" )" >> ${WORKDIR}/toolchain.cmake -} - -do_install_append () { - sed -i -e 's:${WORKDIR}.*python2:${bindir}/python:' ${D}${bindir}/ceph - sed -i -e 's:${WORKDIR}.*python2:${bindir}/python:' ${D}${bindir}/ceph-disk - sed -i -e 's:${WORKDIR}.*python2:${bindir}/python:' ${D}${bindir}/ceph-detect-init - find ${D} -name SOURCES.txt | xargs sed -i -e 's:${WORKDIR}::' - install -d ${D}${sysconfdir}/ceph - install -m 644 ${WORKDIR}/ceph.conf ${D}${sysconfdir}/ceph/ - install -d ${D}${systemd_unitdir} - mv ${D}${libexecdir}/systemd/system ${D}${systemd_unitdir} - mv ${D}${libexecdir}/ceph/ceph-osd-prestart.sh ${D}${libdir}/ceph - mv ${D}${libexecdir}/ceph/ceph_common.sh ${D}${libdir}/ceph -} - -FILES_${PN} += "\ - ${libdir}/rados-classes/*.so.* \ - ${libdir}/ceph/compressor/*.so \ - ${libdir}/rados-classes/*.so \ - ${libdir}/ceph/*.so \ -" -FILES_${PN}-python = "\ - ${PYTHON_SITEPACKAGES_DIR}/* \ -" -RDEPENDS_${PN} += "\ - python \ - python-misc \ - python-modules \ - python-prettytable \ - ${PN}-python \ -" -COMPATIBLE_HOST = "(x86_64).*" -PACKAGES += " \ - ${PN}-python \ -" -INSANE_SKIP_${PN}-python += "ldflags" -INSANE_SKIP_${PN} += "dev-so" diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph_15.2.0.bb b/external/meta-virtualization/recipes-extended/ceph/ceph_15.2.0.bb new file mode 100644 index 00000000..9423faa4 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph_15.2.0.bb @@ -0,0 +1,150 @@ +SUMMARY = "User space components of the Ceph file system" +LICENSE = "LGPLv2.1 & GPLv2 & Apache-2.0 & MIT" +LIC_FILES_CHKSUM = "file://COPYING-LGPL2.1;md5=fbc093901857fcd118f065f900982c24 \ + file://COPYING-GPL2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://COPYING;md5=4eb012c221c5fd4b760029a2981a6754 \ +" +inherit cmake python3native python3-dir systemd +# Disable python pybind support for ceph temporary, when corss compiling pybind, +# pybind mix cmake and python setup environment, would case a lot of errors. + +SRC_URI = "http://download.ceph.com/tarballs/ceph-${PV}.tar.gz \ + file://0001-ceph-fix-build-errors-for-cross-compile.patch \ + file://0001-fix-host-library-paths-were-used.patch \ + file://ceph.conf \ + file://0001-msg-async-ProtocolV2-avoid-AES-GCM-nonce-reuse-vulne.patch \ + file://0001-msg-async-crypto_onwire-fix-endianness-of-nonce_t.patch \ + file://0001-rgw-reject-unauthenticated-response-header-actions.patch \ + file://0001-rgw-EPERM-to-ERR_INVALID_REQUEST.patch \ + file://0001-rgw-reject-control-characters-in-response-header-act.patch \ + file://0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch \ + file://0002-mon-enforce-caps-for-pre-octopus-client-tell-command.patch \ + file://0003-PendingReleaseNotes-note-about-security-fix.patch \ +" + +SRC_URI[md5sum] = "1f9af648b4c6d19975aab2583ab99710" +SRC_URI[sha256sum] = "4292c473d1714a6602c525d7582e4e03ec608f0a1cbc0dd338207e5c7068e0d3" +SRC_URI[sha1sum] = "7158806ece1483fcccdf1172c20cc34d9401c543" +SRC_URI[sha384sum] = "20e996dbf30d1e33a6d6aae36960190125ce263d306415bcec5d2b3032b8b8f730deeba3ca318576573127d08909404a" +SRC_URI[sha512sum] = "07a3ff2ccf1a3abac652ff8c5f1611e7c628fcedcb280adc6cd49792b46fa50c7c29437dc57c2c4a6af708a6833abf8c1a386ef2142d30bd5e1f214ba7aec4f2" + +DEPENDS = "boost bzip2 curl expat gperf-native \ + keyutils libaio libibverbs lz4 \ + nspr nss \ + oath openldap openssl \ + python3 python3-cython-native rabbitmq-c rocksdb snappy udev \ + valgrind xfsprogs zlib \ +" +SYSTEMD_SERVICE_${PN} = " \ + ceph-radosgw@.service \ + ceph-radosgw.target \ + ceph-mon@.service \ + ceph-mon.target \ + ceph-mds@.service \ + ceph-mds.target \ + ceph-osd@.service \ + ceph-osd.target \ + ceph.target \ + ceph-rbd-mirror@.service \ + ceph-rbd-mirror.target \ + ceph-volume@.service \ + ceph-mgr@.service \ + ceph-mgr.target \ + ceph-crash.service \ + rbdmap.service \ + ceph-immutable-object-cache@.service \ + ceph-immutable-object-cache.target \ +" +OECMAKE_GENERATOR = "Unix Makefiles" + +EXTRA_OECMAKE = "-DWITH_MANPAGE=OFF \ + -DWITH_FUSE=OFF \ + -DWITH_SPDK=OFF \ + -DWITH_LEVELDB=OFF \ + -DWITH_LTTNG=OFF \ + -DWITH_BABELTRACE=OFF \ + -DWITH_TESTS=OFF \ + -DWITH_MGR=OFF \ + -DWITH_MGR_DASHBOARD_FRONTEND=OFF \ + -DWITH_SYSTEM_BOOST=ON \ + -DWITH_SYSTEM_ROCKSDB=ON \ + -DWITH_RDMA=OFF \ + -DWITH_RADOSGW_AMQP_ENDPOINT=OFF \ + -DPYTHON_INSTALL_DIR=${PYTHON_SITEPACKAGES_DIR} -DPYTHON_DESIRED=3 \ + -DPython3_EXECUTABLE=${PYTHON} \ + -DWITH_RADOSGW_KAFKA_ENDPOINT=OFF \ +" + +export STAGING_DIR_HOST + +do_configure_prepend () { + echo "set( CMAKE_SYSROOT \"${RECIPE_SYSROOT}\" )" >> ${WORKDIR}/toolchain.cmake + echo "set( CMAKE_DESTDIR \"${D}\" )" >> ${WORKDIR}/toolchain.cmake + echo "set( PYTHON_SITEPACKAGES_DIR \"${PYTHON_SITEPACKAGES_DIR}\" )" >> ${WORKDIR}/toolchain.cmake +} + +do_install_append () { + sed -i -e 's:^#!/usr/bin/python$:&3:' \ + -e 's:${WORKDIR}.*python3:${bindir}/python3:' \ + ${D}${bindir}/ceph ${D}${bindir}/ceph-crash \ + ${D}${bindir}/ceph-volume ${D}${bindir}/ceph-volume-systemd + find ${D} -name SOURCES.txt | xargs sed -i -e 's:${WORKDIR}::' + install -d ${D}${sysconfdir}/ceph + install -m 644 ${WORKDIR}/ceph.conf ${D}${sysconfdir}/ceph/ + install -d ${D}${systemd_unitdir} + mv ${D}${libexecdir}/systemd/system ${D}${systemd_unitdir} + mv ${D}${libexecdir}/ceph/ceph-osd-prestart.sh ${D}${libdir}/ceph + mv ${D}${libexecdir}/ceph/ceph_common.sh ${D}${libdir}/ceph + # WITH_FUSE is set to OFF, remove ceph-fuse related units + rm ${D}${systemd_unitdir}/system/ceph-fuse.target ${D}${systemd_unitdir}/system/ceph-fuse@.service +} + +do_install_append_class-target () { + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /var/lib/ceph/crash/posted 0755 root root - -" > ${D}${sysconfdir}/tmpfiles.d/ceph-placeholder.conf + fi + + if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/default/volatiles + echo "d root root 0755 /var/lib/ceph/crash/posted none" > ${D}${sysconfdir}/default/volatiles/99_ceph-placeholder + fi +} + +pkg_postinst_${PN}() { + if [ -z "$D" ] && [ -e ${sysconfdir}/init.d/populate-volatile.sh ] ; then + ${sysconfdir}/init.d/populate-volatile.sh update + fi +} + +FILES_${PN} += "\ + ${libdir}/rados-classes/*.so.* \ + ${libdir}/ceph/compressor/*.so \ + ${libdir}/rados-classes/*.so \ + ${libdir}/ceph/*.so \ +" + +FILES_${PN} += " \ + /etc/tmpfiles.d/ceph-placeholder.conf \ + /etc/default/volatiles/99_ceph-placeholder \ +" + +FILES_${PN}-python = "\ + ${PYTHON_SITEPACKAGES_DIR}/* \ +" +RDEPENDS_${PN} += "\ + python3-core \ + python3-misc \ + python3-modules \ + python3-prettytable \ + ${PN}-python \ +" +COMPATIBLE_HOST = "(x86_64).*" +PACKAGES += " \ + ${PN}-python \ +" +INSANE_SKIP_${PN}-python += "ldflags" +INSANE_SKIP_${PN} += "dev-so" +CCACHE_DISABLE = "1" + +CVE_PRODUCT = "ceph ceph_storage ceph_storage_mon ceph_storage_osd" diff --git a/external/meta-virtualization/recipes-extended/dev86/dev86_0.16.20.bb b/external/meta-virtualization/recipes-extended/dev86/dev86_0.16.20.bb index 38dbf8d4..d93e4871 100644 --- a/external/meta-virtualization/recipes-extended/dev86/dev86_0.16.20.bb +++ b/external/meta-virtualization/recipes-extended/dev86/dev86_0.16.20.bb @@ -5,10 +5,10 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b" SECTION = "console/tools" PR="r0" -SRC_URI="http://v3.sk/~lkundrak/dev86/archive/Dev86src-${PV}.tar.gz" +SRC_URI="https://github.com/lkundrak/dev86/archive/v${PV}.tar.gz" -SRC_URI[md5sum] = "567cf460d132f9d8775dd95f9208e49a" -SRC_URI[sha256sum] = "61817a378c8c8ba65f36c6792d457a305dc4eedae8cdc8b6233bf2bb28e5fe8d" +SRC_URI[md5sum] = "288af53f256300777efc91d97c082fda" +SRC_URI[sha256sum] = "533f2a0d2ed61223040f27e5cd007a11d969aaf34f6b709ece122b1e6fc50580" S = "${WORKDIR}/dev86-${PV}" diff --git a/external/meta-virtualization/recipes-extended/diod/diod_1.0.24.bb b/external/meta-virtualization/recipes-extended/diod/diod_1.0.24.bb index bb5707e5..a4a85284 100644 --- a/external/meta-virtualization/recipes-extended/diod/diod_1.0.24.bb +++ b/external/meta-virtualization/recipes-extended/diod/diod_1.0.24.bb @@ -16,9 +16,12 @@ SRC_URI = "git://github.com/chaos/diod.git;protocol=git \ file://0001-build-allow-builds-to-work-with-separate-build-dir.patch \ file://0002-auto.diod.in-remove-bashisms.patch \ file://0001-diod-ops.c-add-header-file-for-makedev.patch \ + file://0001-drod-add-option-to-config-systemddir.patch \ " DEPENDS = "libcap ncurses tcp-wrappers lua" +EXTRA_OECONF = "--with-systemddir=${systemd_unitdir}/system" + S = "${WORKDIR}/git" inherit autotools systemd diff --git a/external/meta-virtualization/recipes-extended/diod/files/0001-drod-add-option-to-config-systemddir.patch b/external/meta-virtualization/recipes-extended/diod/files/0001-drod-add-option-to-config-systemddir.patch new file mode 100644 index 00000000..8b70d8fa --- /dev/null +++ b/external/meta-virtualization/recipes-extended/diod/files/0001-drod-add-option-to-config-systemddir.patch @@ -0,0 +1,51 @@ +From 365159534b1981dfe291ecc05d2455f32652a166 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Mon, 26 Aug 2019 18:00:39 +0800 +Subject: [PATCH] drod: add option to config systemddir + +Upstream-Status: Pending + +Not need to send upstream, since upstream have refactor +related code, but not released. and this version release +4 years ago, not proper to just backport one or more +commits, this patch maybe could be dropped after upgrade. + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + configure.ac | 9 +++++++++ + scripts/Makefile.am | 2 +- + 2 files changed, 10 insertions(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 1cb8579..3e4a5ec 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -25,6 +25,15 @@ AC_DEFINE([_GNU_SOURCE], 1, + [Define _GNU_SOURCE so that we get all necessary prototypes]) + + ## ++#Add option to config systemddir ++## ++AC_ARG_WITH([systemddir], ++ [AS_HELP_STRING([--with-systemddir=DIR], [systemd dir])], ++ [systemddir=$withval], ++ [systemddir="/lib/systemd/system"]) ++AC_SUBST([systemddir], [$systemddir]) ++ ++## + # Checks for programs + ## + AC_PROG_CC +diff --git a/scripts/Makefile.am b/scripts/Makefile.am +index 2aba728..40822b7 100644 +--- a/scripts/Makefile.am ++++ b/scripts/Makefile.am +@@ -1,4 +1,4 @@ +-systemddir=/lib/systemd/system ++systemddir=@systemddir@ + + install-data-local: + $(top_srcdir)/config/install-sh -m 755 ./auto.diod \ +-- +2.7.4 + diff --git a/external/meta-virtualization/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb b/external/meta-virtualization/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb new file mode 100644 index 00000000..a8bbf0f5 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb @@ -0,0 +1,15 @@ +SUMMARY = "FUSE implementation of overlayfs." +DESCRIPTION = "An implementation of overlay+shiftfs in FUSE for rootless \ +containers." + +LICENSE = "GPLv3+" +LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" + +SRCREV = "098d9ad79fdbb8538adde08628408aa32a8b4b17" +SRC_URI = "git://github.com/containers/fuse-overlayfs.git;nobranch=1" + +DEPENDS = "fuse3" + +S = "${WORKDIR}/git" + +inherit autotools pkgconfig diff --git a/external/meta-virtualization/recipes-extended/hyperstart/hyperstart/0001-container.c-Fix-compiler-errors-that-gcc-8.1.0-repor.patch b/external/meta-virtualization/recipes-extended/hyperstart/hyperstart/0001-container.c-Fix-compiler-errors-that-gcc-8.1.0-repor.patch index 4a01de5b..091ce3cf 100644 --- a/external/meta-virtualization/recipes-extended/hyperstart/hyperstart/0001-container.c-Fix-compiler-errors-that-gcc-8.1.0-repor.patch +++ b/external/meta-virtualization/recipes-extended/hyperstart/hyperstart/0001-container.c-Fix-compiler-errors-that-gcc-8.1.0-repor.patch @@ -1,4 +1,4 @@ -From 11f5089300c1c368d896c95890827dc85a67f132 Mon Sep 17 00:00:00 2001 +From 085dd65bba063e391350487f2a5e4a7bf69ee6c8 Mon Sep 17 00:00:00 2001 From: Jason Wessel <jason.wessel@windriver.com> Date: Fri, 15 Jun 2018 08:04:35 -0700 Subject: [PATCH] container.c: Fix compiler errors that gcc 8.1.0 reports @@ -47,12 +47,13 @@ container.c:176:4: note: 'sprintf' output 9 or more bytes (assuming 520) into a ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Jason Wessel <jason.wessel@windriver.com> + --- src/container.c | 47 ++++++++++++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 19 deletions(-) diff --git a/src/container.c b/src/container.c -index 0938d82..b1c52d4 100644 +index fee67ff..94d49d8 100644 --- a/src/container.c +++ b/src/container.c @@ -22,6 +22,8 @@ @@ -64,7 +65,7 @@ index 0938d82..b1c52d4 100644 static int container_populate_volume(char *src, char *dest) { struct stat st; -@@ -99,12 +101,12 @@ static int container_setup_volume(struct hyper_pod *pod, +@@ -116,12 +118,12 @@ static int container_setup_volume(struct hyper_pod *pod, struct hyper_container *container) { int i; @@ -79,8 +80,8 @@ index 0938d82..b1c52d4 100644 + char mountpoint[MAX_PBUF]; char *options = NULL; const char *filevolume = NULL; - vol = &container->vols[i]; -@@ -128,7 +130,8 @@ static int container_setup_volume(struct hyper_pod *pod, + bool newvolume = false; +@@ -146,7 +148,8 @@ static int container_setup_volume(struct hyper_pod *pod, if (hyper_mount_nfs(vol->device, path) < 0) return -1; /* nfs export has implicitly included _data part of the volume */ @@ -90,7 +91,7 @@ index 0938d82..b1c52d4 100644 } else { fprintf(stdout, "mount %s to %s, tmp path %s\n", dev, vol->mountpoint, path); -@@ -137,7 +140,7 @@ static int container_setup_volume(struct hyper_pod *pod, +@@ -155,7 +158,7 @@ static int container_setup_volume(struct hyper_pod *pod, options = "nouuid"; if (access(dev, R_OK) < 0) { @@ -99,7 +100,7 @@ index 0938d82..b1c52d4 100644 sprintf(device, "/block/%s", vol->device); hyper_netlink_wait_dev(pod->ueventfd, device); } -@@ -146,7 +149,8 @@ static int container_setup_volume(struct hyper_pod *pod, +@@ -164,7 +167,8 @@ static int container_setup_volume(struct hyper_pod *pod, perror("mount volume device failed"); return -1; } @@ -108,8 +109,8 @@ index 0938d82..b1c52d4 100644 + return -1; } - if (container_check_file_volume(volume, &filevolume) < 0) -@@ -173,7 +177,8 @@ static int container_setup_volume(struct hyper_pod *pod, + if (container_check_volume(volume, &filevolume, &newvolume) < 0) +@@ -193,7 +197,8 @@ static int container_setup_volume(struct hyper_pod *pod, perror("create volume file failed"); return -1; } @@ -119,7 +120,7 @@ index 0938d82..b1c52d4 100644 /* 0777 so that any user can read/write the new file volume */ if (chmod(volume, 0777) < 0) { fprintf(stderr, "fail to chmod directory %s\n", volume); -@@ -197,9 +202,9 @@ static int container_setup_volume(struct hyper_pod *pod, +@@ -217,9 +222,9 @@ static int container_setup_volume(struct hyper_pod *pod, for (i = 0; i < container->maps_num; i++) { struct stat st; @@ -131,7 +132,7 @@ index 0938d82..b1c52d4 100644 sprintf(path, "%s/%s", SHARED_DIR, map->source); sprintf(mountpoint, "./%s", map->path); -@@ -215,7 +220,8 @@ static int container_setup_volume(struct hyper_pod *pod, +@@ -235,7 +240,8 @@ static int container_setup_volume(struct hyper_pod *pod, } if (map->docker) { /* converted from volume */ @@ -141,7 +142,7 @@ index 0938d82..b1c52d4 100644 src = volume; if (container->initialize && (container_populate_volume(mountpoint, volume) < 0)) { -@@ -251,7 +257,7 @@ static int container_setup_modules(struct hyper_container *container) +@@ -271,7 +277,7 @@ static int container_setup_modules(struct hyper_container *container) { struct stat st; struct utsname uts; @@ -150,7 +151,7 @@ index 0938d82..b1c52d4 100644 if (uname(&uts) < 0) { perror("fail to call uname"); -@@ -259,7 +265,8 @@ static int container_setup_modules(struct hyper_container *container) +@@ -279,7 +285,8 @@ static int container_setup_modules(struct hyper_container *container) } sprintf(src, "/lib/modules/%s", uts.release); @@ -160,7 +161,7 @@ index 0938d82..b1c52d4 100644 if (stat(dst, &st) == 0) { struct dirent **list; -@@ -291,7 +298,7 @@ static int container_setup_modules(struct hyper_container *container) +@@ -318,7 +325,7 @@ static int container_setup_modules(struct hyper_container *container) static int container_setup_mount(struct hyper_container *container) { @@ -169,7 +170,7 @@ index 0938d82..b1c52d4 100644 // current dir is container rootfs, the operations on "./PATH" are the operations on container's "/PATH" if (!container->readonly) { -@@ -546,7 +553,7 @@ static int hyper_setup_container_rootfs(void *data) +@@ -576,7 +583,7 @@ static int hyper_setup_container_rootfs(void *data) { struct hyper_container_arg *arg = data; struct hyper_container *container = arg->c; @@ -178,7 +179,7 @@ index 0938d82..b1c52d4 100644 int setup_dns; /* wait for ns-opened ready message */ -@@ -609,7 +616,7 @@ static int hyper_setup_container_rootfs(void *data) +@@ -639,7 +646,7 @@ static int hyper_setup_container_rootfs(void *data) goto fail; } } else { @@ -187,7 +188,7 @@ index 0938d82..b1c52d4 100644 sprintf(path, "%s/%s/", SHARED_DIR, container->image); fprintf(stdout, "src directory %s\n", path); -@@ -627,7 +634,9 @@ static int hyper_setup_container_rootfs(void *data) +@@ -657,7 +664,9 @@ static int hyper_setup_container_rootfs(void *data) fprintf(stdout, "root directory for container is %s/%s, init task %s\n", root, container->rootfs, container->exec.argv[0]); @@ -198,7 +199,7 @@ index 0938d82..b1c52d4 100644 if (mount(rootfs, rootfs, NULL, MS_BIND|MS_REC, NULL) < 0) { perror("failed to bind rootfs"); goto fail; -@@ -710,7 +719,7 @@ fail: +@@ -740,7 +749,7 @@ fail: static int hyper_setup_pty(struct hyper_container *c) { @@ -207,7 +208,7 @@ index 0938d82..b1c52d4 100644 sprintf(root, "/tmp/hyper/%s/devpts/", c->id); -@@ -730,7 +739,7 @@ static int hyper_setup_pty(struct hyper_container *c) +@@ -760,7 +769,7 @@ static int hyper_setup_pty(struct hyper_container *c) static void hyper_cleanup_pty(struct hyper_container *c) { @@ -216,7 +217,7 @@ index 0938d82..b1c52d4 100644 sprintf(path, "/tmp/hyper/%s/devpts/", c->id); if (umount(path) < 0) -@@ -739,7 +748,7 @@ static void hyper_cleanup_pty(struct hyper_container *c) +@@ -769,7 +778,7 @@ static void hyper_cleanup_pty(struct hyper_container *c) int container_prepare_rootfs_dev(struct hyper_container *container, struct hyper_pod *pod) { @@ -225,6 +226,3 @@ index 0938d82..b1c52d4 100644 if (container->fstype == NULL) return 0; --- -2.17.1 - diff --git a/external/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb b/external/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb index 3c64f24e..9f984191 100644 --- a/external/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb +++ b/external/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb @@ -10,7 +10,7 @@ SRC_URI = "git://github.com/hyperhq/hyperstart.git" SRC_URI += "file://0001-container.c-Fix-compiler-errors-that-gcc-8.1.0-repor.patch" SRCREV = "15bb718ad34045aa1962a8204f602c6afe9a76ab" -PV = "v0.2+git${SRCREV}" +PV = "v0.2+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-extended/images/container-base.bb b/external/meta-virtualization/recipes-extended/images/container-base.bb new file mode 100644 index 00000000..434239a8 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/images/container-base.bb @@ -0,0 +1,31 @@ +# +# Based on examples from Scott Murray (Building Container Images with +# OpenEmbedded and the Yocto Project) ELCe 2018 +# +SUMMARY = "Basic container image" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + +IMAGE_FSTYPES = "container oci" +inherit image +inherit image-oci + +IMAGE_FEATURES = "" +IMAGE_LINGUAS = "" +NO_RECOMMENDATIONS = "1" + +IMAGE_INSTALL = " \ + base-files \ + base-passwd \ + netbase \ +" + +# Allow build with or without a specific kernel +IMAGE_CONTAINER_NO_DUMMY = "1" + +# Workaround /var/volatile for now +ROOTFS_POSTPROCESS_COMMAND += "rootfs_fixup_var_volatile ; " +rootfs_fixup_var_volatile () { + install -m 1777 -d ${IMAGE_ROOTFS}/${localstatedir}/volatile/tmp + install -m 755 -d ${IMAGE_ROOTFS}/${localstatedir}/volatile/log +} diff --git a/external/meta-virtualization/recipes-extended/images/uxen-guest-image-minimal.bb b/external/meta-virtualization/recipes-extended/images/uxen-guest-image-minimal.bb new file mode 100644 index 00000000..d37a95b7 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/images/uxen-guest-image-minimal.bb @@ -0,0 +1,9 @@ +DESCRIPTION = "A Linux guest image for the uXen type-2 hypervisor." +LICENSE = "MIT" + +inherit core-image + +IMAGE_INSTALL += " \ + packagegroup-core-boot \ + uxen-guest-tools \ + " diff --git a/external/meta-virtualization/recipes-extended/images/xen-guest-image-minimal.bb b/external/meta-virtualization/recipes-extended/images/xen-guest-image-minimal.bb index d311eaef..63c7510d 100644 --- a/external/meta-virtualization/recipes-extended/images/xen-guest-image-minimal.bb +++ b/external/meta-virtualization/recipes-extended/images/xen-guest-image-minimal.bb @@ -1,6 +1,6 @@ DESCRIPTION = "A Xen guest image." -inherit core-image distro_features_check +inherit core-image features_check IMAGE_INSTALL += " \ packagegroup-core-boot \ diff --git a/external/meta-virtualization/recipes-extended/images/xen-image-minimal.bb b/external/meta-virtualization/recipes-extended/images/xen-image-minimal.bb index c39d3782..c965f221 100644 --- a/external/meta-virtualization/recipes-extended/images/xen-image-minimal.bb +++ b/external/meta-virtualization/recipes-extended/images/xen-image-minimal.bb @@ -12,10 +12,18 @@ IMAGE_INSTALL += " \ kernel-module-xen-netback \ ${@bb.utils.contains('MACHINE_FEATURES', 'pci', "${XEN_PCIBACK_MODULE}", '', d)} \ kernel-module-xen-wdt \ - xen-base \ + xen-tools \ qemu \ " +# The hypervisor may not be within the dom0 filesystem image but at least +# ensure that it is deployable: +do_build[depends] += "xen:do_deploy" + +# Networking for HVM-mode guests (x86/64 only) requires the tun kernel module +IMAGE_INSTALL_append_x86 = "kernel-module-tun" +IMAGE_INSTALL_append_x86-64 = "kernel-module-tun" + # Linux kernel option CONFIG_XEN_PCIDEV_BACKEND depends on X86 XEN_PCIBACK_MODULE = "" XEN_PCIBACK_MODULE_x86 = "kernel-module-xen-pciback" @@ -64,3 +72,16 @@ build_syslinux_cfg () { echo " APPEND /xen.gz ${SYSLINUX_XEN_ARGS} --- /vmlinuz ${SYSLINUX_KERNEL_ARGS} --- /initrd" >> ${SYSLINUX_CFG} } +# Enable runqemu. eg: runqemu xen-image-minimal nographic slirp +WKS_FILE_x86-64 = "directdisk-xen.wks" +QB_MEM = "-m 400" +QB_DEFAULT_KERNEL = "" +QB_DEFAULT_FSTYPE = "wic" +QB_FSINFO = "wic:kernel-in-fs" +# qemux86-64 machine does not include 'wic' in IMAGE_FSTYPES, which is needed +# to boot this image, so add it here: +IMAGE_FSTYPES_qemux86-64 += "wic" +# Networking: the qemuboot.bbclass default virtio network device works ok +# and so does the emulated e1000 -- choose according to the network device +# drivers that are present in your dom0 Linux kernel. To switch to e1000: +# QB_NETWORK_DEVICE = "-device e1000,netdev=net0,mac=@MAC@" diff --git a/external/meta-virtualization/recipes-extended/ipxe/files/ipxe-fix-hostcc-nopie-cflags.patch b/external/meta-virtualization/recipes-extended/ipxe/files/ipxe-fix-hostcc-nopie-cflags.patch index da154a6f..865e9bbb 100644 --- a/external/meta-virtualization/recipes-extended/ipxe/files/ipxe-fix-hostcc-nopie-cflags.patch +++ b/external/meta-virtualization/recipes-extended/ipxe/files/ipxe-fix-hostcc-nopie-cflags.patch @@ -1,34 +1,17 @@ -Fix detection of host compiler "no-pie"/"nopie" and link flags. - -Detection of the "no-pie" vs "nopie" flag needs to be performed for both -the host and target compilers; cannot assume that one works for the other. - -Use EXTRA_HOST_CFLAGS and EXTRA_HOST_LDFLAGS variables for passing -host tool parameters if required. Removes previous hardcoded "-O2 -g". - -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> -diff --git a/Makefile.housekeeping b/Makefile.housekeeping -index f833492..5451c39 100644 +diff --git a/src/Makefile.housekeeping b/src/Makefile.housekeeping +index 1dd1479..13f44dd 100644 --- a/Makefile.housekeeping +++ b/Makefile.housekeeping -@@ -133,6 +133,7 @@ eval : - WORKAROUND_CFLAGS := - WORKAROUND_ASFLAGS := - WORKAROUND_LDFLAGS := -+WORKAROUND_HOST_CFLAGS := - - # Make syntax does not allow use of comma or space in certain places. - # This ugly workaround is suggested in the manual. -@@ -445,7 +446,7 @@ endif +@@ -454,7 +454,7 @@ endif CFLAGS += $(WORKAROUND_CFLAGS) $(EXTRA_CFLAGS) ASFLAGS += $(WORKAROUND_ASFLAGS) $(EXTRA_ASFLAGS) LDFLAGS += $(WORKAROUND_LDFLAGS) $(EXTRA_LDFLAGS) --HOST_CFLAGS += $(WORKAROUND_CFLAGS) -O2 -g -+HOST_CFLAGS += $(WORKAROUND_HOST_CFLAGS) $(EXTRA_HOST_CFLAGS) +-HOST_CFLAGS += -O2 -g ++HOST_CFLAGS += -O2 -g $(EXTRA_HOST_CFLAGS) # Inhibit -Werror if NO_WERROR is specified on make command line # -@@ -1375,7 +1376,7 @@ endif # defined(BIN) +@@ -1379,7 +1379,7 @@ endif # defined(BIN) # The compression utilities # @@ -37,32 +20,3 @@ index f833492..5451c39 100644 $(ZBIN) : util/zbin.c $(MAKEDEPS) $(QM)$(ECHO) " [HOSTCC] $@" -diff --git a/arch/i386/Makefile b/arch/i386/Makefile -index b7c2792..4a637ad 100644 ---- a/arch/i386/Makefile -+++ b/arch/i386/Makefile -@@ -78,11 +78,20 @@ CFLAGS += -Ui386 - # -nopie. We therefore test for both. - # - ifeq ($(CCTYPE),gcc) --PIE_TEST = [ -z "`$(CC) -fno-PIE -no-pie -x c -c /dev/null -o /dev/null 2>&1`" ] --PIE_FLAGS := $(shell $(PIE_TEST) && $(ECHO) '-fno-PIE -no-pie') --PIE_TEST2 = [ -z "`$(CC) -fno-PIE -nopie -x c -c /dev/null -o /dev/null 2>&1`" ] -+PIE_TEST1_FLAGS = "-fno-PIE -no-pie -x c -c /dev/null -o /dev/null 2>&1" -+PIE_TEST2_FLAGS = "-fno-PIE -nopie -x c -c /dev/null -o /dev/null 2>&1" -+ -+PIE_TEST1 = [ -z "`$(CC) "$(PIE_TEST1_FLAGS)"`" ] -+PIE_TEST2 = [ -z "`$(CC) "$(PIE_TEST2_FLAGS)"`" ] -+PIE_FLAGS1 := $(shell $(PIE_TEST1) && $(ECHO) '-fno-PIE -no-pie') - PIE_FLAGS2 := $(shell $(PIE_TEST2) && $(ECHO) '-fno-PIE -nopie') --WORKAROUND_CFLAGS += $(PIE_FLAGS) $(PIE_FLAGS2) -+WORKAROUND_CFLAGS += $(PIE_FLAGS1) $(PIE_FLAGS2) -+ -+HOST_PIE_TEST1 = [ -z "`$(HOSTCC) "$(PIE_TEST1_FLAGS)"`" ] -+HOST_PIE_TEST2 = [ -z "`$(HOSTCC) "$(PIE_TEST2_FLAGS)"`" ] -+HOST_PIE_FLAGS1 := $(shell $(HOST_PIE_TEST1) && $(ECHO) '-fno-PIE -no-pie') -+HOST_PIE_FLAGS2 := $(shell $(HOST_PIE_TEST2) && $(ECHO) '-fno-PIE -nopie') -+WORKAROUND_HOST_CFLAGS += $(HOST_PIE_FLAGS1) $(HOST_PIE_FLAGS2) - endif - - # i386-specific directories containing source files diff --git a/external/meta-virtualization/recipes-extended/ipxe/ipxe_git.bb b/external/meta-virtualization/recipes-extended/ipxe/ipxe_git.bb index 1de0f21e..47c5b7ad 100644 --- a/external/meta-virtualization/recipes-extended/ipxe/ipxe_git.bb +++ b/external/meta-virtualization/recipes-extended/ipxe/ipxe_git.bb @@ -4,7 +4,7 @@ LICENSE = "GPLv2" DEPENDS = "binutils-native perl-native syslinux mtools-native cdrtools-native xz" LIC_FILES_CHKSUM = "file://../COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRCREV = "64b4452bca04af433f1c98ab782c0e93cd5c88c0" +SRCREV = "18dc73d27edb55ebe9cb13c58d59af3da3bd374b" PV = "gitr${SRCPV}" PR = "r0" diff --git a/external/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch b/external/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch deleted file mode 100644 index fb22d7a2..00000000 --- a/external/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 20a1b2ff2e6d80924824983c363c80f66e05c0d0 Mon Sep 17 00:00:00 2001 -From: Ming Liu <ming.liu@windriver.com> -Date: Sun, 6 Sep 2015 14:43:24 +0800 -Subject: [PATCH] grasp withval for libcap-ng - -Upstream-Status: Pending - -Signed-off-by: Ming Liu <ming.liu@windriver.com> - ---- - configure.ac | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 38a1bee..95f1488 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -62,7 +62,10 @@ AS_IF( - ]) - - AC_ARG_WITH([libcap-ng], -- AS_HELP_STRING([libcap-ng], [Add libcap-ng-support @<:@default=auto@:>@])) -+ [AS_HELP_STRING([libcap-ng], [Add libcap-ng-support @<:@default=auto@:>@])], -+ [libcap_ng=$withval], -+ [libcap_ng=$withval] -+) - - AS_IF( - [test "x$libcap_ng" != "xno"], diff --git a/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.4.0.bb b/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.4.0.bb deleted file mode 100644 index 1aee7cab..00000000 --- a/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.4.0.bb +++ /dev/null @@ -1,15 +0,0 @@ -# -# Copyright (C) 2015 Wind River Systems, Inc. -# - -require irqbalance.inc - -SRC_URI[md5sum] = "26ee6db57c4509737e541e98773a39f5" -SRC_URI[sha256sum] = "62de71510a2496fcf027efb0b288dd48e53e9efc931fa573c95580cad6264d07" - -SRC_URI = "https://github.com/Irqbalance/irqbalance/archive/v${PV}.tar.gz;downloadfilename=irqbalance-${PV}.tar.gz \ - file://add-initscript.patch \ - file://irqbalance-Add-status-and-reload-commands.patch \ - file://fix-configure-libcap-ng.patch \ - file://irqbalanced.service \ - " diff --git a/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_git.bb b/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_git.bb new file mode 100644 index 00000000..7755e8ea --- /dev/null +++ b/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_git.bb @@ -0,0 +1,18 @@ +# +# Copyright (C) 2015 Wind River Systems, Inc. +# + +require irqbalance.inc + +# commit tagged as version 1.6.0 +# +SRCREV = "b47eea84cbb93f533b0cba2f1aaf9ca4da8706b9" +PV = "1.6.0" + +SRC_URI = "git://github.com/Irqbalance/irqbalance \ + file://add-initscript.patch \ + file://irqbalance-Add-status-and-reload-commands.patch \ + file://irqbalanced.service \ + " + +S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-extended/kvmtool/files/0003-kvmtool-Werror-disabled.patch b/external/meta-virtualization/recipes-extended/kvmtool/files/0003-kvmtool-Werror-disabled.patch new file mode 100644 index 00000000..4d2f2555 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/kvmtool/files/0003-kvmtool-Werror-disabled.patch @@ -0,0 +1,24 @@ +From 377a09c16003eaa40f7f337127b10728ee0ade35 Mon Sep 17 00:00:00 2001 +From: Cevat Bostancioglu <bostancioglucevat@gmail.com> +Date: Wed, 19 Jun 2019 20:36:56 +0300 +Subject: [PATCH] WERROR override disabled. + +WERROR override causes gcc sizeof-pointer-memaccess, format-truncation errors. +--- + Makefile | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/Makefile b/Makefile +index 030ff4e..fc5e177 100644 +--- a/Makefile ++++ b/Makefile +@@ -2,6 +2,7 @@ + # Define WERROR=0 to disable -Werror. + # + ++WERROR = 0 + ifeq ($(strip $(V)),) + E = @echo + Q = @ +-- +2.7.4 diff --git a/external/meta-virtualization/recipes-extended/kvmtool/kvmtool.bb b/external/meta-virtualization/recipes-extended/kvmtool/kvmtool.bb index d487ee27..90ad8a1f 100644 --- a/external/meta-virtualization/recipes-extended/kvmtool/kvmtool.bb +++ b/external/meta-virtualization/recipes-extended/kvmtool/kvmtool.bb @@ -14,10 +14,11 @@ SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/will/kvmtool.git \ file://0001-Avoid-pointers-for-address-of-packed-members.patch \ file://0001-kvmtool-9p-fixed-compilation-error.patch \ file://0002-kvmtool-add-EXTRA_CFLAGS-variable.patch \ + file://0003-kvmtool-Werror-disabled.patch \ " SRCREV = "0e1882a49f81cb15d328ef83a78849c0ea26eecc" -PV = "4.14.0+git${SRCREV}" +PV = "4.14.0+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-extended/libibverbs/libibverbs_1.2.1.bb b/external/meta-virtualization/recipes-extended/libibverbs/libibverbs_1.2.1.bb new file mode 100644 index 00000000..fa7eee62 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libibverbs/libibverbs_1.2.1.bb @@ -0,0 +1,34 @@ +SUMMARY = "Support InfiniBand verbs" +DESCRIPTION = "Libibverbs is a library that allows userspace processes to use InfiniBand/RDMA 'verbs' directly." +HOMEPAGE = "http://www.openfabrics.org/downloads/verbs/" +SECTION = "libs/devel" + +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=7c557f27dd795ba77cc419dddc656b51" + +# Official repo is at git://git.kernel.org/pub/scm/libs/infiniband/libibverbs.git +SRC_URI = "https://www.openfabrics.org/downloads/verbs/${BPN}-${PV}.tar.gz" + +SRC_URI[md5sum] = "1544ebb89d861ce84057ab43dfcd22a0" +SRC_URI[sha256sum] = "c352a7f24e9a9d30ea74faa35d1b721d78d770506a0c03732e3132b7c85ac330" + +inherit autotools + +DEPENDS = "libnl pkgconfig-native" +PACKAGES += "${PN}-utils" +FILES_${PN} = "${sysconfdir} ${libdir}/*.so.*" +FILES_${PN}-utils = "${bindir}" + +PACKAGECONFIG ??= "" +PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind," + +do_install_append() { + mkdir -p ${D}${sysconfdir}/libibverbs.d + rm -f ${D}${libdir}/libibverbs.la +} + +PROVIDES = "virtual/libibverbs" +RPROVIDES_${PN} = "virtual/libibverbs" + +COMPATIBLE_HOST_mipsarch = "none" +COMPATIBLE_HOST_arm = "none" diff --git a/external/meta-virtualization/recipes-extended/libvirt/README b/external/meta-virtualization/recipes-extended/libvirt/README new file mode 100644 index 00000000..af4fd170 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/README @@ -0,0 +1,26 @@ +libvirt default connection mode between client(where for example virsh runs) and +server(where libvirtd runs) is tls which requires keys and certificates for +certificate authority, client and server to be properly generated and deployed. +Otherwise, servers and clients cannot be connected. + +recipes-extended/libvirt/libvirt/gnutls-help.py is provided to help generate +required keys and certificates. + +Usage: +gnutls-help.py [-a|--ca-info] <ca.info> [-b|--server-info] <server.info> [-c|--client-info] <client.info> +If ca.info or server.info or client.info is not provided, a corresponding sample file will be generated. + +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!! "ip_address" field of server.info must be IP address of the server. !! +!! For more details, please refer to: !! +!! https://libvirt.org/remote.html#Remote_certificates !! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +Please deploy cacert.pem to CA and server and client /etc/pki/CA/cacert.pem +Please deploy serverkey.pem to server /etc/pki/libvirt/private/serverkey.pem +Please deploy servercert.pem to server /etc/pki/libvirt/servercert.pem +Please deploy clientkey.pem to client /etc/pki/libvirt/private/clientkey.pem +Please deploy clientcert.pem to client /etc/pki/libvirt/clientcert.pem" + +For more details please refer to libvirt official document, +https://libvirt.org/remote.html#Remote_certificates diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt-python.inc b/external/meta-virtualization/recipes-extended/libvirt/libvirt-python.inc index be9079d7..c5b0fbd2 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt-python.inc +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt-python.inc @@ -1,11 +1,11 @@ -inherit pythonnative python-dir +inherit python3native python3-dir export STAGING_INCDIR export STAGING_LIBDIR export BUILD_SYS export HOST_SYS -RDEPENDS_${PN}-python += "python" +RDEPENDS_${PN}-python += "python3" PACKAGECONFIG_${PN}-python[xen] = ",,,xen-python" PACKAGES += "${PN}-python-staticdev ${PN}-python-dev ${PN}-python-dbg ${PN}-python" @@ -16,10 +16,9 @@ FILES_${PN}-python-dbg += "${PYTHON_SITEPACKAGES_DIR}/.debug/" FILES_${PN}-python = "${bindir}/* ${libdir}/* ${libdir}/${PYTHON_DIR}/*" SRC_URI += "http://libvirt.org/sources/python/libvirt-python-${PV}.tar.gz;name=libvirt_python" -SRC_URI += "file://libvirt_api_xml_path.patch;patchdir=../libvirt-python-${PV}" -SRC_URI[libvirt_python.md5sum] = "32cf281199367aec2881c96d1bd80dc6" -SRC_URI[libvirt_python.sha256sum] = "e36fee5898de3550ed7e63d5d0a8447f9d78f06574634855dee59eae27930908" +SRC_URI[libvirt_python.md5sum] = "2834626b07da6ac4ca1559abfd55c118" +SRC_URI[libvirt_python.sha256sum] = "be644f4809c0e1d368e3ac065df3c66a26dcfe61ecb607ee9706e1799f22c35a" export LIBVIRT_API_PATH = "${S}/docs/libvirt-api.xml" export LIBVIRT_CFLAGS = "-I${S}/include" @@ -41,15 +40,23 @@ python __anonymous () { do_compile_append() { if [ "${LIBVIRT_PYTHON_ENABLE}" = "1" ]; then + # we need the python bindings to look into our source dir, not + # the syroot staged pkgconfig entries. So we clear the sysroot + # for just this portion. + export PKG_CONFIG_SYSROOT_DIR= cd ${WORKDIR}/${BPN}-python-${PV} && \ - ${STAGING_BINDIR_NATIVE}/python-native/python setup.py build + ${STAGING_BINDIR_NATIVE}/python3-native/python3 setup.py build fi } do_install_append() { if [ "${LIBVIRT_PYTHON_ENABLE}" = "1" ]; then + # we need the python bindings to look into our source dir, not + # the syroot staged pkgconfig entries. So we clear the sysroot + # for just this portion. + export PKG_CONFIG_SYSROOT_DIR= cd ${WORKDIR}/${BPN}-python-${PV} && \ - ${STAGING_BINDIR_NATIVE}/python-native/python setup.py install \ + ${STAGING_BINDIR_NATIVE}/python3-native/python3 setup.py install \ --install-lib=${D}/${PYTHON_SITEPACKAGES_DIR} ${LIBVIRT_INSTALL_ARGS} fi } diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-build-drop-unnecessary-libgnu.la-reference.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-build-drop-unnecessary-libgnu.la-reference.patch new file mode 100644 index 00000000..952e8eb0 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-build-drop-unnecessary-libgnu.la-reference.patch @@ -0,0 +1,33 @@ +From 4945576d6c5c7cc9a21a58aaa312829567af13db Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@gmail.com> +Date: Sat, 7 Mar 2020 21:36:27 -0500 +Subject: [PATCH] build: drop unnecessary libgnu.la reference + +Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> +--- + tools/Makefile.am | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/tools/Makefile.am b/tools/Makefile.am +index 2a0a989..93fe283 100644 +--- a/tools/Makefile.am ++++ b/tools/Makefile.am +@@ -168,7 +168,6 @@ virt_host_validate_LDADD = \ + + if WITH_GNUTLS + virt_host_validate_LDADD += ../src/libvirt-net-rpc.la \ +- ../gnulib/lib/libgnu.la \ + $(NULL) + endif + +@@ -270,7 +269,6 @@ BUILT_SOURCES = + + if WITH_GNUTLS + virsh_LDADD += ../src/libvirt-net-rpc.la \ +- ../gnulib/lib/libgnu.la \ + $(NULL) + endif + +-- +2.19.1 + diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-cpu_x86-Do-not-cache-microcode-version.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-cpu_x86-Do-not-cache-microcode-version.patch deleted file mode 100644 index 4413d5fb..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-cpu_x86-Do-not-cache-microcode-version.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 33998cdd47300fc3ca6cb8f85714c149440b9c8b Mon Sep 17 00:00:00 2001 -From: Jiri Denemark <jdenemar@redhat.com> -Date: Fri, 5 Apr 2019 11:33:32 +0200 -Subject: [PATCH 01/11] cpu_x86: Do not cache microcode version -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The microcode version checks are used to invalidate cached CPU data we -get from QEMU. To minimize /proc/cpuinfo parsing the microcode version -was only read when libvirtd started and cached for the daemon's -lifetime. However, the CPU microcode can change anytime (updating the -microcode package can automatically upload it to the CPU) and we need to -stop caching it to avoid using stale CPU model data. - -Signed-off-by: Jiri Denemark <jdenemar@redhat.com> -Reviewed-by: Ján Tomko <jtomko@redhat.com> -(cherry picked from commit be46f613261d3b655a1f15afd635087e68a9c39b) - -Upstream-Status: Backport -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/cpu/cpu_x86.c | 5 +---- - 1 file changed, 1 insertion(+), 4 deletions(-) - -diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c -index cb27550..ce48ca6 100644 ---- a/src/cpu/cpu_x86.c -+++ b/src/cpu/cpu_x86.c -@@ -163,7 +163,6 @@ struct _virCPUx86Map { - }; - - static virCPUx86MapPtr cpuMap; --static unsigned int microcodeVersion; - - int virCPUx86DriverOnceInit(void); - VIR_ONCE_GLOBAL_INIT(virCPUx86Driver); -@@ -1331,8 +1330,6 @@ virCPUx86DriverOnceInit(void) - if (!(cpuMap = virCPUx86LoadMap())) - return -1; - -- microcodeVersion = virHostCPUGetMicrocodeVersion(); -- - return 0; - } - -@@ -2372,7 +2369,7 @@ virCPUx86GetHost(virCPUDefPtr cpu, - goto cleanup; - - ret = x86DecodeCPUData(cpu, cpuData, models); -- cpu->microcodeVersion = microcodeVersion; -+ cpu->microcodeVersion = virHostCPUGetMicrocodeVersion(); - - cleanup: - virCPUx86DataFree(cpuData); --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch index 217bdbc5..02e99ecd 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch @@ -1,4 +1,4 @@ -From ffc71da15c3da068f85d16617b6e0c0175fc0110 Mon Sep 17 00:00:00 2001 +From 1601c21b653bf2bea2547e5efcf1f3cbb8b73f65 Mon Sep 17 00:00:00 2001 From: He Zhe <zhe.he@windriver.com> Date: Tue, 23 Aug 2016 02:28:47 -0400 Subject: [PATCH] ptest: Remove Windows-1252 check from esxutilstest @@ -7,15 +7,16 @@ Currently we use iconv from glibc-locale and it does not support Windows-1252 and we don't need support windows character encoding. Signed-off-by: He Zhe <zhe.he@windriver.com> + --- tests/esxutilstest.c | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/esxutilstest.c b/tests/esxutilstest.c -index 44bdc84..3223de3 100644 +index 2e20200..6c57889 100644 --- a/tests/esxutilstest.c +++ b/tests/esxutilstest.c -@@ -258,7 +258,6 @@ mymain(void) +@@ -256,7 +256,6 @@ mymain(void) DO_TEST(ParseDatastorePath); DO_TEST(ConvertDateTimeToCalendarTime); DO_TEST(EscapeDatastoreItem); @@ -23,6 +24,3 @@ index 44bdc84..3223de3 100644 return result == 0 ? EXIT_SUCCESS : EXIT_FAILURE; } --- -2.8.1 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-to-fix-build-error.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-to-fix-build-error.patch index c920139e..33231960 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-to-fix-build-error.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-to-fix-build-error.patch @@ -1,4 +1,4 @@ -From 8353dc1e642011199c3b3ba057d51d8768e4cd54 Mon Sep 17 00:00:00 2001 +From 7cf1d66c4b01c40b45b8a38370c7ffee46dfb10a Mon Sep 17 00:00:00 2001 From: Lei Maohui <leimaohui@cn.fujitsu.com> Date: Fri, 31 Jul 2015 03:17:07 +0900 Subject: [PATCH] to fix build error @@ -17,26 +17,27 @@ Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com> [MA: rebase to v4.3.0] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- docs/Makefile.am | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/Makefile.am b/docs/Makefile.am -index 9620587..060a82b 100644 +index 61862c4..c259535 100644 --- a/docs/Makefile.am +++ b/docs/Makefile.am -@@ -183,7 +183,7 @@ EXTRA_DIST= \ - hvsupport.pl \ +@@ -360,7 +360,7 @@ EXTRA_DIST= \ + aclperms.htmlinc \ $(schema_DATA) -acl_generated = aclperms.htmlinc +acl.html:: $(srcdir)/aclperms.htmlinc - $(srcdir)/aclperms.htmlinc: $(top_srcdir)/src/access/viraccessperm.h \ - $(srcdir)/genaclperms.pl Makefile.am -@@ -247,8 +247,7 @@ MAINTAINERCLEANFILES += \ - %.png: %.fig - convert -rotate 90 $< $@ + aclperms.htmlinc: $(top_srcdir)/src/access/viraccessperm.h \ + $(top_srcdir)/scripts/genaclperms.py Makefile.am +@@ -426,8 +426,7 @@ manpages/%.html.in: manpages/%.rst + $(AM_V_GEN)$(MKDIR_P) `dirname $@` && \ + $(RST2HTML) --strict $< > $@ || { rm $@ && exit 1; } -%.html.tmp: %.html.in site.xsl subsite.xsl page.xsl \ - $(acl_generated) @@ -44,6 +45,3 @@ index 9620587..060a82b 100644 $(AM_V_GEN)name=`echo $@ | sed -e 's/.tmp//'`; \ dir=`dirname $@` ; \ if test "$$dir" = "."; \ --- -1.9.1 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0002-qemu-Don-t-cache-microcode-version.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0002-qemu-Don-t-cache-microcode-version.patch deleted file mode 100644 index 6d0f2986..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0002-qemu-Don-t-cache-microcode-version.patch +++ /dev/null @@ -1,155 +0,0 @@ -From d606ac113007901522dab6c4b3979686d43eaa87 Mon Sep 17 00:00:00 2001 -From: Jiri Denemark <jdenemar@redhat.com> -Date: Fri, 12 Apr 2019 21:21:05 +0200 -Subject: [PATCH 02/11] qemu: Don't cache microcode version -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -My earlier commit be46f61326 was incomplete. It removed caching of -microcode version in the CPU driver, which means the capabilities XML -will see the correct microcode version. But it is also cached in the -QEMU capabilities cache where it is used to detect whether we need to -reprobe QEMU. By missing the second place, the original commit -be46f61326 made the situation even worse since libvirt would report -correct microcode version while still using the old host CPU model -(visible in domain capabilities XML). - -Signed-off-by: Jiri Denemark <jdenemar@redhat.com> -Reviewed-by: Ján Tomko <jtomko@redhat.com> -(cherry picked from commit 673c62a3b7855a0685d8f116e227c402720b9ee9) - -Conflicts: - src/qemu/qemu_capabilities.c - - virQEMUCapsCacheLookupByArch refactoring (commits - 7948ad4129a and 1a3de67001c) are missing - -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> - -Upstream-Status: Backport -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/qemu/qemu_capabilities.c | 12 ++++++++---- - src/qemu/qemu_capabilities.h | 3 +-- - src/qemu/qemu_driver.c | 9 +-------- - tests/testutilsqemu.c | 2 +- - 4 files changed, 11 insertions(+), 15 deletions(-) - -diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c -index a075677..eaf369f 100644 ---- a/src/qemu/qemu_capabilities.c -+++ b/src/qemu/qemu_capabilities.c -@@ -4700,7 +4700,7 @@ virQEMUCapsNewData(const char *binary, - priv->libDir, - priv->runUid, - priv->runGid, -- priv->microcodeVersion, -+ virHostCPUGetMicrocodeVersion(), - priv->kernelVersion); - } - -@@ -4783,8 +4783,7 @@ virFileCachePtr - virQEMUCapsCacheNew(const char *libDir, - const char *cacheDir, - uid_t runUid, -- gid_t runGid, -- unsigned int microcodeVersion) -+ gid_t runGid) - { - char *capsCacheDir = NULL; - virFileCachePtr cache = NULL; -@@ -4808,7 +4807,6 @@ virQEMUCapsCacheNew(const char *libDir, - - priv->runUid = runUid; - priv->runGid = runGid; -- priv->microcodeVersion = microcodeVersion; - - if (uname(&uts) == 0 && - virAsprintf(&priv->kernelVersion, "%s %s", uts.release, uts.version) < 0) -@@ -4829,8 +4827,11 @@ virQEMUCapsPtr - virQEMUCapsCacheLookup(virFileCachePtr cache, - const char *binary) - { -+ virQEMUCapsCachePrivPtr priv = virFileCacheGetPriv(cache); - virQEMUCapsPtr ret = NULL; - -+ priv->microcodeVersion = virHostCPUGetMicrocodeVersion(); -+ - ret = virFileCacheLookup(cache, binary); - - VIR_DEBUG("Returning caps %p for %s", ret, binary); -@@ -4876,10 +4877,13 @@ virQEMUCapsPtr - virQEMUCapsCacheLookupByArch(virFileCachePtr cache, - virArch arch) - { -+ virQEMUCapsCachePrivPtr priv = virFileCacheGetPriv(cache); - virQEMUCapsPtr ret = NULL; - virArch target; - struct virQEMUCapsSearchData data = { .arch = arch }; - -+ priv->microcodeVersion = virHostCPUGetMicrocodeVersion(); -+ - ret = virFileCacheLookupByFunc(cache, virQEMUCapsCompareArch, &data); - if (!ret) { - /* If the first attempt at finding capabilities has failed, try -diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h -index 3d3a978..956babc 100644 ---- a/src/qemu/qemu_capabilities.h -+++ b/src/qemu/qemu_capabilities.h -@@ -574,8 +574,7 @@ void virQEMUCapsFilterByMachineType(virQEMUCapsPtr qemuCaps, - virFileCachePtr virQEMUCapsCacheNew(const char *libDir, - const char *cacheDir, - uid_t uid, -- gid_t gid, -- unsigned int microcodeVersion); -+ gid_t gid); - virQEMUCapsPtr virQEMUCapsCacheLookup(virFileCachePtr cache, - const char *binary); - virQEMUCapsPtr virQEMUCapsCacheLookupCopy(virFileCachePtr cache, -diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c -index a0f7c71..75f8699 100644 ---- a/src/qemu/qemu_driver.c -+++ b/src/qemu/qemu_driver.c -@@ -592,8 +592,6 @@ qemuStateInitialize(bool privileged, - char *hugepagePath = NULL; - char *memoryBackingPath = NULL; - size_t i; -- virCPUDefPtr hostCPU = NULL; -- unsigned int microcodeVersion = 0; - - if (VIR_ALLOC(qemu_driver) < 0) - return -1; -@@ -813,15 +811,10 @@ qemuStateInitialize(bool privileged, - run_gid = cfg->group; - } - -- if ((hostCPU = virCPUProbeHost(virArchFromHost()))) -- microcodeVersion = hostCPU->microcodeVersion; -- virCPUDefFree(hostCPU); -- - qemu_driver->qemuCapsCache = virQEMUCapsCacheNew(cfg->libDir, - cfg->cacheDir, - run_uid, -- run_gid, -- microcodeVersion); -+ run_gid); - if (!qemu_driver->qemuCapsCache) - goto error; - -diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c -index 8438613..4e53f03 100644 ---- a/tests/testutilsqemu.c -+++ b/tests/testutilsqemu.c -@@ -707,7 +707,7 @@ int qemuTestDriverInit(virQEMUDriver *driver) - - /* Using /dev/null for libDir and cacheDir automatically produces errors - * upon attempt to use any of them */ -- driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0, 0); -+ driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0); - if (!driver->qemuCapsCache) - goto error; - --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p1.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p1.patch deleted file mode 100644 index 45f51d4a..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p1.patch +++ /dev/null @@ -1,894 +0,0 @@ -From b15a3c9f9bd24d12082b5a6ea505eb3ea48137cb Mon Sep 17 00:00:00 2001 -From: Jiri Denemark <jdenemar@redhat.com> -Date: Fri, 5 Apr 2019 11:19:30 +0200 -Subject: [PATCH 03/11] cputest: Add data for Intel(R) Xeon(R) CPU E3-1225 v5 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Jiri Denemark <jdenemar@redhat.com> -(cherry picked from commit 5cd9db3ac11e88846cbcf95fad9f6fae9d880dee) - -CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 - -Conflicts: - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml - - intel-pt feature is missing - - stibp feature is missing - -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> - -Upstream-Status: Backport - -CVE: CVE-2018-12126 -CVE: CVE-2018-12127 -CVE: CVE-2018-12130 -CVE: CVE-2019-11091 - -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - tests/cputest.c | 1 + - .../x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml | 7 + - .../x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml | 8 + - .../x86_64-cpuid-Xeon-E3-1225-v5-guest.xml | 26 + - .../x86_64-cpuid-Xeon-E3-1225-v5-host.xml | 27 + - .../x86_64-cpuid-Xeon-E3-1225-v5-json.xml | 10 + - .../cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json | 652 +++++++++++++++++++++ - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig | 4 + - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml | 47 ++ - 9 files changed, 782 insertions(+) - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml - -diff --git a/tests/cputest.c b/tests/cputest.c -index baf2b3c..fbb2a86 100644 ---- a/tests/cputest.c -+++ b/tests/cputest.c -@@ -1190,6 +1190,7 @@ mymain(void) - DO_TEST_CPUID(VIR_ARCH_X86_64, "Phenom-B95", JSON_HOST); - DO_TEST_CPUID(VIR_ARCH_X86_64, "Ryzen-7-1800X-Eight-Core", JSON_HOST); - DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-5110", JSON_NONE); -+ DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E3-1225-v5", JSON_MODELS); - DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E3-1245-v5", JSON_MODELS); - DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E5-2609-v3", JSON_MODELS); - DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E5-2623-v4", JSON_MODELS); -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml -new file mode 100644 -index 0000000..ce51903 ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml -@@ -0,0 +1,7 @@ -+<!-- Features disabled by QEMU --> -+<cpudata arch='x86'> -+ <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x0800c1fc' edx='0xb0600000'/> -+ <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x02000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000008' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x80000007' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000100'/> -+</cpudata> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml -new file mode 100644 -index 0000000..0deca9f ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml -@@ -0,0 +1,8 @@ -+<!-- Features enabled by QEMU --> -+<cpudata arch='x86'> -+ <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/> -+ <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/> -+</cpudata> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml -new file mode 100644 -index 0000000..993db80 ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml -@@ -0,0 +1,26 @@ -+<cpu mode='custom' match='exact'> -+ <model fallback='forbid'>Skylake-Client-IBRS</model> -+ <vendor>Intel</vendor> -+ <feature policy='require' name='ds'/> -+ <feature policy='require' name='acpi'/> -+ <feature policy='require' name='ss'/> -+ <feature policy='require' name='ht'/> -+ <feature policy='require' name='tm'/> -+ <feature policy='require' name='pbe'/> -+ <feature policy='require' name='dtes64'/> -+ <feature policy='require' name='monitor'/> -+ <feature policy='require' name='ds_cpl'/> -+ <feature policy='require' name='vmx'/> -+ <feature policy='require' name='smx'/> -+ <feature policy='require' name='est'/> -+ <feature policy='require' name='tm2'/> -+ <feature policy='require' name='xtpr'/> -+ <feature policy='require' name='pdcm'/> -+ <feature policy='require' name='osxsave'/> -+ <feature policy='require' name='tsc_adjust'/> -+ <feature policy='require' name='clflushopt'/> -+ <feature policy='require' name='ssbd'/> -+ <feature policy='require' name='xsaves'/> -+ <feature policy='require' name='pdpe1gb'/> -+ <feature policy='require' name='invtsc'/> -+</cpu> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml -new file mode 100644 -index 0000000..074a39b ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml -@@ -0,0 +1,27 @@ -+<cpu> -+ <arch>x86_64</arch> -+ <model>Skylake-Client-IBRS</model> -+ <vendor>Intel</vendor> -+ <feature name='ds'/> -+ <feature name='acpi'/> -+ <feature name='ss'/> -+ <feature name='ht'/> -+ <feature name='tm'/> -+ <feature name='pbe'/> -+ <feature name='dtes64'/> -+ <feature name='monitor'/> -+ <feature name='ds_cpl'/> -+ <feature name='vmx'/> -+ <feature name='smx'/> -+ <feature name='est'/> -+ <feature name='tm2'/> -+ <feature name='xtpr'/> -+ <feature name='pdcm'/> -+ <feature name='osxsave'/> -+ <feature name='tsc_adjust'/> -+ <feature name='clflushopt'/> -+ <feature name='ssbd'/> -+ <feature name='xsaves'/> -+ <feature name='pdpe1gb'/> -+ <feature name='invtsc'/> -+</cpu> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml -new file mode 100644 -index 0000000..1984bd4 ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml -@@ -0,0 +1,10 @@ -+<cpu mode='custom' match='exact'> -+ <model fallback='forbid'>Skylake-Client-IBRS</model> -+ <vendor>Intel</vendor> -+ <feature policy='require' name='ss'/> -+ <feature policy='require' name='hypervisor'/> -+ <feature policy='require' name='tsc_adjust'/> -+ <feature policy='require' name='clflushopt'/> -+ <feature policy='require' name='ssbd'/> -+ <feature policy='require' name='pdpe1gb'/> -+</cpu> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json -new file mode 100644 -index 0000000..0847475 ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json -@@ -0,0 +1,652 @@ -+{ -+ "return": { -+ "model": { -+ "name": "base", -+ "props": { -+ "phys-bits": 0, -+ "core-id": -1, -+ "xlevel": 2147483656, -+ "cmov": true, -+ "ia64": false, -+ "aes": true, -+ "mmx": true, -+ "rdpid": false, -+ "arat": true, -+ "gfni": false, -+ "pause-filter": false, -+ "xsavec": true, -+ "intel-pt": false, -+ "osxsave": false, -+ "hv-frequencies": false, -+ "tsc-frequency": 0, -+ "xd": true, -+ "hv-vendor-id": "", -+ "kvm-asyncpf": true, -+ "kvm_asyncpf": true, -+ "perfctr_core": false, -+ "perfctr-core": false, -+ "mpx": true, -+ "pbe": false, -+ "decodeassists": false, -+ "avx512cd": false, -+ "sse4_1": true, -+ "sse4.1": true, -+ "sse4-1": true, -+ "family": 6, -+ "legacy-cache": true, -+ "vmware-cpuid-freq": true, -+ "avx512f": false, -+ "msr": true, -+ "mce": true, -+ "mca": true, -+ "hv-runtime": false, -+ "xcrypt": false, -+ "thread-id": -1, -+ "min-level": 13, -+ "xgetbv1": true, -+ "cid": false, -+ "hv-relaxed": false, -+ "hv-crash": false, -+ "ds": false, -+ "fxsr": true, -+ "xsaveopt": true, -+ "xtpr": false, -+ "avx512vl": false, -+ "avx512-vpopcntdq": false, -+ "phe": false, -+ "extapic": false, -+ "3dnowprefetch": true, -+ "avx512vbmi2": false, -+ "cr8legacy": false, -+ "stibp": true, -+ "cpuid-0xb": true, -+ "xcrypt-en": false, -+ "kvm_pv_eoi": true, -+ "apic-id": 4294967295, -+ "pn": false, -+ "dca": false, -+ "vendor": "GenuineIntel", -+ "pku": false, -+ "smx": false, -+ "cmp_legacy": false, -+ "cmp-legacy": false, -+ "node-id": -1, -+ "avx512-4fmaps": false, -+ "vmcb_clean": false, -+ "vmcb-clean": false, -+ "3dnowext": false, -+ "hle": true, -+ "npt": false, -+ "memory": "/machine/unattached/system[0]", -+ "clwb": false, -+ "lbrv": false, -+ "adx": true, -+ "ss": true, -+ "pni": true, -+ "svm_lock": false, -+ "svm-lock": false, -+ "pfthreshold": false, -+ "smep": true, -+ "smap": true, -+ "x2apic": true, -+ "avx512vbmi": false, -+ "avx512vnni": false, -+ "hv-stimer": false, -+ "i64": true, -+ "flushbyasid": false, -+ "f16c": true, -+ "ace2-en": false, -+ "pat": true, -+ "pae": true, -+ "sse": true, -+ "phe-en": false, -+ "kvm_nopiodelay": true, -+ "kvm-nopiodelay": true, -+ "tm": false, -+ "kvmclock-stable-bit": true, -+ "hypervisor": true, -+ "socket-id": -1, -+ "pcommit": false, -+ "syscall": true, -+ "level": 13, -+ "avx512dq": false, -+ "svm": false, -+ "full-cpuid-auto-level": true, -+ "hv-reset": false, -+ "invtsc": false, -+ "sse3": true, -+ "sse2": true, -+ "ssbd": true, -+ "est": false, -+ "avx512ifma": false, -+ "tm2": false, -+ "kvm-pv-eoi": true, -+ "cx8": true, -+ "kvm_mmu": false, -+ "kvm-mmu": false, -+ "sse4_2": true, -+ "sse4.2": true, -+ "sse4-2": true, -+ "pge": true, -+ "fill-mtrr-mask": true, -+ "avx512bitalg": false, -+ "nodeid_msr": false, -+ "pdcm": false, -+ "movbe": true, -+ "model": 94, -+ "nrip_save": false, -+ "nrip-save": false, -+ "kvm_pv_unhalt": true, -+ "ssse3": true, -+ "sse4a": false, -+ "invpcid": true, -+ "pdpe1gb": true, -+ "tsc-deadline": true, -+ "fma": true, -+ "cx16": true, -+ "de": true, -+ "enforce": false, -+ "stepping": 3, -+ "xsave": true, -+ "clflush": true, -+ "skinit": false, -+ "tsc": true, -+ "tce": false, -+ "fpu": true, -+ "ibs": false, -+ "ds_cpl": false, -+ "ds-cpl": false, -+ "host-phys-bits": true, -+ "fma4": false, -+ "la57": false, -+ "osvw": false, -+ "check": true, -+ "hv-spinlocks": -1, -+ "pmu": false, -+ "pmm": false, -+ "apic": true, -+ "spec-ctrl": true, -+ "min-xlevel2": 0, -+ "tsc-adjust": true, -+ "tsc_adjust": true, -+ "kvm-steal-time": true, -+ "kvm_steal_time": true, -+ "kvmclock": true, -+ "l3-cache": true, -+ "lwp": false, -+ "ibpb": false, -+ "xop": false, -+ "avx": true, -+ "ospke": false, -+ "ace2": false, -+ "avx512bw": false, -+ "acpi": false, -+ "hv-vapic": false, -+ "fsgsbase": true, -+ "ht": false, -+ "nx": true, -+ "pclmulqdq": true, -+ "mmxext": false, -+ "vaes": false, -+ "popcnt": true, -+ "xsaves": false, -+ "tcg-cpuid": true, -+ "lm": true, -+ "umip": false, -+ "pse": true, -+ "avx2": true, -+ "sep": true, -+ "pclmuldq": true, -+ "virt-ssbd": false, -+ "x-hv-max-vps": -1, -+ "nodeid-msr": false, -+ "md-clear": true, -+ "kvm": true, -+ "misalignsse": false, -+ "min-xlevel": 2147483656, -+ "kvm-pv-unhalt": true, -+ "bmi2": true, -+ "bmi1": true, -+ "realized": false, -+ "tsc_scale": false, -+ "tsc-scale": false, -+ "topoext": false, -+ "hv-vpindex": false, -+ "xlevel2": 0, -+ "clflushopt": true, -+ "kvm-no-smi-migration": false, -+ "monitor": false, -+ "avx512er": false, -+ "pmm-en": false, -+ "pcid": true, -+ "3dnow": false, -+ "erms": true, -+ "lahf-lm": true, -+ "lahf_lm": true, -+ "vpclmulqdq": false, -+ "fxsr-opt": false, -+ "hv-synic": false, -+ "xstore": false, -+ "fxsr_opt": false, -+ "kvm-hint-dedicated": false, -+ "rtm": true, -+ "lmce": true, -+ "hv-time": false, -+ "perfctr-nb": false, -+ "perfctr_nb": false, -+ "ffxsr": false, -+ "rdrand": true, -+ "rdseed": true, -+ "avx512-4vnniw": false, -+ "vmx": false, -+ "vme": true, -+ "dtes64": false, -+ "mtrr": true, -+ "rdtscp": true, -+ "pse36": true, -+ "kvm-pv-tlb-flush": false, -+ "tbm": false, -+ "wdt": false, -+ "pause_filter": false, -+ "sha-ni": false, -+ "model-id": "Intel(R) Xeon(R) CPU E3-1225 v5 @ 3.30GHz", -+ "abm": true, -+ "avx512pf": false, -+ "xstore-en": false -+ } -+ } -+ }, -+ "id": "model-expansion" -+} -+ -+{ -+ "return": [ -+ { -+ "name": "max", -+ "typename": "max-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": false -+ }, -+ { -+ "name": "host", -+ "typename": "host-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": false -+ }, -+ { -+ "name": "base", -+ "typename": "base-x86_64-cpu", -+ "unavailable-features": [], -+ "static": true, -+ "migration-safe": true -+ }, -+ { -+ "name": "qemu64", -+ "typename": "qemu64-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "qemu32", -+ "typename": "qemu32-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "phenom", -+ "typename": "phenom-x86_64-cpu", -+ "unavailable-features": [ -+ "mmxext", -+ "fxsr-opt", -+ "3dnowext", -+ "3dnow", -+ "sse4a", -+ "npt" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "pentium3", -+ "typename": "pentium3-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "pentium2", -+ "typename": "pentium2-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "pentium", -+ "typename": "pentium-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "n270", -+ "typename": "n270-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "kvm64", -+ "typename": "kvm64-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "kvm32", -+ "typename": "kvm32-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "cpu64-rhel6", -+ "typename": "cpu64-rhel6-x86_64-cpu", -+ "unavailable-features": [ -+ "sse4a" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "coreduo", -+ "typename": "coreduo-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "core2duo", -+ "typename": "core2duo-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "athlon", -+ "typename": "athlon-x86_64-cpu", -+ "unavailable-features": [ -+ "mmxext", -+ "3dnowext", -+ "3dnow" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Westmere", -+ "typename": "Westmere-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Westmere-IBRS", -+ "typename": "Westmere-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Skylake-Server", -+ "typename": "Skylake-Server-x86_64-cpu", -+ "unavailable-features": [ -+ "avx512f", -+ "avx512dq", -+ "clwb", -+ "avx512cd", -+ "avx512bw", -+ "avx512vl", -+ "avx512f", -+ "avx512f", -+ "avx512f" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Skylake-Server-IBRS", -+ "typename": "Skylake-Server-IBRS-x86_64-cpu", -+ "unavailable-features": [ -+ "avx512f", -+ "avx512dq", -+ "clwb", -+ "avx512cd", -+ "avx512bw", -+ "avx512vl", -+ "avx512f", -+ "avx512f", -+ "avx512f" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Skylake-Client", -+ "typename": "Skylake-Client-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Skylake-Client-IBRS", -+ "typename": "Skylake-Client-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "SandyBridge", -+ "typename": "SandyBridge-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "SandyBridge-IBRS", -+ "typename": "SandyBridge-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Penryn", -+ "typename": "Penryn-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Opteron_G5", -+ "typename": "Opteron_G5-x86_64-cpu", -+ "unavailable-features": [ -+ "sse4a", -+ "misalignsse", -+ "xop", -+ "fma4", -+ "tbm" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Opteron_G4", -+ "typename": "Opteron_G4-x86_64-cpu", -+ "unavailable-features": [ -+ "sse4a", -+ "misalignsse", -+ "xop", -+ "fma4" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Opteron_G3", -+ "typename": "Opteron_G3-x86_64-cpu", -+ "unavailable-features": [ -+ "sse4a", -+ "misalignsse" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Opteron_G2", -+ "typename": "Opteron_G2-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Opteron_G1", -+ "typename": "Opteron_G1-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Nehalem", -+ "typename": "Nehalem-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Nehalem-IBRS", -+ "typename": "Nehalem-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "IvyBridge", -+ "typename": "IvyBridge-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "IvyBridge-IBRS", -+ "typename": "IvyBridge-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Haswell", -+ "typename": "Haswell-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Haswell-noTSX", -+ "typename": "Haswell-noTSX-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Haswell-noTSX-IBRS", -+ "typename": "Haswell-noTSX-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Haswell-IBRS", -+ "typename": "Haswell-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "EPYC", -+ "typename": "EPYC-x86_64-cpu", -+ "unavailable-features": [ -+ "sha-ni", -+ "mmxext", -+ "fxsr-opt", -+ "cr8legacy", -+ "sse4a", -+ "misalignsse", -+ "osvw" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "EPYC-IBPB", -+ "typename": "EPYC-IBPB-x86_64-cpu", -+ "unavailable-features": [ -+ "sha-ni", -+ "mmxext", -+ "fxsr-opt", -+ "cr8legacy", -+ "sse4a", -+ "misalignsse", -+ "osvw", -+ "ibpb" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Conroe", -+ "typename": "Conroe-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Broadwell", -+ "typename": "Broadwell-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Broadwell-noTSX", -+ "typename": "Broadwell-noTSX-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Broadwell-noTSX-IBRS", -+ "typename": "Broadwell-noTSX-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Broadwell-IBRS", -+ "typename": "Broadwell-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "486", -+ "typename": "486-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ } -+ ], -+ "id": "definitions" -+} -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig -new file mode 100644 -index 0000000..7e57c2d ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig -@@ -0,0 +1,4 @@ -+0506e3 -+family: 6 (0x06) -+model: 94 (0x5e) -+stepping: 3 (0x03) -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml -new file mode 100644 -index 0000000..437429d ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml -@@ -0,0 +1,47 @@ -+<!-- Intel(R) Xeon(R) CPU E3-1225 v5 @ 3.30GHz --> -+<cpudata arch='x86'> -+ <cpuid eax_in='0x00000000' ecx_in='0x00' eax='0x00000016' ebx='0x756e6547' ecx='0x6c65746e' edx='0x49656e69'/> -+ <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x000506e3' ebx='0x06100800' ecx='0x7ffafbff' edx='0xbfebfbff'/> -+ <cpuid eax_in='0x00000002' ecx_in='0x00' eax='0x76036301' ebx='0x00f0b6ff' ecx='0x00000000' edx='0x00c30000'/> -+ <cpuid eax_in='0x00000003' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000004' ecx_in='0x00' eax='0x1c004121' ebx='0x01c0003f' ecx='0x0000003f' edx='0x00000000'/> -+ <cpuid eax_in='0x00000004' ecx_in='0x01' eax='0x1c004122' ebx='0x01c0003f' ecx='0x0000003f' edx='0x00000000'/> -+ <cpuid eax_in='0x00000004' ecx_in='0x02' eax='0x1c004143' ebx='0x00c0003f' ecx='0x000003ff' edx='0x00000000'/> -+ <cpuid eax_in='0x00000004' ecx_in='0x03' eax='0x1c03c163' ebx='0x03c0003f' ecx='0x00001fff' edx='0x00000006'/> -+ <cpuid eax_in='0x00000005' ecx_in='0x00' eax='0x00000040' ebx='0x00000040' ecx='0x00000003' edx='0x00142120'/> -+ <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x000027f7' ebx='0x00000002' ecx='0x00000009' edx='0x00000000'/> -+ <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x029c6fbf' ecx='0x00000000' edx='0x9c002400'/> -+ <cpuid eax_in='0x00000008' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000009' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000a' ecx_in='0x00' eax='0x07300804' ebx='0x00000000' ecx='0x00000000' edx='0x00000603'/> -+ <cpuid eax_in='0x0000000b' ecx_in='0x00' eax='0x00000001' ebx='0x00000001' ecx='0x00000100' edx='0x00000006'/> -+ <cpuid eax_in='0x0000000b' ecx_in='0x01' eax='0x00000004' ebx='0x00000004' ecx='0x00000201' edx='0x00000006'/> -+ <cpuid eax_in='0x0000000c' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x00' eax='0x0000001f' ebx='0x00000440' ecx='0x00000440' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x0000000f' ebx='0x000003c0' ecx='0x00000100' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x02' eax='0x00000100' ebx='0x00000240' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x03' eax='0x00000040' ebx='0x000003c0' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x04' eax='0x00000040' ebx='0x00000400' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x08' eax='0x00000080' ebx='0x00000000' ecx='0x00000001' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000e' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000f' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000010' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000011' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000012' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000013' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000014' ecx_in='0x00' eax='0x00000001' ebx='0x0000000f' ecx='0x00000007' edx='0x00000000'/> -+ <cpuid eax_in='0x00000014' ecx_in='0x01' eax='0x02490002' ebx='0x003f3fff' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000015' ecx_in='0x00' eax='0x00000002' ebx='0x00000114' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000016' ecx_in='0x00' eax='0x00000ce4' ebx='0x00000e74' ecx='0x00000064' edx='0x00000000'/> -+ <cpuid eax_in='0x80000000' ecx_in='0x00' eax='0x80000008' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/> -+ <cpuid eax_in='0x80000002' ecx_in='0x00' eax='0x65746e49' ebx='0x2952286c' ecx='0x6f655820' edx='0x2952286e'/> -+ <cpuid eax_in='0x80000003' ecx_in='0x00' eax='0x55504320' ebx='0x2d334520' ecx='0x35323231' edx='0x20357620'/> -+ <cpuid eax_in='0x80000004' ecx_in='0x00' eax='0x2e332040' ebx='0x48473033' ecx='0x0000007a' edx='0x00000000'/> -+ <cpuid eax_in='0x80000005' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x80000006' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x01006040' edx='0x00000000'/> -+ <cpuid eax_in='0x80000007' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000100'/> -+ <cpuid eax_in='0x80000008' ecx_in='0x00' eax='0x00003027' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x80860000' ecx_in='0x00' eax='0x00000ce4' ebx='0x00000e74' ecx='0x00000064' edx='0x00000000'/> -+ <cpuid eax_in='0xc0000000' ecx_in='0x00' eax='0x00000ce4' ebx='0x00000e74' ecx='0x00000064' edx='0x00000000'/> -+</cpudata> --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch deleted file mode 100644 index b39e8662..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch +++ /dev/null @@ -1,116 +0,0 @@ -From c811c618c114c4a6493ede602bdca22d33c1972a Mon Sep 17 00:00:00 2001 -From: Jiri Denemark <jdenemar@redhat.com> -Date: Tue, 9 Apr 2019 12:35:52 +0200 -Subject: [PATCH 04/11] cpu_map: Define md-clear CPUID bit -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 - -The bit is set when microcode provides the mechanism to invoke a flush -of various exploitable CPU buffers by invoking the VERW instruction. - -Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> -Signed-off-by: Jiri Denemark <jdenemar@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit 538d873571d7a682852dc1d70e5f4478f4d64e85) - -Conflicts: - src/cpu_map/x86_features.xml - - missing pconfig feature - - tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml - tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml - - test data missing downstream - - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml - - intel-pt feature is missing - - stibp feature is missing - -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> - -Upstream-Status: Backport - -CVE: CVE-2018-12126 -CVE: CVE-2018-12127 -CVE: CVE-2018-12130 -CVE: CVE-2019-11091 - -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/cpu_map/x86_features.xml | 3 +++ - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml | 2 +- - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml | 1 + - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml | 1 + - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml | 1 + - 5 files changed, 7 insertions(+), 1 deletion(-) - -diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml -index 109c653..c8ae540 100644 ---- a/src/cpu_map/x86_features.xml -+++ b/src/cpu_map/x86_features.xml -@@ -290,6 +290,9 @@ - <feature name='avx512-4fmaps'> - <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/> - </feature> -+ <feature name='md-clear'> <!-- md_clear --> -+ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/> -+ </feature> - <feature name='spec-ctrl'> - <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/> - </feature> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml -index 0deca9f..74763a4 100644 ---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml -@@ -2,7 +2,7 @@ - <cpudata arch='x86'> - <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/> - <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -- <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/> -+ <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000400'/> - <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> - <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/> - </cpudata> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml -index 993db80..29c1fdb 100644 ---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml -@@ -19,6 +19,7 @@ - <feature policy='require' name='osxsave'/> - <feature policy='require' name='tsc_adjust'/> - <feature policy='require' name='clflushopt'/> -+ <feature policy='require' name='md-clear'/> - <feature policy='require' name='ssbd'/> - <feature policy='require' name='xsaves'/> - <feature policy='require' name='pdpe1gb'/> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml -index 074a39b..2003ca9 100644 ---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml -@@ -20,6 +20,7 @@ - <feature name='osxsave'/> - <feature name='tsc_adjust'/> - <feature name='clflushopt'/> -+ <feature name='md-clear'/> - <feature name='ssbd'/> - <feature name='xsaves'/> - <feature name='pdpe1gb'/> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml -index 1984bd4..d6529c5 100644 ---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml -@@ -5,6 +5,7 @@ - <feature policy='require' name='hypervisor'/> - <feature policy='require' name='tsc_adjust'/> - <feature policy='require' name='clflushopt'/> -+ <feature policy='require' name='md-clear'/> - <feature policy='require' name='ssbd'/> - <feature policy='require' name='pdpe1gb'/> - </cpu> --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch deleted file mode 100644 index 11c1c5df..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch +++ /dev/null @@ -1,63 +0,0 @@ -From dfd22fc50f8f268b9810d2ef21adada021f740eb Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> -Date: Tue, 30 Apr 2019 17:26:13 +0100 -Subject: [PATCH 05/11] admin: reject clients unless their UID matches the - current UID -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The admin protocol RPC messages are only intended for use by the user -running the daemon. As such they should not be allowed for any client -UID that does not match the server UID. - -Fixes CVE-2019-10132 - -Reviewed-by: Ján Tomko <jtomko@redhat.com> -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7) - -Upstream-Status: Backport -CVE: CVE-2019-10132 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/admin/admin_server_dispatch.c | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c -index b78ff90..9f25813 100644 ---- a/src/admin/admin_server_dispatch.c -+++ b/src/admin/admin_server_dispatch.c -@@ -66,6 +66,28 @@ remoteAdmClientNew(virNetServerClientPtr client ATTRIBUTE_UNUSED, - void *opaque) - { - struct daemonAdmClientPrivate *priv; -+ uid_t clientuid; -+ gid_t clientgid; -+ pid_t clientpid; -+ unsigned long long timestamp; -+ -+ if (virNetServerClientGetUNIXIdentity(client, -+ &clientuid, -+ &clientgid, -+ &clientpid, -+ ×tamp) < 0) -+ return NULL; -+ -+ VIR_DEBUG("New client pid %lld uid %lld", -+ (long long)clientpid, -+ (long long)clientuid); -+ -+ if (geteuid() != clientuid) { -+ virReportRestrictedError(_("Disallowing client %lld with uid %lld"), -+ (long long)clientpid, -+ (long long)clientuid); -+ return NULL; -+ } - - if (VIR_ALLOC(priv) < 0) - return NULL; --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch deleted file mode 100644 index 860c1e53..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 54005b84b0165b62b2ef88c7df229bddbaa29e76 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> -Date: Tue, 30 Apr 2019 16:51:37 +0100 -Subject: [PATCH 06/11] locking: restrict sockets to mode 0600 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The virtlockd daemon's only intended client is the libvirtd daemon. As -such it should never allow clients from other user accounts to connect. -The code already enforces this and drops clients from other UIDs, but -we can get earlier (and thus stronger) protection against DoS by setting -the socket permissions to 0600 - -Fixes CVE-2019-10132 - -Reviewed-by: Ján Tomko <jtomko@redhat.com> -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit f111e09468693909b1f067aa575efdafd9a262a1) - -Upstream-Status: Backport -CVE: CVE-2019-10132 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/locking/virtlockd-admin.socket.in | 1 + - src/locking/virtlockd.socket.in | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/src/locking/virtlockd-admin.socket.in b/src/locking/virtlockd-admin.socket.in -index 2a7500f..f674c49 100644 ---- a/src/locking/virtlockd-admin.socket.in -+++ b/src/locking/virtlockd-admin.socket.in -@@ -5,6 +5,7 @@ Before=libvirtd.service - [Socket] - ListenStream=@localstatedir@/run/libvirt/virtlockd-admin-sock - Service=virtlockd.service -+SocketMode=0600 - - [Install] - WantedBy=sockets.target -diff --git a/src/locking/virtlockd.socket.in b/src/locking/virtlockd.socket.in -index 45e0f20..d701b27 100644 ---- a/src/locking/virtlockd.socket.in -+++ b/src/locking/virtlockd.socket.in -@@ -4,6 +4,7 @@ Before=libvirtd.service - - [Socket] - ListenStream=@localstatedir@/run/libvirt/virtlockd-sock -+SocketMode=0600 - - [Install] - WantedBy=sockets.target --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch deleted file mode 100644 index ddd0740e..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 030fdf57255f97289a407529194bf26c77548acb Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> -Date: Tue, 30 Apr 2019 17:27:41 +0100 -Subject: [PATCH 07/11] logging: restrict sockets to mode 0600 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The virtlogd daemon's only intended client is the libvirtd daemon. As -such it should never allow clients from other user accounts to connect. -The code already enforces this and drops clients from other UIDs, but -we can get earlier (and thus stronger) protection against DoS by setting -the socket permissions to 0600 - -Fixes CVE-2019-10132 - -Reviewed-by: Ján Tomko <jtomko@redhat.com> -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit e37bd65f9948c1185456b2cdaa3bd6e875af680f) - -Upstream-Status: Backport -CVE: CVE-2019-10132 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/logging/virtlogd-admin.socket.in | 1 + - src/logging/virtlogd.socket.in | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/src/logging/virtlogd-admin.socket.in b/src/logging/virtlogd-admin.socket.in -index 595e6c4..5c41dfe 100644 ---- a/src/logging/virtlogd-admin.socket.in -+++ b/src/logging/virtlogd-admin.socket.in -@@ -5,6 +5,7 @@ Before=libvirtd.service - [Socket] - ListenStream=@localstatedir@/run/libvirt/virtlogd-admin-sock - Service=virtlogd.service -+SocketMode=0600 - - [Install] - WantedBy=sockets.target -diff --git a/src/logging/virtlogd.socket.in b/src/logging/virtlogd.socket.in -index 22b9360..ae48cda 100644 ---- a/src/logging/virtlogd.socket.in -+++ b/src/logging/virtlogd.socket.in -@@ -4,6 +4,7 @@ Before=libvirtd.service - - [Socket] - ListenStream=@localstatedir@/run/libvirt/virtlogd-sock -+SocketMode=0600 - - [Install] - WantedBy=sockets.target --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch deleted file mode 100644 index 118ece4c..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch +++ /dev/null @@ -1,99 +0,0 @@ -From 3352c8af264a7b9b741208790ecca0bbc6733f42 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> -Date: Fri, 14 Jun 2019 08:47:42 +0200 -Subject: [PATCH 08/11] api: disallow virDomainSaveImageGetXMLDesc on read-only - connections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The virDomainSaveImageGetXMLDesc API is taking a path parameter, -which can point to any path on the system. This file will then be -read and parsed by libvirtd running with root privileges. - -Forbid it on read-only connections. - -Fixes: CVE-2019-10161 -Reported-by: Matthias Gerstner <mgerstner@suse.de> -Signed-off-by: Ján Tomko <jtomko@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit aed6a032cead4386472afb24b16196579e239580) -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Conflicts: - src/libvirt-domain.c - src/remote/remote_protocol.x - -Upstream commit 12a51f372 which introduced the VIR_DOMAIN_SAVE_IMAGE_XML_SECURE -alias for VIR_DOMAIN_XML_SECURE is not backported. -Just skip the commit since we now disallow the whole API on read-only -connections, regardless of the flag. - -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-10161 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/libvirt-domain.c | 11 ++--------- - src/qemu/qemu_driver.c | 2 +- - src/remote/remote_protocol.x | 3 +-- - 3 files changed, 4 insertions(+), 12 deletions(-) - -Index: libvirt-4.7.0/src/libvirt-domain.c -=================================================================== ---- libvirt-4.7.0.orig/src/libvirt-domain.c -+++ libvirt-4.7.0/src/libvirt-domain.c -@@ -1073,9 +1073,7 @@ virDomainRestoreFlags(virConnectPtr conn - * previously by virDomainSave() or virDomainSaveFlags(). - * - * No security-sensitive data will be included unless @flags contains -- * VIR_DOMAIN_XML_SECURE; this flag is rejected on read-only -- * connections. For this API, @flags should not contain either -- * VIR_DOMAIN_XML_INACTIVE or VIR_DOMAIN_XML_UPDATE_CPU. -+ * VIR_DOMAIN_XML_SECURE. - * - * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of - * error. The caller must free() the returned value. -@@ -1091,12 +1089,7 @@ virDomainSaveImageGetXMLDesc(virConnectP - - virCheckConnectReturn(conn, NULL); - virCheckNonNullArgGoto(file, error); -- -- if ((conn->flags & VIR_CONNECT_RO) && (flags & VIR_DOMAIN_XML_SECURE)) { -- virReportError(VIR_ERR_OPERATION_DENIED, "%s", -- _("virDomainSaveImageGetXMLDesc with secure flag")); -- goto error; -- } -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->domainSaveImageGetXMLDesc) { - char *ret; -Index: libvirt-4.7.0/src/qemu/qemu_driver.c -=================================================================== ---- libvirt-4.7.0.orig/src/qemu/qemu_driver.c -+++ libvirt-4.7.0/src/qemu/qemu_driver.c -@@ -6791,7 +6791,7 @@ qemuDomainSaveImageGetXMLDesc(virConnect - if (fd < 0) - goto cleanup; - -- if (virDomainSaveImageGetXMLDescEnsureACL(conn, def, flags) < 0) -+ if (virDomainSaveImageGetXMLDescEnsureACL(conn, def) < 0) - goto cleanup; - - ret = qemuDomainDefFormatXML(driver, def, flags); -Index: libvirt-4.7.0/src/remote/remote_protocol.x -=================================================================== ---- libvirt-4.7.0.orig/src/remote/remote_protocol.x -+++ libvirt-4.7.0/src/remote/remote_protocol.x -@@ -5226,8 +5226,7 @@ enum remote_procedure { - /** - * @generate: both - * @priority: high -- * @acl: domain:read -- * @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE -+ * @acl: domain:write - */ - REMOTE_PROC_DOMAIN_SAVE_IMAGE_GET_XML_DESC = 235, - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch deleted file mode 100644 index 12ab5436..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 6da721ea37bf3624ff9922637cfa657d2dcb20f9 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> -Date: Fri, 14 Jun 2019 09:14:53 +0200 -Subject: [PATCH 09/11] api: disallow virDomainManagedSaveDefineXML on - read-only connections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The virDomainManagedSaveDefineXML can be used to alter the domain's -config used for managedsave or even execute arbitrary emulator binaries. -Forbid it on read-only connections. - -Fixes: CVE-2019-10166 -Reported-by: Matthias Gerstner <mgerstner@suse.de> -Signed-off-by: Ján Tomko <jtomko@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit db0b78457f183e4c7ac45bc94de86044a1e2056a) -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-10166 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/libvirt-domain.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c -index 270e10e..5c764aa 100644 ---- a/src/libvirt-domain.c -+++ b/src/libvirt-domain.c -@@ -9482,6 +9482,7 @@ virDomainManagedSaveDefineXML(virDomainPtr domain, const char *dxml, - - virCheckDomainReturn(domain, -1); - conn = domain->conn; -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->domainManagedSaveDefineXML) { - int ret; --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch deleted file mode 100644 index 576f46c7..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 5441f05a42a90779b0df86518286bf527e94aafb Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> -Date: Fri, 14 Jun 2019 09:16:14 +0200 -Subject: [PATCH 10/11] api: disallow virConnectGetDomainCapabilities on - read-only connections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This API can be used to execute arbitrary emulators. -Forbid it on read-only connections. - -Fixes: CVE-2019-10167 -Signed-off-by: Ján Tomko <jtomko@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit 8afa68bac0cf99d1f8aaa6566685c43c22622f26) -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-10167 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/libvirt-domain.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c -index 5c764aa..9862a5d 100644 ---- a/src/libvirt-domain.c -+++ b/src/libvirt-domain.c -@@ -11274,6 +11274,7 @@ virConnectGetDomainCapabilities(virConnectPtr conn, - virResetLastError(); - - virCheckConnectReturn(conn, NULL); -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->connectGetDomainCapabilities) { - char *ret; --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch deleted file mode 100644 index 16f1a6d9..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch +++ /dev/null @@ -1,49 +0,0 @@ -From f5ace9c05d59b70d4899199a187cb32ec6f600d8 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> -Date: Fri, 14 Jun 2019 09:17:39 +0200 -Subject: [PATCH 11/11] api: disallow virConnect*HypervisorCPU on read-only - connections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -These APIs can be used to execute arbitrary emulators. -Forbid them on read-only connections. - -Fixes: CVE-2019-10168 -Signed-off-by: Ján Tomko <jtomko@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit bf6c2830b6c338b1f5699b095df36f374777b291) -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-10168 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/libvirt-host.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/src/libvirt-host.c b/src/libvirt-host.c -index e20d6ee..2978825 100644 ---- a/src/libvirt-host.c -+++ b/src/libvirt-host.c -@@ -1041,6 +1041,7 @@ virConnectCompareHypervisorCPU(virConnectPtr conn, - - virCheckConnectReturn(conn, VIR_CPU_COMPARE_ERROR); - virCheckNonNullArgGoto(xmlCPU, error); -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->connectCompareHypervisorCPU) { - int ret; -@@ -1234,6 +1235,7 @@ virConnectBaselineHypervisorCPU(virConnectPtr conn, - - virCheckConnectReturn(conn, NULL); - virCheckNonNullArgGoto(xmlCPUs, error); -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->connectBaselineHypervisorCPU) { - char *cpu; --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-3840.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-3840.patch deleted file mode 100644 index 8cca8216..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-3840.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 9ed175fbc2deecfdaeabca7bc77c7e7ae33a3377 Mon Sep 17 00:00:00 2001 -From: John Ferlan <jferlan@redhat.com> -Date: Fri, 7 Sep 2018 16:01:27 -0400 -Subject: [PATCH] qemu: Remove duplicated qemuAgentCheckError - -Commit 5b3492fadb moved qemuAgentCheckError calls into -qemuAgentCommand for various reasons; however, subsequent -commit 0977b8aa0 adding a new command made call again -So let's just remove the duplicitous call from -qemuAgentGetInterfaces. - -Signed-off-by: John Ferlan <jferlan@redhat.com> -ACKed-by: Michal Privoznik <mprivozn@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-3840 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/qemu/qemu_agent.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -Index: libvirt-4.7.0/src/qemu/qemu_agent.c -=================================================================== ---- libvirt-4.7.0.orig/src/qemu/qemu_agent.c -+++ libvirt-4.7.0/src/qemu/qemu_agent.c -@@ -1987,10 +1987,9 @@ qemuAgentGetInterfaces(qemuAgentPtr mon, - if (!(cmd = qemuAgentMakeCommand("guest-network-get-interfaces", NULL))) - goto cleanup; - -- if (qemuAgentCommand(mon, cmd, &reply, false, VIR_DOMAIN_QEMU_AGENT_COMMAND_BLOCK) < 0 || -- qemuAgentCheckError(cmd, reply) < 0) { -+ if (qemuAgentCommand(mon, cmd, &reply, false, -+ VIR_DOMAIN_QEMU_AGENT_COMMAND_BLOCK) < 0) - goto cleanup; -- } - - if (!(ret_array = virJSONValueObjectGet(reply, "return"))) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch index 0a9d5f48..eb75b5a4 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch @@ -1,4 +1,4 @@ -From f10477f0fe5e4b7487a4a41faa216d10cd2bc7c3 Mon Sep 17 00:00:00 2001 +From d074f34dd0fc671ab05367eda9cc7a965708fbed Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Thu, 10 May 2018 12:05:04 -0400 Subject: [PATCH] configure.ac: search for rpc/rpc.h in the sysroot @@ -10,20 +10,21 @@ for libtirpc's rpc.h header. Upstream-Status: Inappropriate [old release] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- m4/virt-xdr.m4 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/m4/virt-xdr.m4 b/m4/virt-xdr.m4 -index 5a6408c..6c19f6d 100644 +index 8375415..12b51f7 100644 --- a/m4/virt-xdr.m4 +++ b/m4/virt-xdr.m4 -@@ -33,10 +33,10 @@ if test x"$with_remote" = x"yes" || test x"$with_libvirtd" = x"yes"; then - dnl check for cygwin's variation in xdr function names - AC_CHECK_FUNCS([xdr_u_int64_t],[],[],[#include <rpc/xdr.h>]) +@@ -30,10 +30,10 @@ AC_DEFUN([LIBVIRT_CHECK_XDR], [ + ]) + with_xdr="yes" -- dnl Cygwin/recent glibc requires -I/usr/include/tirpc for <rpc/rpc.h> -+ dnl Cygwin/recent glibc requires -I=/usr/include/tirpc for <rpc/rpc.h> +- dnl Recent glibc requires -I/usr/include/tirpc for <rpc/rpc.h> ++ dnl Recent glibc requires -I=/usr/include/tirpc for <rpc/rpc.h> old_CFLAGS=$CFLAGS AC_CACHE_CHECK([where to find <rpc/rpc.h>], [lv_cv_xdr_cflags], [ - for add_CFLAGS in '' '-I/usr/include/tirpc' 'missing'; do @@ -31,6 +32,3 @@ index 5a6408c..6c19f6d 100644 if test x"$add_CFLAGS" = xmissing; then lv_cv_xdr_cflags=missing; break fi --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/gnutls-helper.py b/external/meta-virtualization/recipes-extended/libvirt/libvirt/gnutls-helper.py new file mode 100755 index 00000000..b9949469 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/gnutls-helper.py @@ -0,0 +1,136 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2019 Wind River Systems, Inc. +# +# SPDX-License-Identifier: GPL-2.0-only +# + +import os, sys, getopt + +banner = \ +'''\ +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!! "ip_address" field of server.info must be IP address of the server. !! +!! For more details, please refer to: !! +!! https://libvirt.org/remote.html#Remote_certificates !! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +Please deploy cacert.pem to CA and server and client /etc/pki/CA/cacert.pem +Please deploy serverkey.pem to server /etc/pki/libvirt/private/serverkey.pem +Please deploy servercert.pem to server /etc/pki/libvirt/servercert.pem +Please deploy clientkey.pem to client /etc/pki/libvirt/private/clientkey.pem +Please deploy clientcert.pem to client /etc/pki/libvirt/clientcert.pem" +''' + +if os.system('which certtool > /dev/null 2>&1') != 0: + print('certtool is not available. It is provided by \n\ +gnutls-bin on Yocto like Linux or \n\ +gnutls-bin on Debian like distribution or \n\ +gnutls-utils on Redhat like distribution.') + sys.exit() + +cainfo = "" +serverinfo = "" +clientinfo = "" +yes = 0 + +try: + opts, args = getopt.getopt(sys.argv[1:], "ha:b:c:y", ["help", "ca-info=", "server-info=", "client-info=", "yes"]) +except getopt.GetoptError: + print('Usage:\n{} [-a|--ca-info] <ca.info> [-b|--server-info] <server.info> [-c|--client-info] <client.info> [-y|--yes]'.format(sys.argv[0])) + print('If ca.info or server.info or client.info is not provided, a corresponding sample file will be generated.') + sys.exit(2) +for opt, arg in opts: + if opt in ("-h", "--help"): + print('Usage:\n{} [-a|--ca-info] <ca.info> [-b|--server-info] <server.info> [-c|--client-info] <client.info> [-y|--yes]'.format(sys.argv[0])) + print('If ca.info or server.info or client.info is not provided, a corresponding sample file will be generated.\n') + print(banner) + sys.exit() + elif opt in ("-a", "--ca-info"): + cainfo = arg + elif opt in ("-b", "--server-info"): + serverinfo = arg + elif opt in ("-c", "--client-info"): + clientinfo = arg + elif opt in ("-y", "--yes"): + yes = 1 + +cainfodefault = \ +'''cn = CA +ca +cert_signing_key +''' + +serverinfodefault = \ +'''organization = Organization +cn = Server +dns_name = DNS Name +ip_address = 127.0.0.1 +tls_www_server +encryption_key +signing_key +''' + +clientinfodefault = \ +'''country = Country +state = State +locality = Locality +organization = Organization +cn = Client +tls_www_client +encryption_key +signing_key +''' + +if not cainfo: + if yes == 0: + opt = input('{}\nca.info not provided by -a, the above will be used [y/n]?'.format(cainfodefault)) + if opt != 'y': + exit() + cainfo = "ca.info" + with open(cainfo, mode='w') as f: + f.write(cainfodefault) + +if not serverinfo: + if yes == 0: + opt = input('{}\nserver.info not provided by -b, the above will be used [y/n]?'.format(serverinfodefault)) + if opt != 'y': + exit() + serverinfo = "server.info" + with open(serverinfo, mode='w') as f: + f.write(serverinfodefault) + +if not clientinfo: + if yes == 0: + opt = input('{}\nclient.info not provided by -c, the above will be used [y/n]?'.format(clientinfodefault)) + if opt != 'y': + sys.exit() + clientinfo = "client.info" + with open(clientinfo, mode='w') as f: + f.write(clientinfodefault) + +if os.system("certtool --generate-privkey > cakey.pem") != 0: + print('ca private key failed.') + sys.exit() + +if os.system("certtool --generate-self-signed --load-privkey cakey.pem --template {} --outfile cacert.pem".format(cainfo)) != 0: + print('ca cert failed.') + sys.exit() + +if os.system("certtool --generate-privkey > serverkey.pem") != 0: + print('server private key failed.') + sys.exit() + +if os.system("certtool --generate-certificate --load-privkey serverkey.pem --load-ca-certificate cacert.pem --load-ca-privkey cakey.pem --template {} --outfile servercert.pem".format(serverinfo)) != 0: + print('server cert failed.') + sys.exit() + +if os.system("certtool --generate-privkey > clientkey.pem") != 0: + print('client private key failed.') + sys.exit() + +if os.system("certtool --generate-certificate --load-privkey clientkey.pem --load-ca-certificate cacert.pem --load-ca-privkey cakey.pem --template {} --outfile clientcert.pem".format(clientinfo)) != 0: + print('client cert failed.') + sys.exit() + +print(banner) diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/hook_support.py b/external/meta-virtualization/recipes-extended/libvirt/libvirt/hook_support.py new file mode 100755 index 00000000..7c5e2a94 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/hook_support.py @@ -0,0 +1,55 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2014 Wind River Systems, Inc. +# +# Description: Calls other scripts in order, so that there can be multiple +# scripts for a particular hook tied to libvirt. +# +# For example: If this script is called "qemu" and is in the +# "/etc/libvirt/hooks/" directory. This script will be called by libvirt +# when certain actions are performed on a qemu guest. This script then +# will in turn call any executable file in the same directory matching +# "qemu-" followed by at least one alpha-numeric character. The scripts +# are called in order (based on the python sorted function), and once any +# sub-script returns a non-zero exit code no futher scripts are called. +# This script passes any arguments it retrieves on the command line and a +# copy of stdin to the sub-scripts it calls. + +import os +import re +import subprocess +import sys + +def main(): + return_value = 0 + hook_name = os.path.basename( __file__ ) + try: + hook_dir = os.path.dirname( __file__ ) + hook_args = sys.argv + del hook_args[ 0 ] # Remove executable from argument list + + # Save stdin, so we can pass it to each sub-script. + if sys.stdin.isatty(): + stdin_save = [ "" ] + else: + stdin_save = sys.stdin.readlines() + # Match the name name of the hook + a dash + atleast + # one alpha-numeric character. + matcher = re.compile( "%s-\w+" % hook_name ) + for file_name in sorted( os.listdir( hook_dir ) ): + file_path = os.path.join( hook_dir, file_name ) + if matcher.match( file_name ) \ + and os.access( file_path, os.X_OK ) \ + and os.path.isfile( file_path ) \ + and return_value == 0: + cmd = [ file_path ] + hook_args + p = subprocess.Popen( cmd, stdin=subprocess.PIPE ) + p.communicate( input = ''.join( stdin_save ) )[0] + return_value = p.wait() + except Exception as e: + sys.stderr.write( "%s hook error: %s\n" % ( hook_name, str( e ) ) ) + return_value = 1 + return return_value + +if __name__ == '__main__': + sys.exit( main() ) diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/install-missing-file.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/install-missing-file.patch index cb5a20e3..f9341491 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/install-missing-file.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/install-missing-file.patch @@ -1,6 +1,6 @@ -From 0780181a3285511f166487a54ebc231fc657edfe Mon Sep 17 00:00:00 2001 -From: Catalin Enache <catalin.enache@windriver.com> -Date: Mon, 25 Jul 2016 16:38:51 +0300 +From 75c974d28133ff85d299b7a53427653c47513a45 Mon Sep 17 00:00:00 2001 +From: Dengke Du <dengke.du@windriver.com> +Date: Wed, 8 May 2019 17:24:17 +0800 Subject: [PATCH] Install missing conf file openvzutilstest.conf file is needed by openvzutilstest test. @@ -12,15 +12,18 @@ Signed-off-by: Catalin Enache <catalin.enache@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com> [MA: Update context for v4.3.0] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> +[DDU: Update context for v5.3.0] +Signed-off-by: Dengke Du <dengke.du@windriver.com> + --- tests/Makefile.am | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am -index 65f776e..8a6fd44 100644 +index 7a0aee3..380637d 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am -@@ -173,6 +173,7 @@ EXTRA_DIST = \ +@@ -172,6 +172,7 @@ EXTRA_DIST = \ $(NULL) test_helpers = commandhelper ssh @@ -28,7 +31,7 @@ index 65f776e..8a6fd44 100644 test_programs = virshtest sockettest \ virhostcputest virbuftest \ commandtest seclabeltest \ -@@ -305,6 +306,7 @@ endif WITH_LXC +@@ -310,6 +311,7 @@ endif WITH_LXC if WITH_OPENVZ test_programs += openvzutilstest @@ -36,7 +39,7 @@ index 65f776e..8a6fd44 100644 endif WITH_OPENVZ if WITH_ESX -@@ -1488,7 +1490,7 @@ endif ! WITH_CIL +@@ -1553,7 +1555,7 @@ endif ! WITH_LINUX buildtest-TESTS: $(TESTS) $(test_libraries) $(test_helpers) @@ -45,7 +48,3 @@ index 65f776e..8a6fd44 100644 install-ptest: list='$(TESTS) $(test_helpers) test-lib.sh virschematest' - --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt-use-pkg-config-to-locate-libcap.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt-use-pkg-config-to-locate-libcap.patch index 635d1e81..e6c7cae5 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt-use-pkg-config-to-locate-libcap.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt-use-pkg-config-to-locate-libcap.patch @@ -1,4 +1,4 @@ -From 3e271f6db12ffe34843428ec2f0bca7a8fe3aa65 Mon Sep 17 00:00:00 2001 +From 57b645c6db405bf2e22f4589ea5560a14975058f Mon Sep 17 00:00:00 2001 From: Bruce Ashfield <bruce.ashfield@windriver.com> Date: Wed, 8 Apr 2015 13:03:03 -0400 Subject: [PATCH] libvirt: use pkg-config to locate libcap @@ -14,18 +14,19 @@ locate the correct libraries. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> [MA: Update to apply agains v4.3.0] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- m4/virt-libpcap.m4 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/m4/virt-libpcap.m4 b/m4/virt-libpcap.m4 -index 8fa4889..08b2f53 100644 +index 605c2fd..e0ab018 100644 --- a/m4/virt-libpcap.m4 +++ b/m4/virt-libpcap.m4 @@ -23,14 +23,14 @@ AC_DEFUN([LIBVIRT_ARG_LIBPCAP], [ AC_DEFUN([LIBVIRT_CHECK_LIBPCAP], [ - LIBPCAP_REQUIRED="1.0.0" + LIBPCAP_REQUIRED="1.5.0" - LIBPCAP_CONFIG="pcap-config" + LIBPCAP_CONFIG="pkg-config libpcap" LIBPCAP_CFLAGS="" @@ -40,6 +41,3 @@ index 8fa4889..08b2f53 100644 esac AS_IF([test "x$LIBPCAP_CONFIG" != "x"], [ AC_MSG_CHECKING(libpcap $LIBPCAP_CONFIG >= $LIBPCAP_REQUIRED ) --- -2.1.0 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt_api_xml_path.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt_api_xml_path.patch deleted file mode 100644 index 30c30e88..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt_api_xml_path.patch +++ /dev/null @@ -1,87 +0,0 @@ -Adding support for LIBVIRT_CFLAGS and LIBVIRT_LIBS - -Signed-off-by: Amy Fong <amy.fong@windriver.com> - - -Adding a support for LIBVIRT_API_PATH evironment variable, which can -control where the script should look for the 'libvirt-api.xml' file. -This allows building libvirt-python against different libvirt than the -one installed in the system. This may be used for example in autotest -or by packagers without the need to install libvirt into the system. - -Signed-off-by: Martin Kletzander <mkletzan redhat com> -[ywei: rebased to 1.3.2] -Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com> ---- - setup.py | 35 ++++++++++++++++++++++++----------- - 1 file changed, 24 insertions(+), 11 deletions(-) - -diff --git a/setup.py b/setup.py -index eff9d54..48ec4fe 100755 ---- a/setup.py -+++ b/setup.py -@@ -43,13 +43,7 @@ def check_minimum_libvirt_version(): - "libvirt"]) - - def have_libvirt_lxc(): -- try: -- spawn([get_pkgcfg(), -- "--atleast-version=%s" % MIN_LIBVIRT_LXC, -- "libvirt"]) -- return True -- except DistutilsExecError: -- return False -+ return True - - def have_libvirtaio(): - # This depends on asyncio, which in turn depends on "yield from" syntax. -@@ -77,7 +71,17 @@ def get_api_xml_files(): - """Check with pkg-config that libvirt is present and extract - the API XML file paths we need from it""" - -- libvirt_api = get_pkgconfig_data(["--variable", "libvirt_api"], "libvirt") -+ libvirt_api = os.getenv("LIBVIRT_API_PATH") -+ -+ if libvirt_api: -+ if not libvirt_api.endswith("-api.xml"): -+ raise ValueError("Invalid path '%s' for API XML" % libvirt_api) -+ if not os.path.exists(libvirt_api): -+ raise ValueError("API XML '%s' does not exist, " -+ "have you built libvirt?" % libvirt_api) -+ else: -+ libvirt_api = get_pkgconfig_data(["--variable", "libvirt_api"], -+ "libvirt") - - offset = libvirt_api.index("-api.xml") - libvirt_qemu_api = libvirt_api[0:offset] + "-qemu-api.xml" -@@ -97,8 +101,17 @@ def get_module_lists(): - - c_modules = [] - py_modules = [] -- ldflags = get_pkgconfig_data(["--libs-only-L"], "libvirt", False).split() -- cflags = get_pkgconfig_data(["--cflags"], "libvirt", False).split() -+ libvirt_cflags = os.getenv("LIBVIRT_CFLAGS") -+ if libvirt_cflags: -+ cflags = libvirt_cflags.split() -+ else: -+ cflags = get_pkgconfig_data(["--cflags"], "libvirt", False).split() -+ -+ libvirt_libs = os.getenv("LIBVIRT_LIBS") -+ if libvirt_libs: -+ ldflags = libvirt_libs.split() -+ else: -+ ldflags = get_pkgconfig_data(["--libs-only-L"], "libvirt", False).split() - - module = Extension('libvirtmod', - sources = ['libvirt-override.c', 'build/libvirt.c', 'typewrappers.c', 'libvirt-utils.c'], -@@ -144,7 +157,7 @@ def get_module_lists(): - class my_build(build): - - def run(self): -- check_minimum_libvirt_version() -+# check_minimum_libvirt_version() - apis = get_api_xml_files() - - self.spawn([sys.executable, "generator.py", "libvirt", apis[0]]) --- -2.17.0 diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/lxc_monitor-Avoid-AB-BA-lock-race.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/lxc_monitor-Avoid-AB-BA-lock-race.patch deleted file mode 100644 index fc3880fb..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/lxc_monitor-Avoid-AB-BA-lock-race.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 7882c6eca53fe9abe253497a50f6c5ae062176d3 Mon Sep 17 00:00:00 2001 -From: Mark Asselstine <mark.asselstine@windriver.com> -Date: Mon, 24 Sep 2018 11:11:35 -0400 -Subject: [PATCH] lxc_monitor: Avoid AB / BA lock race - -A deadlock situation can occur when autostarting a LXC domain 'guest' -due to two threads attempting to take opposing locks while holding -opposing locks (AB BA problem). Thread A takes and holds the 'vm' lock -while attempting to take the 'client' lock, meanwhile, thread B takes -and holds the 'client' lock while attempting to take the 'vm' lock. - -The potential for this can be seen as follows: - -Thread A: -virLXCProcessAutostartDomain (takes vm lock) - --> virLXCProcessStart - --> virLXCProcessConnectMonitor - --> virLXCMonitorNew - --> virNetClientSetCloseCallback (wants client lock) - -Thread B: -virNetClientIncomingEvent (takes client lock) - --> virNetClientIOHandleInput - --> virNetClientCallDispatch - --> virNetClientCallDispatchMessage - --> virNetClientProgramDispatch - --> virLXCMonitorHandleEventInit - --> virLXCProcessMonitorInitNotify (wants vm lock) - -Since these threads are scheduled independently and are preemptible it -is possible for the deadlock scenario to occur where each thread locks -their first lock but both will fail to get their second lock and just -spin forever. You get something like: - -virLXCProcessAutostartDomain (takes vm lock) - --> virLXCProcessStart - --> virLXCProcessConnectMonitor - --> virLXCMonitorNew -<...> -virNetClientIncomingEvent (takes client lock) - --> virNetClientIOHandleInput - --> virNetClientCallDispatch - --> virNetClientCallDispatchMessage - --> virNetClientProgramDispatch - --> virLXCMonitorHandleEventInit - --> virLXCProcessMonitorInitNotify (wants vm lock but spins) -<...> - --> virNetClientSetCloseCallback (wants client lock but spins) - -Neither thread ever gets the lock it needs to be able to continue -while holding the lock that the other thread needs. - -The actual window for preemption which can cause this deadlock is -rather small, between the calls to virNetClientProgramNew() and -execution of virNetClientSetCloseCallback(), both in -virLXCMonitorNew(). But it can be seen in real world use that this -small window is enough. - -By moving the call to virNetClientSetCloseCallback() ahead of -virNetClientProgramNew() we can close any possible chance of the -deadlock taking place. There should be no other implications to the -move since the close callback (in the unlikely event was called) will -spin on the vm lock. The remaining work that takes place between the -old call location of virNetClientSetCloseCallback() and the new -location is unaffected by the move. - -Upstream-Status: Backport commit 7882c6eca53f - -Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> -Signed-off-by: Michal Privoznik <mprivozn@redhat.com> ---- - src/lxc/lxc_monitor.c | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/src/lxc/lxc_monitor.c b/src/lxc/lxc_monitor.c -index e765c16..0b18a14 100644 ---- a/src/lxc/lxc_monitor.c -+++ b/src/lxc/lxc_monitor.c -@@ -161,6 +161,13 @@ virLXCMonitorPtr virLXCMonitorNew(virDomainObjPtr vm, - if (virNetClientRegisterAsyncIO(mon->client) < 0) - goto error; - -+ /* avoid deadlock by making this call before assigning virLXCMonitorEvents */ -+ virNetClientSetCloseCallback(mon->client, virLXCMonitorEOFNotify, mon, -+ virLXCMonitorCloseFreeCallback); -+ -+ /* close callback now has its own reference */ -+ virObjectRef(mon); -+ - if (!(mon->program = virNetClientProgramNew(VIR_LXC_MONITOR_PROGRAM, - VIR_LXC_MONITOR_PROGRAM_VERSION, - virLXCMonitorEvents, -@@ -175,10 +182,6 @@ virLXCMonitorPtr virLXCMonitorNew(virDomainObjPtr vm, - mon->vm = virObjectRef(vm); - memcpy(&mon->cb, cb, sizeof(mon->cb)); - -- virObjectRef(mon); -- virNetClientSetCloseCallback(mon->client, virLXCMonitorEOFNotify, mon, -- virLXCMonitorCloseFreeCallback); -- - cleanup: - VIR_FREE(sockpath); - return mon; --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/runptest.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/runptest.patch index 457e8218..9f3ad678 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/runptest.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/runptest.patch @@ -1,7 +1,7 @@ -From 94478517c4f9950b28be3a348387db6ede3db812 Mon Sep 17 00:00:00 2001 -From: Mark Asselstine <mark.asselstine@windriver.com> -Date: Mon, 4 Jun 2018 11:55:37 -0400 -Subject: [PATCH] Add 'install-ptest' rule. +From 9d6bfb4a5e9b44c080ddf3bad4c364ffb0e9d84a Mon Sep 17 00:00:00 2001 +From: Dengke Du <dengke.du@windriver.com> +Date: Wed, 8 May 2019 10:20:47 +0800 +Subject: [PATCH] Add 'install-ptest' rule Change TESTS_ENVIRONMENT to allow running outside build dir. @@ -15,15 +15,18 @@ Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: He Zhe <zhe.he@windriver.com> [MA: Update context for v4.3.0] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> +[DDU: Update context for v5.3.0] +Signed-off-by: Dengke Du <dengke.du@windriver.com> + --- - tests/Makefile.am | 74 +++++++++++++++++++++++++++++++++++++++++++++---------- - 1 file changed, 61 insertions(+), 13 deletions(-) + tests/Makefile.am | 68 +++++++++++++++++++++++++++++++++++++++++------ + 1 file changed, 60 insertions(+), 8 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am -index 7b93fbd..edc1eb9 100644 +index 83326db..7a0aee3 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am -@@ -35,11 +35,13 @@ INCLUDES = \ +@@ -28,11 +28,13 @@ AM_CPPFLAGS = \ WARN_CFLAGS += $(RELAXED_FRAME_LIMIT_CFLAGS) @@ -31,52 +34,34 @@ index 7b93fbd..edc1eb9 100644 + AM_CFLAGS = \ - -Dabs_builddir="\"$(abs_builddir)\"" \ -- -Dabs_topbuilddir="\"$(abs_topbuilddir)\"" \ +- -Dabs_top_builddir="\"$(abs_top_builddir)\"" \ - -Dabs_srcdir="\"$(abs_srcdir)\"" \ -- -Dabs_topsrcdir="\"$(abs_topsrcdir)\"" \ +- -Dabs_top_srcdir="\"$(abs_top_srcdir)\"" \ + -Dabs_builddir="\"$(PTEST_DIR)/tests\"" \ -+ -Dabs_topbuilddir="\"$(PTEST_DIR)\"" \ ++ -Dabs_top_builddir="\"$(PTEST_DIR)\"" \ + -Dabs_srcdir="\"$(PTEST_DIR)/tests\"" \ -+ -Dabs_topsrcdir="\"$(PTEST_DIR)\"" \ ++ -Dabs_top_srcdir="\"$(PTEST_DIR)\"" \ $(LIBXML_CFLAGS) \ + $(GLIB_CFLAGS) \ $(LIBNL_CFLAGS) \ - $(GNUTLS_CFLAGS) \ -@@ -64,7 +66,7 @@ QEMULIB_LDFLAGS = \ - $(MINGW_EXTRA_LDFLAGS) - - INCLUDES += \ -- -DTEST_DRIVER_DIR=\"$(top_builddir)/src/.libs\" -+ -DTEST_DRIVER_DIR=\"$(PTEST_DIR)/src/.libs\" +@@ -472,10 +474,10 @@ TESTS = $(test_programs) \ - PROBES_O = - if WITH_DTRACE_PROBES -@@ -466,17 +468,15 @@ TESTS = $(test_programs) \ - # Also, BSD sh doesn't like 'a=b b=$$a', so we can't use an - # intermediate shell variable, but must do all the expansion in make - --lv_abs_top_builddir=$(shell cd '$(top_builddir)' && pwd) -- VIR_TEST_EXPENSIVE ?= $(VIR_TEST_EXPENSIVE_DEFAULT) TESTS_ENVIRONMENT = \ -- abs_top_builddir=$(lv_abs_top_builddir) \ -- abs_top_srcdir=`cd '$(top_srcdir)'; pwd` \ -- abs_builddir=$(abs_builddir) \ -- abs_srcdir=$(abs_srcdir) \ -- CONFIG_HEADER="$(lv_abs_top_builddir)/config.h" \ +- abs_top_builddir="$(abs_top_builddir)" \ +- abs_top_srcdir="$(abs_top_srcdir)" \ +- abs_builddir="$(abs_builddir)" \ +- abs_srcdir="$(abs_srcdir)" \ + abs_top_builddir="$(PTEST_DIR)" \ + abs_top_srcdir="$(PTEST_DIR)" \ + abs_builddir="$(PTEST_DIR)/tests" \ + abs_srcdir="$(PTEST_DIR)/tests" \ -+ CONFIG_HEADER="$(PTEST_DIR)/config.h" \ - SHELL="$(SHELL)" \ -- LIBVIRT_DRIVER_DIR="$(lv_abs_top_builddir)/src/.libs" \ -+ LIBVIRT_DRIVER_DIR="$(PTEST_DIR)/src/.libs" \ LIBVIRT_AUTOSTART=0 \ LC_ALL=C \ VIR_TEST_EXPENSIVE=$(VIR_TEST_EXPENSIVE) \ -@@ -1486,5 +1486,55 @@ else ! WITH_CIL - EXTRA_DIST += objectlocking.ml - endif ! WITH_CIL +@@ -1549,4 +1551,54 @@ else ! WITH_LINUX + EXTRA_DIST += virscsitest.c + endif ! WITH_LINUX +buildtest-TESTS: $(TESTS) $(test_libraries) $(test_helpers) + @@ -94,7 +79,7 @@ index 7b93fbd..edc1eb9 100644 + install ../src/libvirt_iohelper $(DEST_DIR)/src + install -D ../src/libvirtd $(DEST_DIR)/src/libvirtd + install -d $(DEST_DIR)/src/remote -+ install -D $(top_srcdir)/src/remote/libvirtd.conf $(DEST_DIR)/src/remote/libvirtd.conf ++ install -D $(top_srcdir)/../build/src/remote/libvirtd.conf $(DEST_DIR)/src/remote/libvirtd.conf + install -d $(DEST_DIR)/src/remote/.libs + @(if [ -d ../src/remote/.libs ] ; then cd ../src/remote/.libs; fi; \ + install * $(DEST_DIR)/src/remote/.libs) @@ -128,8 +113,4 @@ index 7b93fbd..edc1eb9 100644 + sed -i -e 's|$(BUILD_DIR)|$(PTEST_DIR)|g' $(DEST_DIR)/Makefile + sed -i -e 's|^\(.*\.log:\) \(.*EXEEXT.*\)|\1|g' $(DEST_DIR)/tests/Makefile + - CLEANFILES = *.cov *.gcov .libs/*.gcda .libs/*.gcno *.gcno *.gcda *.cmi *.cmx \ - objectlocking-files.txt --- -2.7.4 - + CLEANFILES = *.cov *.gcov .libs/*.gcda .libs/*.gcno *.gcno *.gcda diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch index 5f6f9502..f03cc890 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch @@ -1,6 +1,6 @@ -From f73c5c61c921bf773dcba5e4234e23afce5dbe7f Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield <bruce.ashfield@windriver.com> -Date: Fri, 2 Aug 2013 11:38:43 -0400 +From a1696741375c6faca0d09ae6b271a2c56fc2b6fe Mon Sep 17 00:00:00 2001 +From: Dengke Du <dengke.du@windriver.com> +Date: Tue, 7 May 2019 15:26:32 +0800 Subject: [PATCH] tools: add libvirt-net-rpc to virt-host-validate when TLS is enabled @@ -13,30 +13,34 @@ Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com> [MA: rebase to v4.3.0] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> +[ddu: rebase to v5.3.0] +Signed-off-by: Dengke Du <dengke.du@windriver.com> + --- - examples/Makefile.am | 19 +++++++++++++++++++ - tools/Makefile.am | 13 +++++++++++++ + examples/Makefile.am | 20 ++++++++++++++++++++ + tools/Makefile.am | 12 ++++++++++++ 2 files changed, 32 insertions(+) diff --git a/examples/Makefile.am b/examples/Makefile.am -index 7069d74..c8893e3 100644 +index ad635bd..a94f41d 100644 --- a/examples/Makefile.am +++ b/examples/Makefile.am -@@ -39,6 +39,10 @@ LDADD = $(STATIC_BINARIES) $(WARN_CFLAGS) $(COVERAGE_LDFLAGS) \ - $(top_builddir)/src/libvirt.la $(top_builddir)/gnulib/lib/libgnu.la \ - $(top_builddir)/src/libvirt-admin.la +@@ -74,6 +74,10 @@ LDADD = \ + $(top_builddir)/src/libvirt-admin.la \ + $(NULL) +if WITH_GNUTLS +LDADD += $(top_builddir)/src/libvirt-net-rpc.la +endif + - noinst_PROGRAMS=dominfo/info1 dommigrate/dommigrate domsuspend/suspend \ - domtop/domtop hellolibvirt/hellolibvirt object-events/event-test \ - openauth/openauth rename/rename admin/list_servers admin/list_clients \ -@@ -70,6 +74,21 @@ admin_logging_SOURCES = admin/logging.c - INSTALL_DATA_LOCAL = - UNINSTALL_LOCAL = + noinst_PROGRAMS = \ + c/admin/client_close \ + c/admin/client_info \ +@@ -111,6 +115,22 @@ c_misc_openauth_SOURCES = c/misc/openauth.c + examplesdir = $(docdir)/examples + adminexamplesdir = $(examplesdir)/c/admin ++ +if WITH_GNUTLS +dominfo_info1_LDADD = $(top_builddir)/src/libvirt-net-rpc.la \ + $(LDADD) \ @@ -52,15 +56,15 @@ index 7069d74..c8893e3 100644 + $(NULL) +endif + - if WITH_APPARMOR_PROFILES - apparmordir = $(sysconfdir)/apparmor.d/ - apparmor_DATA = \ + adminexamples_DATA = $(ADMIN_EXAMPLES) + + domainexamplesdir = $(examplesdir)/c/domain diff --git a/tools/Makefile.am b/tools/Makefile.am -index 1452d98..204e772 100644 +index 53df930..2a0a989 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am -@@ -188,6 +188,13 @@ virt_host_validate_LDADD = \ - ../gnulib/lib/libgnu.la \ +@@ -166,6 +166,12 @@ virt_host_validate_LDADD = \ + $(GLIB_LIBS) \ $(NULL) +if WITH_GNUTLS @@ -69,11 +73,10 @@ index 1452d98..204e772 100644 + $(NULL) +endif + -+ virt_host_validate_CFLAGS = \ $(AM_CFLAGS) \ $(NULL) -@@ -268,6 +275,12 @@ virt_admin_CFLAGS = \ +@@ -262,6 +268,12 @@ virt_admin_CFLAGS = \ $(READLINE_CFLAGS) BUILT_SOURCES = @@ -86,6 +89,3 @@ index 1452d98..204e772 100644 if WITH_WIN_ICON virsh_LDADD += virsh_win_icon.$(OBJEXT) --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt_4.7.0.bb b/external/meta-virtualization/recipes-extended/libvirt/libvirt_6.1.0.bb index 1d3b48e8..9aa78b77 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt_4.7.0.bb +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt_6.1.0.bb @@ -8,7 +8,9 @@ SECTION = "console/tools" DEPENDS = "bridge-utils gnutls libxml2 lvm2 avahi parted curl libpcap util-linux e2fsprogs pm-utils \ iptables dnsmasq readline libtasn1 libxslt-native acl libdevmapper libtirpc \ - ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'shadow-native', '', d)}" + python3-docutils-native \ + ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'shadow-native', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'gnutls', 'gnutls-native', '', d)}" # libvirt-guests.sh needs gettext.sh # @@ -35,25 +37,18 @@ SRC_URI = "http://libvirt.org/sources/libvirt-${PV}.tar.xz;name=libvirt \ file://install-missing-file.patch \ file://0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch \ file://configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch \ - file://lxc_monitor-Avoid-AB-BA-lock-race.patch \ - file://CVE-2019-3840.patch \ - file://0001-cpu_x86-Do-not-cache-microcode-version.patch \ - file://0002-qemu-Don-t-cache-microcode-version.patch \ - file://CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p1.patch \ - file://CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch \ - file://CVE-2019-10132_p1.patch \ - file://CVE-2019-10132_p2.patch \ - file://CVE-2019-10132_p3.patch \ - file://CVE-2019-10161.patch \ - file://CVE-2019-10166.patch \ - file://CVE-2019-10167.patch \ - file://CVE-2019-10168.patch \ + file://0001-build-drop-unnecessary-libgnu.la-reference.patch \ + file://hook_support.py \ + file://gnutls-helper.py \ " -SRC_URI[libvirt.md5sum] = "38da6c33250dcbc0a6d68de5c758262b" -SRC_URI[libvirt.sha256sum] = "92c279f7321624ac5a37a81f8bbe8c8d2a16781da04c63c99c92d3de035767e4" +SRC_URI[libvirt.md5sum] = "a870e63f20fac2ccf98e716d05256145" +SRC_URI[libvirt.sha256sum] = "167c185be45560e73dd3e14ed375778b555c01455192de2dafc4d0f74fabebc0" -inherit autotools gettext update-rc.d pkgconfig ptest systemd +inherit autotools gettext update-rc.d pkgconfig ptest systemd useradd perlnative +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM_${PN} = "-r qemu; -r kvm" +USERADD_PARAM_${PN} = "-r -g qemu -G kvm qemu" # Override the default set in autotools.bbclass so that we will use relative pathnames # to our local m4 files. This prevents an "Argument list too long" error during configuration @@ -128,6 +123,7 @@ FILES_${PN}-libvirtd = " \ ${sbindir}/libvirtd \ ${systemd_unitdir}/system/* \ ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', '', '${libexecdir}/libvirt-guests.sh', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'gnutls', '${sysconfdir}/pki/libvirt/* ${sysconfdir}/pki/CA/*', '', d)} \ " FILES_${PN}-virsh = " \ @@ -140,6 +136,7 @@ FILES_${PN} += "${libdir}/libvirt/connection-driver \ ${@bb.utils.contains('PACKAGECONFIG', 'polkit', '${datadir}/polkit-1', '', d)} \ ${datadir}/bash-completion/completions/vsh \ ${datadir}/bash-completion/completions/virt-admin \ + /usr/lib/firewalld/zones/libvirt.xml \ " FILES_${PN}-dbg += "${libdir}/libvirt/connection-driver/.debug ${libdir}/libvirt/lock-driver/.debug" @@ -191,27 +188,30 @@ PRIVATE_LIBS_${PN}-ptest = " \ #PACKAGECONFIG ??= "xen libxl xen-inotify test remote libvirtd" # full config -PACKAGECONFIG ??= "qemu yajl uml openvz vmware vbox esx iproute2 lxc test \ +PACKAGECONFIG ??= "qemu yajl openvz vmware vbox esx iproute2 lxc test \ remote macvtap libvirtd netcf udev python ebtables \ + fuse iproute2 firewalld libpcap \ ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux audit libcap-ng', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'xen', 'libxl', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'polkit', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'polkit', 'polkit', '', d)} \ " # qemu is NOT compatible with mips64 PACKAGECONFIG_remove_mipsarchn32 = "qemu" PACKAGECONFIG_remove_mipsarchn64 = "qemu" +# numactl is NOT compatible with arm +PACKAGECONFIG_remove_arm = "numactl" +PACKAGECONFIG_remove_armeb = "numactl" + # enable,disable,depends,rdepends # -PACKAGECONFIG[qemu] = "--with-qemu,--without-qemu,qemu," +PACKAGECONFIG[gnutls] = ",,,gnutls-bin" +PACKAGECONFIG[qemu] = "--with-qemu --with-qemu-user=qemu --with-qemu-group=qemu,--without-qemu,qemu," PACKAGECONFIG[yajl] = "--with-yajl,--without-yajl,yajl,yajl" -PACKAGECONFIG[xenapi] = "--with-xenapi,--without-xenapi,," -PACKAGECONFIG[libxl] = "--with-libxl=${STAGING_DIR_TARGET}/lib,--without-libxl,libxl," -PACKAGECONFIG[uml] = "--with-uml, --without-uml,," +PACKAGECONFIG[libxl] = "--with-libxl=${STAGING_DIR_TARGET}/lib,--without-libxl,xen," PACKAGECONFIG[openvz] = "--with-openvz,--without-openvz,," PACKAGECONFIG[vmware] = "--with-vmware,--without-vmware,," -PACKAGECONFIG[phyp] = "--with-phyp,--without-phyp,," PACKAGECONFIG[vbox] = "--with-vbox,--without-vbox,," PACKAGECONFIG[esx] = "--with-esx,--without-esx,," PACKAGECONFIG[hyperv] = "--with-hyperv,--without-hyperv,," @@ -226,7 +226,7 @@ PACKAGECONFIG[dtrace] = "--with-dtrace,--without-dtrace,," PACKAGECONFIG[udev] = "--with-udev --with-pciaccess,--without-udev,udev libpciaccess," PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux," PACKAGECONFIG[ebtables] = "ac_cv_path_EBTABLES_PATH=/sbin/ebtables,ac_cv_path_EBTABLES_PATH=,ebtables,ebtables" -PACKAGECONFIG[python] = ",,python," +PACKAGECONFIG[python] = ",,python3," PACKAGECONFIG[sasl] = "--with-sasl,--without-sasl,cyrus-sasl,cyrus-sasl" PACKAGECONFIG[iproute2] = "ac_cv_path_IP_PATH=/sbin/ip,ac_cv_path_IP_PATH=,iproute2,iproute2" PACKAGECONFIG[numactl] = "--with-numactl,--without-numactl,numactl," @@ -234,10 +234,34 @@ PACKAGECONFIG[fuse] = "--with-fuse,--without-fuse,fuse," PACKAGECONFIG[audit] = "--with-audit,--without-audit,audit," PACKAGECONFIG[libcap-ng] = "--with-capng,--without-capng,libcap-ng," PACKAGECONFIG[wireshark] = "--with-wireshark-dissector,--without-wireshark-dissector,wireshark libwsutil," +PACKAGECONFIG[apparmor-profiles] = "--with-apparmor-profiles, --without-apparmor-profiles," +PACKAGECONFIG[firewalld] = "--with-firewalld, --without-firewalld," +PACKAGECONFIG[libpcap] = "--with-libpcap, --without-libpcap,libpcap,libpcap" +PACKAGECONFIG[numad] = "--with-numad, --without-numad," # Enable the Python tool support require libvirt-python.inc +do_compile() { + cd ${B}/src + # There may be race condition, but without creating these directories + # in the source tree, generation of files fails. + for i in access admin logging esx locking rpc hyperv lxc \ + remote network storage interface nwfilter node_device \ + secret vbox qemu; do + mkdir -p $i; + done + + cd ${B} + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:${B}/src:" + oe_runmake all +} + +do_install_prepend() { + # so the install routines can find the libvirt.pc in the source dir + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:${B}/src:" +} + do_install_append() { install -d ${D}/etc/init.d install -d ${D}/etc/libvirt @@ -294,6 +318,10 @@ do_install_append() { # Add hook support for libvirt mkdir -p ${D}/etc/libvirt/hooks + for hook in "daemon" "lxc" "network" "qemu" + do + install -m 0755 ${WORKDIR}/hook_support.py ${D}/etc/libvirt/hooks/${hook} + done # Force the main dnsmasq instance to bind only to specified interfaces and # to not bind to virbr0. Libvirt will run its own instance on this interface. @@ -303,6 +331,46 @@ do_install_append() { for i in `find ${D}${libdir} -type f -name *.la`; do sed -i -e 's#-L${B}/src/.libs##g' $i done + + sed -i -e 's/^\(unix_sock_group\ =\ \).*/\1"kvm"/' ${D}/etc/libvirt/libvirtd.conf + sed -i -e 's/^\(unix_sock_rw_perms\ =\ \).*/\1"0776"/' ${D}/etc/libvirt/libvirtd.conf + + case ${MACHINE_ARCH} in + *mips*) + break + ;; + *) + chown -R qemu:qemu ${D}/${localstatedir}/lib/libvirt/qemu + echo "d qemu qemu 0755 ${localstatedir}/cache/libvirt/qemu none" \ + >> ${D}${sysconfdir}/default/volatiles/99_libvirt + break + ;; + esac + + if ${@bb.utils.contains('PACKAGECONFIG','gnutls','true','false',d)}; then + # Generate sample keys and certificates. + cd ${WORKDIR} + ${WORKDIR}/gnutls-helper.py -y + + # Deploy all sample keys and certificates of CA, server and client + # to target so that libvirtd is able to boot successfully and local + # connection via 127.0.0.1 is available out of box. + install -d ${D}/etc/pki/CA + install -d ${D}/etc/pki/libvirt/private + install -m 0755 ${WORKDIR}/gnutls-helper.py ${D}/${bindir} + install -m 0644 ${WORKDIR}/cakey.pem ${D}/${sysconfdir}/pki/libvirt/private/cakey.pem + install -m 0644 ${WORKDIR}/cacert.pem ${D}/${sysconfdir}/pki/CA/cacert.pem + install -m 0644 ${WORKDIR}/serverkey.pem ${D}/${sysconfdir}/pki/libvirt/private/serverkey.pem + install -m 0644 ${WORKDIR}/servercert.pem ${D}/${sysconfdir}/pki/libvirt/servercert.pem + install -m 0644 ${WORKDIR}/clientkey.pem ${D}/${sysconfdir}/pki/libvirt/private/clientkey.pem + install -m 0644 ${WORKDIR}/clientcert.pem ${D}/${sysconfdir}/pki/libvirt/clientcert.pem + + # Force the connection to be tls. + sed -i -e 's/^\(listen_tls\ =\ .*\)/#\1/' -e 's/^\(listen_tcp\ =\ .*\)/#\1/' ${D}/etc/libvirt/libvirtd.conf + fi + + # virt-login-shell needs to run with setuid permission + chmod 4755 ${D}${bindir}/virt-login-shell } EXTRA_OECONF += " \ @@ -310,8 +378,15 @@ EXTRA_OECONF += " \ --with-test-suite \ " +# gcc9 end up mis-compiling qemuxml2argvtest.o with Og which then +# crashes on target, so remove -Og and use -O2 as workaround +SELECTED_OPTIMIZATION_remove_virtclass-multilib-lib32_mipsarch = "-Og" +SELECTED_OPTIMIZATION_append_virtclass-multilib-lib32_mipsarch = " -O2" + EXTRA_OEMAKE = "BUILD_DIR=${B} DEST_DIR=${D}${PTEST_PATH} PTEST_DIR=${PTEST_PATH} SYSTEMD_UNIT_DIR=${systemd_system_unitdir}" +PRIVATE_LIBS_${PN}-ptest_append = "libvirt-admin.so.0" + do_compile_ptest() { oe_runmake -C tests buildtest-TESTS } @@ -331,6 +406,7 @@ pkg_postinst_${PN}() { if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then /etc/init.d/populate-volatile.sh update fi + mkdir -m 711 -p $D/data/images } python () { diff --git a/external/meta-virtualization/recipes-extended/nagios/nagios-core_4.4.2.bb b/external/meta-virtualization/recipes-extended/nagios/nagios-core_4.4.3.bb index b2196eb3..7a86653b 100644 --- a/external/meta-virtualization/recipes-extended/nagios/nagios-core_4.4.2.bb +++ b/external/meta-virtualization/recipes-extended/nagios/nagios-core_4.4.3.bb @@ -20,12 +20,12 @@ SRC_URI = "http://prdownloads.sourceforge.net/sourceforge/${SRCNAME}/${SRCNAME}- file://nagios-core-systemd-volatile.conf \ " -SRC_URI[md5sum] = "7a9736281d4e2ebe4f4569a782f733c5" -SRC_URI[sha256sum] = "3418923f326aa86dc8c84cfd0df788fa495a90d772f8071acf40fdbef0736853" +SRC_URI[md5sum] = "8beb253b1236ee1407f698b5d2a2d894" +SRC_URI[sha256sum] = "bba8f0e8dc8cf72f7a7ae4e8ce9c60f5bd315629421b9ec34818a28b8da49f67" S = "${WORKDIR}/${SRCNAME}-${PV}" -inherit autotools-brokensep update-rc.d systemd +inherit autotools-brokensep update-rc.d systemd update-alternatives DEPENDS = "gd unzip-native" @@ -149,3 +149,9 @@ USERADD_PARAM_${SRCNAME}-base = "-r -M -g ${NAGIOS_GROUP} ${NAGIOS_USER}" INITSCRIPT_NAME = "nagios" INITSCRIPT_PARAMS = "defaults" + +CVE_PRODUCT = "nagios_core" + +ALTERNATIVE_PRIORITY_${PN} = '20' +ALTERNATIVE_${PN} = "nagios" +ALTERNATIVE_LINK_NAME[nagios] = "${localstatedir}/nagios" diff --git a/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe/0001-Should-fix-235-nasty_metachars-was-not-being-returne.patch b/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe/0001-Should-fix-235-nasty_metachars-was-not-being-returne.patch new file mode 100644 index 00000000..7a12e730 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe/0001-Should-fix-235-nasty_metachars-was-not-being-returne.patch @@ -0,0 +1,30 @@ +From 4f7dd1199f1f3f72f9197e8565da339a4a2490b7 Mon Sep 17 00:00:00 2001 +From: madlohe <swolf@nagios.com> +Date: Thu, 23 Apr 2020 15:33:18 -0500 +Subject: [PATCH] Should fix #235 (nasty_metachars was not being returned when + specified in cfg file + +CVE: CVE-2020-6581 +Upstream Status: Backport [4f7dd1199f1f3f72f9197e8565da339a4a2490b7] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/nrpe.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/nrpe.c b/src/nrpe.c +index 01fbd1d..bf64963 100644 +--- a/src/nrpe.c ++++ b/src/nrpe.c +@@ -823,6 +823,8 @@ char* process_metachars(const char* input) + } + } + copy[j] = '\0'; ++ ++ return copy; + } + + /* read in the configuration file */ +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe_3.2.1.bb b/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe_4.0.2.bb index 94933367..d9c7b159 100644 --- a/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe_3.2.1.bb +++ b/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe_4.0.2.bb @@ -1,7 +1,7 @@ require nagios-common.inc DESCRIPTION = "Nagios Remote Plugin Executor" -HOMEPAGE = "http://exchange.nagios.org" +HOMEPAGE = "http://www.nagios.com" SECTION = "console/network" PRIORITY = "optional" LICENSE = "GPLv2" @@ -13,14 +13,18 @@ SRCNAME = "nrpe" SRC_URI = "https://github.com/NagiosEnterprises/nrpe/releases/download/${SRCNAME}-${PV}/${SRCNAME}-${PV}.tar.gz \ file://check_nrpe.cfg \ file://nagios-nrpe.service \ + file://0001-Should-fix-235-nasty_metachars-was-not-being-returne.patch \ " -SRC_URI[md5sum] = "8997e195fea93cdceb8c7ed8ac1d43bc" -SRC_URI[sha256sum] = "8ad2d1846ab9011fdd2942b8fc0c99dfad9a97e57f4a3e6e394a4ead99c0f1f0" +SRC_URI[md5sum] = "37b9e23b3e8d75308f8b31f3b61ee8a4" +SRC_URI[sha256sum] = "c5d9d7023eaa49e6fe8cf95c6d101731f07972cf0f8818fa130c171bc9eabd55" +SRC_URI[sha1sum] = "2150e274fc7f24905c63b8a996ed7218e2967478" +SRC_URI[sha384sum] = "0ece79fb312c8d1ee0e6bde1be499f8090a5a86cf90b0b8dcbebb95c5f8f70b2cf9ac0a4064f726bee091c4147b61d82" +SRC_URI[sha512sum] = "4d7cf6abc974bc79df54afc42644418e3f086a279c8c17d0fd104f19e3c21c0f3dae4fb4268dd134446ff9fe505159b0446372c5cac71cfe03a97479ed41c09b" S = "${WORKDIR}/${SRCNAME}-${PV}" -inherit autotools-brokensep update-rc.d systemd +inherit autotools-brokensep update-rc.d systemd update-alternatives # IP address of server which proxy should connect to MONITORING_PROXY_SERVER_IP ??= "192.168.7.2" @@ -39,7 +43,7 @@ EXTRA_OECONF_SSL = "--with-ssl=${STAGING_DIR_HOST} \ --with-ssl-lib=${STAGING_DIR_HOST}${libdir} \ " -PACKAGECONFIG[ssl] = "${EXTRA_OECONF_SSL},--disable-ssl,openssl," +PACKAGECONFIG[ssl] = "${EXTRA_OECONF_SSL},--disable-ssl,openssl-native openssl," PACKAGECONFIG[cmdargs] = "--enable-command-args,--disable-command-args,," PACKAGECONFIG[bashcomp] = "--enable-bash-command-substitution,--disable-bash-command-substitution,," @@ -73,8 +77,6 @@ do_install_append() { install -d ${D}${systemd_unitdir}/system install -m 644 ${WORKDIR}/nagios-nrpe.service ${D}${systemd_unitdir}/system/ fi - - rmdir -p --ignore-fail-on-non-empty ${D}${localstatedir}/nagios } PACKAGES = "${PN}-dbg ${PN}-plugin ${PN}-daemon" @@ -86,6 +88,7 @@ FILES_${PN}-plugin = "${NAGIOS_PLUGIN_DIR} \ FILES_${PN}-daemon = "${sysconfdir} \ ${bindir} \ ${nonarch_libdir}/tmpfiles.d/ \ + ${localstatedir} \ " RDEPENDS_${PN}-daemon = "nagios-base" @@ -98,3 +101,6 @@ SYSTEMD_AUTO_ENABLE_${PN}-daemon = "enable" INITSCRIPT_PACKAGES = "${PN}-daemon" INITSCRIPT_NAME_${PN}-daemon = "nrpe" INITSCRIPT_PARAMS_${PN}-daemon = "defaults" + +ALTERNATIVE_${PN}-daemon = "nagios" +ALTERNATIVE_LINK_NAME[nagios] = "${localstatedir}/nagios" diff --git a/external/meta-virtualization/recipes-extended/nagios/nagios-nsca/0001-Fix-missing-argument-in-open-calls.patch b/external/meta-virtualization/recipes-extended/nagios/nagios-nsca/0001-Fix-missing-argument-in-open-calls.patch deleted file mode 100644 index 6b39fec5..00000000 --- a/external/meta-virtualization/recipes-extended/nagios/nagios-nsca/0001-Fix-missing-argument-in-open-calls.patch +++ /dev/null @@ -1,52 +0,0 @@ -From da37e6ce2a8cc315845440488cd2f8dab0a17bfe Mon Sep 17 00:00:00 2001 -From: "John C. Frickson" <jfrickson@nagios.com> -Date: Wed, 7 Oct 2015 14:06:58 -0500 -Subject: [PATCH] Fix missing argument in open calls - -Commit b9f2c08dfdf31430f972a48781fc115c4af13cfe -from https://github.com/NagiosEnterprises/nsca - -Fix for issue http://tracker.nagios.org/view.php?id=286 - -Upstream-Status: Backport - -Singed-off-by: John C. Frickson <jfrickson@nagios.com> -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> -[MA: Context updated to allow application to older version] -Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> ---- - Changelog | 4 ++++ - src/nsca.c | 2 +- - 2 files changed, 5 insertions(+), 1 deletion(-) - -diff --git a/Changelog b/Changelog -index 3a7edd4..00ea11e 100644 ---- a/Changelog -+++ b/Changelog -@@ -2,6 +2,10 @@ - NSCA Changelog - ************** - -+2.9.x - xx/xx/xxxx -+------------------ -+- Fix missing argument in open calls (Xavier Bachelot / John Frickson) -+ - 2.9.1 - 01/27/2012 - ------------------ - - Applied patch to allow packets arriving with a future time stamp (Daniel Wittenberg) -diff --git a/src/nsca.c b/src/nsca.c -index 6b0e436..0e70b8b 100644 ---- a/src/nsca.c -+++ b/src/nsca.c -@@ -477,7 +477,7 @@ static int read_config_file(char *filename){ - int checkresult_test_fd=-1; - char *checkresult_test=NULL; - asprintf(&checkresult_test,"%s/nsca.test.%i",check_result_path,getpid()); -- checkresult_test_fd=open(checkresult_test,O_WRONLY|O_CREAT); -+ checkresult_test_fd=open(checkresult_test,O_WRONLY|O_CREAT,S_IWUSR); - if (checkresult_test_fd>0){ - unlink(checkresult_test); - } --- -2.11.0 - diff --git a/external/meta-virtualization/recipes-extended/nagios/nagios-nsca_2.9.1.bb b/external/meta-virtualization/recipes-extended/nagios/nagios-nsca_2.9.2.bb index f53a47a0..d342810c 100644 --- a/external/meta-virtualization/recipes-extended/nagios/nagios-nsca_2.9.1.bb +++ b/external/meta-virtualization/recipes-extended/nagios/nagios-nsca_2.9.2.bb @@ -6,18 +6,17 @@ SECTION = "console/network" PRIORITY = "optional" LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://src/nsca.c;beginline=1;endline=16;md5=c1bd17485c5c1dd42f664fe8b3528674" +LIC_FILES_CHKSUM = "file://src/nsca.c;beginline=1;endline=16;md5=dd7a195cc7d8a3ebcfabd65360d0cab4" SRCNAME = "nsca" SRC_URI = "http://prdownloads.sourceforge.net/sourceforge/nagios/${SRCNAME}-${PV}.tar.gz \ file://init-script.in \ file://nagios-nsca.service \ - file://0001-Fix-missing-argument-in-open-calls.patch \ " -SRC_URI[md5sum] = "3fe2576a8cc5b252110a93f4c8d978c6" -SRC_URI[sha256sum] = "fb12349e50838c37954fe896ba6a026c09eaeff2f9408508ad7ede53e9ea9580" +SRC_URI[md5sum] = "43f638c51367a3170476ed106fbb4858" +SRC_URI[sha256sum] = "96eb04ef695873ce462e3f8db08e8a49456ff9595d11acf70a3dd8a2c4af3b5e" S = "${WORKDIR}/${SRCNAME}-${PV}" @@ -26,7 +25,7 @@ inherit update-rc.d autotools-brokensep systemd dos2unix DEPENDS = "libmcrypt" EXTRA_OECONF += "--with-nsca-user=${NAGIOS_USER} \ - --with-nsca-group=${NAGIOS_GROUP} \ + --with-nsca-grp=${NAGIOS_GROUP} \ --with-libmcrypt-prefix=${STAGING_DIR_HOST} \ ac_cv_path_LIBMCRYPT_CONFIG=${STAGING_BINDIR_CROSS}/libmcrypt-config \ ac_cv_lib_wrap_main=no \ diff --git a/external/meta-virtualization/recipes-extended/seabios/seabios/python3.patch b/external/meta-virtualization/recipes-extended/seabios/seabios/python3.patch new file mode 100644 index 00000000..a2786fd7 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/seabios/seabios/python3.patch @@ -0,0 +1,13 @@ +diff --git a/Makefile b/Makefile +index 516cb38..7f6acaa 100644 +--- a/Makefile ++++ b/Makefile +@@ -22,7 +22,7 @@ LD=$(CROSS_PREFIX)ld + OBJCOPY=$(CROSS_PREFIX)objcopy + OBJDUMP=$(CROSS_PREFIX)objdump + STRIP=$(CROSS_PREFIX)strip +-PYTHON=python ++PYTHON=python3 + CPP=$(CROSS_PREFIX)cpp + IASL:=iasl + LD32BIT_FLAG:=-melf_i386 diff --git a/external/meta-virtualization/recipes-extended/seabios/seabios_1.11.2.bb b/external/meta-virtualization/recipes-extended/seabios/seabios_1.13.0.bb index 81eaec96..4cf44201 100644 --- a/external/meta-virtualization/recipes-extended/seabios/seabios_1.11.2.bb +++ b/external/meta-virtualization/recipes-extended/seabios/seabios_1.13.0.bb @@ -3,22 +3,25 @@ HOMEPAGE = "http://www.coreboot.org/SeaBIOS" LICENSE = "LGPLv3" SECTION = "firmware" +inherit python3native + SRC_URI = " \ - https://github.com/qemu/seabios/archive/rel-${PV}.tar.gz \ + https://www.seabios.org/downloads/seabios-${PV}.tar.gz \ file://hostcc.patch \ + file://python3.patch \ " -S = "${WORKDIR}/${PN}-rel-${PV}" +S = "${WORKDIR}/${PN}-${PV}" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ file://COPYING.LESSER;md5=6a6a8e020838b23406c81b19c1d46df6 \ " -SRC_URI[md5sum] = "3f78065837dbd8873513a1b7d5276e78" -SRC_URI[sha256sum] = "73e73c8e406d97265782f6c942b3c1d178ed4f4afc9f381b22336c3968291693" +SRC_URI[md5sum] = "1dc1725bac1d230bfd6b3204eed4f2f7" +SRC_URI[sha256sum] = "37673dc2d6308591b15bdb94e5bcc3e99bdb40198d2247733c43f50b55dbe703" FILES_${PN} = "/usr/share/firmware" -DEPENDS = "util-linux-native file-native bison-native flex-native gettext-native acpica-native python-native" +DEPENDS += "util-linux-native file-native bison-native flex-native gettext-native acpica-native" TUNE_CCARGS = "" EXTRA_OEMAKE += "HOSTCC='${BUILD_CC}'" diff --git a/external/meta-virtualization/recipes-extended/uxen/README.md b/external/meta-virtualization/recipes-extended/uxen/README.md new file mode 100644 index 00000000..09733833 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/uxen/README.md @@ -0,0 +1,48 @@ +# uXen : Open Source type-2 hypervisor support + +For any issues with the uXen recipes please make sure you CC: + + christopher.w.clark@gmail.com + +## uxen-guest-tools : software for within guest VMs, kernel modules + +* uxenhc : hypercall driver +* uxenfb : framebuffer driver +* uxenhid : Human Input Device driver +* uxennet : virtual network device driver +* uxenplatform : uXen platform device driver +* uxenstor : virtual storage device driver +* uxenv4vlib : v4v, Hypervisor-Mediated data eXchange +* v4vvsock : v4v vsock virtual network device driver +* v4vtest : basic v4v vsock test + +To produce a bootable VM disk image file: + + wic create directdisk -e uxen-guest-image-minimal + +To test, copy the .direct file that wic produces to the host with uXen installed and write the following to a new file: `linux-vm.json`. Update the file path within it to point to your wic-generated disk image: + + { + "name" : "Linux Virtual Machine", + "boot-order" : "c", + "block" : + { "id": "ich0", "proto" : "raw", "xsnapshot" : true, + "path" : "c:/Users/Yocto/directdisk-202001010100-sda.direct" }, + "memory" : 768, + "net" : { "type" : "nic", "model" : "e1000" }, + "hpet" : 1, + "vcpus" : 1, + "use-v4v-net" : 1, + "v4v-storage" : true, + + "" : "" + } + +and then boot it: + + uxendm -F linux-vm.json + +References: + https://www.bromium.com/opensource + https://github.com/uxen-virt + https://www.platformsecuritysummit.com/2018/speaker/pratt/ diff --git a/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools/fix-Makefile-for-OE-kernel-build.patch b/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools/fix-Makefile-for-OE-kernel-build.patch new file mode 100644 index 00000000..db4c53f5 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools/fix-Makefile-for-OE-kernel-build.patch @@ -0,0 +1,36 @@ +# OpenEmbedded uses KERNEL_SRC instead of KDIR +# and enable the modules_install target. +# Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> +diff --git a/Makefile b/Makefile +index 3fd3075..80cf0fe 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,10 +1,13 @@ + ifneq ($(KERNELRELEASE),) + # kbuild part of makefile +-else ++include Kbuild + +-KVERSION ?= $(shell uname -r) +-KDIR := /lib/modules/${KVERSION}/build ++else ++#normal makefile ++KERNEL_VERSION ?= $(shell uname -r) ++KERNEL_SRC ?= /lib/modules/${KERNEL_VERSION}/build + UXENDIR ?= $(shell pwd)/include/uxen ++INSTALL_HDR_PATH ?= /usr + + LX_TARGET_FLAGS= -DLX_TARGET_STANDARDVM + LX_TARGET_ATTOVM=n +@@ -19,7 +22,9 @@ EXTRA_CFLAGS=$(LX_TARGET_FLAGS) -g -Wall + NOSTDINC_FLAGS=-I$(shell pwd)/include/ -I$(UXENDIR) -I$(UXENDIR)/xen + + all: +- make -C $(KDIR) $(LX_TARGET) M=$(shell pwd) EXTRA_CFLAGS="$(EXTRA_CFLAGS)" NOSTDINC_FLAGS="$(NOSTDINC_FLAGS)" ++ make -C $(KERNEL_SRC) $(LX_TARGET) M=$(shell pwd) EXTRA_CFLAGS="$(EXTRA_CFLAGS)" NOSTDINC_FLAGS="$(NOSTDINC_FLAGS)" + clean: +- make -C $(KDIR) $(LX_TARGET) M=$(shell pwd) clean ++ make -C $(KERNEL_SRC) $(LX_TARGET) M=$(shell pwd) clean ++modules_install: ++ make -C $(KERNEL_SRC) $(LX_TARGET) M=$(shell pwd) modules_install + endif diff --git a/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools_4.1.7.bb b/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools_4.1.7.bb new file mode 100644 index 00000000..757f1e3b --- /dev/null +++ b/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools_4.1.7.bb @@ -0,0 +1,22 @@ +SUMMARY = "uXen type-2 Open Source hypervisor Linux guest tools" +DESCRIPTION = "Linux guest virtual machine tools for the uXen hypervisor" +HOMEPAGE = "https://www.bromium.com/opensource" +LICENSE = "GPLv2" + +COMPATIBLE_HOST = '(x86_64.*).*-linux' + +SRC_URI = " \ + https://www.bromium.com/wp-content/uploads/2019/06/uxen-vmsupport-linux-${PV}.zip;name=uxen \ + https://www.bromium.com/wp-content/uploads/2019/11/Bromium-4.1.8-Open-Source-Software.pdf;name=license \ + file://fix-Makefile-for-OE-kernel-build.patch \ + " + +SRC_URI[uxen.sha384sum] = "d9d7a1fa5c44ac77eea3d8d4756f9e07fc02acfe12606325ff0bb8a60c07abc3e9ddb80c2039797fb2122d750219722f" +SRC_URI[license.sha384sum] = "92e48c614df3094cb52321d4c4e01f6df5526d46aee5c6fa36c43ee23d4c33f03baa1fc5f6f29efafff636b6d13bc92c" + +# The software license is GPLv2: please see page 199 of the pdf document +LIC_FILES_CHKSUM = "file://../Bromium-4.1.8-Open-Source-Software.pdf;md5=cf120df6ffa417b36f870a9997650049" + +S = "${WORKDIR}/uxen-vmsupport-linux-${PV}" + +inherit module diff --git a/external/meta-virtualization/recipes-extended/xen/README b/external/meta-virtualization/recipes-extended/xen/README index 3686530c..34e79774 100644 --- a/external/meta-virtualization/recipes-extended/xen/README +++ b/external/meta-virtualization/recipes-extended/xen/README @@ -1,7 +1,9 @@ Xen --- -For any issues with the xen recipes please make sure you CC cardoe@gentoo.org +For any issues with the Xen recipes please make sure you CC: + christopher.w.clark@gmail.com + cardoe@gentoo.org configuring the hypervisor -------------------------- @@ -14,6 +16,15 @@ copy it to your Yocto layer as 'defconfig' inside of 'recipes-extended/xen/files/' and then create a bbappend adding 'file://defconfig' to your SRC_URI. +To generate your own .config file for Xen, you can use the interactive +menuconfig via bitbake: + + bitbake xen -c menuconfig + +Select the config settings that you want and Save the file. If you save it to +the default ".config" file when prompted by menuconfig, you can find it in the +'xen' subdirectory of the build tree. + security patches ---------------- diff --git a/external/meta-virtualization/recipes-extended/xen/files/0001-python-pygrub-pass-DISTUTILS-env-vars-as-setup.py-ar.patch b/external/meta-virtualization/recipes-extended/xen/files/0001-python-pygrub-pass-DISTUTILS-xen.4.12.patch index 03c39fe7..96e907d5 100644 --- a/external/meta-virtualization/recipes-extended/xen/files/0001-python-pygrub-pass-DISTUTILS-env-vars-as-setup.py-ar.patch +++ b/external/meta-virtualization/recipes-extended/xen/files/0001-python-pygrub-pass-DISTUTILS-xen.4.12.patch @@ -9,21 +9,23 @@ This is especially useful when the target libdir is not the default one (/usr/lib), but for example /usr/lib64. Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com> ---- - tools/pygrub/Makefile | 5 +++-- - tools/python/Makefile | 4 ++-- - 2 files changed, 5 insertions(+), 4 deletions(-) + +Forward-ported to Xen 4.12.0 +Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> + +Modified to support pygrub installation with python 3 +Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> diff --git a/tools/pygrub/Makefile b/tools/pygrub/Makefile -index 536af07932b4..e1c773101412 100644 +index 3063c49..513314b 100644 --- a/tools/pygrub/Makefile +++ b/tools/pygrub/Makefile -@@ -10,14 +10,15 @@ INSTALL_LOG = build/installed_files.txt +@@ -10,14 +10,17 @@ INSTALL_LOG = build/installed_files.txt all: build .PHONY: build build: -- CC="$(CC)" CFLAGS="$(PY_CFLAGS)" $(PYTHON) setup.py build -+ CC="$(CC)" CFLAGS="$(PY_CFLAGS)" $(PYTHON) setup.py build $(DISTUTILS_BUILD_ARGS) +- CC="$(CC)" CFLAGS="$(PY_CFLAGS)" LDFLAGS="$(PY_LDFLAGS)" $(PYTHON) setup.py build ++ CC="$(CC)" CFLAGS="$(PY_CFLAGS)" LDFLAGS="$(PY_LDFLAGS)" $(PYTHON) setup.py build $(DISTUTILS_BUILD_ARGS) .PHONY: install install: all @@ -33,11 +35,13 @@ index 536af07932b4..e1c773101412 100644 - --root="$(DESTDIR)" --install-scripts=$(LIBEXEC_BIN) --force + --root="$(DESTDIR)" --install-scripts=$(LIBEXEC_BIN) --force \ + $(DISTUTILS_INSTALL_ARGS) ++ rm -f $(DESTDIR)/$(LIBEXEC_BIN)/pygrub ++ $(INSTALL_PYTHON_PROG) src/pygrub $(DESTDIR)/$(LIBEXEC_BIN)/pygrub set -e; if [ $(bindir) != $(LIBEXEC_BIN) -a \ "`readlink -f $(DESTDIR)/$(bindir)`" != \ "`readlink -f $(LIBEXEC_BIN)`" ]; then \ diff --git a/tools/python/Makefile b/tools/python/Makefile -index 541858e2f886..4d4a344f1d33 100644 +index 541858e..4d4a344 100644 --- a/tools/python/Makefile +++ b/tools/python/Makefile @@ -10,7 +10,7 @@ INSTALL_LOG = build/installed_files.txt @@ -58,6 +62,3 @@ index 541858e2f886..4d4a344f1d33 100644 $(INSTALL_PROG) scripts/convert-legacy-stream $(DESTDIR)$(LIBEXEC_BIN) $(INSTALL_PROG) scripts/verify-stream-v2 $(DESTDIR)$(LIBEXEC_BIN) --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch b/external/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch deleted file mode 100644 index 4bbf21a1..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: src/core/dhcp.c -=================================================================== ---- a/src/core/dhcp.c -+++ b/src/core/dhcp.c -@@ -1356,7 +1358,7 @@ dhcp_create_request(struct netif *netif) - dhcp->msg_out->giaddr.addr = 0; - for (i = 0; i < DHCP_CHADDR_LEN; i++) { - /* copy netif hardware address, pad with zeroes */ -- dhcp->msg_out->chaddr[i] = (i < netif->hwaddr_len) ? netif->hwaddr[i] : 0/* pad byte*/; -+ dhcp->msg_out->chaddr[i] = (i < (netif->hwaddr_len > NETIF_MAX_HWADDR_LEN ? NETIF_MAX_HWADDR_LEN : netif->hwaddr_len)) ? netif->hwaddr[i] : 0/* pad byte*/; - } - for (i = 0; i < DHCP_SNAME_LEN; i++) { - dhcp->msg_out->sname[i] = 0; diff --git a/external/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs b/external/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs deleted file mode 100644 index b2718778..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs +++ /dev/null @@ -1,2398 +0,0 @@ -? .ChangeLog.swp -? ChangeLog -Index: CHANGELOG -=================================================================== -RCS file: /sources/lwip/lwip/CHANGELOG,v -retrieving revision 1.300 -retrieving revision 1.318 -diff -u -p -r1.300 -r1.318 ---- a/CHANGELOG 23 Mar 2008 13:49:39 -0000 1.300 -+++ b/CHANGELOG 14 Jul 2008 20:12:36 -0000 1.318 -@@ -19,9 +19,77 @@ HISTORY - - ++ New features: - -+ 2008-06-30 Simon Goldschmidt -+ * mem.c, opt.h, stats.h: fixed bug #21433: Calling mem_free/pbuf_free from -+ interrupt context isn't safe: LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT allows -+ mem_free to run between mem_malloc iterations. Added illegal counter for -+ mem stats. -+ -+ 2008-06-27 Simon Goldschmidt -+ * stats.h/.c, some other files: patch #6483: stats module improvement: -+ Added defines to display each module's statistic individually, added stats -+ defines for MEM, MEMP and SYS modules, removed (unused) rexmit counter. -+ -+ 2008-06-17 Simon Goldschmidt -+ * err.h: patch #6459: Made err_t overridable to use a more efficient type -+ (define LWIP_ERR_T in cc.h) -+ -+ 2008-06-17 Simon Goldschmidt -+ * slipif.c: patch #6480: Added a configuration option for slipif for symmetry -+ to loopif -+ -+ 2008-06-17 Simon Goldschmidt (patch by Luca Ceresoli) -+ * netif.c, loopif.c, ip.c, netif.h, loopif.h, opt.h: Checked in slightly -+ modified version of patch # 6370: Moved loopif code to netif.c so that -+ loopback traffic is supported on all netifs (all local IPs). -+ Added option to limit loopback packets for each netifs. -+ - - ++ Bugfixes: - -+ 2008-08-14 Simon Goldschmidt -+ * api_msg.c: fixed bug #23847: do_close_internal references freed memory (when -+ tcp_close returns != ERR_OK) -+ -+ 2008-07-08 Frédéric Bernon -+ * stats.h: Fix some build bugs introduced with patch #6483 (missing some parameters -+ in macros, mainly if MEM_STATS=0 and MEMP_STATS=0). -+ -+ 2008-06-24 Jonathan Larmour -+ * tcp_in.c: Fix for bug #23693 as suggested by Art R. Ensure cseg is unused -+ if tcp_seg_copy fails. -+ -+ 2008-06-17 Simon Goldschmidt -+ * inet_chksum.c: Checked in some ideas of patch #6460 (loop optimizations) -+ and created defines for swapping bytes and folding u32 to u16. -+ -+ 2008-05-30 Kieran Mansley -+ * tcp_in.c Remove redundant "if" statement, and use real rcv_wnd -+ rather than rcv_ann_wnd when deciding if packets are in-window. -+ Contributed by <arasmussen@consultant.datasys.swri.edu> -+ -+ 2008-05-30 Kieran Mansley -+ * mem.h: Fix BUG#23254. Change macro definition of mem_* to allow -+ passing as function pointers when MEM_LIBC_MALLOC is defined. -+ -+ 2008-05-09 Jonathan Larmour -+ * err.h, err.c, sockets.c: Fix bug #23119: Reorder timeout error code to -+ stop it being treated as a fatal error. -+ -+ 2008-04-15 Simon Goldschmidt -+ * dhcp.c: fixed bug #22804: dhcp_stop doesn't clear NETIF_FLAG_DHCP -+ (flag now cleared) -+ -+ 2008-03-27 Simon Goldschmidt -+ * mem.c, tcpip.c, tcpip.h, opt.h: fixed bug #21433 (Calling mem_free/pbuf_free -+ from interrupt context isn't safe): set LWIP_USE_HEAP_FROM_INTERRUPT to 1 -+ in lwipopts.h or use pbuf_free_callback(p)/mem_free_callback(m) to free pbufs -+ or heap memory from interrupt context -+ -+ 2008-03-26 Simon Goldschmidt -+ * tcp_in.c, tcp.c: fixed bug #22249: division by zero could occur if a remote -+ host sent a zero mss as TCP option. -+ - - (STABLE-1.3.0) - -Index: src/api/api_msg.c -=================================================================== -RCS file: /sources/lwip/lwip/src/api/api_msg.c,v -retrieving revision 1.102 -retrieving revision 1.104 -diff -u -p -r1.102 -r1.104 ---- a/src/api/api_msg.c 21 Mar 2008 16:23:14 -0000 1.102 -+++ b/src/api/api_msg.c 15 Jul 2008 11:18:58 -0000 1.104 -@@ -598,11 +598,16 @@ do_close_internal(struct netconn *conn) - LWIP_ASSERT("pcb already closed", (conn->pcb.tcp != NULL)); - - /* Set back some callback pointers */ -+ tcp_arg(conn->pcb.tcp, NULL); - if (conn->pcb.tcp->state == LISTEN) { -- tcp_arg(conn->pcb.tcp, NULL); - tcp_accept(conn->pcb.tcp, NULL); - } else { - tcp_recv(conn->pcb.tcp, NULL); -+ tcp_accept(conn->pcb.tcp, NULL); -+ /* some callbacks have to be reset if tcp_close is not successful */ -+ tcp_sent(conn->pcb.tcp, NULL); -+ tcp_poll(conn->pcb.tcp, NULL, 4); -+ tcp_err(conn->pcb.tcp, NULL); - } - /* Try to close the connection */ - err = tcp_close(conn->pcb.tcp); -@@ -610,11 +615,6 @@ do_close_internal(struct netconn *conn) - /* Closing succeeded */ - conn->state = NETCONN_NONE; - /* Set back some callback pointers as conn is going away */ -- tcp_err(conn->pcb.tcp, NULL); -- tcp_poll(conn->pcb.tcp, NULL, 4); -- tcp_sent(conn->pcb.tcp, NULL); -- tcp_recv(conn->pcb.tcp, NULL); -- tcp_arg(conn->pcb.tcp, NULL); - conn->pcb.tcp = NULL; - conn->err = ERR_OK; - /* Trigger select() in socket layer. This send should something else so the -@@ -623,6 +623,14 @@ do_close_internal(struct netconn *conn) - API_EVENT(conn, NETCONN_EVT_SENDPLUS, 0); - /* wake up the application task */ - sys_sem_signal(conn->op_completed); -+ } else { -+ /* Closing failed, restore some of the callbacks */ -+ /* Closing of listen pcb will never fail! */ -+ LWIP_ASSERT("Closing a listen pcb may not fail!", (conn->pcb.tcp->state != LISTEN)); -+ tcp_sent(conn->pcb.tcp, sent_tcp); -+ tcp_poll(conn->pcb.tcp, poll_tcp, 4); -+ tcp_err(conn->pcb.tcp, err_tcp); -+ tcp_arg(conn->pcb.tcp, conn); - } - /* If closing didn't succeed, we get called again either - from poll_tcp or from sent_tcp */ -Index: src/api/err.c -=================================================================== -RCS file: /sources/lwip/lwip/src/api/err.c,v -retrieving revision 1.11 -retrieving revision 1.12 -diff -u -p -r1.11 -r1.12 ---- a/src/api/err.c 13 Dec 2007 23:06:50 -0000 1.11 -+++ b/src/api/err.c 9 May 2008 12:14:23 -0000 1.12 -@@ -44,17 +44,17 @@ static const char *err_strerr[] = { - "Ok.", /* ERR_OK 0 */ - "Out of memory error.", /* ERR_MEM -1 */ - "Buffer error.", /* ERR_BUF -2 */ -- "Routing problem.", /* ERR_RTE -3 */ -- "Connection aborted.", /* ERR_ABRT -4 */ -- "Connection reset.", /* ERR_RST -5 */ -- "Connection closed.", /* ERR_CLSD -6 */ -- "Not connected.", /* ERR_CONN -7 */ -- "Illegal value.", /* ERR_VAL -8 */ -- "Illegal argument.", /* ERR_ARG -9 */ -- "Address in use.", /* ERR_USE -10 */ -- "Low-level netif error.", /* ERR_IF -11 */ -- "Already connected.", /* ERR_ISCONN -12 */ -- "Timeout.", /* ERR_TIMEOUT -13 */ -+ "Timeout.", /* ERR_TIMEOUT -3 */ -+ "Routing problem.", /* ERR_RTE -4 */ -+ "Connection aborted.", /* ERR_ABRT -5 */ -+ "Connection reset.", /* ERR_RST -6 */ -+ "Connection closed.", /* ERR_CLSD -7 */ -+ "Not connected.", /* ERR_CONN -8 */ -+ "Illegal value.", /* ERR_VAL -9 */ -+ "Illegal argument.", /* ERR_ARG -10 */ -+ "Address in use.", /* ERR_USE -11 */ -+ "Low-level netif error.", /* ERR_IF -12 */ -+ "Already connected.", /* ERR_ISCONN -13 */ - "Operation in progress." /* ERR_INPROGRESS -14 */ - }; - -Index: src/api/netdb.c -=================================================================== -RCS file: /sources/lwip/lwip/src/api/netdb.c,v -retrieving revision 1.4 -retrieving revision 1.5 -diff -u -p -r1.4 -r1.5 ---- a/src/api/netdb.c 26 Jan 2008 16:11:39 -0000 1.4 -+++ b/src/api/netdb.c 16 Jul 2008 20:36:12 -0000 1.5 -@@ -326,7 +326,8 @@ lwip_getaddrinfo(const char *nodename, c - if (nodename != NULL) { - /* copy nodename to canonname if specified */ - size_t namelen = strlen(nodename); -- ai->ai_canonname = mem_malloc(namelen + 1); -+ LWIP_ASSERT("namelen is too long", (namelen + 1) <= (mem_size_t)-1); -+ ai->ai_canonname = mem_malloc((mem_size_t)(namelen + 1)); - if (ai->ai_canonname == NULL) { - goto memerr; - } -Index: src/api/sockets.c -=================================================================== -RCS file: /sources/lwip/lwip/src/api/sockets.c,v -retrieving revision 1.116 -retrieving revision 1.117 -diff -u -p -r1.116 -r1.117 ---- a/src/api/sockets.c 13 Mar 2008 20:03:57 -0000 1.116 -+++ b/src/api/sockets.c 9 May 2008 12:14:24 -0000 1.117 -@@ -128,17 +128,17 @@ static const int err_to_errno_table[] = - 0, /* ERR_OK 0 No error, everything OK. */ - ENOMEM, /* ERR_MEM -1 Out of memory error. */ - ENOBUFS, /* ERR_BUF -2 Buffer error. */ -- EHOSTUNREACH, /* ERR_RTE -3 Routing problem. */ -- ECONNABORTED, /* ERR_ABRT -4 Connection aborted. */ -- ECONNRESET, /* ERR_RST -5 Connection reset. */ -- ESHUTDOWN, /* ERR_CLSD -6 Connection closed. */ -- ENOTCONN, /* ERR_CONN -7 Not connected. */ -- EINVAL, /* ERR_VAL -8 Illegal value. */ -- EIO, /* ERR_ARG -9 Illegal argument. */ -- EADDRINUSE, /* ERR_USE -10 Address in use. */ -- -1, /* ERR_IF -11 Low-level netif error */ -- -1, /* ERR_ISCONN -12 Already connected. */ -- ETIMEDOUT, /* ERR_TIMEOUT -13 Timeout */ -+ ETIMEDOUT, /* ERR_TIMEOUT -3 Timeout */ -+ EHOSTUNREACH, /* ERR_RTE -4 Routing problem. */ -+ ECONNABORTED, /* ERR_ABRT -5 Connection aborted. */ -+ ECONNRESET, /* ERR_RST -6 Connection reset. */ -+ ESHUTDOWN, /* ERR_CLSD -7 Connection closed. */ -+ ENOTCONN, /* ERR_CONN -8 Not connected. */ -+ EINVAL, /* ERR_VAL -9 Illegal value. */ -+ EIO, /* ERR_ARG -10 Illegal argument. */ -+ EADDRINUSE, /* ERR_USE -11 Address in use. */ -+ -1, /* ERR_IF -12 Low-level netif error */ -+ -1, /* ERR_ISCONN -13 Already connected. */ - EINPROGRESS /* ERR_INPROGRESS -14 Operation in progress */ - }; - -Index: src/api/tcpip.c -=================================================================== -RCS file: /sources/lwip/lwip/src/api/tcpip.c,v -retrieving revision 1.70 -retrieving revision 1.73 -diff -u -p -r1.70 -r1.73 ---- a/src/api/tcpip.c 12 Jan 2008 11:52:22 -0000 1.70 -+++ b/src/api/tcpip.c 27 Jun 2008 20:34:51 -0000 1.73 -@@ -518,4 +518,42 @@ tcpip_init(void (* initfunc)(void *), vo - sys_thread_new(TCPIP_THREAD_NAME, tcpip_thread, NULL, TCPIP_THREAD_STACKSIZE, TCPIP_THREAD_PRIO); - } - -+/** -+ * Simple callback function used with tcpip_callback to free a pbuf -+ * (pbuf_free has a wrong signature for tcpip_callback) -+ * -+ * @param p The pbuf (chain) to be dereferenced. -+ */ -+static void -+pbuf_free_int(void *p) -+{ -+ struct pbuf *q = p; -+ pbuf_free(q); -+} -+ -+/** -+ * A simple wrapper function that allows you to free a pbuf from interrupt context. -+ * -+ * @param p The pbuf (chain) to be dereferenced. -+ * @return ERR_OK if callback could be enqueued, an err_t if not -+ */ -+err_t -+pbuf_free_callback(struct pbuf *p) -+{ -+ return tcpip_callback_with_block(pbuf_free_int, p, 0); -+} -+ -+/** -+ * A simple wrapper function that allows you to free heap memory from -+ * interrupt context. -+ * -+ * @param m the heap memory to free -+ * @return ERR_OK if callback could be enqueued, an err_t if not -+ */ -+err_t -+mem_free_callback(void *m) -+{ -+ return tcpip_callback_with_block(mem_free, m, 0); -+} -+ - #endif /* !NO_SYS */ -Index: src/core/dhcp.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/dhcp.c,v -retrieving revision 1.86 -retrieving revision 1.87 -diff -u -p -r1.86 -r1.87 ---- a/src/core/dhcp.c 4 Mar 2008 14:25:58 -0000 1.86 -+++ b/src/core/dhcp.c 15 Apr 2008 17:24:55 -0000 1.87 -@@ -568,6 +568,8 @@ dhcp_start(struct netif *netif) - LWIP_ERROR("netif != NULL", (netif != NULL), return ERR_ARG;); - dhcp = netif->dhcp; - LWIP_DEBUGF(DHCP_DEBUG | LWIP_DBG_TRACE | LWIP_DBG_STATE, ("dhcp_start(netif=%p) %c%c%"U16_F"\n", (void*)netif, netif->name[0], netif->name[1], (u16_t)netif->num)); -+ /* Remove the flag that says this netif is handled by DHCP, -+ it is set when we succeeded starting. */ - netif->flags &= ~NETIF_FLAG_DHCP; - - /* no DHCP client attached yet? */ -@@ -609,6 +611,7 @@ dhcp_start(struct netif *netif) - dhcp_stop(netif); - return ERR_MEM; - } -+ /* Set the flag that says this netif is handled by DHCP. */ - netif->flags |= NETIF_FLAG_DHCP; - return result; - } -@@ -1063,6 +1066,8 @@ dhcp_stop(struct netif *netif) - { - struct dhcp *dhcp = netif->dhcp; - LWIP_ERROR("dhcp_stop: netif != NULL", (netif != NULL), return;); -+ /* Remove the flag that says this netif is handled by DHCP. */ -+ netif->flags &= ~NETIF_FLAG_DHCP; - - LWIP_DEBUGF(DHCP_DEBUG | LWIP_DBG_TRACE | 3, ("dhcp_stop()\n")); - /* netif is DHCP configured? */ -Index: src/core/mem.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/mem.c,v -retrieving revision 1.59 -retrieving revision 1.62 -diff -u -p -r1.59 -r1.62 ---- a/src/core/mem.c 4 Mar 2008 16:31:32 -0000 1.59 -+++ b/src/core/mem.c 30 Jun 2008 18:16:51 -0000 1.62 -@@ -177,9 +177,36 @@ static u8_t *ram; - static struct mem *ram_end; - /** pointer to the lowest free block, this is used for faster search */ - static struct mem *lfree; -+ - /** concurrent access protection */ - static sys_sem_t mem_sem; - -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ -+static volatile u8_t mem_free_count; -+ -+/* Allow mem_free from other (e.g. interrupt) context */ -+#define LWIP_MEM_FREE_DECL_PROTECT() SYS_ARCH_DECL_PROTECT(lev_free) -+#define LWIP_MEM_FREE_PROTECT() SYS_ARCH_PROTECT(lev_free) -+#define LWIP_MEM_FREE_UNPROTECT() SYS_ARCH_UNPROTECT(lev_free) -+#define LWIP_MEM_ALLOC_DECL_PROTECT() SYS_ARCH_DECL_PROTECT(lev_alloc) -+#define LWIP_MEM_ALLOC_PROTECT() SYS_ARCH_PROTECT(lev_alloc) -+#define LWIP_MEM_ALLOC_UNPROTECT() SYS_ARCH_UNPROTECT(lev_alloc) -+ -+#else /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ -+/* Protect the heap only by using a semaphore */ -+#define LWIP_MEM_FREE_DECL_PROTECT() -+#define LWIP_MEM_FREE_PROTECT() sys_arch_sem_wait(mem_sem, 0) -+#define LWIP_MEM_FREE_UNPROTECT() sys_sem_signal(mem_sem) -+/* mem_malloc is protected using semaphore AND LWIP_MEM_ALLOC_PROTECT */ -+#define LWIP_MEM_ALLOC_DECL_PROTECT() -+#define LWIP_MEM_ALLOC_PROTECT() -+#define LWIP_MEM_ALLOC_UNPROTECT() -+ -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ -+ - /** - * "Plug holes" by combining adjacent empty struct mems. - * After this function is through, there should not exist -@@ -255,9 +282,7 @@ mem_init(void) - /* initialize the lowest-free pointer to the start of the heap */ - lfree = (struct mem *)ram; - --#if MEM_STATS -- lwip_stats.mem.avail = MEM_SIZE_ALIGNED; --#endif /* MEM_STATS */ -+ MEM_STATS_AVAIL(avail, MEM_SIZE_ALIGNED); - } - - /** -@@ -270,6 +295,7 @@ void - mem_free(void *rmem) - { - struct mem *mem; -+ LWIP_MEM_FREE_DECL_PROTECT(); - - if (rmem == NULL) { - LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_TRACE | 2, ("mem_free(p == NULL) was called.\n")); -@@ -277,20 +303,20 @@ mem_free(void *rmem) - } - LWIP_ASSERT("mem_free: sanity check alignment", (((mem_ptr_t)rmem) & (MEM_ALIGNMENT-1)) == 0); - -- /* protect the heap from concurrent access */ -- sys_arch_sem_wait(mem_sem, 0); -- - LWIP_ASSERT("mem_free: legal memory", (u8_t *)rmem >= (u8_t *)ram && - (u8_t *)rmem < (u8_t *)ram_end); - - if ((u8_t *)rmem < (u8_t *)ram || (u8_t *)rmem >= (u8_t *)ram_end) { -+ SYS_ARCH_DECL_PROTECT(lev); - LWIP_DEBUGF(MEM_DEBUG | 3, ("mem_free: illegal memory\n")); --#if MEM_STATS -- ++lwip_stats.mem.err; --#endif /* MEM_STATS */ -- sys_sem_signal(mem_sem); -+ /* protect mem stats from concurrent access */ -+ SYS_ARCH_PROTECT(lev); -+ MEM_STATS_INC(illegal); -+ SYS_ARCH_UNPROTECT(lev); - return; - } -+ /* protect the heap from concurrent access */ -+ LWIP_MEM_FREE_PROTECT(); - /* Get the corresponding struct mem ... */ - mem = (struct mem *)((u8_t *)rmem - SIZEOF_STRUCT_MEM); - /* ... which has to be in a used state ... */ -@@ -303,13 +329,14 @@ mem_free(void *rmem) - lfree = mem; - } - --#if MEM_STATS -- lwip_stats.mem.used -= mem->next - ((u8_t *)mem - ram); --#endif /* MEM_STATS */ -+ MEM_STATS_DEC_USED(used, mem->next - ((u8_t *)mem - ram)); - - /* finally, see if prev or next are free also */ - plug_holes(mem); -- sys_sem_signal(mem_sem); -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ mem_free_count = 1; -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ LWIP_MEM_FREE_UNPROTECT(); - } - - /** -@@ -321,6 +348,8 @@ mem_free(void *rmem) - * @param newsize required size after shrinking (needs to be smaller than or - * equal to the previous size) - * @return for compatibility reasons: is always == rmem, at the moment -+ * or NULL if newsize is > old size, in which case rmem is NOT touched -+ * or freed! - */ - void * - mem_realloc(void *rmem, mem_size_t newsize) -@@ -328,6 +357,8 @@ mem_realloc(void *rmem, mem_size_t newsi - mem_size_t size; - mem_size_t ptr, ptr2; - struct mem *mem, *mem2; -+ /* use the FREE_PROTECT here: it protects with sem OR SYS_ARCH_PROTECT */ -+ LWIP_MEM_FREE_DECL_PROTECT(); - - /* Expand the size of the allocated memory region so that we can - adjust for alignment. */ -@@ -346,7 +377,12 @@ mem_realloc(void *rmem, mem_size_t newsi - (u8_t *)rmem < (u8_t *)ram_end); - - if ((u8_t *)rmem < (u8_t *)ram || (u8_t *)rmem >= (u8_t *)ram_end) { -+ SYS_ARCH_DECL_PROTECT(lev); - LWIP_DEBUGF(MEM_DEBUG | 3, ("mem_realloc: illegal memory\n")); -+ /* protect mem stats from concurrent access */ -+ SYS_ARCH_PROTECT(lev); -+ MEM_STATS_INC(illegal); -+ SYS_ARCH_UNPROTECT(lev); - return rmem; - } - /* Get the corresponding struct mem ... */ -@@ -366,11 +402,9 @@ mem_realloc(void *rmem, mem_size_t newsi - } - - /* protect the heap from concurrent access */ -- sys_arch_sem_wait(mem_sem, 0); -+ LWIP_MEM_FREE_PROTECT(); - --#if MEM_STATS -- lwip_stats.mem.used -= (size - newsize); --#endif /* MEM_STATS */ -+ MEM_STATS_DEC_USED(used, (size - newsize)); - - mem2 = (struct mem *)&ram[mem->next]; - if(mem2->used == 0) { -@@ -426,7 +460,10 @@ mem_realloc(void *rmem, mem_size_t newsi - -> don't do anyhting. - -> the remaining space stays unused since it is too small - } */ -- sys_sem_signal(mem_sem); -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ mem_free_count = 1; -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ LWIP_MEM_FREE_UNPROTECT(); - return rmem; - } - -@@ -444,6 +481,10 @@ mem_malloc(mem_size_t size) - { - mem_size_t ptr, ptr2; - struct mem *mem, *mem2; -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ u8_t local_mem_free_count = 0; -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ LWIP_MEM_ALLOC_DECL_PROTECT(); - - if (size == 0) { - return NULL; -@@ -464,88 +505,101 @@ mem_malloc(mem_size_t size) - - /* protect the heap from concurrent access */ - sys_arch_sem_wait(mem_sem, 0); -+ LWIP_MEM_ALLOC_PROTECT(); -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ /* run as long as a mem_free disturbed mem_malloc */ -+ do { -+ local_mem_free_count = 0; -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ -+ /* Scan through the heap searching for a free block that is big enough, -+ * beginning with the lowest free block. -+ */ -+ for (ptr = (u8_t *)lfree - ram; ptr < MEM_SIZE_ALIGNED - size; -+ ptr = ((struct mem *)&ram[ptr])->next) { -+ mem = (struct mem *)&ram[ptr]; -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ mem_free_count = 0; -+ LWIP_MEM_ALLOC_UNPROTECT(); -+ /* allow mem_free to run */ -+ LWIP_MEM_ALLOC_PROTECT(); -+ if (mem_free_count != 0) { -+ local_mem_free_count = mem_free_count; -+ } -+ mem_free_count = 0; -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ - -- /* Scan through the heap searching for a free block that is big enough, -- * beginning with the lowest free block. -- */ -- for (ptr = (u8_t *)lfree - ram; ptr < MEM_SIZE_ALIGNED - size; -- ptr = ((struct mem *)&ram[ptr])->next) { -- mem = (struct mem *)&ram[ptr]; -- -- if ((!mem->used) && -- (mem->next - (ptr + SIZEOF_STRUCT_MEM)) >= size) { -- /* mem is not used and at least perfect fit is possible: -- * mem->next - (ptr + SIZEOF_STRUCT_MEM) gives us the 'user data size' of mem */ -- -- if (mem->next - (ptr + SIZEOF_STRUCT_MEM) >= (size + SIZEOF_STRUCT_MEM + MIN_SIZE_ALIGNED)) { -- /* (in addition to the above, we test if another struct mem (SIZEOF_STRUCT_MEM) containing -- * at least MIN_SIZE_ALIGNED of data also fits in the 'user data space' of 'mem') -- * -> split large block, create empty remainder, -- * remainder must be large enough to contain MIN_SIZE_ALIGNED data: if -- * mem->next - (ptr + (2*SIZEOF_STRUCT_MEM)) == size, -- * struct mem would fit in but no data between mem2 and mem2->next -- * @todo we could leave out MIN_SIZE_ALIGNED. We would create an empty -- * region that couldn't hold data, but when mem->next gets freed, -- * the 2 regions would be combined, resulting in more free memory -- */ -- ptr2 = ptr + SIZEOF_STRUCT_MEM + size; -- /* create mem2 struct */ -- mem2 = (struct mem *)&ram[ptr2]; -- mem2->used = 0; -- mem2->next = mem->next; -- mem2->prev = ptr; -- /* and insert it between mem and mem->next */ -- mem->next = ptr2; -- mem->used = 1; -- -- if (mem2->next != MEM_SIZE_ALIGNED) { -- ((struct mem *)&ram[mem2->next])->prev = ptr2; -- } --#if MEM_STATS -- lwip_stats.mem.used += (size + SIZEOF_STRUCT_MEM); -- if (lwip_stats.mem.max < lwip_stats.mem.used) { -- lwip_stats.mem.max = lwip_stats.mem.used; -+ if ((!mem->used) && -+ (mem->next - (ptr + SIZEOF_STRUCT_MEM)) >= size) { -+ /* mem is not used and at least perfect fit is possible: -+ * mem->next - (ptr + SIZEOF_STRUCT_MEM) gives us the 'user data size' of mem */ -+ -+ if (mem->next - (ptr + SIZEOF_STRUCT_MEM) >= (size + SIZEOF_STRUCT_MEM + MIN_SIZE_ALIGNED)) { -+ /* (in addition to the above, we test if another struct mem (SIZEOF_STRUCT_MEM) containing -+ * at least MIN_SIZE_ALIGNED of data also fits in the 'user data space' of 'mem') -+ * -> split large block, create empty remainder, -+ * remainder must be large enough to contain MIN_SIZE_ALIGNED data: if -+ * mem->next - (ptr + (2*SIZEOF_STRUCT_MEM)) == size, -+ * struct mem would fit in but no data between mem2 and mem2->next -+ * @todo we could leave out MIN_SIZE_ALIGNED. We would create an empty -+ * region that couldn't hold data, but when mem->next gets freed, -+ * the 2 regions would be combined, resulting in more free memory -+ */ -+ ptr2 = ptr + SIZEOF_STRUCT_MEM + size; -+ /* create mem2 struct */ -+ mem2 = (struct mem *)&ram[ptr2]; -+ mem2->used = 0; -+ mem2->next = mem->next; -+ mem2->prev = ptr; -+ /* and insert it between mem and mem->next */ -+ mem->next = ptr2; -+ mem->used = 1; -+ -+ if (mem2->next != MEM_SIZE_ALIGNED) { -+ ((struct mem *)&ram[mem2->next])->prev = ptr2; -+ } -+ MEM_STATS_INC_USED(used, (size + SIZEOF_STRUCT_MEM)); -+ } else { -+ /* (a mem2 struct does no fit into the user data space of mem and mem->next will always -+ * be used at this point: if not we have 2 unused structs in a row, plug_holes should have -+ * take care of this). -+ * -> near fit or excact fit: do not split, no mem2 creation -+ * also can't move mem->next directly behind mem, since mem->next -+ * will always be used at this point! -+ */ -+ mem->used = 1; -+ MEM_STATS_INC_USED(used, mem->next - ((u8_t *)mem - ram)); - } --#endif /* MEM_STATS */ -- } else { -- /* (a mem2 struct does no fit into the user data space of mem and mem->next will always -- * be used at this point: if not we have 2 unused structs in a row, plug_holes should have -- * take care of this). -- * -> near fit or excact fit: do not split, no mem2 creation -- * also can't move mem->next directly behind mem, since mem->next -- * will always be used at this point! -- */ -- mem->used = 1; --#if MEM_STATS -- lwip_stats.mem.used += mem->next - ((u8_t *)mem - ram); -- if (lwip_stats.mem.max < lwip_stats.mem.used) { -- lwip_stats.mem.max = lwip_stats.mem.used; -- } --#endif /* MEM_STATS */ -- } - -- if (mem == lfree) { -- /* Find next free block after mem and update lowest free pointer */ -- while (lfree->used && lfree != ram_end) { -- lfree = (struct mem *)&ram[lfree->next]; -+ if (mem == lfree) { -+ /* Find next free block after mem and update lowest free pointer */ -+ while (lfree->used && lfree != ram_end) { -+ LWIP_MEM_ALLOC_UNPROTECT(); -+ /* prevent high interrupt latency... */ -+ LWIP_MEM_ALLOC_PROTECT(); -+ lfree = (struct mem *)&ram[lfree->next]; -+ } -+ LWIP_ASSERT("mem_malloc: !lfree->used", ((lfree == ram_end) || (!lfree->used))); - } -- LWIP_ASSERT("mem_malloc: !lfree->used", ((lfree == ram_end) || (!lfree->used))); -- } -- sys_sem_signal(mem_sem); -- LWIP_ASSERT("mem_malloc: allocated memory not above ram_end.", -- (mem_ptr_t)mem + SIZEOF_STRUCT_MEM + size <= (mem_ptr_t)ram_end); -- LWIP_ASSERT("mem_malloc: allocated memory properly aligned.", -- (unsigned long)((u8_t *)mem + SIZEOF_STRUCT_MEM) % MEM_ALIGNMENT == 0); -- LWIP_ASSERT("mem_malloc: sanity check alignment", -- (((mem_ptr_t)mem) & (MEM_ALIGNMENT-1)) == 0); -+ LWIP_MEM_ALLOC_UNPROTECT(); -+ sys_sem_signal(mem_sem); -+ LWIP_ASSERT("mem_malloc: allocated memory not above ram_end.", -+ (mem_ptr_t)mem + SIZEOF_STRUCT_MEM + size <= (mem_ptr_t)ram_end); -+ LWIP_ASSERT("mem_malloc: allocated memory properly aligned.", -+ (unsigned long)((u8_t *)mem + SIZEOF_STRUCT_MEM) % MEM_ALIGNMENT == 0); -+ LWIP_ASSERT("mem_malloc: sanity check alignment", -+ (((mem_ptr_t)mem) & (MEM_ALIGNMENT-1)) == 0); - -- return (u8_t *)mem + SIZEOF_STRUCT_MEM; -+ return (u8_t *)mem + SIZEOF_STRUCT_MEM; -+ } - } -- } -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ /* if we got interrupted by a mem_free, try again */ -+ } while(local_mem_free_count != 0); -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ - LWIP_DEBUGF(MEM_DEBUG | 2, ("mem_malloc: could not allocate %"S16_F" bytes\n", (s16_t)size)); --#if MEM_STATS -- ++lwip_stats.mem.err; --#endif /* MEM_STATS */ -+ MEM_STATS_INC(err); -+ LWIP_MEM_ALLOC_UNPROTECT(); - sys_sem_signal(mem_sem); - return NULL; - } -Index: src/core/memp.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/memp.c,v -retrieving revision 1.55 -retrieving revision 1.56 -diff -u -p -r1.55 -r1.56 ---- a/src/core/memp.c 25 Nov 2007 10:43:28 -0000 1.55 -+++ b/src/core/memp.c 27 Jun 2008 18:37:54 -0000 1.56 -@@ -252,13 +252,12 @@ memp_init(void) - struct memp *memp; - u16_t i, j; - --#if MEMP_STATS - for (i = 0; i < MEMP_MAX; ++i) { -- lwip_stats.memp[i].used = lwip_stats.memp[i].max = -- lwip_stats.memp[i].err = 0; -- lwip_stats.memp[i].avail = memp_num[i]; -+ MEMP_STATS_AVAIL(used, i, 0); -+ MEMP_STATS_AVAIL(max, i, 0); -+ MEMP_STATS_AVAIL(err, i, 0); -+ MEMP_STATS_AVAIL(avail, i, memp_num[i]); - } --#endif /* MEMP_STATS */ - - memp = LWIP_MEM_ALIGN(memp_memory); - /* for every pool: */ -@@ -315,20 +314,13 @@ memp_malloc_fn(memp_t type, const char* - memp->file = file; - memp->line = line; - #endif /* MEMP_OVERFLOW_CHECK */ --#if MEMP_STATS -- ++lwip_stats.memp[type].used; -- if (lwip_stats.memp[type].used > lwip_stats.memp[type].max) { -- lwip_stats.memp[type].max = lwip_stats.memp[type].used; -- } --#endif /* MEMP_STATS */ -+ MEMP_STATS_INC_USED(used, type); - LWIP_ASSERT("memp_malloc: memp properly aligned", - ((mem_ptr_t)memp % MEM_ALIGNMENT) == 0); - memp = (struct memp*)((u8_t*)memp + MEMP_SIZE); - } else { - LWIP_DEBUGF(MEMP_DEBUG | 2, ("memp_malloc: out of memory in pool %s\n", memp_desc[type])); --#if MEMP_STATS -- ++lwip_stats.memp[type].err; --#endif /* MEMP_STATS */ -+ MEMP_STATS_INC(err, type); - } - - SYS_ARCH_UNPROTECT(old_level); -@@ -365,9 +357,7 @@ memp_free(memp_t type, void *mem) - #endif /* MEMP_OVERFLOW_CHECK >= 2 */ - #endif /* MEMP_OVERFLOW_CHECK */ - --#if MEMP_STATS -- lwip_stats.memp[type].used--; --#endif /* MEMP_STATS */ -+ MEMP_STATS_DEC(used, type); - - memp->next = memp_tab[type]; - memp_tab[type] = memp; -Index: src/core/netif.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/netif.c,v -retrieving revision 1.65 -retrieving revision 1.68 -diff -u -p -r1.65 -r1.68 ---- a/src/core/netif.c 9 Oct 2007 20:00:55 -0000 1.65 -+++ b/src/core/netif.c 19 Jun 2008 16:27:18 -0000 1.68 -@@ -45,6 +45,12 @@ - #include "lwip/snmp.h" - #include "lwip/igmp.h" - #include "netif/etharp.h" -+#if ENABLE_LOOPBACK -+#include "lwip/sys.h" -+#if LWIP_NETIF_LOOPBACK_MULTITHREADING -+#include "lwip/tcpip.h" -+#endif /* LWIP_NETIF_LOOPBACK_MULTITHREADING */ -+#endif /* ENABLE_LOOPBACK */ - - #if LWIP_NETIF_STATUS_CALLBACK - #define NETIF_STATUS_CALLBACK(n) { if (n->status_callback) (n->status_callback)(n); } -@@ -106,6 +112,10 @@ netif_add(struct netif *netif, struct ip - #if LWIP_IGMP - netif->igmp_mac_filter = NULL; - #endif /* LWIP_IGMP */ -+#if ENABLE_LOOPBACK -+ netif->loop_first = NULL; -+ netif->loop_last = NULL; -+#endif /* ENABLE_LOOPBACK */ - - /* remember netif specific state information data */ - netif->state = state; -@@ -114,6 +124,9 @@ netif_add(struct netif *netif, struct ip - #if LWIP_NETIF_HWADDRHINT - netif->addr_hint = NULL; - #endif /* LWIP_NETIF_HWADDRHINT*/ -+#if ENABLE_LOOPBACK && LWIP_LOOPBACK_MAX_PBUFS -+ netif->loop_cnt_current = 0; -+#endif /* ENABLE_LOOPBACK && LWIP_LOOPBACK_MAX_PBUFS */ - - netif_set_addr(netif, ipaddr, netmask, gw); - -@@ -493,7 +506,158 @@ u8_t netif_is_link_up(struct netif *neti - */ - void netif_set_link_callback(struct netif *netif, void (* link_callback)(struct netif *netif )) - { -- if ( netif ) -- netif->link_callback = link_callback; -+ if (netif) { -+ netif->link_callback = link_callback; -+ } - } - #endif /* LWIP_NETIF_LINK_CALLBACK */ -+ -+#if ENABLE_LOOPBACK -+/** -+ * Send an IP packet to be received on the same netif (loopif-like). -+ * The pbuf is simply copied and handed back to netif->input. -+ * In multithreaded mode, this is done directly since netif->input must put -+ * the packet on a queue. -+ * In callback mode, the packet is put on an internal queue and is fed to -+ * netif->input by netif_poll(). -+ * -+ * @param netif the lwip network interface structure -+ * @param p the (IP) packet to 'send' -+ * @param ipaddr the ip address to send the packet to (not used) -+ * @return ERR_OK if the packet has been sent -+ * ERR_MEM if the pbuf used to copy the packet couldn't be allocated -+ */ -+err_t -+netif_loop_output(struct netif *netif, struct pbuf *p, -+ struct ip_addr *ipaddr) -+{ -+ struct pbuf *r; -+ err_t err; -+ struct pbuf *last; -+#if LWIP_LOOPBACK_MAX_PBUFS -+ u8_t clen = 0; -+#endif /* LWIP_LOOPBACK_MAX_PBUFS */ -+ SYS_ARCH_DECL_PROTECT(lev); -+ LWIP_UNUSED_ARG(ipaddr); -+ -+ /* Allocate a new pbuf */ -+ r = pbuf_alloc(PBUF_LINK, p->tot_len, PBUF_RAM); -+ if (r == NULL) { -+ return ERR_MEM; -+ } -+#if LWIP_LOOPBACK_MAX_PBUFS -+ clen = pbuf_clen(r); -+ /* check for overflow or too many pbuf on queue */ -+ if(((netif->loop_cnt_current + clen) < netif->loop_cnt_current) || -+ ((netif->loop_cnt_current + clen) > LWIP_LOOPBACK_MAX_PBUFS)) { -+ pbuf_free(r); -+ r = NULL; -+ return ERR_MEM; -+ } -+ netif->loop_cnt_current += clen; -+#endif /* LWIP_LOOPBACK_MAX_PBUFS */ -+ -+ /* Copy the whole pbuf queue p into the single pbuf r */ -+ if ((err = pbuf_copy(r, p)) != ERR_OK) { -+ pbuf_free(r); -+ r = NULL; -+ return err; -+ } -+ -+ /* Put the packet on a linked list which gets emptied through calling -+ netif_poll(). */ -+ -+ /* let last point to the last pbuf in chain r */ -+ for (last = r; last->next != NULL; last = last->next); -+ -+ SYS_ARCH_PROTECT(lev); -+ if(netif->loop_first != NULL) { -+ LWIP_ASSERT("if first != NULL, last must also be != NULL", netif->loop_last != NULL); -+ netif->loop_last->next = r; -+ netif->loop_last = last; -+ } else { -+ netif->loop_first = r; -+ netif->loop_last = last; -+ } -+ SYS_ARCH_UNPROTECT(lev); -+ -+#if LWIP_NETIF_LOOPBACK_MULTITHREADING -+ /* For multithreading environment, schedule a call to netif_poll */ -+ tcpip_callback(netif_poll, netif); -+#endif /* LWIP_NETIF_LOOPBACK_MULTITHREADING */ -+ -+ return ERR_OK; -+} -+ -+/** -+ * Call netif_poll() in the main loop of your application. This is to prevent -+ * reentering non-reentrant functions like tcp_input(). Packets passed to -+ * netif_loop_output() are put on a list that is passed to netif->input() by -+ * netif_poll(). -+ */ -+void -+netif_poll(struct netif *netif) -+{ -+ struct pbuf *in; -+ SYS_ARCH_DECL_PROTECT(lev); -+ -+ do { -+ /* Get a packet from the list. With SYS_LIGHTWEIGHT_PROT=1, this is protected */ -+ SYS_ARCH_PROTECT(lev); -+ in = netif->loop_first; -+ if(in != NULL) { -+ struct pbuf *in_end = in; -+#if LWIP_LOOPBACK_MAX_PBUFS -+ u8_t clen = pbuf_clen(in); -+ /* adjust the number of pbufs on queue */ -+ LWIP_ASSERT("netif->loop_cnt_current underflow", -+ ((netif->loop_cnt_current - clen) < netif->loop_cnt_current)); -+ netif->loop_cnt_current -= clen; -+#endif /* LWIP_LOOPBACK_MAX_PBUFS */ -+ while(in_end->len != in_end->tot_len) { -+ LWIP_ASSERT("bogus pbuf: len != tot_len but next == NULL!", in_end->next != NULL); -+ in_end = in_end->next; -+ } -+ /* 'in_end' now points to the last pbuf from 'in' */ -+ if(in_end == netif->loop_last) { -+ /* this was the last pbuf in the list */ -+ netif->loop_first = netif->loop_last = NULL; -+ } else { -+ /* pop the pbuf off the list */ -+ netif->loop_first = in_end->next; -+ LWIP_ASSERT("should not be null since first != last!", netif->loop_first != NULL); -+ } -+ /* De-queue the pbuf from its successors on the 'loop_' list. */ -+ in_end->next = NULL; -+ } -+ SYS_ARCH_UNPROTECT(lev); -+ -+ if(in != NULL) { -+ /* loopback packets are always IP packets! */ -+ if(ip_input(in, netif) != ERR_OK) { -+ pbuf_free(in); -+ } -+ /* Don't reference the packet any more! */ -+ in = NULL; -+ } -+ /* go on while there is a packet on the list */ -+ } while(netif->loop_first != NULL); -+} -+ -+#if !LWIP_NETIF_LOOPBACK_MULTITHREADING -+/** -+ * Calls netif_poll() for every netif on the netif_list. -+ */ -+void -+netif_poll_all(void) -+{ -+ struct netif *netif = netif_list; -+ /* loop through netifs */ -+ while (netif != NULL) { -+ netif_poll(netif); -+ /* proceed to next network interface */ -+ netif = netif->next; -+ } -+} -+#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */ -+#endif /* ENABLE_LOOPBACK */ -Index: src/core/pbuf.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/pbuf.c,v -retrieving revision 1.127 -retrieving revision 1.128 -diff -u -p -r1.127 -r1.128 ---- a/src/core/pbuf.c 4 Mar 2008 16:37:46 -0000 1.127 -+++ b/src/core/pbuf.c 1 Apr 2008 19:05:40 -0000 1.128 -@@ -667,8 +667,8 @@ pbuf_dechain(struct pbuf *p) - * - * @note Only one packet is copied, no packet queue! - * -- * @param p_to pbuf source of the copy -- * @param p_from pbuf destination of the copy -+ * @param p_to pbuf destination of the copy -+ * @param p_from pbuf source of the copy - * - * @return ERR_OK if pbuf was copied - * ERR_ARG if one of the pbufs is NULL or p_to is not big -Index: src/core/stats.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/stats.c,v -retrieving revision 1.27 -retrieving revision 1.28 -diff -u -p -r1.27 -r1.28 ---- a/src/core/stats.c 4 Mar 2008 16:31:32 -0000 1.27 -+++ b/src/core/stats.c 27 Jun 2008 18:37:54 -0000 1.28 -@@ -54,7 +54,6 @@ stats_display_proto(struct stats_proto * - { - LWIP_PLATFORM_DIAG(("\n%s\n\t", name)); - LWIP_PLATFORM_DIAG(("xmit: %"STAT_COUNTER_F"\n\t", proto->xmit)); -- LWIP_PLATFORM_DIAG(("rexmit: %"STAT_COUNTER_F"\n\t", proto->rexmit)); - LWIP_PLATFORM_DIAG(("recv: %"STAT_COUNTER_F"\n\t", proto->recv)); - LWIP_PLATFORM_DIAG(("fw: %"STAT_COUNTER_F"\n\t", proto->fw)); - LWIP_PLATFORM_DIAG(("drop: %"STAT_COUNTER_F"\n\t", proto->drop)); -@@ -68,6 +67,7 @@ stats_display_proto(struct stats_proto * - LWIP_PLATFORM_DIAG(("cachehit: %"STAT_COUNTER_F"\n", proto->cachehit)); - } - -+#if IGMP_STATS - void - stats_display_igmp(struct stats_igmp *igmp) - { -@@ -82,7 +82,9 @@ stats_display_igmp(struct stats_igmp *ig - LWIP_PLATFORM_DIAG(("report_rxed: %"STAT_COUNTER_F"\n\t", igmp->report_rxed)); - LWIP_PLATFORM_DIAG(("group_query_rxed: %"STAT_COUNTER_F"\n", igmp->group_query_rxed)); - } -+#endif /* IGMP_STATS */ - -+#if MEM_STATS || MEMP_STATS - void - stats_display_mem(struct stats_mem *mem, char *name) - { -@@ -93,48 +95,53 @@ stats_display_mem(struct stats_mem *mem, - LWIP_PLATFORM_DIAG(("err: %"U32_F"\n", (u32_t)mem->err)); - } - -+#if MEMP_STATS - void --stats_display(void) -+stats_display_memp(struct stats_mem *mem, int index) - { --#if MEMP_STATS -- s16_t i; - char * memp_names[] = { - #define LWIP_MEMPOOL(name,num,size,desc) desc, - #include "lwip/memp_std.h" - }; --#endif --#if LINK_STATS -- stats_display_proto(&lwip_stats.link, "LINK"); --#endif --#if ETHARP_STATS -- stats_display_proto(&lwip_stats.etharp, "ETHARP"); --#endif --#if IPFRAG_STATS -- stats_display_proto(&lwip_stats.ip_frag, "IP_FRAG"); --#endif --#if IP_STATS -- stats_display_proto(&lwip_stats.ip, "IP"); --#endif --#if ICMP_STATS -- stats_display_proto(&lwip_stats.icmp, "ICMP"); --#endif --#if IGMP_STATS -- stats_display_igmp(&lwip_stats.igmp); --#endif --#if UDP_STATS -- stats_display_proto(&lwip_stats.udp, "UDP"); --#endif --#if TCP_STATS -- stats_display_proto(&lwip_stats.tcp, "TCP"); --#endif --#if MEM_STATS -- stats_display_mem(&lwip_stats.mem, "HEAP"); --#endif --#if MEMP_STATS -+ if(index < MEMP_MAX) { -+ stats_display_mem(mem, memp_names[index]); -+ } -+} -+#endif /* MEMP_STATS */ -+#endif /* MEM_STATS || MEMP_STATS */ -+ -+#if SYS_STATS -+void -+stats_display_sys(struct stats_sys *sys) -+{ -+ LWIP_PLATFORM_DIAG(("\nSYS\n\t")); -+ LWIP_PLATFORM_DIAG(("sem.used: %"U32_F"\n\t", (u32_t)sys->sem.used)); -+ LWIP_PLATFORM_DIAG(("sem.max: %"U32_F"\n\t", (u32_t)sys->sem.max)); -+ LWIP_PLATFORM_DIAG(("sem.err: %"U32_F"\n\t", (u32_t)sys->sem.err)); -+ LWIP_PLATFORM_DIAG(("mbox.used: %"U32_F"\n\t", (u32_t)sys->mbox.used)); -+ LWIP_PLATFORM_DIAG(("mbox.max: %"U32_F"\n\t", (u32_t)sys->mbox.max)); -+ LWIP_PLATFORM_DIAG(("mbox.err: %"U32_F"\n\t", (u32_t)sys->mbox.err)); -+} -+#endif /* SYS_STATS */ -+ -+void -+stats_display(void) -+{ -+ s16_t i; -+ -+ LINK_STATS_DISPLAY(); -+ ETHARP_STATS_DISPLAY(); -+ IPFRAG_STATS_DISPLAY(); -+ IP_STATS_DISPLAY(); -+ IGMP_STATS_DISPLAY(); -+ ICMP_STATS_DISPLAY(); -+ UDP_STATS_DISPLAY(); -+ TCP_STATS_DISPLAY(); -+ MEM_STATS_DISPLAY(); - for (i = 0; i < MEMP_MAX; i++) { -- stats_display_mem(&lwip_stats.memp[i], memp_names[i]); -+ MEMP_STATS_DISPLAY(i); - } --#endif -+ SYS_STATS_DISPLAY(); - } - #endif /* LWIP_STATS_DISPLAY */ - -Index: src/core/sys.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/sys.c,v -retrieving revision 1.32 -retrieving revision 1.33 -diff -u -p -r1.32 -r1.33 ---- a/src/core/sys.c 25 Nov 2007 13:57:05 -0000 1.32 -+++ b/src/core/sys.c 16 Jul 2008 20:36:12 -0000 1.33 -@@ -65,7 +65,7 @@ struct sswt_cb - void - sys_mbox_fetch(sys_mbox_t mbox, void **msg) - { -- u32_t time; -+ u32_t time_needed; - struct sys_timeouts *timeouts; - struct sys_timeo *tmptimeout; - sys_timeout_handler h; -@@ -76,18 +76,18 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m - - if (!timeouts || !timeouts->next) { - UNLOCK_TCPIP_CORE(); -- time = sys_arch_mbox_fetch(mbox, msg, 0); -+ time_needed = sys_arch_mbox_fetch(mbox, msg, 0); - LOCK_TCPIP_CORE(); - } else { - if (timeouts->next->time > 0) { - UNLOCK_TCPIP_CORE(); -- time = sys_arch_mbox_fetch(mbox, msg, timeouts->next->time); -+ time_needed = sys_arch_mbox_fetch(mbox, msg, timeouts->next->time); - LOCK_TCPIP_CORE(); - } else { -- time = SYS_ARCH_TIMEOUT; -+ time_needed = SYS_ARCH_TIMEOUT; - } - -- if (time == SYS_ARCH_TIMEOUT) { -+ if (time_needed == SYS_ARCH_TIMEOUT) { - /* If time == SYS_ARCH_TIMEOUT, a timeout occured before a message - could be fetched. We should now call the timeout handler and - deallocate the memory allocated for the timeout. */ -@@ -107,8 +107,8 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m - /* If time != SYS_ARCH_TIMEOUT, a message was received before the timeout - occured. The time variable is set to the number of - milliseconds we waited for the message. */ -- if (time < timeouts->next->time) { -- timeouts->next->time -= time; -+ if (time_needed < timeouts->next->time) { -+ timeouts->next->time -= time_needed; - } else { - timeouts->next->time = 0; - } -@@ -125,7 +125,7 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m - void - sys_sem_wait(sys_sem_t sem) - { -- u32_t time; -+ u32_t time_needed; - struct sys_timeouts *timeouts; - struct sys_timeo *tmptimeout; - sys_timeout_handler h; -@@ -139,12 +139,12 @@ sys_sem_wait(sys_sem_t sem) - sys_arch_sem_wait(sem, 0); - } else { - if (timeouts->next->time > 0) { -- time = sys_arch_sem_wait(sem, timeouts->next->time); -+ time_needed = sys_arch_sem_wait(sem, timeouts->next->time); - } else { -- time = SYS_ARCH_TIMEOUT; -+ time_needed = SYS_ARCH_TIMEOUT; - } - -- if (time == SYS_ARCH_TIMEOUT) { -+ if (time_needed == SYS_ARCH_TIMEOUT) { - /* If time == SYS_ARCH_TIMEOUT, a timeout occured before a message - could be fetched. We should now call the timeout handler and - deallocate the memory allocated for the timeout. */ -@@ -164,8 +164,8 @@ sys_sem_wait(sys_sem_t sem) - /* If time != SYS_ARCH_TIMEOUT, a message was received before the timeout - occured. The time variable is set to the number of - milliseconds we waited for the message. */ -- if (time < timeouts->next->time) { -- timeouts->next->time -= time; -+ if (time_needed < timeouts->next->time) { -+ timeouts->next->time -= time_needed; - } else { - timeouts->next->time = 0; - } -Index: src/core/tcp.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/tcp.c,v -retrieving revision 1.85 -retrieving revision 1.86 -diff -u -p -r1.85 -r1.86 ---- a/src/core/tcp.c 22 Jan 2008 21:15:15 -0000 1.85 -+++ b/src/core/tcp.c 26 Mar 2008 11:57:13 -0000 1.86 -@@ -509,7 +509,8 @@ tcp_connect(struct tcp_pcb *pcb, struct - pcb->rcv_wnd = TCP_WND; - pcb->rcv_ann_wnd = TCP_WND; - pcb->snd_wnd = TCP_WND; -- /* The send MSS is updated when an MSS option is received. */ -+ /* As initial send MSS, we use TCP_MSS but limit it to 536. -+ The send MSS is updated when an MSS option is received. */ - pcb->mss = (TCP_MSS > 536) ? 536 : TCP_MSS; - #if TCP_CALCULATE_EFF_SEND_MSS - pcb->mss = tcp_eff_send_mss(pcb->mss, ipaddr); -@@ -991,7 +992,8 @@ tcp_alloc(u8_t prio) - pcb->rcv_ann_wnd = TCP_WND; - pcb->tos = 0; - pcb->ttl = TCP_TTL; -- /* The send MSS is updated when an MSS option is received. */ -+ /* As initial send MSS, we use TCP_MSS but limit it to 536. -+ The send MSS is updated when an MSS option is received. */ - pcb->mss = (TCP_MSS > 536) ? 536 : TCP_MSS; - pcb->rto = 3000 / TCP_SLOW_INTERVAL; - pcb->sa = 0; -Index: src/core/tcp_in.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/tcp_in.c,v -retrieving revision 1.97 -retrieving revision 1.100 -diff -u -p -r1.97 -r1.100 ---- a/src/core/tcp_in.c 22 Jan 2008 21:15:15 -0000 1.97 -+++ b/src/core/tcp_in.c 24 Jun 2008 15:46:39 -0000 1.100 -@@ -511,7 +511,7 @@ tcp_process(struct tcp_pcb *pcb) - } - } else { - if (TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt, -- pcb->rcv_nxt+pcb->rcv_ann_wnd)) { -+ pcb->rcv_nxt+pcb->rcv_wnd)) { - acceptable = 1; - } - } -@@ -1038,7 +1038,7 @@ tcp_receive(struct tcp_pcb *pcb) - and below rcv_nxt + rcv_wnd) in order to be further - processed. */ - if (TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt, -- pcb->rcv_nxt + pcb->rcv_ann_wnd - 1)){ -+ pcb->rcv_nxt + pcb->rcv_wnd - 1)){ - if (pcb->rcv_nxt == seqno) { - accepted_inseq = 1; - /* The incoming segment is the next in sequence. We check if -@@ -1195,14 +1195,14 @@ tcp_receive(struct tcp_pcb *pcb) - } else { - pcb->ooseq = cseg; - } -- } -- tcp_seg_free(next); -- if (cseg->next != NULL) { -- next = cseg->next; -- if (TCP_SEQ_GT(seqno + cseg->len, next->tcphdr->seqno)) { -- /* We need to trim the incoming segment. */ -- cseg->len = (u16_t)(next->tcphdr->seqno - seqno); -- pbuf_realloc(cseg->p, cseg->len); -+ tcp_seg_free(next); -+ if (cseg->next != NULL) { -+ next = cseg->next; -+ if (TCP_SEQ_GT(seqno + cseg->len, next->tcphdr->seqno)) { -+ /* We need to trim the incoming segment. */ -+ cseg->len = (u16_t)(next->tcphdr->seqno - seqno); -+ pbuf_realloc(cseg->p, cseg->len); -+ } - } - } - break; -@@ -1282,10 +1282,7 @@ tcp_receive(struct tcp_pcb *pcb) - - } - } else { -- if(!TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt, -- pcb->rcv_nxt + pcb->rcv_ann_wnd-1)){ -- tcp_ack_now(pcb); -- } -+ tcp_ack_now(pcb); - } - } else { - /* Segments with length 0 is taken care of here. Segments that -@@ -1331,7 +1328,8 @@ tcp_parseopt(struct tcp_pcb *pcb) - opts[c + 1] == 0x04) { - /* An MSS option with the right option length. */ - mss = (opts[c + 2] << 8) | opts[c + 3]; -- pcb->mss = mss > TCP_MSS? TCP_MSS: mss; -+ /* Limit the mss to the configured TCP_MSS and prevent division by zero */ -+ pcb->mss = ((mss > TCP_MSS) || (mss == 0)) ? TCP_MSS : mss; - - /* And we are done processing options. */ - break; -Index: src/core/ipv4/autoip.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/ipv4/autoip.c,v -retrieving revision 1.16 -retrieving revision 1.17 -diff -u -p -r1.16 -r1.17 ---- a/src/core/ipv4/autoip.c 26 Jan 2008 16:11:40 -0000 1.16 -+++ b/src/core/ipv4/autoip.c 17 Jun 2008 20:16:23 -0000 1.17 -@@ -395,8 +395,8 @@ autoip_arp_reply(struct netif *netif, st - /* Copy struct ip_addr2 to aligned ip_addr, to support compilers without - * structure packing (not using structure copy which breaks strict-aliasing rules). - */ -- MEMCPY(&sipaddr, &hdr->sipaddr, sizeof(sipaddr)); -- MEMCPY(&dipaddr, &hdr->dipaddr, sizeof(dipaddr)); -+ SMEMCPY(&sipaddr, &hdr->sipaddr, sizeof(sipaddr)); -+ SMEMCPY(&dipaddr, &hdr->dipaddr, sizeof(dipaddr)); - - if ((netif->autoip->state == AUTOIP_STATE_PROBING) || - ((netif->autoip->state == AUTOIP_STATE_ANNOUNCING) && -Index: src/core/ipv4/inet_chksum.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/ipv4/inet_chksum.c,v -retrieving revision 1.4 -retrieving revision 1.5 -diff -u -p -r1.4 -r1.5 ---- a/src/core/ipv4/inet_chksum.c 10 Mar 2008 16:12:31 -0000 1.4 -+++ b/src/core/ipv4/inet_chksum.c 17 Jun 2008 20:06:25 -0000 1.5 -@@ -41,8 +41,6 @@ - #include "lwip/inet_chksum.h" - #include "lwip/inet.h" - --#include <string.h> -- - /* These are some reference implementations of the checksum algorithm, with the - * aim of being simple, correct and fully portable. Checksumming is the - * first thing you would want to optimize for your platform. If you create -@@ -65,6 +63,11 @@ - # define LWIP_CHKSUM_ALGORITHM 0 - #endif - -+/** Like the name says... */ -+#define SWAP_BYTES_IN_WORD(w) ((w & 0xff) << 8) | ((w & 0xff00) >> 8) -+/** Split an u32_t in two u16_ts and add them up */ -+#define FOLD_U32T(u) ((u >> 16) + (u & 0x0000ffffUL)) -+ - #if (LWIP_CHKSUM_ALGORITHM == 1) /* Version #1 */ - /** - * lwip checksum -@@ -86,8 +89,7 @@ lwip_standard_chksum(void *dataptr, u16_ - acc = 0; - /* dataptr may be at odd or even addresses */ - octetptr = (u8_t*)dataptr; -- while (len > 1) -- { -+ while (len > 1) { - /* declare first octet as most significant - thus assume network order, ignoring host order */ - src = (*octetptr) << 8; -@@ -98,8 +100,7 @@ lwip_standard_chksum(void *dataptr, u16_ - acc += src; - len -= 2; - } -- if (len > 0) -- { -+ if (len > 0) { - /* accumulate remaining octet */ - src = (*octetptr) << 8; - acc += src; -@@ -154,19 +155,22 @@ lwip_standard_chksum(void *dataptr, int - } - - /* Consume left-over byte, if any */ -- if (len > 0) -+ if (len > 0) { - ((u8_t *)&t)[0] = *(u8_t *)ps;; -+ } - - /* Add end bytes */ - sum += t; - -- /* Fold 32-bit sum to 16 bits */ -- while ((sum >> 16) != 0) -- sum = (sum & 0xffff) + (sum >> 16); -+ /* Fold 32-bit sum to 16 bits -+ calling this twice is propably faster than if statements... */ -+ sum = FOLD_U32T(sum); -+ sum = FOLD_U32T(sum); - - /* Swap if alignment was odd */ -- if (odd) -- sum = ((sum & 0xff) << 8) | ((sum & 0xff00) >> 8); -+ if (odd) { -+ sum = SWAP_BYTES_IN_WORD(sum); -+ } - - return sum; - } -@@ -211,18 +215,20 @@ lwip_standard_chksum(void *dataptr, int - - while (len > 7) { - tmp = sum + *pl++; /* ping */ -- if (tmp < sum) -+ if (tmp < sum) { - tmp++; /* add back carry */ -+ } - - sum = tmp + *pl++; /* pong */ -- if (sum < tmp) -+ if (sum < tmp) { - sum++; /* add back carry */ -+ } - - len -= 8; - } - - /* make room in upper bits */ -- sum = (sum >> 16) + (sum & 0xffff); -+ sum = FOLD_U32T(sum); - - ps = (u16_t *)pl; - -@@ -233,16 +239,20 @@ lwip_standard_chksum(void *dataptr, int - } - - /* dangling tail byte remaining? */ -- if (len > 0) /* include odd byte */ -+ if (len > 0) { /* include odd byte */ - ((u8_t *)&t)[0] = *(u8_t *)ps; -+ } - - sum += t; /* add end bytes */ - -- while ((sum >> 16) != 0) /* combine halves */ -- sum = (sum >> 16) + (sum & 0xffff); -+ /* Fold 32-bit sum to 16 bits -+ calling this twice is propably faster than if statements... */ -+ sum = FOLD_U32T(sum); -+ sum = FOLD_U32T(sum); - -- if (odd) -- sum = ((sum & 0xff) << 8) | ((sum & 0xff00) >> 8); -+ if (odd) { -+ sum = SWAP_BYTES_IN_WORD(sum); -+ } - - return sum; - } -@@ -277,18 +287,18 @@ inet_chksum_pseudo(struct pbuf *p, - (void *)q, (void *)q->next)); - acc += LWIP_CHKSUM(q->payload, q->len); - /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): unwrapped lwip_chksum()=%"X32_F" \n", acc));*/ -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffffUL) + (acc >> 16); -- } -+ /* just executing this next line is probably faster that the if statement needed -+ to check whether we really need to execute it, and does no harm */ -+ acc = FOLD_U32T(acc); - if (q->len % 2 != 0) { - swapped = 1 - swapped; -- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): wrapped lwip_chksum()=%"X32_F" \n", acc));*/ - } - - if (swapped) { -- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - acc += (src->addr & 0xffffUL); - acc += ((src->addr >> 16) & 0xffffUL); -@@ -297,9 +307,10 @@ inet_chksum_pseudo(struct pbuf *p, - acc += (u32_t)htons((u16_t)proto); - acc += (u32_t)htons(proto_len); - -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffffUL) + (acc >> 16); -- } -+ /* Fold 32-bit sum to 16 bits -+ calling this twice is propably faster than if statements... */ -+ acc = FOLD_U32T(acc); -+ acc = FOLD_U32T(acc); - LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): pbuf chain lwip_chksum()=%"X32_F"\n", acc)); - return (u16_t)~(acc & 0xffffUL); - } -@@ -340,18 +351,17 @@ inet_chksum_pseudo_partial(struct pbuf * - chksum_len -= chklen; - LWIP_ASSERT("delete me", chksum_len < 0x7fff); - /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): unwrapped lwip_chksum()=%"X32_F" \n", acc));*/ -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffffUL) + (acc >> 16); -- } -+ /* fold the upper bit down */ -+ acc = FOLD_U32T(acc); - if (q->len % 2 != 0) { - swapped = 1 - swapped; -- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): wrapped lwip_chksum()=%"X32_F" \n", acc));*/ - } - - if (swapped) { -- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - acc += (src->addr & 0xffffUL); - acc += ((src->addr >> 16) & 0xffffUL); -@@ -360,9 +370,10 @@ inet_chksum_pseudo_partial(struct pbuf * - acc += (u32_t)htons((u16_t)proto); - acc += (u32_t)htons(proto_len); - -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffffUL) + (acc >> 16); -- } -+ /* Fold 32-bit sum to 16 bits -+ calling this twice is propably faster than if statements... */ -+ acc = FOLD_U32T(acc); -+ acc = FOLD_U32T(acc); - LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): pbuf chain lwip_chksum()=%"X32_F"\n", acc)); - return (u16_t)~(acc & 0xffffUL); - } -@@ -380,13 +391,7 @@ inet_chksum_pseudo_partial(struct pbuf * - u16_t - inet_chksum(void *dataptr, u16_t len) - { -- u32_t acc; -- -- acc = LWIP_CHKSUM(dataptr, len); -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffff) + (acc >> 16); -- } -- return (u16_t)~(acc & 0xffff); -+ return ~LWIP_CHKSUM(dataptr, len); - } - - /** -@@ -407,17 +412,15 @@ inet_chksum_pbuf(struct pbuf *p) - swapped = 0; - for(q = p; q != NULL; q = q->next) { - acc += LWIP_CHKSUM(q->payload, q->len); -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffffUL) + (acc >> 16); -- } -+ acc = FOLD_U32T(acc); - if (q->len % 2 != 0) { - swapped = 1 - swapped; -- acc = (acc & 0x00ffUL << 8) | (acc & 0xff00UL >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - } - - if (swapped) { -- acc = ((acc & 0x00ffUL) << 8) | ((acc & 0xff00UL) >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - return (u16_t)~(acc & 0xffffUL); - } -Index: src/core/ipv4/ip.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/ipv4/ip.c,v -retrieving revision 1.66 -retrieving revision 1.68 -diff -u -p -r1.66 -r1.68 ---- a/src/core/ipv4/ip.c 14 Jan 2008 20:53:23 -0000 1.66 -+++ b/src/core/ipv4/ip.c 17 Jun 2008 19:39:22 -0000 1.68 -@@ -531,9 +531,19 @@ ip_output_if(struct pbuf *p, struct ip_a - LWIP_DEBUGF(IP_DEBUG, ("ip_output_if: %c%c%"U16_F"\n", netif->name[0], netif->name[1], netif->num)); - ip_debug_print(p); - -- LWIP_DEBUGF(IP_DEBUG, ("netif->output()")); -+#if (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF) -+ if (ip_addr_cmp(dest, &netif->ip_addr)) { -+ /* Packet to self, enqueue it for loopback */ -+ LWIP_DEBUGF(IP_DEBUG, ("netif_loop_output()")); -+ -+ return netif_loop_output(netif, p, dest); -+ } else -+#endif /* (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF) */ -+ { -+ LWIP_DEBUGF(IP_DEBUG, ("netif->output()")); - -- return netif->output(netif, p, dest); -+ return netif->output(netif, p, dest); -+ } - } - - /** -Index: src/include/lwip/debug.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/debug.h,v -retrieving revision 1.37 -retrieving revision 1.39 -diff -u -p -r1.37 -r1.39 ---- a/src/include/lwip/debug.h 22 Sep 2007 11:16:07 -0000 1.37 -+++ b/src/include/lwip/debug.h 16 Jul 2008 20:36:22 -0000 1.39 -@@ -61,26 +61,28 @@ - #define LWIP_DBG_HALT 0x08U - - #ifndef LWIP_NOASSERT --#define LWIP_ASSERT(x,y) do { if(!(y)) LWIP_PLATFORM_ASSERT(x); } while(0) -+#define LWIP_ASSERT(message, assertion) do { if(!(assertion)) \ -+ LWIP_PLATFORM_ASSERT(message); } while(0) - #else /* LWIP_NOASSERT */ --#define LWIP_ASSERT(x,y) -+#define LWIP_ASSERT(message, assertion) - #endif /* LWIP_NOASSERT */ - --/** print "m" message only if "e" is true, and execute "h" expression */ -+/** if "expression" isn't true, then print "message" and execute "handler" expression */ - #ifndef LWIP_ERROR --#define LWIP_ERROR(m,e,h) do { if (!(e)) { LWIP_PLATFORM_ASSERT(m); h;}} while(0) -+#define LWIP_ERROR(message, expression, handler) do { if (!(expression)) { \ -+ LWIP_PLATFORM_ASSERT(message); handler;}} while(0) - #endif /* LWIP_ERROR */ - - #ifdef LWIP_DEBUG - /** print debug message only if debug message type is enabled... - * AND is of correct type AND is at least LWIP_DBG_LEVEL - */ --#define LWIP_DEBUGF(debug,x) do { \ -+#define LWIP_DEBUGF(debug, message) do { \ - if ( \ - ((debug) & LWIP_DBG_ON) && \ - ((debug) & LWIP_DBG_TYPES_ON) && \ - ((s16_t)((debug) & LWIP_DBG_MASK_LEVEL) >= LWIP_DBG_MIN_LEVEL)) { \ -- LWIP_PLATFORM_DIAG(x); \ -+ LWIP_PLATFORM_DIAG(message); \ - if ((debug) & LWIP_DBG_HALT) { \ - while(1); \ - } \ -@@ -88,7 +90,7 @@ - } while(0) - - #else /* LWIP_DEBUG */ --#define LWIP_DEBUGF(debug,x) -+#define LWIP_DEBUGF(debug, message) - #endif /* LWIP_DEBUG */ - - #endif /* __LWIP_DEBUG_H__ */ -Index: src/include/lwip/err.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/err.h,v -retrieving revision 1.13 -retrieving revision 1.15 -diff -u -p -r1.13 -r1.15 ---- a/src/include/lwip/err.h 13 Dec 2007 23:06:50 -0000 1.13 -+++ b/src/include/lwip/err.h 17 Jun 2008 20:27:32 -0000 1.15 -@@ -33,37 +33,43 @@ - #define __LWIP_ERR_H__ - - #include "lwip/opt.h" -+#include "lwip/arch.h" - - #ifdef __cplusplus - extern "C" { - #endif - --typedef s8_t err_t; -+/** Define LWIP_ERR_T in cc.h if you want to use -+ * a different type for your platform (must be signed). */ -+#ifdef LWIP_ERR_T -+typedef LWIP_ERR_T err_t; -+#else /* LWIP_ERR_T */ -+ typedef s8_t err_t; -+#endif /* LWIP_ERR_T*/ - - /* Definitions for error constants. */ - - #define ERR_OK 0 /* No error, everything OK. */ - #define ERR_MEM -1 /* Out of memory error. */ - #define ERR_BUF -2 /* Buffer error. */ --#define ERR_RTE -3 /* Routing problem. */ -+#define ERR_TIMEOUT -3 /* Timeout. */ -+#define ERR_RTE -4 /* Routing problem. */ - - #define ERR_IS_FATAL(e) ((e) < ERR_RTE) - --#define ERR_ABRT -4 /* Connection aborted. */ --#define ERR_RST -5 /* Connection reset. */ --#define ERR_CLSD -6 /* Connection closed. */ --#define ERR_CONN -7 /* Not connected. */ -+#define ERR_ABRT -5 /* Connection aborted. */ -+#define ERR_RST -6 /* Connection reset. */ -+#define ERR_CLSD -7 /* Connection closed. */ -+#define ERR_CONN -8 /* Not connected. */ - --#define ERR_VAL -8 /* Illegal value. */ -+#define ERR_VAL -9 /* Illegal value. */ - --#define ERR_ARG -9 /* Illegal argument. */ -+#define ERR_ARG -10 /* Illegal argument. */ - --#define ERR_USE -10 /* Address in use. */ -+#define ERR_USE -11 /* Address in use. */ - --#define ERR_IF -11 /* Low-level netif error */ --#define ERR_ISCONN -12 /* Already connected. */ -- --#define ERR_TIMEOUT -13 /* Timeout. */ -+#define ERR_IF -12 /* Low-level netif error */ -+#define ERR_ISCONN -13 /* Already connected. */ - - #define ERR_INPROGRESS -14 /* Operation in progress */ - -Index: src/include/lwip/mem.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/mem.h,v -retrieving revision 1.21 -retrieving revision 1.22 -diff -u -p -r1.21 -r1.22 ---- a/src/include/lwip/mem.h 4 Mar 2008 16:31:32 -0000 1.21 -+++ b/src/include/lwip/mem.h 30 May 2008 11:37:15 -0000 1.22 -@@ -50,16 +50,16 @@ typedef size_t mem_size_t; - * allow these defines to be overridden. - */ - #ifndef mem_free --#define mem_free(x) free(x) -+#define mem_free free - #endif - #ifndef mem_malloc --#define mem_malloc(x) malloc(x) -+#define mem_malloc malloc - #endif - #ifndef mem_calloc --#define mem_calloc(x, y) calloc(x, y) -+#define mem_calloc calloc - #endif - #ifndef mem_realloc --#define mem_realloc(x, size) (x) -+#define mem_realloc realloc - #endif - #else /* MEM_LIBC_MALLOC */ - -Index: src/include/lwip/netif.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/netif.h,v -retrieving revision 1.43 -retrieving revision 1.46 -diff -u -p -r1.43 -r1.46 ---- a/src/include/lwip/netif.h 9 Oct 2007 19:59:59 -0000 1.43 -+++ b/src/include/lwip/netif.h 19 Jun 2008 16:27:23 -0000 1.46 -@@ -34,6 +34,8 @@ - - #include "lwip/opt.h" - -+#define ENABLE_LOOPBACK (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF) -+ - #include "lwip/err.h" - - #include "lwip/ip_addr.h" -@@ -165,6 +167,14 @@ struct netif { - #if LWIP_NETIF_HWADDRHINT - u8_t *addr_hint; - #endif /* LWIP_NETIF_HWADDRHINT */ -+#if ENABLE_LOOPBACK -+ /* List of packets to be queued for ourselves. */ -+ struct pbuf *loop_first; -+ struct pbuf *loop_last; -+#if LWIP_LOOPBACK_MAX_PBUFS -+ u16_t loop_cnt_current; -+#endif /* LWIP_LOOPBACK_MAX_PBUFS */ -+#endif /* ENABLE_LOOPBACK */ - }; - - #if LWIP_SNMP -@@ -242,4 +252,12 @@ void netif_set_link_callback(struct neti - } - #endif - -+#if ENABLE_LOOPBACK -+err_t netif_loop_output(struct netif *netif, struct pbuf *p, struct ip_addr *dest_ip); -+void netif_poll(struct netif *netif); -+#if !LWIP_NETIF_LOOPBACK_MULTITHREADING -+void netif_poll_all(void); -+#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */ -+#endif /* ENABLE_LOOPBACK */ -+ - #endif /* __LWIP_NETIF_H__ */ -Index: src/include/lwip/opt.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/opt.h,v -retrieving revision 1.116 -retrieving revision 1.122 -diff -u -p -r1.116 -r1.122 ---- a/src/include/lwip/opt.h 31 Jan 2008 18:19:29 -0000 1.116 -+++ b/src/include/lwip/opt.h 30 Jun 2008 18:16:52 -0000 1.122 -@@ -155,6 +155,27 @@ - #define MEMP_USE_CUSTOM_POOLS 0 - #endif - -+/** -+ * Set this to 1 if you want to free PBUF_RAM pbufs (or call mem_free()) from -+ * interrupt context (or another context that doesn't allow waiting for a -+ * semaphore). -+ * If set to 1, mem_malloc will be protected by a semaphore and SYS_ARCH_PROTECT, -+ * while mem_free will only use SYS_ARCH_PROTECT. mem_malloc SYS_ARCH_UNPROTECTs -+ * with each loop so that mem_free can run. -+ * -+ * ATTENTION: As you can see from the above description, this leads to dis-/ -+ * enabling interrupts often, which can be slow! Also, on low memory, mem_malloc -+ * can need longer. -+ * -+ * If you don't want that, at least for NO_SYS=0, you can still use the following -+ * functions to enqueue a deallocation call which then runs in the tcpip_thread -+ * context: -+ * - pbuf_free_callback(p); -+ * - mem_free_callback(m); -+ */ -+#ifndef LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+#define LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT 0 -+#endif - - /* - ------------------------------------------------ -@@ -815,6 +836,39 @@ - #define LWIP_NETIF_HWADDRHINT 0 - #endif - -+/** -+ * LWIP_NETIF_LOOPBACK==1: Support sending packets with a destination IP -+ * address equal to the netif IP address, looping them back up the stack. -+ */ -+#ifndef LWIP_NETIF_LOOPBACK -+#define LWIP_NETIF_LOOPBACK 0 -+#endif -+ -+/** -+ * LWIP_LOOPBACK_MAX_PBUFS: Maximum number of pbufs on queue for loopback -+ * sending for each netif (0 = disabled) -+ */ -+#ifndef LWIP_LOOPBACK_MAX_PBUFS -+#define LWIP_LOOPBACK_MAX_PBUFS 0 -+#endif -+ -+/** -+ * LWIP_NETIF_LOOPBACK_MULTITHREADING: Indicates whether threading is enabled in -+ * the system, as netifs must change how they behave depending on this setting -+ * for the LWIP_NETIF_LOOPBACK option to work. -+ * Setting this is needed to avoid reentering non-reentrant functions like -+ * tcp_input(). -+ * LWIP_NETIF_LOOPBACK_MULTITHREADING==1: Indicates that the user is using a -+ * multithreaded environment like tcpip.c. In this case, netif->input() -+ * is called directly. -+ * LWIP_NETIF_LOOPBACK_MULTITHREADING==0: Indicates a polling (or NO_SYS) setup. -+ * The packets are put on a list and netif_poll() must be called in -+ * the main application loop. -+ */ -+#ifndef LWIP_NETIF_LOOPBACK_MULTITHREADING -+#define LWIP_NETIF_LOOPBACK_MULTITHREADING (!NO_SYS) -+#endif -+ - /* - ------------------------------------ - ---------- LOOPIF options ---------- -@@ -827,20 +881,16 @@ - #define LWIP_HAVE_LOOPIF 0 - #endif - -+/* -+ ------------------------------------ -+ ---------- SLIPIF options ---------- -+ ------------------------------------ -+*/ - /** -- * LWIP_LOOPIF_MULTITHREADING: Indicates whether threading is enabled in -- * the system, as LOOPIF must change how it behaves depending on this setting. -- * Setting this is needed to avoid reentering non-reentrant functions like -- * tcp_input(). -- * LWIP_LOOPIF_MULTITHREADING==1: Indicates that the user is using a -- * multithreaded environment like tcpip.c. In this case, netif->input() -- * is called directly. -- * LWIP_LOOPIF_MULTITHREADING==0: Indicates a polling (or NO_SYS) setup. -- * The packets are put on a list and loopif_poll() must be called in -- * the main application loop. -+ * LWIP_HAVE_SLIPIF==1: Support slip interface and slipif.c - */ --#ifndef LWIP_LOOPIF_MULTITHREADING --#define LWIP_LOOPIF_MULTITHREADING 1 -+#ifndef LWIP_HAVE_SLIPIF -+#define LWIP_HAVE_SLIPIF 0 - #endif - - /* -Index: src/include/lwip/sio.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/sio.h,v -retrieving revision 1.7 -retrieving revision 1.8 -diff -u -p -r1.7 -r1.8 ---- a/src/include/lwip/sio.h 6 Sep 2007 16:43:44 -0000 1.7 -+++ b/src/include/lwip/sio.h 27 Mar 2008 18:06:02 -0000 1.8 -@@ -32,16 +32,24 @@ - * It needs to be implemented by those platforms which need SLIP or PPP - */ - -+#ifndef __SIO_H__ -+#define __SIO_H__ -+ - #include "lwip/arch.h" - - #ifdef __cplusplus - extern "C" { - #endif - -+/* If you want to define sio_fd_t elsewhere or differently, -+ define this in your cc.h file. */ - #ifndef __sio_fd_t_defined - typedef void * sio_fd_t; - #endif - -+/* The following functions can be defined to something else in your cc.h file -+ or be implemented in your custom sio.c file. */ -+ - #ifndef sio_open - sio_fd_t sio_open(u8_t); - #endif -@@ -69,3 +77,5 @@ void sio_read_abort(sio_fd_t); - #ifdef __cplusplus - } - #endif -+ -+#endif /* __SIO_H__ */ -Index: src/include/lwip/sockets.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/sockets.h,v -retrieving revision 1.38 -retrieving revision 1.39 -diff -u -p -r1.38 -r1.39 ---- a/src/include/lwip/sockets.h 2 Dec 2007 15:24:02 -0000 1.38 -+++ b/src/include/lwip/sockets.h 26 Apr 2008 10:46:23 -0000 1.39 -@@ -177,7 +177,22 @@ typedef struct ip_mreq { - } ip_mreq; - #endif /* LWIP_IGMP */ - --/* Unimplemented for now... */ -+/* -+ * The Type of Service provides an indication of the abstract -+ * parameters of the quality of service desired. These parameters are -+ * to be used to guide the selection of the actual service parameters -+ * when transmitting a datagram through a particular network. Several -+ * networks offer service precedence, which somehow treats high -+ * precedence traffic as more important than other traffic (generally -+ * by accepting only traffic above a certain precedence at time of high -+ * load). The major choice is a three way tradeoff between low-delay, -+ * high-reliability, and high-throughput. -+ * The use of the Delay, Throughput, and Reliability indications may -+ * increase the cost (in some sense) of the service. In many networks -+ * better performance for one of these parameters is coupled with worse -+ * performance on another. Except for very unusual cases at most two -+ * of these three indications should be set. -+ */ - #define IPTOS_TOS_MASK 0x1E - #define IPTOS_TOS(tos) ((tos) & IPTOS_TOS_MASK) - #define IPTOS_LOWDELAY 0x10 -@@ -187,7 +202,13 @@ typedef struct ip_mreq { - #define IPTOS_MINCOST IPTOS_LOWCOST - - /* -- * Definitions for IP precedence (also in ip_tos) (Unimplemented) -+ * The Network Control precedence designation is intended to be used -+ * within a network only. The actual use and control of that -+ * designation is up to each network. The Internetwork Control -+ * designation is intended for use by gateway control originators only. -+ * If the actual use of these precedence designations is of concern to -+ * a particular network, it is the responsibility of that network to -+ * control the access to, and use of, those precedence designations. - */ - #define IPTOS_PREC_MASK 0xe0 - #define IPTOS_PREC(tos) ((tos) & IPTOS_PREC_MASK) -Index: src/include/lwip/stats.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/stats.h,v -retrieving revision 1.19 -retrieving revision 1.23 -diff -u -p -r1.19 -r1.23 ---- a/src/include/lwip/stats.h 28 Nov 2007 21:25:07 -0000 1.19 -+++ b/src/include/lwip/stats.h 8 Jul 2008 09:15:57 -0000 1.23 -@@ -57,7 +57,6 @@ extern "C" { - - struct stats_proto { - STAT_COUNTER xmit; /* Transmitted packets. */ -- STAT_COUNTER rexmit; /* Retransmitted packets. */ - STAT_COUNTER recv; /* Received packets. */ - STAT_COUNTER fw; /* Forwarded packets. */ - STAT_COUNTER drop; /* Dropped packets. */ -@@ -87,7 +86,8 @@ struct stats_mem { - mem_size_t avail; - mem_size_t used; - mem_size_t max; -- mem_size_t err; -+ STAT_COUNTER err; -+ STAT_COUNTER illegal; - }; - - struct stats_syselem { -@@ -142,64 +142,138 @@ extern struct stats_ lwip_stats; - #define stats_init() /* Compatibility define, not init needed. */ - - #define STATS_INC(x) ++lwip_stats.x -+#define STATS_DEC(x) --lwip_stats.x - #else - #define stats_init() - #define STATS_INC(x) -+#define STATS_DEC(x) - #endif /* LWIP_STATS */ - - #if TCP_STATS - #define TCP_STATS_INC(x) STATS_INC(x) -+#define TCP_STATS_DISPLAY() stats_display_proto(&lwip_stats.tcp, "TCP") - #else - #define TCP_STATS_INC(x) -+#define TCP_STATS_DISPLAY() - #endif - - #if UDP_STATS - #define UDP_STATS_INC(x) STATS_INC(x) -+#define UDP_STATS_DISPLAY() stats_display_proto(&lwip_stats.udp, "UDP") - #else - #define UDP_STATS_INC(x) -+#define UDP_STATS_DISPLAY() - #endif - - #if ICMP_STATS - #define ICMP_STATS_INC(x) STATS_INC(x) -+#define ICMP_STATS_DISPLAY() stats_display_proto(&lwip_stats.icmp, "ICMP") - #else - #define ICMP_STATS_INC(x) -+#define ICMP_STATS_DISPLAY() - #endif - - #if IGMP_STATS - #define IGMP_STATS_INC(x) STATS_INC(x) -+#define IGMP_STATS_DISPLAY() stats_display_igmp(&lwip_stats.igmp) - #else - #define IGMP_STATS_INC(x) -+#define IGMP_STATS_DISPLAY() - #endif - - #if IP_STATS - #define IP_STATS_INC(x) STATS_INC(x) -+#define IP_STATS_DISPLAY() stats_display_proto(&lwip_stats.ip, "IP") - #else - #define IP_STATS_INC(x) -+#define IP_STATS_DISPLAY() - #endif - - #if IPFRAG_STATS - #define IPFRAG_STATS_INC(x) STATS_INC(x) -+#define IPFRAG_STATS_DISPLAY() stats_display_proto(&lwip_stats.ip_frag, "IP_FRAG") - #else - #define IPFRAG_STATS_INC(x) -+#define IPFRAG_STATS_DISPLAY() - #endif - - #if ETHARP_STATS - #define ETHARP_STATS_INC(x) STATS_INC(x) -+#define ETHARP_STATS_DISPLAY() stats_display_proto(&lwip_stats.etharp, "ETHARP") - #else - #define ETHARP_STATS_INC(x) -+#define ETHARP_STATS_DISPLAY() - #endif - - #if LINK_STATS - #define LINK_STATS_INC(x) STATS_INC(x) -+#define LINK_STATS_DISPLAY() stats_display_proto(&lwip_stats.link, "LINK") - #else - #define LINK_STATS_INC(x) -+#define LINK_STATS_DISPLAY() -+#endif -+ -+#if MEM_STATS -+#define MEM_STATS_AVAIL(x, y) lwip_stats.mem.x = y -+#define MEM_STATS_INC(x) STATS_INC(mem.x) -+#define MEM_STATS_INC_USED(x, y) do { lwip_stats.mem.used += y; \ -+ if (lwip_stats.mem.max < lwip_stats.mem.used) { \ -+ lwip_stats.mem.max = lwip_stats.mem.used; \ -+ } \ -+ } while(0) -+#define MEM_STATS_DEC_USED(x, y) lwip_stats.mem.x -= y -+#define MEM_STATS_DISPLAY() stats_display_mem(&lwip_stats.mem, "HEAP") -+#else -+#define MEM_STATS_AVAIL(x, y) -+#define MEM_STATS_INC(x) -+#define MEM_STATS_INC_USED(x, y) -+#define MEM_STATS_DEC_USED(x, y) -+#define MEM_STATS_DISPLAY() -+#endif -+ -+#if MEMP_STATS -+#define MEMP_STATS_AVAIL(x, i, y) lwip_stats.memp[i].x = y -+#define MEMP_STATS_INC(x, i) STATS_INC(memp[i].x) -+#define MEMP_STATS_DEC(x, i) STATS_DEC(memp[i].x) -+#define MEMP_STATS_INC_USED(x, i) do { ++lwip_stats.memp[i].used; \ -+ if (lwip_stats.memp[i].max < lwip_stats.memp[i].used) { \ -+ lwip_stats.memp[i].max = lwip_stats.memp[i].used; \ -+ } \ -+ } while(0) -+#define MEMP_STATS_DISPLAY(i) stats_display_memp(&lwip_stats.memp[i], i) -+#else -+#define MEMP_STATS_AVAIL(x, i, y) -+#define MEMP_STATS_INC(x, i) -+#define MEMP_STATS_DEC(x, i) -+#define MEMP_STATS_INC_USED(x, i) -+#define MEMP_STATS_DISPLAY(i) -+#endif -+ -+#if SYS_STATS -+#define SYS_STATS_INC(x) STATS_INC(sys.x) -+#define SYS_STATS_DEC(x) STATS_DEC(sys.x) -+#define SYS_STATS_DISPLAY() stats_display_sys(&lwip_stats.sys) -+#else -+#define SYS_STATS_INC(x) -+#define SYS_STATS_DEC(x) -+#define SYS_STATS_DISPLAY() - #endif - - /* Display of statistics */ - #if LWIP_STATS_DISPLAY - void stats_display(void); -+void stats_display_proto(struct stats_proto *proto, char *name); -+void stats_display_igmp(struct stats_igmp *igmp); -+void stats_display_mem(struct stats_mem *mem, char *name); -+void stats_display_memp(struct stats_mem *mem, int index); -+void stats_display_sys(struct stats_sys *sys); - #else - #define stats_display() -+#define stats_display_proto(proto, name) -+#define stats_display_igmp(igmp) -+#define stats_display_mem(mem, name) -+#define stats_display_memp(mem, index) -+#define stats_display_sys(sys) - #endif /* LWIP_STATS_DISPLAY */ - - #ifdef __cplusplus -Index: src/include/lwip/tcpip.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/tcpip.h,v -retrieving revision 1.24 -retrieving revision 1.27 -diff -u -p -r1.24 -r1.27 ---- a/src/include/lwip/tcpip.h 12 Jan 2008 11:52:22 -0000 1.24 -+++ b/src/include/lwip/tcpip.h 27 Jun 2008 20:34:55 -0000 1.27 -@@ -83,7 +83,11 @@ err_t tcpip_netifapi_lock(struct netifap - #endif /* LWIP_NETIF_API */ - - err_t tcpip_callback_with_block(void (*f)(void *ctx), void *ctx, u8_t block); --#define tcpip_callback(f,ctx) tcpip_callback_with_block(f,ctx,1) -+#define tcpip_callback(f, ctx) tcpip_callback_with_block(f, ctx, 1) -+ -+/* free pbufs or heap memory from another context without blocking */ -+err_t pbuf_free_callback(struct pbuf *p); -+err_t mem_free_callback(void *m); - - err_t tcpip_timeout(u32_t msecs, sys_timeout_handler h, void *arg); - #define tcpip_untimeout(h, arg) tcpip_timeout(0xffffffff, h, arg) -Index: src/include/netif/loopif.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/netif/loopif.h,v -retrieving revision 1.7 -retrieving revision 1.9 -diff -u -p -r1.7 -r1.9 ---- a/src/include/netif/loopif.h 10 May 2007 10:59:20 -0000 1.7 -+++ b/src/include/netif/loopif.h 17 Jun 2008 20:12:22 -0000 1.9 -@@ -32,6 +32,7 @@ - #ifndef __NETIF_LOOPIF_H__ - #define __NETIF_LOOPIF_H__ - -+#include "lwip/opt.h" - #include "lwip/netif.h" - #include "lwip/err.h" - -@@ -39,9 +40,9 @@ - extern "C" { - #endif - --#if !LWIP_LOOPIF_MULTITHREADING --void loopif_poll(struct netif *netif); --#endif -+#if !LWIP_NETIF_LOOPBACK_MULTITHREADING -+#define loopif_poll netif_poll -+#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */ - - err_t loopif_init(struct netif *netif); - -Index: src/netif/etharp.c -=================================================================== -RCS file: /sources/lwip/lwip/src/netif/etharp.c,v -retrieving revision 1.145 -retrieving revision 1.148 -diff -u -p -r1.145 -r1.148 ---- a/src/netif/etharp.c 4 Mar 2008 13:41:24 -0000 1.145 -+++ b/src/netif/etharp.c 19 Jun 2008 16:40:59 -0000 1.148 -@@ -353,7 +353,7 @@ find_entry(struct ip_addr *ipaddr, u8_t - * 1) empty entry - * 2) oldest stable entry - * 3) oldest pending entry without queued packets -- * 4) oldest pending entry without queued packets -+ * 4) oldest pending entry with queued packets - * - * { ETHARP_TRY_HARD is set at this point } - */ -@@ -1130,7 +1130,14 @@ ethernet_input(struct pbuf *p, struct ne - - /* points to packet payload, which starts with an Ethernet header */ - ethhdr = p->payload; -- -+ LWIP_DEBUGF(ETHARP_DEBUG | LWIP_DBG_TRACE, -+ ("ethernet_input: dest:%02x:%02x:%02x:%02x:%02x:%02x, src:%02x:%02x:%02x:%02x:%02x:%02x, type:%2hx\n", -+ (unsigned)ethhdr->dest.addr[0], (unsigned)ethhdr->dest.addr[1], (unsigned)ethhdr->dest.addr[2], -+ (unsigned)ethhdr->dest.addr[3], (unsigned)ethhdr->dest.addr[4], (unsigned)ethhdr->dest.addr[5], -+ (unsigned)ethhdr->src.addr[0], (unsigned)ethhdr->src.addr[1], (unsigned)ethhdr->src.addr[2], -+ (unsigned)ethhdr->src.addr[3], (unsigned)ethhdr->src.addr[4], (unsigned)ethhdr->src.addr[5], -+ (unsigned)htons(ethhdr->type))); -+ - switch (htons(ethhdr->type)) { - /* IP packet? */ - case ETHTYPE_IP: -@@ -1165,6 +1172,8 @@ ethernet_input(struct pbuf *p, struct ne - #endif /* PPPOE_SUPPORT */ - - default: -+ ETHARP_STATS_INC(etharp.proterr); -+ ETHARP_STATS_INC(etharp.drop); - pbuf_free(p); - p = NULL; - break; -Index: src/netif/loopif.c -=================================================================== -RCS file: /sources/lwip/lwip/src/netif/loopif.c,v -retrieving revision 1.26 -retrieving revision 1.27 -diff -u -p -r1.26 -r1.27 ---- a/src/netif/loopif.c 31 Aug 2007 10:14:09 -0000 1.26 -+++ b/src/netif/loopif.c 12 Jun 2008 20:10:10 -0000 1.27 -@@ -40,149 +40,8 @@ - #if LWIP_HAVE_LOOPIF - - #include "netif/loopif.h" --#include "lwip/pbuf.h" - #include "lwip/snmp.h" - --#include <string.h> -- --#if !LWIP_LOOPIF_MULTITHREADING -- --#include "lwip/sys.h" --#include "lwip/mem.h" -- --/* helper struct for the linked list of pbufs */ --struct loopif_private { -- struct pbuf *first; -- struct pbuf *last; --}; -- --/** -- * Call loopif_poll() in the main loop of your application. This is to prevent -- * reentering non-reentrant functions like tcp_input(). Packets passed to -- * loopif_output() are put on a list that is passed to netif->input() by -- * loopif_poll(). -- * -- * @param netif the lwip network interface structure for this loopif -- */ --void --loopif_poll(struct netif *netif) --{ -- SYS_ARCH_DECL_PROTECT(lev); -- struct pbuf *in, *in_end; -- struct loopif_private *priv = (struct loopif_private*)netif->state; -- -- LWIP_ERROR("priv != NULL", (priv != NULL), return;); -- -- do { -- /* Get a packet from the list. With SYS_LIGHTWEIGHT_PROT=1, this is protected */ -- SYS_ARCH_PROTECT(lev); -- in = priv->first; -- if(in) { -- in_end = in; -- while(in_end->len != in_end->tot_len) { -- LWIP_ASSERT("bogus pbuf: len != tot_len but next == NULL!", in_end->next != NULL); -- in_end = in_end->next; -- } -- /* 'in_end' now points to the last pbuf from 'in' */ -- if(in_end == priv->last) { -- /* this was the last pbuf in the list */ -- priv->first = priv->last = NULL; -- } else { -- /* pop the pbuf off the list */ -- priv->first = in_end->next; -- LWIP_ASSERT("should not be null since first != last!", priv->first != NULL); -- } -- } -- SYS_ARCH_UNPROTECT(lev); -- -- if(in != NULL) { -- if(in_end->next != NULL) { -- /* De-queue the pbuf from its successors on the 'priv' list. */ -- in_end->next = NULL; -- } -- if(netif->input(in, netif) != ERR_OK) { -- pbuf_free(in); -- } -- /* Don't reference the packet any more! */ -- in = NULL; -- in_end = NULL; -- } -- /* go on while there is a packet on the list */ -- } while(priv->first != NULL); --} --#endif /* LWIP_LOOPIF_MULTITHREADING */ -- --/** -- * Send an IP packet over the loopback interface. -- * The pbuf is simply copied and handed back to netif->input. -- * In multithreaded mode, this is done directly since netif->input must put -- * the packet on a queue. -- * In callback mode, the packet is put on an internal queue and is fed to -- * netif->input by loopif_poll(). -- * -- * @param netif the lwip network interface structure for this loopif -- * @param p the (IP) packet to 'send' -- * @param ipaddr the ip address to send the packet to (not used for loopif) -- * @return ERR_OK if the packet has been sent -- * ERR_MEM if the pbuf used to copy the packet couldn't be allocated -- */ --static err_t --loopif_output(struct netif *netif, struct pbuf *p, -- struct ip_addr *ipaddr) --{ --#if !LWIP_LOOPIF_MULTITHREADING -- SYS_ARCH_DECL_PROTECT(lev); -- struct loopif_private *priv; -- struct pbuf *last; --#endif /* LWIP_LOOPIF_MULTITHREADING */ -- struct pbuf *r; -- err_t err; -- -- LWIP_UNUSED_ARG(ipaddr); -- -- /* Allocate a new pbuf */ -- r = pbuf_alloc(PBUF_RAW, p->tot_len, PBUF_RAM); -- if (r == NULL) { -- return ERR_MEM; -- } -- -- /* Copy the whole pbuf queue p into the single pbuf r */ -- if ((err = pbuf_copy(r, p)) != ERR_OK) { -- pbuf_free(r); -- r = NULL; -- return err; -- } -- --#if LWIP_LOOPIF_MULTITHREADING -- /* Multithreading environment, netif->input() is supposed to put the packet -- into a mailbox, so we can safely call it here without risking to re-enter -- functions that are not reentrant (TCP!!!) */ -- if(netif->input(r, netif) != ERR_OK) { -- pbuf_free(r); -- r = NULL; -- } --#else /* LWIP_LOOPIF_MULTITHREADING */ -- /* Raw API without threads: put the packet on a linked list which gets emptied -- through calling loopif_poll(). */ -- priv = (struct loopif_private*)netif->state; -- -- /* let last point to the last pbuf in chain r */ -- for (last = r; last->next != NULL; last = last->next); -- SYS_ARCH_PROTECT(lev); -- if(priv->first != NULL) { -- LWIP_ASSERT("if first != NULL, last must also be != NULL", priv->last != NULL); -- priv->last->next = r; -- priv->last = last; -- } else { -- priv->first = r; -- priv->last = last; -- } -- SYS_ARCH_UNPROTECT(lev); --#endif /* LWIP_LOOPIF_MULTITHREADING */ -- -- return ERR_OK; --} -- - /** - * Initialize a lwip network interface structure for a loopback interface - * -@@ -193,16 +52,6 @@ loopif_output(struct netif *netif, struc - err_t - loopif_init(struct netif *netif) - { --#if !LWIP_LOOPIF_MULTITHREADING -- struct loopif_private *priv; -- -- priv = (struct loopif_private*)mem_malloc(sizeof(struct loopif_private)); -- if(priv == NULL) -- return ERR_MEM; -- priv->first = priv->last = NULL; -- netif->state = priv; --#endif /* LWIP_LOOPIF_MULTITHREADING */ -- - /* initialize the snmp variables and counters inside the struct netif - * ifSpeed: no assumption can be made! - */ -@@ -210,7 +59,7 @@ loopif_init(struct netif *netif) - - netif->name[0] = 'l'; - netif->name[1] = 'o'; -- netif->output = loopif_output; -+ netif->output = netif_loop_output; - return ERR_OK; - } - -Index: src/netif/slipif.c -=================================================================== -RCS file: /sources/lwip/lwip/src/netif/slipif.c,v -retrieving revision 1.29 -retrieving revision 1.30 -diff -u -p -r1.29 -r1.30 ---- a/src/netif/slipif.c 30 Nov 2007 17:22:21 -0000 1.29 -+++ b/src/netif/slipif.c 17 Jun 2008 20:14:05 -0000 1.30 -@@ -44,6 +44,9 @@ - - #include "netif/slipif.h" - #include "lwip/opt.h" -+ -+#if LWIP_HAVE_SLIPIF -+ - #include "lwip/def.h" - #include "lwip/pbuf.h" - #include "lwip/sys.h" -@@ -273,3 +276,4 @@ slipif_init(struct netif *netif) - sys_thread_new(SLIPIF_THREAD_NAME, slipif_loop, netif, SLIPIF_THREAD_STACKSIZE, SLIPIF_THREAD_PRIO); - return ERR_OK; - } -+#endif /* LWIP_HAVE_SLIPIF */ diff --git a/external/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch b/external/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch deleted file mode 100644 index a5d01495..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch +++ /dev/null @@ -1,155 +0,0 @@ ---- a/newlib/libc/stdio/fprintf_chk.c 1969-12-31 19:00:00.000000000 -0500 -+++ b/newlib/libc/stdio/fprintf_chk.c 2009-02-26 19:02:53.000000000 -0500 -@@ -0,0 +1,21 @@ -+#include <stdarg.h> -+#include <stdio.h> -+ -+/* -+ * Stub implementation of __fprintf_chk adapted from glibc 2.7. This -+ * doesn't actually implement any buffer overflow protection. It just makes -+ * the linker happy :) -+*/ -+int -+__fprintf_chk (FILE *fp, int flag, const char *format, ...) -+{ -+ va_list ap; -+ int done; -+ -+ va_start (ap, format); -+ done = vfprintf (fp, format, ap); -+ va_end (ap); -+ -+ return done; -+} -+ ---- a/newlib/libc/stdio/Makefile.am 2007-08-02 16:23:06.000000000 -0400 -+++ b/newlib/libc/stdio/Makefile.am 2009-02-26 18:14:53.000000000 -0500 -@@ -20,6 +20,7 @@ - flags.c \ - fopen.c \ - fprintf.c \ -+ fprintf_chk.c \ - fputc.c \ - fputs.c \ - fread.c \ -@@ -65,6 +66,7 @@ - sniprintf.c \ - snprintf.c \ - sprintf.c \ -+ sprintf_chk.c \ - sscanf.c \ - stdio.c \ - tmpfile.c \ ---- a/newlib/libc/stdio/Makefile.in 2007-12-19 17:36:38.000000000 -0500 -+++ b/newlib/libc/stdio/Makefile.in 2009-02-26 18:43:52.000000000 -0500 -@@ -63,7 +63,8 @@ - lib_a-fgets.$(OBJEXT) lib_a-fileno.$(OBJEXT) \ - lib_a-findfp.$(OBJEXT) lib_a-fiprintf.$(OBJEXT) \ - lib_a-flags.$(OBJEXT) lib_a-fopen.$(OBJEXT) \ -- lib_a-fprintf.$(OBJEXT) lib_a-fputc.$(OBJEXT) \ -+ lib_a-fprintf.$(OBJEXT) lib_a-fprintf_chk.$(OBJEXT) \ -+ lib_a-fputc.$(OBJEXT) \ - lib_a-fputs.$(OBJEXT) lib_a-fread.$(OBJEXT) \ - lib_a-freopen.$(OBJEXT) lib_a-fscanf.$(OBJEXT) \ - lib_a-fiscanf.$(OBJEXT) lib_a-fseek.$(OBJEXT) \ -@@ -86,6 +87,7 @@ - lib_a-setvbuf.$(OBJEXT) lib_a-siprintf.$(OBJEXT) \ - lib_a-siscanf.$(OBJEXT) lib_a-sniprintf.$(OBJEXT) \ - lib_a-snprintf.$(OBJEXT) lib_a-sprintf.$(OBJEXT) \ -+ lib_a-sprintf_chk.$(OBJEXT) \ - lib_a-sscanf.$(OBJEXT) lib_a-stdio.$(OBJEXT) \ - lib_a-tmpfile.$(OBJEXT) lib_a-tmpnam.$(OBJEXT) \ - lib_a-ungetc.$(OBJEXT) lib_a-vdiprintf.$(OBJEXT) \ -@@ -122,15 +124,15 @@ - LTLIBRARIES = $(noinst_LTLIBRARIES) - am__objects_4 = clearerr.lo fclose.lo fdopen.lo feof.lo ferror.lo \ - fflush.lo fgetc.lo fgetpos.lo fgets.lo fileno.lo findfp.lo \ -- fiprintf.lo flags.lo fopen.lo fprintf.lo fputc.lo fputs.lo \ -- fread.lo freopen.lo fscanf.lo fiscanf.lo fseek.lo fsetpos.lo \ -+ fiprintf.lo flags.lo fopen.lo fprintf.lo fprintf_chk.lo fputc.lo \ -+ fputs.lo fread.lo freopen.lo fscanf.lo fiscanf.lo fseek.lo fsetpos.lo \ - ftell.lo fvwrite.lo fwalk.lo fwrite.lo getc.lo getchar.lo \ - getc_u.lo getchar_u.lo getdelim.lo getline.lo gets.lo \ - iprintf.lo iscanf.lo makebuf.lo perror.lo printf.lo putc.lo \ - putchar.lo putc_u.lo putchar_u.lo puts.lo refill.lo remove.lo \ - rename.lo rewind.lo rget.lo scanf.lo sccl.lo setbuf.lo \ - setbuffer.lo setlinebuf.lo setvbuf.lo siprintf.lo siscanf.lo \ -- sniprintf.lo snprintf.lo sprintf.lo sscanf.lo stdio.lo \ -+ sniprintf.lo snprintf.lo sprintf.lo sprintf_chk.lo sscanf.lo stdio.lo \ - tmpfile.lo tmpnam.lo ungetc.lo vdiprintf.lo vdprintf.lo \ - viprintf.lo viscanf.lo vprintf.lo vscanf.lo vsiprintf.lo \ - vsiscanf.lo vsnprintf.lo vsniprintf.lo vsprintf.lo vsscanf.lo \ -@@ -344,6 +346,7 @@ - flags.c \ - fopen.c \ - fprintf.c \ -+ fprintf_chk.c \ - fputc.c \ - fputs.c \ - fread.c \ -@@ -389,6 +392,7 @@ - sniprintf.c \ - snprintf.c \ - sprintf.c \ -+ sprintf_chk.c \ - sscanf.c \ - stdio.c \ - tmpfile.c \ -@@ -508,6 +512,7 @@ - siprintf.def \ - siscanf.def \ - sprintf.def \ -+ sprintf_chk.def \ - sscanf.def \ - tmpfile.def \ - tmpnam.def \ -@@ -678,6 +683,12 @@ - lib_a-fprintf.obj: fprintf.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf.obj `if test -f 'fprintf.c'; then $(CYGPATH_W) 'fprintf.c'; else $(CYGPATH_W) '$(srcdir)/fprintf.c'; fi` - -+lib_a-fprintf_chk.o: fprintf_chk.c -+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf_chk.o `test -f 'fprintf_chk.c' || echo '$(srcdir)/'`fprintf_chk.c -+ -+lib_a-fprintf_chk.obj: fprintf_chk.c -+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf_chk.obj `if test -f 'fprintf_chk.c'; then $(CYGPATH_W) 'fprintf_chk.c'; else $(CYGPATH_W) '$(srcdir)/fprintf_chk.c'; fi` -+ - lib_a-fputc.o: fputc.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fputc.o `test -f 'fputc.c' || echo '$(srcdir)/'`fputc.c - -@@ -948,6 +959,12 @@ - lib_a-sprintf.obj: sprintf.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf.obj `if test -f 'sprintf.c'; then $(CYGPATH_W) 'sprintf.c'; else $(CYGPATH_W) '$(srcdir)/sprintf.c'; fi` - -+lib_a-sprintf_chk.o: sprintf_chk.c -+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf_chk.o `test -f 'sprintf_chk.c' || echo '$(srcdir)/'`sprintf_chk.c -+ -+lib_a-sprintf_chk.obj: sprintf_chk.c -+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf_chk.obj `if test -f 'sprintf_chk.c'; then $(CYGPATH_W) 'sprintf_chk.c'; else $(CYGPATH_W) '$(srcdir)/sprintf_chk.c'; fi` -+ - lib_a-sscanf.o: sscanf.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sscanf.o `test -f 'sscanf.c' || echo '$(srcdir)/'`sscanf.c - ---- a/newlib/libc/stdio/sprintf_chk.c 1969-12-31 19:00:00.000000000 -0500 -+++ b/newlib/libc/stdio/sprintf_chk.c 2009-02-26 19:02:26.000000000 -0500 -@@ -0,0 +1,21 @@ -+#include <stdarg.h> -+#include <stdio.h> -+ -+/* -+ * Stub implementation of __sprintf_chk adapted from glibc 2.7. This -+ * doesn't actually implement any buffer overflow protection. It just makes -+ * the linker happy :) -+*/ -+int -+__sprintf_chk (char *s, int flags, size_t slen, const char *format, ...) -+{ -+ va_list arg; -+ int done; -+ -+ va_start (arg, format); -+ done = vsprintf (s, format, arg); -+ va_end (arg); -+ -+ return done; -+} -+ diff --git a/external/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch b/external/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch deleted file mode 100644 index 3610d646..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch +++ /dev/null @@ -1,16 +0,0 @@ ---- a/newlib/libc/include/stdint.h.orig 2006-08-17 00:39:43.000000000 +0300 -+++ b/newlib/libc/include/stdint.h 2009-08-25 17:33:23.000000000 +0300 -@@ -348,8 +348,11 @@ - #endif - - /* This must match size_t in stddef.h, currently long unsigned int */ --#define SIZE_MIN (-__STDINT_EXP(LONG_MAX) - 1L) --#define SIZE_MAX __STDINT_EXP(LONG_MAX) -+#ifdef __SIZE_MAX__ -+#define SIZE_MAX __SIZE_MAX__ -+#else -+#define SIZE_MAX (__STDINT_EXP(LONG_MAX) * 2UL + 1) -+#endif - - /* This must match sig_atomic_t in <signal.h> (currently int) */ - #define SIG_ATOMIC_MIN (-__STDINT_EXP(INT_MAX) - 1) diff --git a/external/meta-virtualization/recipes-extended/xen/files/newlib.patch b/external/meta-virtualization/recipes-extended/xen/files/newlib.patch deleted file mode 100644 index dbf409a2..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/newlib.patch +++ /dev/null @@ -1,727 +0,0 @@ -There is a mix between longs and long longs. - -Index: newlib/libc/include/inttypes.h -=================================================================== -RCS file: /cvs/src/src/newlib/libc/include/inttypes.h,v -retrieving revision 1.3 -diff -u -p -r1.3 inttypes.h ---- a/newlib/libc/include/inttypes.h 16 Dec 2005 19:03:12 -0000 1.3 -+++ b/newlib/libc/include/inttypes.h 8 Nov 2007 16:32:44 -0000 -@@ -163,12 +163,12 @@ - - - /* 64-bit types */ --#if __have_longlong64 --#define __PRI64(x) __STRINGIFY(ll##x) --#define __SCN64(x) __STRINGIFY(ll##x) --#elif __have_long64 -+#if __have_long64 - #define __PRI64(x) __STRINGIFY(l##x) - #define __SCN64(x) __STRINGIFY(l##x) -+#elif __have_longlong64 -+#define __PRI64(x) __STRINGIFY(ll##x) -+#define __SCN64(x) __STRINGIFY(ll##x) - #else - #define __PRI64(x) __STRINGIFY(x) - #define __SCN64(x) __STRINGIFY(x) -@@ -217,12 +217,12 @@ - #endif - - /* max-bit types */ --#if __have_longlong64 --#define __PRIMAX(x) __STRINGIFY(ll##x) --#define __SCNMAX(x) __STRINGIFY(ll##x) --#elif __have_long64 -+#if __have_long64 - #define __PRIMAX(x) __STRINGIFY(l##x) - #define __SCNMAX(x) __STRINGIFY(l##x) -+#elif __have_longlong64 -+#define __PRIMAX(x) __STRINGIFY(ll##x) -+#define __SCNMAX(x) __STRINGIFY(ll##x) - #else - #define __PRIMAX(x) __STRINGIFY(x) - #define __SCNMAX(x) __STRINGIFY(x) -@@ -242,12 +242,12 @@ - #define SCNxMAX __SCNMAX(x) - - /* ptr types */ --#if __have_longlong64 --#define __PRIPTR(x) __STRINGIFY(ll##x) --#define __SCNPTR(x) __STRINGIFY(ll##x) --#elif __have_long64 -+#if __have_long64 - #define __PRIPTR(x) __STRINGIFY(l##x) - #define __SCNPTR(x) __STRINGIFY(l##x) -+#elif __have_longlong64 -+#define __PRIPTR(x) __STRINGIFY(ll##x) -+#define __SCNPTR(x) __STRINGIFY(ll##x) - #else - #define __PRIPTR(x) __STRINGIFY(x) - #define __SCNPTR(x) __STRINGIFY(x) - -We don't want u?int32_t to be long as our code assume in a lot of places to be -int. - -Index: newlib/libc/include/stdint.h -=================================================================== -RCS file: /cvs/src/src/newlib/libc/include/stdint.h,v -retrieving revision 1.10 -diff -u -p -r1.10 stdint.h ---- a/newlib/libc/include/stdint.h 16 Aug 2006 21:39:43 -0000 1.10 -+++ b/newlib/libc/include/stdint.h 12 Feb 2008 13:07:52 -0000 -@@ -38,7 +38,7 @@ extern "C" { - #if __STDINT_EXP(LONG_MAX) > 0x7fffffff - #define __have_long64 1 - #elif __STDINT_EXP(LONG_MAX) == 0x7fffffff && !defined(__SPU__) --#define __have_long32 1 -+/* #define __have_long32 1 */ - #endif - - #if __STDINT_EXP(SCHAR_MAX) == 0x7f - -Define the basic ia64 jump buffer - -Index: newlib/libc/include/sys/config.h -=================================================================== -RCS file: /cvs/src/src/newlib/libc/include/sys/config.h,v -retrieving revision 1.47 -diff -u -p -r1.47 config.h ---- a/newlib/libc/include/sys/config.h 15 Mar 2007 21:32:12 -0000 1.47 -+++ b/newlib/libc/include/sys/config.h 8 Nov 2007 16:32:44 -0000 -@@ -71,6 +71,10 @@ - #endif - #endif - -+#ifndef __DYNAMIC_REENT__ -+#define __DYNAMIC_REENT__ -+#endif -+ - #ifdef __mn10200__ - #define __SMALL_BITFIELDS - #endif - -Dynamic pointer to our reentrancy zone - -Index: newlib/libc/reent/getreent.c -=================================================================== -RCS file: /cvs/src/src/newlib/libc/reent/getreent.c,v -retrieving revision 1.2 -diff -u -p -r1.2 getreent.c ---- a/newlib/libc/reent/getreent.c 7 Sep 2007 00:45:55 -0000 1.2 -+++ b/newlib/libc/reent/getreent.c 8 Nov 2007 16:32:44 -0000 -@@ -3,12 +3,20 @@ - #include <_ansi.h> - #include <reent.h> - -+#define weak_alias(name, aliasname) \ -+ extern __typeof (name) aliasname __attribute__ ((weak, alias (#name))); -+ - #ifdef __getreent - #undef __getreent - #endif -+#ifdef __libc_getreent -+#undef __libc_getreent -+#endif - - struct _reent * --_DEFUN_VOID(__getreent) -+__libc_getreent (void) - { - return _impure_ptr; - } -+weak_alias(__libc_getreent,__getreent) -+ - -We can't provide a red zone in mini-os. - -Index: newlib/libc/machine/x86_64/memcpy.S -=================================================================== -RCS file: /cvs/src/src/newlib/libc/machine/x86_64/memcpy.S,v -retrieving revision 1.1 -diff -u -p -r1.1 memcpy.S ---- a/newlib/libc/machine/x86_64/memcpy.S 28 Aug 2007 21:56:49 -0000 1.1 -+++ b/newlib/libc/machine/x86_64/memcpy.S 8 Nov 2007 16:32:44 -0000 -@@ -30,10 +30,18 @@ quadword_aligned: - cmpq $256, rdx - jb quadword_copy - -+#if 1 -+ subq $32, rsp -+ movq rax, 24 (rsp) -+ movq r12, 16 (rsp) -+ movq r13, 8 (rsp) -+ movq r14, 0 (rsp) -+#else - movq rax, -8 (rsp) - movq r12, -16 (rsp) - movq r13, -24 (rsp) - movq r14, -32 (rsp) -+#endif - - movq rdx, rcx /* Copy 128 bytes at a time with minimum cache polution */ - shrq $7, rcx -@@ -89,10 +97,18 @@ loop: - movq rdx, rcx - andq $127, rcx - rep movsb -+#if 1 -+ movq 24 (rsp), rax -+ movq 16 (rsp), r12 -+ movq 8 (rsp), r13 -+ movq 0 (rsp), r14 -+ addq $32, rsp -+#else - movq -8 (rsp), rax - movq -16 (rsp), r12 - movq -24 (rsp), r13 - movq -32 (rsp), r14 -+#endif - ret - - ---- a/newlib/libc/machine/x86_64/x86_64mach.h.orig 2008-07-11 14:57:23.062269000 +0100 -+++ b/newlib/libc/machine/x86_64/x86_64mach.h 2008-07-11 14:58:01.262503000 +0100 -@@ -22,81 +22,81 @@ - - #define REG(x) CONCAT1(__REG_PREFIX__, x) - --#define rax REG(rax) --#define rbx REG(rbx) --#define rcx REG(rcx) --#define rdx REG(rdx) --#define rsi REG(rsi) --#define rdi REG(rdi) --#define rbp REG(rbp) --#define rsp REG(rsp) -- --#define r8 REG(r8) --#define r9 REG(r9) --#define r10 REG(r10) --#define r11 REG(r11) --#define r12 REG(r12) --#define r13 REG(r13) --#define r14 REG(r14) --#define r15 REG(r15) -- --#define eax REG(eax) --#define ebx REG(ebx) --#define ecx REG(ecx) --#define edx REG(edx) --#define esi REG(esi) --#define edi REG(edi) --#define ebp REG(ebp) --#define esp REG(esp) -- --#define st0 REG(st) --#define st1 REG(st(1)) --#define st2 REG(st(2)) --#define st3 REG(st(3)) --#define st4 REG(st(4)) --#define st5 REG(st(5)) --#define st6 REG(st(6)) --#define st7 REG(st(7)) -- --#define ax REG(ax) --#define bx REG(bx) --#define cx REG(cx) --#define dx REG(dx) -- --#define ah REG(ah) --#define bh REG(bh) --#define ch REG(ch) --#define dh REG(dh) -- --#define al REG(al) --#define bl REG(bl) --#define cl REG(cl) --#define dl REG(dl) -- --#define sil REG(sil) -- --#define mm1 REG(mm1) --#define mm2 REG(mm2) --#define mm3 REG(mm3) --#define mm4 REG(mm4) --#define mm5 REG(mm5) --#define mm6 REG(mm6) --#define mm7 REG(mm7) -- --#define xmm0 REG(xmm0) --#define xmm1 REG(xmm1) --#define xmm2 REG(xmm2) --#define xmm3 REG(xmm3) --#define xmm4 REG(xmm4) --#define xmm5 REG(xmm5) --#define xmm6 REG(xmm6) --#define xmm7 REG(xmm7) -- --#define cr0 REG(cr0) --#define cr1 REG(cr1) --#define cr2 REG(cr2) --#define cr3 REG(cr3) --#define cr4 REG(cr4) -+#define rax %rax -+#define rbx %rbx -+#define rcx %rcx -+#define rdx %rdx -+#define rsi %rsi -+#define rdi %rdi -+#define rbp %rbp -+#define rsp %rsp -+ -+#define r8 %r8 -+#define r9 %r9 -+#define r10 %r10 -+#define r11 %r11 -+#define r12 %r12 -+#define r13 %r13 -+#define r14 %r14 -+#define r15 %r15 -+ -+#define eax %eax -+#define ebx %ebx -+#define ecx %ecx -+#define edx %edx -+#define esi %esi -+#define edi %edi -+#define ebp %ebp -+#define esp %esp -+ -+#define st0 %st -+#define st1 %st(1) -+#define st2 %st(2) -+#define st3 %st(3) -+#define st4 %st(4) -+#define st5 %st(5) -+#define st6 %st(6) -+#define st7 %st(7) -+ -+#define ax %ax -+#define bx %bx -+#define cx %cx -+#define dx %dx -+ -+#define ah %ah -+#define bh %bh -+#define ch %ch -+#define dh %dh -+ -+#define al %al -+#define bl %bl -+#define cl %cl -+#define dl %dl -+ -+#define sil %sil -+ -+#define mm1 %mm1 -+#define mm2 %mm2 -+#define mm3 %mm3 -+#define mm4 %mm4 -+#define mm5 %mm5 -+#define mm6 %mm6 -+#define mm7 %mm7 -+ -+#define xmm0 %xmm0 -+#define xmm1 %xmm1 -+#define xmm2 %xmm2 -+#define xmm3 %xmm3 -+#define xmm4 %xmm4 -+#define xmm5 %xmm5 -+#define xmm6 %xmm6 -+#define xmm7 %xmm7 -+ -+#define cr0 %cr0 -+#define cr1 %cr1 -+#define cr2 %cr2 -+#define cr3 %cr3 -+#define cr4 %cr4 - - #ifdef _I386MACH_NEED_SOTYPE_FUNCTION - #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function ---- a/newlib/libc/machine/x86_64/memcpy.S.orig 2008-07-11 15:12:27.494693000 +0100 -+++ b/newlib/libc/machine/x86_64/memcpy.S 2008-07-11 15:12:29.448706000 +0100 -@@ -60,14 +60,14 @@ - movq 48 (rsi), r13 - movq 56 (rsi), r14 - -- movntiq rax, (rdi) -- movntiq r8 , 8 (rdi) -- movntiq r9 , 16 (rdi) -- movntiq r10, 24 (rdi) -- movntiq r11, 32 (rdi) -- movntiq r12, 40 (rdi) -- movntiq r13, 48 (rdi) -- movntiq r14, 56 (rdi) -+ movnti rax, (rdi) -+ movnti r8 , 8 (rdi) -+ movnti r9 , 16 (rdi) -+ movnti r10, 24 (rdi) -+ movnti r11, 32 (rdi) -+ movnti r12, 40 (rdi) -+ movnti r13, 48 (rdi) -+ movnti r14, 56 (rdi) - - movq 64 (rsi), rax - movq 72 (rsi), r8 -@@ -78,14 +78,14 @@ - movq 112 (rsi), r13 - movq 120 (rsi), r14 - -- movntiq rax, 64 (rdi) -- movntiq r8 , 72 (rdi) -- movntiq r9 , 80 (rdi) -- movntiq r10, 88 (rdi) -- movntiq r11, 96 (rdi) -- movntiq r12, 104 (rdi) -- movntiq r13, 112 (rdi) -- movntiq r14, 120 (rdi) -+ movnti rax, 64 (rdi) -+ movnti r8 , 72 (rdi) -+ movnti r9 , 80 (rdi) -+ movnti r10, 88 (rdi) -+ movnti r11, 96 (rdi) -+ movnti r12, 104 (rdi) -+ movnti r13, 112 (rdi) -+ movnti r14, 120 (rdi) - - leaq 128 (rsi), rsi - leaq 128 (rdi), rdi ---- a/newlib/libc/machine/i386/i386mach.h 2000-08-28 18:50:06.000000000 +0100 -+++ b/newlib/libc/machine/i386/i386mach.h 2008-07-11 15:17:13.874409000 +0100 -@@ -27,46 +27,46 @@ - - #define REG(x) CONCAT1(__REG_PREFIX__, x) - --#define eax REG(eax) --#define ebx REG(ebx) --#define ecx REG(ecx) --#define edx REG(edx) --#define esi REG(esi) --#define edi REG(edi) --#define ebp REG(ebp) --#define esp REG(esp) -- --#define st0 REG(st) --#define st1 REG(st(1)) --#define st2 REG(st(2)) --#define st3 REG(st(3)) --#define st4 REG(st(4)) --#define st5 REG(st(5)) --#define st6 REG(st(6)) --#define st7 REG(st(7)) -- --#define ax REG(ax) --#define bx REG(bx) --#define cx REG(cx) --#define dx REG(dx) -- --#define ah REG(ah) --#define bh REG(bh) --#define ch REG(ch) --#define dh REG(dh) -- --#define al REG(al) --#define bl REG(bl) --#define cl REG(cl) --#define dl REG(dl) -- --#define mm1 REG(mm1) --#define mm2 REG(mm2) --#define mm3 REG(mm3) --#define mm4 REG(mm4) --#define mm5 REG(mm5) --#define mm6 REG(mm6) --#define mm7 REG(mm7) -+#define eax %eax -+#define ebx %ebx -+#define ecx %ecx -+#define edx %edx -+#define esi %esi -+#define edi %edi -+#define ebp %ebp -+#define esp %esp -+ -+#define st0 %st -+#define st1 %st(1) -+#define st2 %st(2) -+#define st3 %st(3) -+#define st4 %st(4) -+#define st5 %st(5) -+#define st6 %st(6) -+#define st7 %st(7) -+ -+#define ax %ax -+#define bx %bx -+#define cx %cx -+#define dx %dx -+ -+#define ah %ah -+#define bh %bh -+#define ch %ch -+#define dh %dh -+ -+#define al %al -+#define bl %bl -+#define cl %cl -+#define dl %dl -+ -+#define mm1 %mm1 -+#define mm2 %mm2 -+#define mm3 %mm3 -+#define mm4 %mm4 -+#define mm5 %mm5 -+#define mm6 %mm6 -+#define mm7 %mm7 - - #ifdef _I386MACH_NEED_SOTYPE_FUNCTION - #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function ---- a/newlib/libc/machine/x86_64/memset.S 2007-08-28 22:56:49.000000000 +0100 -+++ b/newlib/libc/machine/x86_64/memset.S 2008-07-11 15:16:59.098320000 +0100 -@@ -40,22 +40,22 @@ - - .p2align 4 - loop: -- movntiq rax, (rdi) -- movntiq rax, 8 (rdi) -- movntiq rax, 16 (rdi) -- movntiq rax, 24 (rdi) -- movntiq rax, 32 (rdi) -- movntiq rax, 40 (rdi) -- movntiq rax, 48 (rdi) -- movntiq rax, 56 (rdi) -- movntiq rax, 64 (rdi) -- movntiq rax, 72 (rdi) -- movntiq rax, 80 (rdi) -- movntiq rax, 88 (rdi) -- movntiq rax, 96 (rdi) -- movntiq rax, 104 (rdi) -- movntiq rax, 112 (rdi) -- movntiq rax, 120 (rdi) -+ movnti rax, (rdi) -+ movnti rax, 8 (rdi) -+ movnti rax, 16 (rdi) -+ movnti rax, 24 (rdi) -+ movnti rax, 32 (rdi) -+ movnti rax, 40 (rdi) -+ movnti rax, 48 (rdi) -+ movnti rax, 56 (rdi) -+ movnti rax, 64 (rdi) -+ movnti rax, 72 (rdi) -+ movnti rax, 80 (rdi) -+ movnti rax, 88 (rdi) -+ movnti rax, 96 (rdi) -+ movnti rax, 104 (rdi) -+ movnti rax, 112 (rdi) -+ movnti rax, 120 (rdi) - - leaq 128 (rdi), rdi - ---- a/newlib/libm/machine/i386/i386mach.h.orig 2008-07-11 15:30:37.367227000 +0100 -+++ b/newlib/libm/machine/i386/i386mach.h 2008-07-11 15:30:55.232337000 +0100 -@@ -27,46 +27,46 @@ - - #define REG(x) CONCAT1(__REG_PREFIX__, x) - --#define eax REG(eax) --#define ebx REG(ebx) --#define ecx REG(ecx) --#define edx REG(edx) --#define esi REG(esi) --#define edi REG(edi) --#define ebp REG(ebp) --#define esp REG(esp) -- --#define st0 REG(st) --#define st1 REG(st(1)) --#define st2 REG(st(2)) --#define st3 REG(st(3)) --#define st4 REG(st(4)) --#define st5 REG(st(5)) --#define st6 REG(st(6)) --#define st7 REG(st(7)) -- --#define ax REG(ax) --#define bx REG(bx) --#define cx REG(cx) --#define dx REG(dx) -- --#define ah REG(ah) --#define bh REG(bh) --#define ch REG(ch) --#define dh REG(dh) -- --#define al REG(al) --#define bl REG(bl) --#define cl REG(cl) --#define dl REG(dl) -- --#define mm1 REG(mm1) --#define mm2 REG(mm2) --#define mm3 REG(mm3) --#define mm4 REG(mm4) --#define mm5 REG(mm5) --#define mm6 REG(mm6) --#define mm7 REG(mm7) -+#define eax %eax -+#define ebx %ebx -+#define ecx %ecx -+#define edx %edx -+#define esi %esi -+#define edi %edi -+#define ebp %ebp -+#define esp %esp -+ -+#define st0 %st -+#define st1 %st(1) -+#define st2 %st(2) -+#define st3 %st(3) -+#define st4 %st(4) -+#define st5 %st(5) -+#define st6 %st(6) -+#define st7 %st(7) -+ -+#define ax %ax -+#define bx %bx -+#define cx %cx -+#define dx %dx -+ -+#define ah %ah -+#define bh %bh -+#define ch %ch -+#define dh %dh -+ -+#define al %al -+#define bl %bl -+#define cl %cl -+#define dl %dl -+ -+#define mm1 %mm1 -+#define mm2 %mm2 -+#define mm3 %mm3 -+#define mm4 %mm4 -+#define mm5 %mm5 -+#define mm6 %mm6 -+#define mm7 %mm7 - - #ifdef _I386MACH_NEED_SOTYPE_FUNCTION - #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function - - -We want to have a 64bit offsets libc even on 32bit platforms. - ---- ./newlib/configure.host.orig 2008-08-07 16:01:17.801946000 +0100 -+++ ./newlib/configure.host 2008-08-07 16:01:34.181064000 +0100 -@@ -317,6 +317,8 @@ - oext=lo - lpfx= - aext=la ;; -+ i[34567]86-xen-elf) -+ stdio64_dir=stdio64 ;; - *) ;; #shared library not supported for ${host} - esac - ---- a/newlib/libc/include/sys/_types.h.orig 2008-08-07 15:22:44.925008000 +0100 -+++ b/newlib/libc/include/sys/_types.h 2008-08-07 15:22:50.824044000 +0100 -@@ -13,8 +13,12 @@ - #include <sys/lock.h> - - #ifndef __off_t_defined -+#ifdef __MINIOS__ -+typedef long long _off_t; -+#else - typedef long _off_t; - #endif -+#endif - - #if defined(__rtems__) - /* device numbers are 32-bit major and and 32-bit minor */ ---- ./newlib/libc/include/sys/config.h.orig 2008-08-07 14:43:25.915866000 +0100 -+++ ./newlib/libc/include/sys/config.h 2008-08-07 14:44:13.508154000 +0100 -@@ -69,6 +69,10 @@ - /* we use some glibc header files so turn on glibc large file feature */ - #define _LARGEFILE64_SOURCE 1 - #endif -+#ifdef __MINIOS__ -+#define __LARGE64_FILES 1 -+#define _LARGEFILE64_SOURCE 1 -+#endif - #endif - - #ifndef __DYNAMIC_REENT__ ---- ./newlib/libc/include/sys/_default_fcntl.h.orig 2008-08-07 15:08:22.377836000 +0100 -+++ ./newlib/libc/include/sys/_default_fcntl.h 2008-08-07 15:08:31.651890000 +0100 -@@ -170,7 +170,11 @@ - /* Provide _<systemcall> prototypes for functions provided by some versions - of newlib. */ - #ifdef _COMPILING_NEWLIB --extern int _open _PARAMS ((const char *, int, ...)); -+extern int _open _PARAMS ((const char *, int, ...)) -+#ifdef __MINIOS__ -+ asm("open64") -+#endif -+ ; - extern int _fcntl _PARAMS ((int, int, ...)); - #ifdef __LARGE64_FILES - extern int _open64 _PARAMS ((const char *, int, ...)); ---- ./newlib/libc/include/sys/unistd.h.orig 2008-08-07 15:09:36.449280000 +0100 -+++ ./newlib/libc/include/sys/unistd.h 2008-08-07 15:09:51.210370000 +0100 -@@ -101,7 +101,11 @@ - int _EXFUN(link, (const char *__path1, const char *__path2 )); - int _EXFUN(nice, (int __nice_value )); - #if !defined(__INSIDE_CYGWIN__) --off_t _EXFUN(lseek, (int __fildes, off_t __offset, int __whence )); -+off_t _EXFUN(lseek, (int __fildes, off_t __offset, int __whence )) -+#ifdef __MINIOS__ -+ asm("lseek64") -+#endif -+ ; - #endif - #if defined(__SPU__) - #define F_ULOCK 0 ---- ./newlib/libc/include/sys/stat.h.orig 2008-08-07 16:08:50.495116000 +0100 -+++ ./newlib/libc/include/sys/stat.h 2008-08-07 16:10:21.799753000 +0100 -@@ -49,6 +49,9 @@ - long st_spare4[2]; - #endif - }; -+#ifdef __MINIOS__ -+#define stat64 stat -+#endif - #endif - - #define _IFMT 0170000 /* type of file */ -@@ -132,7 +135,11 @@ - /* Provide prototypes for most of the _<systemcall> names that are - provided in newlib for some compilers. */ - #ifdef _COMPILING_NEWLIB --int _EXFUN(_fstat,( int __fd, struct stat *__sbuf )); -+int _EXFUN(_fstat,( int __fd, struct stat *__sbuf )) -+#ifdef __MINIOS__ -+ asm("fstat64") -+#endif -+ ; - int _EXFUN(_stat,( const char *__path, struct stat *__sbuf )); - #ifdef __LARGE64_FILES - struct stat64; ---- ./newlib/libc/include/_syslist.h.orig 2008-08-07 16:24:19.122605000 +0100 -+++ ./newlib/libc/include/_syslist.h 2008-08-07 16:24:21.548628000 +0100 -@@ -14,6 +14,7 @@ - #define _kill kill - #define _link link - #define _lseek lseek -+#define _lseek64 lseek64 - #define _open open - #define _read read - #define _sbrk sbrk ---- a/newlib/libc/include/reent.h.orig 2008-08-07 16:28:49.846502000 +0100 -+++ b/newlib/libc/include/reent.h 2008-08-07 16:29:02.096586000 +0100 -@@ -87,6 +87,9 @@ - #if defined(__CYGWIN__) && defined(_COMPILING_NEWLIB) - #define stat64 __stat64 - #endif -+#if defined(__MINIOS__) -+#define stat64 stat -+#endif - - struct stat64; - diff --git a/external/meta-virtualization/recipes-extended/xen/files/polarssl.patch b/external/meta-virtualization/recipes-extended/xen/files/polarssl.patch deleted file mode 100644 index 95487308..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/polarssl.patch +++ /dev/null @@ -1,64 +0,0 @@ -diff -Naur polarssl-1.1.4/include/polarssl/config.h polarssl-x86_64/include/polarssl/config.h ---- a/include/polarssl/config.h 2011-12-22 05:06:27.000000000 -0500 -+++ b/include/polarssl/config.h 2012-10-30 17:18:07.567001000 -0400 -@@ -164,8 +164,8 @@ - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. --#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES - */ -+#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES - - /** - * \def POLARSSL_NO_PLATFORM_ENTROPY -@@ -175,8 +175,8 @@ - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. --#define POLARSSL_NO_PLATFORM_ENTROPY - */ -+#define POLARSSL_NO_PLATFORM_ENTROPY - - /** - * \def POLARSSL_PKCS1_V21 -@@ -426,8 +426,8 @@ - * Requires: POLARSSL_TIMING_C - * - * This module enables the HAVEGE random number generator. -- */ - #define POLARSSL_HAVEGE_C -+ */ - - /** - * \def POLARSSL_MD_C -@@ -490,7 +490,7 @@ - * - * This module provides TCP/IP networking routines. - */ --#define POLARSSL_NET_C -+//#define POLARSSL_NET_C - - /** - * \def POLARSSL_PADLOCK_C -@@ -644,8 +644,8 @@ - * Caller: library/havege.c - * - * This module is used by the HAVEGE random number generator. -- */ - #define POLARSSL_TIMING_C -+ */ - - /** - * \def POLARSSL_VERSION_C -diff -Naur polarssl-1.1.4/library/bignum.c polarssl-x86_64/library/bignum.c ---- a/library/bignum.c 2012-04-29 16:15:55.000000000 -0400 -+++ b/library/bignum.c 2012-10-30 17:21:52.135000999 -0400 -@@ -1101,7 +1101,7 @@ - Z.p[i - t - 1] = ~0; - else - { --#if defined(POLARSSL_HAVE_LONGLONG) -+#if 0 //defined(POLARSSL_HAVE_LONGLONG) - t_udbl r; - - r = (t_udbl) X.p[i] << biL; diff --git a/external/meta-virtualization/recipes-extended/xen/files/tools-xentop-vwprintw.patch b/external/meta-virtualization/recipes-extended/xen/files/tools-xentop-vwprintw.patch deleted file mode 100644 index 5d5d0116..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/tools-xentop-vwprintw.patch +++ /dev/null @@ -1,25 +0,0 @@ -tools/xentop : fix vwprintw -Werror=deprecated-declarations warning - -gcc-8.1 complains: - -| xentop.c: In function 'print': -| xentop.c:304:4: error: 'vwprintw' is deprecated [-Werror=deprecated-declarations] -| vwprintw(stdscr, (curses_str_t)fmt, args); -| ^~~~~~~~ - -vw_printw is the non-deprecated alternative. - -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> -diff --git a/tools/xenstat/xentop/xentop.c b/tools/xenstat/xentop/xentop.c -index 2fd2b67..c465810 100644 ---- a/tools/xenstat/xentop/xentop.c -+++ b/tools/xenstat/xentop/xentop.c -@@ -301,7 +301,7 @@ static void print(const char *fmt, ...) - if (!batch) { - if((current_row() < lines()-1)) { - va_start(args, fmt); -- vwprintw(stdscr, (curses_str_t)fmt, args); -+ vw_printw(stdscr, (curses_str_t)fmt, args); - va_end(args); - } - } else { diff --git a/external/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch b/external/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch deleted file mode 100644 index 622b34f5..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naur tpm_emulator-x86_64-back/tpm/tpm_emulator_extern.c tpm_emulator-x86_64/tpm/tpm_emulator_extern.c ---- a/tpm/tpm_emulator_extern.c 2012-04-27 10:55:46.581963398 -0400 -+++ b/tpm/tpm_emulator_extern.c 2012-04-27 10:56:02.193034152 -0400 -@@ -249,7 +249,7 @@ - #else /* TPM_NO_EXTERN */ - - int (*tpm_extern_init)(void) = NULL; --int (*tpm_extern_release)(void) = NULL; -+void (*tpm_extern_release)(void) = NULL; - void* (*tpm_malloc)(size_t size) = NULL; - void (*tpm_free)(/*const*/ void *ptr) = NULL; - void (*tpm_log)(int priority, const char *fmt, ...) = NULL; diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch deleted file mode 100644 index 9c9304cf..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/config.h.in b/config.h.in -index d16a997..8088a2a 100644 ---- a/config.h.in -+++ b/config.h.in -@@ -27,7 +27,7 @@ - #define TPM_STORAGE_NAME "${TPM_STORAGE_NAME}" - #define TPM_DEVICE_NAME "${TPM_DEVICE_NAME}" - #define TPM_LOG_FILE "${TPM_LOG_FILE}" --#define TPM_CMD_BUF_SIZE 4096 -+#define TPM_CMD_BUF_SIZE 4088 - - #endif /* _CONFIG_H_ */ - diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch deleted file mode 100644 index 5fee4e9a..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- - CMakeLists.txt | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -Index: tpm_emulator-x86_64/CMakeLists.txt -=================================================================== ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -40,10 +40,11 @@ set(TPM_STORAGE_NAME "/var/lib/tpm/tpm_e - set(TPM_DEVICE_NAME "/dev/tpm") - endif() - configure_file(${CMAKE_CURRENT_SOURCE_DIR}/config.h.in ${CMAKE_CURRENT_BINARY_DIR}/config.h) --add_definitions(-Wall -Werror -Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings) -+add_definitions(-Wall -Werror) - if("${CMAKE_SYSTEM}" MATCHES "Linux") - add_definitions(-Wextra) - endif() -+add_definitions(-Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings) - if(USE_OPENSSL) - add_definitions(-DUSE_OPENSSL) - endif() diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch deleted file mode 100644 index b1cbf66e..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch +++ /dev/null @@ -1,127 +0,0 @@ -diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c -index 69511d1..7545d51 100644 ---- a/tpm/tpm_cmd_handler.c -+++ b/tpm/tpm_cmd_handler.c -@@ -3347,12 +3347,13 @@ static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) - { - TPM_NONCE nonce; - TPM_RESULT res; -- UINT32 sigSize; -- BYTE *sig; -+ UINT32 quote_blob_size; -+ BYTE *quote_blob; - BYTE *ptr; - UINT32 len; - TPM_PCR_SELECTION myPCR; - TPM_PCR_SELECTION ptPCR; -+ UINT32 extraInfoFlags = 0; - - tpm_compute_in_param_digest(req); - -@@ -3361,17 +3362,19 @@ static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) - if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce) - || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &myPCR) - || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &ptPCR) -+ || tpm_unmarshal_TPM_DEEP_QUOTE_INFO(&ptr, &len, &extraInfoFlags) - || len != 0) return TPM_BAD_PARAMETER; - -- res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, &sigSize, &sig); -+ res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, extraInfoFlags, -+ "e_blob_size, "e_blob); - if (res != TPM_SUCCESS) return res; -- rsp->paramSize = len = sigSize; -+ rsp->paramSize = len = quote_blob_size; - rsp->param = ptr = tpm_malloc(len); -- if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) { -+ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, quote_blob, quote_blob_size)) { - tpm_free(rsp->param); - res = TPM_FAIL; - } -- tpm_free(sig); -+ tpm_free(quote_blob); - - return res; - } -diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h -index 328d1be..a56dd5f 100644 ---- a/tpm/tpm_commands.h -+++ b/tpm/tpm_commands.h -@@ -3077,6 +3077,7 @@ TPM_RESULT TPM_ParentSignEK( - * @myPCR: [in] PCR selection for the virtual TPM - * @ptPCR: [in] PCR selection for the hardware TPM - * @auth1: [in, out] Authorization protocol parameters -+ * @extraInfoFlags [in] Flags for including, kernel hash, group info, etc - * @sigSize: [out] The length of the returned digital signature - * @sig: [out] The resulting digital signature and PCR values - * Returns: TPM_SUCCESS on success, a TPM error code otherwise. -@@ -3086,6 +3087,7 @@ TPM_RESULT TPM_DeepQuote( - TPM_PCR_SELECTION *myPCR, - TPM_PCR_SELECTION *ptPCR, - TPM_AUTH *auth1, -+ UINT32 extraInfoFlags, - UINT32 *sigSize, - BYTE **sig - ); -diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c -index c0d62e7..6586c22 100644 ---- a/tpm/tpm_credentials.c -+++ b/tpm/tpm_credentials.c -@@ -183,7 +183,8 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_KEY_HANDLE keyHandle, TPM_AUTH *auth1, - - int endorsementKeyFresh = 0; - --TPM_RESULT VTPM_GetParentQuote(TPM_DIGEST* data, TPM_PCR_SELECTION *sel, UINT32 *sigSize, BYTE **sig); -+TPM_RESULT VTPM_GetParentQuote(TPM_NONCE *data, TPM_PCR_SELECTION *sel, -+ UINT32 extraInfoFlags, UINT32 *sigSize, BYTE **sig); - - TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, - TPM_AUTH *auth1, UINT32 *sigSize, BYTE **sig) -@@ -191,7 +192,7 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, - TPM_PUBKEY pubKey; - TPM_RESULT res; - TPM_DIGEST hres; -- -+ UINT32 extraInfoFlags = 0; - info("TPM_ParentSignEK()"); - - res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); -@@ -206,7 +207,7 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, - res = TPM_FAIL; - - if (res == TPM_SUCCESS) -- res = VTPM_GetParentQuote(&hres, sel, sigSize, sig); -+ res = VTPM_GetParentQuote((TPM_NONCE*)&hres, sel, extraInfoFlags, sigSize, sig); - - free_TPM_PUBKEY(pubKey); - return res; -@@ -218,7 +219,7 @@ static const BYTE dquot_hdr[] = { - - TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, - TPM_PCR_SELECTION *ptPCR, TPM_AUTH *auth1, -- UINT32 *sigSize, BYTE **sig) -+ UINT32 extraInfoFlags, UINT32 *quote_blob_size, BYTE **quote_blob) - { - TPM_RESULT res; - TPM_DIGEST hres; -@@ -253,7 +254,7 @@ TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, - - tpm_free(buf); - -- res = VTPM_GetParentQuote(&hres, ptPCR, sigSize, sig); -+ res = VTPM_GetParentQuote((TPM_NONCE*)&hres, ptPCR, extraInfoFlags, quote_blob_size, quote_blob); - - return res; - } -diff --git a/tpm/tpm_marshalling.h b/tpm/tpm_marshalling.h -index d510ebe..2e0c008 100644 ---- a/tpm/tpm_marshalling.h -+++ b/tpm/tpm_marshalling.h -@@ -268,6 +268,8 @@ static inline int tpm_unmarshal_BOOL(BYTE **ptr, UINT32 *length, BOOL *v) - #define tpm_unmarshal_TPM_REDIR_COMMAND tpm_unmarshal_UINT32 - #define tpm_marshal_DAAHANDLE tpm_marshal_UINT32 - #define tpm_unmarshal_DAAHANDLE tpm_unmarshal_UINT32 -+#define tpm_marshal_TPM_DEEP_QUOTE_INFO tpm_marshal_UINT32 -+#define tpm_unmarshal_TPM_DEEP_QUOTE_INFO tpm_unmarshal_UINT32 - - int tpm_marshal_UINT32_ARRAY(BYTE **ptr, UINT32 *length, UINT32 *v, UINT32 n); - int tpm_unmarshal_UINT32_ARRAY(BYTE **ptr, UINT32 *length, UINT32 *v, UINT32 n); diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch deleted file mode 100644 index 6344f387..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch +++ /dev/null @@ -1,187 +0,0 @@ -diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c -index 0fabf98..69511d1 100644 ---- a/tpm/tpm_cmd_handler.c -+++ b/tpm/tpm_cmd_handler.c -@@ -3343,6 +3343,39 @@ static TPM_RESULT execute_TPM_ParentSignEK(TPM_REQUEST *req, TPM_RESPONSE *rsp) - return res; - } - -+static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) -+{ -+ TPM_NONCE nonce; -+ TPM_RESULT res; -+ UINT32 sigSize; -+ BYTE *sig; -+ BYTE *ptr; -+ UINT32 len; -+ TPM_PCR_SELECTION myPCR; -+ TPM_PCR_SELECTION ptPCR; -+ -+ tpm_compute_in_param_digest(req); -+ -+ ptr = req->param; -+ len = req->paramSize; -+ if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce) -+ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &myPCR) -+ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &ptPCR) -+ || len != 0) return TPM_BAD_PARAMETER; -+ -+ res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, &sigSize, &sig); -+ if (res != TPM_SUCCESS) return res; -+ rsp->paramSize = len = sigSize; -+ rsp->param = ptr = tpm_malloc(len); -+ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) { -+ tpm_free(rsp->param); -+ res = TPM_FAIL; -+ } -+ tpm_free(sig); -+ -+ return res; -+} -+ - static void tpm_setup_rsp_auth(TPM_COMMAND_CODE ordinal, TPM_RESPONSE *rsp) - { - tpm_hmac_ctx_t hmac; -@@ -4098,6 +4131,11 @@ void tpm_execute_command(TPM_REQUEST *req, TPM_RESPONSE *rsp) - res = execute_TPM_ParentSignEK(req, rsp); - break; - -+ case TPM_ORD_DeepQuote: -+ debug("[TPM_ORD_DeepQuote]"); -+ res = execute_TPM_DeepQuote(req, rsp); -+ break; -+ - default: - #ifdef MTM_EMULATOR - res = mtm_execute_command(req, rsp); -diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h -index 7fef934..328d1be 100644 ---- a/tpm/tpm_commands.h -+++ b/tpm/tpm_commands.h -@@ -3071,6 +3071,25 @@ TPM_RESULT TPM_ParentSignEK( - BYTE **sig - ); - -+/** -+ * TPM_DeepQuote - gets a hardware TPM quote of a vTPM's PCRs -+ * @externalData: [in] AntiReplay nonce to prevent replay of messages -+ * @myPCR: [in] PCR selection for the virtual TPM -+ * @ptPCR: [in] PCR selection for the hardware TPM -+ * @auth1: [in, out] Authorization protocol parameters -+ * @sigSize: [out] The length of the returned digital signature -+ * @sig: [out] The resulting digital signature and PCR values -+ * Returns: TPM_SUCCESS on success, a TPM error code otherwise. -+ */ -+TPM_RESULT TPM_DeepQuote( -+ TPM_NONCE *externalData, -+ TPM_PCR_SELECTION *myPCR, -+ TPM_PCR_SELECTION *ptPCR, -+ TPM_AUTH *auth1, -+ UINT32 *sigSize, -+ BYTE **sig -+); -+ - /* - * Error handling - * [tpm_error.c] -diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c -index 01f29e6..c0d62e7 100644 ---- a/tpm/tpm_credentials.c -+++ b/tpm/tpm_credentials.c -@@ -211,3 +211,49 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, - free_TPM_PUBKEY(pubKey); - return res; - } -+ -+static const BYTE dquot_hdr[] = { -+ 0, 0, 0, 0, 'D', 'Q', 'U', 'T' -+}; -+ -+TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, -+ TPM_PCR_SELECTION *ptPCR, TPM_AUTH *auth1, -+ UINT32 *sigSize, BYTE **sig) -+{ -+ TPM_RESULT res; -+ TPM_DIGEST hres; -+ TPM_PCR_INFO_SHORT pcrData; -+ tpm_sha1_ctx_t ctx; -+ BYTE *buf, *ptr; -+ UINT32 size, len; -+ -+ info("TPM_DeepQuote()"); -+ -+ res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); -+ if (res != TPM_SUCCESS) return res; -+ -+ res = tpm_compute_pcr_digest(myPCR, &pcrData.digestAtRelease, NULL); -+ if (res != TPM_SUCCESS) return res; -+ -+ pcrData.pcrSelection.sizeOfSelect = myPCR->sizeOfSelect; -+ memcpy(pcrData.pcrSelection.pcrSelect, myPCR->pcrSelect, myPCR->sizeOfSelect); -+ pcrData.localityAtRelease = 1 << tpmData.stany.flags.localityModifier; -+ -+ size = len = sizeof_TPM_PCR_INFO_SHORT(pcrData); -+ buf = ptr = tpm_malloc(size); -+ if (buf == NULL) return TPM_NOSPACE; -+ if (tpm_marshal_TPM_PCR_INFO_SHORT(&ptr, &len, &pcrData)) -+ return TPM_FAIL; -+ -+ tpm_sha1_init(&ctx); -+ tpm_sha1_update(&ctx, dquot_hdr, 8); -+ tpm_sha1_update(&ctx, externalData->nonce, 20); -+ tpm_sha1_update(&ctx, buf, size); -+ tpm_sha1_final(&ctx, hres.digest); -+ -+ tpm_free(buf); -+ -+ res = VTPM_GetParentQuote(&hres, ptPCR, sigSize, sig); -+ -+ return res; -+} -diff --git a/tpm/tpm_structures.h b/tpm/tpm_structures.h -index b0f4625..dfb1894 100644 ---- a/tpm/tpm_structures.h -+++ b/tpm/tpm_structures.h -@@ -660,6 +660,42 @@ typedef struct tdTPM_CMK_MA_APPROVAL { - - /* VTPM-only commands: */ - /* -+ * Deep Quote - Create quote of PCRs -+ * Input: -+ * TPM_TAG tag TPM_TAG_RQU_AUTH1_COMMAND -+ * UINT32 paramSize Total size of request -+ * TPM_COMMAND_CODE ordinal TPM_ORD_DeepQuote -+ * TPM_NONCE externData 20 bytes of external data -+ * TPM_PCR_SELECTION vtSel PCR selection for virtual TPM -+ * TPM_PCR_SELECTION ptSel PCR selection for physical TPM -+ * --- -+ * UINT32 authHandle Owner authorization session (OIAP) -+ * TPM_NONCE nonceOdd Nonce for authHandle -+ * BOOL continueAuth Continue flag for authHandle -+ * TPM_AUTHDATA privAuth Authorization digest for command -+ * -+ * Output: -+ * TPM_TAG tag TPM_TAG_RSP_AUTH1_COMMAND -+ * UINT32 paramSize Total size of response -+ * TPM_RESULT returnCode Return code of the operation -+ * BYTE[] sig Signature provided by physical TPM -+ * TPM_PCRVALUE[] pcrValue Values of hardware PCRs used in the quote -+ * --- -+ * TPM_NONCE nonceEven Nonce for authHandle -+ * BOOL continueAuth Continue flag for authHandle -+ * TPM_AUTHDATA resAuth Authorization digest for response -+ * -+ * The values of the virutal TPM's PCRs are not included in the response. -+ * The signature is a standard TPM_Quote response from the physical TPM; its -+ * externalData is the SHA1 hash of the following structure: -+ * TPM_STRUCT_VER version MUST be 0.0.0.0 -+ * BYTE[4] fixed MUST be the string "DQUT" -+ * TPM_NONCE externData From input to the deep quote -+ * TPM_PCR_INFO_SHORT pcrData Virtual TPM's PCRs -+ */ -+#define TPM_ORD_DeepQuote (TPM_VENDOR_COMMAND | TPM_ORD_Quote) -+ -+/* - * ParentSignEK - Proof of fresh provisioning and EK value - * - * Input: diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch deleted file mode 100644 index e95d41fc..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/tpm/tpm_cmd_handler.c.orig 2017-04-27 13:37:14.408000000 +0200 -+++ b/tpm/tpm_cmd_handler.c 2017-04-27 13:39:53.585000000 +0200 -@@ -3397,6 +3397,7 @@ - sizeof(rsp->auth2->nonceOdd.nonce)); - tpm_hmac_update(&hmac, (BYTE*)&rsp->auth2->continueAuthSession, 1); - tpm_hmac_final(&hmac, rsp->auth2->auth); -+ /* fall-thru */ - case TPM_TAG_RSP_AUTH1_COMMAND: - tpm_hmac_init(&hmac, rsp->auth1->secret, sizeof(rsp->auth1->secret)); - tpm_hmac_update(&hmac, rsp->auth1->digest, sizeof(rsp->auth1->digest)); diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch deleted file mode 100644 index 8ab7dea6..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch +++ /dev/null @@ -1,50 +0,0 @@ -diff --git a/tpm/tpm_capability.c b/tpm/tpm_capability.c -index 60bbb90..f8f7f0f 100644 ---- a/tpm/tpm_capability.c -+++ b/tpm/tpm_capability.c -@@ -949,6 +949,8 @@ static TPM_RESULT set_vendor(UINT32 subCap, BYTE *setValue, - UINT32 setValueSize, BOOL ownerAuth, - BOOL deactivated, BOOL disabled) - { -+ if (tpmData.stany.flags.localityModifier != 8) -+ return TPM_BAD_PARAMETER; - /* set the capability area with the specified data, on failure - deactivate the TPM */ - switch (subCap) { -diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c -index 288d1ce..9e1cfb4 100644 ---- a/tpm/tpm_cmd_handler.c -+++ b/tpm/tpm_cmd_handler.c -@@ -4132,7 +4132,7 @@ void tpm_emulator_shutdown() - tpm_extern_release(); - } - --int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size) -+int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size, int locality) - { - TPM_REQUEST req; - TPM_RESPONSE rsp; -@@ -4140,7 +4140,9 @@ int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint3 - UINT32 len; - BOOL free_out; - -- debug("tpm_handle_command()"); -+ debug("tpm_handle_command(%d)", locality); -+ if (locality != -1) -+ tpmData.stany.flags.localityModifier = locality; - - /* we need the whole packet at once, otherwise unmarshalling will fail */ - if (tpm_unmarshal_TPM_REQUEST((uint8_t**)&in, &in_size, &req) != 0) { -diff --git a/tpm/tpm_emulator.h b/tpm/tpm_emulator.h -index eed749e..4c228bd 100644 ---- a/tpm/tpm_emulator.h -+++ b/tpm/tpm_emulator.h -@@ -59,7 +59,7 @@ void tpm_emulator_shutdown(void); - * its usage. In case of an error, all internally allocated memory - * is released and the the state of out and out_size is unspecified. - */ --int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size); -+int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size, int locality); - - #endif /* _TPM_EMULATOR_H_ */ - diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch deleted file mode 100644 index 14e66eee..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch +++ /dev/null @@ -1,196 +0,0 @@ -diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c -index 9e1cfb4..0fabf98 100644 ---- a/tpm/tpm_cmd_handler.c -+++ b/tpm/tpm_cmd_handler.c -@@ -3312,6 +3312,37 @@ static TPM_RESULT execute_TPM_OwnerReadPubek(TPM_REQUEST *req, TPM_RESPONSE *rsp - return res; - } - -+static TPM_RESULT execute_TPM_ParentSignEK(TPM_REQUEST *req, TPM_RESPONSE *rsp) -+{ -+ TPM_NONCE nonce; -+ TPM_RESULT res; -+ UINT32 sigSize; -+ BYTE *sig; -+ BYTE *ptr; -+ UINT32 len; -+ TPM_PCR_SELECTION targetPCR; -+ -+ tpm_compute_in_param_digest(req); -+ -+ ptr = req->param; -+ len = req->paramSize; -+ if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce) -+ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &targetPCR) -+ || len != 0) return TPM_BAD_PARAMETER; -+ -+ res = TPM_ParentSignEK(&nonce, &targetPCR, &req->auth1, &sigSize, &sig); -+ if (res != TPM_SUCCESS) return res; -+ rsp->paramSize = len = sigSize; -+ rsp->param = ptr = tpm_malloc(len); -+ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) { -+ tpm_free(rsp->param); -+ res = TPM_FAIL; -+ } -+ tpm_free(sig); -+ -+ return res; -+} -+ - static void tpm_setup_rsp_auth(TPM_COMMAND_CODE ordinal, TPM_RESPONSE *rsp) - { - tpm_hmac_ctx_t hmac; -@@ -4062,6 +4093,11 @@ void tpm_execute_command(TPM_REQUEST *req, TPM_RESPONSE *rsp) - res = execute_TPM_OwnerReadPubek(req, rsp); - break; - -+ case TPM_ORD_ParentSignEK: -+ debug("[TPM_ORD_ParentSignEK]"); -+ res = execute_TPM_ParentSignEK(req, rsp); -+ break; -+ - default: - #ifdef MTM_EMULATOR - res = mtm_execute_command(req, rsp); -diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h -index a7666f6..7fef934 100644 ---- a/tpm/tpm_commands.h -+++ b/tpm/tpm_commands.h -@@ -3054,6 +3054,23 @@ TPM_RESULT TPM_OwnerReadPubek( - TPM_PUBKEY *pubEndorsementKey - ); - -+/** -+ * TPM_ParentSignEK - gets a hardware TPM quote of a vTPM's EK -+ * @externalData: [in] AntiReplay nonce to prevent replay of messages -+ * @sel: [in] PCR selection for the hardware TPM's quote -+ * @auth1: [in, out] Authorization protocol parameters -+ * @sigSize: [out] The length of the returned digital signature -+ * @sig: [out] The resulting digital signature and PCR values -+ * Returns: TPM_SUCCESS on success, a TPM error code otherwise. -+ */ -+TPM_RESULT TPM_ParentSignEK( -+ TPM_NONCE *externalData, -+ TPM_PCR_SELECTION *sel, -+ TPM_AUTH *auth1, -+ UINT32 *sigSize, -+ BYTE **sig -+); -+ - /* - * Error handling - * [tpm_error.c] -diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c -index 9cd64af..01f29e6 100644 ---- a/tpm/tpm_credentials.c -+++ b/tpm/tpm_credentials.c -@@ -180,3 +180,34 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_KEY_HANDLE keyHandle, TPM_AUTH *auth1, - return TPM_BAD_PARAMETER; - } - } -+ -+int endorsementKeyFresh = 0; -+ -+TPM_RESULT VTPM_GetParentQuote(TPM_DIGEST* data, TPM_PCR_SELECTION *sel, UINT32 *sigSize, BYTE **sig); -+ -+TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, -+ TPM_AUTH *auth1, UINT32 *sigSize, BYTE **sig) -+{ -+ TPM_PUBKEY pubKey; -+ TPM_RESULT res; -+ TPM_DIGEST hres; -+ -+ info("TPM_ParentSignEK()"); -+ -+ res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); -+ if (res != TPM_SUCCESS) return res; -+ -+ if (!endorsementKeyFresh) return TPM_DISABLED_CMD; -+ -+ res = tpm_get_pubek(&pubKey); -+ if (res != TPM_SUCCESS) return res; -+ -+ if (tpm_compute_pubkey_checksum(externalData, &pubKey, &hres)) -+ res = TPM_FAIL; -+ -+ if (res == TPM_SUCCESS) -+ res = VTPM_GetParentQuote(&hres, sel, sigSize, sig); -+ -+ free_TPM_PUBKEY(pubKey); -+ return res; -+} -diff --git a/tpm/tpm_data.c b/tpm/tpm_data.c -index 50c9697..6a0c499 100644 ---- a/tpm/tpm_data.c -+++ b/tpm/tpm_data.c -@@ -76,6 +76,8 @@ static void init_timeouts(void) - tpmData.permanent.data.cmd_durations[2] = 1000; - } - -+extern int endorsementKeyFresh; -+ - void tpm_init_data(void) - { - /* endorsement key */ -@@ -157,6 +159,7 @@ void tpm_init_data(void) - if (tpmConf & TPM_CONF_GENERATE_EK) { - /* generate a new endorsement key */ - tpm_rsa_generate_key(&tpmData.permanent.data.endorsementKey, 2048); -+ endorsementKeyFresh = 1; - } else { - /* setup endorsement key */ - tpm_rsa_import_key(&tpmData.permanent.data.endorsementKey, -diff --git a/tpm/tpm_structures.h b/tpm/tpm_structures.h -index f746c05..b0f4625 100644 ---- a/tpm/tpm_structures.h -+++ b/tpm/tpm_structures.h -@@ -658,6 +658,49 @@ typedef struct tdTPM_CMK_MA_APPROVAL { - #define TPM_ORD_TickStampBlob 242 - #define TPM_ORD_MAX 256 - -+/* VTPM-only commands: */ -+/* -+ * ParentSignEK - Proof of fresh provisioning and EK value -+ * -+ * Input: -+ * TPM_TAG tag TPM_TAG_RQU_AUTH1_COMMAND -+ * UINT32 paramSize Total size of request -+ * TPM_COMMAND_CODE ordinal TPM_ORD_ParentSignEK -+ * TPM_NONCE externData 20 bytes of external data -+ * TPM_PCR_SELECTION ptSel PCR selection for physical TPM -+ * --- -+ * UINT32 authHandle Owner authorization session (OIAP) -+ * TPM_NONCE nonceOdd Nonce for authHandle -+ * BOOL continueAuth Continue flag for authHandle -+ * TPM_AUTHDATA privAuth Authorization digest for command -+ * -+ * Output: -+ * TPM_TAG tag TPM_TAG_RSP_AUTH1_COMMAND -+ * UINT32 paramSize Total size of response -+ * TPM_RESULT returnCode Return code of the operation -+ * BYTE[] sig Signature provided by physical TPM -+ * TPM_PCRVALUE[] pcrValue Values of hardware PCRs used in the quote -+ * --- -+ * TPM_NONCE nonceEven Nonce for authHandle -+ * BOOL continueAuth Continue flag for authHandle -+ * TPM_AUTHDATA resAuth Authorization digest for response -+ * -+ * This command is only valid on the first boot of a vTPM; on any subsequent -+ * boot, the command returns TPM_DISABLED_CMD. It is intended to be used to -+ * provide evidence of proper platform configuration to the verifier/CA which is -+ * responsible for the creation of the vTPM's endorsement credential, which will -+ * be used on subsequent boots to certify AIKs via the usual Privacy CA protocol. -+ * -+ * The values of the virtual TPM's PCRs are not included in the response. -+ * The signature is a standard TPM_Quote response from the physical TPM; its -+ * externalData is the SHA1 hash of the following structure: -+ * TPM_PUBKEY pubEK The vTPM's public EK -+ * TPM_NONCE externData From input to the deep quote -+ * -+ * This structure was chosen to match the return of TPM_ReadPubek -+ */ -+#define TPM_ORD_ParentSignEK (TPM_VENDOR_COMMAND | TPM_ORD_ReadPubek) -+ - /* - * TCS Ordinals ([TPM_Part2], Section 17.1) - * diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch deleted file mode 100644 index aefca284..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch +++ /dev/null @@ -1,28 +0,0 @@ -Patch derived from below Xen changeset. -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> - -commit 22bf5be3237cb482a2ffd772ffd20ce37285eebf -Author: Olaf Hering <olaf@aepfle.de> -Date: Mon Jun 18 14:55:36 2018 +0200 - -stubdom/vtpm: fix memcmp in TPM_ChangeAuthAsymFinish - -gcc8 spotted this error: -error: 'memcmp' reading 20 bytes from a region of size 8 [-Werror=stringop-overflow=] - -Signed-off-by: Olaf Hering <olaf@aepfle.de> -Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> - -diff --git a/tpm/tpm_deprecated.c b/tpm/tpm_deprecated.c -index c362b56..4c49f54 100644 ---- a/tpm/tpm_deprecated.c -+++ b/tpm/tpm_deprecated.c -@@ -434,7 +434,7 @@ TPM_RESULT TPM_ChangeAuthAsymFinish(TPM_KEY_HANDLE parentHandle, - tpm_hmac_final(&hmac_ctx, b1.digest); - /* 6. The TPM SHALL compare b1 with newAuthLink. The TPM SHALL - indicate a failure if the values do not match. */ -- if (memcmp(&b1, &newAuthLink, sizeof(TPM_HMAC))) { -+ if (memcmp(&b1, newAuthLink, sizeof(TPM_HMAC))) { - debug("TPM_ChangeAuthAsymFinish(): newAuthLink value does not match."); - return TPM_FAIL; - } diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-4.11-arm-acpi-fix-string-lengths.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-4.11-arm-acpi-fix-string-lengths.patch deleted file mode 100644 index ece64071..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/xen-4.11-arm-acpi-fix-string-lengths.patch +++ /dev/null @@ -1,101 +0,0 @@ -From 5e1a00969afe98a713bf14d1ba1902403b60e287 Mon Sep 17 00:00:00 2001 -From: Christopher Clark <christopher.w.clark@gmail.com> -Date: Thu, 16 Aug 2018 13:04:52 -0700 -Subject: [PATCH v2] libxl/arm: Fix build on arm64 + acpi w/ gcc 8.2 -To: xen-devel@lists.xenproject.org -Cc: wei.liu2@citrix.com, - ian.jackson@eu.citrix.com, - julien.grall@arm.com, - sstabellini@kernel.org - -[modified for Xen 4.11 to add required: #include <xen-tools/libs.h>] - -Add zero-padding to #defined ACPI table strings that are copied. -Provides sufficient characters to satisfy the length required to -fully populate the destination and prevent array-bounds warnings. -Add BUILD_BUG_ON sizeof checks for compile-time length checking. - -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> -Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> -Acked-by: Wei Liu <wei.liu2@citrix.com> ---- -v2: add BUILD_BUG_ON length checks, requested by Wei. - -v1: Please add this patch to the backport list for the next minor - 4.11 release. - -Prior to this: gcc 8.2 objects to memcpy past bounds: - -| libxl_arm_acpi.c: In function 'make_acpi_header': -| libxl_arm_acpi.c:208:5: error: 'memcpy' forming offset [5, 6] is out -of the bounds [0, 4] [-Werror=array-bounds] -| memcpy(h->oem_id, ACPI_OEM_ID, sizeof(h->oem_id)); -| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| libxl_arm_acpi.c:209:5: error: 'memcpy' forming offset [5, 8] is out -of the bounds [0, 4] [-Werror=array-bounds] -| memcpy(h->oem_table_id, ACPI_OEM_TABLE_ID, -sizeof(h->oem_table_id)); -| -^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| libxl_arm_acpi.c:211:5: error: 'memcpy' forming offset 4 is out of the -bounds [0, 3] [-Werror=array-bounds] -| memcpy(h->asl_compiler_id, ACPI_ASL_COMPILER_ID, -| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| sizeof(h->asl_compiler_id)); -| ~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| In function 'make_acpi_rsdp.isra.4', -| inlined from 'libxl__prepare_acpi' at libxl_arm_acpi.c:389:5: -| libxl_arm_acpi.c:193:5: error: 'memcpy' forming offset [5, 6] is out -of the bounds [0, 4] [-Werror=array-bounds] -| memcpy(rsdp->oem_id, ACPI_OEM_ID, sizeof(rsdp->oem_id)); -| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - - tools/libxl/libxl_arm_acpi.c | 10 +++++++--- - 1 file changed, 7 insertions(+), 3 deletions(-) - -diff --git a/tools/libxl/libxl_arm_acpi.c b/tools/libxl/libxl_arm_acpi.c -index 636f724..8924396 100644 ---- a/tools/libxl/libxl_arm_acpi.c -+++ b/tools/libxl/libxl_arm_acpi.c -@@ -29,6 +29,7 @@ typedef int64_t s64; - - #include <acpi/acconfig.h> - #include <acpi/actbl.h> -+#include <xen-tools/libs.h> - - #ifndef BITS_PER_LONG - #ifdef _LP64 -@@ -48,9 +49,9 @@ extern const unsigned char dsdt_anycpu_arm[]; - _hidden - extern const int dsdt_anycpu_arm_len; - --#define ACPI_OEM_ID "Xen" --#define ACPI_OEM_TABLE_ID "ARM" --#define ACPI_ASL_COMPILER_ID "XL" -+#define ACPI_OEM_ID "Xen\0\0" -+#define ACPI_OEM_TABLE_ID "ARM\0\0\0\0" -+#define ACPI_ASL_COMPILER_ID "XL\0" - - enum { - RSDP, -@@ -190,6 +191,7 @@ static void make_acpi_rsdp(libxl__gc *gc, struct xc_dom_image *dom, - struct acpi_table_rsdp *rsdp = (void *)dom->acpi_modules[0].data + offset; - - memcpy(rsdp->signature, "RSD PTR ", sizeof(rsdp->signature)); -+ BUILD_BUG_ON(sizeof(ACPI_OEM_ID) != sizeof(rsdp->oem_id)); - memcpy(rsdp->oem_id, ACPI_OEM_ID, sizeof(rsdp->oem_id)); - rsdp->length = acpitables[RSDP].size; - rsdp->revision = 0x02; -@@ -205,9 +207,12 @@ static void make_acpi_header(struct acpi_table_header *h, const char *sig, - memcpy(h->signature, sig, 4); - h->length = len; - h->revision = rev; -+ BUILD_BUG_ON(sizeof(ACPI_OEM_ID) != sizeof(h->oem_id)); - memcpy(h->oem_id, ACPI_OEM_ID, sizeof(h->oem_id)); -+ BUILD_BUG_ON(sizeof(ACPI_OEM_TABLE_ID) != sizeof(h->oem_table_id)); - memcpy(h->oem_table_id, ACPI_OEM_TABLE_ID, sizeof(h->oem_table_id)); - h->oem_revision = 0; -+ BUILD_BUG_ON(sizeof(ACPI_ASL_COMPILER_ID) != sizeof(h->asl_compiler_id)); - memcpy(h->asl_compiler_id, ACPI_ASL_COMPILER_ID, - sizeof(h->asl_compiler_id)); - h->asl_compiler_revision = 0; diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-disable-sse-before-inlines.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-disable-sse-before-inlines.patch deleted file mode 100644 index 54a28ee4..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/xen-disable-sse-before-inlines.patch +++ /dev/null @@ -1,140 +0,0 @@ -From 6d50ae155c0f736aa6239eabf1bc8c8e3704742d Mon Sep 17 00:00:00 2001 -From: Christopher Clark <christopher.w.clark@gmail.com> -Date: Fri, 21 Sep 2018 08:28:02 -0700 -Subject: [PATCH v2] fuzz, test x86_emulator: disable sse before including - always_inline fns -To: xen-devel@lists.xenproject.org, - jbeulich@suse.com -Cc: ian.jackson@eu.citrix.com, - wei.liu2@citrix.com, - andrew.cooper3@citrix.com - -Workaround for compiler rejection of SSE-using always_inlines defined before -SSE is disabled. - -Compiling with _FORTIFY_SOURCE or higher levels of optimization enabled -will always_inline several library fns (memset, memcpy, ...) -(with gcc 8.2.0 and glibc 2.28). - -In fuzz and x86_emulator test, the compiler is instructed not -to generate SSE instructions via: #pragma GCC target("no-sse") -because those registers are needed for use by the workload. - -The combination above causes compilation failure as the inline functions -use those instructions. This is resolved by reordering the inclusion of -<stdio.h> and <string.h> to after the pragma disabling SSE generation. - -It would be preferable to locate the no-sse pragma within x86-emulate.h at the -top of the file, prior to including any other headers; unfortunately doing so -before <stdlib.h> causes compilation failure due to declaration of 'atof' with: - "SSE register return with SSE disabled". -Fortunately there is no (known) current dependency on any always_inline -SSE-inclined function declared in <stdlib.h> or any of its dependencies, so the -pragma is therefore issued immediately after inclusion of <stdlib.h> with a -comment introduced to explain its location there. - -Add compile-time checks for unwanted prior inclusion of <string.h> and -<stdio.h>, which are the two headers that provide the library functions that -are handled with wrappers and listed within "x86-emulate.h" as ones "we think -might access any of the FPU state". -* Use standard-defined "EOF" macro to detect prior <stdio.h> inclusion. -* Use "_STRING_H" (non-standardized guard macro) as best-effort - for detection of prior <string.h> inclusion. This is non-universally - viable but will provide error output on common GLIBC systems, so - provides some defensive coverage. - -Adds conditional #include <stdio.h> to x86-emulate.h because fwrite, printf, -etc. are referenced when WRAP has been defined. - -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> -Reviewed-by: Jan Beulich <jbeulich@suse.com> ---- - tools/fuzz/x86_instruction_emulator/fuzz-emul.c | 10 +++++++-- - tools/tests/x86_emulator/wrappers.c | 1 - - tools/tests/x86_emulator/x86-emulate.h | 28 +++++++++++++++++++++++-- - 3 files changed, 34 insertions(+), 5 deletions(-) - -diff --git a/tools/fuzz/x86_instruction_emulator/fuzz-emul.c b/tools/fuzz/x86_instruction_emulator/fuzz-emul.c -index 03a2473..0ffd0fb 100644 ---- a/tools/fuzz/x86_instruction_emulator/fuzz-emul.c -+++ b/tools/fuzz/x86_instruction_emulator/fuzz-emul.c -@@ -6,9 +6,7 @@ - #include <stdbool.h> - #include <stddef.h> - #include <stdint.h> --#include <stdio.h> - #include <stdlib.h> --#include <string.h> - #include <sys/types.h> - #include <sys/stat.h> - #include <sys/mman.h> -@@ -16,6 +14,14 @@ - #include <xen/xen.h> - - #include "x86-emulate.h" -+/* -+ * include "x86-emulate.h" prior to <stdio.h> and <string.h>: -+ * x86-emulate.h disables use of SSE registers, while <stdio.h> and <string.h> -+ * declare functions that may be always_inline and use those registers -+ * unless they have been disabled earlier, which can fail to compile. -+ */ -+#include <stdio.h> -+#include <string.h> - #include "fuzz-emul.h" - - #define MSR_INDEX_MAX 16 -diff --git a/tools/tests/x86_emulator/wrappers.c b/tools/tests/x86_emulator/wrappers.c -index d02013c..eba7cc9 100644 ---- a/tools/tests/x86_emulator/wrappers.c -+++ b/tools/tests/x86_emulator/wrappers.c -@@ -1,5 +1,4 @@ - #include <stdarg.h> --#include <stdio.h> - - #define WRAP(x) typeof(x) emul_##x - #include "x86-emulate.h" -diff --git a/tools/tests/x86_emulator/x86-emulate.h b/tools/tests/x86_emulator/x86-emulate.h -index b249e46..07ea1e8 100644 ---- a/tools/tests/x86_emulator/x86-emulate.h -+++ b/tools/tests/x86_emulator/x86-emulate.h -@@ -3,11 +3,35 @@ - #include <stddef.h> - #include <stdint.h> - #include <stdlib.h> --#include <string.h> -- -+/* -+ * Use of sse registers must be disabled prior to the definition of -+ * always_inline functions that would use them (memcpy, memset, etc), -+ * so do this as early as possible, aiming to be before any always_inline -+ * functions that are used are declared. -+ * Unfortunately, this cannot be done prior to inclusion of <stdlib.h> -+ * due to functions such as 'atof' that have SSE register return declared, -+ * so do so here, immediately after that. -+ */ - #if __GNUC__ >= 6 - #pragma GCC target("no-sse") - #endif -+ /* -+ * Attempt detection of unwanted prior inclusion of some headers known to use -+ * always_inline with SSE registers in some library / compiler / optimization -+ * combinations. -+ */ -+#ifdef _STRING_H -+#error "Must not include <string.h> before x86-emulate.h" -+#endif -+#include <string.h> -+ -+/* EOF is a standard macro defined in <stdio.h> so use it for detection */ -+#ifdef EOF -+#error "Must not include <stdio.h> before x86-emulate.h" -+#endif -+#ifdef WRAP -+#include <stdio.h> -+#endif - - #include <xen/xen.h> - --- -2.1.4 - diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-libxl-gentypes-py3.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-libxl-gentypes-py3.patch new file mode 100644 index 00000000..23997865 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-libxl-gentypes-py3.patch @@ -0,0 +1,140 @@ +From 660d2dd863802ef464c90b32f187cb65861f8185 Mon Sep 17 00:00:00 2001 +From: Wei Liu <wei.liu2@citrix.com> +Date: Thu, 7 Mar 2019 12:33:38 +0000 +Subject: [PATCH] libxl: make python scripts work with python 2.6 and up + +Go through transformations suggested by 2to3 and pick the necessary +ones. + +Signed-off-by: Wei Liu <wei.liu2@citrix.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> +--- + tools/libxl/gentest.py | 4 +++- + tools/libxl/gentypes.py | 12 +++++++----- + tools/libxl/idl.py | 15 ++++++++------- + 3 files changed, 18 insertions(+), 13 deletions(-) + +diff --git a/tools/libxl/gentest.py b/tools/libxl/gentest.py +index 989959fc68..1cc7eebc82 100644 +--- a/tools/libxl/gentest.py ++++ b/tools/libxl/gentest.py +@@ -1,5 +1,7 @@ + #!/usr/bin/python + ++from __future__ import print_function ++ + import os + import sys + import re +@@ -86,7 +88,7 @@ def gen_rand_init(ty, v, indent = " ", parent = None): + + if __name__ == '__main__': + if len(sys.argv) < 3: +- print >>sys.stderr, "Usage: gentest.py <idl> <implementation>" ++ print("Usage: gentest.py <idl> <implementation>", file=sys.stderr) + sys.exit(1) + + random.seed(os.getenv('LIBXL_TESTIDL_SEED')) +diff --git a/tools/libxl/gentypes.py b/tools/libxl/gentypes.py +index 88e5c5f30e..6417c9dd8c 100644 +--- a/tools/libxl/gentypes.py ++++ b/tools/libxl/gentypes.py +@@ -1,5 +1,7 @@ + #!/usr/bin/python + ++from __future__ import print_function ++ + import sys + import re + +@@ -576,14 +578,14 @@ def libxl_C_enum_from_string(ty, str, e, indent = " "): + + if __name__ == '__main__': + if len(sys.argv) != 6: +- print >>sys.stderr, "Usage: gentypes.py <idl> <header> <header-private> <header-json> <implementation>" ++ print("Usage: gentypes.py <idl> <header> <header-private> <header-json> <implementation>", file=sys.stderr) + sys.exit(1) + + (_, idlname, header, header_private, header_json, impl) = sys.argv + + (builtins,types) = idl.parse(idlname) + +- print "outputting libxl type definitions to %s" % header ++ print("outputting libxl type definitions to %s" % header) + + f = open(header, "w") + +@@ -633,7 +635,7 @@ if __name__ == '__main__': + f.write("""#endif /* %s */\n""" % (header_define)) + f.close() + +- print "outputting libxl JSON definitions to %s" % header_json ++ print("outputting libxl JSON definitions to %s" % header_json) + + f = open(header_json, "w") + +@@ -657,7 +659,7 @@ if __name__ == '__main__': + f.write("""#endif /* %s */\n""" % header_json_define) + f.close() + +- print "outputting libxl type internal definitions to %s" % header_private ++ print("outputting libxl type internal definitions to %s" % header_private) + + f = open(header_private, "w") + +@@ -683,7 +685,7 @@ if __name__ == '__main__': + f.write("""#endif /* %s */\n""" % header_json_define) + f.close() + +- print "outputting libxl type implementations to %s" % impl ++ print("outputting libxl type implementations to %s" % impl) + + f = open(impl, "w") + f.write(""" +diff --git a/tools/libxl/idl.py b/tools/libxl/idl.py +index 2a7f3c44fe..d7367503b4 100644 +--- a/tools/libxl/idl.py ++++ b/tools/libxl/idl.py +@@ -1,3 +1,5 @@ ++from __future__ import print_function ++ + import sys + + PASS_BY_VALUE = 1 +@@ -11,7 +13,7 @@ DIR_BOTH = 3 + _default_namespace = "" + def namespace(s): + if type(s) != str: +- raise TypeError, "Require a string for the default namespace." ++ raise TypeError("Require a string for the default namespace.") + global _default_namespace + _default_namespace = s + +@@ -346,7 +348,7 @@ class OrderedDict(dict): + return [(x,self[x]) for x in self.__ordered] + + def parse(f): +- print >>sys.stderr, "Parsing %s" % f ++ print("Parsing %s" % f, file=sys.stderr) + + globs = {} + locs = OrderedDict() +@@ -362,11 +364,10 @@ def parse(f): + globs[n] = t + + try: +- execfile(f, globs, locs) +- except SyntaxError,e: +- raise SyntaxError, \ +- "Errors were found at line %d while processing %s:\n\t%s"\ +- %(e.lineno,f,e.text) ++ exec(compile(open(f).read(), f, 'exec'), globs, locs) ++ except SyntaxError as e: ++ raise SyntaxError("Errors were found at line %d while processing %s:\n\t%s" ++ % (e.lineno, f, e.text)) + + types = [t for t in locs.ordered_values() if isinstance(t,Type)] + +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-change-tabs-into-spaces.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-change-tabs-into-spaces.patch new file mode 100644 index 00000000..d913be20 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-change-tabs-into-spaces.patch @@ -0,0 +1,40 @@ +From b9e1368af14ded6aee3bdf64e8329628b16291ff Mon Sep 17 00:00:00 2001 +From: Wei Liu <wei.liu2@citrix.com> +Date: Mon, 11 Mar 2019 12:55:29 +0000 +Subject: [PATCH] pygrub: change tabs into spaces + +Not sure why Python 2 never complained, but Python 3 does. + +Change tabs to spaces. + +Signed-off-by: Wei Liu <wei.liu2@citrix.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> +--- + tools/pygrub/src/pygrub | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tools/pygrub/src/pygrub b/tools/pygrub/src/pygrub +index 52a8965ad9..1189b1ca48 100755 +--- a/tools/pygrub/src/pygrub ++++ b/tools/pygrub/src/pygrub +@@ -858,7 +858,7 @@ if __name__ == "__main__": + output_directory = a + + if debug: +- logging.basicConfig(level=logging.DEBUG) ++ logging.basicConfig(level=logging.DEBUG) + + + try: +@@ -917,7 +917,7 @@ if __name__ == "__main__": + # IOErrors raised by fsimage.open + # RuntimeErrors raised by run_grub if no menu.lst present + if debug: +- traceback.print_exc() ++ traceback.print_exc() + fs = None + continue + +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-make-python-scripts-work-with-2.6-and-up.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-make-python-scripts-work-with-2.6-and-up.patch new file mode 100644 index 00000000..f4cbb670 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-make-python-scripts-work-with-2.6-and-up.patch @@ -0,0 +1,529 @@ +From 0aabd89dcfee9ee2a6caaa2ec7a475daf5cada53 Mon Sep 17 00:00:00 2001 +From: Wei Liu <wei.liu2@citrix.com> +Date: Thu, 7 Mar 2019 12:45:47 +0000 +Subject: [PATCH] pygrub: make python scripts work with 2.6 and up + +Run 2to3 and pick the sensible suggestions. + +Import print_function and absolute_import so 2.6 can work. + +There has never been a curses.wrapper module according to 2.x and 3.x +doc, only a function, so "import curses.wrapper" is not correct. It +happened to work because 2.x implemented a (undocumented) module. + +We only need to import curses to make curses.wrapper available to +pygrub. + +Signed-off-by: Wei Liu <wei.liu2@citrix.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> +--- + tools/pygrub/src/ExtLinuxConf.py | 19 +++++---- + tools/pygrub/src/GrubConf.py | 39 ++++++++++-------- + tools/pygrub/src/LiloConf.py | 19 +++++---- + tools/pygrub/src/pygrub | 71 ++++++++++++++++---------------- + 4 files changed, 78 insertions(+), 70 deletions(-) + +diff --git a/tools/pygrub/src/ExtLinuxConf.py b/tools/pygrub/src/ExtLinuxConf.py +index d1789bf020..9fd635b9cf 100644 +--- a/tools/pygrub/src/ExtLinuxConf.py ++++ b/tools/pygrub/src/ExtLinuxConf.py +@@ -10,9 +10,11 @@ + # along with this program; If not, see <http://www.gnu.org/licenses/>. + # + ++from __future__ import print_function, absolute_import ++ + import sys, re, os + import logging +-import GrubConf ++from . import GrubConf + + class ExtLinuxImage(object): + def __init__(self, lines, path): +@@ -32,7 +34,8 @@ class ExtLinuxImage(object): + self.lines = [] + self.path = path + self.root = "" +- map(self.set_from_line, lines) ++ for line in lines: ++ self.set_from_line(line) + + def set_from_line(self, line, replace = None): + (com, arg) = GrubConf.grub_exact_split(line, 2) +@@ -67,7 +70,7 @@ class ExtLinuxImage(object): + setattr(self, "initrd", a.replace("initrd=", "")) + arg = arg.replace(a, "") + +- if com is not None and self.commands.has_key(com): ++ if com is not None and com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], re.sub('^"(.+)"$', r"\1", arg.strip())) + else: +@@ -136,7 +139,7 @@ class ExtLinuxConfigFile(object): + def parse(self, buf = None): + if buf is None: + if self.filename is None: +- raise ValueError, "No config file defined to parse!" ++ raise ValueError("No config file defined to parse!") + + f = open(self.filename, 'r') + lines = f.readlines() +@@ -167,7 +170,7 @@ class ExtLinuxConfigFile(object): + + (com, arg) = GrubConf.grub_exact_split(l, 2) + com = com.lower() +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -207,8 +210,8 @@ class ExtLinuxConfigFile(object): + + if __name__ == "__main__": + if len(sys.argv) < 2: +- raise RuntimeError, "Need a configuration file to read" ++ raise RuntimeError("Need a configuration file to read") + g = ExtLinuxConfigFile(sys.argv[1]) + for i in g.images: +- print i +- print g.default ++ print(i) ++ print(g.default) +diff --git a/tools/pygrub/src/GrubConf.py b/tools/pygrub/src/GrubConf.py +index dc810d55cb..f8d3799dc0 100644 +--- a/tools/pygrub/src/GrubConf.py ++++ b/tools/pygrub/src/GrubConf.py +@@ -12,6 +12,8 @@ + # along with this program; If not, see <http://www.gnu.org/licenses/>. + # + ++from __future__ import print_function, absolute_import ++ + import os, sys + import logging + import re +@@ -44,7 +46,7 @@ def get_path(s): + return (None, s) + idx = s.find(')') + if idx == -1: +- raise ValueError, "Unable to find matching ')'" ++ raise ValueError("Unable to find matching ')'") + d = s[:idx] + return (GrubDiskPart(d), s[idx + 1:]) + +@@ -100,7 +102,8 @@ class _GrubImage(object): + " initrd: %s\n" %(self.title, self.root, self.kernel, + self.args, self.initrd)) + def _parse(self, lines): +- map(self.set_from_line, lines) ++ for line in lines: ++ self.set_from_line(line) + + def reset(self, lines): + self._root = self._initrd = self._kernel = self._args = None +@@ -141,7 +144,7 @@ class GrubImage(_GrubImage): + def set_from_line(self, line, replace = None): + (com, arg) = grub_exact_split(line, 2) + +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -177,7 +180,7 @@ class _GrubConfigFile(object): + self.parse() + + def parse(self, buf = None): +- raise RuntimeError, "unimplemented parse function" ++ raise RuntimeError("unimplemented parse function") + + def hasPasswordAccess(self): + return self.passwordAccess +@@ -201,7 +204,7 @@ class _GrubConfigFile(object): + import crypt + if crypt.crypt(password, pwd[1]) == pwd[1]: + return True +- except Exception, e: ++ except Exception as e: + self.passExc = "Can't verify password: %s" % str(e) + return False + +@@ -213,7 +216,7 @@ class _GrubConfigFile(object): + + def set(self, line): + (com, arg) = grub_exact_split(line, 2) +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -233,7 +236,7 @@ class _GrubConfigFile(object): + self._default = val + + if self._default < 0: +- raise ValueError, "default must be positive number" ++ raise ValueError("default must be positive number") + default = property(_get_default, _set_default) + + def set_splash(self, val): +@@ -265,7 +268,7 @@ class GrubConfigFile(_GrubConfigFile): + def parse(self, buf = None): + if buf is None: + if self.filename is None: +- raise ValueError, "No config file defined to parse!" ++ raise ValueError("No config file defined to parse!") + + f = open(self.filename, 'r') + lines = f.readlines() +@@ -296,7 +299,7 @@ class GrubConfigFile(_GrubConfigFile): + continue + + (com, arg) = grub_exact_split(l, 2) +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -328,7 +331,7 @@ class Grub2Image(_GrubImage): + if com == "set": + (com,arg) = grub2_handle_set(arg) + +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -364,7 +367,7 @@ class Grub2ConfigFile(_GrubConfigFile): + def parse(self, buf = None): + if buf is None: + if self.filename is None: +- raise ValueError, "No config file defined to parse!" ++ raise ValueError("No config file defined to parse!") + + f = open(self.filename, 'r') + lines = f.readlines() +@@ -398,7 +401,7 @@ class Grub2ConfigFile(_GrubConfigFile): + title_match = re.match('^menuentry ["\'](.*?)["\'] (.*){', l) + if title_match: + if img is not None: +- raise RuntimeError, "syntax error: cannot nest menuentry (%d %s)" % (len(img),img) ++ raise RuntimeError("syntax error: cannot nest menuentry (%d %s)" % (len(img),img)) + img = [] + title = title_match.group(1) + continue +@@ -413,7 +416,7 @@ class Grub2ConfigFile(_GrubConfigFile): + menu_level -= 1 + continue + else: +- raise RuntimeError, "syntax error: closing brace without menuentry" ++ raise RuntimeError("syntax error: closing brace without menuentry") + + self.add_image(Grub2Image(title, img)) + img = None +@@ -428,7 +431,7 @@ class Grub2ConfigFile(_GrubConfigFile): + if com == "set": + (com,arg) = grub2_handle_set(arg) + +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + arg_strip = arg.strip() + if arg_strip == "${saved_entry}" or arg_strip == "${next_entry}": +@@ -443,7 +446,7 @@ class Grub2ConfigFile(_GrubConfigFile): + logging.warning("Unknown directive %s" %(com,)) + + if img is not None: +- raise RuntimeError, "syntax error: end of file with open menuentry(%d %s)" % (len(img),img) ++ raise RuntimeError("syntax error: end of file with open menuentry(%d %s)" % (len(img),img)) + + if self.hasPassword(): + self.setPasswordAccess(False) +@@ -462,12 +465,12 @@ class Grub2ConfigFile(_GrubConfigFile): + + if __name__ == "__main__": + if len(sys.argv) < 3: +- raise RuntimeError, "Need a grub version (\"grub\" or \"grub2\") and a grub.conf or grub.cfg to read" ++ raise RuntimeError('Need a grub version ("grub" or "grub2") and a grub.conf or grub.cfg to read') + if sys.argv[1] == "grub": + g = GrubConfigFile(sys.argv[2]) + elif sys.argv[1] == "grub2": + g = Grub2ConfigFile(sys.argv[2]) + else: +- raise RuntimeError, "Unknown config type %s" % sys.argv[1] ++ raise RuntimeError("Unknown config type %s" % sys.argv[1]) + for i in g.images: +- print i #, i.title, i.root, i.kernel, i.args, i.initrd ++ print(i) #, i.title, i.root, i.kernel, i.args, i.initrd +diff --git a/tools/pygrub/src/LiloConf.py b/tools/pygrub/src/LiloConf.py +index 2cb649f115..e3bfcb5244 100644 +--- a/tools/pygrub/src/LiloConf.py ++++ b/tools/pygrub/src/LiloConf.py +@@ -2,9 +2,11 @@ + #LiloConf.py + # + ++from __future__ import print_function, absolute_import ++ + import sys, re, os + import logging +-import GrubConf ++from . import GrubConf + + class LiloImage(object): + def __init__(self, lines, path): +@@ -24,12 +26,13 @@ class LiloImage(object): + self.lines = [] + self.path = path + self.root = "" +- map(self.set_from_line, lines) ++ for line in lines: ++ self.set_from_line(line) + + def set_from_line(self, line, replace = None): + (com, arg) = GrubConf.grub_exact_split(line, 2) + +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], re.sub('^"(.+)"$', r"\1", arg.strip())) + else: +@@ -97,7 +100,7 @@ class LiloConfigFile(object): + def parse(self, buf = None): + if buf is None: + if self.filename is None: +- raise ValueError, "No config file defined to parse!" ++ raise ValueError("No config file defined to parse!") + + f = open(self.filename, 'r') + lines = f.readlines() +@@ -127,7 +130,7 @@ class LiloConfigFile(object): + continue + + (com, arg) = GrubConf.grub_exact_split(l, 2) +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -170,8 +173,8 @@ class LiloConfigFile(object): + + if __name__ == "__main__": + if len(sys.argv) < 2: +- raise RuntimeError, "Need a lilo.conf to read" ++ raise RuntimeError("Need a lilo.conf to read") + g = LiloConfigFile(sys.argv[1]) + for i in g.images: +- print i #, i.title, i.root, i.kernel, i.args, i.initrd +- print g.default ++ print(i) #, i.title, i.root, i.kernel, i.args, i.initrd ++ print(g.default) +diff --git a/tools/pygrub/src/pygrub b/tools/pygrub/src/pygrub +index 1189b1ca48..dbdce315c6 100755 +--- a/tools/pygrub/src/pygrub ++++ b/tools/pygrub/src/pygrub +@@ -12,13 +12,15 @@ + # along with this program; If not, see <http://www.gnu.org/licenses/>. + # + ++from __future__ import print_function ++ + import os, sys, string, struct, tempfile, re, traceback, stat, errno + import copy + import logging + import platform + import xen.lowlevel.xc + +-import curses, _curses, curses.wrapper, curses.textpad, curses.ascii ++import curses, _curses, curses.textpad, curses.ascii + import getopt + + import xenfsimage +@@ -77,7 +79,7 @@ def get_solaris_slice(file, offset): + buf = os.read(fd, 512) + os.close(fd) + if struct.unpack("<H", buf[508:510])[0] != DKL_MAGIC: +- raise RuntimeError, "Invalid disklabel magic" ++ raise RuntimeError("Invalid disklabel magic") + + nslices = struct.unpack("<H", buf[30:32])[0] + +@@ -88,7 +90,7 @@ def get_solaris_slice(file, offset): + if slicetag == V_ROOT: + return slicesect * SECTOR_SIZE + +- raise RuntimeError, "No root slice found" ++ raise RuntimeError("No root slice found") + + def get_fs_offset_gpt(file): + fd = os.open(file, os.O_RDONLY) +@@ -423,20 +425,17 @@ class Grub: + we're being given a raw config file rather than a disk image.""" + + if not os.access(fn, os.R_OK): +- raise RuntimeError, "Unable to access %s" %(fn,) ++ raise RuntimeError("Unable to access %s" %(fn,)) + +- cfg_list = map(lambda x: (x,grub.GrubConf.Grub2ConfigFile), +- ["/boot/grub/grub.cfg", "/grub/grub.cfg", +- "/boot/grub2/grub.cfg", "/grub2/grub.cfg"]) + \ +- map(lambda x: (x,grub.ExtLinuxConf.ExtLinuxConfigFile), +- ["/boot/isolinux/isolinux.cfg", ++ cfg_list = [(x,grub.GrubConf.Grub2ConfigFile) for x in ["/boot/grub/grub.cfg", "/grub/grub.cfg", ++ "/boot/grub2/grub.cfg", "/grub2/grub.cfg"]] + \ ++ [(x,grub.ExtLinuxConf.ExtLinuxConfigFile) for x in ["/boot/isolinux/isolinux.cfg", + "/boot/extlinux/extlinux.conf", + "/boot/extlinux.conf", + "/extlinux/extlinux.conf", +- "/extlinux.conf"]) + \ +- map(lambda x: (x,grub.GrubConf.GrubConfigFile), +- ["/boot/grub/menu.lst", "/boot/grub/grub.conf", +- "/grub/menu.lst", "/grub/grub.conf"]) ++ "/extlinux.conf"]] + \ ++ [(x,grub.GrubConf.GrubConfigFile) for x in ["/boot/grub/menu.lst", "/boot/grub/grub.conf", ++ "/grub/menu.lst", "/grub/grub.conf"]] + + if not fs: + # set the config file and parse it +@@ -448,12 +447,12 @@ class Grub: + + for f,parser in cfg_list: + if fs.file_exists(f): +- print >>sys.stderr, "Using %s to parse %s" % (parser,f) ++ print("Using %s to parse %s" % (parser,f), file=sys.stderr) + self.cf = parser() + self.cf.filename = f + break + if self.__dict__.get('cf', None) is None: +- raise RuntimeError, "couldn't find bootloader config file in the image provided." ++ raise RuntimeError("couldn't find bootloader config file in the image provided.") + f = fs.open_file(self.cf.filename) + # limit read size to avoid pathological cases + buf = f.read(FS_READ_MAX) +@@ -628,11 +627,11 @@ def run_grub(file, entry, fs, cfg_args): + if list_entries: + for i in range(len(g.cf.images)): + img = g.cf.images[i] +- print "title: %s" % img.title +- print " root: %s" % img.root +- print " kernel: %s" % img.kernel[1] +- print " args: %s" % img.args +- print " initrd: %s" % img.initrd[1] ++ print("title: %s" % img.title) ++ print(" root: %s" % img.root) ++ print(" kernel: %s" % img.kernel[1]) ++ print(" args: %s" % img.args) ++ print(" initrd: %s" % img.initrd[1]) + + if interactive and not list_entries: + curses.wrapper(run_main) +@@ -646,7 +645,7 @@ def run_grub(file, entry, fs, cfg_args): + sel = idx + + if sel == -1: +- print "No kernel image selected!" ++ print("No kernel image selected!") + sys.exit(1) + + try: +@@ -731,7 +730,7 @@ def format_sxp(kernel, ramdisk, args): + def format_simple(kernel, ramdisk, args, sep): + for check in (kernel, ramdisk, args): + if check is not None and sep in check: +- raise RuntimeError, "simple format cannot represent delimiter-containing value" ++ raise RuntimeError("simple format cannot represent delimiter-containing value") + s = ("kernel %s" % kernel) + sep + if ramdisk: + s += ("ramdisk %s" % ramdisk) + sep +@@ -744,7 +743,7 @@ if __name__ == "__main__": + sel = None + + def usage(): +- print >> sys.stderr, "Usage: %s [-q|--quiet] [-i|--interactive] [-l|--list-entries] [-n|--not-really] [--output=] [--kernel=] [--ramdisk=] [--args=] [--entry=] [--output-directory=] [--output-format=sxp|simple|simple0] [--offset=] <image>" %(sys.argv[0],) ++ print("Usage: %s [-q|--quiet] [-i|--interactive] [-l|--list-entries] [-n|--not-really] [--output=] [--kernel=] [--ramdisk=] [--args=] [--entry=] [--output-directory=] [--output-format=sxp|simple|simple0] [--offset=] <image>" %(sys.argv[0],), file=sys.stderr) + + def copy_from_image(fs, file_to_read, file_type, output_directory, + not_really): +@@ -755,8 +754,8 @@ if __name__ == "__main__": + sys.exit("The requested %s file does not exist" % file_type) + try: + datafile = fs.open_file(file_to_read) +- except Exception, e: +- print >>sys.stderr, e ++ except Exception as e: ++ print(e, file=sys.stderr) + sys.exit("Error opening %s in guest" % file_to_read) + (tfd, ret) = tempfile.mkstemp(prefix="boot_"+file_type+".", + dir=output_directory) +@@ -769,8 +768,8 @@ if __name__ == "__main__": + return ret + try: + os.write(tfd, data) +- except Exception, e: +- print >>sys.stderr, e ++ except Exception as e: ++ print(e, file=sys.stderr) + os.close(tfd) + os.unlink(ret) + del datafile +@@ -834,7 +833,7 @@ if __name__ == "__main__": + try: + part_offs = [ int(a) ] + except ValueError: +- print "offset value must be an integer" ++ print("offset value must be an integer") + usage() + sys.exit(1) + elif o in ("--entry",): +@@ -847,13 +846,13 @@ if __name__ == "__main__": + debug = True + elif o in ("--output-format",): + if a not in ["sxp", "simple", "simple0"]: +- print "unknown output format %s" % a ++ print("unknown output format %s" % a) + usage() + sys.exit(1) + output_format = a + elif o in ("--output-directory",): + if not os.path.isdir(a): +- print "%s is not an existing directory" % a ++ print("%s is not an existing directory" % a) + sys.exit(1) + output_directory = a + +@@ -862,8 +861,8 @@ if __name__ == "__main__": + + + try: +- os.makedirs(output_directory, 0700) +- except OSError,e: ++ os.makedirs(output_directory, 0o700) ++ except OSError as e: + if (e.errno == errno.EEXIST) and os.path.isdir(output_directory): + pass + else: +@@ -877,10 +876,10 @@ if __name__ == "__main__": + # debug + if isconfig: + chosencfg = run_grub(file, entry, fs, incfg["args"]) +- print " kernel: %s" % chosencfg["kernel"] ++ print(" kernel: %s" % chosencfg["kernel"]) + if chosencfg["ramdisk"]: +- print " initrd: %s" % chosencfg["ramdisk"] +- print " args: %s" % chosencfg["args"] ++ print(" initrd: %s" % chosencfg["ramdisk"]) ++ print(" args: %s" % chosencfg["args"]) + sys.exit(0) + + # if boot filesystem is set then pass to fsimage.open +@@ -926,7 +925,7 @@ if __name__ == "__main__": + + # Did looping through partitions find us a kernel? + if fs is None: +- raise RuntimeError, "Unable to find partition containing kernel" ++ raise RuntimeError("Unable to find partition containing kernel") + + bootcfg["kernel"] = copy_from_image(fs, chosencfg["kernel"], "kernel", + output_directory, not_really) +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-py3.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-py3.patch new file mode 100644 index 00000000..e486646f --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-py3.patch @@ -0,0 +1,233 @@ +From 83a204e6951c6358f995da3b60dd61224e9d41ac Mon Sep 17 00:00:00 2001 +From: Wei Liu <wei.liu2@citrix.com> +Date: Tue, 5 Mar 2019 14:13:17 +0000 +Subject: [PATCH] pygrub/fsimage: make it work with python 3 + +With the help of two porting guides and cpython source code: + +1. Use PyBytes to replace PyString counterparts. +2. Use PyVarObject_HEAD_INIT. +3. Remove usage of Py_FindMethod. +4. Use new module initialisation routine. + +For #3, Py_FindMethod was removed, yet an alternative wasn't +documented. The code is the result of reverse-engineering cpython +commit 6116d4a1d1 + +https://docs.python.org/3/howto/cporting.html +http://python3porting.com/cextensions.html + +Signed-off-by: Wei Liu <wei.liu2@citrix.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> +--- + tools/pygrub/src/fsimage/fsimage.c | 123 ++++++++++++++++------------- + 1 file changed, 69 insertions(+), 54 deletions(-) + +diff --git a/tools/pygrub/src/fsimage/fsimage.c b/tools/pygrub/src/fsimage/fsimage.c +index 780207791c..2ebbbe35df 100644 +--- a/tools/pygrub/src/fsimage/fsimage.c ++++ b/tools/pygrub/src/fsimage/fsimage.c +@@ -26,12 +26,6 @@ + #include <xenfsimage.h> + #include <stdlib.h> + +-#if (PYTHON_API_VERSION >= 1011) +-#define PY_PAD 0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L +-#else +-#define PY_PAD 0L,0L,0L,0L +-#endif +- + typedef struct fsimage_fs { + PyObject_HEAD + fsi_t *fs; +@@ -59,12 +53,24 @@ fsimage_file_read(fsimage_file_t *file, PyObject *args, PyObject *kwargs) + + bufsize = size ? size : 4096; + +- if ((buffer = PyString_FromStringAndSize(NULL, bufsize)) == NULL) ++ buffer = ++#if PY_MAJOR_VERSION < 3 ++ PyString_FromStringAndSize(NULL, bufsize); ++#else ++ PyBytes_FromStringAndSize(NULL, bufsize); ++#endif ++ ++ if (buffer == NULL) + return (NULL); + + while (1) { + int err; +- void *buf = PyString_AS_STRING(buffer) + bytesread; ++ void *buf = ++#if PY_MAJOR_VERSION < 3 ++ PyString_AS_STRING(buffer) + bytesread; ++#else ++ PyBytes_AS_STRING(buffer) + bytesread; ++#endif + + err = fsi_pread_file(file->file, buf, bufsize, + bytesread + offset); +@@ -84,12 +90,20 @@ fsimage_file_read(fsimage_file_t *file, PyObject *args, PyObject *kwargs) + if (bufsize == 0) + break; + } else { ++#if PY_MAJOR_VERSION < 3 + if (_PyString_Resize(&buffer, bytesread + bufsize) < 0) ++#else ++ if (_PyBytes_Resize(&buffer, bytesread + bufsize) < 0) ++#endif + return (NULL); + } + } + ++#if PY_MAJOR_VERSION < 3 + _PyString_Resize(&buffer, bytesread); ++#else ++ _PyBytes_Resize(&buffer, bytesread); ++#endif + return (buffer); + } + +@@ -106,11 +120,13 @@ static struct PyMethodDef fsimage_file_methods[] = { + { NULL, NULL, 0, NULL } + }; + ++#if PY_MAJOR_VERSION < 3 + static PyObject * + fsimage_file_getattr(fsimage_file_t *file, char *name) + { + return (Py_FindMethod(fsimage_file_methods, (PyObject *)file, name)); + } ++#endif + + static void + fsimage_file_dealloc(fsimage_file_t *file) +@@ -123,29 +139,18 @@ fsimage_file_dealloc(fsimage_file_t *file) + + static char fsimage_file_type__doc__[] = "Filesystem image file"; + PyTypeObject fsimage_file_type = { +- PyObject_HEAD_INIT(&PyType_Type) +- 0, /* ob_size */ +- "xenfsimage.file", /* tp_name */ +- sizeof(fsimage_file_t), /* tp_size */ +- 0, /* tp_itemsize */ +- (destructor) fsimage_file_dealloc, /* tp_dealloc */ +- 0, /* tp_print */ +- (getattrfunc) fsimage_file_getattr, /* tp_getattr */ +- 0, /* tp_setattr */ +- 0, /* tp_compare */ +- 0, /* tp_repr */ +- 0, /* tp_as_number */ +- 0, /* tp_as_sequence */ +- 0, /* tp_as_mapping */ +- 0, /* tp_hash */ +- 0, /* tp_call */ +- 0, /* tp_str */ +- 0, /* tp_getattro */ +- 0, /* tp_setattro */ +- 0, /* tp_as_buffer */ +- Py_TPFLAGS_DEFAULT, /* tp_flags */ +- fsimage_file_type__doc__, +- PY_PAD ++ PyVarObject_HEAD_INIT(&PyType_Type, 0) ++ .tp_name = "xenfsimage.file", ++ .tp_basicsize = sizeof(fsimage_file_t), ++ .tp_dealloc = (destructor) fsimage_file_dealloc, ++#if PY_MAJOR_VERSION < 3 ++ .tp_getattr = (getattrfunc) fsimage_file_getattr, ++#endif ++ .tp_flags = Py_TPFLAGS_DEFAULT, ++ .tp_doc = fsimage_file_type__doc__, ++#if PY_MAJOR_VERSION >= 3 ++ .tp_methods = fsimage_file_methods, ++#endif + }; + + static PyObject * +@@ -208,11 +213,13 @@ static struct PyMethodDef fsimage_fs_methods[] = { + { NULL, NULL, 0, NULL } + }; + ++#if PY_MAJOR_VERSION < 3 + static PyObject * + fsimage_fs_getattr(fsimage_fs_t *fs, char *name) + { + return (Py_FindMethod(fsimage_fs_methods, (PyObject *)fs, name)); + } ++#endif + + static void + fsimage_fs_dealloc (fsimage_fs_t *fs) +@@ -225,29 +232,18 @@ fsimage_fs_dealloc (fsimage_fs_t *fs) + PyDoc_STRVAR(fsimage_fs_type__doc__, "Filesystem image"); + + PyTypeObject fsimage_fs_type = { +- PyObject_HEAD_INIT(&PyType_Type) +- 0, /* ob_size */ +- "xenfsimage.fs", /* tp_name */ +- sizeof(fsimage_fs_t), /* tp_size */ +- 0, /* tp_itemsize */ +- (destructor) fsimage_fs_dealloc, /* tp_dealloc */ +- 0, /* tp_print */ +- (getattrfunc) fsimage_fs_getattr, /* tp_getattr */ +- 0, /* tp_setattr */ +- 0, /* tp_compare */ +- 0, /* tp_repr */ +- 0, /* tp_as_number */ +- 0, /* tp_as_sequence */ +- 0, /* tp_as_mapping */ +- 0, /* tp_hash */ +- 0, /* tp_call */ +- 0, /* tp_str */ +- 0, /* tp_getattro */ +- 0, /* tp_setattro */ +- 0, /* tp_as_buffer */ +- Py_TPFLAGS_DEFAULT, /* tp_flags */ +- fsimage_fs_type__doc__, +- PY_PAD ++ PyVarObject_HEAD_INIT(&PyType_Type, 0) ++ .tp_name = "xenfsimage.fs", ++ .tp_basicsize = sizeof(fsimage_fs_t), ++ .tp_dealloc = (destructor) fsimage_fs_dealloc, ++#if PY_MAJOR_VERSION < 3 ++ .tp_getattr = (getattrfunc) fsimage_fs_getattr, ++#endif ++ .tp_flags = Py_TPFLAGS_DEFAULT, ++ .tp_doc = fsimage_fs_type__doc__, ++#if PY_MAJOR_VERSION >= 3 ++ .tp_methods = fsimage_fs_methods, ++#endif + }; + + static PyObject * +@@ -309,8 +305,27 @@ static struct PyMethodDef fsimage_module_methods[] = { + { NULL, NULL, 0, NULL } + }; + ++#if PY_MAJOR_VERSION >= 3 ++static struct PyModuleDef fsimage_module_def = { ++ PyModuleDef_HEAD_INIT, ++ .m_name = "xenfsimage", ++ .m_size = -1, ++ .m_methods = fsimage_module_methods, ++}; ++#endif ++ + PyMODINIT_FUNC ++#if PY_MAJOR_VERSION >= 3 ++PyInit_xenfsimage(void) ++#else + initxenfsimage(void) ++#endif + { ++#if PY_MAJOR_VERSION < 3 + Py_InitModule("xenfsimage", fsimage_module_methods); ++#else ++ if (PyType_Ready(&fsimage_fs_type) < 0 || PyType_Ready(&fsimage_file_type) < 0) ++ return NULL; ++ return PyModule_Create(&fsimage_module_def); ++#endif + } +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-python-fix-Wsign-compare-warnings.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-python-fix-Wsign-compare-warnings.patch new file mode 100644 index 00000000..b32c5d06 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-python-fix-Wsign-compare-warnings.patch @@ -0,0 +1,136 @@ +From 88d703a361d34d75f81fc6d30b31d0abc8aa17eb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= + <marmarek@invisiblethingslab.com> +Date: Fri, 9 Aug 2019 03:01:36 +0100 +Subject: [PATCH] python: fix -Wsign-compare warnings +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Specifically: +xen/lowlevel/xc/xc.c: In function ‘pyxc_domain_create’: +xen/lowlevel/xc/xc.c:147:24: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 147 | for ( i = 0; i < sizeof(xen_domain_handle_t); i++ ) + | ^ +xen/lowlevel/xc/xc.c: In function ‘pyxc_domain_sethandle’: +xen/lowlevel/xc/xc.c:312:20: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 312 | for ( i = 0; i < sizeof(xen_domain_handle_t); i++ ) + | ^ +xen/lowlevel/xc/xc.c: In function ‘pyxc_domain_getinfo’: +xen/lowlevel/xc/xc.c:391:24: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 391 | for ( j = 0; j < sizeof(xen_domain_handle_t); j++ ) + | ^ +xen/lowlevel/xc/xc.c: In function ‘pyxc_get_device_group’: +xen/lowlevel/xc/xc.c:677:20: error: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Werror=sign-compare] + 677 | for ( i = 0; i < num_sdevs; i++ ) + | ^ +xen/lowlevel/xc/xc.c: In function ‘pyxc_physinfo’: +xen/lowlevel/xc/xc.c:988:20: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 988 | for ( i = 0; i < sizeof(pinfo.hw_cap)/4; i++ ) + | ^ +xen/lowlevel/xc/xc.c:994:20: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 994 | for ( i = 0; i < ARRAY_SIZE(virtcaps_bits); i++ ) + | ^ +xen/lowlevel/xc/xc.c:998:24: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 998 | for ( i = 0; i < ARRAY_SIZE(virtcaps_bits); i++ ) + | ^ +xen/lowlevel/xs/xs.c: In function ‘xspy_ls’: +xen/lowlevel/xs/xs.c:191:23: error: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Werror=sign-compare] + 191 | for (i = 0; i < xsval_n; i++) + | ^ +xen/lowlevel/xs/xs.c: In function ‘xspy_get_permissions’: +xen/lowlevel/xs/xs.c:297:23: error: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Werror=sign-compare] + 297 | for (i = 0; i < perms_n; i++) { + | ^ +cc1: all warnings being treated as errors + +Use size_t for loop iterators where it's compared with sizeof() or +similar construct. + +Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> +Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> + +Modified to apply to Xen 4.12.2 by Christopher Clark +Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> +--- + tools/python/xen/lowlevel/xc/xc.c | 13 ++++++++----- + tools/python/xen/lowlevel/xs/xs.c | 4 ++-- + 2 files changed, 10 insertions(+), 7 deletions(-) + +diff --git a/tools/python/xen/lowlevel/xc/xc.c b/tools/python/xen/lowlevel/xc/xc.c +index 522cbe3b9c..188bfa34da 100644 +--- a/tools/python/xen/lowlevel/xc/xc.c ++++ b/tools/python/xen/lowlevel/xc/xc.c +@@ -117,7 +117,8 @@ static PyObject *pyxc_domain_create(XcObject *self, + PyObject *kwds) + { + uint32_t dom = 0, target = 0; +- int ret, i; ++ int ret; ++ size_t i; + PyObject *pyhandle = NULL; + struct xen_domctl_createdomain config = { + .handle = { +@@ -295,7 +296,7 @@ static PyObject *pyxc_vcpu_setaffinity(XcObject *self, + + static PyObject *pyxc_domain_sethandle(XcObject *self, PyObject *args) + { +- int i; ++ size_t i; + uint32_t dom; + PyObject *pyhandle; + xen_domain_handle_t handle; +@@ -336,7 +337,8 @@ static PyObject *pyxc_domain_getinfo(XcObject *self, + PyObject *list, *info_dict, *pyhandle; + + uint32_t first_dom = 0; +- int max_doms = 1024, nr_doms, i, j; ++ int max_doms = 1024, nr_doms, i; ++ size_t j; + xc_dominfo_t *info; + + static char *kwd_list[] = { "first_dom", "max_doms", NULL }; +@@ -631,7 +633,8 @@ static PyObject *pyxc_get_device_group(XcObject *self, + { + uint32_t sbdf; + uint32_t max_sdevs, num_sdevs; +- int domid, seg, bus, dev, func, rc, i; ++ int domid, seg, bus, dev, func, rc; ++ size_t i; + PyObject *Pystr; + char *group_str; + char dev_str[9]; +@@ -971,7 +974,7 @@ static PyObject *pyxc_physinfo(XcObject *self) + { + xc_physinfo_t pinfo; + char cpu_cap[128], virt_caps[128], *p; +- int i; ++ size_t i; + const char *virtcap_names[] = { "hvm", "hvm_directio" }; + + if ( xc_physinfo(self->xc_handle, &pinfo) != 0 ) +diff --git a/tools/python/xen/lowlevel/xs/xs.c b/tools/python/xen/lowlevel/xs/xs.c +index 9a0acfc25c..ea50f86bc3 100644 +--- a/tools/python/xen/lowlevel/xs/xs.c ++++ b/tools/python/xen/lowlevel/xs/xs.c +@@ -186,7 +186,7 @@ static PyObject *xspy_ls(XsHandle *self, PyObject *args) + Py_END_ALLOW_THREADS + + if (xsval) { +- int i; ++ size_t i; + PyObject *val = PyList_New(xsval_n); + for (i = 0; i < xsval_n; i++) + #if PY_MAJOR_VERSION >= 3 +@@ -276,7 +276,7 @@ static PyObject *xspy_get_permissions(XsHandle *self, PyObject *args) + struct xs_handle *xh = xshandle(self); + struct xs_permissions *perms; + unsigned int perms_n = 0; +- int i; ++ size_t i; + + xs_transaction_t th; + char *thstr; +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-update-python-scripts-to-py3.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-update-python-scripts-to-py3.patch new file mode 100644 index 00000000..455072ba --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-update-python-scripts-to-py3.patch @@ -0,0 +1,140 @@ +From a9047a722ba5de38e7c1d762ffcfb74c36725fe2 Mon Sep 17 00:00:00 2001 +From: Andrew Cooper <andrew.cooper3@citrix.com> +Date: Mon, 11 Mar 2019 19:18:40 +0000 +Subject: [PATCH] tools/xen-foreign: Update python scripts to be Py3 compatible + +The issues are: + * dict.has_key() was completely removed in Py3 + * dict.keys() is an iterable rather than list in Py3, so .sort() doesn't work. + * list.sort(cmp=) was deprecated in Py2.4 and removed in Py3. + +The has_key() issue is trivially fixed by switching to using the in keyword. +The sorting issue could be trivially fixed, but take the opportunity to +improve the code. + +The reason for the sorting is to ensure that "unsigned long" gets replaced +before "long", and the only reason sorting is necessary is because +inttypes[arch] is needlessly a dictionary. Update inttypes[arch] to be a list +of tuples rather than a dictionary, and process them in list order. + +Reported-by: George Dunlap <george.dunlap@eu.citrix.com> +Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> +Acked-by: Wei Liu <wei.liu2@citrix.com> +--- + tools/include/xen-foreign/mkchecker.py | 2 +- + tools/include/xen-foreign/mkheader.py | 58 +++++++++++++------------- + 2 files changed, 29 insertions(+), 31 deletions(-) + +diff --git a/tools/include/xen-foreign/mkchecker.py b/tools/include/xen-foreign/mkchecker.py +index fdad869a91..199b0eebbc 100644 +--- a/tools/include/xen-foreign/mkchecker.py ++++ b/tools/include/xen-foreign/mkchecker.py +@@ -37,7 +37,7 @@ for struct in structs: + f.write('\tprintf("%%-25s |", "%s");\n' % struct); + for a in archs: + s = struct + "_" + a; +- if compat_arches.has_key(a): ++ if a in compat_arches: + compat = compat_arches[a] + c = struct + "_" + compat; + else: +diff --git a/tools/include/xen-foreign/mkheader.py b/tools/include/xen-foreign/mkheader.py +index 97e0c7a984..fb268f0dce 100644 +--- a/tools/include/xen-foreign/mkheader.py ++++ b/tools/include/xen-foreign/mkheader.py +@@ -17,13 +17,13 @@ header = {}; + footer = {}; + + #arm +-inttypes["arm32"] = { +- "unsigned long" : "__danger_unsigned_long_on_arm32", +- "long" : "__danger_long_on_arm32", +- "xen_pfn_t" : "uint64_t", +- "xen_ulong_t" : "uint64_t", +- "uint64_t" : "__align8__ uint64_t", +-}; ++inttypes["arm32"] = [ ++ ("unsigned long", "__danger_unsigned_long_on_arm32"), ++ ("long", "__danger_long_on_arm32"), ++ ("xen_pfn_t", "uint64_t"), ++ ("xen_ulong_t", "uint64_t"), ++ ("uint64_t", "__align8__ uint64_t"), ++] + header["arm32"] = """ + #define __arm___ARM32 1 + #if defined(__GNUC__) && !defined(__STRICT_ANSI__) +@@ -38,13 +38,13 @@ footer["arm32"] = """ + #undef __DECL_REG + """ + +-inttypes["arm64"] = { +- "unsigned long" : "__danger_unsigned_long_on_arm64", +- "long" : "__danger_long_on_arm64", +- "xen_pfn_t" : "uint64_t", +- "xen_ulong_t" : "uint64_t", +- "uint64_t" : "__align8__ uint64_t", +-}; ++inttypes["arm64"] = [ ++ ("unsigned long", "__danger_unsigned_long_on_arm64"), ++ ("long", "__danger_long_on_arm64"), ++ ("xen_pfn_t", "uint64_t"), ++ ("xen_ulong_t", "uint64_t"), ++ ("uint64_t", "__align8__ uint64_t"), ++] + header["arm64"] = """ + #define __aarch64___ARM64 1 + #if defined(__GNUC__) && !defined(__STRICT_ANSI__) +@@ -60,12 +60,12 @@ footer["arm64"] = """ + """ + + # x86_32 +-inttypes["x86_32"] = { +- "unsigned long" : "uint32_t", +- "long" : "uint32_t", +- "xen_pfn_t" : "uint32_t", +- "xen_ulong_t" : "uint32_t", +-}; ++inttypes["x86_32"] = [ ++ ("unsigned long", "uint32_t"), ++ ("long", "uint32_t"), ++ ("xen_pfn_t", "uint32_t"), ++ ("xen_ulong_t", "uint32_t"), ++] + header["x86_32"] = """ + #define __DECL_REG_LO8(which) uint32_t e ## which ## x + #define __DECL_REG_LO16(name) uint32_t e ## name +@@ -79,12 +79,12 @@ footer["x86_32"] = """ + """; + + # x86_64 +-inttypes["x86_64"] = { +- "unsigned long" : "__align8__ uint64_t", +- "long" : "__align8__ uint64_t", +- "xen_pfn_t" : "__align8__ uint64_t", +- "xen_ulong_t" : "__align8__ uint64_t", +-}; ++inttypes["x86_64"] = [ ++ ("unsigned long", "__align8__ uint64_t"), ++ ("long", "__align8__ uint64_t"), ++ ("xen_pfn_t", "__align8__ uint64_t"), ++ ("xen_ulong_t", "__align8__ uint64_t"), ++] + header["x86_64"] = """ + #if defined(__GNUC__) && !defined(__STRICT_ANSI__) + # define __DECL_REG(name) union { uint64_t r ## name, e ## name; } +@@ -205,10 +205,8 @@ for struct in structs: + output = re.sub("\\b(%s)_t\\b" % struct, "\\1_%s_t" % arch, output); + + # replace: integer types +-integers = inttypes[arch].keys(); +-integers.sort(lambda a, b: cmp(len(b),len(a))); +-for type in integers: +- output = re.sub("\\b%s\\b" % type, inttypes[arch][type], output); ++for old, new in inttypes[arch]: ++ output = re.sub("\\b%s\\b" % old, new, output) + + # print results + f = open(outfile, "w"); +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-xenpmd-snprintf.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-xenpmd-snprintf.patch deleted file mode 100644 index aac7282f..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-xenpmd-snprintf.patch +++ /dev/null @@ -1,78 +0,0 @@ -From e4d78a67ffbacf30b66464080898227f18f6bf49 Mon Sep 17 00:00:00 2001 -From: Christopher Clark <christopher.w.clark@gmail.com> -Date: Fri, 17 Aug 2018 17:46:10 -0700 -Subject: [PATCH] xenpmd: prevent format-truncation warning with gcc 8.2 + ARM - 32-bit -To: xen-devel@lists.xenproject.org -Cc: ian.jackson@eu.citrix.com, - wei.liu2@citrix.com - -xenpmd writes battery information to xenstore, including a string with a -formatted hex value calculated from summing the lengths of four strings, -plus some constants. - -Each of the four strings has a maximum length of 31 bytes, excluding the -terminating zero byte. The strings are stored in 32-byte arrays in a -struct that is zeroed before it is populated, and logic that writes to -the strings uses strncpy and explicit zero termination. - -The maximum value to be supplied to the xenstore string is: - (9 * 4) + (31 * 4) + 4 , which is 164, ie. 0xa4. - -When used with this value, '%02x' will always fit within 3 bytes, but -gcc 8.2 is apparently not able to deduce this (observed when building -for a 32-bit ARM platform). - -This commit assists the compiler by applying a mask (0xff) to the value, -enabling it to observe a lower maximum value and so pass the truncation -length check. - -Prior to this change, building fails with the compiler warning: - -| xenpmd.c: In function 'write_battery_info_to_xenstore': -| xenpmd.c:354:23: error: '%02x' directive output may be truncated -writing between 2 and 8 bytes into a region of size 3 -[-Werror=format-truncation=] -| snprintf(val, 3, "%02x", -| ^~~~ -| xenpmd.c:354:22: note: directive argument in the range [40, 2147483778] -| snprintf(val, 3, "%02x", -| ^~~~~~ -| xenpmd.c:354:5: note: 'snprintf' output between 3 and 9 bytes into a -destination of size 3 -| snprintf(val, 3, "%02x", -| ^~~~~~~~~~~~~~~~~~~~~~~~ -| (unsigned int)(9*4 + -| ~~~~~~~~~~~~~~~~~~~~ -| strlen(info->model_number) + -| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| strlen(info->serial_number) + -| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| strlen(info->battery_type) + -| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| strlen(info->oem_info) + 4)); -| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| cc1: all warnings being treated as errors - -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> ---- - tools/xenpmd/xenpmd.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/tools/xenpmd/xenpmd.c b/tools/xenpmd/xenpmd.c -index 56412a9..0c0787e 100644 ---- a/tools/xenpmd/xenpmd.c -+++ b/tools/xenpmd/xenpmd.c -@@ -350,8 +350,10 @@ void write_battery_info_to_xenstore(struct battery_info *info) - - memset(val, 0, 1024); - memset(string_info, 0, 256); -- /* write 9 dwords (so 9*4) + length of 4 strings + 4 null terminators */ -- snprintf(val, 3, "%02x", -+ /* write 9 dwords (so 9*4) + length of 4 strings + 4 null terminators. -+ * mask informs the compiler that format truncation will not occur. -+ */ -+ snprintf(val, 3, "%02x", 0xff & - (unsigned int)(9*4 + - strlen(info->model_number) + - strlen(info->serial_number) + diff --git a/external/meta-virtualization/recipes-extended/xen/lwip.inc b/external/meta-virtualization/recipes-extended/xen/lwip.inc deleted file mode 100644 index e0836332..00000000 --- a/external/meta-virtualization/recipes-extended/xen/lwip.inc +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -# clear this out to break dependency circle -DEPENDS = "" - -# Nothing to configure or compile -# For stubdoms, lwip is basically a source package with a couple of patches applied. -do_configure[noexec] = "1" -do_compile[noexec] = "1" - -# needed because this directory isn't typically part of a sysroot -SYSROOT_DIRS += "${prefix}/lwip" - -FILES_${PN} = "\ - ${prefix} \ -" - -do_install() { - install -d ${D}${prefix}/lwip - cp -r -t ${D}${prefix}/lwip ${S}/src/* -} diff --git a/external/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb b/external/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb deleted file mode 100644 index b7d8e95d..00000000 --- a/external/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "LWIP" -HOMEPAGE = "https://savannah.nongnu.org/projects/lwip" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=59a383b05013356e0c9899b06dc5da3f" - -SRCREV_lwip = "bcb4afa886408bf0a1dde9c2a4a00323c8b07eb1" -SRC_URI = "\ - git://git.savannah.gnu.org/lwip.git;protocol=git;nobranch=1;destsuffix=lwip;name=lwip \ - file://lwip.patch-cvs \ - file://lwip.dhcp_create_request-hwaddr_len.patch \ -" - -S="${WORKDIR}/${PN}" -B="${S}" - -require lwip.inc diff --git a/external/meta-virtualization/recipes-extended/xen/mini-os.inc b/external/meta-virtualization/recipes-extended/xen/mini-os.inc deleted file mode 100644 index 61c27041..00000000 --- a/external/meta-virtualization/recipes-extended/xen/mini-os.inc +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -# clear this out to break dependency circle -DEPENDS = "" - -do_configure() { - ${MAKE} -C ${WORKDIR}/mini-os links -} - -# Nothing to configure or compile -do_compile[noexec] = "1" - -# needed because this directory isn't typically part of a sysroot -SYSROOT_DIRS += "${prefix}/mini-os" -RDEPENDS_${PN}-dev = "perl" - -FILES_${PN}-dev = "\ - ${prefix} \ -" - -do_install() { - install -d ${D}${prefix}/mini-os - cp -r -t ${D}${prefix}/mini-os ${S}/* - rm -rf ${D}${prefix}/mini-os/scripts -} diff --git a/external/meta-virtualization/recipes-extended/xen/mini-os_4.11.0.bb b/external/meta-virtualization/recipes-extended/xen/mini-os_4.11.0.bb deleted file mode 100644 index 85a06a79..00000000 --- a/external/meta-virtualization/recipes-extended/xen/mini-os_4.11.0.bb +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "Mini-OS is a tiny OS kernel distributed with the Xen Project" -HOMEPAGE = "https://wiki.xenproject.org/wiki/Mini-OS" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=8a437231894440a8f7629caa372243d0" - -# git commit hash for: xen-RELEASE-4.11.0 -SRCREV_minios = "0b4b7897e08b967a09bed2028a79fabff82342dd" -SRC_URI = "\ - git://xenbits.xen.org/mini-os.git;protocol=git;nobranch=1;destsuffix=mini-os;name=minios \ -" -S="${WORKDIR}/mini-os" -B="${S}" - -require mini-os.inc diff --git a/external/meta-virtualization/recipes-extended/xen/newlib.inc b/external/meta-virtualization/recipes-extended/xen/newlib.inc deleted file mode 100644 index 1fdbd0aa..00000000 --- a/external/meta-virtualization/recipes-extended/xen/newlib.inc +++ /dev/null @@ -1,64 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -CPPFLAGS_INCLUDE_DIR = "-isystem `${HOST_PREFIX}gcc -print-file-name=include`" -STUBDOM_CFLAGS += "-D_I386MACH_ALLOW_HW_INTERRUPTS" - -export ac_cv_path_CC_FOR_TARGET="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}" -export CC_FOR_TARGET="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}" - -export ac_cv_path_CXX_FOR_TARGET="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}" -export CXX_FOR_TARGET="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}" - -export ac_cv_path_CPP_FOR_TARGET="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}" -export CPP_FOR_TARGET="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}" - -export ac_cv_path_LD_FOR_TARGET="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" -export LD_FOR_TARGET="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" - -export ac_cv_path_AS_FOR_TARGET="${HOST_PREFIX}as" -export AS_FOR_TARGET="${HOST_PREFIX}as" - -export ac_cv_path_AR_FOR_TARGET="${HOST_PREFIX}ar" -export AR_FOR_TARGET="${HOST_PREFIX}ar" - -export ac_cv_path_NM_FOR_TARGET="${HOST_PREFIX}nm" -export NM_FOR_TARGET="${HOST_PREFIX}nm" - -export ac_cv_path_RANLIB_FOR_TARGET="${HOST_PREFIX}ranlib" -export RANLIB_FOR_TARGET="${HOST_PREFIX}ranlib" - -export ac_cv_path_OBJDUMP_FOR_TARGET="${HOST_PREFIX}objdump" -export OBJDUMP_FOR_TARGET="${HOST_PREFIX}objdump" - -export ac_cv_path_OBJCOPY_FOR_TARGET="${HOST_PREFIX}objcopy" -export OBJCOPY_FOR_TARGET="${HOST_PREFIX}objcopy" - -export ac_cv_path_STRIP_FOR_TARGET="${HOST_PREFIX}strip" -export STRIP_FOR_TARGET="${HOST_PREFIX}strip" - -export ac_cv_path_STRINGS_FOR_TARGET="${HOST_PREFIX}strings" -export STRINGS_FOR_TARGET="${HOST_PREFIX}strings" - -export ac_cv_path_READELF_FOR_TARGET="${HOST_PREFIX}readelf" -export READELF_FOR_TARGET="${HOST_PREFIX}readelf" - -do_configure() { - ${S}/configure --verbose --prefix=${prefix} --target=${GNU_TARGET_ARCH}-xen-elf --enable-newlib-io-long-long --disable-multilib - find ${S} -type f | xargs perl -i.bak -pe 's/\b_(tzname|daylight|timezone)\b/$1/g' -} - -do_compile() { - ${MAKE} -} - -do_install() { - ${MAKE} DESTDIR=${D} install - rm -rf ${D}/cross-root-${GNU_TARGET_ARCH}/share - rm -rf ${D}/cross-root-${GNU_TARGET_ARCH}/info - install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stdarg.h -t ${D}/${includedir} - install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stddef.h -t ${D}/${includedir} - install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stdbool.h -t ${D}/${includedir} -} diff --git a/external/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb b/external/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb deleted file mode 100644 index 60672bea..00000000 --- a/external/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "Newlib is a C library intended for use on embedded systems." -HOMEPAGE = "http://sourceware.org/newlib" -LICENSE = "GPLv2 & LGPLv3 & GPLv3 & LGPLv2" -LIC_FILES_CHKSUM = "file://COPYING.NEWLIB;md5=950f50b290e8fcf7a2d3fff61775de9b" - -# this is the hash of version tag 1_16_0 -SRCREV_newlib = "07b4b67a88f386ce4716a14e0ff2c2bce992b985" -SRC_URI = "\ - git://sourceware.org/git/newlib-cygwin.git;protocol=git;nobranch=1;destsuffix=newlib;name=newlib \ - file://newlib.patch \ - file://newlib-chk.patch \ - file://newlib-stdint-size_max-fix-from-1.17.0.patch \ -" - -S="${WORKDIR}/newlib" -B="${WORKDIR}/build" - -require newlib.inc diff --git a/external/meta-virtualization/recipes-extended/xen/polarssl.inc b/external/meta-virtualization/recipes-extended/xen/polarssl.inc deleted file mode 100644 index eae95f40..00000000 --- a/external/meta-virtualization/recipes-extended/xen/polarssl.inc +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -DEPENDS += "\ - newlib \ -" -STUBDOM_CFLAGS += "\ - -Wno-memset-elt-size \ - -Wno-implicit-fallthrough \ -" - -# nothing to configure -do_configure[noexec] = "1" - -do_compile() { - ${MAKE} CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}" -} - -do_install() { - install -d ${D}${includedir} - cp -r -t ${D}${includedir} ${S}/include/polarssl - - install -d ${D}/${libdir} - install -m 644 -t ${D}/${libdir} ${S}/library/libpolarssl.a -} diff --git a/external/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb b/external/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb deleted file mode 100644 index 80ea45a7..00000000 --- a/external/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "PolarSSL (now 'mbed TLS') is an open source, portable, easy to use, readable and flexible SSL library." -HOMEPAGE = "https://tls.mbed.org" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" - -# git hash for release tag polarssl-1.1.4 -SRCREV_polarssl = "d36da11125a9c85c572a4fdf63e0a25e76d7bb18" -SRC_URI = "\ - git://github.com/ARMmbed/mbedtls.git;protocol=https;nobranch=1;destsuffix=polarssl;name=polarssl \ - file://polarssl.patch; \ -" - -S="${WORKDIR}/${PN}" -B="${S}/library" - -require polarssl.inc diff --git a/external/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc b/external/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc deleted file mode 100644 index ef6473d4..00000000 --- a/external/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -DEPENDS += "\ - newlib \ -" - -do_configure() { - # need to modify prefix here during configure otherwise OE-level variables - # (prefix, libdir, includedir, etc...) defined in stubdom.inc get messed up - CPPFLAGS="-isystem ${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include ${STUBDOM_CPPFLAGS}" \ - CFLAGS="${STUBDOM_CFLAGS}" \ - CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" \ - ${S}/configure \ - --disable-shared \ - --enable-static \ - --disable-fft \ - --without-readline \ - --with-gnu-ld \ - --prefix=${prefix}/${GNU_TARGET_ARCH}-xen-elf \ - --libdir=${libdir} \ - --build=`${HOST_PREFIX}gcc -dumpmachine` \ - --host=${GNU_TARGET_ARCH}-xen-elf - - sed -i 's/#define HAVE_OBSTACK_VPRINTF 1/\/\/#define HAVE_OBSTACK_VPRINTF 1/' ${S}/config.h -} - -do_compile() { - ${MAKE} -} - -do_install() { - ${MAKE} DESTDIR=${D} install - rm -rf ${D}${prefix}/${GNU_TARGET_ARCH}-xen-elf/share -} diff --git a/external/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb b/external/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb deleted file mode 100644 index d9a2adbd..00000000 --- a/external/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "GMP library for Xen vTPM's." -HOMEPAGE = "http://gmp" -LICENSE = "GPLv3" -LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ - file://COPYING.LIB;md5=6a6a8e020838b23406c81b19c1d46df6 \ -" - -SRC_URI = "\ - https://gmplib.org/download/gmp/archive/gmp-${PV}.tar.bz2 \ -" -SRC_URI[md5sum] = "dd60683d7057917e34630b4a787932e8" -SRC_URI[sha256sum] = "936162c0312886c21581002b79932829aa048cfaf9937c6265aeaa14f1cd1775" - -S="${WORKDIR}/gmp-${PV}" -B="${S}" - -require stubdom-gmp.inc diff --git a/external/meta-virtualization/recipes-extended/xen/stubdom.inc b/external/meta-virtualization/recipes-extended/xen/stubdom.inc deleted file mode 100644 index bfc67527..00000000 --- a/external/meta-virtualization/recipes-extended/xen/stubdom.inc +++ /dev/null @@ -1,152 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -COMPATIBLE_HOST = '(x86_64.*).*-linux' - -require xen-arch.inc - -# many of the xen stubdom related recipes build and package static instead of shared libraries -EXCLUDE_FROM_SHLIBS = "1" - -# base set of dependencies to be used for xen stubdom recipes -DEPENDS += "\ - lwip \ - mini-os \ -" - -# unset EVERYTHING from the OE environment. -# Weird things happen when these are exported into the environment. -unset CFLAGS -unset BUILD_CFLAGS -unset TARGET_CFLAGS -unset CFLAGS_FOR_BUILD - -unset CPPFLAGS -unset BUILD_CPPFLAGS -unset TARGET_CPPFLAGS -unset CPPFLAGS_FOR_BUILD - -unset LDFLAGS -unset BUILD_LDFLAGS -unset TARGET_LDFLAGS -unset LDFLAGS_FOR_BUILD - -unset CXXFLAGS -unset TARGET_CXXFLAGS -unset BUILD_CXXFLAGS -unset CXXFLAGS_FOR_BUILD - -unset BUILD_CC -unset BUILD_CPP -unset BUILD_CXX -unset BUILD_LD -unset BUILD_AR -unset BUILD_AS -unset BUILD_CCLD -unset BUILD_FC -unset BUILD_RANLIB -unset BUILD_NM -unset BUILD_STRIP -unset BUILD_READELF -unset BUILD_OBJCOPY -unset BUILD_OBJDUMP -unset CC -unset CPP -unset CXX -unset LD -unset AR -unset AS -unset NM -unset RANLIB -unset STRIP -unset STRINGS -unset READELF -unset OBJCOPY -unset OBJDUMP -unset READELF -unset CCLD -unset FC - -# Provide support to build both 32-bit and 64-bit stubdoms -python () { - gnu_dict = { - 'x86_32': 'i686', - 'x86_64': 'x86_64', - } - - if d.expand('${XEN_TARGET_ARCH}') == 'x86_32': - d.setVar("GNU_TARGET_ARCH",gnu_dict[d.expand('${XEN_TARGET_ARCH}')]) - d.setVar("PACKAGE_ARCH","core2-32") - elif d.expand('${XEN_TARGET_ARCH}') == 'x86_64': - d.setVar("GNU_TARGET_ARCH",gnu_dict[d.expand('${XEN_TARGET_ARCH}')]) -} - -export GNU_TARGET_ARCH -export XEN_TARGET_ARCH="${@map_xen_arch(d.getVar('TARGET_ARCH'), d)}" -export XEN_COMPILE_ARCH="${@map_xen_arch(d.getVar('BUILD_ARCH'), d)}" - -LWIP_SRCDIR = "${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/lwip" -MINIOS_SRCDIR = "${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/mini-os" - -# Base set of CPPFLAGS, CFLAGS needed for each component used to build MiniOS-based stubdoms -# LDFLAGS are only used when building stubdoms, so only used in stubdom recipes -# Generic name given because each library uses DEF_, BUILD_, TARGET_, and xxxFLAGS differently -CPPFLAGS_INCLUDE_DIR = "-isystem ${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include" - -STUBDOM_CPPFLAGS += "\ - -isystem ${MINIOS_SRCDIR}/include \ - -D__MINIOS__ \ - -DHAVE_LIBC \ - -isystem ${MINIOS_SRCDIR}/include/posix \ - -isystem ${MINIOS_SRCDIR}/include/xen \ - -isystem ${MINIOS_SRCDIR}/include/x86 \ - -isystem ${MINIOS_SRCDIR}/include/x86/${XEN_TARGET_ARCH} \ - -U __linux__ \ - -U __FreeBSD__ \ - -U __sun__ \ - -nostdinc \ - ${CPPFLAGS_INCLUDE_DIR} \ - -isystem ${LWIP_SRCDIR}/include \ - -isystem ${LWIP_SRCDIR}/include/ipv4 \ -" - -STUBDOM_CFLAGS += "\ - -mno-red-zone \ - -O1 \ - -fno-omit-frame-pointer \ - -m64 \ - -fno-reorder-blocks \ - -fno-asynchronous-unwind-tables \ - -DBUILD_ID \ - -fno-strict-aliasing \ - -std=gnu99 \ - -Wall \ - -Wstrict-prototypes \ - -Wdeclaration-after-statement \ - -Wno-unused-but-set-variable \ - -Wno-unused-local-typedefs \ - -fno-stack-protector \ - -fno-exceptions \ -" - -STUBDOM_LDFLAGS = "\ - -nostdlib \ - -L${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/lib \ -" - -# Need to redefine these for stubdom-related builds. It all starts because of -# the prefix used in newlib and then continues because we don't want to -# cross-contaminate stubdom-related recipes with headers and libraries found in -# the OE-defined locations -export prefix="/cross-root-${GNU_TARGET_ARCH}" -export includedir="${prefix}/${GNU_TARGET_ARCH}-xen-elf/include" -export libdir="${prefix}/${GNU_TARGET_ARCH}-xen-elf/lib" -export libexecdir="${libdir}" -export STAGING_INCDIR -export STAGING_LIBDIR - -# Typically defined in Xen and Minios .mk files that aren't sourced/read, -# defined to trigger some values and paths in Makefiles -export debug="y" -export stubdom="y" -export XEN_OS="MiniOS" diff --git a/external/meta-virtualization/recipes-extended/xen/tpm-emulator.inc b/external/meta-virtualization/recipes-extended/xen/tpm-emulator.inc deleted file mode 100644 index f58a2763..00000000 --- a/external/meta-virtualization/recipes-extended/xen/tpm-emulator.inc +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -DEPENDS += "\ - cmake-native \ - newlib \ - stubdom-gmp \ -" - -# nothing to configure -do_configure[noexec] = "1" - -export CMAKE_C_FLAGS = "\ - -std=c99 \ - -DTPM_NO_EXTERN \ - ${STUBDOM_CPPFLAGS} \ - ${STUBDOM_CFLAGS} \ - -Wno-declaration-after-statement \ - -Wno-implicit-fallthrough \ -" - -do_compile() { - CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" cmake .. -DCMAKE_C_FLAGS:STRING="${CMAKE_C_FLAGS}" - ${MAKE} VERBOSE=1 tpm_crypto tpm -} - -do_install() { - install -d ${D}/${libdir} - install -m 644 -t ${D}/${libdir} ${B}/crypto/libtpm_crypto.a - install -m 644 -t ${D}/${libdir} ${B}/tpm/libtpm.a - - install -D -m 644 -t ${D}/${includedir}/tpm-emulator/build ${S}/build/config.h - install -D -m 644 -t ${D}/${includedir}/tpm-emulator/crypto ${S}/crypto/*.h - install -D -m 644 -t ${D}/${includedir}/tpm-emulator/tpm ${S}/tpm/*.h -} diff --git a/external/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb b/external/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb deleted file mode 100644 index 96a40905..00000000 --- a/external/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "TPM Emulator" -HOMEPAGE = "http://xenbits.xen.org/xen-extfiles" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://README;md5=eeabd77cf8fd8a8bc42983884cb09863" - -SRC_URI = "\ - http://xenbits.xen.org/xen-extfiles/tpm_emulator-${PV}.tar.gz;name=tpm-emulator \ - file://tpmemu-0.7.4.patch \ - file://vtpm-bufsize.patch \ - file://vtpm-locality.patch \ - file://vtpm-parent-sign-ek.patch \ - file://vtpm-deepquote.patch \ - file://vtpm-deepquote-anyloc.patch \ - file://vtpm-cmake-Wextra.patch \ - file://vtpm-implicit-fallthrough.patch \ - file://vtpm_TPM_ChangeAuthAsymFinish.patch \ -" -SRC_URI[tpm-emulator.md5sum] = "e26becb8a6a2b6695f6b3e8097593db8" -SRC_URI[tpm-emulator.sha256sum] = "4e48ea0d83dd9441cc1af04ab18cd6c961b9fa54d5cbf2c2feee038988dea459" - -S="${WORKDIR}/tpm_emulator-${PV}" -B="${S}/build" - -require tpm-emulator.inc diff --git a/external/meta-virtualization/recipes-extended/xen/xen-blktap.inc b/external/meta-virtualization/recipes-extended/xen/xen-blktap.inc new file mode 100644 index 00000000..5f385ddc --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/xen-blktap.inc @@ -0,0 +1,76 @@ +# The Xen block tap components are packaged separately here to support +# the option to build them in a separate recipe from xen-tools. + +BLKTAP_PACKAGES ?= " \ + ${PN}-blktap \ + ${PN}-libblktap \ + ${PN}-libblktapctl \ + ${PN}-libblktapctl-dev \ + ${PN}-libblktap-dev \ + ${PN}-libvhd \ + ${PN}-libvhd-dev \ + ${PN}-blktap-staticdev \ + " + +BLKTAP_PROVIDES ?= " \ + virtual/blktap \ + virtual/libblktap \ + virtual/libblktapctl \ + virtual/libvhd \ + " + +BLKTAP_RRECOMMENDS ?= " \ + virtual/blktap \ + virtual/libblktap \ + virtual/libblktapctl \ + virtual/libvhd \ + " + +RPROVIDES_${PN}-blktap = "virtual/blktap" +RPROVIDES_${PN}-libblktap = "virtual/libblktap" +RPROVIDES_${PN}-libblktapctl = "virtual/libblktapctl" +RPROVIDES_${PN}-libvhd = "virtual/libvhd" + +FILES_${PN}-blktap-staticdev += "\ + ${libdir}/libblktapctl.a \ + ${libdir}/libvhd.a \ + ${libdir}/libblktap.a \ + " + +FILES_${PN}-libblktapctl = "${libdir}/libblktapctl.so.*" +FILES_${PN}-libblktapctl-dev = " \ + ${libdir}/libblktapctl.so \ + ${libdir}/pkgconfig/xenblktapctl.pc \ + ${datadir}/pkgconfig/xenblktapctl.pc \ + " + +FILES_${PN}-libvhd = "${libdir}/libvhd.so.*" +FILES_${PN}-libvhd-dev = " \ + ${libdir}/libvhd.so \ + ${libdir}/pkgconfig/vhd.pc \ + ${datadir}/pkgconfig/vhd.pc \ + " + +FILES_${PN}-libblktap = "${libdir}/libblktap.so.*" +FILES_${PN}-libblktap-dev = " \ + ${libdir}/libblktap.so \ + ${libdir}/pkgconfig/blktap.pc \ + ${datadir}/pkgconfig/blktap.pc \ + " + +FILES_${PN}-blktap = "\ + ${sbindir}/blktapctrl \ + ${sbindir}/img2qcow \ + ${sbindir}/lock-util \ + ${sbindir}/qcow2raw \ + ${sbindir}/qcow-create \ + ${sbindir}/tap-ctl \ + ${sbindir}/tapdisk \ + ${sbindir}/tapdisk2 \ + ${sbindir}/tapdisk-client \ + ${sbindir}/tapdisk-diff \ + ${sbindir}/tapdisk-stream \ + ${sbindir}/td-util \ + ${sbindir}/vhd-update \ + ${sbindir}/vhd-util \ + " diff --git a/external/meta-virtualization/recipes-extended/xen/xen-hypervisor.inc b/external/meta-virtualization/recipes-extended/xen/xen-hypervisor.inc new file mode 100644 index 00000000..c386917d --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/xen-hypervisor.inc @@ -0,0 +1,111 @@ +SUMMARY = "Xen hypervisor" +DESCRIPTION = "The Xen hypervisor" + +# This recipe is for just the Xen hypervisor. +# Separate recipes are used to build Xen and its components: +# this allows for varying the target architecture or toolchain used +# to build the different components. eg. 32-bit tools and a 64-bit hypervisor. + +# The Xen hypervisor has a narrower compatible platform range than the Xen tools +COMPATIBLE_HOST = '(x86_64.*).*-linux|aarch64.*-linux|arm-.*-linux-gnueabi' + +inherit deploy python3native + +PACKAGES = " \ + ${PN} \ + ${PN}-dbg \ + ${PN}-efi \ + " + +FILES_${PN} = " \ + /boot/xen-* \ + /boot/xen \ + /boot/xen-*.gz \ + /boot/xen.gz \ + /boot/xen-syms-* \ + " + +FILES_${PN}-dbg += "${libdir}/debug/*" + +FILES_${PN}-efi = " \ + /boot/xen.efi \ + ${exec_prefix}/lib64/efi/xen* \ + " + +do_configure() { + do_configure_common +} + +do_compile() { + oe_runmake xen PYTHON="${PYTHON}" +} + +do_install() { + oe_runmake DESTDIR="${D}" install-xen +} + +do_deploy() { + install -d ${DEPLOYDIR} + + if [ -f ${B}/xen/xen ]; then + install -m 0644 ${B}/xen/xen ${DEPLOYDIR}/xen-${MACHINE} + fi + + if [ -f ${B}/xen/xen.gz ]; then + install -m 0644 ${B}/xen/xen.gz ${DEPLOYDIR}/xen-${MACHINE}.gz + fi + + if [ -f ${B}/xen/xen.efi ]; then + install -m 0644 ${B}/xen/xen.efi ${DEPLOYDIR}/xen-${MACHINE}.efi + fi +} +# Scheduling the do_deploy task: +# - deploy copies files from ${B} that are written during do_compile so must +# at least run afer that task has completed +# - the hypervisor binaries may be included in the image filesystem, so we +# must ensure that the binaries deployed match what is staged in the sysroot: +# so do deploy must run after do_populate_sysroot -- which is always after +# do_compile, so that handles 'after do_compile' too +# - add the task before do_build to ensure that deployment has completed when +# the recipe build done stamp is written +addtask deploy after do_populate_sysroot before do_build +# To ensure that a deployed hypervisor has matching tools, add a dependency to +# make sure that the tools have built and been staged: +do_deploy[depends] += "xen-tools:do_populate_sysroot" +# Also ensure anything that the tools recipe needs to deploy, such as a +# XSM policy file, has been deployed first: +do_deploy[depends] += "xen-tools:do_deploy" + +# Enable use of menuconfig directly from bitbake and also within the devshell +OE_TERMINAL_EXPORTS += "HOST_EXTRACFLAGS HOSTLDFLAGS TERMINFO" +HOST_EXTRACFLAGS = "${BUILD_CFLAGS} ${BUILD_LDFLAGS}" +HOSTLDFLAGS = "${BUILD_LDFLAGS}" +TERMINFO = "${STAGING_DATADIR_NATIVE}/terminfo" +do_devshell[depends] += "ncurses-native:do_populate_sysroot" + +KCONFIG_CONFIG_COMMAND ??= "menuconfig" +python do_menuconfig() { + import shutil + + try: + mtime = os.path.getmtime("xen/.config") + shutil.copy("xen/.config", "xen/.config.orig") + except OSError: + mtime = 0 + + oe_terminal("${SHELL} -c \"cd xen; XEN_CONFIG_EXPERT=y make %s; if [ \$? -ne 0 ]; then echo 'Command failed.'; printf 'Press any key to continue... '; read r; fi\"" % d.getVar('KCONFIG_CONFIG_COMMAND'), + d.getVar('PN') + ' Configuration', d) + + try: + newmtime = os.path.getmtime("xen/.config") + except OSError: + newmtime = 0 + + if newmtime > mtime: + bb.note("Configuration changed, recompile will be forced") + bb.build.write_taint('do_compile', d) +} +do_menuconfig[depends] += "ncurses-native:do_populate_sysroot" +do_menuconfig[nostamp] = "1" +do_menuconfig[dirs] = "${B}" +addtask menuconfig after do_configure diff --git a/external/meta-virtualization/recipes-extended/xen/xen-python2.bb b/external/meta-virtualization/recipes-extended/xen/xen-python2.bb new file mode 100644 index 00000000..ad3c1fd6 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/xen-python2.bb @@ -0,0 +1,71 @@ +SUMMARY = "Xen hypervisor tools written in python 2" +DESCRIPTION = "Unported utility scripts for the Xen hypervisor" +HOMEPAGE = "http://xen.org" +LICENSE = "GPLv2" +SECTION = "console/tools" + +SRCREV ?= "a5fcafbfbee55261853fba07149c1c795f2baf58" + +# The same restriction as xen-tools.inc, because of the dependency on xen-tools-xentrace from xen-tools-xentrace-format +COMPATIBLE_HOST = 'i686-.*-linux|(x86_64.*).*-linux|aarch64.*-linux|arm-.*-linux-gnueabi' + +XEN_REL ?= "4.12" +XEN_BRANCH ?= "stable-4.12" + +SRC_URI = "git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH}" + +LIC_FILES_CHKSUM ?= "file://COPYING;md5=bbb4b1bdc2c3b6743da3c39d03249095" + +PV = "${XEN_REL}+git${SRCPV}" + +S = "${WORKDIR}/git" + +# Packages in this recipe do not use ${PN} to allow for simpler +# movement of the package back into the xen-tools recipe if/when +# the scripts are ported to python 3. + +RDEPENDS_xen-tools-xencov-split ="python" +RDEPENDS_xen-tools-xencons = "python" +RDEPENDS_xen-tools-xenpvnetboot = "python" +RDEPENDS_xen-tools-xentrace-format = "python" + +RRECOMMENDS_xen-tools-xencov-trace = "xen-tools-xencov" +RRECOMMENDS_xen-tools-xentrace-format = "xen-tools-xentrace" + +PACKAGES = " \ + xen-tools-xencons \ + xen-tools-xencov-split \ + xen-tools-xenpvnetboot \ + xen-tools-xentrace-format \ + " + +FILES_xen-tools-xencons = " \ + ${bindir}/xencons \ + " + +FILES_xen-tools-xencov-split = " \ + ${bindir}/xencov_split \ + " + +FILES_xen-tools-xenpvnetboot = " \ + ${libdir}/xen/bin/xenpvnetboot \ + " + +FILES_xen-tools-xentrace-format = " \ + ${bindir}/xentrace_format \ + " + +do_configure[noexec] = "1" +do_compile[noexec] = "1" + +do_install() { + install -d ${D}${bindir} + install -m 0755 ${S}/tools/xentrace/xentrace_format \ + ${D}${bindir}/xentrace_format + install -m 0755 ${S}/tools/misc/xencons ${D}${bindir}/xencons + install -m 0755 ${S}/tools/misc/xencov_split ${D}${bindir}/xencov_split + + install -d ${D}${libdir}/xen/bin + install -m 0755 ${S}/tools/misc/xenpvnetboot \ + ${D}${libdir}/xen/bin/xenpvnetboot +} diff --git a/external/meta-virtualization/recipes-extended/xen/xen-tools.inc b/external/meta-virtualization/recipes-extended/xen/xen-tools.inc new file mode 100644 index 00000000..8b86f7b2 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/xen-tools.inc @@ -0,0 +1,792 @@ +SUMMARY = "Xen hypervisor tools" +DESCRIPTION = "Tools and utility software for the Xen hypervisor" + +COMPATIBLE_HOST = 'i686-.*-linux|(x86_64.*).*-linux|aarch64.*-linux|arm-.*-linux-gnueabi' + +inherit setuptools3 update-rc.d systemd deploy +require xen-blktap.inc + +# To build hvmloader, which is needed on x86-64 targets when 'hvm' is enabled +# in PACKAGECONFIG, to support running HVM-mode guest VMs, some files from +# 32-bit glibc are needed. +# Add the multilib 32-bit glibc to DEPENDS only when necessary. +# +# To enable multilib, please add the following to your local.conf -: +# +# require conf/multilib.conf +# MULTILIBS = "multilib:lib32" +# DEFAULTTUNE_virtclass-multilib-lib32 = "x86" + +# Use this multilib prefix for x86 32-bit to match local.conf: +MLPREFIX32 = "lib32-" + +# The DEPENDS on a multilib 32-bit glibc is only added when target is x86-64 +# and 'hvm' is enabled in PACKAGECONFIG. +# This x86-64 override is never intended for native use, so clear that. +GLIBC32 = "" +GLIBC32_x86-64 = \ + "${@bb.utils.contains('PACKAGECONFIG', 'hvm', '${MLPREFIX32}glibc', '', d)}" +GLIBC32_class-native = "" +DEPENDS += "${GLIBC32}" + +RDEPENDS_${PN} = "\ + bash perl xz \ + ${PN}-console \ + ${PN}-libxenguest \ + ${PN}-libxenlight \ + ${PN}-libxenvchan \ + ${PN}-libxenctrl \ + ${PN}-libxlutil \ + ${PN}-libxenstat \ + ${PN}-libxenstore \ + ${PN}-libfsimage \ + ${PN}-fsimage \ + ${PN}-scripts-block \ + ${PN}-scripts-network \ + ${PN}-xen-watchdog \ + ${PN}-xencommons \ + ${PN}-xendomains \ + ${PN}-xenstore \ + virtual/xenstored \ + ${PN}-xl \ + " + +RDEPENDS_${PN}-dev = "" + +RRECOMMENDS_${PN} = " \ + ${@bb.utils.contains('PACKAGECONFIG', 'hvm', 'seabios', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'externalblktap', '', '${BLKTAP_RRECOMMENDS}', d)} \ + ${PN}-flask \ + ${PN}-hvmloader \ + ${PN}-shim \ + ${PN}-xenpaging \ + " + +RDEPENDS_${PN}-devd = " \ + ${PN}-xl \ + " + +RDEPENDS_${PN}-fsimage = " \ + libext2fs \ + " + +RDEPENDS_${PN}-misc = " \ + perl \ + python3 \ + ${PN}-xencov \ + " + +RSUGGESTS_${PN}-misc = " \ + ${PN}-xencons \ + ${PN}-xenpvnetboot \ + " + +RDEPENDS_${PN}-python = " \ + python3 \ + " + +RDEPENDS_${PN}-pygrub = " \ + python3 \ + ${PN}-python \ + " + +RDEPENDS_${PN}-remus = "bash" + +RDEPENDS_${PN}-scripts-block = "\ + bash \ + ${PN}-scripts-common \ + ${PN}-volatiles \ + " + +RDEPENDS_${PN}-scripts-common = "bash" + +RDEPENDS_${PN}-scripts-network = "\ + bash \ + bridge-utils \ + ${PN}-scripts-common \ + ${PN}-volatiles \ + " + +RSUGGESTS_${PN}-xencov = "${PN}-xencov-split" + +RDEPENDS_${PN}-xencommons = "\ + bash \ + ${PN}-console \ + ${PN}-xenstore \ + virtual/xenstored \ + ${PN}-xl \ + ${PN}-scripts-common \ + " + +RDEPENDS_${PN}-xendomains = "\ + bash \ + ${PN}-console \ + ${PN}-scripts-block \ + ${PN}-scripts-common \ + virtual/xenstored \ + " + +RDEPENDS_${PN}-xl = "libgcc" + +RDEPENDS_${PN}-xenmon = " \ + python3 \ + " + +RSUGGESTS_${PN}-xentrace = "${PN}-xentrace-format" + +RDEPENDS_${PN}-xen-watchdog = "bash" + +PACKAGES = " \ + ${PN} \ + ${@bb.utils.contains('PACKAGECONFIG', 'externalblktap', '', '${BLKTAP_PACKAGES}', d)} \ + ${PN}-console \ + ${PN}-cpuid \ + ${PN}-dbg \ + ${PN}-dev \ + ${PN}-devd \ + ${PN}-doc \ + ${PN}-flask \ + ${PN}-flask-tools \ + ${PN}-fsimage \ + ${PN}-gdbsx \ + ${PN}-hvmloader \ + ${PN}-init-xenstore-dom \ + ${PN}-kdd \ + ${PN}-libfsimage \ + ${PN}-libfsimage-dev \ + ${PN}-libxencall \ + ${PN}-libxencall-dev \ + ${PN}-libxenctrl \ + ${PN}-libxenctrl-dev \ + ${PN}-libxendevicemodel \ + ${PN}-libxendevicemodel-dev \ + ${PN}-libxenevtchn \ + ${PN}-libxenevtchn-dev \ + ${PN}-libxenforeignmemory \ + ${PN}-libxenforeignmemory-dev \ + ${PN}-libxengnttab \ + ${PN}-libxengnttab-dev \ + ${PN}-libxenguest \ + ${PN}-libxenguest-dev \ + ${PN}-libxenlight \ + ${PN}-libxenlight-dev \ + ${PN}-libxenstat \ + ${PN}-libxenstat-dev \ + ${PN}-libxenstore \ + ${PN}-libxenstore-dev \ + ${PN}-libxentoolcore \ + ${PN}-libxentoolcore-dev \ + ${PN}-libxentoollog \ + ${PN}-libxentoollog-dev \ + ${PN}-libxenvchan \ + ${PN}-libxenvchan-dev \ + ${PN}-libxlutil \ + ${PN}-libxlutil-dev \ + ${PN}-livepatch \ + ${PN}-misc \ + ${PN}-pygrub \ + ${PN}-python \ + ${PN}-remus \ + ${PN}-scripts-block \ + ${PN}-scripts-common \ + ${PN}-scripts-network \ + ${PN}-shim \ + ${PN}-staticdev \ + ${PN}-volatiles \ + ${PN}-xcutils \ + ${PN}-xencommons \ + ${PN}-xencov \ + ${PN}-xend \ + ${PN}-xend-examples \ + ${PN}-xendomains \ + ${PN}-xenmon \ + ${PN}-xenpaging \ + ${PN}-xenpmd \ + ${PN}-xenstat \ + ${PN}-xenstore \ + ${PN}-xenstored \ + ${PN}-xentrace \ + ${PN}-xen-watchdog \ + ${PN}-xl \ + ${PN}-xl-examples \ + ${PN}-xm \ + ${PN}-xm-examples \ + " + +PROVIDES =+ " \ + virtual/xenstored \ + ${@bb.utils.contains('PACKAGECONFIG', 'externalblktap', '', '${BLKTAP_PROVIDES}', d)} \ + " + +# There are multiple implementations of the XenStore daemon, so we use a +# virtual package to allow for substitution. +RPROVIDES_${PN}-xenstored = "virtual/xenstored" + +FILES_${PN}-dbg += "\ + ${libdir}/xen/bin/.debug \ + ${libdir}/${PYTHON_DIR}/site-packages/.debug \ + ${libdir}/${PYTHON_DIR}/site-packages/xen/lowlevel/.debug \ + ${libdir}/fs/xfs/.debug \ + ${libdir}/fs/ufs/.debug \ + ${libdir}/fs/ext2fs-lib/.debug \ + ${libdir}/fs/fat/.debug \ + ${libdir}/fs/zfs/.debug \ + ${libdir}/fs/reiserfs/.debug \ + ${libdir}/fs/iso9660/.debug \ + ${libdir}/fs/**/.debug \ + ${sbindir}/.debug \ + ${libdir}exec/.debug \ + ${libdir}/xen/libexec/.debug \ + ${bindir}/.debug \ + ${libdir}/${PYTHON_DIR}/dist-packages/.debug \ + ${libdir}/${PYTHON_DIR}/dist-packages/xen/lowlevel/.debug \ + " + +FILES_${PN}-dev = "\ + ${includedir} \ + " + +FILES_${PN}-doc = "\ + ${sysconfdir}/xen/README \ + ${sysconfdir}/xen/README.incompatibilities \ + ${datadir}/doc \ + ${datadir}/man \ + " + +FILES_${PN}-staticdev += "\ + ${libdir}/libxenguest.a \ + ${libdir}/libxenlight.a \ + ${libdir}/libxenvchan.a \ + ${libdir}/libxenctrl.a \ + ${libdir}/libxlutil.a \ + ${libdir}/libxenstat.a \ + ${libdir}/libxenstore.a \ + " + +FILES_${PN}-libxencall = "${libdir}/libxencall.so.*" +FILES_${PN}-libxencall-dev = " \ + ${libdir}/libxencall.so \ + ${libdir}/pkgconfig/xencall.pc \ + ${datadir}/pkgconfig/xencall.pc \ + " + +FILES_${PN}-libxenctrl = "${libdir}/libxenctrl.so.*" +FILES_${PN}-libxenctrl-dev = " \ + ${libdir}/libxenctrl.so \ + ${libdir}/pkgconfig/xencontrol.pc \ + ${datadir}/pkgconfig/xencontrol.pc \ + " + +FILES_${PN}-libxendevicemodel = "${libdir}/libxendevicemodel.so.*" +FILES_${PN}-libxendevicemodel-dev = " \ + ${libdir}/libxendevicemodel.so \ + ${libdir}/pkgconfig/xendevicemodel.pc \ + ${datadir}/pkgconfig/xendevicemodel.pc \ + " + +FILES_${PN}-libxenevtchn = "${libdir}/libxenevtchn.so.*" +FILES_${PN}-libxenevtchn-dev = " \ + ${libdir}/libxenevtchn.so \ + ${libdir}/pkgconfig/xenevtchn.pc \ + ${datadir}/pkgconfig/xenevtchn.pc \ + " + +FILES_${PN}-libxenforeignmemory = "${libdir}/libxenforeignmemory.so.*" +FILES_${PN}-libxenforeignmemory-dev = " \ + ${libdir}/libxenforeignmemory.so \ + ${libdir}/pkgconfig/xenforeignmemory.pc \ + ${datadir}/pkgconfig/xenforeignmemory.pc \ + " + +FILES_${PN}-libxengnttab = "${libdir}/libxengnttab.so.*" +FILES_${PN}-libxengnttab-dev = " \ + ${libdir}/libxengnttab.so \ + ${libdir}/pkgconfig/xengnttab.pc \ + ${datadir}/pkgconfig/xengnttab.pc \ + " + +FILES_${PN}-libxenguest = "${libdir}/libxenguest.so.*" +FILES_${PN}-libxenguest-dev = " \ + ${libdir}/libxenguest.so \ + ${libdir}/pkgconfig/xenguest.pc \ + ${datadir}/pkgconfig/xenguest.pc \ + " + +FILES_${PN}-libxenlight = "${libdir}/libxenlight.so.*" +FILES_${PN}-libxenlight-dev = " \ + ${libdir}/libxenlight.so \ + ${libdir}/pkgconfig/xenlight.pc \ + ${datadir}/pkgconfig/xenlight.pc \ + " + +FILES_${PN}-libxenstat = "${libdir}/libxenstat.so.*" +FILES_${PN}-libxenstat-dev = " \ + ${libdir}/libxenstat.so \ + ${libdir}/pkgconfig/xenstat.pc \ + ${datadir}/pkgconfig/xenstat.pc \ + " + +FILES_${PN}-libxenstore = "${libdir}/libxenstore.so.*" +FILES_${PN}-libxenstore-dev = " \ + ${libdir}/libxenstore.so \ + ${libdir}/pkgconfig/xenstore.pc \ + ${datadir}/pkgconfig/xenstore.pc \ + " + +FILES_${PN}-libxentoolcore = "${libdir}/libxentoolcore.so.*" +FILES_${PN}-libxentoolcore-dev = " \ + ${libdir}/libxentoolcore.so \ + ${libdir}/pkgconfig/xentoolcore.pc \ + ${datadir}/pkgconfig/xentoolcore.pc \ + " + +FILES_${PN}-libxentoollog = "${libdir}/libxentoollog.so.*" +FILES_${PN}-libxentoollog-dev = " \ + ${libdir}/libxentoollog.so \ + ${libdir}/pkgconfig/xentoollog.pc \ + ${datadir}/pkgconfig/xentoollog.pc \ + " + +FILES_${PN}-libxenvchan = "${libdir}/libxenvchan.so.*" +FILES_${PN}-libxenvchan-dev = " \ + ${libdir}/libxenvchan.so \ + ${libdir}/pkgconfig/xenvchan.pc \ + ${datadir}/pkgconfig/xenvchan.pc \ + " + +FILES_${PN}-libxlutil = "${libdir}/libxlutil.so.*" +FILES_${PN}-libxlutil-dev = " \ + ${libdir}/libxlutil.so \ + ${libdir}/pkgconfig/xlutil.pc \ + ${datadir}/pkgconfig/xlutil.pc \ + " +FILES_${PN}-libvhd = "${libdir}/libvhd.so.*" +FILES_${PN}-libvhd-dev = " \ + ${libdir}/libvhd.so \ + ${libdir}/pkgconfig/vhd.pc \ + ${datadir}/pkgconfig/vhd.pc \ + " + +FILES_${PN}-libfsimage = " \ + ${libdir}/libfsimage.so.* \ + ${libdir}/libxenfsimage.so.* \ + " + +FILES_${PN}-libfsimage-dev = " \ + ${libdir}/libfsimage.so \ + ${libdir}/libxenfsimage.so \ + ${libdir}/pkgconfig/fsimage.pc \ + ${datadir}/pkgconfig/fsimage.pc \ + ${libdir}/pkgconfig/xenfsimage.pc \ + ${datadir}/pkgconfig/xenfsimage.pc \ + " + +FILES_${PN}-fsimage = " \ + ${libdir}/fs/**/[a-z]*fsimage.so \ + ${libdir}/xenfsimage/**/fsimage.so \ + " + +FILES_${PN}-init-xenstore-dom = "${libdir}/xen/bin/init-xenstore-domain" + +FILES_${PN} = "\ + ${sysconfdir}/xen/auto \ + ${sysconfdir}/xen/cpupool \ + ${localstatedir}/xen/dump \ + " + +FILES_${PN}-console = "\ + ${libdir}/xen/bin/xenconsole \ + ${sbindir}/xenconsoled \ + " + +FILES_${PN}-cpuid = "\ + ${bindir}/xen-cpuid \ + " + +FILES_${PN}-devd = "\ + ${sysconfdir}/init.d/xendriverdomain \ + ${systemd_unitdir}/system/xendriverdomain.service \ + " + +FILES_${PN}-flask = "\ + /boot/xenpolicy-* \ + " + +FILES_${PN}-flask-tools = "\ + ${sbindir}/flask-get-bool \ + ${sbindir}/flask-getenforce \ + ${sbindir}/flask-label-pci \ + ${sbindir}/flask-loadpolicy \ + ${sbindir}/flask-set-bool \ + ${sbindir}/flask-setenforce \ + " + +FILES_${PN}-gdbsx = "\ + ${sbindir}/gdbsx \ + " + +INSANE_SKIP_${PN}-hvmloader = "arch" +FILES_${PN}-hvmloader = "\ + ${libdir}/xen/boot/hvmloader \ + " + +FILES_${PN}-kdd = "\ + ${sbindir}/kdd \ + ${sbindir}/xen-kdd \ + " + +FILES_${PN}-livepatch += " \ + ${sbindir}/xen-livepatch \ + " + +FILES_${PN}-misc = "\ + ${bindir}/xen-detect \ + ${libdir}/xen/bin/depriv-fd-checker \ + ${sbindir}/gtracestat \ + ${sbindir}/gtraceview \ + ${sbindir}/xen-bugtool \ + ${sbindir}/xenperf \ + ${sbindir}/xenpm \ + ${sbindir}/xsview \ + ${sbindir}/xen-diag \ + ${sbindir}/xen-tmem-list-parse \ + ${sbindir}/xen-python-path \ + ${sbindir}/xen-ringwatch \ + ${sbindir}/xen-hptool \ + ${sbindir}/xen-hvmcrash \ + ${sbindir}/xen-hvmctx \ + ${sbindir}/xenlockprof \ + ${sbindir}/xen-lowmemd \ + ${sbindir}/xen-mfndump \ + ${libdir}/xen/bin/verify-stream-v2 \ + ${libdir}/xen/bin/convert-legacy-stream \ + " + +FILES_${PN}-pygrub = "\ + ${bindir}/pygrub \ + ${libdir}/xen/bin/pygrub \ + " + +FILES_${PN}-python = "\ + ${libdir}/${PYTHON_DIR} \ + " + +FILES_${PN}-remus = "\ + ${sysconfdir}/xen/scripts/remus-netbuf-setup \ + " + +FILES_${PN}-scripts-network = " \ + ${sysconfdir}/xen/scripts/colo-proxy-setup \ + ${sysconfdir}/xen/scripts/network-bridge \ + ${sysconfdir}/xen/scripts/network-nat \ + ${sysconfdir}/xen/scripts/network-route \ + ${sysconfdir}/xen/scripts/qemu-ifup \ + ${sysconfdir}/xen/scripts/vif2 \ + ${sysconfdir}/xen/scripts/vif-bridge \ + ${sysconfdir}/xen/scripts/vif-common.sh \ + ${sysconfdir}/xen/scripts/vif-nat \ + ${sysconfdir}/xen/scripts/vif-openvswitch \ + ${sysconfdir}/xen/scripts/vif-route \ + ${sysconfdir}/xen/scripts/vif-setup \ + " + +FILES_${PN}-scripts-block = " \ + ${sysconfdir}/xen/scripts/blktap \ + ${sysconfdir}/xen/scripts/block \ + ${sysconfdir}/xen/scripts/block-common.sh \ + ${sysconfdir}/xen/scripts/block-dummy \ + ${sysconfdir}/xen/scripts/block-enbd \ + ${sysconfdir}/xen/scripts/block-iscsi \ + ${sysconfdir}/xen/scripts/block-nbd \ + ${sysconfdir}/xen/scripts/block-drbd-probe \ + ${sysconfdir}/xen/scripts/block-tap \ + ${sysconfdir}/xen/scripts/vscsi \ + " + +FILES_${PN}-scripts-common = " \ + ${sysconfdir}/xen/scripts/external-device-migrate \ + ${sysconfdir}/xen/scripts/hotplugpath.sh \ + ${sysconfdir}/xen/scripts/locking.sh \ + ${sysconfdir}/xen/scripts/logging.sh \ + ${sysconfdir}/xen/scripts/xen-hotplug-cleanup \ + ${sysconfdir}/xen/scripts/xen-hotplug-common.sh \ + ${sysconfdir}/xen/scripts/xen-network-common.sh \ + ${sysconfdir}/xen/scripts/xen-script-common.sh \ + " + +INSANE_SKIP_${PN}-shim = "arch" +FILES_${PN}-shim = " \ + ${libdir}/xen/boot/xen-shim \ + " + +FILES_${PN}-volatiles = "\ + ${sysconfdir}/default/volatiles/99_xen \ + ${sysconfdir}/tmpfiles.d/xen.conf \ + " + +FILES_${PN}-xcutils = "\ + ${libdir}/xen/bin/lsevtchn \ + ${libdir}/xen/bin/readnotes \ + ${libdir}/xen/bin/xc_restore \ + ${libdir}/xen/bin/xc_save \ + " + +FILES_${PN}-xencov = "\ + ${sbindir}/xencov \ + " + +FILES_${PN}-xend-examples = "\ + ${sysconfdir}/xen/xend-config.sxp \ + ${sysconfdir}/xen/xend-pci-permissive.sxp \ + ${sysconfdir}/xen/xend-pci-quirks.sxp \ + " + +FILES_${PN}-xenpaging = "\ + ${libdir}/xen/bin/xenpaging \ + ${localstatedir}/lib/xen/xenpaging \ + " + +FILES_${PN}-xenpmd = "\ + ${sbindir}/xenpmd \ + " + +FILES_${PN}-xenstat = "\ + ${sbindir}/xentop \ + " + +FILES_${PN}-xenstore = "\ + ${bindir}/xenstore \ + ${bindir}/xenstore-chmod \ + ${bindir}/xenstore-control \ + ${bindir}/xenstore-exists \ + ${bindir}/xenstore-list \ + ${bindir}/xenstore-ls \ + ${bindir}/xenstore-read \ + ${bindir}/xenstore-rm \ + ${bindir}/xenstore-watch \ + ${bindir}/xenstore-write \ + " + +FILES_${PN}-xenstored = "\ + ${sbindir}/xenstored \ + ${localstatedir}/lib/xenstored \ + " + +FILES_${PN}-xentrace = "\ + ${bindir}/xentrace \ + ${bindir}/xentrace_setsize \ + ${libdir}/xen/bin/xenctx \ + ${bindir}/xenalyze \ + ${sbindir}/xentrace \ + ${sbindir}/xentrace_setsize \ + ${sbindir}/xentrace_setmask \ + " + +FILES_${PN}-xen-watchdog = "\ + ${sbindir}/xenwatchdogd \ + ${sysconfdir}/init.d/xen-watchdog \ + ${systemd_unitdir}/system/xen-watchdog.service \ + " + +FILES_${PN}-xl = "\ + ${sysconfdir}/bash_completion.d/xl.sh \ + ${sysconfdir}/xen/xl.conf \ + ${libdir}/xen/bin/libxl-save-helper \ + ${sbindir}/xl \ + ${libdir}/xen/bin/xen-init-dom0 \ + " + +FILES_${PN}-xl-examples = "\ + ${sysconfdir}/xen/xlexample.hvm \ + ${sysconfdir}/xen/xlexample.pvlinux \ + " + +FILES_${PN}-xm-examples = "\ + ${sysconfdir}/xen/xmexample1 \ + ${sysconfdir}/xen/xmexample2 \ + ${sysconfdir}/xen/xmexample3 \ + ${sysconfdir}/xen/xmexample.hvm \ + ${sysconfdir}/xen/xmexample.hvm-stubdom \ + ${sysconfdir}/xen/xmexample.nbd \ + ${sysconfdir}/xen/xmexample.pv-grub \ + ${sysconfdir}/xen/xmexample.vti \ + " + +FILES_${PN}-xenmon = "\ + ${sbindir}/xenbaked \ + ${sbindir}/xenmon.py \ + ${sbindir}/xenmon \ + " + +FILES_${PN}-xm = "\ + ${sysconfdir}/xen/xm-config.xml \ + ${datadir}/xen/create.dtd \ + ${sbindir}/xm \ + " + +FILES_${PN}-xencommons += "\ + ${sysconfdir}/default/xencommons \ + ${sysconfdir}/init.d/xencommons \ + ${sysconfdir}/xen/scripts/launch-xenstore \ + ${systemd_unitdir}/modules-load.d/xen.conf \ + ${systemd_unitdir}/system/proc-xen.mount \ + ${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service \ + ${systemd_unitdir}/system/xenconsoled.service \ + ${systemd_unitdir}/system/xen-init-dom0.service \ + ${systemd_unitdir}/system/xenstored.service \ + ${systemd_unitdir}/system/var-lib-xenstored.mount \ + " + +FILES_${PN}-xend += " \ + ${sysconfdir}/init.d/xend \ + ${sbindir}/xend \ + " + +FILES_${PN}-xendomains += "\ + ${libdir}/xen/bin/xendomains \ + ${sysconfdir}/default/xendomains \ + ${sysconfdir}/init.d/xendomains \ + ${sysconfdir}/sysconfig/xendomains \ + ${systemd_unitdir}/system/xendomains.service \ + " + +INSANE_SKIP_${PN} = "already-stripped" + +# configure init.d scripts +INITSCRIPT_PACKAGES = "${PN}-xend ${PN}-xencommons ${PN}-xen-watchdog ${PN}-xendomains ${PN}-devd" +INITSCRIPT_NAME_${PN}-xencommons = "xencommons" +INITSCRIPT_PARAMS_${PN}-xencommons = "defaults 80" +INITSCRIPT_NAME_${PN}-xen-watchdog = "xen-watchdog" +INITSCRIPT_PARAMS_${PN}-xen-watchdog = "defaults 81" +INITSCRIPT_NAME_${PN}-xend = "xend" +INITSCRIPT_PARAMS_${PN}-xend = "defaults 82" +INITSCRIPT_NAME_${PN}-xendomains = "xendomains" +INITSCRIPT_PARAMS_${PN}-xendomains = "defaults 83" +INITSCRIPT_NAME_${PN}-devd = "xendriverdomain" +INITSCRIPT_PARAMS_${PN}-devd = "defaults 82" + +# systemd packages +SYSTEMD_PACKAGES = "${PN}-xen-watchdog ${PN}-xencommons ${PN}-xendomains ${PN}-devd" +SYSTEMD_SERVICE_${PN}-devd = "xendriverdomain.service" +SYSTEMD_SERVICE_${PN}-xen-watchdog = "xen-watchdog.service" +SYSTEMD_SERVICE_${PN}-xencommons = " \ + proc-xen.mount \ + var-lib-xenstored.mount \ + xen-qemu-dom0-disk-backend.service \ + xenconsoled.service \ + xen-init-dom0.service \ + xenstored.service \ + " +SYSTEMD_SERVICE_${PN}-xendomains = "xendomains.service" + +# To build hvmloader, which is needed on x86-64 targets when 'hvm' is enabled +# in PACKAGECONFIG, additional CFLAGS are needed to set the 32-bit sysroot. +RECIPE_SYSROOT32 = "${WORKDIR}/${MLPREFIX32}recipe-sysroot" +ADD_SYSROOT32_CFLAGS = "" +ADD_SYSROOT32_CFLAGS_x86-64 = \ + "${@bb.utils.contains('PACKAGECONFIG', 'hvm', \ + 'CFLAGS += "--sysroot=${RECIPE_SYSROOT32}"', '', d)}" +# This x86-64 override is never intended for native use, so clear that. +ADD_SYSROOT32_CFLAGS_class-native = "" + +do_configure() { + do_configure_common + + if [ -n '${ADD_SYSROOT32_CFLAGS}' ] ; then + echo '${ADD_SYSROOT32_CFLAGS}' >>"${S}/tools/firmware/Rules.mk" + fi +} + +do_compile() { + cd ${S} + oe_runmake tools PYTHON="${PYTHON}" +} + +do_install() { + cd ${S} + oe_runmake DESTDIR="${D}" install-tools + + # Remove unported python 2 scripts -- see the separate xen-python2 recipe + rm -f ${D}${bindir}/xentrace_format \ + ${D}${bindir}/xencons \ + ${D}${bindir}/xencov_split \ + ${D}${libdir}/xen/bin/xenpvnetboot + + # remove installed volatiles + rm -rf ${D}${base_prefix}/run \ + ${D}${localstatedir}/run \ + ${D}${localstatedir}/lock \ + ${D}${localstatedir}/log \ + ${D}${localstatedir}/volatile \ + ${D}${localstatedir}/lib/xen + + VOLATILE_DIRS=" \ + ${base_prefix}/run/xenstored \ + ${base_prefix}/run/xend \ + ${base_prefix}/run/xend/boot \ + ${base_prefix}/run/xen \ + ${localstatedir}/log/xen \ + ${localstatedir}/lock/xen \ + ${localstatedir}/lock/subsys \ + ${localstatedir}/lib/xen \ + " + + # install volatiles using populate_volatiles mechanism + install -d ${D}${sysconfdir}/default/volatiles + for i in $VOLATILE_DIRS; do + echo "d root root 0755 $i none" >> ${D}${sysconfdir}/default/volatiles/99_xen + done + + # workaround for xendomains script which searchs sysconfig if directory exists + install -d ${D}${sysconfdir}/sysconfig + ln -sf ${sysconfdir}/default/xendomains ${D}${sysconfdir}/sysconfig/xendomains + + # systemd + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + # install volatiles using systemd tmpfiles.d + install -d ${D}${sysconfdir}/tmpfiles.d + for i in $VOLATILE_DIRS; do + echo "d $i 0755 root root - -" >> ${D}${sysconfdir}/tmpfiles.d/xen.conf + done + fi + + # fixup default path to qemu-system-i386 + sed -i 's#\(test -z "$QEMU_XEN" && QEMU_XEN=\).*$#\1"/usr/bin/qemu-system-i386"#' ${D}/etc/init.d/xencommons + + if [ -e ${D}${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service ]; then + sed -i 's#ExecStart=.*qemu-system-i386\(.*\)$#ExecStart=/usr/bin/qemu-system-i386\1#' \ + ${D}${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service + fi +} + +pkg_postinst_${PN}-volatiles() { + if [ -z "$D" ]; then + if command -v systemd-tmpfiles >/dev/null; then + systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/xen.conf + elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then + ${sysconfdir}/init.d/populate-volatile.sh update + fi + fi +} + +do_deploy() { + XEN_FULLVERSION=$(oe_runmake -C ${S}/xen xenversion --no-print-directory) + FLASK_POLICY_FILE="xenpolicy-${XEN_FULLVERSION}" + + install -d ${DEPLOYDIR} + + # Install the flask policy in the deploy directory if it exists + if [ -f ${D}/boot/${FLASK_POLICY_FILE} ]; then + install -m 0644 ${D}/boot/${FLASK_POLICY_FILE} ${DEPLOYDIR} + ln -sf ${FLASK_POLICY_FILE} ${DEPLOYDIR}/xenpolicy-${MACHINE} + fi +} +# Scheduling the do_deploy task: +# - deploy copies files from ${D} that are written during do_install so must run +# after that task +# - the tools binaries are included in the image filesystem, so we must ensure +# that the binaries deployed match what is staged in the sysroot: +# so do_deploy must run after do_populate_sysroot +# - add the task before do_build to ensure that deployment has completed when +# the recipe build done stamp is written +addtask deploy after do_install do_populate_sysroot before do_build diff --git a/external/meta-virtualization/recipes-extended/xen/xen-tools_git.bb b/external/meta-virtualization/recipes-extended/xen/xen-tools_git.bb new file mode 100644 index 00000000..00060df7 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/xen-tools_git.bb @@ -0,0 +1,24 @@ +SRCREV ?= "a5fcafbfbee55261853fba07149c1c795f2baf58" + +XEN_REL ?= "4.12" +XEN_BRANCH ?= "stable-${XEN_REL}" + +SRC_URI = " \ + git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH} \ + file://0001-python-pygrub-pass-DISTUTILS-xen.4.12.patch \ + file://xen-tools-update-python-scripts-to-py3.patch \ + file://xen-tools-libxl-gentypes-py3.patch \ + file://xen-tools-python-fix-Wsign-compare-warnings.patch \ + file://xen-tools-pygrub-change-tabs-into-spaces.patch \ + file://xen-tools-pygrub-make-python-scripts-work-with-2.6-and-up.patch \ + file://xen-tools-pygrub-py3.patch \ + " + +LIC_FILES_CHKSUM ?= "file://COPYING;md5=bbb4b1bdc2c3b6743da3c39d03249095" + +PV = "${XEN_REL}+git${SRCPV}" + +S = "${WORKDIR}/git" + +require xen.inc +require xen-tools.inc diff --git a/external/meta-virtualization/recipes-extended/xen/xen-vtpm.inc b/external/meta-virtualization/recipes-extended/xen/xen-vtpm.inc deleted file mode 100644 index a94c7503..00000000 --- a/external/meta-virtualization/recipes-extended/xen/xen-vtpm.inc +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -DEPENDS = "\ - newlib \ - lwip \ - mini-os \ - polarssl \ - stubdom-gmp \ - tpm-emulator \ -" -# These were unset by stubdom.inc to allow us to scope them per recipe -export CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" -export CCLD="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" -export CXX="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}" -export CPP="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}" -export LD="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" -export LD_LTO="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" -export AS="${HOST_PREFIX}as" -export AR="${HOST_PREFIX}ar" -export NM="${HOST_PREFIX}nm" -export RANLIB="${HOST_PREFIX}ranlib" -export OBJDUMP="${HOST_PREFIX}objdump" -export OBJCOPY="${HOST_PREFIX}objcopy" -export STRIP="${HOST_PREFIX}strip" -export STRINGS="${HOST_PREFIX}strings" -export READELF="${HOST_PREFIX}readelf" - - -# Required for some of the config stuff -export STUBDOM_TARGETS="vtpm vtpmmgr" - -VTPM_CPPFLAGS = "\ - -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/build \ - -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/crypto \ - -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/tpm \ - -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator \ -" - -# The includes from this Xen directory are not in the MiniOS repo, although they probably should be. -STUBDOM_CPPFLAGS += "-isystem ${B}/include/" - -do_configure() { - - # GCC 7 fails linking header defined inlines if not declared 'static' or 'extern' - # This appears to be fixed in Xen 4.10.0+, so let's look at version of Xen source - # to determine if we need to modify inline declarations. - # - # 'echo -e' to enable interpretation of backslashes - # 'sort -V' to natural sort version numbers - # 'head -n1' to capture the first line of output from sort command - - if [ "${PV}" = "$(echo "${PV};4.9.999" | sed 's/;/\n/' | sort -V | head -n1)" ]; then - sed -i "s/^inline/static inline/g" ${B}/vtpmmgr/*.h - fi - - for i in AR AS NM RANLIB OBJDUMP OBJCOPY STRIP STRINGS READELF CXX LD LD_LTO CC CPP; do - sed -i "s/^\($i\s\s*\).*=/\1?=/" ${MINIOS_SRCDIR}/Config.mk - done - - # replicate the TARGETS_MINIOS target in xen/stubdom/Makefile - for i in ${STUBDOM_TARGETS}; do - [ -d ${B}/mini-os-${XEN_TARGET_ARCH}-$i ] || - for j in $(cd ${MINIOS_SRCDIR} ; find . -type d) ; do \ - mkdir -p ${B}/mini-os-${XEN_TARGET_ARCH}-$i/$j; \ - done - done -} - -do_compile() { - ${MAKE} MINIOS_CONFIG="${B}/vtpm/minios.cfg" CONFIG_FILE="${B}/vtpm-minios-config.mk" DESTDIR= -C ${MINIOS_SRCDIR} config - CPPFLAGS="`cat ${B}/vtpm-minios-config.mk` ${STUBDOM_CPPFLAGS} ${VTPM_CPPFLAGS}" CFLAGS="${STUBDOM_CFLAGS}" ${MAKE} -C ${B}/vtpm - DEF_CPPFLAGS="${STUBDOM_CPPFLAGS}" \ - DEF_CFLAGS="${STUBDOM_CFLAGS}" \ - DEF_LDFLAGS="${STUBDOM_LDFLAGS}" \ - MINIOS_CONFIG="${B}/vtpm/minios.cfg" \ - ${MAKE} -C ${MINIOS_SRCDIR} \ - OBJ_DIR=${B}/mini-os-${XEN_TARGET_ARCH}-vtpm \ - APP_OBJS="${B}/vtpm/vtpm.a" \ - APP_LDLIBS="-ltpm -ltpm_crypto -lgmp -lpolarssl" - - ${MAKE} MINIOS_CONFIG="${B}/vtpmmgr/minios.cfg" CONFIG_FILE="${B}/vtpmmgr-minios-config.mk" DESTDIR= -C ${MINIOS_SRCDIR} config - CPPFLAGS="`cat ${B}/vtpmmgr-minios-config.mk` ${STUBDOM_CPPFLAGS}" CFLAGS="${STUBDOM_CFLAGS}" ${MAKE} -C ${B}/vtpmmgr - DEF_CPPFLAGS="${STUBDOM_CPPFLAGS}" \ - DEF_CFLAGS="${STUBDOM_CFLAGS}" \ - DEF_LDFLAGS="${STUBDOM_LDFLAGS}" \ - MINIOS_CONFIG="${B}/vtpmmgr/minios.cfg" \ - ${MAKE} -C ${MINIOS_SRCDIR} \ - OBJ_DIR=${B}/mini-os-${XEN_TARGET_ARCH}-vtpmmgr \ - APP_OBJS="${B}/vtpmmgr/vtpmmgr.a" \ - APP_LDLIBS="-lm -lpolarssl" -} - -PACKAGES = "\ - ${PN}-vtpm-stubdom \ - ${PN}-vtpmmgr-stubdom \ -" -FILES_${PN}-vtpm-stubdom="\ - ${libdir}/xen/boot/vtpm-stubdom.gz \ -" - -FILES_${PN}-vtpmmgr-stubdom="\ - ${libdir}/xen/boot/vtpmmgr-stubdom.gz \ -" - -do_install() { - install -m 644 -D ${B}/mini-os-${XEN_TARGET_ARCH}-vtpm/mini-os.gz ${D}${libdir}/xen/boot/vtpm-stubdom.gz - install -m 644 -D ${B}/mini-os-${XEN_TARGET_ARCH}-vtpmmgr/mini-os.gz ${D}${libdir}/xen/boot/vtpmmgr-stubdom.gz -} diff --git a/external/meta-virtualization/recipes-extended/xen/xen-vtpm_4.11.0.bb b/external/meta-virtualization/recipes-extended/xen/xen-vtpm_4.11.0.bb deleted file mode 100644 index 088e985b..00000000 --- a/external/meta-virtualization/recipes-extended/xen/xen-vtpm_4.11.0.bb +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "MiniOS-based vTPMs for Xen" -HOMEPAGE = "https://www.xenproject.org" -LICENSE = "GPLv2 & BSD-3-Clause" -LIC_FILES_CHKSUM = "file://COPYING;md5=b1ceb1b03a49b202ee6f41ffd1ed0155 \ - file://vtpm/COPYING;md5=75a98062ab0322ded060d9026a1bda61 \ -" - -# git commit hash for Xen's RELEASE-4.11.0 tag -SRCREV_xen = "1eb6544a567e3e5133fafe0c4ef3545c5138d0e4" -SRC_URI = "\ - git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;subpath=stubdom \ - git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;destsuffix=stubdom/include;subpath=tools/xenstore/include \ -" - -S="${WORKDIR}/stubdom" -B="${S}" - -require xen-vtpm.inc diff --git a/external/meta-virtualization/recipes-extended/xen/xen.inc b/external/meta-virtualization/recipes-extended/xen/xen.inc index 7eb2ac4b..2a02805f 100644 --- a/external/meta-virtualization/recipes-extended/xen/xen.inc +++ b/external/meta-virtualization/recipes-extended/xen/xen.inc @@ -1,13 +1,8 @@ -DESCRIPTION = "Xen hypervisor" HOMEPAGE = "http://xen.org" LICENSE = "GPLv2" SECTION = "console/tools" -LIC_FILES_CHKSUM = "file://COPYING;md5=bbb4b1bdc2c3b6743da3c39d03249095" - -COMPATIBLE_HOST = '(x86_64.*).*-linux|aarch64.*-linux|arm-.*-linux-gnueabi' - -inherit autotools-brokensep setuptools update-rc.d systemd deploy +inherit autotools-brokensep require xen-arch.inc @@ -17,16 +12,15 @@ PACKAGECONFIG ??= " \ ${@bb.utils.contains('XEN_TARGET_ARCH', 'x86_64', 'hvm', '', d)} \ " -FLASK_POLICY_FILE ?= "xenpolicy-${PV}" - PACKAGECONFIG[sdl] = "--enable-sdl,--disable-sdl,virtual/libsdl," PACKAGECONFIG[xsm] = "--enable-xsmpolicy,--disable-xsmpolicy,checkpolicy-native," PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd," PACKAGECONFIG[hvm] = "--with-system-seabios="/usr/share/firmware/bios.bin",--disable-seabios,seabios ipxe vgabios," +PACKAGECONFIG[externalblktap] = ",,," DEPENDS = " \ + ${@bb.utils.contains('XEN_TARGET_ARCH', 'x86_64', 'dev86-native', '', d)} \ bison-native \ - dev86-native \ flex-native \ file-native \ gettext-native \ @@ -47,7 +41,7 @@ DEPENDS = " \ pciutils \ pixman \ procps \ - python \ + python3 \ libaio \ lzo \ util-linux \ @@ -57,748 +51,6 @@ DEPENDS = " \ gnu-efi \ " -# inherit setuptools adds python to RDEPENDS, override it -RDEPENDS_${PN} = "" - -RDEPENDS_${PN}-base = "\ - bash perl xz \ - ${PN}-console \ - ${PN}-libxenguest \ - ${PN}-libxenlight \ - ${PN}-libxenvchan \ - ${PN}-libxenctrl \ - ${PN}-libxlutil \ - ${PN}-libxenstat \ - ${PN}-libxenstore \ - ${PN}-libfsimage \ - ${PN}-fsimage \ - ${PN}-scripts-block \ - ${PN}-scripts-network \ - ${PN}-xen-watchdog \ - ${PN}-xencommons \ - ${PN}-xendomains \ - ${PN}-xenstore \ - ${PN}-xenstored \ - ${PN}-xl \ - " - -RDEPENDS_${PN}-dev = "" - -RRECOMMENDS_${PN}-base = " \ - ${PN}-blktap \ - ${PN}-libblktap \ - ${PN}-libblktapctl \ - ${PN}-libvhd \ - ${PN}-flask \ - ${PN}-hvmloader \ - ${PN}-shim \ - ${PN}-xenpaging \ - " - -RDEPENDS_${PN}-devd = " \ - ${PN}-xl \ - " - -RDEPENDS_${PN}-fsimage = " \ - libext2fs \ - " - -RDEPENDS_${PN}-misc = " \ - perl \ - python \ - " - -RDEPENDS_${PN}-remus = " \ - bash \ - python \ - " - -RDEPENDS_${PN}-scripts-block = "\ - bash \ - ${PN}-scripts-common \ - ${PN}-volatiles \ - " - -RDEPENDS_${PN}-scripts-common = "bash" - -RDEPENDS_${PN}-scripts-network = "\ - bash \ - bridge-utils \ - ${PN}-scripts-common \ - ${PN}-volatiles \ - " - -RDEPENDS_${PN}-xencommons = "\ - bash \ - ${PN}-console \ - ${PN}-xenstore \ - ${PN}-xenstored \ - ${PN}-xl \ - ${PN}-scripts-common \ - " - -RDEPENDS_${PN}-xendomains = "\ - bash \ - ${PN}-console \ - ${PN}-scripts-block \ - ${PN}-scripts-common \ - ${PN}-xenstored \ - " - -RDEPENDS_${PN}-xl = "libgcc" - -RDEPENDS_${PN}-xentrace = "python" - -RDEPENDS_${PN}-xen-watchdog = "bash" - -PACKAGES = "\ - ${PN}-base \ - ${PN}-blktap \ - ${PN}-console \ - ${PN}-cpuid \ - ${PN}-dbg \ - ${PN}-dev \ - ${PN}-devd \ - ${PN}-doc \ - ${PN}-efi \ - ${PN}-flask \ - ${PN}-flask-tools \ - ${PN}-fsimage \ - ${PN}-gdbsx \ - ${PN}-hvmloader \ - ${PN}-hypervisor \ - ${PN}-init-xenstore-dom \ - ${PN}-kdd \ - ${PN}-libblktap \ - ${PN}-libblktapctl \ - ${PN}-libblktapctl-dev \ - ${PN}-libblktap-dev \ - ${PN}-libfsimage \ - ${PN}-libfsimage-dev \ - ${PN}-libvhd \ - ${PN}-libvhd-dev \ - ${PN}-libxencall \ - ${PN}-libxencall-dev \ - ${PN}-libxenctrl \ - ${PN}-libxenctrl-dev \ - ${PN}-libxendevicemodel \ - ${PN}-libxendevicemodel-dev \ - ${PN}-libxenevtchn \ - ${PN}-libxenevtchn-dev \ - ${PN}-libxenforeignmemory \ - ${PN}-libxenforeignmemory-dev \ - ${PN}-libxengnttab \ - ${PN}-libxengnttab-dev \ - ${PN}-libxenguest \ - ${PN}-libxenguest-dev \ - ${PN}-libxenlight \ - ${PN}-libxenlight-dev \ - ${PN}-libxenstat \ - ${PN}-libxenstat-dev \ - ${PN}-libxenstore \ - ${PN}-libxenstore-dev \ - ${PN}-libxentoolcore \ - ${PN}-libxentoolcore-dev \ - ${PN}-libxentoollog \ - ${PN}-libxentoollog-dev \ - ${PN}-libxenvchan \ - ${PN}-libxenvchan-dev \ - ${PN}-libxlutil \ - ${PN}-libxlutil-dev \ - ${PN}-livepatch \ - ${PN}-misc \ - ${PN}-pygrub \ - ${PN}-python \ - ${PN}-qemu \ - ${PN}-remus \ - ${PN}-scripts-block \ - ${PN}-scripts-common \ - ${PN}-scripts-network \ - ${PN}-shim \ - ${PN}-staticdev \ - ${PN}-volatiles \ - ${PN}-xcutils \ - ${PN}-xencommons \ - ${PN}-xend \ - ${PN}-xend-examples \ - ${PN}-xendomains \ - ${PN}-xenmon \ - ${PN}-xenpaging \ - ${PN}-xenpmd \ - ${PN}-xenstat \ - ${PN}-xenstore \ - ${PN}-xenstored \ - ${PN}-xentrace \ - ${PN}-xen-watchdog \ - ${PN}-xl \ - ${PN}-xl-examples \ - ${PN}-xm \ - ${PN}-xm-examples \ - " - -FILES_${PN}-dbg += "\ - ${libdir}/.debug \ - ${libdir}/debug/* \ - ${libdir}/xen/bin/.debug \ - ${libdir}/python2.7/site-packages/.debug \ - ${libdir}/python2.7/site-packages/xen/lowlevel/.debug \ - ${libdir}/fs/xfs/.debug \ - ${libdir}/fs/ufs/.debug \ - ${libdir}/fs/ext2fs-lib/.debug \ - ${libdir}/fs/fat/.debug \ - ${libdir}/fs/zfs/.debug \ - ${libdir}/fs/reiserfs/.debug \ - ${libdir}/fs/iso9660/.debug \ - ${libdir}/fs/*/.debug \ - ${sbindir}/.debug \ - ${libdir}exec/.debug \ - ${libdir}/xen/libexec/.debug \ - ${bindir}/.debug \ - ${libdir}/python2.7/dist-packages/.debug \ - ${libdir}/python2.7/dist-packages/xen/lowlevel/.debug \ - " - -FILES_${PN}-dev = "\ - ${includedir} \ - " - -FILES_${PN}-doc = "\ - ${sysconfdir}/xen/README \ - ${sysconfdir}/xen/README.incompatibilities \ - ${datadir}/doc \ - ${datadir}/man \ - " - -FILES_${PN}-staticdev += "\ - ${libdir}/libblktapctl.a \ - ${libdir}/libxenguest.a \ - ${libdir}/libxenlight.a \ - ${libdir}/libxenvchan.a \ - ${libdir}/libxenctrl.a \ - ${libdir}/libxlutil.a \ - ${libdir}/libvhd.a \ - ${libdir}/libxenstat.a \ - ${libdir}/libxenstore.a \ - ${libdir}/libblktap.a \ - " - -FILES_${PN}-libblktapctl = "${libdir}/libblktapctl.so.*" -FILES_${PN}-libblktapctl-dev = " \ - ${libdir}/libblktapctl.so \ - ${datadir}/pkgconfig/xenblktapctl.pc \ - " - -FILES_${PN}-libxencall = "${libdir}/libxencall.so.*" -FILES_${PN}-libxencall-dev = " \ - ${libdir}/libxencall.so \ - ${datadir}/pkgconfig/xencall.pc \ - " - -FILES_${PN}-libxenctrl = "${libdir}/libxenctrl.so.*" -FILES_${PN}-libxenctrl-dev = " \ - ${libdir}/libxenctrl.so \ - ${datadir}/pkgconfig/xencontrol.pc \ - " - -FILES_${PN}-libxendevicemodel = "${libdir}/libxendevicemodel.so.*" -FILES_${PN}-libxendevicemodel-dev = " \ - ${libdir}/libxendevicemodel.so \ - ${datadir}/pkgconfig/xendevicemodel.pc \ - " - -FILES_${PN}-libxenevtchn = "${libdir}/libxenevtchn.so.*" -FILES_${PN}-libxenevtchn-dev = " \ - ${libdir}/libxenevtchn.so \ - ${datadir}/pkgconfig/xenevtchn.pc \ - " - -FILES_${PN}-libxenforeignmemory = "${libdir}/libxenforeignmemory.so.*" -FILES_${PN}-libxenforeignmemory-dev = " \ - ${libdir}/libxenforeignmemory.so \ - ${datadir}/pkgconfig/xenforeignmemory.pc \ - " - -FILES_${PN}-libxengnttab = "${libdir}/libxengnttab.so.*" -FILES_${PN}-libxengnttab-dev = " \ - ${libdir}/libxengnttab.so \ - ${datadir}/pkgconfig/xengnttab.pc \ - " - -FILES_${PN}-libxenguest = "${libdir}/libxenguest.so.*" -FILES_${PN}-libxenguest-dev = " \ - ${libdir}/libxenguest.so \ - ${datadir}/pkgconfig/xenguest.pc \ - " - -FILES_${PN}-libxenlight = "${libdir}/libxenlight.so.*" -FILES_${PN}-libxenlight-dev = " \ - ${libdir}/libxenlight.so \ - ${datadir}/pkgconfig/xenlight.pc \ - " - -FILES_${PN}-libxenstat = "${libdir}/libxenstat.so.*" -FILES_${PN}-libxenstat-dev = " \ - ${libdir}/libxenstat.so \ - ${datadir}/pkgconfig/xenstat.pc \ - " - -FILES_${PN}-libxenstore = "${libdir}/libxenstore.so.*" -FILES_${PN}-libxenstore-dev = " \ - ${libdir}/libxenstore.so \ - ${datadir}/pkgconfig/xenstore.pc \ - " - -FILES_${PN}-libxentoolcore = "${libdir}/libxentoolcore.so.*" -FILES_${PN}-libxentoolcore-dev = " \ - ${libdir}/libxentoolcore.so \ - ${datadir}/pkgconfig/xentoolcore.pc \ - " - -FILES_${PN}-libxentoollog = "${libdir}/libxentoollog.so.*" -FILES_${PN}-libxentoollog-dev = " \ - ${libdir}/libxentoollog.so \ - ${datadir}/pkgconfig/xentoollog.pc \ - " - -FILES_${PN}-libxenvchan = "${libdir}/libxenvchan.so.*" -FILES_${PN}-libxenvchan-dev = " \ - ${libdir}/libxenvchan.so \ - ${datadir}/pkgconfig/xenvchan.pc \ - " - -FILES_${PN}-libxlutil = "${libdir}/libxlutil.so.*" -FILES_${PN}-libxlutil-dev = " \ - ${libdir}/libxlutil.so \ - ${datadir}/pkgconfig/xlutil.pc \ - " -FILES_${PN}-libvhd = "${libdir}/libvhd.so.*" -FILES_${PN}-libvhd-dev = " \ - ${libdir}/libvhd.so \ - ${datadir}/pkgconfig/vhd.pc \ - " - -FILES_${PN}-libblktap = "${libdir}/libblktap.so.*" -FILES_${PN}-libblktap-dev = " \ - ${libdir}/libblktap.so \ - ${datadir}/pkgconfig/blktap.pc \ - " - -FILES_${PN}-libfsimage = "${libdir}/libfsimage.so.*" -FILES_${PN}-libfsimage-dev = " \ - ${libdir}/libfsimage.so \ - ${datadir}/pkgconfig/fsimage.pc \ - " - -FILES_${PN}-fsimage = "${libdir}/fs/*/*fsimage.so" - -FILES_${PN}-hypervisor = "\ - /boot/xen-* \ - /boot/xen \ - /boot/xen-*.gz \ - /boot/xen.gz \ - /boot/xen-syms-* \ - " - -FILES_${PN}-init-xenstore-dom = "${libdir}/xen/bin/init-xenstore-domain" - -FILES_${PN}-efi = "\ - ${exec_prefix}/lib64/efi/xen* \ - " - -FILES_${PN}-base = "\ - ${sysconfdir}/xen/auto \ - ${sysconfdir}/xen/cpupool \ - ${localstatedir}/xen/dump \ - " - -FILES_${PN}-blktap = "\ - ${sbindir}/blktapctrl \ - ${sbindir}/img2qcow \ - ${sbindir}/lock-util \ - ${sbindir}/qcow2raw \ - ${sbindir}/qcow-create \ - ${sbindir}/tap-ctl \ - ${sbindir}/tapdisk \ - ${sbindir}/tapdisk2 \ - ${sbindir}/tapdisk-client \ - ${sbindir}/tapdisk-diff \ - ${sbindir}/tapdisk-stream \ - ${sbindir}/td-util \ - ${sbindir}/vhd-update \ - ${sbindir}/vhd-util \ - " - -FILES_${PN}-console = "\ - ${libdir}/xen/bin/xenconsole \ - ${sbindir}/xenconsoled \ - " - -FILES_${PN}-cpuid = "\ - ${bindir}/xen-cpuid \ - " - -FILES_${PN}-devd = "\ - ${sysconfdir}/init.d/xendriverdomain \ - ${systemd_unitdir}/system/xendriverdomain.service \ - " - -FILES_${PN}-flask = "\ - /boot/${FLASK_POLICY_FILE} \ - " - -FILES_${PN}-flask-tools = "\ - ${sbindir}/flask-get-bool \ - ${sbindir}/flask-getenforce \ - ${sbindir}/flask-label-pci \ - ${sbindir}/flask-loadpolicy \ - ${sbindir}/flask-set-bool \ - ${sbindir}/flask-setenforce \ - " - -FILES_${PN}-gdbsx = "\ - ${sbindir}/gdbsx \ - " - -INSANE_SKIP_${PN}-hvmloader = "arch" -FILES_${PN}-hvmloader = "\ - ${libdir}/xen/boot/hvmloader \ - " - -FILES_${PN}-kdd = "\ - ${sbindir}/kdd \ - " - -FILES_${PN}-livepatch += " \ - ${sbindir}/xen-livepatch \ - " - -FILES_${PN}-misc = "\ - ${bindir}/xencons \ - ${bindir}/xencov_split \ - ${bindir}/xen-detect \ - ${libdir}/xen/bin/xenpvnetboot \ - ${libdir}/xen/bin/depriv-fd-checker \ - ${sbindir}/gtracestat \ - ${sbindir}/gtraceview \ - ${sbindir}/xen-bugtool \ - ${sbindir}/xencov \ - ${sbindir}/xenperf \ - ${sbindir}/xenpm \ - ${sbindir}/xsview \ - ${sbindir}/xen-diag \ - ${sbindir}/xen-tmem-list-parse \ - ${sbindir}/xen-python-path \ - ${sbindir}/xen-ringwatch \ - ${sbindir}/xen-hptool \ - ${sbindir}/xen-hvmcrash \ - ${sbindir}/xen-hvmctx \ - ${sbindir}/xenlockprof \ - ${sbindir}/xen-lowmemd \ - ${sbindir}/xen-mfndump \ - ${libdir}/xen/bin/verify-stream-v2 \ - ${libdir}/xen/bin/convert-legacy-stream \ - " - -FILES_${PN}-pygrub = "\ - ${bindir}/pygrub \ - ${libdir}/xen/bin/pygrub \ - " - -FILES_${PN}-python = "\ - ${libdir}/python2.7 \ - " - -INSANE_SKIP_${PN} = "already-stripped" -INSANE_SKIP_${PN}-qemu = "arch" -FILES_${PN}-qemu = " \ - ${datadir}/xen/qemu \ - ${libdir}/xen/bin/qemu-system-i386 \ - ${libdir}/xen/bin/qemu-system-x86_64 \ - ${libdir}/xen/bin/qemu-img \ - ${libdir}/xen/bin/qemu-nbd \ - ${libdir}/xen/bin/qemu-ga \ - ${libdir}/xen/bin/qemu-io \ - ${libdir}/xen/bin/qemu-dm \ - ${libdir}/xen/bin/virtfs-proxy-helper \ - /usr/libexec/qemu-bridge-helper \ - ${libdir}/xen/libexec/qemu-bridge-helper \ - /usr/etc/qemu \ - /usr/etc/qemu/target-x86_64.conf \ - ${libdir}/xen/etc/qemu/target-x86_64.conf \ - ${datadir}/qemu-xen \ - ${datadir}/qemu-xen/qemu \ - ${datadir}/qemu-xen/qemu/bamboo.dtb \ - ${datadir}/qemu-xen/qemu/pxe-pcnet.rom \ - ${datadir}/qemu-xen/qemu/vgabios-vmware.bin \ - ${datadir}/qemu-xen/qemu/pxe-eepro100.rom \ - ${datadir}/qemu-xen/qemu/pxe-e1000.rom \ - ${datadir}/qemu-xen/qemu/openbios-ppc \ - ${datadir}/qemu-xen/qemu/multiboot.bin \ - ${datadir}/qemu-xen/qemu/vgabios-cirrus.bin \ - ${datadir}/qemu-xen/qemu/bios.bin \ - ${datadir}/qemu-xen/qemu/vgabios-stdvga.bin \ - ${datadir}/qemu-xen/qemu/palcode-clipper \ - ${datadir}/qemu-xen/qemu/pxe-ne2k_pci.rom \ - ${datadir}/qemu-xen/qemu/spapr-rtas.bin \ - ${datadir}/qemu-xen/qemu/slof.bin \ - ${datadir}/qemu-xen/qemu/vgabios-qxl.bin \ - ${datadir}/qemu-xen/qemu/pxe-rtl8139.rom \ - ${datadir}/qemu-xen/qemu/openbios-sparc64 \ - ${datadir}/qemu-xen/qemu/pxe-virtio.rom \ - ${datadir}/qemu-xen/qemu/kvmvapic.bin \ - ${datadir}/qemu-xen/qemu/openbios-sparc32 \ - ${datadir}/qemu-xen/qemu/petalogix-s3adsp1800.dtb \ - ${datadir}/qemu-xen/qemu/sgabios.bin \ - ${datadir}/qemu-xen/qemu/linuxboot.bin \ - ${datadir}/qemu-xen/qemu/qemu-icon.bmp \ - ${datadir}/qemu-xen/qemu/ppc_rom.bin \ - ${datadir}/qemu-xen/qemu/vgabios.bin \ - ${datadir}/qemu-xen/qemu/s390-zipl.rom \ - ${datadir}/qemu-xen/qemu/petalogix-ml605.dtb \ - ${datadir}/qemu-xen/qemu/keymaps \ - ${datadir}/qemu-xen/qemu/keymaps/common \ - ${datadir}/qemu-xen/qemu/keymaps/th \ - ${datadir}/qemu-xen/qemu/keymaps/is \ - ${datadir}/qemu-xen/qemu/keymaps/en-gb \ - ${datadir}/qemu-xen/qemu/keymaps/ar \ - ${datadir}/qemu-xen/qemu/keymaps/fr-be \ - ${datadir}/qemu-xen/qemu/keymaps/ru \ - ${datadir}/qemu-xen/qemu/keymaps/hu \ - ${datadir}/qemu-xen/qemu/keymaps/de-ch \ - ${datadir}/qemu-xen/qemu/keymaps/no \ - ${datadir}/qemu-xen/qemu/keymaps/fr \ - ${datadir}/qemu-xen/qemu/keymaps/pl \ - ${datadir}/qemu-xen/qemu/keymaps/fr-ca \ - ${datadir}/qemu-xen/qemu/keymaps/de \ - ${datadir}/qemu-xen/qemu/keymaps/fr-ch \ - ${datadir}/qemu-xen/qemu/keymaps/bepo \ - ${datadir}/qemu-xen/qemu/keymaps/lv \ - ${datadir}/qemu-xen/qemu/keymaps/ja \ - ${datadir}/qemu-xen/qemu/keymaps/da \ - ${datadir}/qemu-xen/qemu/keymaps/lt \ - ${datadir}/qemu-xen/qemu/keymaps/hr \ - ${datadir}/qemu-xen/qemu/keymaps/es \ - ${datadir}/qemu-xen/qemu/keymaps/modifiers \ - ${datadir}/qemu-xen/qemu/keymaps/sl \ - ${datadir}/qemu-xen/qemu/keymaps/it \ - ${datadir}/qemu-xen/qemu/keymaps/nl \ - ${datadir}/qemu-xen/qemu/keymaps/fo \ - ${datadir}/qemu-xen/qemu/keymaps/mk \ - ${datadir}/qemu-xen/qemu/keymaps/pt-br \ - ${datadir}/qemu-xen/qemu/keymaps/tr \ - ${datadir}/qemu-xen/qemu/keymaps/sv \ - ${datadir}/qemu-xen/qemu/keymaps/fi \ - ${datadir}/qemu-xen/qemu/keymaps/en-us \ - ${datadir}/qemu-xen/qemu/keymaps/et \ - ${datadir}/qemu-xen/qemu/keymaps/nl-be \ - ${datadir}/qemu-xen/qemu/keymaps/pt \ - ${bindir}/qemu-nbd-xen \ - ${bindir}/qemu-img-xen \ - " - -FILES_${PN}-remus = "\ - ${bindir}/remus \ - ${sysconfdir}/xen/scripts/remus-netbuf-setup \ - " - -FILES_${PN}-scripts-network = " \ - ${sysconfdir}/xen/scripts/colo-proxy-setup \ - ${sysconfdir}/xen/scripts/network-bridge \ - ${sysconfdir}/xen/scripts/network-nat \ - ${sysconfdir}/xen/scripts/network-route \ - ${sysconfdir}/xen/scripts/qemu-ifup \ - ${sysconfdir}/xen/scripts/vif2 \ - ${sysconfdir}/xen/scripts/vif-bridge \ - ${sysconfdir}/xen/scripts/vif-common.sh \ - ${sysconfdir}/xen/scripts/vif-nat \ - ${sysconfdir}/xen/scripts/vif-openvswitch \ - ${sysconfdir}/xen/scripts/vif-route \ - ${sysconfdir}/xen/scripts/vif-setup \ - " - -FILES_${PN}-scripts-block = " \ - ${sysconfdir}/xen/scripts/blktap \ - ${sysconfdir}/xen/scripts/block \ - ${sysconfdir}/xen/scripts/block-common.sh \ - ${sysconfdir}/xen/scripts/block-dummy \ - ${sysconfdir}/xen/scripts/block-enbd \ - ${sysconfdir}/xen/scripts/block-iscsi \ - ${sysconfdir}/xen/scripts/block-nbd \ - ${sysconfdir}/xen/scripts/block-drbd-probe \ - ${sysconfdir}/xen/scripts/block-tap \ - ${sysconfdir}/xen/scripts/vscsi \ - " - -FILES_${PN}-scripts-common = " \ - ${sysconfdir}/xen/scripts/external-device-migrate \ - ${sysconfdir}/xen/scripts/hotplugpath.sh \ - ${sysconfdir}/xen/scripts/locking.sh \ - ${sysconfdir}/xen/scripts/logging.sh \ - ${sysconfdir}/xen/scripts/xen-hotplug-cleanup \ - ${sysconfdir}/xen/scripts/xen-hotplug-common.sh \ - ${sysconfdir}/xen/scripts/xen-network-common.sh \ - ${sysconfdir}/xen/scripts/xen-script-common.sh \ - " - -INSANE_SKIP_${PN}-shim = "arch" -FILES_${PN}-shim = " \ - ${libdir}/xen/boot/xen-shim \ - " - -FILES_${PN}-volatiles = "\ - ${sysconfdir}/default/volatiles/99_xen \ - ${sysconfdir}/tmpfiles.d/xen.conf \ - " - -FILES_${PN}-xcutils = "\ - ${libdir}/xen/bin/lsevtchn \ - ${libdir}/xen/bin/readnotes \ - ${libdir}/xen/bin/xc_restore \ - ${libdir}/xen/bin/xc_save \ - " - -FILES_${PN}-xend-examples = "\ - ${sysconfdir}/xen/xend-config.sxp \ - ${sysconfdir}/xen/xend-pci-permissive.sxp \ - ${sysconfdir}/xen/xend-pci-quirks.sxp \ - " - -FILES_${PN}-xenpaging = "\ - ${libdir}/xen/bin/xenpaging \ - ${localstatedir}/lib/xen/xenpaging \ - " - -FILES_${PN}-xenpmd = "\ - ${sbindir}/xenpmd \ - " - -FILES_${PN}-xenstat = "\ - ${sbindir}/xentop \ - " - -FILES_${PN}-xenstore = "\ - ${bindir}/xenstore \ - ${bindir}/xenstore-chmod \ - ${bindir}/xenstore-control \ - ${bindir}/xenstore-exists \ - ${bindir}/xenstore-list \ - ${bindir}/xenstore-ls \ - ${bindir}/xenstore-read \ - ${bindir}/xenstore-rm \ - ${bindir}/xenstore-watch \ - ${bindir}/xenstore-write \ - " - -FILES_${PN}-xenstored = "\ - ${sbindir}/xenstored \ - ${localstatedir}/lib/xenstored \ - " - -FILES_${PN}-xentrace = "\ - ${bindir}/xentrace \ - ${bindir}/xentrace_format \ - ${bindir}/xentrace_setsize \ - ${libdir}/xen/bin/xenctx \ - ${bindir}/xenalyze \ - ${sbindir}/xentrace \ - ${sbindir}/xentrace_setsize \ - " - -FILES_${PN}-xen-watchdog = "\ - ${sbindir}/xenwatchdogd \ - ${sysconfdir}/init.d/xen-watchdog \ - ${systemd_unitdir}/system/xen-watchdog.service \ - " - -FILES_${PN}-xl = "\ - ${sysconfdir}/bash_completion.d/xl.sh \ - ${sysconfdir}/xen/xl.conf \ - ${libdir}/xen/bin/libxl-save-helper \ - ${sbindir}/xl \ - ${libdir}/xen/bin/xen-init-dom0 \ - " - -FILES_${PN}-xl-examples = "\ - ${sysconfdir}/xen/xlexample.hvm \ - ${sysconfdir}/xen/xlexample.pvlinux \ - " - -FILES_${PN}-xm-examples = "\ - ${sysconfdir}/xen/xmexample1 \ - ${sysconfdir}/xen/xmexample2 \ - ${sysconfdir}/xen/xmexample3 \ - ${sysconfdir}/xen/xmexample.hvm \ - ${sysconfdir}/xen/xmexample.hvm-stubdom \ - ${sysconfdir}/xen/xmexample.nbd \ - ${sysconfdir}/xen/xmexample.pv-grub \ - ${sysconfdir}/xen/xmexample.vti \ - " - -FILES_${PN}-xenmon = "\ - ${sbindir}/xenbaked \ - ${sbindir}/xentrace_setmask \ - ${sbindir}/xenmon.py \ - " - -FILES_${PN}-xm = "\ - ${sysconfdir}/xen/xm-config.xml \ - ${datadir}/xen/create.dtd \ - ${sbindir}/xm \ - " - -FILES_${PN}-xencommons += "\ - ${sysconfdir}/default/xencommons \ - ${sysconfdir}/init.d/xencommons \ - ${sysconfdir}/xen/scripts/launch-xenstore \ - ${systemd_unitdir}/modules-load.d/xen.conf \ - ${systemd_unitdir}/system/proc-xen.mount \ - ${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service \ - ${systemd_unitdir}/system/xenconsoled.service \ - ${systemd_unitdir}/system/xen-init-dom0.service \ - ${systemd_unitdir}/system/xenstored.service \ - ${systemd_unitdir}/system/var-lib-xenstored.mount \ - " - -FILES_${PN}-xend += " \ - ${sysconfdir}/init.d/xend \ - ${sbindir}/xend \ - " - -FILES_${PN}-xendomains += "\ - ${libdir}/xen/bin/xendomains \ - ${sysconfdir}/default/xendomains \ - ${sysconfdir}/init.d/xendomains \ - ${sysconfdir}/sysconfig/xendomains \ - ${systemd_unitdir}/system/xendomains.service \ - " - -# configure init.d scripts -INITSCRIPT_PACKAGES = "${PN}-xend ${PN}-xencommons ${PN}-xen-watchdog ${PN}-xendomains ${PN}-devd" -INITSCRIPT_NAME_${PN}-xencommons = "xencommons" -INITSCRIPT_PARAMS_${PN}-xencommons = "defaults 80" -INITSCRIPT_NAME_${PN}-xen-watchdog = "xen-watchdog" -INITSCRIPT_PARAMS_${PN}-xen-watchdog = "defaults 81" -INITSCRIPT_NAME_${PN}-xend = "xend" -INITSCRIPT_PARAMS_${PN}-xend = "defaults 82" -INITSCRIPT_NAME_${PN}-xendomains = "xendomains" -INITSCRIPT_PARAMS_${PN}-xendomains = "defaults 83" -INITSCRIPT_NAME_${PN}-devd = "xendriverdomain" -INITSCRIPT_PARAMS_${PN}-devd = "defaults 82" - -# systemd packages -SYSTEMD_PACKAGES = "${PN}-xen-watchdog ${PN}-xencommons ${PN}-xendomains ${PN}-devd" -SYSTEMD_SERVICE_${PN}-devd = "xendriverdomain.service" -SYSTEMD_SERVICE_${PN}-xen-watchdog = "xen-watchdog.service" -SYSTEMD_SERVICE_${PN}-xencommons = " \ - proc-xen.mount \ - var-lib-xenstored.mount \ - xen-qemu-dom0-disk-backend.service \ - xenconsoled.service \ - xen-init-dom0.service \ - xenstored.service \ - " -SYSTEMD_SERVICE_${PN}-xendomains = "xendomains.service" - #### REQUIRED ENVIRONMENT VARIABLES #### export BUILD_SYS export HOST_SYS @@ -823,8 +75,8 @@ libexecdir = "${libdir}" export XEN_OS = "Linux" # this is used for the header (#!${bindir}/python) of the install python scripts -export PYTHONPATH="${bindir}/python" -export ac_cv_path_PYTHONPATH="${bindir}/python" +export PYTHONPATH="${bindir}/env python3" +export ac_cv_path_PYTHONPATH="${bindir}/env python3" export DISTUTILS_BUILD_ARGS export DISTUTILS_INSTALL_ARGS @@ -838,15 +90,27 @@ export CROSS_COMPILE="${TARGET_PREFIX}" # overide LDFLAGS to allow xen to build without: "x86_64-oe-linux-ld: unrecognized option '-Wl,-O1'" export LDFLAGS="" -# Yocto injects -mfpmath=sse for some machine types into the CFLAGS which -# conflicts with -mno-sse so instead we strip -mfpmath=sse instead of -# patching the build to be ok with this -TUNE_CCARGS := "${@oe.utils.str_filter_out('-mfpmath=sse', '${TUNE_CCARGS}', d)}" -TUNE_CCARGS := "${@oe.utils.str_filter_out('-msse4.2', '${TUNE_CCARGS}', d)}" - -# Supply the full set of compiler flags via the tool variables -# Yocto supplys _FORTIFY_SOURCE via CC/CPP/CXX but optimization -O via C*FLAGS -CC_append = " ${CFLAGS}" +# Pass through the Yocto distro compiler flags via the Xen-provided variables. +# Special handling: +# - Yocto supplies the _FORTIFY_SOURCE flag via CC/CPP/CXX but then passes the +# optimization -O via C*FLAGS which is problematic when the CFLAGS are cleared +# within the build because compilation fails with the compiler stating +# "_FORTIFY_SOURCE requires compiling with optimization (-O)". +# - Move HOST_CC_ARCH into the Xen-provided CFLAGS variables and keep +# TOOLCHAIN_OPTIONS set via CC: this enables hvmloader to be built correctly. +# It must not be compiled with SSE compiler options enabled and the Xen build +# explicitly clears CFLAGS to ensure that, so such options must not be passed +# in via the tool variable. hvmloader is required to run HVM-mode guest VMs. +CC="${CCACHE}${HOST_PREFIX}gcc ${TOOLCHAIN_OPTIONS} ${CC_REPRODUCIBLE_OPTIONS}" +EXTRA_CFLAGS_XEN_CORE="${HOST_CC_ARCH} ${CFLAGS}" +EXTRA_CFLAGS_XEN_TOOLS="${HOST_CC_ARCH} ${CFLAGS}" +# 32-bit ARM needs the TUNE_CCARGS component of HOST_CC_ARCH to be passed +# in CC to ensure that configure can compile binaries for the right arch. +CC_arm="${CCACHE}${HOST_PREFIX}gcc ${TUNE_CCARGS} ${TOOLCHAIN_OPTIONS} ${CC_REPRODUCIBLE_OPTIONS}" +EXTRA_CFLAGS_XEN_CORE_arm="${SECURITY_CFLAGS} ${CFLAGS}" +EXTRA_CFLAGS_XEN_TOOLS_arm="${SECURITY_CFLAGS} ${CFLAGS}" + +# There are no Xen-provided variables for C++, so append to the tool variables: CPP_append = " ${CPPFLAGS}" CXX_append = " ${CXXFLAGS}" @@ -891,10 +155,10 @@ EXTRA_OEMAKE += "${@['', 'XEN_WHOAMI=${PF} XEN_DOMAIN=${DISTRO} XEN_BUILD_HOST=$ [d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1']}${@get_build_time_vars(d)}" # Improve build reproducibility: compiler flags to remove filesystem differences. -# Suppress __FILE__ via an alternative builtin. -CC += "${@['', '-gno-record-gcc-switches -Wno-builtin-macro-redefined -D__FILE__=__VERSION__ ' + \ - '-fdebug-prefix-map=${WORKDIR}=${PN}'] \ - [d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1']}" +CC_REPRODUCIBLE_OPTIONS = "${@['', '-gno-record-gcc-switches ' + \ + '-ffile-prefix-map=${S}=${PN}-source ' + \ + '-fdebug-prefix-map=${WORKDIR}=${PN}'] \ + [d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1']}" # check for XSM in package config to allow XSM_ENABLE to be set python () { @@ -928,26 +192,11 @@ do_post_patch() { do_post_patch_append_arm() { # The hypervisor binary must not be built with the hard floating point ABI. - echo "CC := \$(filter-out ${TUNE_CCARGS},\$(CC))" >> ${B}/xen/arch/arm/Rules.mk + echo "CC := \$(filter-out ${TUNE_CCARGS},\$(CC))" >> ${S}/xen/arch/arm/Rules.mk } addtask post_patch after do_patch before do_configure -do_stubs() { - # no stubs-32.h in our 64-bit sysroot - hack it into tools/include/gnu - if ! test -f ${STAGING_DIR_TARGET}/usr/include/gnu/stubs-32.h ; then - if test -f ${STAGING_DIR_TARGET}/usr/include/gnu/stubs-64.h ; then - test -d ${S}/tools/include/gnu || mkdir ${S}/tools/include/gnu - cat ${STAGING_DIR_TARGET}/usr/include/gnu/stubs-64.h | grep -v stub_bdflush | grep -v stub_getmsg | grep -v stub_putmsg > ${S}/tools/include/gnu/stubs-32.h - echo \#define __stub___kernel_cosl >> ${S}/tools/include/gnu/stubs-32.h - echo \#define __stub___kernel_sinl >> ${S}/tools/include/gnu/stubs-32.h - echo \#define __stub___kernel_tanl >> ${S}/tools/include/gnu/stubs-32.h - fi - fi -} - -addtask stubs after do_configure before do_compile - # Allow all hypervisor settings in a defconfig EXTRA_OEMAKE += "XEN_CONFIG_EXPERT=y" # Build release versions always. Technically since we track release @@ -955,7 +204,8 @@ EXTRA_OEMAKE += "XEN_CONFIG_EXPERT=y" # from staging that reverts this EXTRA_OEMAKE += "debug=n" -do_configure() { +do_configure_common() { + cd ${S} #./configure --enable-xsmpolicy does not set XSM_ENABLE must be done manually if [ "${XSM_ENABLED}" = "1" ]; then @@ -967,140 +217,22 @@ do_configure() { bbfatal "Unable to copy defconfig to .config" fi + unset CFLAGS + # do configure - oe_runconf - if [ ! -e ${STAGING_INCDIR}/bits/long-double-32.h ]; then - cp ${STAGING_INCDIR}/bits/long-double-64.h ${STAGING_INCDIR}/bits/long-double-32.h - fi + oe_runconf EXTRA_CFLAGS_XEN_CORE="${EXTRA_CFLAGS_XEN_CORE}" \ + EXTRA_CFLAGS_XEN_TOOLS="${EXTRA_CFLAGS_XEN_TOOLS}" \ + PYTHON="${PYTHON}" } -do_compile() { +do_compile_prepend() { # workaround for build bug when CFLAGS is exported # https://www.mail-archive.com/xen-devel@lists.xen.org/msg67822.html unset CFLAGS - - # Workaround for parallel build bug: build xen first. - # https://lists.xenproject.org/archives/html/xen-devel/2018-07/msg02551.html - oe_runmake xen - oe_runmake } -do_install() { +do_install_prepend() { # CFLAGS is used to set PY_CFLAGS which affects the pygrub install # so also need to unset CFLAGS here: unset CFLAGS - oe_runmake DESTDIR="${D}" install - - # remove installed volatiles - rm -rf ${D}${localstatedir}/run \ - ${D}${localstatedir}/lock \ - ${D}${localstatedir}/log \ - ${D}${localstatedir}/volatile \ - ${D}${localstatedir}/lib/xen - - VOLATILE_DIRS=" \ - ${localstatedir}/run/xenstored \ - ${localstatedir}/run/xend \ - ${localstatedir}/run/xend/boot \ - ${localstatedir}/run/xen \ - ${localstatedir}/log/xen \ - ${localstatedir}/lock/xen \ - ${localstatedir}/lock/subsys \ - ${localstatedir}/lib/xen \ - " - - # install volatiles using populate_volatiles mechanism - install -d ${D}${sysconfdir}/default/volatiles - for i in $VOLATILE_DIRS; do - echo "d root root 0755 $i none" >> ${D}${sysconfdir}/default/volatiles/99_xen - done - - # workaround for xendomains script which searchs sysconfig if directory exists - install -d ${D}${sysconfdir}/sysconfig - ln -sf ${sysconfdir}/default/xendomains ${D}${sysconfdir}/sysconfig/xendomains - - # systemd - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - # install volatiles using systemd tmpfiles.d - install -d ${D}${sysconfdir}/tmpfiles.d - for i in $VOLATILE_DIRS; do - echo "d $i 0755 root root - -" >> ${D}${sysconfdir}/tmpfiles.d/xen.conf - done - fi - - # fixup default path to qemu-system-i386 - sed -i 's#\(test -z "$QEMU_XEN" && QEMU_XEN=\).*$#\1"/usr/bin/qemu-system-i386"#' ${D}/etc/init.d/xencommons - - if [ -e ${D}${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service ]; then - sed -i 's#ExecStart=.*qemu-system-i386\(.*\)$#ExecStart=/usr/bin/qemu-system-i386\1#' \ - ${D}${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service - fi -} - -pkg_postinst_${PN}-volatiles() { - if [ -z "$D" ]; then - if command -v systemd-tmpfiles >/dev/null; then - systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/xen.conf - elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then - ${sysconfdir}/init.d/populate-volatile.sh update - fi - fi -} - -do_deploy() { - install -d ${DEPLOYDIR} - - if [ -f ${D}/boot/xen ]; then - install -m 0644 ${D}/boot/xen ${DEPLOYDIR}/xen-${MACHINE} - fi - - if [ -f ${D}/boot/xen.gz ]; then - install -m 0644 ${D}/boot/xen.gz ${DEPLOYDIR}/xen-${MACHINE}.gz - fi - - if [ -f ${D}/usr/lib64/efi/xen.efi ]; then - install -m 0644 ${D}/usr/lib64/efi/xen.efi ${DEPLOYDIR}/xen-${MACHINE}.efi - fi - - # Install the flask policy in the deploy directory if it exists - if [ -f ${D}/boot/${FLASK_POLICY_FILE} ]; then - install -m 0644 ${D}/boot/${FLASK_POLICY_FILE} ${DEPLOYDIR} - ln -sf ${FLASK_POLICY_FILE} ${DEPLOYDIR}/xenpolicy-${MACHINE} - fi -} - -addtask deploy after do_populate_sysroot - -# Enable use of menuconfig directly from bitbake and also within the devshell -OE_TERMINAL_EXPORTS += "HOST_EXTRACFLAGS HOSTLDFLAGS TERMINFO" -HOST_EXTRACFLAGS = "${BUILD_CFLAGS} ${BUILD_LDFLAGS}" -HOSTLDFLAGS = "${BUILD_LDFLAGS}" -TERMINFO = "${STAGING_DATADIR_NATIVE}/terminfo" -do_devshell[depends] += "ncurses-native:do_populate_sysroot" - -KCONFIG_CONFIG_COMMAND ??= "menuconfig" -python do_menuconfig() { - import shutil - - try: - mtime = os.path.getmtime("xen/.config") - shutil.copy("xen/.config", "xen/.config.orig") - except OSError: - mtime = 0 - - oe_terminal("${SHELL} -c \"cd xen; XEN_CONFIG_EXPERT=y make %s; if [ \$? -ne 0 ]; then echo 'Command failed.'; printf 'Press any key to continue... '; read r; fi\"" % d.getVar('KCONFIG_CONFIG_COMMAND'), - d.getVar('PN') + ' Configuration', d) - - try: - newmtime = os.path.getmtime("xen/.config") - except OSError: - newmtime = 0 - - if newmtime > mtime: - bb.note("Configuration changed, recompile will be forced") - bb.build.write_taint('do_compile', d) } -do_menuconfig[depends] += "ncurses-native:do_populate_sysroot" -do_menuconfig[nostamp] = "1" -do_menuconfig[dirs] = "${B}" -addtask menuconfig after do_configure diff --git a/external/meta-virtualization/recipes-extended/xen/xen_4.11.0.bb b/external/meta-virtualization/recipes-extended/xen/xen_4.11.0.bb deleted file mode 100644 index 870caa72..00000000 --- a/external/meta-virtualization/recipes-extended/xen/xen_4.11.0.bb +++ /dev/null @@ -1,16 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/files:" -require xen.inc - -SRC_URI = " \ - https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \ - file://tools-xentop-vwprintw.patch \ - file://xen-4.11-arm-acpi-fix-string-lengths.patch \ - file://xen-tools-xenpmd-snprintf.patch \ - file://xen-disable-sse-before-inlines.patch \ - file://0001-python-pygrub-pass-DISTUTILS-env-vars-as-setup.py-ar.patch \ - " - -SRC_URI[md5sum] = "cbec0600284921744bc14119f4ed3fff" -SRC_URI[sha256sum] = "826e3a9f6d0eac94a825d272cc2c1294e22640ae75af906eb13920f9ad667643" - -S = "${WORKDIR}/xen-${PV}" diff --git a/external/meta-virtualization/recipes-extended/xen/xen_git.bb b/external/meta-virtualization/recipes-extended/xen/xen_git.bb index 0ebd81ce..a7475ac3 100644 --- a/external/meta-virtualization/recipes-extended/xen/xen_git.bb +++ b/external/meta-virtualization/recipes-extended/xen/xen_git.bb @@ -1,19 +1,15 @@ -require xen.inc +SRCREV ?= "a5fcafbfbee55261853fba07149c1c795f2baf58" + +XEN_REL ?= "4.12" +XEN_BRANCH ?= "stable-${XEN_REL}" -SRCREV ?= "2b50cdbc444c637575580dcfa6c9525a84d5cc62" +SRC_URI = "git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH}" -XEN_REL = "4.12" -XEN_BRANCH = "staging" -FLASK_POLICY_FILE = "xenpolicy-${XEN_REL}-unstable" +LIC_FILES_CHKSUM ?= "file://COPYING;md5=bbb4b1bdc2c3b6743da3c39d03249095" PV = "${XEN_REL}+git${SRCPV}" S = "${WORKDIR}/git" -SRC_URI = " \ - git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH} \ - file://xen-disable-sse-before-inlines.patch \ - file://0001-python-pygrub-pass-DISTUTILS-env-vars-as-setup.py-ar.patch \ - " - -DEFAULT_PREFERENCE = "-1" +require xen.inc +require xen-hypervisor.inc diff --git a/external/meta-virtualization/recipes-extended/xvisor/files/0001-TESTS-Don-t-specify-mabi-or-march-for-RISC-V.patch b/external/meta-virtualization/recipes-extended/xvisor/files/0001-TESTS-Don-t-specify-mabi-or-march-for-RISC-V.patch new file mode 100644 index 00000000..2e53943f --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xvisor/files/0001-TESTS-Don-t-specify-mabi-or-march-for-RISC-V.patch @@ -0,0 +1,34 @@ +From 022c885d077dce6fad3eca5fd2f54b2070c375d2 Mon Sep 17 00:00:00 2001 +From: Alistair Francis <alistair.francis@wdc.com> +Date: Fri, 17 May 2019 14:21:44 -0700 +Subject: [PATCH] TESTS: Don't specify mabi or march for RISC-V + +To avoid + can't link double-float modules with soft-float modules +errors when building 32-bit baremetal guests don't specify mabi +or march. + +Upstream-Status: Inappropriate [Fixes a 32-bit Yocto flow bug] +Signed-off-by: Alistair Francis <alistair.francis@wdc.com> +--- + tests/riscv/common/basic/Makefile.inc | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tests/riscv/common/basic/Makefile.inc b/tests/riscv/common/basic/Makefile.inc +index 9fa5abed..f3ff1864 100644 +--- a/tests/riscv/common/basic/Makefile.inc ++++ b/tests/riscv/common/basic/Makefile.inc +@@ -24,8 +24,8 @@ + ARCH_CPPFLAGS=$(board_cppflags) -DFIRMWARE_BOOT + ARCH_CPPFLAGS+=-DTEXT_START=$(board_text_start) + ifeq ($(board_32bit),y) +-ARCH_CFLAGS=$(board_cflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mabi=ilp32 -march=rv32imafdc -mcmodel=medany +-ARCH_ASFLAGS=$(board_asflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mabi=ilp32 -march=rv32imafdc -mcmodel=medany ++ARCH_CFLAGS=$(board_cflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mcmodel=medany ++ARCH_ASFLAGS=$(board_asflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mcmodel=medany + else + ARCH_CFLAGS=$(board_cflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mabi=lp64 -march=rv64imafdc -mcmodel=medany + ARCH_ASFLAGS=$(board_asflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mabi=lp64 -march=rv64imafdc -mcmodel=medany +-- +2.21.0 + diff --git a/external/meta-virtualization/recipes-extended/xvisor/xvisor-configs.inc b/external/meta-virtualization/recipes-extended/xvisor/xvisor-configs.inc new file mode 100644 index 00000000..099128dd --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xvisor/xvisor-configs.inc @@ -0,0 +1,25 @@ +def get_oemake_config(d): + plat = d.getVar('XVISOR_PLAT') + + if plat is None: + return "" + + if 'riscv/virt32' in plat: + return "generic-32b-defconfig" + if 'riscv/virt64' in plat: + return "generic-64b-defconfig" + + return "" + +def map_xvisor_arch(a, d): + import re + + if re.match('(i.86|x86.64)$', a): return 'x86' + elif re.match('armeb$', a): return 'arm' + elif re.match('aarch64$', a): return 'arm' + elif re.match('aarch64_be$', a): return 'arm' + elif re.match('aarch64_ilp32$', a): return 'arm' + elif re.match('aarch64_be_ilp32$', a): return 'arm' + elif re.match('riscv(32|64|)(eb|)$', a): return 'riscv' + else: + bb.error("cannot map '%s' to a Xvisor architecture" % a) diff --git a/external/meta-virtualization/recipes-extended/xvisor/xvisor_0.3.0.bb b/external/meta-virtualization/recipes-extended/xvisor/xvisor_0.3.0.bb new file mode 100644 index 00000000..66ad6187 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xvisor/xvisor_0.3.0.bb @@ -0,0 +1,44 @@ +SUMMARY = "Xvisor is an open-source type-1 hypervisor, which aims at providing a monolithic, light-weight, portable, and flexible virtualization solution." +DESCRIPTION = "Xvisor primarily supports Full virtualization hence, supports a wide range of unmodified guest operating systems. Paravirtualization is optional for Xvisor and will be supported in an architecture independent manner (such as VirtIO PCI/MMIO devices) to ensure no-change in guest OS for using paravirtualization." +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" +DEPENDS += "dtc-native dosfstools-native mtools-native" + +require xvisor-configs.inc + +inherit autotools-brokensep + +SRCREV = "58592ef18c71526a0045935d1e8eed5e8553b7d6" +SRC_URI = "git://github.com/xvisor/xvisor.git \ + file://0001-TESTS-Don-t-specify-mabi-or-march-for-RISC-V.patch \ + " + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE += "ARCH=\"${@map_xvisor_arch(d.getVar('TARGET_ARCH'), d)}\" I=${D}" + +CONFIG = "${@get_oemake_config(d)}" + +do_configure() { + oe_runmake ${CONFIG} +} + +do_install_append() { + install -d ${D} + install -m 755 ${B}/build/vmm.* ${D}/ + + # We don't need this + rm ${D}/system.map +} + +do_deploy () { + install -d ${DEPLOY_DIR_IMAGE} + install -m 755 ${D}/vmm.* ${DEPLOY_DIR_IMAGE}/ +} + +addtask deploy after do_install + +FILES_${PN} += "/vmm.*" + +COMPATIBLE_HOST = "(riscv64|riscv32).*" +INHIBIT_PACKAGE_STRIP = "1" |