diff options
Diffstat (limited to 'external/meta-virtualization')
286 files changed, 7458 insertions, 10640 deletions
diff --git a/external/meta-virtualization/.gitignore b/external/meta-virtualization/.gitignore index 65feb826..357aefeb 100644 --- a/external/meta-virtualization/.gitignore +++ b/external/meta-virtualization/.gitignore @@ -3,4 +3,6 @@ pyshtables.py *.swp *.orig *.rej +/*.patch *~ +scripts/lib/wic/plugins/source/__pycache__ diff --git a/external/meta-virtualization/MAINTAINERS b/external/meta-virtualization/MAINTAINERS new file mode 100644 index 00000000..1bb9a24a --- /dev/null +++ b/external/meta-virtualization/MAINTAINERS @@ -0,0 +1,34 @@ +This file contains a list of maintainers for the meta-virtualization layer. + +See the README file in this layer for patch send details. + +You may also contact the maintainers directly. + +Descriptions of section entries: + + M: Mail patches to: FullName <address@domain> + F: Files and directories with wildcard patterns. + A trailing slash includes all files and subdirectory files. + F: recipes-devtools/ all files in and below recipes-devtools + F: recipes-selinux/* all files in recipes-selinux, but not below + One pattern per line. Multiple F: lines acceptable. + +Please keep this list in alphabetical order. + +Maintainers List (try to look for most precise areas first) + +COMMON +M: Bruce Ashfield <bruce.ashfield@gmail.com> +L: meta-virtualization@lists.yoctoproject.org +S: Maintained +F: conf/ +F: classes/ +F: docs/ +F: files/ +F: recipes-* + +XEN +M: Christopher Clark <christopher.w.clark@gmail.com> +F: recipes-extended/xen/ +F: recipes-extended/uxen/ +F: recipes-extended/images/*xen*.bb diff --git a/external/meta-virtualization/README b/external/meta-virtualization/README index 810f263c..88068f30 100644 --- a/external/meta-virtualization/README +++ b/external/meta-virtualization/README @@ -28,6 +28,7 @@ that may also be enabled: - xen: enables xen functionality in various packages (kernel, libvirt, etc) - kvm: enables KVM configurations in the kernel and autoloads modules + - k8s: enables kubernets configurations in the kernel, tools and configuration - aufs: enables aufs support in docker and linux-yocto - x11: enable xen and libvirt functionality related to x11 - selinux: enables functionality in libvirt and lxc @@ -59,15 +60,31 @@ branch: master revision: HEAD prio: default +Required for Ceph: +URI: git://git.yoctoproject.org/meta-cloud-services +branch: master +revision: HEAD +prio: default + +Required for cri-o: +URI: git://github.com/advancedtelematic/meta-updater +URI: git://git.yoctoproject.org/meta-selinux +URI: git://git.yoctoproject.org/meta-security +branch: master +revision: HEAD +prio: default + + Maintenance ----------- -Send pull requests, patches, comments or questions to meta-virtualization@yoctoproject.org +Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org Maintainer: Bruce Ashfield <bruce.ashfield@gmail.com> +see MAINTAINERS for more specific information When sending single patches, please using something like: -$ git send-email -1 -M --to meta-virtualization@yoctoproject.org --subject-prefix='meta-virtualization][PATCH' +$ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH' License ------- diff --git a/external/meta-virtualization/classes/image-oci.bbclass b/external/meta-virtualization/classes/image-oci.bbclass new file mode 100644 index 00000000..c256b12c --- /dev/null +++ b/external/meta-virtualization/classes/image-oci.bbclass @@ -0,0 +1,144 @@ +# +# This image class creates an oci image spec directory from a generated +# rootfs. The contents of the rootfs do not matter (i.e. they need not be +# container optimized), but by using the container image type and small +# footprint images, we can create directly executable container images. +# +# Once the tarball (or oci image directory) has been created of the OCI +# image, it can be manipulated by standard tools. For example, to create a +# runtime bundle from the oci image, the following can be done: +# +# Assuming the image name is "container-base": +# +# If the oci image was a tarball, extract it (skip, if a directory is being directly used) +# % tar xvf container-base-<arch>-<stamp>.rootfs-oci-latest-x86_64-linux.oci-image.tar +# +# And then create the bundle: +# % oci-image-tool create --ref name=latest container-base-<arch>-<stamp>.rootfs-oci container-base-oci-bundle +# +# Or to copy (push) the oci image to a docker registry, skopeo can be used (vary the +# tag based on the created oci image: +# +# % skopeo copy --dest-creds <username>:<password> oci:container-base-<arch>-<stamp>:latest docker://zeddii/container-base +# + +# We'd probably get this through the container image typdep, but just +# to be sure, we'll repeat it here. +ROOTFS_BOOTSTRAP_INSTALL = "" +# we want container and tar.bz2's to be created +IMAGE_TYPEDEP_oci = "container tar.bz2" +# sloci is the script/project that will create the oci image +do_image_oci[depends] += "sloci-image-native:do_populate_sysroot" + +# +# image type configuration block +# +OCI_IMAGE_AUTHOR ?= "${PATCH_GIT_USER_NAME}" +OCI_IMAGE_AUTHOR_EMAIL ?= "${PATCH_GIT_USER_EMAIL}" + +OCI_IMAGE_TAG ?= "latest" +OCI_IMAGE_RUNTIME_UID ?= "" + +OCI_IMAGE_ARCH ?= "${TARGET_ARCH}" +OCI_IMAGE_SUBARCH ?= "${@oci_map_subarch(d.getVar('TARGET_ARCH'), d.getVar('TUNE_FEATURES'), d)}" + +OCI_IMAGE_ENTRYPOINT ?= "sh" +OCI_IMAGE_ENTRYPOINT_ARGS ?= "" +OCI_IMAGE_WORKINGDIR ?= "" + +# List of ports to expose from a container running this image: +# PORT[/PROT] +# format: <port>/tcp, <port>/udp, or <port> (same as <port>/tcp). +OCI_IMAGE_PORTS ?= "" + +# key=value list of labels +OCI_IMAGE_LABELS ?= "" +# key=value list of environment variables +OCI_IMAGE_ENV_VARS ?= "" + +# whether the oci image dir should be left as a directory, or +# bundled into a tarball. +OCI_IMAGE_TAR_OUTPUT ?= "true" + +# Generate a subarch that is appropriate to OCI image +# types. This is typically only ARM architectures at the +# moment. +def oci_map_subarch(a, f, d): + import re + if re.match('arm.*', a): + if 'armv7' in f: + return 'v7' + elif 'armv6' in f: + return 'v6' + elif 'armv5' in f: + return 'v5' + return '' + return '' + +IMAGE_CMD_oci() { + sloci_options="" + + bbdebug 1 "OCI image settings:" + bbdebug 1 " author: ${OCI_IMAGE_AUTHOR}" + bbdebug 1 " author email: ${OCI_IMAGE_AUTHOR_EMAIL}" + bbdebug 1 " tag: ${OCI_IMAGE_TAG}" + bbdebug 1 " arch: ${OCI_IMAGE_ARCH}" + bbdebug 1 " subarch: ${OCI_IMAGE_SUBARCH}" + bbdebug 1 " entrypoint: ${OCI_IMAGE_ENTRYPOINT}" + bbdebug 1 " entrypoing args: ${OCI_IMAGE_ENTRYPOINT_ARGS}" + bbdebug 1 " labels: ${OCI_IMAGE_LABELS}" + bbdebug 1 " uid: ${OCI_IMAGE_RUNTIME_UID}" + bbdebug 1 " working dir: ${OCI_IMAGE_WORKINGDIR}" + bbdebug 1 " env vars: ${OCI_IMAGE_ENV_VARS}" + bbdebug 1 " ports: ${OCI_IMAGE_PORTS}" + + # Change into the image deploy dir to avoid having any output operations capture + # long directories or the location. + cd ${IMGDEPLOYDIR} + + oci_image_label_options="" + if [ -n "${OCI_IMAGE_LABELS}" ]; then + for l in ${OCI_IMAGE_LABELS}; do + oci_image_label_options="${oci_image_label_options} --label ${l}" + done + fi + oci_image_env_options="" + if [ -n "${OCI_IMAGE_ENV_VARS}" ]; then + for l in ${OCI_IMAGE_ENV_VARS}; do + oci_image_env_options="${oci_image_env_options} --env ${l}" + done + fi + oci_image_port_options="" + if [ -n "${OCI_IMAGE_PORTS}" ]; then + for l in ${OCI_IMAGE_PORTS}; do + oci_image_port_options="${oci_image_port_options} --port ${l}" + done + fi + + if [ -n "${OCI_IMAGE_RUNTIME_UID}" ]; then + oci_image_user_options="--user ${OCI_IMAGE_RUNTIME_UID}" + fi + + if [ -n "${OCI_IMAGE_WORKINGDIR}" ]; then + oci_image_working_dir_options="--working-dir ${OCI_IMAGE_WORKINGDIR}" + fi + + if [ -n "${OCI_IMAGE_TAR_OUTPUT}" ]; then + sloci_options="$sloci_options --tar" + fi + + # options that always appear are required for a valid oci container image + # others are optional based on settings. + sloci-image $sloci_options \ + --arch ${OCI_IMAGE_ARCH} \ + --arch-variant "${OCI_IMAGE_SUBARCH}" \ + --entrypoint ${OCI_IMAGE_ENTRYPOINT} \ + --cmd "${OCI_IMAGE_ENTRYPOINT_ARGS}" \ + --author ${OCI_IMAGE_AUTHOR_EMAIL} \ + ${oci_image_user_options} \ + ${oci_image_label_options} \ + ${oci_image_env_options} \ + ${oci_image_working_dir_options} \ + ${oci_image_port_options} \ + ${IMAGE_ROOTFS} ${IMAGE_NAME}${IMAGE_NAME_SUFFIX}-oci:${OCI_IMAGE_TAG} +} diff --git a/external/meta-virtualization/classes/meta-virt-cfg.bbclass b/external/meta-virtualization/classes/meta-virt-cfg.bbclass new file mode 100644 index 00000000..a20f9fea --- /dev/null +++ b/external/meta-virtualization/classes/meta-virt-cfg.bbclass @@ -0,0 +1,6 @@ +# We need to load the meta-virt config components, only if "virtualization" +# is in the distro features. Since we don't know the distro flags during +# layer.conf load time, we delay using a special bbclass that simply includes +# the META_VIRT_CONFIG_PATH file. + +include ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', '${META_VIRT_CONFIG_PATH}', '', d)} diff --git a/external/meta-virtualization/classes/meta-virt-k8s-cfg.bbclass b/external/meta-virtualization/classes/meta-virt-k8s-cfg.bbclass new file mode 100644 index 00000000..f1d7f81e --- /dev/null +++ b/external/meta-virtualization/classes/meta-virt-k8s-cfg.bbclass @@ -0,0 +1,6 @@ +# We need to load the meta-virt config components, only if "k8s" +# is in the distro features. Since we don't know the distro flags during +# layer.conf load time, we delay using a special bbclass that simply includes +# the K8S_CONFIG_PATH file. + +include ${@bb.utils.contains('DISTRO_FEATURES', 'k8s', '${K8S_CONFIG_PATH}', '', d)} diff --git a/external/meta-virtualization/conf/distro/include/k8s-versions.inc b/external/meta-virtualization/conf/distro/include/k8s-versions.inc new file mode 100644 index 00000000..b4ec6b63 --- /dev/null +++ b/external/meta-virtualization/conf/distro/include/k8s-versions.inc @@ -0,0 +1 @@ +# placeholder for k8s specific versions diff --git a/external/meta-virtualization/conf/distro/include/meta-virt-default-versions.inc b/external/meta-virtualization/conf/distro/include/meta-virt-default-versions.inc index 27e7b90d..299b5dfc 100644 --- a/external/meta-virtualization/conf/distro/include/meta-virt-default-versions.inc +++ b/external/meta-virtualization/conf/distro/include/meta-virt-default-versions.inc @@ -1,9 +1,3 @@ # Meta-virtuailization PREFERED_VERSION -PREFERRED_VERSION_python-blinker = "1.3" -PREFERRED_VERSION_python-gevent = "1.0.1" -PREFERRED_VERSION_python-m2crypto = "0.22.3" -PREFERRED_VERSION_python-pyyaml = "3.11" -PREFERRED_VERSION_python-redis = "2.10.3" -PREFERRED_VERSION_python-sqlalchemy = "1.1.5" -PREFERRED_VERSION_python-werkzeug = "0.10.4" +# placeholder for preferred versions diff --git a/external/meta-virtualization/conf/layer.conf b/external/meta-virtualization/conf/layer.conf index dc42e603..697fb622 100644 --- a/external/meta-virtualization/conf/layer.conf +++ b/external/meta-virtualization/conf/layer.conf @@ -14,7 +14,7 @@ LICENSE_PATH += "${LAYERDIR}/files/custom-licenses" # This should only be incremented on significant changes that will # cause compatibility issues with other layers LAYERVERSION_virtualization-layer = "1" -LAYERSERIES_COMPAT_virtualization-layer = "sumo thud" +LAYERSERIES_COMPAT_virtualization-layer = "zeus dunfell" LAYERDEPENDS_virtualization-layer = " \ core \ openembedded-layer \ @@ -26,6 +26,7 @@ LAYERDEPENDS_virtualization-layer = " \ # webserver: naigos requires apache2 LAYERRECOMMENDS_virtualization-layer = " \ webserver \ + selinux \ " # Override security flags @@ -33,9 +34,17 @@ require conf/distro/include/virt_security_flags.inc PREFERRED_PROVIDER_virtual/runc ?= "runc-docker" PREFERRED_PROVIDER_virtual/containerd ?= "containerd-opencontainers" +PREFERRED_PROVIDER_virtual/docker ?= "docker-ce" # Sanity check for meta-virtualization layer. # Setting SKIP_META_VIRT_SANITY_CHECK to "1" would skip the bbappend files check. INHERIT += "sanity-meta-virt" -require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', 'meta-virt-default-versions.inc', '', d)} +# We need to load the meta-virt config components, only if "virtualization" +# is in the distro features. Since we don't know the distro flags during +# layer.conf load time, we delay using a special bbclass that simply includes +# the META_VIRT_CONFIG_PATH file, and likewise for the k8s configs +META_VIRT_CONFIG_PATH = "${LAYERDIR}/conf/distro/include/meta-virt-default-versions.inc" +K8S_CONFIG_PATH = "${LAYERDIR}/conf/distro/include/k8s-versions.inc" +USER_CLASSES_append = " meta-virt-cfg" +USER_CLASSES_append = " meta-virt-k8s-cfg" diff --git a/external/meta-virtualization/meta-virt-roadmap.txt b/external/meta-virtualization/meta-virt-roadmap.txt new file mode 100755 index 00000000..dd27e090 --- /dev/null +++ b/external/meta-virtualization/meta-virt-roadmap.txt @@ -0,0 +1,87 @@ +The roadmap items are broken into the following broad categories: + + - container runtimes + - hypervisor base support + - build system / workflow + - container stacks / management + - container images / applications / artifacts + - container base / support components (tools, plugins, etc) + +The numbers in () are timeframes for the work to be completed. + +Container base packages / support: + + - package refresh (6) + +Container "Stacks", with integrated unit or system level testing in meta-virt: + + - base stacks: docker, containerd, podman + - reference "full" stacks: k8s, k3s + + - containerd (nearly done, 6 months) + - docker (done) + - podman (nearly done, 6 months) + - k8s (6-12 months) + - k3s / micro k8s (12 months) + - cri-o (6) + +Container Images / Reference Platforms: + + - OverC / Oryx / Other reference platforms for small footprint testing (6-12) + - Reference container boot / initramfs (OverC) (6) + + - Reference container base images (6) + - small (aka alpine-like) + - medium (aka debian) + - large (aka ubuntu) + - system (aka multiprocess) + + - Container registry base / sample containers (12-18) + + - rootless / unpriv containers (6) + +Container runtimes: + + - runx (6) + - kata containers (12) + - runc (done) + - crun (done) + - pflask (done) + +Hypervisor base support: + + - xen refresh (community) + - KVM (done) + - jailhouse (roadmap: community. 12-18) + +Container support components: + + - CNI refresh (6) + - CNI multus (6-12) + - Additional Container networking plugins (roadmap) + + - h/w accelerated containers (12) + - fpga / pci / other + +Build system / workflow: + + - Binary reference package feed integration / container extension (12) + - Decoupled container update + - "Docker build" type functionality + + - OCI container image backend + - sloci (done) + - skopeo (6) + - buildah (6-12) + - ... + + - Host side (builder) container installer (12) + - skopeo .... + + - SDK based container update (12) + + - devtool / recipe / manual: build -> deploy (k8s, other) (12) + - local / build host deploy and test (6) + + - microservice reference workflow / container base + diff --git a/external/meta-virtualization/recipes-containers/cgroup-lite/cgroup-lite_1.15.bb b/external/meta-virtualization/recipes-containers/cgroup-lite/cgroup-lite_1.15.bb index 7b48c3ac..45cc287c 100644 --- a/external/meta-virtualization/recipes-containers/cgroup-lite/cgroup-lite_1.15.bb +++ b/external/meta-virtualization/recipes-containers/cgroup-lite/cgroup-lite_1.15.bb @@ -22,9 +22,9 @@ SYSTEMD_AUTO_ENABLE_${PN} = "mask" do_install() { - install -d ${D}/bin - install -m 0755 ${S}/scripts/cgroups-mount ${D}/bin - install -m 0755 ${S}/scripts/cgroups-umount ${D}/bin + install -d ${D}/${base_bindir} + install -m 0755 ${S}/scripts/cgroups-mount ${D}/${base_bindir} + install -m 0755 ${S}/scripts/cgroups-umount ${D}/${base_bindir} install -d ${D}${sysconfdir}/init.d install -m 0755 ${WORKDIR}/cgroups-init ${D}${sysconfdir}/init.d/cgroups-init diff --git a/external/meta-virtualization/recipes-containers/conmon/conmon_2.0.11.bb b/external/meta-virtualization/recipes-containers/conmon/conmon_2.0.11.bb new file mode 100644 index 00000000..a5bd5271 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/conmon/conmon_2.0.11.bb @@ -0,0 +1,32 @@ +SUMMARY = "An OCI container runtime monitor" +SECTION = "console/utils" +HOMEPAGE = "https://github.com/containers/conmon" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=61af0b6932ea7b12fb9142721043bc77" + +DEPENDS = "glib-2.0" + +SRCREV = "ff9d97a08d7a4b58267ac03719786e4e7258cecf" +SRC_URI = "\ + git://github.com/containers/conmon.git \ +" + +SRC_URI[md5sum] = "5c711911d766d76813333c3812277574" +SRC_URI[sha256sum] = "4c31278b2c03e5be5a696c3088bc86cf2557a70e00f697799c163aba18e3c40e" + +S = "${WORKDIR}/git" + +inherit pkgconfig + +EXTRA_OEMAKE = "PREFIX=${prefix} BINDIR=${bindir} LIBEXECDIR=${libexecdir}" + +PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" +PACKAGECONFIG[systemd] = ",,systemd" + +do_install() { + oe_runmake 'DESTDIR=${D}' install +} + +FILES_${PN} += " \ + ${bindir}/conmon \ +" diff --git a/external/meta-virtualization/recipes-containers/containerd/containerd-opencontainers/0001-Add-build-option-GODEBUG-1.patch b/external/meta-virtualization/recipes-containers/containerd/containerd-opencontainers/0001-Add-build-option-GODEBUG-1.patch new file mode 100644 index 00000000..05c4f153 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/containerd/containerd-opencontainers/0001-Add-build-option-GODEBUG-1.patch @@ -0,0 +1,42 @@ +From 84874e47aa2025b8e73df0286c44f3b8a1d9fdb2 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Mon, 2 Sep 2019 16:20:07 +0800 +Subject: [PATCH] Add build option "GODEBUG=1" + +Make will generate GDB friendly binary with this build option. + +Signed-off-by: Hui Zhu <teawater@hyper.sh> + +Upstream-Status: Backport [c5a0c7f491b435e4eb45972903b00e2d8ed46495] + +Partly backport and refresh to v1.2.7 +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + src/import/Makefile | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/import/Makefile b/src/import/Makefile +index 4355395..4fb5d3b 100644 +--- a/src/import/Makefile ++++ b/src/import/Makefile +@@ -75,11 +75,15 @@ TEST_REQUIRES_ROOT_PACKAGES=$(filter \ + COMMANDS=ctr containerd containerd-stress + MANPAGES=ctr.1 containerd.1 containerd-config.1 containerd-config.toml.5 + ++ifndef GODEBUG ++ EXTRA_LDFLAGS += -s -w ++endif ++ + # Build tags seccomp and apparmor are needed by CRI plugin. + BUILDTAGS ?= seccomp apparmor + GO_TAGS=$(if $(BUILDTAGS),-tags "$(BUILDTAGS)",) +-GO_LDFLAGS=-ldflags '-s -w -X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) $(EXTRA_LDFLAGS)' +-SHIM_GO_LDFLAGS=-ldflags '-s -w -X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) -extldflags "-static"' ++GO_LDFLAGS=-ldflags '-X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) $(EXTRA_LDFLAGS)' ++SHIM_GO_LDFLAGS=-ldflags '-X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) -extldflags "-static" $(EXTRA_LDFLAGS)' + + #Replaces ":" (*nix), ";" (windows) with newline for easy parsing + GOPATHS=$(shell echo ${GOPATH} | tr ":" "\n" | tr ";" "\n") +-- +2.7.4 + diff --git a/external/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb b/external/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb index c6b4f5e4..347eae5d 100644 --- a/external/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb +++ b/external/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb @@ -1,11 +1,16 @@ -SRCREV = "cfd04396dc68220d1cecbe686a6cc3aa5ce3667c" -SRC_URI = "git://github.com/containerd/containerd;nobranch=1 \ +SRCREV = "fd103cb716352c7e19768e4fed057f71d68902a0" +SRC_URI = "git://github.com/containerd/containerd;branch=release/1.2 \ file://0001-build-use-oe-provided-GO-and-flags.patch \ + file://0001-Add-build-option-GODEBUG-1.patch \ " include containerd.inc -CONTAINERD_VERSION = "v1.0.2" +LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=1269f40c0d099c21a871163984590d89" + +CONTAINERD_VERSION = "v1.2.7" + +EXTRA_OEMAKE += "GODEBUG=1" PROVIDES += "virtual/containerd" RPROVIDES_${PN} = "virtual/containerd" diff --git a/external/meta-virtualization/recipes-containers/containerd/containerd.inc b/external/meta-virtualization/recipes-containers/containerd/containerd.inc index 0eca5a64..e226edf1 100644 --- a/external/meta-virtualization/recipes-containers/containerd/containerd.inc +++ b/external/meta-virtualization/recipes-containers/containerd/containerd.inc @@ -12,14 +12,13 @@ SRC_URI += "file://containerd.service" S = "${WORKDIR}/git" -PV = "${CONTAINERD_VERSION}+git${SRCREV}" +PV = "${CONTAINERD_VERSION}+git${SRCPV}" inherit go inherit goarch GO_IMPORT = "import" -RRECOMMENDS_${PN} = "lxc docker" CONTAINERD_PKG="github.com/containerd/containerd" INSANE_SKIP_${PN} += "ldflags" @@ -34,14 +33,24 @@ do_compile() { ln -sf ./ ${S}/src/import/vendor/src mkdir -p ${S}/src/import/vendor/src/github.com/containerd/containerd/ + mkdir -p ${S}/src/import/vendor/src/github.com/containerd/containerd/pkg/ + mkdir -p ${S}/src/import/vendor/src/github.com/containerd/containerd/contrib/ # without this, the stress test parts of the build fail cp ${S}/src/import/*.go ${S}/src/import/vendor/src/github.com/containerd/containerd for c in content errdefs fs images mount snapshots linux api runtimes defaults progress \ protobuf reference diff platforms runtime remotes version archive dialer gc metadata \ metrics filters identifiers labels leases plugin server services \ - cmd cio containers namespaces oci events log reaper sys rootfs; do - ln -sfn ${S}/src/import/${c} ${S}/src/import/vendor/github.com/containerd/containerd/${c} + cmd cio containers namespaces oci events log reaper sys rootfs nvidia seed apparmor seccomp; do + if [ -d ${S}/src/import/${c} ]; then + ln -sfn ${S}/src/import/${c} ${S}/src/import/vendor/github.com/containerd/containerd/${c} + fi + if [ -d ${S}/src/import/pkg/${c} ]; then + ln -sfn ${S}/src/import/pkg/${c} ${S}/src/import/vendor/github.com/containerd/containerd/pkg/${c} + fi + if [ -d ${S}/src/import/contrib/${c} ]; then + ln -sfn ${S}/src/import/contrib/${c} ${S}/src/import/vendor/github.com/containerd/containerd/contrib/${c} + fi done export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go" @@ -86,7 +95,6 @@ do_install() { FILES_${PN} += "${systemd_system_unitdir}/*" -INHIBIT_PACKAGE_STRIP = "1" INSANE_SKIP_${PN} += "ldflags already-stripped" COMPATIBLE_HOST = "^(?!(qemu)?mips).*" diff --git a/external/meta-virtualization/recipes-containers/containerd/files/0001-build-use-oe-provided-GO-and-flags.patch b/external/meta-virtualization/recipes-containers/containerd/files/0001-build-use-oe-provided-GO-and-flags.patch index 75a984be..d4d5973e 100644 --- a/external/meta-virtualization/recipes-containers/containerd/files/0001-build-use-oe-provided-GO-and-flags.patch +++ b/external/meta-virtualization/recipes-containers/containerd/files/0001-build-use-oe-provided-GO-and-flags.patch @@ -1,26 +1,42 @@ -From e31acef290181434efaf47e70db7ad0d92dbe300 Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield <bruce.ashfield@windriver.com> -Date: Thu, 19 Apr 2018 17:09:51 -0400 +From 408e8b526d490af817a64b7220e8e2c3789de58f Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@gmail.com> +Date: Sun, 10 Feb 2019 23:46:06 +0000 Subject: [PATCH] build: use oe provided GO and flags -Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> +We want to use the go compiler as defined in the oe-enviroment, not the +generic call to 'go'. Without changing this, we'll get things like cgo +errors and invalid flag combos. + +Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> --- - Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) + Makefile | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) -diff --git a/src/import/Makefile b/src/import/Makefile -index 9d8cf8a18fbc..492d033fe2a7 100644 ---- a/src/import/Makefile -+++ b/src/import/Makefile -@@ -134,7 +134,7 @@ bin/%: cmd/% FORCE +Index: git/src/import/Makefile +=================================================================== +--- git.orig/src/import/Makefile ++++ git/src/import/Makefile +@@ -166,19 +166,19 @@ + # Build a binary from a cmd. + bin/%: cmd/% FORCE + @echo "$(WHALE) $@${BINARY_SUFFIX}" +- @go build ${GO_GCFLAGS} ${GO_BUILD_FLAGS} -o $@${BINARY_SUFFIX} ${GO_LDFLAGS} ${GO_TAGS} ./$< ++ @$(GO) build ${GO_GCFLAGS} ${GO_BUILD_FLAGS} -o $@${BINARY_SUFFIX} ${GO_LDFLAGS} ${GO_TAGS} ./$< bin/containerd-shim: cmd/containerd-shim FORCE # set !cgo and omit pie for a static shim build: https://github.com/golang/go/issues/17789#issuecomment-258542220 @echo "$(WHALE) bin/containerd-shim" -- @CGO_ENABLED=0 go build -o bin/containerd-shim ${SHIM_GO_LDFLAGS} ${GO_TAGS} ./cmd/containerd-shim -+ @$(GO) build -o bin/containerd-shim ${SHIM_GO_LDFLAGS} $(GOBUILDFLAGS) ${GO_TAGS} ./cmd/containerd-shim +- @CGO_ENABLED=0 go build ${GO_BUILD_FLAGS} -o bin/containerd-shim ${SHIM_GO_LDFLAGS} ${GO_TAGS} ./cmd/containerd-shim ++ @$(GO) build ${GO_BUILD_FLAGS} -o bin/containerd-shim ${SHIM_GO_LDFLAGS} ${GO_TAGS} ./cmd/containerd-shim + + bin/containerd-shim-runc-v1: cmd/containerd-shim-runc-v1 FORCE # set !cgo and omit pie for a static shim build: https://github.com/golang/go/issues/17789#issuecomment-258542220 + @echo "$(WHALE) bin/containerd-shim-runc-v1" +- @CGO_ENABLED=0 go build ${GO_BUILD_FLAGS} -o bin/containerd-shim-runc-v1 ${SHIM_GO_LDFLAGS} ${GO_TAGS} ./cmd/containerd-shim-runc-v1 ++ @$(GO) build ${GO_BUILD_FLAGS} -o bin/containerd-shim-runc-v1 ${SHIM_GO_LDFLAGS} ${GO_TAGS} ./cmd/containerd-shim-runc-v1 + + bin/containerd-shim-runhcs-v1: cmd/containerd-shim-runhcs-v1 FORCE # set !cgo and omit pie for a static shim build: https://github.com/golang/go/issues/17789#issuecomment-258542220 + @echo "$(WHALE) bin/containerd-shim-runhcs-v1${BINARY_SUFFIX}" +- @CGO_ENABLED=0 go build ${GO_BUILD_FLAGS} -o bin/containerd-shim-runhcs-v1${BINARY_SUFFIX} ${SHIM_GO_LDFLAGS} ${GO_TAGS} ./cmd/containerd-shim-runhcs-v1 ++ @$(GO) build ${GO_BUILD_FLAGS} -o bin/containerd-shim-runhcs-v1${BINARY_SUFFIX} ${SHIM_GO_LDFLAGS} $(GOBUILDFLAGS) ${GO_TAGS} ./cmd/containerd-shim-runhcs-v1 binaries: $(BINARIES) ## build binaries @echo "$(WHALE) $@" --- -2.4.0.53.g8440f74 - diff --git a/external/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb b/external/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb index 822c57ff..ebf5bab3 100644 --- a/external/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb +++ b/external/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb @@ -14,9 +14,9 @@ At a high level, we expect the scope of cri-o to be restricted to the following - Resource isolation as required by the CRI \ " -SRCREV_cri-o = "774a29ecf6855f2dff266dc2aa2fe81d7d964465" +SRCREV_cri-o = "6d0ffae63b9b7d8f07e7f9cf50736a67fb31faf3" SRC_URI = "\ - git://github.com/kubernetes-sigs/cri-o.git;nobranch=1;name=cri-o \ + git://github.com/kubernetes-sigs/cri-o.git;branch=release-1.17;name=cri-o \ file://0001-Makefile-force-symlinks.patch \ file://crio.conf \ " @@ -27,7 +27,7 @@ LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=e3fc50a88d0a364313df4b21ef20c2 GO_IMPORT = "import" -PV = "1.12.0+git${SRCREV_cri-o}" +PV = "1.17.0+git${SRCREV_cri-o}" DEPENDS = " \ glib-2.0 \ @@ -35,15 +35,34 @@ DEPENDS = " \ gpgme \ ostree \ libdevmapper \ + libseccomp \ + libselinux \ " RDEPENDS_${PN} = " \ cni \ + libdevmapper \ " +python __anonymous() { + msg = "" + # ERROR: Nothing PROVIDES 'libseccomp' (but /buildarea/layers/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb DEPENDS on or otherwise requires it). + # ERROR: Required build target 'meta-world-pkgdata' has no buildable providers. + # Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'cri-o', 'libseccomp'] + if 'security' not in d.getVar('BBFILE_COLLECTIONS').split(): + msg += "Make sure meta-security should be present as it provides 'libseccomp'" + raise bb.parse.SkipRecipe(msg) + # ERROR: Nothing PROVIDES 'libselinux' (but /buildarea/layers/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb DEPENDS on or otherwise requires it). + # ERROR: Required build target 'meta-world-pkgdata' has no buildable providers. + # Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'cri-o', 'libselinux'] + elif 'selinux' not in d.getVar('BBFILE_COLLECTIONS').split(): + msg += "Make sure meta-selinux should be present as it provides 'libselinux'" + raise bb.parse.SkipRecipe(msg) +} + PACKAGES =+ "${PN}-config" RDEPENDS_${PN} += " virtual/containerd virtual/runc" -RDEPENDS_${PN} += " e2fsprogs-mke2fs" +RDEPENDS_${PN} += " e2fsprogs-mke2fs conmon util-linux iptables conntrack-tools" inherit systemd inherit go @@ -53,46 +72,11 @@ inherit pkgconfig EXTRA_OEMAKE="BUILDTAGS=''" do_compile() { - export GOARCH="${TARGET_GOARCH}" - export GOROOT="${STAGING_LIBDIR_NATIVE}/${TARGET_SYS}/go" - export GOPATH="${S}/src/import:${S}/src/import/vendor" - - # Pass the needed cflags/ldflags so that cgo - # can find the needed headers files and libraries - export CGO_ENABLED="1" - export CFLAGS="" - export LDFLAGS="" - export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" - - # link fixups for compilation - rm -f ${S}/src/import/vendor/src - ln -sf ./ ${S}/src/import/vendor/src - - mkdir -p ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o - ln -sf ../../../../cmd ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/cmd - ln -sf ../../../../test ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/test - ln -sf ../../../../oci ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/oci - ln -sf ../../../../server ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/server - ln -sf ../../../../pkg ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/pkg - ln -sf ../../../../libpod ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/libpod - ln -sf ../../../../libkpod ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/libkpod - ln -sf ../../../../utils ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/utils - ln -sf ../../../../types ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/types - ln -sf ../../../../version ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/version - ln -sf ../../../../lib ${S}/src/import/vendor/github.com/kubernetes-sigs/cri-o/lib - - export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go" - export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go" - - # Pass the needed cflags/ldflags so that cgo - # can find the needed headers files and libraries - export CGO_ENABLED="1" - export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" + set +e cd ${S}/src/import + oe_runmake local-cross oe_runmake binaries } @@ -101,12 +85,14 @@ SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','crio. SYSTEMD_AUTO_ENABLE_${PN} = "enable" do_install() { + set +e localbindir="/usr/local/bin" install -d ${D}${localbindir} install -d ${D}/${libexecdir}/crio install -d ${D}/${sysconfdir}/crio install -d ${D}${systemd_unitdir}/system/ + install -d ${D}/usr/share/containers/oci/hooks.d install ${WORKDIR}/crio.conf ${D}/${sysconfdir}/crio/crio.conf @@ -114,22 +100,25 @@ do_install() { install -d ${D}/${sysconfdir}/crio/config/ install -m 755 -D ${S}/src/import/test/testdata/* ${D}/${sysconfdir}/crio/config/ - install ${S}/src/import/bin/crio ${D}/${localbindir} - install ${S}/src/import/bin/crio-config ${D}/${localbindir} - - install ${S}/src/import/bin/conmon ${D}/${localbindir}/crio - install ${S}/src/import/bin/pause ${D}/${localbindir}/crio + install ${S}/src/import/bin/crio.cross.linux* ${D}/${localbindir}/crio + install ${S}/src/import/bin/crio-status ${D}/${localbindir}/ + install ${S}/src/import/bin/pinns ${D}/${localbindir}/ install -m 0644 ${S}/src/import/contrib/systemd/crio.service ${D}${systemd_unitdir}/system/ install -m 0644 ${S}/src/import/contrib/systemd/crio-shutdown.service ${D}${systemd_unitdir}/system/ + install -m 0644 ${S}/src/import/contrib/systemd/crio-wipe.service ${D}${systemd_unitdir}/system/ } FILES_${PN}-config = "${sysconfdir}/crio/config/*" FILES_${PN} += "${systemd_unitdir}/system/*" FILES_${PN} += "/usr/local/bin/*" +FILES_${PN} += "/usr/share/containers/oci/hooks.d" + +# don't clobber hooks.d +ALLOW_EMPTY_${PN} = "1" -INHIBIT_PACKAGE_STRIP = "1" INSANE_SKIP_${PN} += "ldflags already-stripped" deltask compile_ptest_base +COMPATIBLE_HOST = "^(?!(qemu)?mips).*" diff --git a/external/meta-virtualization/recipes-containers/cri-o/files/Makefile-skip-install-when-generating-the-config.h.patch b/external/meta-virtualization/recipes-containers/cri-o/files/Makefile-skip-install-when-generating-the-config.h.patch new file mode 100644 index 00000000..24c7e9d7 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/cri-o/files/Makefile-skip-install-when-generating-the-config.h.patch @@ -0,0 +1,43 @@ +From 3822e834d2dbd87a4dc8cdd36e7fe3b0e9020c4f Mon Sep 17 00:00:00 2001 +From: Mark Asselstine <mark.asselstine@windriver.com> +Date: Tue, 9 Apr 2019 13:52:59 -0400 +Subject: [PATCH] Makefile: skip install when generating the config.h + +When running 'go build' "The -i flag installs the packages that are +dependencies of the target." The Makefile makes use of this since many +of the dependencies needed to complete this rule will be used to by +other rules in the Makefile, thus speeding the overall build time +(avoiding redoing work). + +In our case the crio-config tool and its dependencies are not being +cross-compiled as they have to run locally to produce the +conmon/config.h file and thus installing them is not useful. In this +case there are no savings and can actually result in errors during the +build or if the build ARCH and target ARCH are the same, a potential +for host contamination. + +So we drop the use of '-i'. + +Upstream-Status: Inappropriate [cross compile issue] + +Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/import/Makefile b/src/import/Makefile +index b9fa97f..8336a5b 100644 +--- a/src/import/Makefile ++++ b/src/import/Makefile +@@ -109,7 +109,7 @@ release-note: + @$(GOPATH)/bin/release-tool -n $(release) + + conmon/config.h: cmd/crio-config/config.go oci/oci.go +- $(GO) build -i $(LDFLAGS) -o bin/crio-config $(PROJECT)/cmd/crio-config ++ $(GO) build $(LDFLAGS) -o bin/crio-config $(PROJECT)/cmd/crio-config + ( cd conmon && $(CURDIR)/bin/crio-config ) + + clean: +-- +2.7.4 + diff --git a/external/meta-virtualization/recipes-containers/cri-o/files/crio.conf b/external/meta-virtualization/recipes-containers/cri-o/files/crio.conf index 51d7f404..899d255b 100644 --- a/external/meta-virtualization/recipes-containers/cri-o/files/crio.conf +++ b/external/meta-virtualization/recipes-containers/cri-o/files/crio.conf @@ -24,7 +24,7 @@ storage_option = [ [crio.api] # listen is the path to the AF_LOCAL socket on which crio will listen. -listen = "/var/run/crio.sock" +listen = "/var/run/crio/crio.sock" # stream_address is the IP address on which the stream server will listen stream_address = "" @@ -69,7 +69,7 @@ runtime_untrusted_workload = "" default_workload_trust = "trusted" # conmon is the path to conmon binary, used for managing the runtime. -conmon = "/usr/libexec/crio/conmon" +conmon = "/usr/bin/conmon" # conmon_env is the environment variable list for conmon process, # used for passing necessary environment variable to conmon or runtime. @@ -132,8 +132,7 @@ insecure_registries = [ # registries is used to specify a comma separated list of registries to be used # when pulling an unqualified image (e.g. fedora:rawhide). -registries = [ -] +registries = ['docker.io', 'registry.fedoraproject.org', 'registry.access.redhat.com'] # The "crio.network" table contains settings pertaining to the # management of CNI plugins. @@ -144,4 +143,4 @@ registries = [ network_dir = "/etc/cni/net.d/" # plugin_dir is is where CNI plugin binaries are stored. -plugin_dir = "/opt/cni/bin/" +plugin_dir = "/opt/cni/bin" diff --git a/external/meta-virtualization/recipes-containers/criu/criu_git.bb b/external/meta-virtualization/recipes-containers/criu/criu_git.bb index 00de417b..704a0f9e 100644 --- a/external/meta-virtualization/recipes-containers/criu/criu_git.bb +++ b/external/meta-virtualization/recipes-containers/criu/criu_git.bb @@ -13,10 +13,10 @@ EXCLUDE_FROM_WORLD = "1" LIC_FILES_CHKSUM = "file://COPYING;md5=412de458544c1cb6a2b512cd399286e2" -SRCREV = "c49eab368a68682475c4e693258246e04232e6d2" -PV = "3.10+git${SRCPV}" +SRCREV = "c703e3fd8404e506cc6156719b953ea0580d59a4" +PV = "3.13+git${SRCPV}" -SRC_URI = "git://github.com/xemul/criu.git;protocol=git \ +SRC_URI = "git://github.com/checkpoint-restore/criu.git \ file://0001-criu-Fix-toolchain-hardcode.patch \ file://0002-criu-Skip-documentation-install.patch \ file://0001-criu-Change-libraries-install-directory.patch \ @@ -37,7 +37,7 @@ S = "${WORKDIR}/git" # EXTRA_OEMAKE_arm += "ARCH=arm UNAME-M=${CRIU_BUILD_ARCH} WERROR=0" EXTRA_OEMAKE_x86-64 += "ARCH=x86 WERROR=0" -EXTRA_OEMAKE_aarch64 += "ARCH=arm64 WERROR=0" +EXTRA_OEMAKE_aarch64 += "ARCH=aarch64 WERROR=0" EXTRA_OEMAKE_append += "SBINDIR=${sbindir} LIBDIR=${libdir} INCLUDEDIR=${includedir} PIEGEN=no" EXTRA_OEMAKE_append += "LOGROTATEDIR=${sysconfdir} SYSTEMDUNITDIR=${systemd_unitdir}" @@ -53,8 +53,11 @@ export C_INCLUDE_PATH="${STAGING_INCDIR}/libnl3" export BUILD_SYS export HOST_SYS +export HOSTCFLAGS = "${BUILD_CFLAGS}" -inherit setuptools +inherit setuptools3 + +B = "${S}" PACKAGECONFIG ??= "" PACKAGECONFIG[selinux] = ",,libselinux" @@ -67,18 +70,24 @@ do_compile_prepend() { } do_compile () { - oe_runmake FULL_PYTHON=${PYTHON} PYTHON=python2 + oe_runmake FULL_PYTHON=${PYTHON} PYTHON=python3 } do_install () { export INSTALL_LIB="${libdir}/${PYTHON_DIR}/site-packages" - oe_runmake PREFIX=${exec_prefix} LIBDIR=${libdir} DESTDIR="${D}" FULL_PYTHON=${PYTHON} PYTHON=python2 install + oe_runmake PREFIX=${exec_prefix} LIBDIR=${libdir} DESTDIR="${D}" FULL_PYTHON=${PYTHON} PYTHON=python3 install + + # python3's distutils has a feature of rewriting the interpeter on setup installed + # scripts. 'crit' is one of those scripts. The "executable" or "e" option to the + # setup call should fix it, but it is being ignored. So to avoid getting our native + # intepreter replaced in the script, we'll do an explicit update ourselves. + sed -i 's%^\#\!.*%\#\!/usr/bin/env python3%g' ${D}/usr/bin/crit } FILES_${PN} += "${systemd_unitdir}/ \ - ${libdir}/python2.7/site-packages/ \ + ${libdir}/python3*/site-packages/ \ ${libdir}/pycriu/ \ - ${libdir}/crit-0.0.1-py2.7.egg-info \ + ${libdir}/crit-0.0.1-py3*.egg-info \ " FILES_${PN}-staticdev += " \ diff --git a/external/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch b/external/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch index 838cbdc9..bd7a6c57 100644 --- a/external/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch +++ b/external/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch @@ -46,17 +46,20 @@ diff --git a/scripts/nmk/scripts/tools.mk b/scripts/nmk/scripts/tools.mk index 56dba84..1698821 100644 --- a/scripts/nmk/scripts/tools.mk +++ b/scripts/nmk/scripts/tools.mk -@@ -2,31 +2,31 @@ ifndef ____nmk_defined__tools +@@ -2,35 +2,35 @@ ifndef ____nmk_defined__tools # # System tools shorthands -RM := rm -f +RM ?= rm -f HOSTLD ?= ld --LD := $(CROSS_COMPILE)$(HOSTLD) -+LD ?= $(CROSS_COMPILE)$(HOSTLD) + ifeq ($(origin LD), default) + LD := $(CROSS_COMPILE)$(HOSTLD) + endif HOSTCC ?= gcc --CC := $(CROSS_COMPILE)$(HOSTCC) + ifeq ($(origin CC), default) + CC := $(CROSS_COMPILE)$(HOSTCC) + endif -CPP := $(CC) -E -AS := $(CROSS_COMPILE)as -AR := $(CROSS_COMPILE)ar @@ -69,7 +72,6 @@ index 56dba84..1698821 100644 -AWK := awk -PERL := perl -FULL_PYTHON := $(shell which python2 2>/dev/null || which python3 2>/dev/null) -+CC ?= $(CROSS_COMPILE)$(HOSTCC) +CPP ?= $(CC) -E +AS ?= $(CROSS_COMPILE)as +AR ?= $(CROSS_COMPILE)ar diff --git a/external/meta-virtualization/recipes-containers/crun/crun_git.bb b/external/meta-virtualization/recipes-containers/crun/crun_git.bb new file mode 100644 index 00000000..7781e110 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/crun/crun_git.bb @@ -0,0 +1,32 @@ +DESCRIPTION = "A fast and low-memory footprint OCI Container Runtime fully written in C." +LICENSE = "GPLv3" +LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" +PRIORITY = "optional" + +SRCREV_crun = "a43f72196f7aaf713dc997eaddd0f08612f60ac0" +SRCREV_libocispec = "01c8f977ff5ed1e8010f40c2572343be1a70a51b" +SRCREV_ispec = "775207bd45b6cb8153ce218cc59351799217451f" +SRCREV_rspec = "19e92ca817772b4466f2ed2b8d808dfb7a8ab4be" + +SRCREV_FORMAT = "crun_rspec" +SRC_URI = "git://github.com/containers/crun.git;branch=master;name=crun \ + git://github.com/containers/libocispec.git;branch=master;name=libocispec;destsuffix=git/libocispec \ + git://github.com/opencontainers/runtime-spec.git;branch=master;name=rspec;destsuffix=git/libocispec/runtime-spec \ + git://github.com/opencontainers/image-spec.git;branch=master;name=ispec;destsuffix=git/libocispec/image-spec \ + " + +PV = "0.10.2+git${SRCREV_crun}" +S = "${WORKDIR}/git" + +inherit autotools-brokensep pkgconfig + +PACKAGECONFIG ??= "" + +DEPENDS = "yajl libcap go-md2man-native" +# TODO: is there a packageconfig to turn this off ? +DEPENDS += "libseccomp" +DEPENDS += "oci-image-spec oci-runtime-spec" + +do_install() { + oe_runmake 'DESTDIR=${D}' install +} diff --git a/external/meta-virtualization/recipes-containers/docker-compose/files/0001-Allow-newer-versions-of-requests.patch b/external/meta-virtualization/recipes-containers/docker-compose/files/0001-Allow-newer-versions-of-requests.patch deleted file mode 100644 index 6fc7bb4c..00000000 --- a/external/meta-virtualization/recipes-containers/docker-compose/files/0001-Allow-newer-versions-of-requests.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 15cf1a31f5af8f09531bb837b92bd6ea49bd1744 Mon Sep 17 00:00:00 2001 -From: Pascal Bach <pascal.bach@siemens.com> -Date: Wed, 13 Sep 2017 08:41:21 +0200 -Subject: [PATCH] Allow newer versions of requests - -docker compose has strict requirements to use requests < 2.12 - -However it works without issues with newer versions, so this patch removes the check. - -Upstream-Status: Pending - -Signed-off-by: Pascal Bach <pascal.bach@siemens.com> ---- - setup.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/setup.py b/setup.py -index 192a0f6..f444757 100644 ---- a/setup.py -+++ b/setup.py -@@ -33,7 +33,7 @@ install_requires = [ - 'cached-property >= 1.2.0, < 2', - 'docopt >= 0.6.1, < 0.7', - 'PyYAML >= 3.10, < 4', -- 'requests >= 2.6.1, != 2.11.0, < 2.12', -+ 'requests >= 2.6.1, != 2.11.0', - 'texttable >= 0.9.0, < 0.10', - 'websocket-client >= 0.32.0, < 1.0', - 'docker >= 2.5.1, < 3.0', --- -2.1.4 - diff --git a/external/meta-virtualization/recipes-containers/docker-compose/files/0001-setup.py-import-fastentrypoints.patch b/external/meta-virtualization/recipes-containers/docker-compose/files/0001-setup.py-import-fastentrypoints.patch new file mode 100644 index 00000000..df613e84 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/docker-compose/files/0001-setup.py-import-fastentrypoints.patch @@ -0,0 +1,28 @@ +From f3a22f0f14a4b3313e6405dfb6c97df949493a34 Mon Sep 17 00:00:00 2001 +From: Ming Liu <liu.ming50@gmail.com> +Date: Thu, 30 Jan 2020 17:22:19 +0100 +Subject: [PATCH] setup.py: import fastentrypoints + +Upstream-Status: Inappropriate [OE specific configuration] + +Signed-off-by: Ming Liu <liu.ming50@gmail.com> +--- + setup.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/setup.py b/setup.py +index ad57969..3cccffc 100644 +--- a/setup.py ++++ b/setup.py +@@ -12,7 +12,7 @@ import sys + import pkg_resources + from setuptools import find_packages + from setuptools import setup +- ++import fastentrypoints + + def read(*parts): + path = os.path.join(os.path.dirname(__file__), *parts) +-- +2.7.4 + diff --git a/external/meta-virtualization/recipes-containers/docker-compose/files/0001-setup.py-remove-maximum-version-requirements.patch b/external/meta-virtualization/recipes-containers/docker-compose/files/0001-setup.py-remove-maximum-version-requirements.patch new file mode 100644 index 00000000..6e5ca3d6 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/docker-compose/files/0001-setup.py-remove-maximum-version-requirements.patch @@ -0,0 +1,59 @@ +From 1d358acd46c9ca71d848fca8c2d677414257f247 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Fri, 22 Nov 2019 09:24:58 +0800 +Subject: [PATCH] setup.py: remove maximum version requirements + +Remove maximum version requirements so that docker-compose will not +require old version recipes. + +Upstream-Status: Inappropriate [OE Specific] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +Signed-off-by: Ming Liu <liu.ming50@gmail.com> +--- + setup.py | 22 +++++++++++----------- + 1 file changed, 11 insertions(+), 11 deletions(-) + +diff --git a/setup.py b/setup.py +index 110441dc..eef28254 100644 +--- a/setup.py ++++ b/setup.py +@@ -30,16 +30,16 @@ def find_version(*file_paths): + + + install_requires = [ +- 'cached-property >= 1.2.0, < 2', +- 'docopt >= 0.6.1, < 1', +- 'PyYAML >= 3.10, < 6', +- 'requests >= 2.20.0, < 3', +- 'texttable >= 0.9.0, < 2', +- 'websocket-client >= 0.32.0, < 1', +- 'docker[ssh] >= 3.7.0, < 5', +- 'dockerpty >= 0.4.1, < 1', +- 'six >= 1.3.0, < 2', +- 'jsonschema >= 2.5.1, < 4', ++ 'cached-property >= 1.2.0', ++ 'docopt >= 0.6.1', ++ 'PyYAML >= 3.10', ++ 'requests >= 2.20.0', ++ 'texttable >= 0.9.0', ++ 'websocket-client >= 0.32.0', ++ 'docker[ssh] >= 3.7.0', ++ 'dockerpty >= 0.4.1', ++ 'six >= 1.3.0', ++ 'jsonschema >= 2.5.1', + ] + + +@@ -58,7 +58,7 @@ extras_require = { + ':python_version < "3.3"': ['backports.shutil_get_terminal_size == 1.0.0', + 'ipaddress >= 1.0.16, < 2'], + ':sys_platform == "win32"': ['colorama >= 0.4, < 1'], +- 'socks': ['PySocks >= 1.5.6, != 1.5.7, < 2'], ++ 'socks': ['PySocks >= 1.5.6, != 1.5.7'], + } + + +-- +2.25.0 + diff --git a/external/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb b/external/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb deleted file mode 100644 index 851c2510..00000000 --- a/external/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb +++ /dev/null @@ -1,31 +0,0 @@ -SUMMARY = "Multi-container orchestration for Docker" -HOMEPAGE = "https://www.docker.com/" -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=435b266b3899aa8a959f17d41c56def8" - -SRC_URI += "file://0001-Allow-newer-versions-of-requests.patch" - -inherit pypi setuptools3 - -SRC_URI[md5sum] = "8dcadf09143600fcb573b43f446c8f9a" -SRC_URI[sha256sum] = "fb46a6a2c4d193a3ff1e4d7208eea920b629c81dc92257c87f3f93095cfb0bdf" - -RDEPENDS_${PN} = "\ - ${PYTHON_PN}-cached-property \ - ${PYTHON_PN}-certifi \ - ${PYTHON_PN}-chardet \ - ${PYTHON_PN}-colorama \ - ${PYTHON_PN}-docker \ - ${PYTHON_PN}-docker-pycreds \ - ${PYTHON_PN}-dockerpty \ - ${PYTHON_PN}-docopt \ - ${PYTHON_PN}-idna \ - ${PYTHON_PN}-jsonschema \ - ${PYTHON_PN}-pyyaml \ - ${PYTHON_PN}-requests \ - ${PYTHON_PN}-six \ - ${PYTHON_PN}-terminal \ - ${PYTHON_PN}-texttable \ - ${PYTHON_PN}-urllib3 \ - ${PYTHON_PN}-websocket-client \ - " diff --git a/external/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.25.4.bb b/external/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.25.4.bb new file mode 100644 index 00000000..2dcad1e3 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.25.4.bb @@ -0,0 +1,38 @@ +SUMMARY = "Multi-container orchestration for Docker" +HOMEPAGE = "https://www.docker.com/" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=435b266b3899aa8a959f17d41c56def8" + +inherit pypi setuptools3 + +SRC_URI[md5sum] = "893fbb804a9057d6c470b5312407e0d1" +SRC_URI[sha256sum] = "fabae2bee4abfa7bdd09125b6bbdcdda81f946c7b16e3ccc6bb2d821ef6488f3" + +SRC_URI += "file://0001-setup.py-remove-maximum-version-requirements.patch \ + file://0001-setup.py-import-fastentrypoints.patch \ + " + +DEPENDS += "${PYTHON_PN}-fastentrypoints-native" + +RDEPENDS_${PN} = "\ + ${PYTHON_PN}-cached-property \ + ${PYTHON_PN}-certifi \ + ${PYTHON_PN}-chardet \ + ${PYTHON_PN}-colorama \ + ${PYTHON_PN}-docker \ + ${PYTHON_PN}-docker-pycreds \ + ${PYTHON_PN}-dockerpty \ + ${PYTHON_PN}-docopt \ + ${PYTHON_PN}-fcntl \ + ${PYTHON_PN}-idna \ + ${PYTHON_PN}-jsonschema \ + ${PYTHON_PN}-misc \ + ${PYTHON_PN}-paramiko \ + ${PYTHON_PN}-pyyaml \ + ${PYTHON_PN}-requests \ + ${PYTHON_PN}-six \ + ${PYTHON_PN}-terminal \ + ${PYTHON_PN}-texttable \ + ${PYTHON_PN}-urllib3 \ + ${PYTHON_PN}-websocket-client \ +" diff --git a/external/meta-virtualization/recipes-containers/docker-distribution/docker-distribution_git.bb b/external/meta-virtualization/recipes-containers/docker-distribution/docker-distribution_git.bb index 2892556a..4bf3c6e5 100644 --- a/external/meta-virtualization/recipes-containers/docker-distribution/docker-distribution_git.bb +++ b/external/meta-virtualization/recipes-containers/docker-distribution/docker-distribution_git.bb @@ -3,14 +3,14 @@ SUMMARY = "The Docker toolset to pack, ship, store, and deliver content" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=d2794c0df5b907fdace235a619d80314" -SRCREV_distribution="48294d928ced5dd9b378f7fd7c6f5da3ff3f2c89" -SRC_URI = "git://github.com/docker/distribution.git;branch=release/2.6;name=distribution;destsuffix=git/src/github.com/docker/distribution \ +SRCREV_distribution="2461543d988979529609e8cb6fca9ca190dc48da" +SRC_URI = "git://github.com/docker/distribution.git;branch=release/2.7;name=distribution;destsuffix=git/src/github.com/docker/distribution \ file://docker-registry.service \ " PACKAGES =+ "docker-registry" -PV = "v2.6.2" +PV = "v2.7.1" S = "${WORKDIR}/git/src/github.com/docker/distribution" GO_IMPORT = "import" @@ -66,3 +66,5 @@ FILES_docker-registry += "${localstatedir}/lib/registry/" SYSTEMD_SERVICE_docker-registry = "${@bb.utils.contains('DISTRO_FEATURES','systemd','docker-registry.service','',d)}" SYSTEMD_AUTO_ENABLE_docker-registry = "enable" + +RDEPENDS_${PN}-ptest_remove = "${PN}" diff --git a/external/meta-virtualization/recipes-containers/docker/docker-ce_git.bb b/external/meta-virtualization/recipes-containers/docker/docker-ce_git.bb index caf6d704..14182d12 100644 --- a/external/meta-virtualization/recipes-containers/docker/docker-ce_git.bb +++ b/external/meta-virtualization/recipes-containers/docker/docker-ce_git.bb @@ -9,8 +9,8 @@ DESCRIPTION = "Linux container runtime \ large-scale web deployments, database clusters, continuous deployment \ systems, private PaaS, service-oriented architectures, etc. \ . \ - This package contains the daemon and client. Using docker.io is \ - officially supported on x86_64 and arm (32-bit) hosts. \ + This package contains the daemon and client, which are \ + officially supported on x86_64 and arm hosts. \ Other architectures are considered experimental. \ . \ Also, note that kernel version 3.10 or above is required for proper \ @@ -18,61 +18,35 @@ DESCRIPTION = "Linux container runtime \ subtle and/or glaring issues. \ " -SRCREV_docker = "6e632f7fc395d15bce46f426086e91c01598cf59" -SRCREV_libnetwork = "6da50d1978302f04c3e2089e29112ea24812f05b" +SRCREV_docker = "afacb8b7f0d8d4f9d2a8e8736e9c993e672b41f3" +SRCREV_libnetwork = "c7bae399e46fd620b8a006174b7327e4e6e647fd" SRC_URI = "\ - git://github.com/docker/docker-ce.git;branch=18.09;name=docker \ - git://github.com/docker/libnetwork.git;branch=bump_18.09;name=libnetwork;destsuffix=git/libnetwork \ + git://github.com/docker/docker-ce.git;branch=19.03;name=docker \ + git://github.com/docker/libnetwork.git;branch=bump_19.03;name=libnetwork;destsuffix=git/libnetwork \ + file://0001-libnetwork-use-GO-instead-of-go.patch \ file://docker.init \ + file://0001-imporve-hardcoded-CC-on-cross-compile-docker-ce.patch \ " +require docker.inc + # Apache-2.0 for docker LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://src/import/components/engine/LICENSE;md5=9740d093a080530b5c5c6573df9af45a" +LIC_FILES_CHKSUM = "file://src/import/components/engine/LICENSE;md5=4859e97a9c7780e77972d989f0823f28" GO_IMPORT = "import" S = "${WORKDIR}/git" -DOCKER_VERSION = "18.09.0-ce" +DOCKER_VERSION = "19.03.8-ce" PV = "${DOCKER_VERSION}+git${SRCREV_docker}" -DEPENDS = " \ - go-cli \ - go-pty \ - go-context \ - go-mux \ - go-patricia \ - go-logrus \ - go-fsnotify \ - go-dbus \ - go-capability \ - go-systemd \ - btrfs-tools \ - sqlite3 \ - go-distribution \ - compose-file \ - go-connections \ - notary \ - grpc-go \ - libtool-native \ - libtool \ - " - PACKAGES =+ "${PN}-contrib" -DEPENDS_append_class-target = " lvm2" -RDEPENDS_${PN} = "util-linux util-linux-unshare iptables \ - ${@bb.utils.contains('DISTRO_FEATURES', 'aufs', 'aufs-util', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'cgroup-lite', d)} \ - " -RDEPENDS_${PN} += "virtual/containerd virtual/runc" - -RRECOMMENDS_${PN} = "kernel-module-dm-thin-pool kernel-module-nf-nat" -RSUGGESTS_${PN} = "lxc rt-tests" DOCKER_PKG="github.com/docker/docker" +# in order to exclude devicemapper and btrfs - https://github.com/docker/docker/issues/14056 +BUILD_TAGS = "exclude_graphdriver_btrfs exclude_graphdriver_devicemapper" -inherit systemd update-rc.d inherit go inherit goarch inherit pkgconfig @@ -88,8 +62,6 @@ do_compile() { mkdir -p .gopath/src/"$(dirname "${DOCKER_PKG}")" ln -sf ../../../../components/engine/ .gopath/src/"${DOCKER_PKG}" - mkdir -p .gopath/src/github.com/docker - ln -sf ${WORKDIR}/git/libnetwork .gopath/src/github.com/docker/libnetwork ln -sf ${S}/src/import/components/cli .gopath/src/github.com/docker/cli export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go" @@ -101,19 +73,19 @@ do_compile() { export CGO_ENABLED="1" export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" - # in order to exclude devicemapper and btrfs - https://github.com/docker/docker/issues/14056 - export DOCKER_BUILDTAGS='exclude_graphdriver_btrfs exclude_graphdriver_devicemapper' + export DOCKER_BUILDTAGS='${BUILD_TAGS} ${PACKAGECONFIG_CONFARGS}' export DISABLE_WARN_OUTSIDE_CONTAINER=1 cd ${S}/src/import/components/engine - # this is the unsupported build structure - # that doesn't rely on an existing docker - # to build this: + # this is the unsupported build structure that doesn't rely on an + # existing docker to build this: VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" ./hack/make.sh dynbinary # build the proxy + cd ${S}/src/import + ln -sf ${WORKDIR}/git/libnetwork .gopath/src/github.com/docker/libnetwork cd ${S}/src/import/.gopath/src/github.com/docker/libnetwork oe_runmake cross-local @@ -125,18 +97,10 @@ do_compile() { VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" make dynbinary } -SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}" -SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','docker.service','',d)}" -SYSTEMD_AUTO_ENABLE_${PN} = "enable" - -INITSCRIPT_PACKAGES += "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','${PN}','',d)}" -INITSCRIPT_NAME_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','docker.init','',d)}" -INITSCRIPT_PARAMS_${PN} = "defaults" - do_install() { mkdir -p ${D}/${bindir} cp ${S}/src/import/components/cli/build/docker ${D}/${bindir}/docker - cp ${S}/src/import/components/engine/bundles/latest/dynbinary-daemon/dockerd ${D}/${bindir}/dockerd + cp ${S}/src/import/components/engine/bundles/dynbinary-daemon/dockerd ${D}/${bindir}/dockerd cp ${WORKDIR}/git/libnetwork/bin/docker-proxy* ${D}/${bindir}/docker-proxy if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then @@ -144,24 +108,24 @@ do_install() { install -m 644 ${S}/src/import/components/engine/contrib/init/systemd/docker.* ${D}/${systemd_unitdir}/system # replaces one copied from above with one that uses the local registry for a mirror install -m 644 ${S}/src/import/components/engine/contrib/init/systemd/docker.service ${D}/${systemd_unitdir}/system + rm -f ${D}/${systemd_unitdir}/system/docker.service.rpm else install -d ${D}${sysconfdir}/init.d install -m 0755 ${WORKDIR}/docker.init ${D}${sysconfdir}/init.d/docker.init fi + # TLS key that docker creates at run-time if not found is what resides here + if ${@bb.utils.contains('PACKAGECONFIG','transient-config','true','false',d)}; then + install -d ${D}${sysconfdir} + ln -s ..${localstatedir}/run/docker ${D}${sysconfdir}/docker + else + install -d ${D}${sysconfdir}/docker + fi mkdir -p ${D}${datadir}/docker/ install -m 0755 ${S}/src/import/components/engine/contrib/check-config.sh ${D}${datadir}/docker/ } -inherit useradd -USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "-r docker" - -FILES_${PN} += "${systemd_unitdir}/system/*" +FILES_${PN} += "${systemd_unitdir}/system/* ${sysconfdir}/docker" FILES_${PN}-contrib += "${datadir}/docker/check-config.sh" RDEPENDS_${PN}-contrib += "bash" - -# DO NOT STRIP docker -INHIBIT_PACKAGE_STRIP = "1" -INSANE_SKIP_${PN} += "ldflags" diff --git a/external/meta-virtualization/recipes-containers/docker/docker_git.bb b/external/meta-virtualization/recipes-containers/docker/docker-moby.bb index 79578083..074ef08f 100644 --- a/external/meta-virtualization/recipes-containers/docker/docker_git.bb +++ b/external/meta-virtualization/recipes-containers/docker/docker-moby.bb @@ -9,8 +9,8 @@ DESCRIPTION = "Linux container runtime \ large-scale web deployments, database clusters, continuous deployment \ systems, private PaaS, service-oriented architectures, etc. \ . \ - This package contains the daemon and client. Using docker.io is \ - officially supported on x86_64 and arm (32-bit) hosts. \ + This package contains the daemon and client, which are \ + officially supported on x86_64 and arm hosts. \ Other architectures are considered experimental. \ . \ Also, note that kernel version 3.10 or above is required for proper \ @@ -18,17 +18,37 @@ DESCRIPTION = "Linux container runtime \ subtle and/or glaring issues. \ " -SRCREV_docker = "489b8eda6674523df8b82a210399b7d2954427d0" -SRCREV_libnetwork = "6da50d1978302f04c3e2089e29112ea24812f05b" -SRCREV_cli = "51668a30f26250ccfce31bcc13d9334eaafabe36" +# Notes: +# - This docker variant uses moby and the other individually maintained +# upstream variants for SRCREVs +# - It is a true community / upstream tracking build, and is not a +# docker curated set of commits or additions +# - The version number on this package tracks the versions assigned to +# the curated docker-ce repository. This allows compatibility and +# functional equivalence, while allowing new features to be more +# easily added. +# - This could be called "docker-moby" or just "moby" in the future, but +# that would require the creation of a virtual/docker dependency, which +# is possible, but overkill at the moment (while we wait for the upstream +# to stop changing). +# - The common components of this recipe and docker-ce do need to be moved +# to a docker.inc recipe + +# moby commit matches the docker-engine bump on the 19.03 branch' +SRCREV_moby = "aa6a9891b09cce3d9004121294301a30d45d998d" +SRCREV_libnetwork = "c7bae399e46fd620b8a006174b7327e4e6e647fd" +SRCREV_cli = "eb310fca49568dccd87c6136f774ef6fff2a1b51" SRC_URI = "\ - git://github.com/moby/moby.git;nobranch=1;name=docker \ - git://github.com/docker/libnetwork.git;branch=bump_18.09;name=libnetwork;destsuffix=git/libnetwork \ - git://github.com/docker/cli;branch=18.09;name=cli;destsuffix=git/cli \ + git://github.com/moby/moby.git;branch=19.03;name=moby \ + git://github.com/docker/libnetwork.git;branch=bump_19.03;name=libnetwork;destsuffix=git/libnetwork \ + git://github.com/docker/cli;branch=19.03;name=cli;destsuffix=git/cli \ file://docker.init \ - file://0001-libnetwork-use-GO-instead-of-go.patch \ + file://0001-libnetwork-use-GO-instead-of-go.patch \ + file://0001-imporve-hardcoded-CC-on-cross-compile-docker-ce.patch \ " +require docker.inc + # Apache-2.0 for docker LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=4859e97a9c7780e77972d989f0823f28" @@ -37,50 +57,17 @@ GO_IMPORT = "import" S = "${WORKDIR}/git" -DOCKER_VERSION = "18.09.0" -PV = "${DOCKER_VERSION}+git${SRCREV_docker}" - -DEPENDS = " \ - go-cli \ - go-pty \ - go-context \ - go-mux \ - go-patricia \ - go-logrus \ - go-fsnotify \ - go-dbus \ - go-capability \ - go-systemd \ - btrfs-tools \ - sqlite3 \ - go-distribution \ - compose-file \ - go-connections \ - notary \ - grpc-go \ - libtool \ - " - -PACKAGECONFIG ??= "" -PACKAGECONFIG[seccomp] = "seccomp,,libseccomp" +DOCKER_VERSION = "19.03.8" +PV = "${DOCKER_VERSION}+git${SRCREV_moby}" PACKAGES =+ "${PN}-contrib" -DEPENDS_append_class-target = " lvm2" -RDEPENDS_${PN} = "util-linux util-linux-unshare iptables \ - ${@bb.utils.contains('DISTRO_FEATURES', 'aufs', 'aufs-util', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'cgroup-lite', d)} \ - " -RDEPENDS_${PN} += "virtual/containerd virtual/runc" - -RRECOMMENDS_${PN} = "kernel-module-dm-thin-pool kernel-module-nf-nat docker-init" -RSUGGESTS_${PN} = "lxc rt-tests" DOCKER_PKG="github.com/docker/docker" +# in order to exclude devicemapper and btrfs - https://github.com/docker/docker/issues/14056 +BUILD_TAGS = "exclude_graphdriver_btrfs exclude_graphdriver_devicemapper" -inherit systemd update-rc.d inherit go inherit goarch -inherit pkgconfig do_configure[noexec] = "1" @@ -106,8 +93,7 @@ do_compile() { export CGO_ENABLED="1" export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" - # in order to exclude devicemapper and btrfs - https://github.com/docker/docker/issues/14056 - export DOCKER_BUILDTAGS='exclude_graphdriver_btrfs exclude_graphdriver_devicemapper ${PACKAGECONFIG_CONFARGS}' + export DOCKER_BUILDTAGS='${BUILD_TAGS} ${PACKAGECONFIG_CONFARGS}' export DISABLE_WARN_OUTSIDE_CONTAINER=1 @@ -116,33 +102,24 @@ do_compile() { # this is the unsupported built structure # that doesn't rely on an existing docker # to build this: - VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" ./hack/make.sh dynbinary + VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_moby}" ./hack/make.sh dynbinary # build the cli cd ${S}/src/import/.gopath/src/github.com/docker/cli export CFLAGS="" export LDFLAGS="" export DOCKER_VERSION=${DOCKER_VERSION} - VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" make dynbinary + VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_moby}" make dynbinary # build the proxy cd ${S}/src/import/.gopath/src/github.com/docker/libnetwork oe_runmake cross-local } -SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}" -SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','docker.service','',d)}" - -SYSTEMD_AUTO_ENABLE_${PN} = "enable" - -INITSCRIPT_PACKAGES += "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','${PN}','',d)}" -INITSCRIPT_NAME_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','docker.init','',d)}" -INITSCRIPT_PARAMS_${PN} = "defaults" - do_install() { mkdir -p ${D}/${bindir} cp ${WORKDIR}/git/cli/build/docker ${D}/${bindir}/docker - cp ${S}/src/import/bundles/latest/dynbinary-daemon/dockerd ${D}/${bindir}/dockerd + cp ${S}/src/import/bundles/dynbinary-daemon/dockerd ${D}/${bindir}/dockerd cp ${WORKDIR}/git/libnetwork/bin/docker-proxy* ${D}/${bindir}/docker-proxy if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then @@ -150,24 +127,24 @@ do_install() { install -m 644 ${S}/src/import/contrib/init/systemd/docker.* ${D}/${systemd_unitdir}/system # replaces one copied from above with one that uses the local registry for a mirror install -m 644 ${S}/src/import/contrib/init/systemd/docker.service ${D}/${systemd_unitdir}/system + rm -f ${D}/${systemd_unitdir}/system/docker.service.rpm else install -d ${D}${sysconfdir}/init.d install -m 0755 ${WORKDIR}/docker.init ${D}${sysconfdir}/init.d/docker.init fi + # TLS key that docker creates at run-time if not found is what resides here + if ${@bb.utils.contains('PACKAGECONFIG','transient-config','true','false',d)}; then + install -d ${D}${sysconfdir} + ln -s ..${localstatedir}/run/docker ${D}${sysconfdir}/docker + else + install -d ${D}${sysconfdir}/docker + fi mkdir -p ${D}${datadir}/docker/ install -m 0755 ${S}/src/import/contrib/check-config.sh ${D}${datadir}/docker/ } -inherit useradd -USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "-r docker" - -FILES_${PN} += "${systemd_unitdir}/system/*" +FILES_${PN} += "${systemd_unitdir}/system/* ${sysconfdir}/docker" FILES_${PN}-contrib += "${datadir}/docker/check-config.sh" RDEPENDS_${PN}-contrib += "bash" - -# DO NOT STRIP docker -INHIBIT_PACKAGE_STRIP = "1" -INSANE_SKIP_${PN} += "ldflags textrel" diff --git a/external/meta-virtualization/recipes-containers/docker/docker-moby/0001-imporve-hardcoded-CC-on-cross-compile-docker-ce.patch b/external/meta-virtualization/recipes-containers/docker/docker-moby/0001-imporve-hardcoded-CC-on-cross-compile-docker-ce.patch new file mode 100644 index 00000000..766425a8 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/docker/docker-moby/0001-imporve-hardcoded-CC-on-cross-compile-docker-ce.patch @@ -0,0 +1,61 @@ +From 1263fdb50a540e9db742694b7cee08284ad986d0 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Wed, 17 Jul 2019 17:34:04 +0800 +Subject: [PATCH] imporve hardcoded CC on cross compile + +Since commit applied in moby [61a3285 Support cross-compile for arm] +it hardcoded var-CC to support cross-compile for arm + +Correct it with "${parameter:-word}" format, it is helpful for user +define toolchains + +(Use Default Values. If parameter is unset or null, the expansion of +word is substituted. Otherwise, the value of parameter is substituted.) + +Upstream-Status: Submitted [https://github.com/moby/moby/pull/39546] + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + components/engine/hack/make/.binary | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/import/hack/make/.binary b/src/import/hack/make/.binary +index 53de6749e5..66f4ca05f3 100644 +--- a/src/import/hack/make/.binary ++++ b/src/import/hack/make/.binary +@@ -44,27 +44,27 @@ if [ "$(go env GOOS)/$(go env GOARCH)" != "$(go env GOHOSTOS)/$(go env GOHOSTARC + # must be cross-compiling! + case "$(go env GOOS)/$(go env GOARCH)" in + windows/amd64) +- export CC=x86_64-w64-mingw32-gcc ++ export CC="${CC:-x86_64-w64-mingw32-gcc}" + export CGO_ENABLED=1 + ;; + linux/arm) + case "${GOARM}" in + 5|"") +- export CC=arm-linux-gnueabi-gcc ++ export CC="${CC:-arm-linux-gnueabi-gcc}" + export CGO_ENABLED=1 + ;; + 7) +- export CC=arm-linux-gnueabihf-gcc ++ export CC="${CC:-arm-linux-gnueabihf-gcc}" + export CGO_ENABLED=1 + ;; + esac + ;; + linux/arm64) +- export CC=aarch64-linux-gnu-gcc ++ export CC="${CC:-aarch64-linux-gnu-gcc}" + export CGO_ENABLED=1 + ;; + linux/amd64) +- export CC=x86_64-linux-gnu-gcc ++ export CC="${CC:-x86_64-linux-gnu-gcc}" + export CGO_ENABLED=1 + ;; + esac +-- +2.23.0 + diff --git a/external/meta-virtualization/recipes-containers/docker/docker.inc b/external/meta-virtualization/recipes-containers/docker/docker.inc new file mode 100644 index 00000000..32d4a2e4 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/docker/docker.inc @@ -0,0 +1,65 @@ +DEPENDS = " \ + go-cli \ + go-pty \ + go-context \ + go-mux \ + go-patricia \ + go-logrus \ + go-fsnotify \ + go-dbus \ + go-capability \ + go-systemd \ + btrfs-tools \ + sqlite3 \ + go-distribution \ + compose-file \ + go-connections \ + notary \ + grpc-go \ + libtool-native \ + libtool \ + " + +DEPENDS_append_class-target = " lvm2" +RDEPENDS_${PN} = "util-linux util-linux-unshare iptables \ + ${@bb.utils.contains('DISTRO_FEATURES', 'aufs', 'aufs-util', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'cgroup-lite', d)} \ + bridge-utils \ + ca-certificates \ + " +RDEPENDS_${PN} += "virtual/containerd virtual/runc" + +RRECOMMENDS_${PN} = "kernel-module-dm-thin-pool kernel-module-nf-nat kernel-module-xt-addrtype" + +PROVIDES += "virtual/docker" + +# we want all the docker variant recpes to be installable via "docker" +PACKAGE_NAME = "docker" +RPROVIDES_${PN} += "docker" +RPROVIDES_${PN}-dbg += "docker-dbg" +RPROVIDES_${PN}-dev += "docker-dev" +RPROVIDES_${PN}-contrip += "docker-dev" + +inherit pkgconfig +PACKAGECONFIG ??= "docker-init" +PACKAGECONFIG[seccomp] = "seccomp,,libseccomp" +PACKAGECONFIG[docker-init] = ",,,docker-init" +PACKAGECONFIG[transient-config] = "transient-config" + +inherit systemd update-rc.d + +SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}" +SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','docker.service','',d)}" +SYSTEMD_AUTO_ENABLE_${PN} = "enable" + +INITSCRIPT_PACKAGES += "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','${PN}','',d)}" +INITSCRIPT_NAME_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','docker.init','',d)}" +INITSCRIPT_PARAMS_${PN} = "defaults" + +inherit useradd +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM_${PN} = "-r docker" + +COMPATIBLE_HOST = "^(?!(qemu)?mips).*" + +INSANE_SKIP_${PN} += "ldflags textrel" diff --git a/external/meta-virtualization/recipes-containers/docker/files/0001-imporve-hardcoded-CC-on-cross-compile-docker-ce.patch b/external/meta-virtualization/recipes-containers/docker/files/0001-imporve-hardcoded-CC-on-cross-compile-docker-ce.patch new file mode 100644 index 00000000..70fdaf83 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/docker/files/0001-imporve-hardcoded-CC-on-cross-compile-docker-ce.patch @@ -0,0 +1,61 @@ +From 1263fdb50a540e9db742694b7cee08284ad986d0 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Wed, 17 Jul 2019 17:34:04 +0800 +Subject: [PATCH] imporve hardcoded CC on cross compile + +Since commit applied in moby [61a3285 Support cross-compile for arm] +it hardcoded var-CC to support cross-compile for arm + +Correct it with "${parameter:-word}" format, it is helpful for user +define toolchains + +(Use Default Values. If parameter is unset or null, the expansion of +word is substituted. Otherwise, the value of parameter is substituted.) + +Upstream-Status: Submitted [https://github.com/moby/moby/pull/39546] + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + components/engine/hack/make/.binary | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/import/components/engine/hack/make/.binary b/src/import/components/engine/hack/make/.binary +index 53de6749e5..66f4ca05f3 100644 +--- a/src/import/components/engine/hack/make/.binary ++++ b/src/import/components/engine/hack/make/.binary +@@ -44,27 +44,27 @@ if [ "$(go env GOOS)/$(go env GOARCH)" != "$(go env GOHOSTOS)/$(go env GOHOSTARC + # must be cross-compiling! + case "$(go env GOOS)/$(go env GOARCH)" in + windows/amd64) +- export CC=x86_64-w64-mingw32-gcc ++ export CC="${CC:-x86_64-w64-mingw32-gcc}" + export CGO_ENABLED=1 + ;; + linux/arm) + case "${GOARM}" in + 5|"") +- export CC=arm-linux-gnueabi-gcc ++ export CC="${CC:-arm-linux-gnueabi-gcc}" + export CGO_ENABLED=1 + ;; + 7) +- export CC=arm-linux-gnueabihf-gcc ++ export CC="${CC:-arm-linux-gnueabihf-gcc}" + export CGO_ENABLED=1 + ;; + esac + ;; + linux/arm64) +- export CC=aarch64-linux-gnu-gcc ++ export CC="${CC:-aarch64-linux-gnu-gcc}" + export CGO_ENABLED=1 + ;; + linux/amd64) +- export CC=x86_64-linux-gnu-gcc ++ export CC="${CC:-x86_64-linux-gnu-gcc}" + export CGO_ENABLED=1 + ;; + esac +-- +2.23.0 + diff --git a/external/meta-virtualization/recipes-containers/docker/files/docker.init b/external/meta-virtualization/recipes-containers/docker/files/docker.init index 0aea8d01..24f8fea6 100644 --- a/external/meta-virtualization/recipes-containers/docker/files/docker.init +++ b/external/meta-virtualization/recipes-containers/docker/files/docker.init @@ -28,7 +28,7 @@ exec="/usr/bin/$prog" pidfile="/var/run/$prog.pid" lockfile="/var/lock/subsys/$prog" logfile="/var/log/$prog" -other_args="--registry-mirror=http://localhost:5000 --insecure-registry=http://localhost:5000 --raw-logs" +other_args="--pidfile $pidfile --registry-mirror=http://localhost:5000 --insecure-registry=http://localhost:5000 --raw-logs" [ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog @@ -40,7 +40,7 @@ start() { if ! [ -f $pidfile ]; then printf "Starting $prog:\t" echo -e "\n$(date)\n" >> $logfile - "$unshare" -m -- $exec $other_args &>> $logfile & + "$unshare" -m -- $exec $other_args >> $logfile 2>&1 & pid=$! touch $lockfile # wait up to 10 seconds for the pidfile to exist. see diff --git a/external/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb b/external/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb index c3810b0d..76107afe 100644 --- a/external/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb +++ b/external/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb @@ -5,12 +5,10 @@ applications across multiple hosts, providing basic mechanisms for deployment, \ maintenance, and scaling of applications. \ " -# Note: 1.11+ requires go 1.10.2+, so the following must be set -# in your configuration: GOVERSION = "1.10%" -PV = "1.12.0+git${SRCREV_kubernetes}" -SRCREV_kubernetes = "d93ba8b6d1e2afcb30da3e354928ed00e6682223" +PV = "v1.17.1-beta+git${SRCREV_kubernetes}" +SRCREV_kubernetes = "f45fc1861acab22eb6a4697e3fb831e85ef5ff9c" -SRC_URI = "git://github.com/kubernetes/kubernetes.git;branch=release-1.12;name=kubernetes \ +SRC_URI = "git://github.com/kubernetes/kubernetes.git;branch=release-1.17;name=kubernetes \ file://0001-hack-lib-golang.sh-use-CC-from-environment.patch \ file://0001-cross-don-t-build-tests-by-default.patch \ " @@ -28,42 +26,34 @@ inherit systemd inherit go inherit goarch -do_compile() { - export GOARCH="${TARGET_GOARCH}" - export GOOS="${TARGET_GOOS}" - export GOROOT="${STAGING_LIBDIR_NATIVE}/${TARGET_SYS}/go" - export GOPATH="${S}/src/import:${S}/src/import/vendor" - - # Pass the needed cflags/ldflags so that cgo - # can find the needed headers files and libraries - export CGO_ENABLED="1" - export CFLAGS="" - export LDFLAGS="" - export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" +COMPATIBLE_HOST = '(x86_64.*|arm.*|aarch64.*)-linux' +do_compile() { # link fixups for compilation rm -f ${S}/src/import/vendor/src ln -sf ./ ${S}/src/import/vendor/src export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go" - export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go" - - # Pass the needed cflags/ldflags so that cgo - # can find the needed headers files and libraries - export CGO_ENABLED="1" - export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" - cd ${S}/src/import + # Build the host tools first, using the host compiler export GOARCH="${BUILD_GOARCH}" + # Pass the needed cflags/ldflags so that cgo can find the needed headers files and libraries + export CGO_ENABLED="1" + export CFLAGS="" + export LDFLAGS="" + export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}" + export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" make generated_files KUBE_BUILD_PLATFORMS="${HOST_GOOS}/${BUILD_GOARCH}" - # Reset GOARCH to the target one + # Build the target binaries export GOARCH="${TARGET_GOARCH}" + # Pass the needed cflags/ldflags so that cgo can find the needed headers files and libraries + export CGO_ENABLED="1" + export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" + export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" # to limit what is built, use 'WHAT', i.e. make WHAT=cmd/kubelet - make cross KUBE_BUILD_PLATFORMS=${GOOS}/${GOARCH} + make cross KUBE_BUILD_PLATFORMS=${GOOS}/${GOARCH} GOLDFLAGS="" } do_install() { @@ -106,6 +96,5 @@ FILES_kubectl = "${bindir}/kubectl" FILES_kube-proxy = "${bindir}/kube-proxy" FILES_${PN}-misc = "${bindir}" -INHIBIT_PACKAGE_STRIP = "1" deltask compile_ptest_base diff --git a/external/meta-virtualization/recipes-containers/lxc/files/logs-optionally-use-base-filenames-to-report-src-fil.patch b/external/meta-virtualization/recipes-containers/lxc/files/logs-optionally-use-base-filenames-to-report-src-fil.patch index 648193b4..a8c76bc8 100644 --- a/external/meta-virtualization/recipes-containers/lxc/files/logs-optionally-use-base-filenames-to-report-src-fil.patch +++ b/external/meta-virtualization/recipes-containers/lxc/files/logs-optionally-use-base-filenames-to-report-src-fil.patch @@ -1,4 +1,4 @@ -From c50ddb2b2cf22a29e4c671b1efbd338eeba694aa Mon Sep 17 00:00:00 2001 +From 0cfa202f5d96a35692f063f35bf4706f310b17e4 Mon Sep 17 00:00:00 2001 From: Jim Somerville <Jim.Somerville@windriver.com> Date: Fri, 25 Sep 2015 15:08:17 -0400 Subject: [PATCH] logs: optionally use base filenames to report src files @@ -30,11 +30,11 @@ Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com> 2 files changed, 14 insertions(+) diff --git a/configure.ac b/configure.ac -index 74b976a..9c561f7 100644 +index a3272e9..a2d4c29 100644 --- a/configure.ac +++ b/configure.ac -@@ -356,6 +356,15 @@ AC_ARG_ENABLE([examples], - [], [enable_examples=yes]) +@@ -378,6 +378,15 @@ AC_ARG_ENABLE([examples], + [enable_examples=$enableval], [enable_examples=yes]) AM_CONDITIONAL([ENABLE_EXAMPLES], [test "x$enable_examples" = "xyes"]) +# Enable basenames in the logs for source files @@ -48,12 +48,12 @@ index 74b976a..9c561f7 100644 + # Enable dumping stack traces AC_ARG_ENABLE([mutex-debugging], - [AC_HELP_STRING([--enable-mutex-debugging], [Makes mutexes to report error and provide stack trace [default=no]])], + [AS_HELP_STRING([--enable-mutex-debugging], [Makes mutexes to report error and provide stack trace [default=no]])], diff --git a/src/lxc/log.h b/src/lxc/log.h -index 4654fd9..6885d78 100644 +index d280656..62cbf4f 100644 --- a/src/lxc/log.h +++ b/src/lxc/log.h -@@ -77,8 +77,13 @@ struct lxc_log_locinfo { +@@ -47,8 +47,13 @@ struct lxc_log_locinfo { int line; }; diff --git a/external/meta-virtualization/recipes-containers/lxc/files/lxc-1.0.0-disable-udhcp-from-busybox-template.patch b/external/meta-virtualization/recipes-containers/lxc/files/lxc-1.0.0-disable-udhcp-from-busybox-template.patch index 85177c8f..6702b69e 100644 --- a/external/meta-virtualization/recipes-containers/lxc/files/lxc-1.0.0-disable-udhcp-from-busybox-template.patch +++ b/external/meta-virtualization/recipes-containers/lxc/files/lxc-1.0.0-disable-udhcp-from-busybox-template.patch @@ -1,4 +1,4 @@ -From 74efbe7f47379375c51948dd0f86248fb9429a1b Mon Sep 17 00:00:00 2001 +From 8227e720438ff0bdfe45d7307de85f660e491d49 Mon Sep 17 00:00:00 2001 From: Bogdan Purcareata <bogdan.purcareata@freescale.com> Date: Mon, 8 Apr 2013 18:30:19 +0300 Subject: [PATCH] lxc-0.9.0-disable-udhcp-from-busybox-template @@ -8,10 +8,10 @@ Subject: [PATCH] lxc-0.9.0-disable-udhcp-from-busybox-template 1 file changed, 1 deletion(-) diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in -index 7243b36..9637a71 100644 +index 1a8618b..8ba7cfe 100644 --- a/templates/lxc-busybox.in +++ b/templates/lxc-busybox.in -@@ -111,7 +111,6 @@ EOF +@@ -120,7 +120,6 @@ EOF #!/bin/sh /bin/syslogd /bin/mount -a diff --git a/external/meta-virtualization/recipes-containers/lxc/files/lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch b/external/meta-virtualization/recipes-containers/lxc/files/lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch index 085ffe80..be5dddf1 100644 --- a/external/meta-virtualization/recipes-containers/lxc/files/lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch +++ b/external/meta-virtualization/recipes-containers/lxc/files/lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch @@ -1,4 +1,4 @@ -From 5190dce1a675dfcdf88e3b94bd48070ac180bacc Mon Sep 17 00:00:00 2001 +From 85d1e77acbfde2aa1045cfda877a91a9e57c405d Mon Sep 17 00:00:00 2001 From: Jim Somerville <Jim.Somerville@windriver.com> Date: Tue, 11 Aug 2015 14:05:00 -0400 Subject: [PATCH] lxc: doc: upgrade to use docbook 3.1 DTD @@ -15,10 +15,10 @@ Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 1acc461..74b976a 100644 +index 90a4bd4..a3272e9 100644 --- a/configure.ac +++ b/configure.ac -@@ -213,7 +213,7 @@ AM_CONDITIONAL([ENABLE_DOCBOOK], [test "x$db2xman" != "x"]) +@@ -227,7 +227,7 @@ AM_CONDITIONAL([ENABLE_DOCBOOK], [test "x$db2xman" != "x"]) AM_CONDITIONAL([USE_DOCBOOK2X], [test "x$db2xman" != "xdocbook2man"]) if test "x$db2xman" = "xdocbook2man"; then diff --git a/external/meta-virtualization/recipes-containers/lxc/files/lxc-fix-B-S.patch b/external/meta-virtualization/recipes-containers/lxc/files/lxc-fix-B-S.patch index 6b09193a..cd8f81d0 100644 --- a/external/meta-virtualization/recipes-containers/lxc/files/lxc-fix-B-S.patch +++ b/external/meta-virtualization/recipes-containers/lxc/files/lxc-fix-B-S.patch @@ -1,4 +1,4 @@ -From 2fa77a1803939de2d155a14cf680b53140b92f06 Mon Sep 17 00:00:00 2001 +From 1cdadc8d6f7ccaf398a95af920b7c49514ee62ef Mon Sep 17 00:00:00 2001 From: Dmitry Eremin-Solenikov <dmitry_eremin@mentor.com> Date: Thu, 9 Apr 2015 23:01:48 +0300 diff --git a/external/meta-virtualization/recipes-containers/lxc/files/template-make-busybox-template-compatible-with-core-.patch b/external/meta-virtualization/recipes-containers/lxc/files/template-make-busybox-template-compatible-with-core-.patch index e4bb72a0..56ff2f07 100644 --- a/external/meta-virtualization/recipes-containers/lxc/files/template-make-busybox-template-compatible-with-core-.patch +++ b/external/meta-virtualization/recipes-containers/lxc/files/template-make-busybox-template-compatible-with-core-.patch @@ -1,4 +1,4 @@ -From 3a7112a38d2c44b6fa49e0da1dc4765defd88dbb Mon Sep 17 00:00:00 2001 +From 96bf043ec0ed93613036c324174c149655cf52be Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Thu, 31 May 2018 11:44:44 -0400 Subject: [PATCH] template: make busybox template compatible with @@ -23,10 +23,10 @@ Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in -index 9637a71..45b386f 100644 +index 8ba7cfe..effdb73 100644 --- a/templates/lxc-busybox.in +++ b/templates/lxc-busybox.in -@@ -181,6 +181,19 @@ configure_busybox() +@@ -194,6 +194,19 @@ configure_busybox() return 1 fi @@ -46,7 +46,7 @@ index 9637a71..45b386f 100644 # symlink busybox for the commands it supports # it would be nice to just use "chroot $rootfs busybox --install -s /bin" # but that only works right in a chroot with busybox >= 1.19.0 -@@ -189,9 +202,6 @@ configure_busybox() +@@ -202,9 +215,6 @@ configure_busybox() ./busybox --list | grep -v busybox | xargs -n1 ln -s busybox ) diff --git a/external/meta-virtualization/recipes-containers/lxc/files/templates-actually-create-DOWNLOAD_TEMP-directory.patch b/external/meta-virtualization/recipes-containers/lxc/files/templates-actually-create-DOWNLOAD_TEMP-directory.patch index 756cddc3..522aab7c 100644 --- a/external/meta-virtualization/recipes-containers/lxc/files/templates-actually-create-DOWNLOAD_TEMP-directory.patch +++ b/external/meta-virtualization/recipes-containers/lxc/files/templates-actually-create-DOWNLOAD_TEMP-directory.patch @@ -1,4 +1,4 @@ -From 68b0dd97130ffc5776de9219a42188b4a140d446 Mon Sep 17 00:00:00 2001 +From 7c1c597592694d1f3e652657b1cc642a8990f8a0 Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Thu, 31 May 2018 16:21:45 -0400 Subject: [PATCH] templates: actually create DOWNLOAD_TEMP directory @@ -23,10 +23,10 @@ Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/lxc-download.in b/templates/lxc-download.in -index 973783b..015a679 100644 +index 58d063f..d7e6128 100644 --- a/templates/lxc-download.in +++ b/templates/lxc-download.in -@@ -323,7 +323,7 @@ elif [ -n "${DOWNLOAD_TEMP}" ]; then +@@ -329,7 +329,7 @@ elif [ -n "${DOWNLOAD_TEMP}" ]; then mkdir -p "${DOWNLOAD_TEMP}" DOWNLOAD_TEMP="$(mktemp -p ${DOWNLOAD_TEMP} -d)" else diff --git a/external/meta-virtualization/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch b/external/meta-virtualization/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch new file mode 100644 index 00000000..156df82f --- /dev/null +++ b/external/meta-virtualization/recipes-containers/lxc/files/templates-use-curl-instead-of-wget.patch @@ -0,0 +1,50 @@ +From 07890dd8ffdcd08b7be1ddbd9f56ac55482c76bb Mon Sep 17 00:00:00 2001 +From: Joakim Roubert <joakimr@axis.com> +Date: Fri, 16 Aug 2019 07:52:48 +0200 +Subject: [PATCH] Use curl instead of wget + +When curl's MIT license is preferable to wget's GPLv3. + +Change-Id: I4684ae7569704514fdcc63e0655c556efcaf44f8 +Signed-off-by: Joakim Roubert <joakimr@axis.com> + +--- + templates/lxc-download.in | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/templates/lxc-download.in b/templates/lxc-download.in +index d7e6128..8a4b567 100644 +--- a/templates/lxc-download.in ++++ b/templates/lxc-download.in +@@ -74,9 +74,9 @@ cleanup() { + fi + } + +-wget_wrapper() { ++curl_wrapper() { + for _ in $(seq 3); do +- if wget "$@"; then ++ if curl "$@"; then + return 0 + fi + done +@@ -85,8 +85,8 @@ wget_wrapper() { + } + + download_file() { +- if ! wget_wrapper -T 30 -q "https://${DOWNLOAD_SERVER}/$1" -O "$2" >/dev/null 2>&1; then +- if ! wget_wrapper -T 30 -q "http://${DOWNLOAD_SERVER}/$1" -O "$2" >/dev/null 2>&1; then ++ if ! curl_wrapper -m 30 -s "https://${DOWNLOAD_SERVER}/$1" -o "$2" >/dev/null 2>&1; then ++ if ! curl_wrapper -m 30 -s "http://${DOWNLOAD_SERVER}/$1" -o "$2" >/dev/null 2>&1; then + if [ "$3" = "noexit" ]; then + return 1 + else +@@ -271,7 +271,7 @@ while :; do + done + + # Check for required binaries +-for bin in tar xz wget; do ++for bin in tar xz curl; do + if ! command -V "${bin}" >/dev/null 2>&1; then + echo "ERROR: Missing required tool: ${bin}" 1>&2 + exit 1 diff --git a/external/meta-virtualization/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch b/external/meta-virtualization/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch index abddef6e..8caeb2ba 100644 --- a/external/meta-virtualization/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch +++ b/external/meta-virtualization/recipes-containers/lxc/files/tests-add-no-validate-when-using-download-template.patch @@ -1,4 +1,4 @@ -From 1b334bdaf598600314a678509a702728721001a2 Mon Sep 17 00:00:00 2001 +From 1c2506434e744d8c6a86e42c9d8bae4cde7553f6 Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Thu, 31 May 2018 15:14:26 -0400 Subject: [PATCH] tests: add '--no-validate' when using download template @@ -19,7 +19,7 @@ Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/tests/lxc-test-apparmor-mount b/src/tests/lxc-test-apparmor-mount -index 56d598f..573cff8 100755 +index d21c948..9e1969b 100755 --- a/src/tests/lxc-test-apparmor-mount +++ b/src/tests/lxc-test-apparmor-mount @@ -169,7 +169,7 @@ if [ -f /etc/lsb-release ]; then diff --git a/external/meta-virtualization/recipes-containers/lxc/files/tests-our-init-is-not-busybox.patch b/external/meta-virtualization/recipes-containers/lxc/files/tests-our-init-is-not-busybox.patch index e6c71d3d..e5a8011e 100644 --- a/external/meta-virtualization/recipes-containers/lxc/files/tests-our-init-is-not-busybox.patch +++ b/external/meta-virtualization/recipes-containers/lxc/files/tests-our-init-is-not-busybox.patch @@ -1,4 +1,4 @@ -From 51d88d9741c30ff4a798698514cac831ae61680b Mon Sep 17 00:00:00 2001 +From 06b2a3054b9526c89d5abc314c7d7cda35ddb6a5 Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Thu, 31 May 2018 15:00:34 -0400 Subject: [PATCH] tests: our init is not busybox diff --git a/external/meta-virtualization/recipes-containers/lxc/lxc_3.1.0.bb b/external/meta-virtualization/recipes-containers/lxc/lxc_4.0.1.bb index 977583f2..bfe003ca 100644 --- a/external/meta-virtualization/recipes-containers/lxc/lxc_3.1.0.bb +++ b/external/meta-virtualization/recipes-containers/lxc/lxc_4.0.1.bb @@ -1,14 +1,17 @@ DESCRIPTION = "lxc aims to use these new functionnalities to provide an userspace container object" SECTION = "console/utils" -LICENSE = "LGPLv2.1" -LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" +LICENSE = "LGPLv2.1 & GPLv2" +LIC_FILES_CHKSUM = "file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c \ + file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ +" + DEPENDS = "libxml2 libcap" RDEPENDS_${PN} = " \ rsync \ + curl \ gzip \ xz \ tar \ - wget \ libcap-bin \ bridge-utils \ dnsmasq \ @@ -41,14 +44,15 @@ SRC_URI = "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \ file://logs-optionally-use-base-filenames-to-report-src-fil.patch \ file://templates-actually-create-DOWNLOAD_TEMP-directory.patch \ file://template-make-busybox-template-compatible-with-core-.patch \ + file://templates-use-curl-instead-of-wget.patch \ file://tests-our-init-is-not-busybox.patch \ file://tests-add-no-validate-when-using-download-template.patch \ file://dnsmasq.conf \ file://lxc-net \ " -SRC_URI[md5sum] = "e83e302a801494276f3772e687a3b8b0" -SRC_URI[sha256sum] = "4d8772c25baeaea2c37a954902b88c05d1454c91c887cb6a0997258cfac3fdc5" +SRC_URI[md5sum] = "5f19f13eafdde24c75ba459fc6c28156" +SRC_URI[sha256sum] = "70bbaac1df097f32ee5493a5e67a52365f7cdda28529f40197d6160bbec4139d" S = "${WORKDIR}/${BPN}-${PV}" diff --git a/external/meta-virtualization/recipes-containers/lxcfs/lxcfs_3.0.1.bb b/external/meta-virtualization/recipes-containers/lxcfs/lxcfs_3.0.3.bb index 576027fd..b6b6ac6b 100644 --- a/external/meta-virtualization/recipes-containers/lxcfs/lxcfs_3.0.1.bb +++ b/external/meta-virtualization/recipes-containers/lxcfs/lxcfs_3.0.3.bb @@ -10,8 +10,8 @@ SRC_URI = " \ " LIC_FILES_CHKSUM = "file://COPYING;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRC_URI[md5sum] = "fa49872fc45846125455199a2cce18f1" -SRC_URI[sha256sum] = "016c317f13392bebccba338511f537332fb2fdbaf62a5f6d77307b38a348f41f" +SRC_URI[md5sum] = "bfc41f949caeabd0468189480222f25e" +SRC_URI[sha256sum] = "890aa30d960d9b1e53b0c0712bf645c1f1924f750e32cd090f368c1338bd462f" DEPENDS += "fuse" RDEPENDS_${PN} += "fuse" diff --git a/external/meta-virtualization/recipes-containers/oci-image-spec/oci-image-spec_git.bb b/external/meta-virtualization/recipes-containers/oci-image-spec/oci-image-spec_git.bb index 92a83998..58057408 100644 --- a/external/meta-virtualization/recipes-containers/oci-image-spec/oci-image-spec_git.bb +++ b/external/meta-virtualization/recipes-containers/oci-image-spec/oci-image-spec_git.bb @@ -9,8 +9,8 @@ SRCNAME = "image-spec" PKG_NAME = "github.com/opencontainers/${SRCNAME}" SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME}" -SRCREV = "91d3eaabebcdc329edd9b4ff0f28f8f90022201f" -PV = "v1.0.0-rc4+git${SRCPV}" +SRCREV = "bd4f8fcb0979a663d8b97a1d4d9b030b3d2ca1fa" +PV = "v1.0.1+git${SRCPV}" S = "${WORKDIR}/git" @@ -21,11 +21,11 @@ do_compile() { do_install() { install -d ${D}${prefix}/local/go/src/${PKG_NAME} for j in $(cd ${S} && find src/${PKG_NAME} -name "*.go"); do - if [ ! -d ${D}${prefix}/local/go/$(dirname $j) ]; then - mkdir -p ${D}${prefix}/local/go/$(dirname $j) - fi - cp $j ${D}${prefix}/local/go/$j + cp --parents $j ${D}${prefix}/local/go/ done + # .tool isn't useful, so remote it. + rm -rf ${D}${prefix}/local/go/src/${PKG_NAME}/.tool/ + cp -r ${S}/src/${PKG_NAME}/LICENSE ${D}${prefix}/local/go/src/${PKG_NAME}/ } @@ -38,4 +38,4 @@ image_spec_file_sysroot_preprocess () { FILES_${PN} += "${prefix}/local/go/src/${PKG_NAME}/*" -CLEANBROKEN = "1"
\ No newline at end of file +CLEANBROKEN = "1" diff --git a/external/meta-virtualization/recipes-containers/oci-image-tools/files/0001-image-manifest-Recursively-remove-pre-existing-entri.patch b/external/meta-virtualization/recipes-containers/oci-image-tools/files/0001-image-manifest-Recursively-remove-pre-existing-entri.patch deleted file mode 100644 index 5594f976..00000000 --- a/external/meta-virtualization/recipes-containers/oci-image-tools/files/0001-image-manifest-Recursively-remove-pre-existing-entri.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 1f205c0aec5ea9e983d61a64e7ce871ae416bebd Mon Sep 17 00:00:00 2001 -From: "W. Trevor King" <wking@tremily.us> -Date: Tue, 18 Oct 2016 02:16:46 -0700 -Subject: [PATCH 1/2] image/manifest: Recursively remove pre-existing entries - when unpacking - -Implementing the logic that is in-flight with [1], but using recursive -removal [2]. GNU tar has a --recursive-unlink option that's not -enabled by default, with the motivation being something like "folks -would be mad if we blew away a full tree and replaced it with a broken -symlink" [3]. That makes sense for working filesystems, but we're -building the rootfs from scratch here so losing information is not a -concern. This commit always uses recursive removal to get that old -thing off the filesystem (whatever it takes ;). - -The exception to the removal is if both the tar entry and existing -path occupant are directories. In this case we want to use GNU tar's -default --overwrite-dir behavior, but unpackLayer's metadata handling -is currently very weak so I've left it at "don't delete the old -directory". - -The reworked directory case also fixes a minor bug from 44210d05 -(cmd/oci-image-tool: fix unpacking..., 2016-07-22, #177) where the: - - if fi, err := os.Lstat(path); !(err == nil && fi.IsDir()) { - -block would not error out if the Lstat failed for a reason besides the -acceptable IsNotExist. Instead, it would attempt to call MkdirAll, -which would probably fail for the same reason that Lstat failed -(e.g. ENOTDIR). But it's better to handle the Lstat errors directly. - -[1]: https://github.com/opencontainers/image-spec/pull/317 -[2]: https://github.com/opencontainers/image-spec/pull/317/files#r79214718 -[3]: https://www.gnu.org/software/tar/manual/html_node/Dealing-with-Old-Files.html - -Signed-off-by: W. Trevor King <wking@tremily.us> ---- - image/manifest.go | 22 +++++++++++++++++++--- - 1 file changed, 19 insertions(+), 3 deletions(-) - -diff --git a/image/manifest.go b/image/manifest.go -index 8834c1e5f2f0..144bd4f62219 100644 ---- a/src/import/image/manifest.go -+++ b/src/import/image/manifest.go -@@ -253,11 +253,27 @@ loop: - continue loop - } - -+ if hdr.Typeflag != tar.TypeDir { -+ err = os.RemoveAll(path) -+ if err != nil && !os.IsNotExist(err) { -+ return err -+ } -+ } -+ - switch hdr.Typeflag { - case tar.TypeDir: -- if fi, err := os.Lstat(path); !(err == nil && fi.IsDir()) { -- if err2 := os.MkdirAll(path, info.Mode()); err2 != nil { -- return errors.Wrap(err2, "error creating directory") -+ fi, err := os.Lstat(path) -+ if err != nil && !os.IsNotExist(err) { -+ return err -+ } -+ if os.IsNotExist(err) || !fi.IsDir() { -+ err = os.RemoveAll(path) -+ if err != nil && !os.IsNotExist(err) { -+ return err -+ } -+ err = os.MkdirAll(path, info.Mode()) -+ if err != nil { -+ return err - } - } - --- -2.4.0.53.g8440f74 - diff --git a/external/meta-virtualization/recipes-containers/oci-image-tools/files/0001-tool-respect-GO-and-GOBUILDFLAGS-when-building.patch b/external/meta-virtualization/recipes-containers/oci-image-tools/files/0001-tool-respect-GO-and-GOBUILDFLAGS-when-building.patch new file mode 100644 index 00000000..7e0b2a11 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/oci-image-tools/files/0001-tool-respect-GO-and-GOBUILDFLAGS-when-building.patch @@ -0,0 +1,31 @@ +From 7e6bfc9657f9fd83c170d5bf3721d54bf9e88074 Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@gmail.com> +Date: Sun, 13 Oct 2019 15:35:08 -0400 +Subject: [PATCH] tool: respect GO and GOBUILDFLAGS when building + +Ensure that the building of the tools respect the go compiler and +build flags from our environemnt. Otherwise, we'll use the host +settings for each and end up with a binary that cannot be run on +the target. + +Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/import/Makefile b/src/import/Makefile +index bacb341..1bfe021 100644 +--- a/src/import/Makefile ++++ b/src/import/Makefile +@@ -27,7 +27,7 @@ check-license: + + .PHONY: tool + tool: +- go build -ldflags "-X main.gitCommit=${COMMIT}" -o oci-image-tool ./cmd/oci-image-tool ++ $(GO) build $(GOBUILDFLAGS) $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT}" -o oci-image-tool ./cmd/oci-image-tool + + + all: tool man +-- +2.19.1 + diff --git a/external/meta-virtualization/recipes-containers/oci-image-tools/files/0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch b/external/meta-virtualization/recipes-containers/oci-image-tools/files/0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch deleted file mode 100644 index 69bdcdb5..00000000 --- a/external/meta-virtualization/recipes-containers/oci-image-tools/files/0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch +++ /dev/null @@ -1,242 +0,0 @@ -From 1e55f2a83b1f644803b640b72171b4ae0d95217b Mon Sep 17 00:00:00 2001 -From: "W. Trevor King" <wking@tremily.us> -Date: Thu, 20 Oct 2016 23:30:22 -0700 -Subject: [PATCH 2/2] image/manifest: Split unpackLayerEntry into its own - function - -To help address: - - $ make lint - checking lint - image/manifest.go:140::warning: cyclomatic complexity 39 of function unpackLayer() is high (> 35) (gocyclo) - ... - -Signed-off-by: W. Trevor King <wking@tremily.us> ---- - image/manifest.go | 185 +++++++++++++++++++++++++++++------------------------- - 1 file changed, 100 insertions(+), 85 deletions(-) - -diff --git a/image/manifest.go b/image/manifest.go -index 144bd4f62219..dfd5a83f70e4 100644 ---- a/src/import/image/manifest.go -+++ b/src/import/image/manifest.go -@@ -218,116 +218,131 @@ loop: - return errors.Wrapf(err, "error advancing tar stream") - } - -- hdr.Name = filepath.Clean(hdr.Name) -- if !strings.HasSuffix(hdr.Name, string(os.PathSeparator)) { -- // Not the root directory, ensure that the parent directory exists -- parent := filepath.Dir(hdr.Name) -- parentPath := filepath.Join(dest, parent) -- if _, err2 := os.Lstat(parentPath); err2 != nil && os.IsNotExist(err2) { -- if err3 := os.MkdirAll(parentPath, 0755); err3 != nil { -- return err3 -- } -- } -- } -- path := filepath.Join(dest, hdr.Name) -- if entries[path] { -- return fmt.Errorf("duplicate entry for %s", path) -- } -- entries[path] = true -- rel, err := filepath.Rel(dest, path) -+ var whiteout bool -+ whiteout, err = unpackLayerEntry(dest, hdr, tr, &entries) - if err != nil { - return err - } -- info := hdr.FileInfo() -- if strings.HasPrefix(rel, ".."+string(os.PathSeparator)) { -- return fmt.Errorf("%q is outside of %q", hdr.Name, dest) -+ if whiteout { -+ continue loop - } - -- if strings.HasPrefix(info.Name(), ".wh.") { -- path = strings.Replace(path, ".wh.", "", 1) -+ // Directory mtimes must be handled at the end to avoid further -+ // file creation in them to modify the directory mtime -+ if hdr.Typeflag == tar.TypeDir { -+ dirs = append(dirs, hdr) -+ } -+ } -+ for _, hdr := range dirs { -+ path := filepath.Join(dest, hdr.Name) - -- if err := os.RemoveAll(path); err != nil { -- return errors.Wrap(err, "unable to delete whiteout path") -+ finfo := hdr.FileInfo() -+ // I believe the old version was using time.Now().UTC() to overcome an -+ // invalid error from chtimes.....but here we lose hdr.AccessTime like this... -+ if err := os.Chtimes(path, time.Now().UTC(), finfo.ModTime()); err != nil { -+ return errors.Wrap(err, "error changing time") -+ } -+ } -+ return nil -+} -+ -+// unpackLayerEntry unpacks a single entry from a layer. -+func unpackLayerEntry(dest string, header *tar.Header, reader io.Reader, entries *map[string]bool) (whiteout bool, err error) { -+ header.Name = filepath.Clean(header.Name) -+ if !strings.HasSuffix(header.Name, string(os.PathSeparator)) { -+ // Not the root directory, ensure that the parent directory exists -+ parent := filepath.Dir(header.Name) -+ parentPath := filepath.Join(dest, parent) -+ if _, err2 := os.Lstat(parentPath); err2 != nil && os.IsNotExist(err2) { -+ if err3 := os.MkdirAll(parentPath, 0755); err3 != nil { -+ return false, err3 - } -+ } -+ } -+ path := filepath.Join(dest, header.Name) -+ if (*entries)[path] { -+ return false, fmt.Errorf("duplicate entry for %s", path) -+ } -+ (*entries)[path] = true -+ rel, err := filepath.Rel(dest, path) -+ if err != nil { -+ return false, err -+ } -+ info := header.FileInfo() -+ if strings.HasPrefix(rel, ".."+string(os.PathSeparator)) { -+ return false, fmt.Errorf("%q is outside of %q", header.Name, dest) -+ } - -- continue loop -+ if strings.HasPrefix(info.Name(), ".wh.") { -+ path = strings.Replace(path, ".wh.", "", 1) -+ -+ if err = os.RemoveAll(path); err != nil { -+ return true, errors.Wrap(err, "unable to delete whiteout path") - } - -- if hdr.Typeflag != tar.TypeDir { -- err = os.RemoveAll(path) -- if err != nil && !os.IsNotExist(err) { -- return err -- } -+ return true, nil -+ } -+ -+ if header.Typeflag != tar.TypeDir { -+ err = os.RemoveAll(path) -+ if err != nil && !os.IsNotExist(err) { -+ return false, err - } -+ } - -- switch hdr.Typeflag { -- case tar.TypeDir: -- fi, err := os.Lstat(path) -+ switch header.Typeflag { -+ case tar.TypeDir: -+ fi, err := os.Lstat(path) -+ if err != nil && !os.IsNotExist(err) { -+ return false, err -+ } -+ if os.IsNotExist(err) || !fi.IsDir() { -+ err = os.RemoveAll(path) - if err != nil && !os.IsNotExist(err) { -- return err -- } -- if os.IsNotExist(err) || !fi.IsDir() { -- err = os.RemoveAll(path) -- if err != nil && !os.IsNotExist(err) { -- return err -- } -- err = os.MkdirAll(path, info.Mode()) -- if err != nil { -- return err -- } -+ return false, err - } -- -- case tar.TypeReg, tar.TypeRegA: -- f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, info.Mode()) -+ err = os.MkdirAll(path, info.Mode()) - if err != nil { -- return errors.Wrap(err, "unable to open file") -+ return false, err - } -+ } - -- if _, err := io.Copy(f, tr); err != nil { -- f.Close() -- return errors.Wrap(err, "unable to copy") -- } -- f.Close() -+ case tar.TypeReg, tar.TypeRegA: -+ f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, info.Mode()) -+ if err != nil { -+ return false, errors.Wrap(err, "unable to open file") -+ } - -- case tar.TypeLink: -- target := filepath.Join(dest, hdr.Linkname) -+ if _, err := io.Copy(f, reader); err != nil { -+ f.Close() -+ return false, errors.Wrap(err, "unable to copy") -+ } -+ f.Close() - -- if !strings.HasPrefix(target, dest) { -- return fmt.Errorf("invalid hardlink %q -> %q", target, hdr.Linkname) -- } -+ case tar.TypeLink: -+ target := filepath.Join(dest, header.Linkname) - -- if err := os.Link(target, path); err != nil { -- return err -- } -+ if !strings.HasPrefix(target, dest) { -+ return false, fmt.Errorf("invalid hardlink %q -> %q", target, header.Linkname) -+ } - -- case tar.TypeSymlink: -- target := filepath.Join(filepath.Dir(path), hdr.Linkname) -+ if err := os.Link(target, path); err != nil { -+ return false, err -+ } - -- if !strings.HasPrefix(target, dest) { -- return fmt.Errorf("invalid symlink %q -> %q", path, hdr.Linkname) -- } -+ case tar.TypeSymlink: -+ target := filepath.Join(filepath.Dir(path), header.Linkname) - -- if err := os.Symlink(hdr.Linkname, path); err != nil { -- return err -- } -- case tar.TypeXGlobalHeader: -- return nil -+ if !strings.HasPrefix(target, dest) { -+ return false, fmt.Errorf("invalid symlink %q -> %q", path, header.Linkname) - } -- // Directory mtimes must be handled at the end to avoid further -- // file creation in them to modify the directory mtime -- if hdr.Typeflag == tar.TypeDir { -- dirs = append(dirs, hdr) -- } -- } -- for _, hdr := range dirs { -- path := filepath.Join(dest, hdr.Name) - -- finfo := hdr.FileInfo() -- // I believe the old version was using time.Now().UTC() to overcome an -- // invalid error from chtimes.....but here we lose hdr.AccessTime like this... -- if err := os.Chtimes(path, time.Now().UTC(), finfo.ModTime()); err != nil { -- return errors.Wrap(err, "error changing time") -+ if err := os.Symlink(header.Linkname, path); err != nil { -+ return false, err - } -+ case tar.TypeXGlobalHeader: -+ return false, nil - } -- return nil -+ -+ return false, nil - } --- -2.4.0.53.g8440f74 - diff --git a/external/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb b/external/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb index 8c41b6e0..676f3cc4 100644 --- a/external/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb +++ b/external/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb @@ -13,11 +13,10 @@ DEPENDS = "\ " SRC_URI = "git://github.com/opencontainers/image-tools.git \ - file://0001-image-manifest-Recursively-remove-pre-existing-entri.patch \ - file://0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch \ - file://0001-config-make-Config.User-mapping-errors-a-warning.patch" + file://0001-config-make-Config.User-mapping-errors-a-warning.patch \ + file://0001-tool-respect-GO-and-GOBUILDFLAGS-when-building.patch" -SRCREV = "4abe1a166f9be97e8e71b1bb4d7599cc29323011" +SRCREV = "93db3b16e6738bf9b8bee47d86ac93be5340838b" PV = "0.2.0-dev+git${SRCPV}" GO_IMPORT = "import" diff --git a/external/meta-virtualization/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb b/external/meta-virtualization/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb index deba7b3e..c4083c09 100644 --- a/external/meta-virtualization/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb +++ b/external/meta-virtualization/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb @@ -9,8 +9,8 @@ SRCNAME = "runtime-spec" PKG_NAME = "github.com/opencontainers/${SRCNAME}" SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME}" -SRCREV = "a39b1cd4fdf7743ab721cc9da58abbee2f8624d1" -PV = "v1.0.0-rc6+git${SRCPV}" +SRCREV = "78ab98c0761136f84e6e21b24b4dcd0be68ab782" +PV = "v1.0.1+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch b/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch index 753a77d1..34f0c09e 100644 --- a/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch +++ b/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch @@ -1,6 +1,6 @@ -From f59cddcedd6535e0b809ec9b4e95672d34b41a16 Mon Sep 17 00:00:00 2001 +From 12d92162c449d51f4ffa482f7daaeb42c4135937 Mon Sep 17 00:00:00 2001 From: Jason Wessel <jason.wessel@windriver.com> -Date: Tue, 14 Nov 2017 07:41:41 -0800 +Date: Tue, 2 Jul 2019 20:51:08 +0000 Subject: [PATCH] Add additional cgroup mounts from root NS automatically Signed-off-by: Jason Wessel <jason.wessel@windriver.com> @@ -9,11 +9,11 @@ Signed-off-by: Jason Wessel <jason.wessel@windriver.com> 1 file changed, 45 insertions(+) diff --git a/src/systemdhook.c b/src/systemdhook.c -index 78575ef..f735484 100644 +index c2cb2b9..f9ec9f2 100644 --- a/src/systemdhook.c +++ b/src/systemdhook.c -@@ -238,6 +238,11 @@ static char *get_process_cgroup_subsystem_path(int pid, const char *subsystem) { - static int mount_cgroup(const char *rootfs, const char *options, char *systemd_path) +@@ -274,6 +274,11 @@ static char *get_process_cgroup_subsystem_path(const char *id, int pid, const ch + static int mount_cgroup(const char *id, const char *rootfs, const char *options, char *systemd_path) { _cleanup_free_ char *cgroup_path = NULL; + char *spath, *dpath; @@ -23,9 +23,9 @@ index 78575ef..f735484 100644 + int got; if (asprintf(&cgroup_path, "%s/%s", rootfs, CGROUP_ROOT) < 0) { - pr_perror("Failed to create path for %s", CGROUP_ROOT); -@@ -256,6 +261,46 @@ static int mount_cgroup(const char *rootfs, const char *options, char *systemd_p - pr_perror("Failed to mkdir new dest: %s", systemd_path); + pr_perror("%s: Failed to create path for %s", id, CGROUP_ROOT); +@@ -292,6 +297,46 @@ static int mount_cgroup(const char *id, const char *rootfs, const char *options, + pr_perror("%s: Failed to mkdir new dest: %s", id, systemd_path); return -1; } + /* Create all additional cgroup mounts which are in the root namespace */ @@ -59,7 +59,7 @@ index 78575ef..f735484 100644 + pr_perror("Failed to mkdir new dest: %s", dpath); + return -1; + } -+ if (bind_mount(spath, dpath, false)) { ++ if (bind_mount(id, spath, dpath, false)) { + pr_perror("Failed to bind mount %s on %s", spath, dpath); + return -1; + } @@ -68,9 +68,9 @@ index 78575ef..f735484 100644 + free(dpath); + } + closedir(dir); - if (mount(cgroup_path, cgroup_path, "bind", MS_REMOUNT|MS_BIND|MS_RDONLY, "") == -1) { - pr_perror("Failed to remount %s readonly", cgroup_path); + if (remount_readonly(id, cgroup_path, cgroup_path) < 0) { return -1; + } -- -2.11.0 +2.7.4 diff --git a/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch b/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch index 5016f6e7..a3ec57df 100644 --- a/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch +++ b/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch @@ -8,9 +8,11 @@ Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> src/systemdhook.c | 12 ------------ 1 file changed, 12 deletions(-) ---- a/src/systemdhook.c -+++ b/src/systemdhook.c -@@ -16,7 +16,6 @@ +Index: git/src/systemdhook.c +=================================================================== +--- git.orig/src/systemdhook.c ++++ git/src/systemdhook.c +@@ -17,7 +17,6 @@ #include <errno.h> #include <inttypes.h> #include <linux/limits.h> @@ -18,25 +20,28 @@ Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> #include <yajl/yajl_tree.h> #include <stdbool.h> -@@ -129,9 +128,6 @@ static int chperm(const char *path, cons +@@ -166,12 +165,6 @@ closedir(dir); return -1; } -- if (setfilecon (full_path, label) < 0) { -- pr_perror("Failed to set context %s on %s", label, full_path); +- if (label != NULL && (strcmp("", label))) { +- if ((is_selinux_enabled() > 0) && (setfilecon (full_path, label) < 0)) { +- pr_perror("%s: Failed to set context %s on %s", id, label, full_path); +- } - } - +- if (doChown) { /* Change uid and gid to something the container can handle */ -@@ -496,14 +492,6 @@ static int prestart(const char *rootfs, + if (chown(full_path, uid, gid) < 0 ) { +@@ -557,14 +550,6 @@ return -1; } } - - if (strcmp("", mount_label)) { -- rc = setfilecon(journal_dir, (security_context_t)mount_label); -- if (rc < 0) { -- pr_perror("Failed to set journal dir selinux context"); +- if ((is_selinux_enabled() > 0) && +- (setfilecon(journal_dir, (security_context_t)mount_label) < 0)) { +- pr_perror("%s: Failed to set journal dir selinux context", id); - return -1; - } - } diff --git a/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb b/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb index e07b7410..6734bffe 100644 --- a/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb +++ b/external/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb @@ -6,14 +6,14 @@ PRIORITY = "optional" DEPENDS = "yajl util-linux" -SRCREV = "1ac958a4197a9ea52174812fc7d7d036af8140d3" +SRCREV = "05e692346ca73e022754332a7da641230dae2ffe" SRC_URI = "git://github.com/projectatomic/oci-systemd-hook \ file://0001-selinux-drop-selinux-support.patch \ file://0001-configure-drop-selinux-support.patch \ file://0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch \ " -PV = "0.0.1+git${SRCPV}" +PV = "0.2.0+git${SRCPV}" S = "${WORKDIR}/git" inherit autotools pkgconfig diff --git a/external/meta-virtualization/recipes-containers/podman-compose/podman-compose_0.1.5.bb b/external/meta-virtualization/recipes-containers/podman-compose/podman-compose_0.1.5.bb new file mode 100644 index 00000000..4015069a --- /dev/null +++ b/external/meta-virtualization/recipes-containers/podman-compose/podman-compose_0.1.5.bb @@ -0,0 +1,15 @@ +DESCRIPTION = "An implementation of docker-compose with podman backend" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" + +inherit setuptools3 pypi + +SRC_URI = "git://github.com/containers/podman-compose.git" + +SRCREV = "f008986633879acf3f54848dabbf07cef8e9c68f" + +S = "${WORKDIR}/git" + +DEPENDS += "${PYTHON_PN}-pyyaml-native" + +RDEPENDS_${PN} += "${PYTHON_PN}-pyyaml" diff --git a/external/meta-virtualization/recipes-containers/podman/podman_git.bb b/external/meta-virtualization/recipes-containers/podman/podman_git.bb new file mode 100644 index 00000000..aa6b25b3 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/podman/podman_git.bb @@ -0,0 +1,119 @@ +HOMEPAGE = "https://podman.io/" +SUMMARY = "A daemonless container engine" +DESCRIPTION = "Podman is a daemonless container engine for developing, \ + managing, and running OCI Containers on your Linux System. Containers can \ + either be run as root or in rootless mode. Simply put: \ + `alias docker=podman`. \ + " + +DEPENDS = " \ + go-metalinter-native \ + go-md2man-native \ + gpgme \ + libseccomp \ + ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ +" + +python __anonymous() { + msg = "" + # ERROR: Nothing PROVIDES 'libseccomp' (but meta-virtualization/recipes-containers/podman/ DEPENDS on or otherwise requires it). + # ERROR: Required build target 'meta-world-pkgdata' has no buildable providers. + # Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'podman', 'libseccomp'] + if 'security' not in d.getVar('BBFILE_COLLECTIONS').split(): + msg += "Make sure meta-security should be present as it provides 'libseccomp'" + raise bb.parse.SkipRecipe(msg) +} + +SRCREV = "444a19cdd2e6108c75f6c1aadc1a2a9138a8bd73" +SRC_URI = " \ + git://github.com/containers/libpod.git;branch=master \ +" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=e3fc50a88d0a364313df4b21ef20c29e" + +GO_IMPORT = "import" + +S = "${WORKDIR}/git" + +PV = "1.8.1+git${SRCREV}" + +PACKAGES =+ "${PN}-contrib" + +PODMAN_PKG = "github.com/containers/libpod" +BUILDTAGS ?= "seccomp varlink \ +${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)} \ +exclude_graphdriver_btrfs exclude_graphdriver_devicemapper" + +# overide LDFLAGS to allow podman to build without: "flag provided but not # defined: -Wl,-O1 +export LDFLAGS="" + +inherit go goarch +inherit systemd pkgconfig + +do_configure[noexec] = "1" + +EXTRA_OEMAKE = " \ + PREFIX=${prefix} BINDIR=${bindir} LIBEXECDIR=${libexecdir} \ + ETCDIR=${sysconfdir} TMPFILESDIR=${nonarch_libdir}/tmpfiles.d \ + SYSTEMDDIR=${systemd_unitdir}/system USERSYSTEMDDIR=${systemd_unitdir}/user \ +" + +# remove 'docker' from the packageconfig if you don't want podman to +# build and install the docker wrapper. If docker is enabled in the +# packageconfig, the podman package will rconfict with docker. +PACKAGECONFIG ?= "docker" + +do_compile() { + cd ${S}/src + rm -rf .gopath + mkdir -p .gopath/src/"$(dirname "${PODMAN_PKG}")" + ln -sf ../../../../import/ .gopath/src/"${PODMAN_PKG}" + + ln -sf "../../../import/vendor/github.com/varlink/" ".gopath/src/github.com/varlink" + + export GOARCH="${BUILD_GOARCH}" + export GOPATH="${S}/src/.gopath" + export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go" + + cd ${S}/src/.gopath/src/"${PODMAN_PKG}" + + oe_runmake cmd/podman/varlink/iopodman.go GO=go + + # Pass the needed cflags/ldflags so that cgo + # can find the needed headers files and libraries + export GOARCH=${TARGET_GOARCH} + export CGO_ENABLED="1" + export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" + export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" + + oe_runmake BUILDTAGS="${BUILDTAGS}" +} + +do_install() { + cd ${S}/src/.gopath/src/"${PODMAN_PKG}" + + oe_runmake install DESTDIR="${D}" + if ${@bb.utils.contains('PACKAGECONFIG', 'docker', 'true', 'false', d)}; then + oe_runmake install.docker DESTDIR="${D}" + fi + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -d ${D}${systemd_unitdir}/system + install -m 644 ${S}/src/import/contrib/systemd/system/podman.service ${D}/${systemd_unitdir}/system + install -m 644 ${S}/src/import/contrib/systemd/system/podman.socket ${D}/${systemd_unitdir}/system + rm -f ${D}/${systemd_unitdir}/system/docker.service.rpm + fi +} + +FILES_${PN} += " \ + ${systemd_unitdir}/system/* \ + ${systemd_unitdir}/user/* \ + ${nonarch_libdir}/tmpfiles.d/* \ + ${sysconfdir}/cni \ +" + +SYSTEMD_SERVICE_${PN} = "podman.service podman.socket" + +RDEPENDS_${PN} += "conmon virtual/runc iptables cni skopeo" +RRECOMMENDS_${PN} += "slirp4netns" +RCONFLICTS_${PN} = "${@bb.utils.contains('PACKAGECONFIG', 'docker', 'docker', '', d)}" diff --git a/external/meta-virtualization/recipes-containers/riddler/riddler_git.bb b/external/meta-virtualization/recipes-containers/riddler/riddler_git.bb index 9f7fe6b4..08976060 100644 --- a/external/meta-virtualization/recipes-containers/riddler/riddler_git.bb +++ b/external/meta-virtualization/recipes-containers/riddler/riddler_git.bb @@ -13,6 +13,10 @@ S = "${WORKDIR}/git" inherit goarch inherit go +# In addition to hosts go does not like, we do not build for mips. +# +COMPATIBLE_HOST_mipsarch = "null" + # This disables seccomp and apparmor, which are on by default in the # go package. EXTRA_OEMAKE="BUILDTAGS=''" diff --git a/external/meta-virtualization/recipes-containers/runc/files/0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch b/external/meta-virtualization/recipes-containers/runc/files/0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch new file mode 100644 index 00000000..94cbb4cb --- /dev/null +++ b/external/meta-virtualization/recipes-containers/runc/files/0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch @@ -0,0 +1,35 @@ +From d2c47a973f354ffd505bb4e809c59e57b543726d Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Tue, 6 Aug 2019 19:01:45 +0800 +Subject: [PATCH] Makefile: respect GOBUILDFLAGS for runc and remove recvtty + from static + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + Makefile | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/Makefile b/Makefile +index 0f26a1c8..a0c6b40b 100644 +--- a/src/import/Makefile ++++ b/src/import/Makefile +@@ -30,7 +30,7 @@ SHELL := $(shell command -v bash 2>/dev/null) + .DEFAULT: runc + + runc: $(SOURCES) +- $(GO) build -buildmode=pie $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc . ++ $(GO) build $(GOBUILDFLAGS) $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc . + + all: runc recvtty + +@@ -41,7 +41,6 @@ contrib/cmd/recvtty/recvtty: $(SOURCES) + + static: $(SOURCES) + CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo osusergo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . +- CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo osusergo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty + + release: + script/release.sh -r release/$(VERSION) -v $(VERSION) +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-containers/runc/files/0001-Only-allow-proc-mount-if-it-is-procfs.patch b/external/meta-virtualization/recipes-containers/runc/files/0001-Only-allow-proc-mount-if-it-is-procfs.patch new file mode 100644 index 00000000..5aca99e2 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/runc/files/0001-Only-allow-proc-mount-if-it-is-procfs.patch @@ -0,0 +1,201 @@ +From d75b05441772417a0828465a9483f16287937724 Mon Sep 17 00:00:00 2001 +From: Michael Crosby <crosbymichael@gmail.com> +Date: Mon, 23 Sep 2019 16:45:45 -0400 +Subject: [PATCH] Only allow proc mount if it is procfs + +Fixes #2128 + +This allows proc to be bind mounted for host and rootless namespace usecases but +it removes the ability to mount over the top of proc with a directory. + +```bash +> sudo docker run --rm apparmor +docker: Error response from daemon: OCI runtime create failed: +container_linux.go:346: starting container process caused "process_linux.go:449: +container init caused \"rootfs_linux.go:58: mounting +\\\"/var/lib/docker/volumes/aae28ea068c33d60e64d1a75916cf3ec2dc3634f97571854c9ed30c8401460c1/_data\\\" +to rootfs +\\\"/var/lib/docker/overlay2/a6be5ae911bf19f8eecb23a295dec85be9a8ee8da66e9fb55b47c841d1e381b7/merged\\\" +at \\\"/proc\\\" caused +\\\"\\\\\\\"/var/lib/docker/overlay2/a6be5ae911bf19f8eecb23a295dec85be9a8ee8da66e9fb55b47c841d1e381b7/merged/proc\\\\\\\" +cannot be mounted because it is not of type proc\\\"\"": unknown. + +> sudo docker run --rm -v /proc:/proc apparmor + +docker-default (enforce) root 18989 0.9 0.0 1288 4 ? +Ss 16:47 0:00 sleep 20 +``` + +Signed-off-by: Michael Crosby <crosbymichael@gmail.com> + +Upstream-Status: Backport [https://github.com/opencontainers/runc/pull/2129/commits/331692baa7afdf6c186f8667cb0e6362ea0802b3] + +CVE: CVE-2019-16884 + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + libcontainer/container_linux.go | 4 +-- + libcontainer/rootfs_linux.go | 50 +++++++++++++++++++++++-------- + libcontainer/rootfs_linux_test.go | 8 ++--- + 3 files changed, 43 insertions(+), 19 deletions(-) + +diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go +index 7e58e5e0..d51e35df 100644 +--- a/src/import/libcontainer/container_linux.go ++++ b/src/import/libcontainer/container_linux.go +@@ -19,7 +19,7 @@ import ( + "syscall" // only for SysProcAttr and Signal + "time" + +- "github.com/cyphar/filepath-securejoin" ++ securejoin "github.com/cyphar/filepath-securejoin" + "github.com/opencontainers/runc/libcontainer/cgroups" + "github.com/opencontainers/runc/libcontainer/configs" + "github.com/opencontainers/runc/libcontainer/intelrdt" +@@ -1160,7 +1160,7 @@ func (c *linuxContainer) makeCriuRestoreMountpoints(m *configs.Mount) error { + if err != nil { + return err + } +- if err := checkMountDestination(c.config.Rootfs, dest); err != nil { ++ if err := checkProcMount(c.config.Rootfs, dest, ""); err != nil { + return err + } + m.Destination = dest +diff --git a/libcontainer/rootfs_linux.go b/libcontainer/rootfs_linux.go +index f13b226e..5650b0ac 100644 +--- a/src/import/libcontainer/rootfs_linux.go ++++ b/src/import/libcontainer/rootfs_linux.go +@@ -13,7 +13,7 @@ import ( + "strings" + "time" + +- "github.com/cyphar/filepath-securejoin" ++ securejoin "github.com/cyphar/filepath-securejoin" + "github.com/mrunalp/fileutils" + "github.com/opencontainers/runc/libcontainer/cgroups" + "github.com/opencontainers/runc/libcontainer/configs" +@@ -197,7 +197,7 @@ func prepareBindMount(m *configs.Mount, rootfs string) error { + if dest, err = securejoin.SecureJoin(rootfs, m.Destination); err != nil { + return err + } +- if err := checkMountDestination(rootfs, dest); err != nil { ++ if err := checkProcMount(rootfs, dest, m.Source); err != nil { + return err + } + // update the mount with the correct dest after symlinks are resolved. +@@ -388,7 +388,7 @@ func mountToRootfs(m *configs.Mount, rootfs, mountLabel string, enableCgroupns b + if dest, err = securejoin.SecureJoin(rootfs, m.Destination); err != nil { + return err + } +- if err := checkMountDestination(rootfs, dest); err != nil { ++ if err := checkProcMount(rootfs, dest, m.Source); err != nil { + return err + } + // update the mount with the correct dest after symlinks are resolved. +@@ -435,12 +435,12 @@ func getCgroupMounts(m *configs.Mount) ([]*configs.Mount, error) { + return binds, nil + } + +-// checkMountDestination checks to ensure that the mount destination is not over the top of /proc. ++// checkProcMount checks to ensure that the mount destination is not over the top of /proc. + // dest is required to be an abs path and have any symlinks resolved before calling this function. +-func checkMountDestination(rootfs, dest string) error { +- invalidDestinations := []string{ +- "/proc", +- } ++// ++// if source is nil, don't stat the filesystem. This is used for restore of a checkpoint. ++func checkProcMount(rootfs, dest, source string) error { ++ const procPath = "/proc" + // White list, it should be sub directories of invalid destinations + validDestinations := []string{ + // These entries can be bind mounted by files emulated by fuse, +@@ -463,16 +463,40 @@ func checkMountDestination(rootfs, dest string) error { + return nil + } + } +- for _, invalid := range invalidDestinations { +- path, err := filepath.Rel(filepath.Join(rootfs, invalid), dest) ++ path, err := filepath.Rel(filepath.Join(rootfs, procPath), dest) ++ if err != nil { ++ return err ++ } ++ // pass if the mount path is located outside of /proc ++ if strings.HasPrefix(path, "..") { ++ return nil ++ } ++ if path == "." { ++ // an empty source is pasted on restore ++ if source == "" { ++ return nil ++ } ++ // only allow a mount on-top of proc if it's source is "proc" ++ isproc, err := isProc(source) + if err != nil { + return err + } +- if path != "." && !strings.HasPrefix(path, "..") { +- return fmt.Errorf("%q cannot be mounted because it is located inside %q", dest, invalid) ++ // pass if the mount is happening on top of /proc and the source of ++ // the mount is a proc filesystem ++ if isproc { ++ return nil + } ++ return fmt.Errorf("%q cannot be mounted because it is not of type proc", dest) + } +- return nil ++ return fmt.Errorf("%q cannot be mounted because it is inside /proc", dest) ++} ++ ++func isProc(path string) (bool, error) { ++ var s unix.Statfs_t ++ if err := unix.Statfs(path, &s); err != nil { ++ return false, err ++ } ++ return s.Type == unix.PROC_SUPER_MAGIC, nil + } + + func setupDevSymlinks(rootfs string) error { +diff --git a/libcontainer/rootfs_linux_test.go b/libcontainer/rootfs_linux_test.go +index d755984b..1bfe7c66 100644 +--- a/src/import/libcontainer/rootfs_linux_test.go ++++ b/src/import/libcontainer/rootfs_linux_test.go +@@ -10,7 +10,7 @@ import ( + + func TestCheckMountDestOnProc(t *testing.T) { + dest := "/rootfs/proc/sys" +- err := checkMountDestination("/rootfs", dest) ++ err := checkProcMount("/rootfs", dest, "") + if err == nil { + t.Fatal("destination inside proc should return an error") + } +@@ -18,7 +18,7 @@ func TestCheckMountDestOnProc(t *testing.T) { + + func TestCheckMountDestOnProcChroot(t *testing.T) { + dest := "/rootfs/proc/" +- err := checkMountDestination("/rootfs", dest) ++ err := checkProcMount("/rootfs", dest, "/proc") + if err != nil { + t.Fatal("destination inside proc when using chroot should not return an error") + } +@@ -26,7 +26,7 @@ func TestCheckMountDestOnProcChroot(t *testing.T) { + + func TestCheckMountDestInSys(t *testing.T) { + dest := "/rootfs//sys/fs/cgroup" +- err := checkMountDestination("/rootfs", dest) ++ err := checkProcMount("/rootfs", dest, "") + if err != nil { + t.Fatal("destination inside /sys should not return an error") + } +@@ -34,7 +34,7 @@ func TestCheckMountDestInSys(t *testing.T) { + + func TestCheckMountDestFalsePositive(t *testing.T) { + dest := "/rootfs/sysfiles/fs/cgroup" +- err := checkMountDestination("/rootfs", dest) ++ err := checkProcMount("/rootfs", dest, "") + if err != nil { + t.Fatal(err) + } +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-containers/runc/runc-docker/0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch b/external/meta-virtualization/recipes-containers/runc/runc-docker/0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch deleted file mode 100644 index faeac46f..00000000 --- a/external/meta-virtualization/recipes-containers/runc/runc-docker/0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch +++ /dev/null @@ -1,22 +0,0 @@ -From a9a2b9e72027d0b2357f6dfe8b154762aaa8dd02 Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield <bruce.ashfield@windriver.com> -Date: Thu, 19 Apr 2018 16:39:41 -0400 -Subject: [PATCH] build: drop recvtty and use GOBUILDFLAGS - -Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> ---- - Makefile | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -Index: git/src/import/Makefile -=================================================================== ---- git.orig/src/import/Makefile -+++ git/src/import/Makefile -@@ -41,7 +41,6 @@ - - static: $(SOURCES) - CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo osusergo cgo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . -- CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo osusergo cgo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty - - release: - script/release.sh -r release/$(VERSION) -v $(VERSION) diff --git a/external/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch b/external/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch index 9ccbccb2..0af74952 100644 --- a/external/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch +++ b/external/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch @@ -51,14 +51,13 @@ Index: git/src/import/signals.go pid1, err := process.Pid() if err != nil { -@@ -68,12 +66,61 @@ +@@ -68,11 +66,60 @@ if h.notifySocket != nil { if detach { h.notifySocket.run(pid1) - return 0, nil - } else { - go h.notifySocket.run(0) } + go h.notifySocket.run(0) } + if (detach) { @@ -118,7 +117,7 @@ Index: git/src/import/utils_linux.go =================================================================== --- git.orig/src/import/utils_linux.go +++ git/src/import/utils_linux.go -@@ -338,7 +338,7 @@ +@@ -347,7 +347,7 @@ if err != nil { r.terminate(process) } diff --git a/external/meta-virtualization/recipes-containers/runc/runc-docker_git.bb b/external/meta-virtualization/recipes-containers/runc/runc-docker_git.bb index 02bda318..8d810d01 100644 --- a/external/meta-virtualization/recipes-containers/runc/runc-docker_git.bb +++ b/external/meta-virtualization/recipes-containers/runc/runc-docker_git.bb @@ -2,11 +2,12 @@ include runc.inc # Note: this rev is before the required protocol field, update when all components # have been updated to match. -SRCREV_runc-docker = "6a2c15596845f6ff5182e2022f38a65e5dfa88eb" +SRCREV_runc-docker = "425e105d5a03fabd737a126ad93d62a9eeede87f" SRC_URI = "git://github.com/opencontainers/runc;nobranch=1;name=runc-docker \ file://0001-runc-Add-console-socket-dev-null.patch \ - file://0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch \ + file://0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch \ file://0001-runc-docker-SIGUSR1-daemonize.patch \ + file://0001-Only-allow-proc-mount-if-it-is-procfs.patch \ " -RUNC_VERSION = "1.0.0-rc5" +RUNC_VERSION = "1.0.0-rc8" diff --git a/external/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb b/external/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb index eaee8efa..3a7e7aaf 100644 --- a/external/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb +++ b/external/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb @@ -1,7 +1,9 @@ include runc.inc -SRCREV = "6a2c15596845f6ff5182e2022f38a65e5dfa88eb" +SRCREV = "652297c7c7e6c94e8d064ad5916c32891a6fd388" SRC_URI = " \ git://github.com/opencontainers/runc;branch=master \ + file://0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch \ + file://0001-Only-allow-proc-mount-if-it-is-procfs.patch \ " -RUNC_VERSION = "1.0.0-rc5" +RUNC_VERSION = "1.0.0-rc8" diff --git a/external/meta-virtualization/recipes-containers/runc/runc.inc b/external/meta-virtualization/recipes-containers/runc/runc.inc index 6d11a6ef..41ea41be 100644 --- a/external/meta-virtualization/recipes-containers/runc/runc.inc +++ b/external/meta-virtualization/recipes-containers/runc/runc.inc @@ -14,10 +14,11 @@ inherit go inherit goarch inherit pkgconfig -PACKAGECONFIG ??= "" +PACKAGECONFIG ??= "static" PACKAGECONFIG[seccomp] = "seccomp,,libseccomp" +# This PACKAGECONFIG serves the purpose of whether building runc as static or not +PACKAGECONFIG[static] = "" -RRECOMMENDS_${PN} = "lxc docker" PROVIDES += "virtual/runc" RPROVIDES_${PN} = "virtual/runc" @@ -55,7 +56,11 @@ do_compile() { export CFLAGS="" export LDFLAGS="" - oe_runmake static + if ${@bb.utils.contains('PACKAGECONFIG', 'static', 'true', 'false', d)}; then + oe_runmake static + else + oe_runmake runc + fi } do_install() { @@ -65,4 +70,3 @@ do_install() { ln -sf runc ${D}/${bindir}/docker-runc } -INHIBIT_PACKAGE_STRIP = "1" diff --git a/external/meta-virtualization/recipes-containers/singularity/singularity/0001-Use-python3.patch b/external/meta-virtualization/recipes-containers/singularity/singularity/0001-Use-python3.patch new file mode 100644 index 00000000..dbfe06e4 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/singularity/singularity/0001-Use-python3.patch @@ -0,0 +1,148 @@ +From 758c1edc7bf3d2a023954f4fcc9ddf46fd370272 Mon Sep 17 00:00:00 2001 +From: Martin Jansa <Martin.Jansa@gmail.com> +Date: Thu, 21 May 2020 14:14:56 +0200 +Subject: [PATCH] Use python3 + +* without /usr/bin/python this just fails to configure with: + | checking for python... no + | configure: error: Please install python before installing. + | WARNING: exit code 1 from a shell command. + +Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> +--- + configure.ac | 6 +++--- + etc/configure_transform.py | 2 +- + libexec/python/helpers/json/add.py | 2 +- + libexec/python/helpers/json/delete.py | 2 +- + libexec/python/helpers/json/dump.py | 2 +- + libexec/python/helpers/json/get.py | 2 +- + libexec/python/helpers/json/inspect.py | 2 +- + libexec/python/import.py | 2 +- + libexec/python/pull.py | 2 +- + libexec/python/shub/api.py | 2 +- + libexec/python/size.py | 2 +- + 11 files changed, 13 insertions(+), 13 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 8ffa5ab32..71a1605b2 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -251,15 +251,15 @@ fi + # PYTHON + # --------------------------------------------------------------------- + +-AC_CHECK_PROG(PYTHON_CHECK,python,yes) ++AC_CHECK_PROG(PYTHON_CHECK,python3,yes) + if test x"$PYTHON_CHECK" != x"yes" ; then +- AC_MSG_ERROR([Please install python before installing.]) ++ AC_MSG_ERROR([Please install python3 before installing.]) + else + + PYTHON_MODULES="base64 datetime glob hashlib io itertools json math multiprocessing pickle pwd re shutil signal subprocess stat sys tarfile tempfile time" + for PYTHON_MODULE in $PYTHON_MODULES; do + AC_MSG_CHECKING([for the $PYTHON_MODULE python module]) +- python_module_result=`python -c "import $PYTHON_MODULE" 2>&1` ++ python_module_result=`python3 -c "import $PYTHON_MODULE" 2>&1` + if test -z "$python_module_result"; then + AC_MSG_RESULT([yes]) + else +diff --git a/etc/configure_transform.py b/etc/configure_transform.py +index a1ff5c427..9ec445d21 100755 +--- a/etc/configure_transform.py ++++ b/etc/configure_transform.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # + # Copyright (c) 2017, SingularityWare, LLC. All rights reserved. + # +diff --git a/libexec/python/helpers/json/add.py b/libexec/python/helpers/json/add.py +index b24aec75a..22abbbeb9 100644 +--- a/libexec/python/helpers/json/add.py ++++ b/libexec/python/helpers/json/add.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + ''' + +diff --git a/libexec/python/helpers/json/delete.py b/libexec/python/helpers/json/delete.py +index 0975e4e60..07e255228 100644 +--- a/libexec/python/helpers/json/delete.py ++++ b/libexec/python/helpers/json/delete.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + ''' + +diff --git a/libexec/python/helpers/json/dump.py b/libexec/python/helpers/json/dump.py +index ddba06e4a..37a8edf70 100644 +--- a/libexec/python/helpers/json/dump.py ++++ b/libexec/python/helpers/json/dump.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + ''' + +diff --git a/libexec/python/helpers/json/get.py b/libexec/python/helpers/json/get.py +index 355be9040..d1d822aea 100644 +--- a/libexec/python/helpers/json/get.py ++++ b/libexec/python/helpers/json/get.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + ''' + +diff --git a/libexec/python/helpers/json/inspect.py b/libexec/python/helpers/json/inspect.py +index 65772a4ef..61c723495 100644 +--- a/libexec/python/helpers/json/inspect.py ++++ b/libexec/python/helpers/json/inspect.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + ''' + +diff --git a/libexec/python/import.py b/libexec/python/import.py +index 2ec208417..1c58eda5c 100644 +--- a/libexec/python/import.py ++++ b/libexec/python/import.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + ''' + +diff --git a/libexec/python/pull.py b/libexec/python/pull.py +index 1cd705c90..4431023f3 100644 +--- a/libexec/python/pull.py ++++ b/libexec/python/pull.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + ''' + +diff --git a/libexec/python/shub/api.py b/libexec/python/shub/api.py +index 850d167e7..3c8313ad5 100644 +--- a/libexec/python/shub/api.py ++++ b/libexec/python/shub/api.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + ''' + +diff --git a/libexec/python/size.py b/libexec/python/size.py +index 34331fd27..99581ce52 100644 +--- a/libexec/python/size.py ++++ b/libexec/python/size.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + ''' + diff --git a/external/meta-virtualization/recipes-containers/singularity/singularity_git.bb b/external/meta-virtualization/recipes-containers/singularity/singularity_git.bb index 6fee8f35..103270dd 100644 --- a/external/meta-virtualization/recipes-containers/singularity/singularity_git.bb +++ b/external/meta-virtualization/recipes-containers/singularity/singularity_git.bb @@ -3,9 +3,6 @@ INSANE_SKIP_${PN} += "dev-so" RDEPENDS_${PN} += "glibc python3 ca-certificates openssl bash e2fsprogs-mke2fs" -# Singularity expects to find python3 under the name python, therefore both -# cannot be installed at the same time. -RCONFLICTS_${PN} = "python" LICENSE = "BSD" LIC_FILES_CHKSUM = "file://COPYRIGHT.md;md5=be78c34e483dd7d8439358b1e024b294 \ @@ -13,23 +10,20 @@ LIC_FILES_CHKSUM = "file://COPYRIGHT.md;md5=be78c34e483dd7d8439358b1e024b294 \ file://LICENSE.md;md5=df4326b473db6424033f1d98a5645e30 \ file://debian/copyright;md5=ed267cf386d9b75ab1f27f407e935b10" -SRC_URI = "git://github.com/singularityware/singularity.git;protocol=https" +SRC_URI = "git://github.com/singularityware/singularity.git;protocol=https \ + file://0001-Use-python3.patch \ +" PV = "2.3.1+git${SRCPV}" SRCREV = "e214d4ebf0a1274b1c63b095fd55ae61c7e92947" S = "${WORKDIR}/git" -inherit pythonnative autotools-brokensep +inherit python3native autotools-brokensep EXTRA_OECONF = "--prefix=/usr/local" pkg_postinst_${PN}() { - # Singularity requires "python" to resolve to "python3" within the commandline. - # This creates a symbolic link from python3 to python. A side-effect of this is - # that scripts which expect Python 2 may fail to run correctly. - ln -sr $D${bindir}/python3 $D${bindir}/python - # python3 expects CA certificates to be installed in a different place to where # they are actually installed. These lines link the two locations. - rm -r $D${libdir}/ssl-1.1/certs - ln -sr $D${sysconfdir}/ssl/certs $D${libdir}/ssl-1.1 + rm -r $D${libdir}/ssl/certs + ln -sr $D${sysconfdir}/ssl/certs $D${libdir}/ssl } diff --git a/external/meta-virtualization/recipes-containers/skopeo/files/registries.conf b/external/meta-virtualization/recipes-containers/skopeo/files/registries.conf new file mode 100644 index 00000000..ba6c3f6e --- /dev/null +++ b/external/meta-virtualization/recipes-containers/skopeo/files/registries.conf @@ -0,0 +1,25 @@ +# This is a system-wide configuration file used to +# keep track of registries for various container backends. +# It adheres to TOML format and does not support recursive +# lists of registries. + +# The default location for this configuration file is /etc/containers/registries.conf. + +# The only valid categories are: 'registries.search', 'registries.insecure', +# and 'registries.block'. + +[registries.search] +registries = ['docker.io', 'registry.fedoraproject.org', 'quay.io', 'registry.access.redhat.com', 'registry.centos.org'] + +# If you need to access insecure registries, add the registry's fully-qualified name. +# An insecure registry is one that does not have a valid SSL certificate or only does HTTP. +[registries.insecure] +registries = [] + + +# If you need to block pull access from a registry, uncomment the section below +# and add the registries fully-qualified name. +# +# Docker only +[registries.block] +registries = [] diff --git a/external/meta-virtualization/recipes-containers/skopeo/files/storage.conf b/external/meta-virtualization/recipes-containers/skopeo/files/storage.conf new file mode 100644 index 00000000..818cfe8f --- /dev/null +++ b/external/meta-virtualization/recipes-containers/skopeo/files/storage.conf @@ -0,0 +1,133 @@ +# This file is is the configuration file for all tools +# that use the containers/storage library. +# See man 5 containers-storage.conf for more information +# The "container storage" table contains all of the server options. +[storage] + +# Default Storage Driver +driver = "overlay" + +# Temporary storage location +runroot = "/var/run/containers/storage" + +# Primary Read/Write location of container storage +graphroot = "/var/lib/containers/storage" + +[storage.options] +# Storage options to be passed to underlying storage drivers + +# AdditionalImageStores is used to pass paths to additional Read/Only image stores +# Must be comma separated list. +additionalimagestores = [ +] + +# Size is used to set a maximum size of the container image. Only supported by +# certain container storage drivers. +size = "" + +# Path to an helper program to use for mounting the file system instead of mounting it +# directly. +#mount_program = "/usr/bin/fuse-overlayfs" + +# OverrideKernelCheck tells the driver to ignore kernel checks based on kernel version +override_kernel_check = "true" + +# mountopt specifies comma separated list of extra mount options +mountopt = "nodev" + +# Remap-UIDs/GIDs is the mapping from UIDs/GIDs as they should appear inside of +# a container, to UIDs/GIDs as they should appear outside of the container, and +# the length of the range of UIDs/GIDs. Additional mapped sets can be listed +# and will be heeded by libraries, but there are limits to the number of +# mappings which the kernel will allow when you later attempt to run a +# container. +# +# remap-uids = 0:1668442479:65536 +# remap-gids = 0:1668442479:65536 + +# Remap-User/Group is a name which can be used to look up one or more UID/GID +# ranges in the /etc/subuid or /etc/subgid file. Mappings are set up starting +# with an in-container ID of 0 and the a host-level ID taken from the lowest +# range that matches the specified name, and using the length of that range. +# Additional ranges are then assigned, using the ranges which specify the +# lowest host-level IDs first, to the lowest not-yet-mapped container-level ID, +# until all of the entries have been used for maps. +# +# remap-user = "storage" +# remap-group = "storage" + +[storage.options.thinpool] +# Storage Options for thinpool + +# autoextend_percent determines the amount by which pool needs to be +# grown. This is specified in terms of % of pool size. So a value of 20 means +# that when threshold is hit, pool will be grown by 20% of existing +# pool size. +# autoextend_percent = "20" + +# autoextend_threshold determines the pool extension threshold in terms +# of percentage of pool size. For example, if threshold is 60, that means when +# pool is 60% full, threshold has been hit. +# autoextend_threshold = "80" + +# basesize specifies the size to use when creating the base device, which +# limits the size of images and containers. +# basesize = "10G" + +# blocksize specifies a custom blocksize to use for the thin pool. +# blocksize="64k" + +# directlvm_device specifies a custom block storage device to use for the +# thin pool. Required if you setup devicemapper. +# directlvm_device = "" + +# directlvm_device_force wipes device even if device already has a filesystem. +# directlvm_device_force = "True" + +# fs specifies the filesystem type to use for the base device. +# fs="xfs" + +# log_level sets the log level of devicemapper. +# 0: LogLevelSuppress 0 (Default) +# 2: LogLevelFatal +# 3: LogLevelErr +# 4: LogLevelWarn +# 5: LogLevelNotice +# 6: LogLevelInfo +# 7: LogLevelDebug +# log_level = "7" + +# min_free_space specifies the min free space percent in a thin pool require for +# new device creation to succeed. Valid values are from 0% - 99%. +# Value 0% disables +# min_free_space = "10%" + +# mkfsarg specifies extra mkfs arguments to be used when creating the base. +# device. +# mkfsarg = "" + +# use_deferred_removal marks devicemapper block device for deferred removal. +# If the thinpool is in use when the driver attempts to remove it, the driver +# tells the kernel to remove it as soon as possible. Note this does not free +# up the disk space, use deferred deletion to fully remove the thinpool. +# use_deferred_removal = "True" + +# use_deferred_deletion marks thinpool device for deferred deletion. +# If the device is busy when the driver attempts to delete it, the driver +# will attempt to delete device every 30 seconds until successful. +# If the program using the driver exits, the driver will continue attempting +# to cleanup the next time the driver is used. Deferred deletion permanently +# deletes the device and all data stored in device will be lost. +# use_deferred_deletion = "True" + +# xfs_nospace_max_retries specifies the maximum number of retries XFS should +# attempt to complete IO when ENOSPC (no space) error is returned by +# underlying storage device. +# xfs_nospace_max_retries = "0" + +# If specified, use OSTree to deduplicate files with the overlay backend +ostree_repo = "" + +# Set to skip a PRIVATE bind mount on the storage home directory. Only supported by +# certain container storage drivers +skip_mount_home = "false" diff --git a/external/meta-virtualization/recipes-containers/skopeo/skopeo_git.bb b/external/meta-virtualization/recipes-containers/skopeo/skopeo_git.bb new file mode 100644 index 00000000..f5a62313 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/skopeo/skopeo_git.bb @@ -0,0 +1,80 @@ +HOMEPAGE = "https://github.com/containers/skopeo" +SUMMARY = "Work with remote images registries - retrieving information, images, signing content" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=7e611105d3e369954840a6668c438584" + +DEPENDS = " \ + gpgme \ + multipath-tools \ + btrfs-tools \ + glib-2.0 \ + ostree \ +" + +inherit go + +RDEPENDS_${PN} = " \ + gpgme \ + libgpg-error \ + libassuan \ +" + +SRC_URI = " \ + git://github.com/containers/skopeo \ + file://storage.conf \ + file://registries.conf \ +" + +SRCREV = "1cf1e06582142c522543560f2bc6d6756696e8ad" +PV = "v0.1.39-dev+git${SRCPV}" +GO_IMPORT = "import" + +S = "${WORKDIR}/git" + +inherit goarch +inherit pkgconfig + +# This disables seccomp and apparmor, which are on by default in the +# go package. +EXTRA_OEMAKE="BUILDTAGS=''" + +do_compile() { + export GOARCH="${TARGET_GOARCH}" + + # Setup vendor directory so that it can be used in GOPATH. + # + # Go looks in a src directory under any directory in GOPATH but riddler + # uses 'vendor' instead of 'vendor/src'. We can fix this with a symlink. + # + # We also need to link in the ipallocator directory as that is not under + # a src directory. + ln -sfn . "${S}/src/import/vendor/src" + mkdir -p "${S}/src/import/vendor/src/github.com/projectatomic/skopeo" + ln -sfn "${S}/src/import/skopeo" "${S}/src/import/vendor/src/github.com/projectatomic/skopeo" + ln -sfn "${S}/src/import/version" "${S}/src/import/vendor/src/github.com/projectatomic/skopeo/version" + export GOPATH="${S}/src/import/vendor" + + # Pass the needed cflags/ldflags so that cgo + # can find the needed headers files and libraries + export CGO_ENABLED="1" + export CFLAGS="" + export LDFLAGS="" + export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}" + export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" + cd ${S}/src/import + + oe_runmake binary-local +} + +do_install() { + install -d ${D}/${sbindir} + install -d ${D}/${sysconfdir}/containers + + install ${S}/src/import/skopeo ${D}/${sbindir}/ + install ${S}/src/import/default-policy.json ${D}/${sysconfdir}/containers/policy.json + + install ${WORKDIR}/storage.conf ${D}/${sysconfdir}/containers/storage.conf + install ${WORKDIR}/registries.conf ${D}/${sysconfdir}/containers/registries.conf +} + +INSANE_SKIP_${PN} += "ldflags" diff --git a/external/meta-virtualization/recipes-containers/sloci-image/sloci-image-native_git.bb b/external/meta-virtualization/recipes-containers/sloci-image/sloci-image-native_git.bb new file mode 100644 index 00000000..56e8e0f1 --- /dev/null +++ b/external/meta-virtualization/recipes-containers/sloci-image/sloci-image-native_git.bb @@ -0,0 +1,22 @@ +SUMMARY = "A simple CLI tool for packing rootfs into a single-layer OCI image" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://git/LICENSE;md5=948cd8e59069fad992b0469af9ad7966" +SRC_URI = "git://github.com/jirutka/sloci-image.git" + +DEPENDS = "" + +SRCREV = "4015e49763e5a738026a5bbfcf32b38b5a4fa650" +PV = "v0.1.0+git${SRCPV}" + +inherit native + +S = "${WORKDIR}" + +do_compile() { + : +} + +do_install() { + cd ${S}/git + make PREFIX="${exec_prefix}" DESTDIR=${D} install +} diff --git a/external/meta-virtualization/recipes-core/busybox/busybox/static.cfg b/external/meta-virtualization/recipes-core/busybox/busybox/static.cfg new file mode 100644 index 00000000..72079a1c --- /dev/null +++ b/external/meta-virtualization/recipes-core/busybox/busybox/static.cfg @@ -0,0 +1,4 @@ +CONFIG_STATIC=y +CONFIG_INSTALL=y +CONFIG_FEATURE_INSTALLER=y + diff --git a/external/meta-virtualization/recipes-core/busybox/busybox_%.bbappend b/external/meta-virtualization/recipes-core/busybox/busybox_%.bbappend index 617caccb..3d39bba3 100644 --- a/external/meta-virtualization/recipes-core/busybox/busybox_%.bbappend +++ b/external/meta-virtualization/recipes-core/busybox/busybox_%.bbappend @@ -1 +1,3 @@ require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', '${BPN}_virtualization.inc', '', d)} +require ${@bb.utils.contains('DISTRO_FEATURES', 'vmsep', '${BPN}_vmsep.inc', '', d)} + diff --git a/external/meta-virtualization/recipes-core/busybox/busybox_vmsep.inc b/external/meta-virtualization/recipes-core/busybox/busybox_vmsep.inc new file mode 100644 index 00000000..d4b1e6cc --- /dev/null +++ b/external/meta-virtualization/recipes-core/busybox/busybox_vmsep.inc @@ -0,0 +1,9 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/busybox:" +SRC_URI += " \ + file://static.cfg \ + " + +# we do this to get the target binary available to recipes that +# depend on busybox +SYSROOT_DIRS += "/bin" +BUSYBOX_SPLIT_SUID = "0" diff --git a/external/meta-virtualization/recipes-core/initscripts/initscripts_1.%.bbappend b/external/meta-virtualization/recipes-core/initscripts/initscripts_1.%.bbappend index 0600ab2a..96b4ac57 100644 --- a/external/meta-virtualization/recipes-core/initscripts/initscripts_1.%.bbappend +++ b/external/meta-virtualization/recipes-core/initscripts/initscripts_1.%.bbappend @@ -1,16 +1,2 @@ -do_install_append() { +require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', '${BPN}_virtualization.inc', '', d)} - echo >> ${D}${sysconfdir}/init.d/functions - echo success \(\) \{ >> ${D}${sysconfdir}/init.d/functions - echo \ \ \ \ echo \$* >> ${D}${sysconfdir}/init.d/functions - echo \} >> ${D}${sysconfdir}/init.d/functions - echo failure \(\) \{ >> ${D}${sysconfdir}/init.d/functions - echo \ \ \ \ echo \$* >> ${D}${sysconfdir}/init.d/functions - echo \} >> ${D}${sysconfdir}/init.d/functions - echo warning \(\) \{ >> ${D}${sysconfdir}/init.d/functions - echo \ \ \ \ echo \$* >> ${D}${sysconfdir}/init.d/functions - echo \} >> ${D}${sysconfdir}/init.d/functions - echo begin \(\) \{ >> ${D}${sysconfdir}/init.d/functions - echo \ \ \ \ echo \$* >> ${D}${sysconfdir}/init.d/functions - echo \} >> ${D}${sysconfdir}/init.d/functions -} diff --git a/external/meta-virtualization/recipes-core/initscripts/initscripts_virtualization.inc b/external/meta-virtualization/recipes-core/initscripts/initscripts_virtualization.inc new file mode 100644 index 00000000..0600ab2a --- /dev/null +++ b/external/meta-virtualization/recipes-core/initscripts/initscripts_virtualization.inc @@ -0,0 +1,16 @@ +do_install_append() { + + echo >> ${D}${sysconfdir}/init.d/functions + echo success \(\) \{ >> ${D}${sysconfdir}/init.d/functions + echo \ \ \ \ echo \$* >> ${D}${sysconfdir}/init.d/functions + echo \} >> ${D}${sysconfdir}/init.d/functions + echo failure \(\) \{ >> ${D}${sysconfdir}/init.d/functions + echo \ \ \ \ echo \$* >> ${D}${sysconfdir}/init.d/functions + echo \} >> ${D}${sysconfdir}/init.d/functions + echo warning \(\) \{ >> ${D}${sysconfdir}/init.d/functions + echo \ \ \ \ echo \$* >> ${D}${sysconfdir}/init.d/functions + echo \} >> ${D}${sysconfdir}/init.d/functions + echo begin \(\) \{ >> ${D}${sysconfdir}/init.d/functions + echo \ \ \ \ echo \$* >> ${D}${sysconfdir}/init.d/functions + echo \} >> ${D}${sysconfdir}/init.d/functions +} diff --git a/external/meta-virtualization/recipes-core/libxcrypt/libxcrypt_%.bbappend b/external/meta-virtualization/recipes-core/libxcrypt/libxcrypt_%.bbappend new file mode 100644 index 00000000..0b4fbb3d --- /dev/null +++ b/external/meta-virtualization/recipes-core/libxcrypt/libxcrypt_%.bbappend @@ -0,0 +1,4 @@ +# if vmsep is in distro features, we need a static libxycryp, so we can build +# a static busybox. The end result of this is: +# EXTRA_OECONF_remove = "--disable-static" +EXTRA_OECONF_remove = "${@bb.utils.contains('DISTRO_FEATURES', 'vmsep', '--disable-static', '', d)}" diff --git a/external/meta-virtualization/recipes-core/runv/runv_git.bb b/external/meta-virtualization/recipes-core/runv/runv_git.bb index 0301dd28..ef94f096 100644 --- a/external/meta-virtualization/recipes-core/runv/runv_git.bb +++ b/external/meta-virtualization/recipes-core/runv/runv_git.bb @@ -78,5 +78,4 @@ deltask compile_ptest_base FILES_${PN} += "/usr/local/bin/*" -INHIBIT_PACKAGE_STRIP = "1" INSANE_SKIP_${PN} += "ldflags already-stripped" diff --git a/external/meta-virtualization/recipes-core/runx/runx/0001-make-initrd-cross-install-tweaks.patch b/external/meta-virtualization/recipes-core/runx/runx/0001-make-initrd-cross-install-tweaks.patch new file mode 100644 index 00000000..c9fdc5d6 --- /dev/null +++ b/external/meta-virtualization/recipes-core/runx/runx/0001-make-initrd-cross-install-tweaks.patch @@ -0,0 +1,42 @@ +From d8bd5749e6fc6e0c86a8720044ec78167bab3569 Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@xilinx.com> +Date: Mon, 16 Dec 2019 22:03:14 -0800 +Subject: [PATCH] make-initrd: cross install tweaks + +Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com> +--- + kernel/make-initrd | 18 ++++++++++++++++-- + 1 file changed, 16 insertions(+), 2 deletions(-) + +diff --git a/kernel/make-initrd b/kernel/make-initrd +index 4c299dc..9ef386f 100755 +--- a/kernel/make-initrd ++++ b/kernel/make-initrd +@@ -16,8 +16,22 @@ mkdir -p $tmpdir/sys + mkdir -p $tmpdir/lib + mkdir -p $tmpdir/var + mkdir -p $tmpdir/mnt +-cp `which busybox` $tmpdir/bin +-$tmpdir/bin/busybox --install $tmpdir/bin ++ ++ ++if [ -z "$BUSYBOX" ]; then ++ BUSYBOX=`which busybox` ++fi ++cp $BUSYBOX $tmpdir/bin ++if [ -n "$CROSS_COMPILE" ]; then ++ echo "cross compiling, busybox --install emulation" ++ if [ -n "$QEMU_USER" ]; then ++ $QEMU_USER $tmpdir/bin/busybox --install $tmpdir/bin ++ else ++ echo "QEMU_USER is not defined, no binary symlinks will be available" ++ fi ++else ++ $tmpdir/bin/busybox --install $tmpdir/bin ++fi + + cp $init $tmpdir/init + chmod +x $tmpdir/init +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-core/runx/runx/0001-make-kernel-cross-compilation-tweaks.patch b/external/meta-virtualization/recipes-core/runx/runx/0001-make-kernel-cross-compilation-tweaks.patch new file mode 100644 index 00000000..7d66f421 --- /dev/null +++ b/external/meta-virtualization/recipes-core/runx/runx/0001-make-kernel-cross-compilation-tweaks.patch @@ -0,0 +1,86 @@ +From 7e3498ab7c375bd545de501920acffa77eb24120 Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@xilinx.com> +Date: Mon, 16 Dec 2019 20:42:04 -0800 +Subject: [PATCH] make-kernel: cross-compilation tweaks + +Signed-off-by: Bruce Ashfield <bruce.ashfield@xilinx.com> +--- + kernel/make-kernel | 41 +++++++++++++++++++++++++++++++++-------- + 1 file changed, 33 insertions(+), 8 deletions(-) + +diff --git a/kernel/make-kernel b/kernel/make-kernel +index 33b7150..c684669 100755 +--- a/kernel/make-kernel ++++ b/kernel/make-kernel +@@ -13,6 +13,7 @@ fi + + kernel_stuffdir=`readlink -f kernel` + kernel_outpath=$kernel_stuffdir/out ++kernel_srcdir=$kernel_stuffdir/src + kernel_builddir=$kernel_stuffdir/build + kernel_out=$kernel_outpath/kernel + +@@ -22,28 +23,52 @@ kernel_tarball="$kernel_name".tar.xz + kernel_url=https://www.kernel.org/pub/linux/kernel/v4.x/"$kernel_tarball" + kernel_src_config="$kernel_stuffdir"/cutdown-config.$ARCH + kernel_patchesdir="$kernel_stuffdir"/patches +-kernel_image="$kernel_builddir"/"$kernel_name"/arch/"$ARCH"/boot/"$image" ++kernel_image="$kernel_builddir"/arch/"$ARCH"/boot/"$image" + ++echo "#########################" ++echo "kernel build summary:" ++echo " version: $kernel_version" ++echo " url: $kernel_url" ++echo " src dir: $kernel_srcdir" ++echo " out dir: $kernel_builddir" ++echo " artifacts: $kernel_out" ++echo " image: $image" ++echo " build vars: $build_vars" ++echo "#########################" + +-rm -rf $kernel_outpath ++if [ ! -e "$kernel_builddir/.config" ]; ++then ++ rm -rf $kernel_buildir ++fi + mkdir -p $kernel_outpath + mkdir -p $kernel_builddir ++mkdir -p $kernel_srcdir + + if [[ ! -f $kernel_builddir/$kernel_tarball ]] + then ++ echo "fetching the kernel .." + wget -O $kernel_builddir/$kernel_tarball --tries=20 $kernel_url + fi +-if [[ ! -d $kernel_builddir/$kernel_name ]] ++ ++if [[ ! -d $kernel_srcdir/$kernel_name ]] + then +- tar --extract --xz --touch --file="$kernel_builddir/$kernel_tarball" --directory="$kernel_builddir" +- cd $kernel_builddir/$kernel_name ++ echo "extracting the kernel ..." ++ echo " tar --extract --xz --touch --file=\"$kernel_builddir/$kernel_tarball\" --directory=\"$kernel_srcdir\"" ++ tar --extract --xz --touch --file="$kernel_builddir/$kernel_tarball" --directory="$kernel_srcdir" ++ cd $kernel_srcdir/$kernel_name + for i in $kernel_patchesdir/* + do + patch -p1 < $i + done +- cp $kernel_src_config .config + fi +-cd $kernel_builddir/$kernel_name +-make -j4 $image ++if [[ ! -f $kernel_builddir/.config ]] ++then ++ cp $kernel_src_config $kernel_builddir/.config ++fi ++cd $kernel_srcdir/$kernel_name ++ ++echo "building the kernel ..." ++eval make O=$kernel_builddir $build_vars oldconfig ++eval make -j4 O=$kernel_builddir $build_vars $image + + cp $kernel_image $kernel_out +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-core/runx/runx_git.bb b/external/meta-virtualization/recipes-core/runx/runx_git.bb new file mode 100644 index 00000000..3b4cd335 --- /dev/null +++ b/external/meta-virtualization/recipes-core/runx/runx_git.bb @@ -0,0 +1,104 @@ +HOMEPAGE = "https://github.com/lf-edge/runx" +SUMMARY = "runx stuff" +DESCRIPTION = "Xen Runtime for OCI" + +SRCREV_runx = "da0c75c58ae5232d19b1791c33545db3225e1ea9" +SRC_URI = "\ + git://github.com/lf-edge/runx;nobranch=1;name=runx \ + https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.15.tar.xz;destsuffix=git/kernel/build \ + file://0001-make-kernel-cross-compilation-tweaks.patch \ + file://0001-make-initrd-cross-install-tweaks.patch \ + " +SRC_URI[md5sum] = "0d701ac1e2a67d47ce7127432df2c32b" +SRC_URI[sha256sum] = "5a26478906d5005f4f809402e981518d2b8844949199f60c4b6e1f986ca2a769" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=945fc9aa694796a6337395cc291ddd8c" + +S = "${WORKDIR}/git" +PV = "0.1-git${SRCREV_runx}" + +inherit features_check +REQUIRED_DISTRO_FEATURES = "vmsep" + +inherit pkgconfig +# for the kernel build +inherit kernel-arch + +# we have a busybox bbappend that makes /bin available to the +# sysroot, and hence gets us the target binary that we need +DEPENDS = "busybox go-build" + +# for the kernel build phase +DEPENDS += "openssl-native coreutils-native util-linux-native xz-native bc-native" +DEPENDS += "qemu-native" + +RDEPENDS_${PN} += " jq bash" +RDEPENDS_${PN} += " xen-tools-xl go-build socat daemonize" + +do_compile() { + # we'll need this for the initrd later, so lets error if it isn't what + # we expect (statically linked) + file ${STAGING_DIR_HOST}/bin/busybox.nosuid + + # prep steps to short circuit some of make-kernel's fetching and + # building. + mkdir -p ${S}/kernel/build + mkdir -p ${S}/kernel/src + cp ${DL_DIR}/linux-4.15.tar.xz ${S}/kernel/build/ + + # In the future, we might want to link the extracted kernel source (if + # we move patches to recipe space, but for now, we need make-kernel to + # extract a copy and possibly patch it. + # ln -sf ${WORKDIR}/linux-4.15 ${S}/kernel/src/ + + # build the kernel + echo "[INFO]: runx: building the kernel" + + export KERNEL_CC="${KERNEL_CC}" + export KERNEL_LD="${KERNEL_LD}" + export ARCH="${ARCH}" + export HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" + export HOSTCPP="${BUILD_CPP}" + export CROSS_COMPILE="${CROSS_COMPILE}" + export build_vars="HOSTCC='$HOSTCC' STRIP='$STRIP' OBJCOPY='$OBJCOPY' ARCH=$ARCH CC='$KERNEL_CC' LD='$KERNEL_LD'" + + unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS MACHINE + + # We want make-kernel, to have the following build lines: + # make O=$kernel_builddir HOSTCC="${HOSTCC}" ARCH=$ARCH oldconfig + # make -j4 O=$kernel_builddir HOSTCC="${HOSTCC}" STRIP="$STRIP" OBJCOPY="$OBJCOPY" ARCH=$ARCH CC="$KERNEL_CC" LD="$KERNEL_LD" $image + ${S}/kernel/make-kernel + + # construct the initrd + echo "[INFO]: runx: constructing the initrd" + + cp ${STAGING_DIR_HOST}/bin/busybox.nosuid ${WORKDIR}/busybox + export QEMU_USER=`which qemu-${HOST_ARCH}` + export BUSYBOX="${WORKDIR}/busybox" + export CROSS_COMPILE="t" + ${S}/kernel/make-initrd +} + +do_install() { + install -d ${D}${bindir} + install -m 755 ${S}/runX ${D}${bindir} + + install -d ${D}${datadir}/runX + install -m 755 ${S}/kernel/out/kernel ${D}/${datadir}/runX + install -m 755 ${S}/kernel/out/initrd ${D}/${datadir}/runX + install -m 755 ${S}/files/start ${D}/${datadir}/runX + install -m 755 ${S}/files/state ${D}/${datadir}/runX + install -m 755 ${S}/files/delete ${D}/${datadir}/runX + install -m 755 ${S}/files/serial_bridge ${D}/${datadir}/runX + install -m 755 ${S}/files/serial_start ${D}/${datadir}/runX + + +} + +deltask compile_ptest_base + +FILES_${PN} += "${bindir}/* ${datadir}/runX/*" + +INHIBIT_PACKAGE_STRIP = "1" +INSANE_SKIP_${PN} += "ldflags already-stripped" diff --git a/external/meta-virtualization/recipes-core/sysvinit/files/getty-wrapper b/external/meta-virtualization/recipes-core/sysvinit/files/getty-wrapper new file mode 100644 index 00000000..236e29e7 --- /dev/null +++ b/external/meta-virtualization/recipes-core/sysvinit/files/getty-wrapper @@ -0,0 +1,8 @@ +#!/bin/sh +if test -c /dev/"$2" +then + exec /sbin/getty $* +else + exec sleep 3600d +fi + diff --git a/external/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend b/external/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend index 8c088325..4b3c020b 100644 --- a/external/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend +++ b/external/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend @@ -1 +1,11 @@ require ${@bb.utils.contains('DISTRO_FEATURES', 'xen', 'sysvinit-inittab_xen.inc', '', d)} + +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" + +SRC_URI += "file://getty-wrapper" + +do_install_append() { + install -d ${D}${base_sbindir} + install -m 0755 ${WORKDIR}/getty-wrapper ${D}${base_sbindir}/getty-wrapper +} +FILES_${PN} += "${base_sbindir}/getty-wrapper" diff --git a/external/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_xen.inc b/external/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_xen.inc index 9d0589ce..de0af20b 100644 --- a/external/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_xen.inc +++ b/external/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_xen.inc @@ -1,4 +1,4 @@ do_install_append() { echo "" >> ${D}${sysconfdir}/inittab - echo "X0:12345:respawn:/sbin/getty 115200 hvc0" >> ${D}${sysconfdir}/inittab + echo "X0:12345:respawn:${base_sbindir}/getty-wrapper 115200 hvc0" >> ${D}${sysconfdir}/inittab } diff --git a/external/meta-virtualization/recipes-devtools/go/go-build_git.bb b/external/meta-virtualization/recipes-devtools/go/go-build_git.bb new file mode 100644 index 00000000..e057b6d7 --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/go/go-build_git.bb @@ -0,0 +1,50 @@ +HOMEPAGE = "https://github.com/lf-edge/runx" +SUMMARY = "console for runx" +DESCRIPTION = "Xen Runtime for OCI" + +SRCREV_runx = "da0c75c58ae5232d19b1791c33545db3225e1ea9" +SRCREV_runc = "e4363b038787addfa12e8b0acf5417d4fba01693" + +SRC_URI = "\ + git://github.com/lf-edge/runx;nobranch=1;name=runx \ + git://github.com/opencontainers/runc.git;nobranch=1;destsuffix=runc;name=runc \ + " +SRC_URI[md5sum] = "0d701ac1e2a67d47ce7127432df2c32b" +SRC_URI[sha256sum] = "5a26478906d5005f4f809402e981518d2b8844949199f60c4b6e1f986ca2a769" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=945fc9aa694796a6337395cc291ddd8c" + +S = "${WORKDIR}/git" +PV = "0.1-git${SRCREV_runx}" + +inherit features_check +REQUIRED_DISTRO_FEATURES = "vmsep" +GO_PARALLEL_BUILD ?= "${@oe.utils.parallel_make_argument(d, '-p %d')}" + +inherit pkgconfig + +GO_IMPORT = "import" +inherit go + +RDEPENDS_${PN}-dev = "bash" + +do_compile() { + + export GOARCH="${TARGET_GOARCH}" + cd ${S}/src/import/gobuild + mkdir -p go/src/github.com/opencontainers + ln -s ${WORKDIR}/runc ${S}/src/import/gobuild/go/src/github.com/opencontainers/runc + export GOPATH="${S}/src/import/gobuild/go/src/github.com/opencontainers/runc" + oe_runmake +} + +do_install() { + + install -d ${D}${datadir}/runX + install -m 755 ${B}/src/import/gobuild/serial_fd_handler ${D}${datadir}/runX/ + install -m 755 ${B}/src/import/gobuild/recvtty ${D}${datadir}/runX/ + +} + +FILES_${PN} += "${datadir}/runX/*" diff --git a/external/meta-virtualization/recipes-devtools/go/go-cli_git.bb b/external/meta-virtualization/recipes-devtools/go/go-cli_git.bb index 21d01ac3..434594c9 100644 --- a/external/meta-virtualization/recipes-devtools/go/go-cli_git.bb +++ b/external/meta-virtualization/recipes-devtools/go/go-cli_git.bb @@ -10,7 +10,7 @@ PKG_NAME = "github.com/codegangsta/${SRCNAME}" SRC_URI = "git://${PKG_NAME}.git" SRCREV = "27ecc97192df1bf053a22b04463f2b51b8b8373e" -PV = "1.1.0+git${SRCREV}" +PV = "1.1.0+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-devtools/go/go-dbus_git.bb b/external/meta-virtualization/recipes-devtools/go/go-dbus_git.bb index 9b206a1e..23908619 100644 --- a/external/meta-virtualization/recipes-devtools/go/go-dbus_git.bb +++ b/external/meta-virtualization/recipes-devtools/go/go-dbus_git.bb @@ -10,7 +10,7 @@ PKG_NAME = "github.com/godbus/${SRCNAME}" SRC_URI = "git://${PKG_NAME}.git" SRCREV = "5f6efc7ef2759c81b7ba876593971bfce311eab3" -PV = "4.0.0+git${SRCREV}" +PV = "4.0.0+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-devtools/go/go-fsnotify_git.bb b/external/meta-virtualization/recipes-devtools/go/go-fsnotify_git.bb index 1d9fbdc7..0826aa7f 100644 --- a/external/meta-virtualization/recipes-devtools/go/go-fsnotify_git.bb +++ b/external/meta-virtualization/recipes-devtools/go/go-fsnotify_git.bb @@ -10,7 +10,7 @@ PKG_NAME = "github.com/fsnotify/${SRCNAME}" SRC_URI = "git://${PKG_NAME}.git" SRCREV = "836bfd95fecc0f1511dd66bdbf2b5b61ab8b00b6" -PV = "1.2.11+git${SRCREV}" +PV = "1.2.11+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-devtools/go/go-logrus_git.bb b/external/meta-virtualization/recipes-devtools/go/go-logrus_git.bb index 5c0c3595..aa89033e 100644 --- a/external/meta-virtualization/recipes-devtools/go/go-logrus_git.bb +++ b/external/meta-virtualization/recipes-devtools/go/go-logrus_git.bb @@ -10,7 +10,7 @@ PKG_NAME = "github.com/Sirupsen/${SRCNAME}" SRC_URI = "git://${PKG_NAME}.git" SRCREV = "d26492970760ca5d33129d2d799e34be5c4782eb" -PV = "0.11.0+git${SRCREV}" +PV = "0.11.0+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-devtools/go/go-md2man_git.bb b/external/meta-virtualization/recipes-devtools/go/go-md2man_git.bb new file mode 100644 index 00000000..cc8dd5c3 --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/go/go-md2man_git.bb @@ -0,0 +1,20 @@ +DESCRIPTION = "A markdown to manpage generator." +HOMEPAGE = "https://github.com/cpuguy83/go-md2man" +SECTION = "devel/go" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE.md;md5=80794f9009df723bbc6fe19234c9f517" + +BBCLASSEXTEND = "native" + +GO_IMPORT = "github.com/cpuguy83/go-md2man" +#GO_INSTALL = "${GO_IMPORT}/bin/go-md2man" + +SRC_URI = "git://${GO_IMPORT}.git" + +SRCREV = "f79a8a8ca69da163eee19ab442bedad7a35bba5a" +PV = "1.0.10+git${SRCPV}" + +S = "${WORKDIR}/git" + +inherit go + diff --git a/external/meta-virtualization/recipes-devtools/go/go-metalinter_git.bb b/external/meta-virtualization/recipes-devtools/go/go-metalinter_git.bb new file mode 100644 index 00000000..668b431a --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/go/go-metalinter_git.bb @@ -0,0 +1,24 @@ +DESCRIPTION = "Go Meta Linter." +HOMEPAGE = "https://github.com/alecthomas/gometalinter" +SECTION = "devel/go" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://COPYING;md5=dee20b35647295553d32faef05846a7b" + +BBCLASSEXTEND = "native" + +SRCNAME = "gometalinter" + +PKG_NAME = "github.com/alecthomas/${SRCNAME}" +SRC_URI = "git://${PKG_NAME}.git" + +SRCREV = "e8d801238da6f0dfd14078d68f9b53fa50a7eeb5" +PV = "0.0+git${SRCPV}" + +S = "${WORKDIR}/git" + +do_install() { + install -d ${D}${prefix}/local/go/src/${PKG_NAME} + cp -r ${S}/* ${D}${prefix}/local/go/src/${PKG_NAME}/ +} + +FILES_${PN} += "${prefix}/local/go/src/${PKG_NAME}/*" diff --git a/external/meta-virtualization/recipes-devtools/go/go-pty_git.bb b/external/meta-virtualization/recipes-devtools/go/go-pty_git.bb index bc94b317..02cef69e 100644 --- a/external/meta-virtualization/recipes-devtools/go/go-pty_git.bb +++ b/external/meta-virtualization/recipes-devtools/go/go-pty_git.bb @@ -1,12 +1,12 @@ DESCRIPTION = "PTY interface for Go" -HOMEPAGE = "https://github.com/kr/pty" +HOMEPAGE = "https://github.com/creack/pty" SECTION = "devel/go" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://License;md5=93958070863d769117fa33b129020050" SRCNAME = "pty" -PKG_NAME = "github.com/kr/${SRCNAME}" +PKG_NAME = "github.com/creack/${SRCNAME}" SRC_URI = "git://${PKG_NAME}.git" SRCREV = "05017fcccf23c823bfdea560dcc958a136e54fb7" diff --git a/external/meta-virtualization/recipes-devtools/go/go-systemd_git.bb b/external/meta-virtualization/recipes-devtools/go/go-systemd_git.bb index b61c97a6..0f89c0f8 100644 --- a/external/meta-virtualization/recipes-devtools/go/go-systemd_git.bb +++ b/external/meta-virtualization/recipes-devtools/go/go-systemd_git.bb @@ -10,7 +10,7 @@ PKG_NAME = "github.com/coreos/go-${SRCNAME}" SRC_URI = "git://${PKG_NAME}.git" SRCREV = "b4a58d95188dd092ae20072bac14cece0e67c388" -PV = "4+git${SRCREV}" +PV = "4+git${SRCPV}" RDEPENDS_${PN} += "bash" diff --git a/external/meta-virtualization/recipes-devtools/go/notary_git.bb b/external/meta-virtualization/recipes-devtools/go/notary_git.bb index d638dc1c..9cfb46ea 100644 --- a/external/meta-virtualization/recipes-devtools/go/notary_git.bb +++ b/external/meta-virtualization/recipes-devtools/go/notary_git.bb @@ -2,15 +2,15 @@ DESCRIPTION = "Notary is a Docker project that allows anyone to have trust over HOMEPAGE = "https://github.com/docker/notary" SECTION = "devel/go" LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://src/${PKG_NAME}/LICENSE;md5=771ddb425ba03c8fab49e5bd9854a4a2" +LIC_FILES_CHKSUM = "file://src/${PKG_NAME}/LICENSE;md5=3596b980bb036e0875174ed15e4b982a" SRCNAME = "notary" PKG_NAME = "github.com/docker/${SRCNAME}" SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME}" -SRCREV = "c8aa8cf53cbcda2e92def0c9291e25d770493494" -PV = "0.4.2+git${SRCPV}" +SRCREV = "d6e1431feb32348e0650bf7551ac5cffd01d857b" +PV = "0.6.1+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-devtools/python/gunicorn_19.1.1.bb b/external/meta-virtualization/recipes-devtools/python/gunicorn_20.0.4.bb index 5c8ea484..41c909c5 100644 --- a/external/meta-virtualization/recipes-devtools/python/gunicorn_19.1.1.bb +++ b/external/meta-virtualization/recipes-devtools/python/gunicorn_20.0.4.bb @@ -6,10 +6,11 @@ DESCRIPTION = "\ simply implemented, light on server resource usage, and fairly speedy. \ " LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=19a2e253a273e390cd1b91d19b6ee236" +LIC_FILES_CHKSUM = "file://LICENSE;md5=f75f3fb94cdeab1d607e2adaa6077752" SRC_URI = "https://pypi.python.org/packages/source/g/gunicorn/${BPN}-${PV}.tar.gz" -SRC_URI[md5sum] = "eaa72bff5341c05169b76ce3dcbb8140" -SRC_URI[sha256sum] = "82715511fb6246fad4ba66d812eb93416ae8371b464fa88bf3867c9c177daa14" -inherit setuptools +SRC_URI[md5sum] = "543669fcbb5739ee2af77184c5e571a1" +SRC_URI[sha256sum] = "1904bb2b8a43658807108d59c3f3d56c2b6121a701161de0ddf9ad140073c626" + +inherit setuptools3 diff --git a/external/meta-virtualization/recipes-devtools/python/python-backports-lzma/fix_paths.patch b/external/meta-virtualization/recipes-devtools/python/python-backports-lzma/fix_paths.patch deleted file mode 100644 index c2b374f6..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-backports-lzma/fix_paths.patch +++ /dev/null @@ -1,17 +0,0 @@ ---- - setup.py | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - ---- a/setup.py -+++ b/setup.py -@@ -32,8 +32,8 @@ - extens = [Extension('backports/lzma/_lzma', - ['backports/lzma/_lzmamodule.c'], - libraries = ['lzma'], -- include_dirs = [os.path.join(home, 'include'), '/opt/local/include', '/usr/local/include'], -- library_dirs = [os.path.join(home, 'lib'), '/opt/local/lib', '/usr/local/lib'] -+ include_dirs = [], -+ library_dirs = [] - )] - - descr = "Backport of Python 3.3's 'lzma' module for XZ/LZMA compressed files." diff --git a/external/meta-virtualization/recipes-devtools/python/python-backports-lzma_0.0.3.bb b/external/meta-virtualization/recipes-devtools/python/python-backports-lzma_0.0.3.bb deleted file mode 100644 index a3586c04..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-backports-lzma_0.0.3.bb +++ /dev/null @@ -1,32 +0,0 @@ -HOMEPAGE = "https://github.com/peterjc/backports.lzma" -SUMMARY = "\ - Backport of Python 3.3's 'lzma' module for XZ/LZMA compressed files." -DESCRIPTION = "\ - This is a backport of the 'lzma' module included in Python 3.3 or later \ - by Nadeem Vawda and Per Oyvind Karlsen, which provides a Python wrapper \ - for XZ Utils (aka LZMA Utils v2) by Igor Pavlov. \ - . \ - In order to compile this, you will need to install XZ Utils from \ - http://tukaani.org/xz/ \ - " -SECTION = "devel/python" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://PKG-INFO;md5=db4345b3b9524aabc8fe8c65f235c6b2" - -SRC_URI[md5sum] = "c3d109746aefa86268e500c07d7e8e0f" -SRC_URI[sha256sum] = "bac58aec8d39ac3d22250840fb24830d0e4a0ef05ad8f3f09172dc0cc80cdbca" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -inherit setuptools - -DEPENDS += "xz" - -SRCNAME = "backports.lzma" - -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - -SRC_URI = "\ - https://pypi.python.org/packages/source/b/backports.lzma/${SRCNAME}-${PV}.tar.gz \ - file://fix_paths.patch \ - " diff --git a/external/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb b/external/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb deleted file mode 100644 index 8abb9c07..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb +++ /dev/null @@ -1,24 +0,0 @@ -HOMEPAGE = "https://pypi.python.org/pypi/blinker" -SUMMARY = "Fast, simple object-to-object and broadcast signaling" -DESCRIPTION = " \ - Blinker provides a fast dispatching system that allows any number of \ - interested parties to subscribe to events, or “signals”. \ - . \ - Signal receivers can subscribe to specific senders or receive signals \ - sent by any sender. \ - " -SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=8baf1d53a00de619f60052e4752a89af" - -SRCNAME = "blinker" -SRC_URI = "https://pypi.python.org/packages/source/b/blinker/${SRCNAME}-${PV}.tar.gz" -SRC_URI[md5sum] = "66e9688f2d287593a0e698cd8a5fbc57" -SRC_URI[sha256sum] = "6811010809262261e41ab7b92f3f6d23f35cf816fbec2bc05077992eebec6e2f" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -DEFAULT_PREFERENCE = "-1" - -inherit setuptools - diff --git a/external/meta-virtualization/recipes-devtools/python/python-boto_2.34.0.bb b/external/meta-virtualization/recipes-devtools/python/python-boto_2.34.0.bb deleted file mode 100644 index f94f3244..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-boto_2.34.0.bb +++ /dev/null @@ -1,25 +0,0 @@ -HOMEPAGE = "https://github.com/boto/boto" -SUMMARY = "Amazon Web Services API" -DESCRIPTION = "\ - Boto is a Python package that provides interfaces to Amazon Web Services. \ - Currently, all features work with Python 2.6 and 2.7. Work is under way to \ - support Python 3.3+ in the same codebase. Modules are being ported one at \ - a time with the help of the open source community, so please check below \ - for compatibility with Python 3.3+. \ - " -SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://setup.py;md5=182ef81236d3fac2c6ed8e8d3c988ec8" - -PR = "r0" -SRCNAME = "boto" - -SRC_URI = "https://pypi.python.org/packages/source/b/boto/${SRCNAME}-${PV}.tar.gz" - -SRC_URI[md5sum] = "5556223d2d0cc4d06dd4829e671dcecd" -SRC_URI[sha256sum] = "33baab022ecb803414ad0d6cf4041d010cfc2755ff8acc3bea7b32e77ba98be0" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -inherit setuptools - diff --git a/external/meta-virtualization/recipes-devtools/python/python3-docker-pycreds_0.3.0.bb b/external/meta-virtualization/recipes-devtools/python/python-docker-pycreds.inc index 4d39f529..4bfa05fc 100644 --- a/external/meta-virtualization/recipes-devtools/python/python3-docker-pycreds_0.3.0.bb +++ b/external/meta-virtualization/recipes-devtools/python/python-docker-pycreds.inc @@ -3,7 +3,5 @@ HOMEPAGE = "https://github.com/shin-/dockerpy-creds" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" -inherit pypi setuptools3 - -SRC_URI[md5sum] = "2370ea3b62198b788a26231ab58844af" -SRC_URI[sha256sum] = "8b0e956c8d206f832b06aa93a710ba2c3bcbacb5a314449c040b0b814355bbff" +SRC_URI[md5sum] = "322f570cea6b4661c6ac335683988e18" +SRC_URI[sha256sum] = "6ce3270bcaf404cc4c3e27e4b6c70d3521deae82fb508767870fdbf772d584d4" diff --git a/external/meta-virtualization/recipes-devtools/python/python-docker-registry-core_2.0.3.bb b/external/meta-virtualization/recipes-devtools/python/python-docker-registry-core_2.0.3.bb deleted file mode 100644 index 7aa6825e..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-docker-registry-core_2.0.3.bb +++ /dev/null @@ -1,29 +0,0 @@ -HOMEPAGE = "https://pypi.python.org/pypi/docker-registry-core" -SUMMARY = "Docker registry core package" -DESCRIPTION = "core package for docker-registry (drivers) developers" -SECTION = "devel/python" -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" - -SRCNAME = "docker-registry-core" - -SRC_URI = "https://pypi.python.org/packages/source/d/docker-registry-core/${SRCNAME}-${PV}.tar.gz" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -SRC_URI[md5sum] = "610ef9395f2e9a2f91c68d13325fce7b" -SRC_URI[sha256sum] = "347e804f1f35b28dbe27bf8d7a0b630fca29d684032139bf26e3940572360360" - -inherit setuptools - -DEPENDS += "\ - python-distribute \ - python-boto (= 2.34.0) \ - python-redis (= 2.10.3) \ - python-simplejson (= 3.6.2) \ - " - -# boto 2.34.0 -# redis 2.10.3 -# simplejson 3.6.2 -# setuptools 5.8 diff --git a/external/meta-virtualization/recipes-devtools/python/python-docker.inc b/external/meta-virtualization/recipes-devtools/python/python-docker.inc new file mode 100644 index 00000000..884fb64e --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/python/python-docker.inc @@ -0,0 +1,15 @@ +SUMMARY = "A Python library for the Docker Engine API." +HOMEPAGE = "https://github.com/docker/docker-py" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=34f3846f940453127309b920eeb89660" + +SRC_URI[md5sum] = "19f803f6a7113301daa5d82a2d1d0c30" +SRC_URI[sha256sum] = "ddae66620ab5f4bce769f64bcd7934f880c8abe6aa50986298db56735d0f722e" + +RDEPENDS_${PN} += " \ + ${PYTHON_PN}-misc \ + ${PYTHON_PN}-six \ + ${PYTHON_PN}-docker-pycreds \ + ${PYTHON_PN}-requests \ + ${PYTHON_PN}-websocket-client \ +" diff --git a/external/meta-virtualization/recipes-devtools/python/python-flask_0.10.1.bb b/external/meta-virtualization/recipes-devtools/python/python-flask_0.10.1.bb deleted file mode 100644 index 263e53d0..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-flask_0.10.1.bb +++ /dev/null @@ -1,20 +0,0 @@ -DESCRIPTION = "A microframework based on Werkzeug, Jinja2 and good intentions" -HOMEPAGE = "https://pypi.python.org/pypi/Flask/" -SECTION = "devel/python" -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=79aa8b7bc4f781210d6b5c06d6424cb0" - -PR = "r0" -SRCNAME = "Flask" - -SRC_URI = "https://pypi.python.org/packages/source/F/${SRCNAME}/${SRCNAME}-${PV}.tar.gz" - -SRC_URI[md5sum] = "378670fe456957eb3c27ddaef60b2b24" -SRC_URI[sha256sum] = "4c83829ff83d408b5e1d4995472265411d2c414112298f2eb4b359d9e4563373" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -inherit setuptools - -CLEANBROKEN = "1" - diff --git a/external/meta-virtualization/recipes-devtools/python/python-gevent/gevent-allow-ssl-v2-or-v3-certificates.patch b/external/meta-virtualization/recipes-devtools/python/python-gevent/gevent-allow-ssl-v2-or-v3-certificates.patch deleted file mode 100644 index 623d04f0..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-gevent/gevent-allow-ssl-v2-or-v3-certificates.patch +++ /dev/null @@ -1,29 +0,0 @@ -From c2dc97478fcc3757e09d5d2997391960a8351d53 Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield <bruce.ashfield@windriver.com> -Date: Sun, 29 Mar 2015 22:34:28 -0400 -Subject: [PATCH] gevent: allow ssl v2 or v3 certificates - -Work around an issue with python 2.7 not always having SSLv3 available -by allowing v2 or v3 certificates. - -Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> ---- - gevent/ssl.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gevent/ssl.py b/gevent/ssl.py -index ce6434718d1b..93c0d642da5f 100644 ---- a/gevent/ssl.py -+++ b/gevent/ssl.py -@@ -383,7 +383,7 @@ def wrap_socket(sock, keyfile=None, certfile=None, - ciphers=ciphers) - - --def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None): -+def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None): - """Retrieve the certificate from the server at the specified address, - and return it as a PEM-encoded string. - If 'ca_certs' is specified, validate the server cert against it. --- -1.9.1 - diff --git a/external/meta-virtualization/recipes-devtools/python/python-gevent/libev-conf.patch b/external/meta-virtualization/recipes-devtools/python/python-gevent/libev-conf.patch deleted file mode 100644 index 283705f8..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-gevent/libev-conf.patch +++ /dev/null @@ -1,19 +0,0 @@ -Due to differences in library locations, the cross compile test can fail because it can't run -the conftest binary (dynamically linked). Building it statically instead. - -Signed-off-by: Amy Fong <amy.fong@windriver.com> ---- - libev/configure | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/libev/configure -+++ b/libev/configure -@@ -2730,7 +2730,7 @@ - ac_ext=c - ac_cpp='$CPP $CPPFLAGS' - ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' --ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -+ac_link='$CC -static -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' - ac_compiler_gnu=$ac_cv_c_compiler_gnu - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. diff --git a/external/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb b/external/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb deleted file mode 100644 index 8cd1388a..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb +++ /dev/null @@ -1,30 +0,0 @@ -HOMEPAGE = "http://www.gevent.org" -SUMMARY = "A coroutine-based Python networking library" -DESCRIPTION = "\ - gevent is a coroutine-based Python networking library that uses greenlet \ - to provide a high-level synchronous API on top of the libevent event \ - loop. \ - " -SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=2dbb33d00e1fd31c7041460a81ac0bd2" -DEPENDS += "python-greenlet libevent" -RDEPENDS_${PN} += "python-greenlet python-mime python-pprint python-re" - -SRC_URI[md5sum] = "7b952591d1a0174d6eb6ac47bd975ab6" -SRC_URI[sha256sum] = "4627e215d058f71d95e6b26d9e7be4c263788a4756bd2858a93775f6c072df43" - -inherit setuptools pypi - -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" -SRC_URI += "file://libev-conf.patch" -SRC_URI += "file://gevent-allow-ssl-v2-or-v3-certificates.patch" - -# The python-gevent has no autoreconf ability -# and the logic for detecting a cross compile is flawed -# so always force a cross compile -do_configure_append() { - sed -i -e 's/^cross_compiling=no/cross_compiling=yes/' ${S}/libev/configure -} - -DEFAULT_PREFERENCE = "-1" diff --git a/external/meta-virtualization/recipes-devtools/python/python-m2crypto/m2crypto-Fix-build-with-SWIG-3.0.5.patch b/external/meta-virtualization/recipes-devtools/python/python-m2crypto/m2crypto-Fix-build-with-SWIG-3.0.5.patch deleted file mode 100644 index c4085952..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-m2crypto/m2crypto-Fix-build-with-SWIG-3.0.5.patch +++ /dev/null @@ -1,158 +0,0 @@ -From 8430e7202407fb1a0a104b0decdcc9da9e41a52b Mon Sep 17 00:00:00 2001 -From: Jackie Huang <jackie.huang@windriver.com> -Date: Mon, 4 Apr 2016 23:28:15 -0400 -Subject: [PATCH] Fix build with SWIG 3.0.5 - -See analysis and previous patches in -https://github.com/martinpaljak/M2Crypto/issues/60 and -https://github.com/swig/swig/issues/344, in particular this adds the -build machinery to patch -https://github.com/martinpaljak/M2Crypto/issues/60#issuecomment-75735489 - -Fixes #47 - -Author: Miloslav Trmac <mitr@redhat.com> - -Upstream-Status: Backport - -Signed-off-by: Jackie Huang <jackie.huang@windriver.com> ---- - M2Crypto/__init__.py | 4 ++-- - M2Crypto/m2.py | 2 +- - SWIG/_lib.i | 4 ++++ - SWIG/_pkcs7.i | 1 + - setup.py | 24 ++++++++++++++++++++++++ - 5 files changed, 32 insertions(+), 3 deletions(-) - -diff --git a/M2Crypto/__init__.py b/M2Crypto/__init__.py -index 647e057..280af94 100644 ---- a/M2Crypto/__init__.py -+++ b/M2Crypto/__init__.py -@@ -19,7 +19,7 @@ Copyright 2008-2011 Heikki Toivonen. All rights reserved. - version_info = (0, 22) - version = '.'.join([str(_v) for _v in version_info]) - --import __m2crypto -+import _m2crypto - import m2 - import ASN1 - import AuthCookie -@@ -47,4 +47,4 @@ import m2xmlrpclib - import threading - import util - --__m2crypto.lib_init() -+_m2crypto.lib_init() -diff --git a/M2Crypto/m2.py b/M2Crypto/m2.py -index e4bb695..822143f 100644 ---- a/M2Crypto/m2.py -+++ b/M2Crypto/m2.py -@@ -25,7 +25,7 @@ Portions created by Open Source Applications Foundation (OSAF) are - Copyright (C) 2004 OSAF. All Rights Reserved. - """ - --from __m2crypto import * -+from _m2crypto import * - lib_init() - - -diff --git a/SWIG/_lib.i b/SWIG/_lib.i -index 0d40698..6cc1a44 100644 ---- a/SWIG/_lib.i -+++ b/SWIG/_lib.i -@@ -66,6 +66,7 @@ int ssl_verify_callback(int ok, X509_STORE_CTX *ctx) { - int cret; - int new_style_callback = 0, warning_raised_exception=0; - PyGILState_STATE gilstate; -+ PyObject *self = NULL; /* bug in SWIG_NewPointerObj as of 3.0.5 */ - - ssl = (SSL *)X509_STORE_CTX_get_app_data(ctx); - -@@ -151,6 +152,7 @@ int ssl_verify_callback(int ok, X509_STORE_CTX *ctx) { - void ssl_info_callback(const SSL *s, int where, int ret) { - PyObject *argv, *retval, *_SSL; - PyGILState_STATE gilstate; -+ PyObject *self = NULL; /* bug in SWIG_NewPointerObj as of 3.0.5 */ - - gilstate = PyGILState_Ensure(); - -@@ -170,6 +172,7 @@ DH *ssl_set_tmp_dh_callback(SSL *ssl, int is_export, int keylength) { - PyObject *argv, *ret, *_ssl; - DH *dh; - PyGILState_STATE gilstate; -+ PyObject *self = NULL; /* bug in SWIG_NewPointerObj as of 3.0.5 */ - - gilstate = PyGILState_Ensure(); - -@@ -193,6 +196,7 @@ RSA *ssl_set_tmp_rsa_callback(SSL *ssl, int is_export, int keylength) { - PyObject *argv, *ret, *_ssl; - RSA *rsa; - PyGILState_STATE gilstate; -+ PyObject *self = NULL; /* bug in SWIG_NewPointerObj as of 3.0.5 */ - - gilstate = PyGILState_Ensure(); - -diff --git a/SWIG/_pkcs7.i b/SWIG/_pkcs7.i -index 22d791a..20dfbaf 100644 ---- a/SWIG/_pkcs7.i -+++ b/SWIG/_pkcs7.i -@@ -157,6 +157,7 @@ PyObject *smime_read_pkcs7(BIO *bio) { - BIO *bcont = NULL; - PKCS7 *p7; - PyObject *tuple, *_p7, *_BIO; -+ PyObject *self = NULL; /* bug in SWIG_NewPointerObj as of 3.0.5 */ - - if (BIO_method_type(bio) == BIO_TYPE_MEM) { - /* OpenSSL FAQ explains that this is needed for mem BIO to return EOF, -diff --git a/setup.py b/setup.py -index bac6f9f..f59dc18 100644 ---- a/setup.py -+++ b/setup.py -@@ -19,6 +19,7 @@ from setuptools.command import build_ext - - from distutils.core import Extension - from distutils.spawn import find_executable -+from distutils.file_util import copy_file - - - class _M2CryptoBuildExt(build_ext.build_ext): -@@ -77,6 +78,15 @@ class _M2CryptoBuildExt(build_ext.build_ext): - [opensslIncludeDir, os.path.join(opensslIncludeDir, "openssl")]] - self.swig_opts.append('-includeall') - self.swig_opts.append('-modern') -+ self.swig_opts.append('-builtin') -+ -+ # These two lines are a workaround for -+ # http://bugs.python.org/issue2624 , hard-coding that we are only -+ # building a single extension with a known path; a proper patch to -+ # distutils would be in the run phase, when extension name and path are -+ # known. -+ self.swig_opts.append('-outdir') -+ self.swig_opts.append(os.path.join(self.build_lib, 'M2Crypto')) - - # Fedora does hat tricks. - if platform.linux_distribution()[0] in ['Fedora', 'CentOS']: -@@ -98,6 +108,20 @@ class _M2CryptoBuildExt(build_ext.build_ext): - - self.library_dirs += [os.path.join(self.openssl, opensslLibraryDir)] - -+ def run(self): -+ '''Overloaded build_ext implementation to allow inplace=1 to work, -+ which is needed for (python setup.py test).''' -+ # This is another workaround for http://bugs.python.org/issue2624 + the -+ # corresponding lack of support in setuptools' test command. Note that -+ # just using self.inplace in finalize_options() above does not work -+ # because swig is not rerun if the __m2crypto.so extension exists. -+ # Again, hard-coding our extension name and location. -+ build_ext.build_ext.run(self) -+ if self.inplace: -+ copy_file(os.path.join(self.build_lib, 'M2Crypto', '_m2crypto.py'), -+ os.path.join('M2Crypto', '_m2crypto.py'), -+ verbose=self.verbose, dry_run=self.dry_run) -+ - if sys.platform == 'darwin': - my_extra_compile_args = ["-Wno-deprecated-declarations"] - else: --- -1.9.1 - diff --git a/external/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb b/external/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb deleted file mode 100644 index e151dcc4..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb +++ /dev/null @@ -1,63 +0,0 @@ -HOMEPAGE = "http://chandlerproject.org/bin/view/Projects/MeTooCrypto" -SUMMARY = "A Python crypto and SSL toolkit" -DESCRIPTION = "\ - M2Crypto is the most complete Python wrapper for OpenSSL featuring RSA, \ - DSA, DH, EC, HMACs, message digests, symmetric ciphers (including \ - AES); SSL functionality to implement clients and servers; HTTPS \ - extensions to Python's httplib, urllib, and xmlrpclib; unforgeable \ - HMAC'ing AuthCookies for web session management; FTP/TLS client and \ - server; S/MIME; ZServerSSL: A HTTPS server for Zope and ZSmime: An \ - S/MIME messenger for Zope. M2Crypto can also be used to provide SSL \ - for Twisted. \ - " -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://PKG-INFO;md5=0ccca7097c1d29fa42e75e9c15c6ff2e" - -PYPI_PACKAGE = "M2Crypto" - -SRC_URI += " \ - file://m2crypto-Fix-build-with-SWIG-3.0.5.patch \ -" - -SRC_URI[md5sum] = "573f21aaac7d5c9549798e72ffcefedd" -SRC_URI[sha256sum] = "6071bfc817d94723e9b458a010d565365104f84aa73f7fe11919871f7562ff72" - -DEFAULT_PREFERENCE = "-1" - -inherit setuptools pypi - -DEPENDS += "openssl swig-native" - -DISTUTILS_BUILD_ARGS += "build_ext -I${STAGING_INCDIR}" - -inherit setuptools pypi - -SWIG_FEATURES_x86-64 = "-D__x86_64__" -SWIG_FEATURES ?= "" -export SWIG_FEATURES - -# Get around a problem with swig, but only if the -# multilib header file exists. -# -do_compile_prepend() { - sed -i -e 's/self.add_multiarch_paths.*$/# &/;' ${S}/setup.py - sed -i -e 's/opensslIncludeDir = .*$/opensslIncludeDir = os.getenv("STAGING_INCDIR")/;' ${S}/setup.py - sed -i -e 's/opensslLibraryDir = .*$/opensslLibraryDir = os.getenv("STAGING_LIBDIR")/;' ${S}/setup.py - - if [ "${SITEINFO_BITS}" = "64" ];then - bit="64" - else - bit="32" - fi - - if [ -e ${STAGING_INCDIR}/openssl/opensslconf-${bit}.h ]; then - for i in SWIG/_ec.i SWIG/_evp.i; do - sed -i -e "s/opensslconf.*\./opensslconf-${bit}\./" "$i" - done - elif [ -e ${STAGING_INCDIR}/openssl/opensslconf-n${bit}.h ] ;then - for i in SWIG/_ec.i SWIG/_evp.i; do - sed -i -e "s/opensslconf.*\./opensslconf-n${bit}\./" "$i" - done - fi -} - diff --git a/external/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb b/external/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb deleted file mode 100644 index ecb1719a..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb +++ /dev/null @@ -1,32 +0,0 @@ -HOMEPAGE = "http://www.pyyaml.org" -SUMMARY = "Python support for YAML" -DESCRIPTION = "\ - YAML is a data serialization format designed for human readability \ - and interaction with scripting languages. PyYAML is a YAML parser \ - and emitter for Python. \ - . \ - PyYAML features a complete YAML 1.1 parser, Unicode support, pickle \ - support, capable extension API, and sensible error messages. PyYAML \ - supports standard YAML tags and provides Python-specific tags that \ - allow to represent an arbitrary Python object. \ - . \ - PyYAML is applicable for a broad range of tasks from complex \ - configuration files to object serialization and persistance. \ - " -SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=6015f088759b10e0bc2bf64898d4ae17" - -SRCNAME = "PyYAML" -SRC_URI = "http://pyyaml.org/download/pyyaml/${SRCNAME}-${PV}.tar.gz" - -SRC_URI[md5sum] = "f50e08ef0fe55178479d3a618efe21db" -SRC_URI[sha256sum] = "c36c938a872e5ff494938b33b14aaa156cb439ec67548fcab3535bb78b0846e8" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -DEFAULT_PREFERENCE = "-1" - -inherit setuptools - -DEPENDS += "libyaml python-cython-native" diff --git a/external/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb b/external/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb deleted file mode 100644 index 2ef2b6b7..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb +++ /dev/null @@ -1,22 +0,0 @@ -HOMEPAGE = "https://pypi.python.org/pypi/redis/" -SUMMARY = "Python client for Redis key-value store" -DESCRIPTION = "The Python interface to the Redis key-value store." -SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=51d9ad56299ab60ba7be65a621004f27" - -PR = "r0" -SRCNAME = "redis" - -SRC_URI = "https://pypi.python.org/packages/source/r/redis/${SRCNAME}-${PV}.tar.gz" - -SRC_URI[md5sum] = "7619221ad0cbd124a5687458ea3f5289" -SRC_URI[sha256sum] = "a4fb37b02860f6b1617f6469487471fd086dd2d38bbce640c2055862b9c4019c" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -DEFAULT_PREFERENCE = "-1" - -inherit setuptools - -RDEPENDS_${PN} = "redis" diff --git a/external/meta-virtualization/recipes-devtools/python/python-sphinx_1.7.8.bb b/external/meta-virtualization/recipes-devtools/python/python-sphinx_1.7.8.bb deleted file mode 100644 index 23fa3fe4..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-sphinx_1.7.8.bb +++ /dev/null @@ -1,12 +0,0 @@ -DESCRIPTION = "Python documentation generator" -HOMEPAGE = "http://sphinx-doc.org/" -SECTION = "devel/python" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=89cbefcd0a80481e8b26a9a7d25be749" - -PYPI_PACKAGE = "Sphinx" - -SRC_URI[md5sum] = "7dfb075d8bd6a53b652bce1e4394c6a1" -SRC_URI[sha256sum] = "a07050845cc9a2f4026a6035cc8ed795a5ce7be6528bbc82032385c10807dfe7" - -inherit setuptools pypi diff --git a/external/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.0.16.bb b/external/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.0.16.bb deleted file mode 100644 index 5eb60b5b..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.0.16.bb +++ /dev/null @@ -1,16 +0,0 @@ -DESCRIPTION = "Python SQL toolkit and Object Relational Mapper that gives \ -application developers the full power and flexibility of SQL" -HOMEPAGE = "http://www.sqlalchemy.org/" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=d7dba1721bc8ce05d421f7279cb87971" -RDEPENDS_${PN} += "python-numbers" - -SRCNAME = "SQLAlchemy" -SRC_URI = "https://pypi.io/packages/source/S/${SRCNAME}/${SRCNAME}-${PV}.tar.gz" - -SRC_URI[md5sum] = "42c81726e7e145c206dac46964b4a167" -SRC_URI[sha256sum] = "e2dfdaa0983931ac1b0522dd637f08a52cf3081746513ac79c50843277ebe463" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -inherit setuptools diff --git a/external/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb b/external/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb deleted file mode 100644 index f22d2728..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb +++ /dev/null @@ -1,18 +0,0 @@ -DESCRIPTION = "Python SQL toolkit and Object Relational Mapper that gives \ -application developers the full power and flexibility of SQL" -HOMEPAGE = "http://www.sqlalchemy.org/" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=452f4b8adb0feba42e5be5f1fbfbf538" -RDEPENDS_${PN} += "python-numbers" - -SRCNAME = "SQLAlchemy" -SRC_URI = "https://pypi.python.org/packages/da/04/8048a5075d6e29235bbd6f1ea092a38dbe2630c670e73d4aa923a4e5521c/${SRCNAME}-${PV}.tar.gz" - -SRC_URI[md5sum] = "50685d97dca4b91945ae6309d03ab8c9" -SRC_URI[sha256sum] = "68fb40049690e567ebda7b270176f5abf0d53d9fbd515fec4e43326f601119b6" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -DEFAULT_PREFERENCE = "-1" - -inherit setuptools diff --git a/external/meta-virtualization/recipes-devtools/python/python-websocket-client.inc b/external/meta-virtualization/recipes-devtools/python/python-websocket-client.inc index 31778c68..8604dcbb 100644 --- a/external/meta-virtualization/recipes-devtools/python/python-websocket-client.inc +++ b/external/meta-virtualization/recipes-devtools/python/python-websocket-client.inc @@ -1,11 +1,11 @@ SUMMARY = "WebSocket client for python. hybi13 is supported." HOMEPAGE = "https://github.com/websocket-client/websocket-client.git" LICENSE = "LGPL-3.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=18b09a20dd186af4fd60f1a08311628c" +LIC_FILES_CHKSUM = "file://LICENSE;md5=c4c4a98fbc4836b81c8c64d6ecb01fc1" inherit pypi PYPI_PACKAGE = "websocket_client" -SRC_URI[md5sum] = "73d87aa16a2212da448b30aca9c5bf3b" -SRC_URI[sha256sum] = "15f585566e2ea7459136a632b9785aa081093064391878a448c382415e948d72" +SRC_URI[md5sum] = "8061820da5e1de26a6a1a6996d4eebd5" +SRC_URI[sha256sum] = "d735b91d6d1692a6a181f2a8c9e0238e5f6373356f561bb9dc4c7af36f452010" diff --git a/external/meta-virtualization/recipes-devtools/python/python-websocket-client_0.44.0.bb b/external/meta-virtualization/recipes-devtools/python/python-websocket-client_0.44.0.bb deleted file mode 100644 index 11eeb04a..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-websocket-client_0.44.0.bb +++ /dev/null @@ -1,2 +0,0 @@ -require python-websocket-client.inc -inherit setuptools
\ No newline at end of file diff --git a/external/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb b/external/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb deleted file mode 100644 index 5f3e01fd..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb +++ /dev/null @@ -1,33 +0,0 @@ -DESCRIPTION = "The Swiss Army knife of Python web development" -HOMEPAGE = "https://pypi.python.org/pypi/Werkzeug/" -SECTION = "devel/python" -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=a68f5361a2b2ca9fdf26b38aaecb6faa" - -PR = "r0" -SRCNAME = "Werkzeug" - -SRC_URI = "https://pypi.python.org/packages/source/W/${SRCNAME}/${SRCNAME}-${PV}.tar.gz" - -SRC_URI[md5sum] = "66a488e0ac50a9ec326fe020b3083450" -SRC_URI[sha256sum] = "9d2771e4c89be127bc4bac056ab7ceaf0e0064c723d6b6e195739c3af4fd5c1d" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -DEFAULT_PREFERENCE = "-1" - -inherit setuptools - -RDEPENDS_${PN} += "python-io \ - python-datetime \ - python-email \ - python-zlib \ - python-pkgutil \ - python-html \ - python-shell \ - python-pprint \ - python-subprocess \ - python-netserver" - -CLEANBROKEN = "1" - diff --git a/external/meta-virtualization/recipes-devtools/python/python3-boto3_1.11.7.bb b/external/meta-virtualization/recipes-devtools/python/python3-boto3_1.11.7.bb new file mode 100644 index 00000000..ae623cf1 --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/python/python3-boto3_1.11.7.bb @@ -0,0 +1,22 @@ +HOMEPAGE = "https://github.com/boto/boto" +SUMMARY = "Amazon Web Services API" +DESCRIPTION = "\ + Boto3 is the Amazon Web Services (AWS) Software Development Kit (SDK) for Python, \ + which allows Python developers to write software that makes use of services like \ + Amazon S3 and Amazon EC2. \ + " +SECTION = "devel/python" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://setup.py;md5=0149f3d994965905689bbefa0212efe2" + +SRCNAME = "boto3" + +SRC_URI = "https://pypi.python.org/packages/source/b/${SRCNAME}/${SRCNAME}-${PV}.tar.gz" + +SRC_URI[md5sum] = "79936a15612b8ef762eb1274a936cea5" +SRC_URI[sha256sum] = "5222edc5b20d5c6ab7440fc4f89f987ead05be37ff5cc5359a3b9148d9b5a51e" + +S = "${WORKDIR}/${SRCNAME}-${PV}" + +inherit setuptools3 + diff --git a/external/meta-virtualization/recipes-devtools/python/python-bugsnag_2.0.2.bb b/external/meta-virtualization/recipes-devtools/python/python3-bugsnag_3.6.0.bb index edf880fb..ef704e70 100644 --- a/external/meta-virtualization/recipes-devtools/python/python-bugsnag_2.0.2.bb +++ b/external/meta-virtualization/recipes-devtools/python/python3-bugsnag_3.6.0.bb @@ -8,19 +8,18 @@ DESCRIPTION = "\ " SECTION = "devel/python" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://PKG-INFO;md5=f6df6ab9f1b615a140ebb2a48f61bddc" +LIC_FILES_CHKSUM = "file://PKG-INFO;md5=9577253c24027f0c6027a4fded2134fc" -PR = "r0" SRCNAME = "bugsnag" SRC_URI = "https://pypi.python.org/packages/source/b/bugsnag/${SRCNAME}-${PV}.tar.gz" -SRC_URI[md5sum] = "e16360d86979890892cd388635f213e7" -SRC_URI[sha256sum] = "093934b3cd1d36ba2b89cfe1673b14ba59043417fe500a02dbf6de0df43ea962" +SRC_URI[md5sum] = "b97e16b068b5e7fdc3e3fa9f684e56cd" +SRC_URI[sha256sum] = "67b8c01719e92f193f8424595a94e3a527bc0f9fcb7f2bc47a20af87de81929d" S = "${WORKDIR}/${SRCNAME}-${PV}" -inherit setuptools +inherit setuptools3 -DEPENDS += "python-webob python-flask python-blinker" +DEPENDS += "python3-webob python3-flask python3-blinker" diff --git a/external/meta-virtualization/recipes-devtools/python/python3-docker-pycreds_0.4.0.bb b/external/meta-virtualization/recipes-devtools/python/python3-docker-pycreds_0.4.0.bb new file mode 100644 index 00000000..75a83e06 --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/python/python3-docker-pycreds_0.4.0.bb @@ -0,0 +1,3 @@ +inherit pypi setuptools3 +require python-docker-pycreds.inc + diff --git a/external/meta-virtualization/recipes-devtools/python/python3-docker_3.4.0.bb b/external/meta-virtualization/recipes-devtools/python/python3-docker_3.4.0.bb deleted file mode 100644 index 6e813025..00000000 --- a/external/meta-virtualization/recipes-devtools/python/python3-docker_3.4.0.bb +++ /dev/null @@ -1,17 +0,0 @@ -SUMMARY = "A Python library for the Docker Engine API." -HOMEPAGE = "https://github.com/docker/docker-py" -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=34f3846f940453127309b920eeb89660" - -inherit pypi setuptools3 - -SRC_URI[md5sum] = "02491d168c048cdb99cc20d0b352ea0f" -SRC_URI[sha256sum] = "e9cc39e24905e67ba9e2df14c94488f5cf030fb72ae1c60de505ce5ea90503f7" - -DEPENDS += "${PYTHON_PN}-pip-native" - -RDEPENDS_${PN} += " \ - python3-docker-pycreds \ - python3-requests \ - python3-websocket-client \ -" diff --git a/external/meta-virtualization/recipes-devtools/python/python3-docker_4.2.0.bb b/external/meta-virtualization/recipes-devtools/python/python3-docker_4.2.0.bb new file mode 100644 index 00000000..052cbe8a --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/python/python3-docker_4.2.0.bb @@ -0,0 +1,3 @@ +inherit pypi setuptools3 +DEPENDS += "${PYTHON_PN}-pip-native" +require python-docker.inc diff --git a/external/meta-virtualization/recipes-devtools/python/python3-fastentrypoints_0.12.bb b/external/meta-virtualization/recipes-devtools/python/python3-fastentrypoints_0.12.bb new file mode 100644 index 00000000..7bd16515 --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/python/python3-fastentrypoints_0.12.bb @@ -0,0 +1,18 @@ +SUMMARY = "Make entry_points specified in setup.py load more quickly" +DESCRIPTION = "Using entry_points in your setup.py makes scripts that start \ +really slowly because it imports pkg_resources, which is a horrible \ +thing to do if you want your trivial script to execute more or less \ +instantly. fastentrypoints aims to fix that bypassing pkg_resources, \ +making scripts load a lot faster." +HOMEPAGE = "https://github.com/ninjaaron/fast-entry_points" +SECTION = "devel/python" + +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://README.rst;md5=f212a0cb34eb678477972d2011fb365a" + +inherit pypi setuptools3 + +SRC_URI[md5sum] = "390ad9a9229164a06156a5b1f0ef1b22" +SRC_URI[sha256sum] = "ff284f1469bd65400599807d2c6284d5b251398e6e28811f5f77fd262292410b" + +BBCLASSEXTEND = "native nativesdk" diff --git a/external/meta-virtualization/recipes-devtools/python/python-flask-cors_1.10.3.bb b/external/meta-virtualization/recipes-devtools/python/python3-flask-cors_3.0.8.bb index c39e9b26..5d3c41f7 100644 --- a/external/meta-virtualization/recipes-devtools/python/python-flask-cors_1.10.3.bb +++ b/external/meta-virtualization/recipes-devtools/python/python3-flask-cors_3.0.8.bb @@ -1,22 +1,21 @@ -HOMEPAGE = "https://pypi.python.org/pypi/Flask-Cors/1.10.3" +HOMEPAGE = "https://pypi.python.org/pypi/Flask-Cors/" SUMMARY = "A Flask extension adding a decorator for CORS support" DESCRIPTION = "\ A Flask extension for handling Cross Origin Resource Sharing (CORS), making cross-origin AJAX possible \ " SECTION = "devel/python" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=4784781a5ee9fed9c50272e733e07685" +LIC_FILES_CHKSUM = "file://LICENSE;md5=118fecaa576ab51c1520f95e98db61ce" -DEPENDS += "python-six python-flask" +DEPENDS += "python3-six python3-flask" -PR = "r0" SRCNAME = "Flask-Cors" SRC_URI = "https://pypi.python.org/packages/source/F/Flask-Cors/${SRCNAME}-${PV}.tar.gz" -SRC_URI[md5sum] = "4f3c75ace0f724d1de167bd73745c965" -SRC_URI[sha256sum] = "9e6927aa0a46f314bca0ec63eb871cee898a162adfdd5b65224db7a008287423" +SRC_URI[md5sum] = "551cc4c0305a171d28caa2b3bc838867" +SRC_URI[sha256sum] = "72170423eb4612f0847318afff8c247b38bd516b7737adfc10d1c2cdbb382d16" S = "${WORKDIR}/${SRCNAME}-${PV}" -inherit setuptools +inherit setuptools3 diff --git a/external/meta-virtualization/recipes-devtools/python/python3-nacl_1.3.0.bb b/external/meta-virtualization/recipes-devtools/python/python3-nacl_1.3.0.bb new file mode 100644 index 00000000..d0a99aef --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/python/python3-nacl_1.3.0.bb @@ -0,0 +1,26 @@ +SUMMARY = "Python binding to the Networking and Cryptography (NaCl) library" +HOMEPAGE = "https://github.com/pyca/pynacl" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=8cc789b082b3d97e1ccc5261f8594d3f" + +PYPI_PACKAGE = "PyNaCl" + +inherit pypi setuptools3 + +SRC_URI[md5sum] = "3f3b1272287bc2de8efd8a5fa18bf728" +SRC_URI[sha256sum] = "0c6100edd16fefd1557da078c7a31e7b7d7a52ce39fdca2bec29d4f7b6e7600c" + +DEPENDS += "\ + libsodium \ + python3-cffi-native \ + python3-pip-native \ +" + +RDEPENDS_${PN}_class-target += " \ + python3-cffi \ + python3-pycparser \ +" + +export SODIUM_INSTALL = "system" + +BBCLASSEXTEND = "native" diff --git a/external/meta-virtualization/recipes-devtools/python/python-newrelic_2.22.0.19.bb b/external/meta-virtualization/recipes-devtools/python/python3-newrelic_5.4.1.134.bb index 38918249..36eec67a 100644 --- a/external/meta-virtualization/recipes-devtools/python/python-newrelic_2.22.0.19.bb +++ b/external/meta-virtualization/recipes-devtools/python/python3-newrelic_5.4.1.134.bb @@ -6,19 +6,18 @@ DESCRIPTION = "\ " SECTION = "devel/python" LICENSE = "BSD-3-Clause & MIT & Python-2.0 & BSD-2-Clause & NewRelic" -LIC_FILES_CHKSUM = "file://newrelic/LICENSE;md5=0f6cc160a8ed6759faa408a30b6ac978" +LIC_FILES_CHKSUM = "file://newrelic/LICENSE;md5=2c3b4d48a631fe909df7a767726d4f6c" -PR = "r0" SRCNAME = "newrelic" SRC_URI = "https://pypi.python.org/packages/source/n/newrelic/${SRCNAME}-${PV}.tar.gz" -SRC_URI[md5sum] = "f8c9bf996d040a11847d14682b290eff" -SRC_URI[sha256sum] = "aa8869413c21aff441a77582df1e0fdc0f67342760eb7560d33ed3bbed7edf7b" +SRC_URI[md5sum] = "45099c6d88dcf474267226469caa845e" +SRC_URI[sha256sum] = "0e651f2ff48dd1fc538fc1297892cf726d1ad4fc0b2578aae6a47f10f16afb2c" S = "${WORKDIR}/${SRCNAME}-${PV}" -inherit setuptools +inherit setuptools3 FILES_${PN}-dbg += "\ ${PYTHON_SITEPACKAGES_DIR}/newrelic-${PV}/newrelic/*/.debug \ diff --git a/external/meta-virtualization/recipes-devtools/python/python3-paramiko_2.7.0.bb b/external/meta-virtualization/recipes-devtools/python/python3-paramiko_2.7.0.bb new file mode 100644 index 00000000..d03702cf --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/python/python3-paramiko_2.7.0.bb @@ -0,0 +1,16 @@ +SUMMARY = "Python module that implements the SSH2 protocol" +HOMEPAGE = "https://github.com/paramiko/paramiko" +LICENSE = "LGPLv2.1" +LIC_FILES_CHKSUM = "file://LICENSE;md5=fd0120fc2e9f841c73ac707a30389af5" + +inherit pypi setuptools3 + +SRC_URI[md5sum] = "b130f3e1c3442d21c1a0c9ae17776f4e" +SRC_URI[sha256sum] = "fba9c46340e3d690ad5a9d0dbf06677cd91425de3afa7e9c0c187298ee4ddd0d" + +RDEPENDS_${PN} += " \ + python3-bcrypt \ + python3-cryptography \ + python3-pyasn1 \ + python3-nacl \ +" diff --git a/external/meta-virtualization/recipes-devtools/python/python3-sphinx_2.2.0.bb b/external/meta-virtualization/recipes-devtools/python/python3-sphinx_2.2.0.bb new file mode 100644 index 00000000..5ea408fa --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/python/python3-sphinx_2.2.0.bb @@ -0,0 +1,11 @@ +DESCRIPTION = "Python documentation generator" +HOMEPAGE = "http://sphinx-doc.org/" +SECTION = "devel/python" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=cc3ed00294f08c93200bc064c73c9d40" + +PYPI_PACKAGE = "Sphinx" + +SRC_URI[md5sum] = "ca64efdbb4d3a0a78398dbcf9f78971d" +SRC_URI[sha256sum] = "0d586b0f8c2fc3cc6559c5e8fd6124628110514fda0e5d7c82e682d749d2e845" +inherit setuptools3 pypi diff --git a/external/meta-virtualization/recipes-devtools/python/python-webob_1.8.2.bb b/external/meta-virtualization/recipes-devtools/python/python3-webob_1.8.5.bb index 6fdfbd5d..74a36e39 100644 --- a/external/meta-virtualization/recipes-devtools/python/python-webob_1.8.2.bb +++ b/external/meta-virtualization/recipes-devtools/python/python3-webob_1.8.5.bb @@ -6,13 +6,12 @@ LIC_FILES_CHKSUM = "file://docs/license.txt;md5=8ed3584bcc78c16da363747ccabc5af5 PYPI_PACKAGE = "WebOb" -SRC_URI[md5sum] = "d04756e6683fedddba52eafbe9adf404" -SRC_URI[sha256sum] = "1fe722f2ab857685fc96edec567dc40b1875b21219b3b348e58cd8c4d5ea7df3" +SRC_URI[md5sum] = "1761f416e8cf53f6fb674149cc223bd1" +SRC_URI[sha256sum] = "05aaab7975e0ee8af2026325d656e5ce14a71f1883c52276181821d6d5bf7086" -inherit setuptools pypi +inherit setuptools3 pypi RDEPENDS_${PN} += " \ - python-sphinx \ - python-nose \ + python3-sphinx \ " diff --git a/external/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.44.0.bb b/external/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.57.0.bb index 473e31ff..473e31ff 100644 --- a/external/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.44.0.bb +++ b/external/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.57.0.bb diff --git a/external/meta-virtualization/recipes-kernel/linux/linux-yocto_4.14.bbappend b/external/meta-virtualization/recipes-devtools/python/python3_3.%.bbappend index 617caccb..617caccb 100644 --- a/external/meta-virtualization/recipes-kernel/linux/linux-yocto_4.14.bbappend +++ b/external/meta-virtualization/recipes-devtools/python/python3_3.%.bbappend diff --git a/external/meta-virtualization/recipes-devtools/python/python_2.%.bbappend b/external/meta-virtualization/recipes-devtools/python/python3_virtualization.inc index 55301c7e..55301c7e 100644 --- a/external/meta-virtualization/recipes-devtools/python/python_2.%.bbappend +++ b/external/meta-virtualization/recipes-devtools/python/python3_virtualization.inc diff --git a/external/meta-virtualization/recipes-devtools/qemu/qemu-package-split.inc b/external/meta-virtualization/recipes-devtools/qemu/qemu-package-split.inc new file mode 100644 index 00000000..ae606a71 --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/qemu/qemu-package-split.inc @@ -0,0 +1,44 @@ +PACKAGES_prepend_class-target = "${PN}-x86_64 \ + ${PN}-aarch64 \ + ${PN}-arm \ + ${PN}-i386 \ + ${PN}-system-i386 \ + ${PN}-microblaze \ + ${PN}-support \ + ${PN}-keymaps \ + ${PN}-firmware \ + " + +FILES_${PN}-x86_64_class-target = "${bindir}/qemu-system-x86_64 ${bindir}/qemu-x86_64" +RDEPENDS_${PN}-x86_64_append_class_target = "${PN}" +INSANE_SKIP_${PN}-x86_64_class-target = "file-rdeps" + +FILES_${PN}-i386_class-target = "${bindir}/qemu-i386" +RDEPENDS_${PN}-i386_append_class-target = "${PN}" +INSANE_SKIP_${PN}-i386_class-target = "file-rdeps" + +FILES_${PN}-system-i386_class-target = "${bindir}/qemu-system-i386" +RDEPENDS_${PN}-system-i386_append_class-target = "${PN}" +INSANE_SKIP_${PN}-system-i386_class-target = "file-rdeps" + +FILES_${PN}-aarch64_class-target = "${bindir}/qemu-system-aarch64 ${bindir}/qemu-aarch64" +RDEPENDS_${PN}-aarch64_append_class-target = "${PN}" +INSANE_SKIP_${PN}-aarch64_class-target = "file-rdeps" + +FILES_${PN}-arm_class-target = "${bindir}/qemu-system-arm ${bindir}/qemu-arm" +RDEPENDS_${PN}-arm_append_class-target = "${PN}" +INSANE_SKIP_${PN}-arm_class-target = "file-rdeps" + +FILES_${PN}-microblaze_class-target = "${bindir}/qemu-system-microblaze* ${bindir}/qemu-microblaze*" +RDEPENDS_${PN}-microblaze_append_class-target = "${PN}" +INSANE_SKIP_${PN}-arm_class-target = "file-rdeps" + +FILES_${PN}-support_class-target = "${bindir}/* ${libexecdir}/*" +RDEPENDS_${PN}-support_class-target = "${PN} bash" + +FILES_${PN}-firmware_class-target = "${datadir}/${PN}/*.bin ${datadir}/${PN}/*.rom ${datadir}/${PN}/*.img ${datadir}/${PN}/openbios* ${datadir}/${PN}/*.dtb ${datadir}/${PN}/u-boot*" +RDEPENDS_${PN}-firmware_class-target = "${PN}" +INSANE_SKIP_${PN}-firmware_class-target = "arch" + +FILES_${PN}-keymaps_class-target = "${datadir}/${PN}/keymaps/*" +RDEPENDS_${PN}-keymaps_class-target = "${PN}" diff --git a/external/meta-virtualization/recipes-devtools/qemu/qemu_%.bbappend b/external/meta-virtualization/recipes-devtools/qemu/qemu_%.bbappend new file mode 100644 index 00000000..998a4011 --- /dev/null +++ b/external/meta-virtualization/recipes-devtools/qemu/qemu_%.bbappend @@ -0,0 +1,3 @@ +PACKAGECONFIG[xen] = "--enable-xen,--disable-xen,xen-tools,xen-tools-libxenstore xen-tools-libxenctrl xen-tools-libxenguest" + +require ${@bb.utils.contains('DISTRO_FEATURES', 'vmsep', '${BPN}-package-split.inc', '', d)} diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-Correct-the-path-to-find-version.h-in-rocksdb.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-Correct-the-path-to-find-version.h-in-rocksdb.patch deleted file mode 100644 index 788505b2..00000000 --- a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-Correct-the-path-to-find-version.h-in-rocksdb.patch +++ /dev/null @@ -1,40 +0,0 @@ -From a53605694d5301b7bb543464b17f74bbbd35d372 Mon Sep 17 00:00:00 2001 -From: Dengke Du <dengke.du@windriver.com> -Date: Tue, 28 Aug 2018 10:04:40 +0800 -Subject: [PATCH] Correct the path to find version.h in rocksdb - -Signed-off-by: Dengke Du <dengke.du@windriver.com> ---- - cmake/modules/Findrocksdb.cmake | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/cmake/modules/Findrocksdb.cmake b/cmake/modules/Findrocksdb.cmake -index f8369f7..36b67ea 100644 ---- a/cmake/modules/Findrocksdb.cmake -+++ b/cmake/modules/Findrocksdb.cmake -@@ -9,17 +9,17 @@ - # ROCKSDB_VERSION_MINOR - # ROCKSDB_VERSION_PATCH - --find_path(ROCKSDB_INCLUDE_DIR rocksdb/db.h) -+find_path(ROCKSDB_INCLUDE_DIR rocksdb/db.h ${CMAKE_SYSROOT}) - --find_library(ROCKSDB_LIBRARIES rocksdb) -+find_library(ROCKSDB_LIBRARIES rocksdb ${CMAKE_SYSROOT}) - - if(ROCKSDB_INCLUDE_DIR AND EXISTS "${ROCKSDB_INCLUDE_DIR}/rocksdb/version.h") - foreach(ver "MAJOR" "MINOR" "PATCH") -- file(STRINGS "${ROCKSDB_INCLUDE_DIR}/version.h" ROCKSDB_VER_${ver}_LINE -+ file(STRINGS "${ROCKSDB_INCLUDE_DIR}/rocksdb/version.h" ROCKSDB_VER_${ver}_LINE - REGEX "^#define[ \t]+ROCKSDB_${ver}[ \t]+[0-9]+$") - string(REGEX REPLACE "^#define[ \t]+ROCKSDB_${ver}[ \t]+([0-9]+)$" -- "\\1" ROCKSDB_VERSION_${ver} "${ROCKDB_VER_${ver}_LINE}") -- unset(${ROCKDB_VER_${ver}_LINE}) -+ "\\1" ROCKSDB_VERSION_${ver} "${ROCKSDB_VER_${ver}_LINE}") -+ unset(ROCKSDB_VER_${ver}_LINE) - endforeach() - set(ROCKSDB_VERSION_STRING - "${ROCKSDB_VERSION_MAJOR}.${ROCKSDB_VERSION_MINOR}.${ROCKSDB_VERSION_PATCH}") --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-add-pybind-support-in-OE.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-add-pybind-support-in-OE.patch deleted file mode 100644 index f9c53406..00000000 --- a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-add-pybind-support-in-OE.patch +++ /dev/null @@ -1,129 +0,0 @@ -From 00d44940c2e83bf73101a05d2aa8f88c2e2fca58 Mon Sep 17 00:00:00 2001 -From: Dengke Du <dengke.du@windriver.com> -Date: Tue, 23 Oct 2018 15:34:53 +0800 -Subject: [PATCH] ceph: add pybind support in OE - -1. add sysroot to CFLAGS when cross compiling pybind -2. change the pybind's INSTALL path to OE's INSTALL path -3. delete the check for header files, because the check method using - host compiler. - -Signed-off-by: Dengke Du <dengke.du@windriver.com> -Upstream-Status: Inappropriate [oe specific] ---- - cmake/modules/Distutils.cmake | 12 +++--------- - src/pybind/cephfs/setup.py | 8 -------- - src/pybind/rados/setup.py | 8 -------- - src/pybind/rbd/setup.py | 8 -------- - src/pybind/rgw/setup.py | 8 -------- - 5 files changed, 3 insertions(+), 41 deletions(-) - -diff --git a/cmake/modules/Distutils.cmake b/cmake/modules/Distutils.cmake -index d6e9f38..3091d97 100644 ---- a/cmake/modules/Distutils.cmake -+++ b/cmake/modules/Distutils.cmake -@@ -47,7 +47,7 @@ function(distutils_add_cython_module name src) - LDFLAGS=-L${CMAKE_LIBRARY_OUTPUT_DIRECTORY} - CYTHON_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR} - CEPH_LIBDIR=${CMAKE_LIBRARY_OUTPUT_DIRECTORY} -- CFLAGS=\"-iquote${CMAKE_SOURCE_DIR}/src/include -w\" -+ CFLAGS=\"-iquote${CMAKE_SOURCE_DIR}/src/include -w --sysroot=${CMAKE_SYSROOT}\" - ${PYTHON${PYTHON_VERSION}_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/setup.py - build --verbose --build-base ${CYTHON_MODULE_DIR} - --build-platlib ${CYTHON_MODULE_DIR}/lib.${PYTHON${PYTHON_VERSION}_VERSION_MAJOR} -@@ -69,14 +69,8 @@ function(distutils_install_cython_module name) - set(ENV{CEPH_LIBDIR} \"${CMAKE_LIBRARY_OUTPUT_DIRECTORY}\") - - set(options --prefix=${CMAKE_INSTALL_PREFIX}) -- if(DEFINED ENV{DESTDIR}) -- if(EXISTS /etc/debian_version) -- list(APPEND options --install-layout=deb) -- endif() -- list(APPEND options --root=\$ENV{DESTDIR}) -- else() -- list(APPEND options --root=/) -- endif() -+ list(APPEND options --root=${CMAKE_DESTDIR}) -+ list(APPEND options --install-lib=${PYTHON_SITEPACKAGES_DIR}) - execute_process( - COMMAND - ${PYTHON${PYTHON_VERSION}_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/setup.py -diff --git a/src/pybind/cephfs/setup.py b/src/pybind/cephfs/setup.py -index 6533f41..1ee4a59 100755 ---- a/src/pybind/cephfs/setup.py -+++ b/src/pybind/cephfs/setup.py -@@ -121,14 +121,6 @@ def check_sanity(): - finally: - shutil.rmtree(tmp_dir) - -- --if 'BUILD_DOC' in os.environ.keys(): -- pass --elif check_sanity(): -- pass --else: -- sys.exit(1) -- - cmdclass = {} - try: - from Cython.Build import cythonize -diff --git a/src/pybind/rados/setup.py b/src/pybind/rados/setup.py -index ef7c307..5204017 100755 ---- a/src/pybind/rados/setup.py -+++ b/src/pybind/rados/setup.py -@@ -117,14 +117,6 @@ def check_sanity(): - finally: - shutil.rmtree(tmp_dir) - -- --if 'BUILD_DOC' in os.environ.keys(): -- pass --elif check_sanity(): -- pass --else: -- sys.exit(1) -- - cmdclass = {} - try: - from Cython.Build import cythonize -diff --git a/src/pybind/rbd/setup.py b/src/pybind/rbd/setup.py -index bcf96f2..d4cbbeb 100755 ---- a/src/pybind/rbd/setup.py -+++ b/src/pybind/rbd/setup.py -@@ -120,14 +120,6 @@ def check_sanity(): - finally: - shutil.rmtree(tmp_dir) - -- --if 'BUILD_DOC' in os.environ.keys(): -- pass --elif check_sanity(): -- pass --else: -- sys.exit(1) -- - cmdclass = {} - try: - from Cython.Build import cythonize -diff --git a/src/pybind/rgw/setup.py b/src/pybind/rgw/setup.py -index f14f30c..ee7570b 100755 ---- a/src/pybind/rgw/setup.py -+++ b/src/pybind/rgw/setup.py -@@ -120,14 +120,6 @@ def check_sanity(): - finally: - shutil.rmtree(tmp_dir) - -- --if 'BUILD_DOC' in os.environ.keys(): -- pass --elif check_sanity(): -- pass --else: -- sys.exit(1) -- - cmdclass = {} - try: - from Cython.Build import cythonize --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-detect-init-correct-the-installation-for-OE.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-detect-init-correct-the-installation-for-OE.patch deleted file mode 100644 index 875501bf..00000000 --- a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-detect-init-correct-the-installation-for-OE.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 6aaf04036f0affbeddda123bff111990c4d5fd72 Mon Sep 17 00:00:00 2001 -From: Dengke Du <dengke.du@windriver.com> -Date: Fri, 26 Oct 2018 14:31:10 +0800 -Subject: [PATCH] ceph-detect-init: correct the installation for OE - -Signed-off-by: Dengke Du <dengke.du@windriver.com> -Upstream-Status: Inappropriate [oe specific] ---- - cmake/modules/Distutils.cmake | 11 ++--------- - 1 file changed, 2 insertions(+), 9 deletions(-) - -diff --git a/cmake/modules/Distutils.cmake b/cmake/modules/Distutils.cmake -index 3091d97..c50fe77 100644 ---- a/cmake/modules/Distutils.cmake -+++ b/cmake/modules/Distutils.cmake -@@ -16,15 +16,8 @@ function(distutils_install_module name) - cmake_parse_arguments(DU "" INSTALL_SCRIPT "" ${ARGN}) - install(CODE " - set(options --prefix=${CMAKE_INSTALL_PREFIX}) -- if(DEFINED ENV{DESTDIR}) -- if(EXISTS /etc/debian_version) -- list(APPEND options --install-layout=deb) -- endif() -- list(APPEND options --root=\$ENV{DESTDIR}) -- if(NOT \"${DU_INSTALL_SCRIPT}\" STREQUAL \"\") -- list(APPEND options --install-script=${DU_INSTALL_SCRIPT}) -- endif() -- endif() -+ list(APPEND options --root=${CMAKE_DESTDIR}) -+ list(APPEND options --install-lib=${PYTHON_SITEPACKAGES_DIR}) - execute_process( - COMMAND ${PYTHON${PYTHON_VERSION}_EXECUTABLE} - setup.py install \${options} --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-fix-build-errors-for-cross-compile.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-fix-build-errors-for-cross-compile.patch new file mode 100644 index 00000000..4d54549f --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-ceph-fix-build-errors-for-cross-compile.patch @@ -0,0 +1,184 @@ +From 4712fe18405ffea31405308357a8e7fca358bcce Mon Sep 17 00:00:00 2001 +From: Dengke Du <dengke.du@windriver.com> +Date: Mon, 11 Mar 2019 09:14:09 +0800 +Subject: [PATCH] ceph: fix build errors for cross compile + +1. set the cross compile sysroot to find the rocksdb library +2. correct the install path for library in Distutils.cmake + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Dengke Du <dengke.du@windriver.com> + +Adjust context for v14.2.3 + +Signed-off-by: He Zhe <zhe.he@windriver.com> +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + cmake/modules/Distutils.cmake | 25 +++++-------------------- + cmake/modules/FindRocksDB.cmake | 4 ++-- + src/compressor/zstd/CMakeLists.txt | 2 +- + src/pybind/cephfs/setup.py | 8 -------- + src/pybind/rados/setup.py | 8 -------- + src/pybind/rbd/setup.py | 8 -------- + src/pybind/rgw/setup.py | 8 -------- + 7 files changed, 8 insertions(+), 55 deletions(-) + +diff --git a/cmake/modules/Distutils.cmake b/cmake/modules/Distutils.cmake +index 5fe929499d..802eb37e32 100644 +--- a/cmake/modules/Distutils.cmake ++++ b/cmake/modules/Distutils.cmake +@@ -18,17 +18,8 @@ function(distutils_install_module name) + cmake_parse_arguments(DU "" "INSTALL_SCRIPT" "" ${ARGN}) + install(CODE " + set(options --prefix=${CMAKE_INSTALL_PREFIX}) +- if(DEFINED ENV{DESTDIR}) +- if(EXISTS /etc/debian_version) +- list(APPEND options --install-layout=deb) +- endif() +- list(APPEND options +- --root=\$ENV{DESTDIR} +- --single-version-externally-managed) +- if(NOT \"${DU_INSTALL_SCRIPT}\" STREQUAL \"\") +- list(APPEND options --install-script=${DU_INSTALL_SCRIPT}) +- endif() +- endif() ++ list(APPEND options --root=${CMAKE_DESTDIR}) ++ list(APPEND options --install-lib=${PYTHON_SITEPACKAGES_DIR}) + execute_process( + COMMAND ${Python3_EXECUTABLE} + setup.py install \${options} +@@ -50,7 +41,7 @@ function(distutils_add_cython_module target name src) + # Note: no quotes, otherwise distutils will execute "/usr/bin/ccache gcc" + # CMake's implicit conversion between strings and lists is wonderful, isn't it? + string(REPLACE " " ";" cflags ${CMAKE_C_FLAGS}) +- list(APPEND cflags -iquote${CMAKE_SOURCE_DIR}/src/include -w) ++ list(APPEND cflags -iquote${CMAKE_SOURCE_DIR}/src/include -w --sysroot=${CMAKE_SYSROOT}) + # This little bit of magic wipes out __Pyx_check_single_interpreter() + # Note: this is reproduced in distutils_install_cython_module + list(APPEND cflags -D'void0=dead_function\(void\)') +@@ -108,14 +99,8 @@ function(distutils_install_cython_module name) + set(ENV{CEPH_LIBDIR} \"${CMAKE_LIBRARY_OUTPUT_DIRECTORY}\") + + set(options --prefix=${CMAKE_INSTALL_PREFIX}) +- if(DEFINED ENV{DESTDIR}) +- if(EXISTS /etc/debian_version) +- list(APPEND options --install-layout=deb) +- endif() +- list(APPEND options --root=\$ENV{DESTDIR}) +- else() +- list(APPEND options --root=/) +- endif() ++ list(APPEND options --root=${CMAKE_DESTDIR}) ++ list(APPEND options --install-lib=${PYTHON_SITEPACKAGES_DIR}) + execute_process( + COMMAND + ${Python3_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/setup.py +diff --git a/cmake/modules/FindRocksDB.cmake b/cmake/modules/FindRocksDB.cmake +index c5dd3dfaf6..be38597af2 100644 +--- a/cmake/modules/FindRocksDB.cmake ++++ b/cmake/modules/FindRocksDB.cmake +@@ -9,9 +9,9 @@ + # ROCKSDB_VERSION_MINOR + # ROCKSDB_VERSION_PATCH + +-find_path(ROCKSDB_INCLUDE_DIR rocksdb/db.h) ++find_path(ROCKSDB_INCLUDE_DIR rocksdb/db.h ${CMAKE_SYSROOT}) + +-find_library(ROCKSDB_LIBRARIES rocksdb) ++find_library(ROCKSDB_LIBRARIES rocksdb ${CMAKE_SYSROOT}) + + if(ROCKSDB_INCLUDE_DIR AND EXISTS "${ROCKSDB_INCLUDE_DIR}/rocksdb/version.h") + foreach(ver "MAJOR" "MINOR" "PATCH") +diff --git a/src/compressor/zstd/CMakeLists.txt b/src/compressor/zstd/CMakeLists.txt +index a5ebdaf538..a234068150 100644 +--- a/src/compressor/zstd/CMakeLists.txt ++++ b/src/compressor/zstd/CMakeLists.txt +@@ -9,7 +9,7 @@ ExternalProject_Add(zstd_ext + CMAKE_ARGS -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER} + -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER} + -DCMAKE_C_FLAGS=${ZSTD_C_FLAGS} +- -DCMAKE_AR=${CMAKE_AR} ++ -DCMAKE_SYSROOT=${CMAKE_SYSROOT} + -DCMAKE_POSITION_INDEPENDENT_CODE=${ENABLE_SHARED} + -G${CMAKE_GENERATOR} + BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR}/libzstd +diff --git a/src/pybind/cephfs/setup.py b/src/pybind/cephfs/setup.py +index 19ae6c329a..c9a25ccfff 100755 +--- a/src/pybind/cephfs/setup.py ++++ b/src/pybind/cephfs/setup.py +@@ -135,14 +135,6 @@ def check_sanity(): + finally: + shutil.rmtree(tmp_dir) + +- +-if 'BUILD_DOC' in os.environ.keys(): +- pass +-elif check_sanity(): +- pass +-else: +- sys.exit(1) +- + cmdclass = {} + try: + from Cython.Build import cythonize +diff --git a/src/pybind/rados/setup.py b/src/pybind/rados/setup.py +index e2c5696404..4e99d26721 100755 +--- a/src/pybind/rados/setup.py ++++ b/src/pybind/rados/setup.py +@@ -134,14 +134,6 @@ def check_sanity(): + finally: + shutil.rmtree(tmp_dir) + +- +-if 'BUILD_DOC' in os.environ.keys(): +- pass +-elif check_sanity(): +- pass +-else: +- sys.exit(1) +- + cmdclass = {} + try: + from Cython.Build import cythonize +diff --git a/src/pybind/rbd/setup.py b/src/pybind/rbd/setup.py +index 634484f140..f5bbbdab4f 100755 +--- a/src/pybind/rbd/setup.py ++++ b/src/pybind/rbd/setup.py +@@ -133,14 +133,6 @@ def check_sanity(): + finally: + shutil.rmtree(tmp_dir) + +- +-if 'BUILD_DOC' in os.environ.keys(): +- pass +-elif check_sanity(): +- pass +-else: +- sys.exit(1) +- + cmdclass = {} + try: + from Cython.Build import cythonize +diff --git a/src/pybind/rgw/setup.py b/src/pybind/rgw/setup.py +index eb1591a460..b9f2428cf9 100755 +--- a/src/pybind/rgw/setup.py ++++ b/src/pybind/rgw/setup.py +@@ -134,14 +134,6 @@ def check_sanity(): + finally: + shutil.rmtree(tmp_dir) + +- +-if 'BUILD_DOC' in os.environ.keys(): +- pass +-elif check_sanity(): +- pass +-else: +- sys.exit(1) +- + cmdclass = {} + try: + from Cython.Build import cythonize +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-fix-host-library-paths-were-used.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-fix-host-library-paths-were-used.patch new file mode 100644 index 00000000..310bfa47 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-fix-host-library-paths-were-used.patch @@ -0,0 +1,96 @@ +From bbf1cba8feb0e43492a1f6a6b31d024117cad262 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Mon, 13 Apr 2020 23:35:41 -0700 +Subject: [PATCH] fix host library paths were used + +Test the existence of recipe-sysrooot, add it back if lost + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + src/pybind/cephfs/setup.py | 6 +++++- + src/pybind/rados/setup.py | 6 +++++- + src/pybind/rbd/setup.py | 6 +++++- + src/pybind/rgw/setup.py | 6 +++++- + 4 files changed, 20 insertions(+), 4 deletions(-) + +diff --git a/src/pybind/cephfs/setup.py b/src/pybind/cephfs/setup.py +index c9a25ccf..972f936c 100755 +--- a/src/pybind/cephfs/setup.py ++++ b/src/pybind/cephfs/setup.py +@@ -63,9 +63,13 @@ def get_python_flags(libs): + distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + compiler = new_compiler() + distutils.sysconfig.customize_compiler(compiler) ++ libpl = distutils.sysconfig.get_config_var('LIBPL') ++ sysroot = os.environ.get('STAGING_DIR_HOST') ++ if not libpl.startswith(sysroot): ++ libpl = sysroot + libpl + return dict( + include_dirs=[distutils.sysconfig.get_python_inc()], +- library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), ++ library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], + libraries=libs + [lib.replace('-l', '') for lib in py_libs], + extra_compile_args=filter_unsupported_flags( + compiler.compiler[0], +diff --git a/src/pybind/rados/setup.py b/src/pybind/rados/setup.py +index 4e99d267..de24f766 100755 +--- a/src/pybind/rados/setup.py ++++ b/src/pybind/rados/setup.py +@@ -66,9 +66,13 @@ def get_python_flags(libs): + distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + compiler = new_compiler() + distutils.sysconfig.customize_compiler(compiler) ++ libpl = distutils.sysconfig.get_config_var('LIBPL') ++ sysroot = os.environ.get('STAGING_DIR_HOST') ++ if not libpl.startswith(sysroot): ++ libpl = sysroot + libpl + return dict( + include_dirs=[distutils.sysconfig.get_python_inc()], +- library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), ++ library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], + libraries=libs + [lib.replace('-l', '') for lib in py_libs], + extra_compile_args=filter_unsupported_flags( + compiler.compiler[0], +diff --git a/src/pybind/rbd/setup.py b/src/pybind/rbd/setup.py +index f5bbbdab..a1f70e1d 100755 +--- a/src/pybind/rbd/setup.py ++++ b/src/pybind/rbd/setup.py +@@ -63,9 +63,13 @@ def get_python_flags(libs): + distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + compiler = new_compiler() + distutils.sysconfig.customize_compiler(compiler) ++ libpl = distutils.sysconfig.get_config_var('LIBPL') ++ sysroot = os.environ.get('STAGING_DIR_HOST') ++ if not libpl.startswith(sysroot): ++ libpl = sysroot + libpl + return dict( + include_dirs=[distutils.sysconfig.get_python_inc()], +- library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), ++ library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], + libraries=libs + [lib.replace('-l', '') for lib in py_libs], + extra_compile_args=filter_unsupported_flags( + compiler.compiler[0], +diff --git a/src/pybind/rgw/setup.py b/src/pybind/rgw/setup.py +index b9f2428c..f5119f73 100755 +--- a/src/pybind/rgw/setup.py ++++ b/src/pybind/rgw/setup.py +@@ -64,9 +64,13 @@ def get_python_flags(libs): + distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + compiler = new_compiler() + distutils.sysconfig.customize_compiler(compiler) ++ libpl = distutils.sysconfig.get_config_var('LIBPL') ++ sysroot = os.environ.get('STAGING_DIR_HOST') ++ if not libpl.startswith(sysroot): ++ libpl = sysroot + libpl + return dict( + include_dirs=[distutils.sysconfig.get_python_inc()], +- library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), ++ library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], + libraries=libs + [lib.replace('-l', '') for lib in py_libs], + extra_compile_args=filter_unsupported_flags( + compiler.compiler[0], +-- +2.21.0 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch new file mode 100644 index 00000000..de191bf8 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch @@ -0,0 +1,100 @@ +From de67c1dab5597c91538970421b25f6ec667af492 Mon Sep 17 00:00:00 2001 +From: Josh Durgin <jdurgin@redhat.com> +Date: Mon, 4 May 2020 17:03:35 -0400 +Subject: [PATCH 1/3] mgr: require all caps for pre-octopus tell commands + +This matches the requirements for admin socket commands +sent via tell elsewhere. + +Signed-off-by: Josh Durgin <jdurgin@redhat.com> + +Upstream-status: Backport +[https://github.com/ceph/ceph/commit/347003e13167c428187a5450517850f4d85e09ad] + +Signed-off-by: Liu Haitao <haitao.liu@windriver.com> +--- + src/mgr/DaemonServer.cc | 37 ++++++++++++++++++++++--------------- + 1 file changed, 22 insertions(+), 15 deletions(-) + +diff --git a/src/mgr/DaemonServer.cc b/src/mgr/DaemonServer.cc +index becd428a..527326e3 100644 +--- a/src/mgr/DaemonServer.cc ++++ b/src/mgr/DaemonServer.cc +@@ -808,20 +808,12 @@ public: + bool DaemonServer::handle_command(const ref_t<MCommand>& m) + { + std::lock_guard l(lock); +- // a blank fsid in MCommand signals a legacy client sending a "mon-mgr" CLI +- // command. +- if (m->fsid != uuid_d()) { +- cct->get_admin_socket()->queue_tell_command(m); ++ auto cmdctx = std::make_shared<CommandContext>(m); ++ try { ++ return _handle_command(cmdctx); ++ } catch (const bad_cmd_get& e) { ++ cmdctx->reply(-EINVAL, e.what()); + return true; +- } else { +- // legacy client; send to CLI processing +- auto cmdctx = std::make_shared<CommandContext>(m); +- try { +- return _handle_command(cmdctx); +- } catch (const bad_cmd_get& e) { +- cmdctx->reply(-EINVAL, e.what()); +- return true; +- } + } + } + +@@ -853,8 +845,12 @@ bool DaemonServer::_handle_command( + std::shared_ptr<CommandContext>& cmdctx) + { + MessageRef m; ++ bool admin_socket_cmd = false; + if (cmdctx->m_tell) { + m = cmdctx->m_tell; ++ // a blank fsid in MCommand signals a legacy client sending a "mon-mgr" CLI ++ // command. ++ admin_socket_cmd = (cmdctx->m_tell->fsid != uuid_d()); + } else { + m = cmdctx->m_mgr; + } +@@ -888,7 +884,10 @@ bool DaemonServer::_handle_command( + + dout(10) << "decoded-size=" << cmdctx->cmdmap.size() << " prefix=" << prefix << dendl; + +- if (prefix == "get_command_descriptions") { ++ // this is just for mgr commands - admin socket commands will fall ++ // through and use the admin socket version of ++ // get_command_descriptions ++ if (prefix == "get_command_descriptions" && !admin_socket_cmd) { + dout(10) << "reading commands from python modules" << dendl; + const auto py_commands = py_modules.get_commands(); + +@@ -925,7 +924,10 @@ bool DaemonServer::_handle_command( + + bool is_allowed = false; + ModuleCommand py_command; +- if (!mgr_cmd) { ++ if (admin_socket_cmd) { ++ // admin socket commands require all capabilities ++ is_allowed = session->caps.is_allow_all(); ++ } else if (!mgr_cmd) { + // Resolve the command to the name of the module that will + // handle it (if the command exists) + auto py_commands = py_modules.get_py_commands(); +@@ -958,6 +960,11 @@ bool DaemonServer::_handle_command( + << "entity='" << session->entity_name << "' " + << "cmd=" << cmdctx->cmd << ": dispatch"; + ++ if (admin_socket_cmd) { ++ cct->get_admin_socket()->queue_tell_command(cmdctx->m_tell); ++ return true; ++ } ++ + // ---------------- + // service map commands + if (prefix == "service dump") { +-- +2.25.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-ProtocolV2-avoid-AES-GCM-nonce-reuse-vulne.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-ProtocolV2-avoid-AES-GCM-nonce-reuse-vulne.patch new file mode 100644 index 00000000..54156698 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-ProtocolV2-avoid-AES-GCM-nonce-reuse-vulne.patch @@ -0,0 +1,256 @@ +From 20b7bb685c5ea74c651ca1ea547ac66b0fee7035 Mon Sep 17 00:00:00 2001 +From: Ilya Dryomov <idryomov@gmail.com> +Date: Fri, 6 Mar 2020 20:16:45 +0100 +Subject: [PATCH] msg/async/ProtocolV2: avoid AES-GCM nonce reuse + vulnerabilities + +The secure mode uses AES-128-GCM with 96-bit nonces consisting of a +32-bit counter followed by a 64-bit salt. The counter is incremented +after processing each frame, the salt is fixed for the duration of +the session. Both are initialized from the session key generated +during session negotiation, so the counter starts with essentially +a random value. It is allowed to wrap, and, after 2**32 frames, it +repeats, resulting in nonce reuse (the actual sequence numbers that +the messenger works with are 64-bit, so the session continues on). + +Because of how GCM works, this completely breaks both confidentiality +and integrity aspects of the secure mode. A single nonce reuse reveals +the XOR of two plaintexts and almost completely reveals the subkey +used for producing authentication tags. After a few nonces get used +twice, all confidentiality and integrity goes out the window and the +attacker can potentially encrypt-authenticate plaintext of their +choice. + +We can't easily change the nonce format to extend the counter to +64 bits (and possibly XOR it with a longer salt). Instead, just +remember the initial nonce and cut the session before it repeats, +forcing renegotiation. + +Signed-off-by: Ilya Dryomov <idryomov@gmail.com> +Reviewed-by: Radoslaw Zarzynski <rzarzyns@redhat.com> +Reviewed-by: Sage Weil <sage@redhat.com> + +Conflicts: + src/msg/async/ProtocolV2.h [ context: commit ed3ec4c01d17 + ("msg: Build target 'common' without using namespace in + headers") not in octopus ] + +CVE: CVE-2020-1759 +Upstream Status: Backport [20b7bb685c5ea74c651ca1ea547ac66b0fee7035] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/msg/async/ProtocolV2.cc | 62 ++++++++++++++++++++++++---------- + src/msg/async/ProtocolV2.h | 5 +-- + src/msg/async/crypto_onwire.cc | 17 ++++++++-- + src/msg/async/crypto_onwire.h | 5 +++ + 4 files changed, 67 insertions(+), 22 deletions(-) + +diff --git a/src/msg/async/ProtocolV2.cc b/src/msg/async/ProtocolV2.cc +index 8fc02db6e5..c69f2ccf79 100644 +--- a/src/msg/async/ProtocolV2.cc ++++ b/src/msg/async/ProtocolV2.cc +@@ -533,7 +533,10 @@ ssize_t ProtocolV2::write_message(Message *m, bool more) { + m->get_payload(), + m->get_middle(), + m->get_data()); +- connection->outgoing_bl.append(message.get_buffer(session_stream_handlers)); ++ if (!append_frame(message)) { ++ m->put(); ++ return -EILSEQ; ++ } + + ldout(cct, 5) << __func__ << " sending message m=" << m + << " seq=" << m->get_seq() << " " << *m << dendl; +@@ -566,15 +569,17 @@ ssize_t ProtocolV2::write_message(Message *m, bool more) { + return rc; + } + +-void ProtocolV2::append_keepalive() { +- ldout(cct, 10) << __func__ << dendl; +- auto keepalive_frame = KeepAliveFrame::Encode(); +- connection->outgoing_bl.append(keepalive_frame.get_buffer(session_stream_handlers)); +-} +- +-void ProtocolV2::append_keepalive_ack(utime_t ×tamp) { +- auto keepalive_ack_frame = KeepAliveFrameAck::Encode(timestamp); +- connection->outgoing_bl.append(keepalive_ack_frame.get_buffer(session_stream_handlers)); ++template <class F> ++bool ProtocolV2::append_frame(F& frame) { ++ ceph::bufferlist bl; ++ try { ++ bl = frame.get_buffer(session_stream_handlers); ++ } catch (ceph::crypto::onwire::TxHandlerError &e) { ++ ldout(cct, 1) << __func__ << " " << e.what() << dendl; ++ return false; ++ } ++ connection->outgoing_bl.append(bl); ++ return true; + } + + void ProtocolV2::handle_message_ack(uint64_t seq) { +@@ -612,7 +617,15 @@ void ProtocolV2::write_event() { + connection->write_lock.lock(); + if (can_write) { + if (keepalive) { +- append_keepalive(); ++ ldout(cct, 10) << __func__ << " appending keepalive" << dendl; ++ auto keepalive_frame = KeepAliveFrame::Encode(); ++ if (!append_frame(keepalive_frame)) { ++ connection->write_lock.unlock(); ++ connection->lock.lock(); ++ fault(); ++ connection->lock.unlock(); ++ return; ++ } + keepalive = false; + } + +@@ -663,13 +676,16 @@ void ProtocolV2::write_event() { + if (r == 0) { + uint64_t left = ack_left; + if (left) { +- auto ack = AckFrame::Encode(in_seq); +- connection->outgoing_bl.append(ack.get_buffer(session_stream_handlers)); + ldout(cct, 10) << __func__ << " try send msg ack, acked " << left + << " messages" << dendl; +- ack_left -= left; +- left = ack_left; +- r = connection->_try_send(left); ++ auto ack_frame = AckFrame::Encode(in_seq); ++ if (append_frame(ack_frame)) { ++ ack_left -= left; ++ left = ack_left; ++ r = connection->_try_send(left); ++ } else { ++ r = -EILSEQ; ++ } + } else if (is_queued()) { + r = connection->_try_send(); + } +@@ -769,7 +785,13 @@ template <class F> + CtPtr ProtocolV2::write(const std::string &desc, + CONTINUATION_TYPE<ProtocolV2> &next, + F &frame) { +- ceph::bufferlist bl = frame.get_buffer(session_stream_handlers); ++ ceph::bufferlist bl; ++ try { ++ bl = frame.get_buffer(session_stream_handlers); ++ } catch (ceph::crypto::onwire::TxHandlerError &e) { ++ ldout(cct, 1) << __func__ << " " << e.what() << dendl; ++ return _fault(); ++ } + return write(desc, next, bl); + } + +@@ -1672,7 +1694,11 @@ CtPtr ProtocolV2::handle_keepalive2(ceph::bufferlist &payload) + ldout(cct, 30) << __func__ << " got KEEPALIVE2 tag ..." << dendl; + + connection->write_lock.lock(); +- append_keepalive_ack(keepalive_frame.timestamp()); ++ auto keepalive_ack_frame = KeepAliveFrameAck::Encode(keepalive_frame.timestamp()); ++ if (!append_frame(keepalive_ack_frame)) { ++ connection->write_lock.unlock(); ++ return _fault(); ++ } + connection->write_lock.unlock(); + + ldout(cct, 20) << __func__ << " got KEEPALIVE2 " +diff --git a/src/msg/async/ProtocolV2.h b/src/msg/async/ProtocolV2.h +index 2dbe647ae5..9897d18cf2 100644 +--- a/src/msg/async/ProtocolV2.h ++++ b/src/msg/async/ProtocolV2.h +@@ -129,6 +129,9 @@ private: + CONTINUATION_TYPE<ProtocolV2> &next, + bufferlist &buffer); + ++ template <class F> ++ bool append_frame(F& frame); ++ + void requeue_sent(); + uint64_t discard_requeued_up_to(uint64_t out_seq, uint64_t seq); + void reset_recv_state(); +@@ -140,8 +143,6 @@ private: + void prepare_send_message(uint64_t features, Message *m); + out_queue_entry_t _get_next_outgoing(); + ssize_t write_message(Message *m, bool more); +- void append_keepalive(); +- void append_keepalive_ack(utime_t ×tamp); + void handle_message_ack(uint64_t seq); + + CONTINUATION_DECL(ProtocolV2, _wait_for_peer_banner); +diff --git a/src/msg/async/crypto_onwire.cc b/src/msg/async/crypto_onwire.cc +index acf3f66689..07e7fe6553 100644 +--- a/src/msg/async/crypto_onwire.cc ++++ b/src/msg/async/crypto_onwire.cc +@@ -22,6 +22,10 @@ static constexpr const std::size_t AESGCM_BLOCK_LEN{16}; + struct nonce_t { + std::uint32_t random_seq; + std::uint64_t random_rest; ++ ++ bool operator==(const nonce_t& rhs) const { ++ return !memcmp(this, &rhs, sizeof(*this)); ++ } + } __attribute__((packed)); + static_assert(sizeof(nonce_t) == AESGCM_IV_LEN); + +@@ -35,7 +39,8 @@ class AES128GCM_OnWireTxHandler : public ceph::crypto::onwire::TxHandler { + CephContext* const cct; + std::unique_ptr<EVP_CIPHER_CTX, decltype(&::EVP_CIPHER_CTX_free)> ectx; + ceph::bufferlist buffer; +- nonce_t nonce; ++ nonce_t nonce, initial_nonce; ++ bool used_initial_nonce; + static_assert(sizeof(nonce) == AESGCM_IV_LEN); + + public: +@@ -44,7 +49,7 @@ public: + const nonce_t& nonce) + : cct(cct), + ectx(EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free), +- nonce(nonce) { ++ nonce(nonce), initial_nonce(nonce), used_initial_nonce(false) { + ceph_assert_always(ectx); + ceph_assert_always(key.size() * CHAR_BIT == 128); + +@@ -61,6 +66,7 @@ public: + + ~AES128GCM_OnWireTxHandler() override { + ::ceph::crypto::zeroize_for_security(&nonce, sizeof(nonce)); ++ ::ceph::crypto::zeroize_for_security(&initial_nonce, sizeof(initial_nonce)); + } + + std::uint32_t calculate_segment_size(std::uint32_t size) override +@@ -78,6 +84,13 @@ public: + void AES128GCM_OnWireTxHandler::reset_tx_handler( + std::initializer_list<std::uint32_t> update_size_sequence) + { ++ if (nonce == initial_nonce) { ++ if (used_initial_nonce) { ++ throw ceph::crypto::onwire::TxHandlerError("out of nonces"); ++ } ++ used_initial_nonce = true; ++ } ++ + if(1 != EVP_EncryptInit_ex(ectx.get(), nullptr, nullptr, nullptr, + reinterpret_cast<const unsigned char*>(&nonce))) { + throw std::runtime_error("EVP_EncryptInit_ex failed"); +diff --git a/src/msg/async/crypto_onwire.h b/src/msg/async/crypto_onwire.h +index bd682e8c71..0c544f205a 100644 +--- a/src/msg/async/crypto_onwire.h ++++ b/src/msg/async/crypto_onwire.h +@@ -45,6 +45,11 @@ struct MsgAuthError : public std::runtime_error { + } + }; + ++struct TxHandlerError : public std::runtime_error { ++ TxHandlerError(const char* what) ++ : std::runtime_error(std::string("tx handler error: ") + what) {} ++}; ++ + struct TxHandler { + virtual ~TxHandler() = default; + +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-crypto_onwire-fix-endianness-of-nonce_t.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-crypto_onwire-fix-endianness-of-nonce_t.patch new file mode 100644 index 00000000..ad8a2055 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-msg-async-crypto_onwire-fix-endianness-of-nonce_t.patch @@ -0,0 +1,61 @@ +From dfd1d81cec62e21e21696dc87d4db5f920e51a67 Mon Sep 17 00:00:00 2001 +From: Ilya Dryomov <idryomov@gmail.com> +Date: Fri, 6 Mar 2020 20:16:45 +0100 +Subject: [PATCH] msg/async/crypto_onwire: fix endianness of nonce_t + +As a AES-GCM IV, nonce_t is implicitly shared between server and +client. Currently, if their endianness doesn't match, they are unable +to communicate in secure mode because each gets its own idea of what +the next nonce should be after the counter is incremented. + +Several RFCs state that the nonce counter should be BE, but since we +use LE for everything on-disk and on-wire, make it LE. + +Signed-off-by: Ilya Dryomov <idryomov@gmail.com> +Reviewed-by: Radoslaw Zarzynski <rzarzyns@redhat.com> +Reviewed-by: Sage Weil <sage@redhat.com> + +CVE: CVE-2020-1759 +Upstream Status: Backport [dfd1d81cec62e21e21696dc87d4db5f920e51a67] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/msg/async/crypto_onwire.cc | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/msg/async/crypto_onwire.cc b/src/msg/async/crypto_onwire.cc +index 07e7fe6553..c39632cbd6 100644 +--- a/src/msg/async/crypto_onwire.cc ++++ b/src/msg/async/crypto_onwire.cc +@@ -20,8 +20,8 @@ static constexpr const std::size_t AESGCM_TAG_LEN{16}; + static constexpr const std::size_t AESGCM_BLOCK_LEN{16}; + + struct nonce_t { +- std::uint32_t random_seq; +- std::uint64_t random_rest; ++ ceph_le32 random_seq; ++ ceph_le64 random_rest; + + bool operator==(const nonce_t& rhs) const { + return !memcmp(this, &rhs, sizeof(*this)); +@@ -99,7 +99,7 @@ void AES128GCM_OnWireTxHandler::reset_tx_handler( + buffer.reserve(std::accumulate(std::begin(update_size_sequence), + std::end(update_size_sequence), AESGCM_TAG_LEN)); + +- ++nonce.random_seq; ++ nonce.random_seq = nonce.random_seq + 1; + } + + void AES128GCM_OnWireTxHandler::authenticated_encrypt_update( +@@ -204,7 +204,7 @@ void AES128GCM_OnWireRxHandler::reset_rx_handler() + reinterpret_cast<const unsigned char*>(&nonce))) { + throw std::runtime_error("EVP_DecryptInit_ex failed"); + } +- ++nonce.random_seq; ++ nonce.random_seq = nonce.random_seq + 1; + } + + ceph::bufferlist AES128GCM_OnWireRxHandler::authenticated_decrypt_update( +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-EPERM-to-ERR_INVALID_REQUEST.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-EPERM-to-ERR_INVALID_REQUEST.patch new file mode 100644 index 00000000..30906d7c --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-EPERM-to-ERR_INVALID_REQUEST.patch @@ -0,0 +1,33 @@ +From 92da834cababc4dddd5dbbab5837310478d1e6d4 Mon Sep 17 00:00:00 2001 +From: Abhishek Lekshmanan <abhishek@suse.com> +Date: Fri, 27 Mar 2020 19:29:01 +0100 +Subject: [PATCH] rgw: EPERM to ERR_INVALID_REQUEST + +As per Robin's comments and S3 spec + +Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com> + +CVE: CVE-2020-1760 +Upstream Status: Backport [92da834cababc4dddd5dbbab5837310478d1e6d4] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/rgw/rgw_rest_s3.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc +index 1bfc8312de..f13ae23dd6 100644 +--- a/src/rgw/rgw_rest_s3.cc ++++ b/src/rgw/rgw_rest_s3.cc +@@ -301,7 +301,7 @@ int RGWGetObj_ObjStore_S3::send_response_data(bufferlist& bl, off_t bl_ofs, + /* reject unauthenticated response header manipulation, see + * https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html */ + if (s->auth.identity->is_anonymous()) { +- return -EPERM; ++ return -ERR_INVALID_REQUEST; + } + if (strcmp(p->param, "response-content-type") != 0) { + response_attrs[p->http_attr] = val; +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-control-characters-in-response-header-act.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-control-characters-in-response-header-act.patch new file mode 100644 index 00000000..af0fc79a --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-control-characters-in-response-header-act.patch @@ -0,0 +1,64 @@ +From be7679007c3dfab3e19c22c38c36ccac91828e3b Mon Sep 17 00:00:00 2001 +From: "Robin H. Johnson" <rjohnson@digitalocean.com> +Date: Fri, 27 Mar 2020 20:48:13 +0100 +Subject: [PATCH] rgw: reject control characters in response-header actions + +S3 GetObject permits overriding response header values, but those inputs +need to be validated to insure only characters that are valid in an HTTP +header value are present. + +Credit: Initial vulnerability discovery by William Bowling (@wcbowling) +Credit: Further vulnerability discovery by Robin H. Johnson <rjohnson@digitalocean.com> +Signed-off-by: Robin H. Johnson <rjohnson@digitalocean.com> + +CVE: CVE-2020-1760 +Upstream Status: Backport [be7679007c3dfab3e19c22c38c36ccac91828e3b] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/rgw/rgw_rest_s3.cc | 22 ++++++++++++++++++++++ + 1 file changed, 22 insertions(+) + +diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc +index f13ae23dd6..0de040968c 100644 +--- a/src/rgw/rgw_rest_s3.cc ++++ b/src/rgw/rgw_rest_s3.cc +@@ -189,6 +189,15 @@ int decode_attr_bl_single_value(map<string, bufferlist>& attrs, const char *attr + return 0; + } + ++inline bool str_has_cntrl(const std::string s) { ++ return std::any_of(s.begin(), s.end(), ::iscntrl); ++} ++ ++inline bool str_has_cntrl(const char* s) { ++ std::string _s(s); ++ return str_has_cntrl(_s); ++} ++ + int RGWGetObj_ObjStore_S3::send_response_data(bufferlist& bl, off_t bl_ofs, + off_t bl_len) + { +@@ -303,6 +312,19 @@ int RGWGetObj_ObjStore_S3::send_response_data(bufferlist& bl, off_t bl_ofs, + if (s->auth.identity->is_anonymous()) { + return -ERR_INVALID_REQUEST; + } ++ /* HTTP specification says no control characters should be present in ++ * header values: https://tools.ietf.org/html/rfc7230#section-3.2 ++ * field-vchar = VCHAR / obs-text ++ * ++ * Failure to validate this permits a CRLF injection in HTTP headers, ++ * whereas S3 GetObject only permits specific headers. ++ */ ++ if(str_has_cntrl(val)) { ++ /* TODO: return a more distinct error in future; ++ * stating what the problem is */ ++ return -ERR_INVALID_REQUEST; ++ } ++ + if (strcmp(p->param, "response-content-type") != 0) { + response_attrs[p->http_attr] = val; + } else { +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-unauthenticated-response-header-actions.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-unauthenticated-response-header-actions.patch new file mode 100644 index 00000000..ae241473 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-rgw-reject-unauthenticated-response-header-actions.patch @@ -0,0 +1,36 @@ +From 8f90658c731499722d5f4393c8ad70b971d05f77 Mon Sep 17 00:00:00 2001 +From: Matt Benjamin <mbenjamin@redhat.com> +Date: Fri, 27 Mar 2020 18:13:48 +0100 +Subject: [PATCH] rgw: reject unauthenticated response-header actions + +Signed-off-by: Matt Benjamin <mbenjamin@redhat.com> +Reviewed-by: Casey Bodley <cbodley@redhat.com> +(cherry picked from commit d8dd5e513c0c62bbd7d3044d7e2eddcd897bd400) + +CVE: CVE-2020-1760 +Upstream Status: Backport [8f90658c731499722d5f4393c8ad70b971d05f77] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/rgw/rgw_rest_s3.cc | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc +index 532d738b58..1bfc8312de 100644 +--- a/src/rgw/rgw_rest_s3.cc ++++ b/src/rgw/rgw_rest_s3.cc +@@ -298,6 +298,11 @@ int RGWGetObj_ObjStore_S3::send_response_data(bufferlist& bl, off_t bl_ofs, + bool exists; + string val = s->info.args.get(p->param, &exists); + if (exists) { ++ /* reject unauthenticated response header manipulation, see ++ * https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html */ ++ if (s->auth.identity->is_anonymous()) { ++ return -EPERM; ++ } + if (strcmp(p->param, "response-content-type") != 0) { + response_attrs[p->http_attr] = val; + } else { +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-zstd-fix-error-for-cross-compile.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-zstd-fix-error-for-cross-compile.patch deleted file mode 100644 index 66b5f0a5..00000000 --- a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-zstd-fix-error-for-cross-compile.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 3e86b6d9db2682b123839e38e9bf45060e2bb2ab Mon Sep 17 00:00:00 2001 -From: Dengke Du <dengke.du@windriver.com> -Date: Wed, 29 Aug 2018 16:57:52 +0800 -Subject: [PATCH] zstd: fix error for cross compile - -Signed-off-by: Dengke Du <dengke.du@windriver.com> ---- - src/compressor/zstd/CMakeLists.txt | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/compressor/zstd/CMakeLists.txt b/src/compressor/zstd/CMakeLists.txt -index e30cb89..b298a3d 100644 ---- a/src/compressor/zstd/CMakeLists.txt -+++ b/src/compressor/zstd/CMakeLists.txt -@@ -9,7 +9,7 @@ ExternalProject_Add(zstd_ext - CMAKE_ARGS -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER} - -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER} - -DCMAKE_C_FLAGS=${ZSTD_C_FLAGS} -- -DCMAKE_AR=${CMAKE_AR} -+ -DCMAKE_SYSROOT=${CMAKE_SYSROOT} - BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR}/libzstd - BUILD_COMMAND $(MAKE) libzstd_static - INSTALL_COMMAND "true") --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0002-mon-enforce-caps-for-pre-octopus-client-tell-command.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0002-mon-enforce-caps-for-pre-octopus-client-tell-command.patch new file mode 100644 index 00000000..79f2174b --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0002-mon-enforce-caps-for-pre-octopus-client-tell-command.patch @@ -0,0 +1,95 @@ +From ddbac9b2779172876ebd2d26b68b04b02350a125 Mon Sep 17 00:00:00 2001 +From: Josh Durgin <jdurgin@redhat.com> +Date: Thu, 23 Apr 2020 00:22:10 -0400 +Subject: [PATCH 2/3] mon: enforce caps for pre-octopus client tell commands + +This affects only the commands whitelisted here - in particular +injectargs requires write access to the monitors. + +Signed-off-by: Josh Durgin <jdurgin@redhat.com> + +Upstream-status: Backport +[https://github.com/ceph/ceph/commit/fc5e56b75a97c4652c87e9959aad1c4dec45010d] + +Signed-off-by: Liu Haitao <haitao.liu@windriver.com> +--- + src/mon/Monitor.cc | 56 +++++++++++++++++++++++----------------------- + 1 file changed, 28 insertions(+), 28 deletions(-) + +diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc +index b7cb3eae..eecd2f68 100644 +--- a/src/mon/Monitor.cc ++++ b/src/mon/Monitor.cc +@@ -3226,34 +3226,6 @@ void Monitor::handle_command(MonOpRequestRef op) + return; + } + +- // compat kludge for legacy clients trying to tell commands that are +- // new. see bottom of MonCommands.h. we need to handle both (1) +- // pre-octopus clients and (2) octopus clients with a mix of pre-octopus +- // and octopus mons. +- if ((!HAVE_FEATURE(m->get_connection()->get_features(), SERVER_OCTOPUS) || +- monmap->min_mon_release < ceph_release_t::octopus) && +- (prefix == "injectargs" || +- prefix == "smart" || +- prefix == "mon_status" || +- prefix == "heap")) { +- if (m->get_connection()->get_messenger() == 0) { +- // Prior to octopus, monitors might forward these messages +- // around. that was broken at baseline, and if we try to process +- // this message now, it will assert out when we try to send a +- // message in reply from the asok/tell worker (see +- // AnonConnection). Just reply with an error. +- dout(5) << __func__ << " failing forwarded command from a (presumably) " +- << "pre-octopus peer" << dendl; +- reply_command( +- op, -EBUSY, +- "failing forwarded tell command in mixed-version mon cluster", 0); +- return; +- } +- dout(5) << __func__ << " passing command to tell/asok" << dendl; +- cct->get_admin_socket()->queue_tell_command(m); +- return; +- } +- + string module; + string err; + +@@ -3368,6 +3340,34 @@ void Monitor::handle_command(MonOpRequestRef op) + << "entity='" << session->entity_name << "' " + << "cmd=" << m->cmd << ": dispatch"; + ++ // compat kludge for legacy clients trying to tell commands that are ++ // new. see bottom of MonCommands.h. we need to handle both (1) ++ // pre-octopus clients and (2) octopus clients with a mix of pre-octopus ++ // and octopus mons. ++ if ((!HAVE_FEATURE(m->get_connection()->get_features(), SERVER_OCTOPUS) || ++ monmap->min_mon_release < ceph_release_t::octopus) && ++ (prefix == "injectargs" || ++ prefix == "smart" || ++ prefix == "mon_status" || ++ prefix == "heap")) { ++ if (m->get_connection()->get_messenger() == 0) { ++ // Prior to octopus, monitors might forward these messages ++ // around. that was broken at baseline, and if we try to process ++ // this message now, it will assert out when we try to send a ++ // message in reply from the asok/tell worker (see ++ // AnonConnection). Just reply with an error. ++ dout(5) << __func__ << " failing forwarded command from a (presumably) " ++ << "pre-octopus peer" << dendl; ++ reply_command( ++ op, -EBUSY, ++ "failing forwarded tell command in mixed-version mon cluster", 0); ++ return; ++ } ++ dout(5) << __func__ << " passing command to tell/asok" << dendl; ++ cct->get_admin_socket()->queue_tell_command(m); ++ return; ++ } ++ + if (mon_cmd->is_mgr()) { + const auto& hdr = m->get_header(); + uint64_t size = hdr.front_len + hdr.middle_len + hdr.data_len; +-- +2.25.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0003-PendingReleaseNotes-note-about-security-fix.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0003-PendingReleaseNotes-note-about-security-fix.patch new file mode 100644 index 00000000..ed2a63e7 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0003-PendingReleaseNotes-note-about-security-fix.patch @@ -0,0 +1,31 @@ +From 56800925651857821034ac9c8ec82d45635cc3b8 Mon Sep 17 00:00:00 2001 +From: Josh Durgin <jdurgin@redhat.com> +Date: Wed, 13 May 2020 21:34:56 -0700 +Subject: [PATCH 3/3] PendingReleaseNotes: note about security fix + +Signed-off-by: Josh Durgin <jdurgin@redhat.com> + +Upstream-status: Backport +[https://github.com/ceph/ceph/commit/06f239fc35f35865d2cf92dda1ac8f4d5fe82bde] + +Signed-off-by: Liu Haitao <haitao.liu@windriver.com> +--- + PendingReleaseNotes | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/PendingReleaseNotes b/PendingReleaseNotes +index c9fd4c79..6e07ce6d 100644 +--- a/PendingReleaseNotes ++++ b/PendingReleaseNotes +@@ -1,6 +1,8 @@ + >=15.0.0 + -------- + ++* CVE-2020-10736: Fixes an authorization bypass in monitor and manager daemons ++ + * The RGW "num_rados_handles" has been removed. + * If you were using a value of "num_rados_handles" greater than 1 + multiply your current "objecter_inflight_ops" and +-- +2.25.1 + diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph_13.2.2.bb b/external/meta-virtualization/recipes-extended/ceph/ceph_13.2.2.bb deleted file mode 100644 index 08021cf7..00000000 --- a/external/meta-virtualization/recipes-extended/ceph/ceph_13.2.2.bb +++ /dev/null @@ -1,103 +0,0 @@ -SUMMARY = "User space components of the Ceph file system" -LICENSE = "LGPLv2.1 & GPLv2 & Apache-2.0 & MIT" -LIC_FILES_CHKSUM = "file://COPYING-LGPL2.1;md5=fbc093901857fcd118f065f900982c24 \ - file://COPYING-GPL2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://COPYING;md5=92d301c8fccd296f2221a68a8dd53828 \ -" -inherit cmake pythonnative python-dir systemd -# Disable python pybind support for ceph temporary, when corss compiling pybind, -# pybind mix cmake and python setup environment, would case a lot of errors. - -SRC_URI = "http://download.ceph.com/tarballs/ceph-${PV}.tar.gz \ - file://0001-Correct-the-path-to-find-version.h-in-rocksdb.patch \ - file://0001-zstd-fix-error-for-cross-compile.patch \ - file://0001-ceph-add-pybind-support-in-OE.patch \ - file://0001-ceph-detect-init-correct-the-installation-for-OE.patch \ - file://ceph.conf \ -" -SRC_URI[md5sum] = "ce118be451dcb6b89e9e0a45057827dd" -SRC_URI[sha256sum] = "f3a61db4c90e00c38a2dac7239b956ec367ef56f601e07335ed3011f931d8840" - -DEPENDS = "boost bzip2 curl expat gperf-native \ - keyutils libaio libibverbs lz4 \ - nspr nss \ - oath openldap openssl \ - python python-cython-native rocksdb snappy udev \ - valgrind xfsprogs zlib \ -" -SYSTEMD_SERVICE_${PN} = " \ - ceph-radosgw@.service \ - ceph-radosgw.target \ - ceph-mon@.service \ - ceph-mon.target \ - ceph-mds@.service \ - ceph-mds.target \ - ceph-disk@.service \ - ceph-osd@.service \ - ceph-osd.target \ - ceph.target \ - ceph-fuse@.service \ - ceph-fuse.target \ - ceph-rbd-mirror@.service \ - ceph-rbd-mirror.target \ - ceph-volume@.service \ - ceph-mgr@.service \ - ceph-mgr.target \ - rbdmap.service \ -" -OECMAKE_GENERATOR = "Unix Makefiles" - -EXTRA_OECMAKE = "-DWITH_MANPAGE=OFF \ - -DWITH_FUSE=OFF \ - -DWITH_SPDK=OFF \ - -DWITH_LEVELDB=OFF \ - -DWITH_LTTNG=OFF \ - -DWITH_BABELTRACE=OFF \ - -DWITH_TESTS=OFF \ - -DWITH_MGR=OFF \ - -DWITH_MGR_DASHBOARD_FRONTEND=OFF \ - -DWITH_SYSTEM_BOOST=ON \ - -DWITH_SYSTEM_ROCKSDB=ON \ -" - -do_configure_prepend () { - echo "set( CMAKE_SYSROOT \"${RECIPE_SYSROOT}\" )" >> ${WORKDIR}/toolchain.cmake - echo "set( CMAKE_DESTDIR \"${D}\" )" >> ${WORKDIR}/toolchain.cmake - echo "set( PYTHON_SITEPACKAGES_DIR \"${PYTHON_SITEPACKAGES_DIR}\" )" >> ${WORKDIR}/toolchain.cmake -} - -do_install_append () { - sed -i -e 's:${WORKDIR}.*python2:${bindir}/python:' ${D}${bindir}/ceph - sed -i -e 's:${WORKDIR}.*python2:${bindir}/python:' ${D}${bindir}/ceph-disk - sed -i -e 's:${WORKDIR}.*python2:${bindir}/python:' ${D}${bindir}/ceph-detect-init - find ${D} -name SOURCES.txt | xargs sed -i -e 's:${WORKDIR}::' - install -d ${D}${sysconfdir}/ceph - install -m 644 ${WORKDIR}/ceph.conf ${D}${sysconfdir}/ceph/ - install -d ${D}${systemd_unitdir} - mv ${D}${libexecdir}/systemd/system ${D}${systemd_unitdir} - mv ${D}${libexecdir}/ceph/ceph-osd-prestart.sh ${D}${libdir}/ceph - mv ${D}${libexecdir}/ceph/ceph_common.sh ${D}${libdir}/ceph -} - -FILES_${PN} += "\ - ${libdir}/rados-classes/*.so.* \ - ${libdir}/ceph/compressor/*.so \ - ${libdir}/rados-classes/*.so \ - ${libdir}/ceph/*.so \ -" -FILES_${PN}-python = "\ - ${PYTHON_SITEPACKAGES_DIR}/* \ -" -RDEPENDS_${PN} += "\ - python \ - python-misc \ - python-modules \ - python-prettytable \ - ${PN}-python \ -" -COMPATIBLE_HOST = "(x86_64).*" -PACKAGES += " \ - ${PN}-python \ -" -INSANE_SKIP_${PN}-python += "ldflags" -INSANE_SKIP_${PN} += "dev-so" diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph_15.2.0.bb b/external/meta-virtualization/recipes-extended/ceph/ceph_15.2.0.bb new file mode 100644 index 00000000..9423faa4 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph_15.2.0.bb @@ -0,0 +1,150 @@ +SUMMARY = "User space components of the Ceph file system" +LICENSE = "LGPLv2.1 & GPLv2 & Apache-2.0 & MIT" +LIC_FILES_CHKSUM = "file://COPYING-LGPL2.1;md5=fbc093901857fcd118f065f900982c24 \ + file://COPYING-GPL2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://COPYING;md5=4eb012c221c5fd4b760029a2981a6754 \ +" +inherit cmake python3native python3-dir systemd +# Disable python pybind support for ceph temporary, when corss compiling pybind, +# pybind mix cmake and python setup environment, would case a lot of errors. + +SRC_URI = "http://download.ceph.com/tarballs/ceph-${PV}.tar.gz \ + file://0001-ceph-fix-build-errors-for-cross-compile.patch \ + file://0001-fix-host-library-paths-were-used.patch \ + file://ceph.conf \ + file://0001-msg-async-ProtocolV2-avoid-AES-GCM-nonce-reuse-vulne.patch \ + file://0001-msg-async-crypto_onwire-fix-endianness-of-nonce_t.patch \ + file://0001-rgw-reject-unauthenticated-response-header-actions.patch \ + file://0001-rgw-EPERM-to-ERR_INVALID_REQUEST.patch \ + file://0001-rgw-reject-control-characters-in-response-header-act.patch \ + file://0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch \ + file://0002-mon-enforce-caps-for-pre-octopus-client-tell-command.patch \ + file://0003-PendingReleaseNotes-note-about-security-fix.patch \ +" + +SRC_URI[md5sum] = "1f9af648b4c6d19975aab2583ab99710" +SRC_URI[sha256sum] = "4292c473d1714a6602c525d7582e4e03ec608f0a1cbc0dd338207e5c7068e0d3" +SRC_URI[sha1sum] = "7158806ece1483fcccdf1172c20cc34d9401c543" +SRC_URI[sha384sum] = "20e996dbf30d1e33a6d6aae36960190125ce263d306415bcec5d2b3032b8b8f730deeba3ca318576573127d08909404a" +SRC_URI[sha512sum] = "07a3ff2ccf1a3abac652ff8c5f1611e7c628fcedcb280adc6cd49792b46fa50c7c29437dc57c2c4a6af708a6833abf8c1a386ef2142d30bd5e1f214ba7aec4f2" + +DEPENDS = "boost bzip2 curl expat gperf-native \ + keyutils libaio libibverbs lz4 \ + nspr nss \ + oath openldap openssl \ + python3 python3-cython-native rabbitmq-c rocksdb snappy udev \ + valgrind xfsprogs zlib \ +" +SYSTEMD_SERVICE_${PN} = " \ + ceph-radosgw@.service \ + ceph-radosgw.target \ + ceph-mon@.service \ + ceph-mon.target \ + ceph-mds@.service \ + ceph-mds.target \ + ceph-osd@.service \ + ceph-osd.target \ + ceph.target \ + ceph-rbd-mirror@.service \ + ceph-rbd-mirror.target \ + ceph-volume@.service \ + ceph-mgr@.service \ + ceph-mgr.target \ + ceph-crash.service \ + rbdmap.service \ + ceph-immutable-object-cache@.service \ + ceph-immutable-object-cache.target \ +" +OECMAKE_GENERATOR = "Unix Makefiles" + +EXTRA_OECMAKE = "-DWITH_MANPAGE=OFF \ + -DWITH_FUSE=OFF \ + -DWITH_SPDK=OFF \ + -DWITH_LEVELDB=OFF \ + -DWITH_LTTNG=OFF \ + -DWITH_BABELTRACE=OFF \ + -DWITH_TESTS=OFF \ + -DWITH_MGR=OFF \ + -DWITH_MGR_DASHBOARD_FRONTEND=OFF \ + -DWITH_SYSTEM_BOOST=ON \ + -DWITH_SYSTEM_ROCKSDB=ON \ + -DWITH_RDMA=OFF \ + -DWITH_RADOSGW_AMQP_ENDPOINT=OFF \ + -DPYTHON_INSTALL_DIR=${PYTHON_SITEPACKAGES_DIR} -DPYTHON_DESIRED=3 \ + -DPython3_EXECUTABLE=${PYTHON} \ + -DWITH_RADOSGW_KAFKA_ENDPOINT=OFF \ +" + +export STAGING_DIR_HOST + +do_configure_prepend () { + echo "set( CMAKE_SYSROOT \"${RECIPE_SYSROOT}\" )" >> ${WORKDIR}/toolchain.cmake + echo "set( CMAKE_DESTDIR \"${D}\" )" >> ${WORKDIR}/toolchain.cmake + echo "set( PYTHON_SITEPACKAGES_DIR \"${PYTHON_SITEPACKAGES_DIR}\" )" >> ${WORKDIR}/toolchain.cmake +} + +do_install_append () { + sed -i -e 's:^#!/usr/bin/python$:&3:' \ + -e 's:${WORKDIR}.*python3:${bindir}/python3:' \ + ${D}${bindir}/ceph ${D}${bindir}/ceph-crash \ + ${D}${bindir}/ceph-volume ${D}${bindir}/ceph-volume-systemd + find ${D} -name SOURCES.txt | xargs sed -i -e 's:${WORKDIR}::' + install -d ${D}${sysconfdir}/ceph + install -m 644 ${WORKDIR}/ceph.conf ${D}${sysconfdir}/ceph/ + install -d ${D}${systemd_unitdir} + mv ${D}${libexecdir}/systemd/system ${D}${systemd_unitdir} + mv ${D}${libexecdir}/ceph/ceph-osd-prestart.sh ${D}${libdir}/ceph + mv ${D}${libexecdir}/ceph/ceph_common.sh ${D}${libdir}/ceph + # WITH_FUSE is set to OFF, remove ceph-fuse related units + rm ${D}${systemd_unitdir}/system/ceph-fuse.target ${D}${systemd_unitdir}/system/ceph-fuse@.service +} + +do_install_append_class-target () { + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /var/lib/ceph/crash/posted 0755 root root - -" > ${D}${sysconfdir}/tmpfiles.d/ceph-placeholder.conf + fi + + if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/default/volatiles + echo "d root root 0755 /var/lib/ceph/crash/posted none" > ${D}${sysconfdir}/default/volatiles/99_ceph-placeholder + fi +} + +pkg_postinst_${PN}() { + if [ -z "$D" ] && [ -e ${sysconfdir}/init.d/populate-volatile.sh ] ; then + ${sysconfdir}/init.d/populate-volatile.sh update + fi +} + +FILES_${PN} += "\ + ${libdir}/rados-classes/*.so.* \ + ${libdir}/ceph/compressor/*.so \ + ${libdir}/rados-classes/*.so \ + ${libdir}/ceph/*.so \ +" + +FILES_${PN} += " \ + /etc/tmpfiles.d/ceph-placeholder.conf \ + /etc/default/volatiles/99_ceph-placeholder \ +" + +FILES_${PN}-python = "\ + ${PYTHON_SITEPACKAGES_DIR}/* \ +" +RDEPENDS_${PN} += "\ + python3-core \ + python3-misc \ + python3-modules \ + python3-prettytable \ + ${PN}-python \ +" +COMPATIBLE_HOST = "(x86_64).*" +PACKAGES += " \ + ${PN}-python \ +" +INSANE_SKIP_${PN}-python += "ldflags" +INSANE_SKIP_${PN} += "dev-so" +CCACHE_DISABLE = "1" + +CVE_PRODUCT = "ceph ceph_storage ceph_storage_mon ceph_storage_osd" diff --git a/external/meta-virtualization/recipes-extended/dev86/dev86_0.16.20.bb b/external/meta-virtualization/recipes-extended/dev86/dev86_0.16.20.bb index 38dbf8d4..d93e4871 100644 --- a/external/meta-virtualization/recipes-extended/dev86/dev86_0.16.20.bb +++ b/external/meta-virtualization/recipes-extended/dev86/dev86_0.16.20.bb @@ -5,10 +5,10 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b" SECTION = "console/tools" PR="r0" -SRC_URI="http://v3.sk/~lkundrak/dev86/archive/Dev86src-${PV}.tar.gz" +SRC_URI="https://github.com/lkundrak/dev86/archive/v${PV}.tar.gz" -SRC_URI[md5sum] = "567cf460d132f9d8775dd95f9208e49a" -SRC_URI[sha256sum] = "61817a378c8c8ba65f36c6792d457a305dc4eedae8cdc8b6233bf2bb28e5fe8d" +SRC_URI[md5sum] = "288af53f256300777efc91d97c082fda" +SRC_URI[sha256sum] = "533f2a0d2ed61223040f27e5cd007a11d969aaf34f6b709ece122b1e6fc50580" S = "${WORKDIR}/dev86-${PV}" diff --git a/external/meta-virtualization/recipes-extended/diod/diod_1.0.24.bb b/external/meta-virtualization/recipes-extended/diod/diod_1.0.24.bb index bb5707e5..a4a85284 100644 --- a/external/meta-virtualization/recipes-extended/diod/diod_1.0.24.bb +++ b/external/meta-virtualization/recipes-extended/diod/diod_1.0.24.bb @@ -16,9 +16,12 @@ SRC_URI = "git://github.com/chaos/diod.git;protocol=git \ file://0001-build-allow-builds-to-work-with-separate-build-dir.patch \ file://0002-auto.diod.in-remove-bashisms.patch \ file://0001-diod-ops.c-add-header-file-for-makedev.patch \ + file://0001-drod-add-option-to-config-systemddir.patch \ " DEPENDS = "libcap ncurses tcp-wrappers lua" +EXTRA_OECONF = "--with-systemddir=${systemd_unitdir}/system" + S = "${WORKDIR}/git" inherit autotools systemd diff --git a/external/meta-virtualization/recipes-extended/diod/files/0001-drod-add-option-to-config-systemddir.patch b/external/meta-virtualization/recipes-extended/diod/files/0001-drod-add-option-to-config-systemddir.patch new file mode 100644 index 00000000..8b70d8fa --- /dev/null +++ b/external/meta-virtualization/recipes-extended/diod/files/0001-drod-add-option-to-config-systemddir.patch @@ -0,0 +1,51 @@ +From 365159534b1981dfe291ecc05d2455f32652a166 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Mon, 26 Aug 2019 18:00:39 +0800 +Subject: [PATCH] drod: add option to config systemddir + +Upstream-Status: Pending + +Not need to send upstream, since upstream have refactor +related code, but not released. and this version release +4 years ago, not proper to just backport one or more +commits, this patch maybe could be dropped after upgrade. + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + configure.ac | 9 +++++++++ + scripts/Makefile.am | 2 +- + 2 files changed, 10 insertions(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 1cb8579..3e4a5ec 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -25,6 +25,15 @@ AC_DEFINE([_GNU_SOURCE], 1, + [Define _GNU_SOURCE so that we get all necessary prototypes]) + + ## ++#Add option to config systemddir ++## ++AC_ARG_WITH([systemddir], ++ [AS_HELP_STRING([--with-systemddir=DIR], [systemd dir])], ++ [systemddir=$withval], ++ [systemddir="/lib/systemd/system"]) ++AC_SUBST([systemddir], [$systemddir]) ++ ++## + # Checks for programs + ## + AC_PROG_CC +diff --git a/scripts/Makefile.am b/scripts/Makefile.am +index 2aba728..40822b7 100644 +--- a/scripts/Makefile.am ++++ b/scripts/Makefile.am +@@ -1,4 +1,4 @@ +-systemddir=/lib/systemd/system ++systemddir=@systemddir@ + + install-data-local: + $(top_srcdir)/config/install-sh -m 755 ./auto.diod \ +-- +2.7.4 + diff --git a/external/meta-virtualization/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb b/external/meta-virtualization/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb new file mode 100644 index 00000000..a8bbf0f5 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/fuse-overlayfs/fuse-overlayfs_0.6.4.bb @@ -0,0 +1,15 @@ +SUMMARY = "FUSE implementation of overlayfs." +DESCRIPTION = "An implementation of overlay+shiftfs in FUSE for rootless \ +containers." + +LICENSE = "GPLv3+" +LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" + +SRCREV = "098d9ad79fdbb8538adde08628408aa32a8b4b17" +SRC_URI = "git://github.com/containers/fuse-overlayfs.git;nobranch=1" + +DEPENDS = "fuse3" + +S = "${WORKDIR}/git" + +inherit autotools pkgconfig diff --git a/external/meta-virtualization/recipes-extended/hyperstart/hyperstart/0001-container.c-Fix-compiler-errors-that-gcc-8.1.0-repor.patch b/external/meta-virtualization/recipes-extended/hyperstart/hyperstart/0001-container.c-Fix-compiler-errors-that-gcc-8.1.0-repor.patch index 4a01de5b..091ce3cf 100644 --- a/external/meta-virtualization/recipes-extended/hyperstart/hyperstart/0001-container.c-Fix-compiler-errors-that-gcc-8.1.0-repor.patch +++ b/external/meta-virtualization/recipes-extended/hyperstart/hyperstart/0001-container.c-Fix-compiler-errors-that-gcc-8.1.0-repor.patch @@ -1,4 +1,4 @@ -From 11f5089300c1c368d896c95890827dc85a67f132 Mon Sep 17 00:00:00 2001 +From 085dd65bba063e391350487f2a5e4a7bf69ee6c8 Mon Sep 17 00:00:00 2001 From: Jason Wessel <jason.wessel@windriver.com> Date: Fri, 15 Jun 2018 08:04:35 -0700 Subject: [PATCH] container.c: Fix compiler errors that gcc 8.1.0 reports @@ -47,12 +47,13 @@ container.c:176:4: note: 'sprintf' output 9 or more bytes (assuming 520) into a ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Jason Wessel <jason.wessel@windriver.com> + --- src/container.c | 47 ++++++++++++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 19 deletions(-) diff --git a/src/container.c b/src/container.c -index 0938d82..b1c52d4 100644 +index fee67ff..94d49d8 100644 --- a/src/container.c +++ b/src/container.c @@ -22,6 +22,8 @@ @@ -64,7 +65,7 @@ index 0938d82..b1c52d4 100644 static int container_populate_volume(char *src, char *dest) { struct stat st; -@@ -99,12 +101,12 @@ static int container_setup_volume(struct hyper_pod *pod, +@@ -116,12 +118,12 @@ static int container_setup_volume(struct hyper_pod *pod, struct hyper_container *container) { int i; @@ -79,8 +80,8 @@ index 0938d82..b1c52d4 100644 + char mountpoint[MAX_PBUF]; char *options = NULL; const char *filevolume = NULL; - vol = &container->vols[i]; -@@ -128,7 +130,8 @@ static int container_setup_volume(struct hyper_pod *pod, + bool newvolume = false; +@@ -146,7 +148,8 @@ static int container_setup_volume(struct hyper_pod *pod, if (hyper_mount_nfs(vol->device, path) < 0) return -1; /* nfs export has implicitly included _data part of the volume */ @@ -90,7 +91,7 @@ index 0938d82..b1c52d4 100644 } else { fprintf(stdout, "mount %s to %s, tmp path %s\n", dev, vol->mountpoint, path); -@@ -137,7 +140,7 @@ static int container_setup_volume(struct hyper_pod *pod, +@@ -155,7 +158,7 @@ static int container_setup_volume(struct hyper_pod *pod, options = "nouuid"; if (access(dev, R_OK) < 0) { @@ -99,7 +100,7 @@ index 0938d82..b1c52d4 100644 sprintf(device, "/block/%s", vol->device); hyper_netlink_wait_dev(pod->ueventfd, device); } -@@ -146,7 +149,8 @@ static int container_setup_volume(struct hyper_pod *pod, +@@ -164,7 +167,8 @@ static int container_setup_volume(struct hyper_pod *pod, perror("mount volume device failed"); return -1; } @@ -108,8 +109,8 @@ index 0938d82..b1c52d4 100644 + return -1; } - if (container_check_file_volume(volume, &filevolume) < 0) -@@ -173,7 +177,8 @@ static int container_setup_volume(struct hyper_pod *pod, + if (container_check_volume(volume, &filevolume, &newvolume) < 0) +@@ -193,7 +197,8 @@ static int container_setup_volume(struct hyper_pod *pod, perror("create volume file failed"); return -1; } @@ -119,7 +120,7 @@ index 0938d82..b1c52d4 100644 /* 0777 so that any user can read/write the new file volume */ if (chmod(volume, 0777) < 0) { fprintf(stderr, "fail to chmod directory %s\n", volume); -@@ -197,9 +202,9 @@ static int container_setup_volume(struct hyper_pod *pod, +@@ -217,9 +222,9 @@ static int container_setup_volume(struct hyper_pod *pod, for (i = 0; i < container->maps_num; i++) { struct stat st; @@ -131,7 +132,7 @@ index 0938d82..b1c52d4 100644 sprintf(path, "%s/%s", SHARED_DIR, map->source); sprintf(mountpoint, "./%s", map->path); -@@ -215,7 +220,8 @@ static int container_setup_volume(struct hyper_pod *pod, +@@ -235,7 +240,8 @@ static int container_setup_volume(struct hyper_pod *pod, } if (map->docker) { /* converted from volume */ @@ -141,7 +142,7 @@ index 0938d82..b1c52d4 100644 src = volume; if (container->initialize && (container_populate_volume(mountpoint, volume) < 0)) { -@@ -251,7 +257,7 @@ static int container_setup_modules(struct hyper_container *container) +@@ -271,7 +277,7 @@ static int container_setup_modules(struct hyper_container *container) { struct stat st; struct utsname uts; @@ -150,7 +151,7 @@ index 0938d82..b1c52d4 100644 if (uname(&uts) < 0) { perror("fail to call uname"); -@@ -259,7 +265,8 @@ static int container_setup_modules(struct hyper_container *container) +@@ -279,7 +285,8 @@ static int container_setup_modules(struct hyper_container *container) } sprintf(src, "/lib/modules/%s", uts.release); @@ -160,7 +161,7 @@ index 0938d82..b1c52d4 100644 if (stat(dst, &st) == 0) { struct dirent **list; -@@ -291,7 +298,7 @@ static int container_setup_modules(struct hyper_container *container) +@@ -318,7 +325,7 @@ static int container_setup_modules(struct hyper_container *container) static int container_setup_mount(struct hyper_container *container) { @@ -169,7 +170,7 @@ index 0938d82..b1c52d4 100644 // current dir is container rootfs, the operations on "./PATH" are the operations on container's "/PATH" if (!container->readonly) { -@@ -546,7 +553,7 @@ static int hyper_setup_container_rootfs(void *data) +@@ -576,7 +583,7 @@ static int hyper_setup_container_rootfs(void *data) { struct hyper_container_arg *arg = data; struct hyper_container *container = arg->c; @@ -178,7 +179,7 @@ index 0938d82..b1c52d4 100644 int setup_dns; /* wait for ns-opened ready message */ -@@ -609,7 +616,7 @@ static int hyper_setup_container_rootfs(void *data) +@@ -639,7 +646,7 @@ static int hyper_setup_container_rootfs(void *data) goto fail; } } else { @@ -187,7 +188,7 @@ index 0938d82..b1c52d4 100644 sprintf(path, "%s/%s/", SHARED_DIR, container->image); fprintf(stdout, "src directory %s\n", path); -@@ -627,7 +634,9 @@ static int hyper_setup_container_rootfs(void *data) +@@ -657,7 +664,9 @@ static int hyper_setup_container_rootfs(void *data) fprintf(stdout, "root directory for container is %s/%s, init task %s\n", root, container->rootfs, container->exec.argv[0]); @@ -198,7 +199,7 @@ index 0938d82..b1c52d4 100644 if (mount(rootfs, rootfs, NULL, MS_BIND|MS_REC, NULL) < 0) { perror("failed to bind rootfs"); goto fail; -@@ -710,7 +719,7 @@ fail: +@@ -740,7 +749,7 @@ fail: static int hyper_setup_pty(struct hyper_container *c) { @@ -207,7 +208,7 @@ index 0938d82..b1c52d4 100644 sprintf(root, "/tmp/hyper/%s/devpts/", c->id); -@@ -730,7 +739,7 @@ static int hyper_setup_pty(struct hyper_container *c) +@@ -760,7 +769,7 @@ static int hyper_setup_pty(struct hyper_container *c) static void hyper_cleanup_pty(struct hyper_container *c) { @@ -216,7 +217,7 @@ index 0938d82..b1c52d4 100644 sprintf(path, "/tmp/hyper/%s/devpts/", c->id); if (umount(path) < 0) -@@ -739,7 +748,7 @@ static void hyper_cleanup_pty(struct hyper_container *c) +@@ -769,7 +778,7 @@ static void hyper_cleanup_pty(struct hyper_container *c) int container_prepare_rootfs_dev(struct hyper_container *container, struct hyper_pod *pod) { @@ -225,6 +226,3 @@ index 0938d82..b1c52d4 100644 if (container->fstype == NULL) return 0; --- -2.17.1 - diff --git a/external/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb b/external/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb index 3c64f24e..9f984191 100644 --- a/external/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb +++ b/external/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb @@ -10,7 +10,7 @@ SRC_URI = "git://github.com/hyperhq/hyperstart.git" SRC_URI += "file://0001-container.c-Fix-compiler-errors-that-gcc-8.1.0-repor.patch" SRCREV = "15bb718ad34045aa1962a8204f602c6afe9a76ab" -PV = "v0.2+git${SRCREV}" +PV = "v0.2+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-extended/images/container-base.bb b/external/meta-virtualization/recipes-extended/images/container-base.bb new file mode 100644 index 00000000..434239a8 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/images/container-base.bb @@ -0,0 +1,31 @@ +# +# Based on examples from Scott Murray (Building Container Images with +# OpenEmbedded and the Yocto Project) ELCe 2018 +# +SUMMARY = "Basic container image" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + +IMAGE_FSTYPES = "container oci" +inherit image +inherit image-oci + +IMAGE_FEATURES = "" +IMAGE_LINGUAS = "" +NO_RECOMMENDATIONS = "1" + +IMAGE_INSTALL = " \ + base-files \ + base-passwd \ + netbase \ +" + +# Allow build with or without a specific kernel +IMAGE_CONTAINER_NO_DUMMY = "1" + +# Workaround /var/volatile for now +ROOTFS_POSTPROCESS_COMMAND += "rootfs_fixup_var_volatile ; " +rootfs_fixup_var_volatile () { + install -m 1777 -d ${IMAGE_ROOTFS}/${localstatedir}/volatile/tmp + install -m 755 -d ${IMAGE_ROOTFS}/${localstatedir}/volatile/log +} diff --git a/external/meta-virtualization/recipes-extended/images/uxen-guest-image-minimal.bb b/external/meta-virtualization/recipes-extended/images/uxen-guest-image-minimal.bb new file mode 100644 index 00000000..d37a95b7 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/images/uxen-guest-image-minimal.bb @@ -0,0 +1,9 @@ +DESCRIPTION = "A Linux guest image for the uXen type-2 hypervisor." +LICENSE = "MIT" + +inherit core-image + +IMAGE_INSTALL += " \ + packagegroup-core-boot \ + uxen-guest-tools \ + " diff --git a/external/meta-virtualization/recipes-extended/images/xen-guest-image-minimal.bb b/external/meta-virtualization/recipes-extended/images/xen-guest-image-minimal.bb index d311eaef..63c7510d 100644 --- a/external/meta-virtualization/recipes-extended/images/xen-guest-image-minimal.bb +++ b/external/meta-virtualization/recipes-extended/images/xen-guest-image-minimal.bb @@ -1,6 +1,6 @@ DESCRIPTION = "A Xen guest image." -inherit core-image distro_features_check +inherit core-image features_check IMAGE_INSTALL += " \ packagegroup-core-boot \ diff --git a/external/meta-virtualization/recipes-extended/images/xen-image-minimal.bb b/external/meta-virtualization/recipes-extended/images/xen-image-minimal.bb index c39d3782..c965f221 100644 --- a/external/meta-virtualization/recipes-extended/images/xen-image-minimal.bb +++ b/external/meta-virtualization/recipes-extended/images/xen-image-minimal.bb @@ -12,10 +12,18 @@ IMAGE_INSTALL += " \ kernel-module-xen-netback \ ${@bb.utils.contains('MACHINE_FEATURES', 'pci', "${XEN_PCIBACK_MODULE}", '', d)} \ kernel-module-xen-wdt \ - xen-base \ + xen-tools \ qemu \ " +# The hypervisor may not be within the dom0 filesystem image but at least +# ensure that it is deployable: +do_build[depends] += "xen:do_deploy" + +# Networking for HVM-mode guests (x86/64 only) requires the tun kernel module +IMAGE_INSTALL_append_x86 = "kernel-module-tun" +IMAGE_INSTALL_append_x86-64 = "kernel-module-tun" + # Linux kernel option CONFIG_XEN_PCIDEV_BACKEND depends on X86 XEN_PCIBACK_MODULE = "" XEN_PCIBACK_MODULE_x86 = "kernel-module-xen-pciback" @@ -64,3 +72,16 @@ build_syslinux_cfg () { echo " APPEND /xen.gz ${SYSLINUX_XEN_ARGS} --- /vmlinuz ${SYSLINUX_KERNEL_ARGS} --- /initrd" >> ${SYSLINUX_CFG} } +# Enable runqemu. eg: runqemu xen-image-minimal nographic slirp +WKS_FILE_x86-64 = "directdisk-xen.wks" +QB_MEM = "-m 400" +QB_DEFAULT_KERNEL = "" +QB_DEFAULT_FSTYPE = "wic" +QB_FSINFO = "wic:kernel-in-fs" +# qemux86-64 machine does not include 'wic' in IMAGE_FSTYPES, which is needed +# to boot this image, so add it here: +IMAGE_FSTYPES_qemux86-64 += "wic" +# Networking: the qemuboot.bbclass default virtio network device works ok +# and so does the emulated e1000 -- choose according to the network device +# drivers that are present in your dom0 Linux kernel. To switch to e1000: +# QB_NETWORK_DEVICE = "-device e1000,netdev=net0,mac=@MAC@" diff --git a/external/meta-virtualization/recipes-extended/ipxe/files/ipxe-fix-hostcc-nopie-cflags.patch b/external/meta-virtualization/recipes-extended/ipxe/files/ipxe-fix-hostcc-nopie-cflags.patch index da154a6f..865e9bbb 100644 --- a/external/meta-virtualization/recipes-extended/ipxe/files/ipxe-fix-hostcc-nopie-cflags.patch +++ b/external/meta-virtualization/recipes-extended/ipxe/files/ipxe-fix-hostcc-nopie-cflags.patch @@ -1,34 +1,17 @@ -Fix detection of host compiler "no-pie"/"nopie" and link flags. - -Detection of the "no-pie" vs "nopie" flag needs to be performed for both -the host and target compilers; cannot assume that one works for the other. - -Use EXTRA_HOST_CFLAGS and EXTRA_HOST_LDFLAGS variables for passing -host tool parameters if required. Removes previous hardcoded "-O2 -g". - -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> -diff --git a/Makefile.housekeeping b/Makefile.housekeeping -index f833492..5451c39 100644 +diff --git a/src/Makefile.housekeeping b/src/Makefile.housekeeping +index 1dd1479..13f44dd 100644 --- a/Makefile.housekeeping +++ b/Makefile.housekeeping -@@ -133,6 +133,7 @@ eval : - WORKAROUND_CFLAGS := - WORKAROUND_ASFLAGS := - WORKAROUND_LDFLAGS := -+WORKAROUND_HOST_CFLAGS := - - # Make syntax does not allow use of comma or space in certain places. - # This ugly workaround is suggested in the manual. -@@ -445,7 +446,7 @@ endif +@@ -454,7 +454,7 @@ endif CFLAGS += $(WORKAROUND_CFLAGS) $(EXTRA_CFLAGS) ASFLAGS += $(WORKAROUND_ASFLAGS) $(EXTRA_ASFLAGS) LDFLAGS += $(WORKAROUND_LDFLAGS) $(EXTRA_LDFLAGS) --HOST_CFLAGS += $(WORKAROUND_CFLAGS) -O2 -g -+HOST_CFLAGS += $(WORKAROUND_HOST_CFLAGS) $(EXTRA_HOST_CFLAGS) +-HOST_CFLAGS += -O2 -g ++HOST_CFLAGS += -O2 -g $(EXTRA_HOST_CFLAGS) # Inhibit -Werror if NO_WERROR is specified on make command line # -@@ -1375,7 +1376,7 @@ endif # defined(BIN) +@@ -1379,7 +1379,7 @@ endif # defined(BIN) # The compression utilities # @@ -37,32 +20,3 @@ index f833492..5451c39 100644 $(ZBIN) : util/zbin.c $(MAKEDEPS) $(QM)$(ECHO) " [HOSTCC] $@" -diff --git a/arch/i386/Makefile b/arch/i386/Makefile -index b7c2792..4a637ad 100644 ---- a/arch/i386/Makefile -+++ b/arch/i386/Makefile -@@ -78,11 +78,20 @@ CFLAGS += -Ui386 - # -nopie. We therefore test for both. - # - ifeq ($(CCTYPE),gcc) --PIE_TEST = [ -z "`$(CC) -fno-PIE -no-pie -x c -c /dev/null -o /dev/null 2>&1`" ] --PIE_FLAGS := $(shell $(PIE_TEST) && $(ECHO) '-fno-PIE -no-pie') --PIE_TEST2 = [ -z "`$(CC) -fno-PIE -nopie -x c -c /dev/null -o /dev/null 2>&1`" ] -+PIE_TEST1_FLAGS = "-fno-PIE -no-pie -x c -c /dev/null -o /dev/null 2>&1" -+PIE_TEST2_FLAGS = "-fno-PIE -nopie -x c -c /dev/null -o /dev/null 2>&1" -+ -+PIE_TEST1 = [ -z "`$(CC) "$(PIE_TEST1_FLAGS)"`" ] -+PIE_TEST2 = [ -z "`$(CC) "$(PIE_TEST2_FLAGS)"`" ] -+PIE_FLAGS1 := $(shell $(PIE_TEST1) && $(ECHO) '-fno-PIE -no-pie') - PIE_FLAGS2 := $(shell $(PIE_TEST2) && $(ECHO) '-fno-PIE -nopie') --WORKAROUND_CFLAGS += $(PIE_FLAGS) $(PIE_FLAGS2) -+WORKAROUND_CFLAGS += $(PIE_FLAGS1) $(PIE_FLAGS2) -+ -+HOST_PIE_TEST1 = [ -z "`$(HOSTCC) "$(PIE_TEST1_FLAGS)"`" ] -+HOST_PIE_TEST2 = [ -z "`$(HOSTCC) "$(PIE_TEST2_FLAGS)"`" ] -+HOST_PIE_FLAGS1 := $(shell $(HOST_PIE_TEST1) && $(ECHO) '-fno-PIE -no-pie') -+HOST_PIE_FLAGS2 := $(shell $(HOST_PIE_TEST2) && $(ECHO) '-fno-PIE -nopie') -+WORKAROUND_HOST_CFLAGS += $(HOST_PIE_FLAGS1) $(HOST_PIE_FLAGS2) - endif - - # i386-specific directories containing source files diff --git a/external/meta-virtualization/recipes-extended/ipxe/ipxe_git.bb b/external/meta-virtualization/recipes-extended/ipxe/ipxe_git.bb index 1de0f21e..47c5b7ad 100644 --- a/external/meta-virtualization/recipes-extended/ipxe/ipxe_git.bb +++ b/external/meta-virtualization/recipes-extended/ipxe/ipxe_git.bb @@ -4,7 +4,7 @@ LICENSE = "GPLv2" DEPENDS = "binutils-native perl-native syslinux mtools-native cdrtools-native xz" LIC_FILES_CHKSUM = "file://../COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRCREV = "64b4452bca04af433f1c98ab782c0e93cd5c88c0" +SRCREV = "18dc73d27edb55ebe9cb13c58d59af3da3bd374b" PV = "gitr${SRCPV}" PR = "r0" diff --git a/external/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch b/external/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch deleted file mode 100644 index fb22d7a2..00000000 --- a/external/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 20a1b2ff2e6d80924824983c363c80f66e05c0d0 Mon Sep 17 00:00:00 2001 -From: Ming Liu <ming.liu@windriver.com> -Date: Sun, 6 Sep 2015 14:43:24 +0800 -Subject: [PATCH] grasp withval for libcap-ng - -Upstream-Status: Pending - -Signed-off-by: Ming Liu <ming.liu@windriver.com> - ---- - configure.ac | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 38a1bee..95f1488 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -62,7 +62,10 @@ AS_IF( - ]) - - AC_ARG_WITH([libcap-ng], -- AS_HELP_STRING([libcap-ng], [Add libcap-ng-support @<:@default=auto@:>@])) -+ [AS_HELP_STRING([libcap-ng], [Add libcap-ng-support @<:@default=auto@:>@])], -+ [libcap_ng=$withval], -+ [libcap_ng=$withval] -+) - - AS_IF( - [test "x$libcap_ng" != "xno"], diff --git a/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.4.0.bb b/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.4.0.bb deleted file mode 100644 index 1aee7cab..00000000 --- a/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.4.0.bb +++ /dev/null @@ -1,15 +0,0 @@ -# -# Copyright (C) 2015 Wind River Systems, Inc. -# - -require irqbalance.inc - -SRC_URI[md5sum] = "26ee6db57c4509737e541e98773a39f5" -SRC_URI[sha256sum] = "62de71510a2496fcf027efb0b288dd48e53e9efc931fa573c95580cad6264d07" - -SRC_URI = "https://github.com/Irqbalance/irqbalance/archive/v${PV}.tar.gz;downloadfilename=irqbalance-${PV}.tar.gz \ - file://add-initscript.patch \ - file://irqbalance-Add-status-and-reload-commands.patch \ - file://fix-configure-libcap-ng.patch \ - file://irqbalanced.service \ - " diff --git a/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_git.bb b/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_git.bb new file mode 100644 index 00000000..7755e8ea --- /dev/null +++ b/external/meta-virtualization/recipes-extended/irqbalance/irqbalance_git.bb @@ -0,0 +1,18 @@ +# +# Copyright (C) 2015 Wind River Systems, Inc. +# + +require irqbalance.inc + +# commit tagged as version 1.6.0 +# +SRCREV = "b47eea84cbb93f533b0cba2f1aaf9ca4da8706b9" +PV = "1.6.0" + +SRC_URI = "git://github.com/Irqbalance/irqbalance \ + file://add-initscript.patch \ + file://irqbalance-Add-status-and-reload-commands.patch \ + file://irqbalanced.service \ + " + +S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-extended/kvmtool/files/0003-kvmtool-Werror-disabled.patch b/external/meta-virtualization/recipes-extended/kvmtool/files/0003-kvmtool-Werror-disabled.patch new file mode 100644 index 00000000..4d2f2555 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/kvmtool/files/0003-kvmtool-Werror-disabled.patch @@ -0,0 +1,24 @@ +From 377a09c16003eaa40f7f337127b10728ee0ade35 Mon Sep 17 00:00:00 2001 +From: Cevat Bostancioglu <bostancioglucevat@gmail.com> +Date: Wed, 19 Jun 2019 20:36:56 +0300 +Subject: [PATCH] WERROR override disabled. + +WERROR override causes gcc sizeof-pointer-memaccess, format-truncation errors. +--- + Makefile | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/Makefile b/Makefile +index 030ff4e..fc5e177 100644 +--- a/Makefile ++++ b/Makefile +@@ -2,6 +2,7 @@ + # Define WERROR=0 to disable -Werror. + # + ++WERROR = 0 + ifeq ($(strip $(V)),) + E = @echo + Q = @ +-- +2.7.4 diff --git a/external/meta-virtualization/recipes-extended/kvmtool/kvmtool.bb b/external/meta-virtualization/recipes-extended/kvmtool/kvmtool.bb index d487ee27..90ad8a1f 100644 --- a/external/meta-virtualization/recipes-extended/kvmtool/kvmtool.bb +++ b/external/meta-virtualization/recipes-extended/kvmtool/kvmtool.bb @@ -14,10 +14,11 @@ SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/will/kvmtool.git \ file://0001-Avoid-pointers-for-address-of-packed-members.patch \ file://0001-kvmtool-9p-fixed-compilation-error.patch \ file://0002-kvmtool-add-EXTRA_CFLAGS-variable.patch \ + file://0003-kvmtool-Werror-disabled.patch \ " SRCREV = "0e1882a49f81cb15d328ef83a78849c0ea26eecc" -PV = "4.14.0+git${SRCREV}" +PV = "4.14.0+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/external/meta-virtualization/recipes-extended/libibverbs/libibverbs_1.2.1.bb b/external/meta-virtualization/recipes-extended/libibverbs/libibverbs_1.2.1.bb new file mode 100644 index 00000000..fa7eee62 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libibverbs/libibverbs_1.2.1.bb @@ -0,0 +1,34 @@ +SUMMARY = "Support InfiniBand verbs" +DESCRIPTION = "Libibverbs is a library that allows userspace processes to use InfiniBand/RDMA 'verbs' directly." +HOMEPAGE = "http://www.openfabrics.org/downloads/verbs/" +SECTION = "libs/devel" + +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=7c557f27dd795ba77cc419dddc656b51" + +# Official repo is at git://git.kernel.org/pub/scm/libs/infiniband/libibverbs.git +SRC_URI = "https://www.openfabrics.org/downloads/verbs/${BPN}-${PV}.tar.gz" + +SRC_URI[md5sum] = "1544ebb89d861ce84057ab43dfcd22a0" +SRC_URI[sha256sum] = "c352a7f24e9a9d30ea74faa35d1b721d78d770506a0c03732e3132b7c85ac330" + +inherit autotools + +DEPENDS = "libnl pkgconfig-native" +PACKAGES += "${PN}-utils" +FILES_${PN} = "${sysconfdir} ${libdir}/*.so.*" +FILES_${PN}-utils = "${bindir}" + +PACKAGECONFIG ??= "" +PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind," + +do_install_append() { + mkdir -p ${D}${sysconfdir}/libibverbs.d + rm -f ${D}${libdir}/libibverbs.la +} + +PROVIDES = "virtual/libibverbs" +RPROVIDES_${PN} = "virtual/libibverbs" + +COMPATIBLE_HOST_mipsarch = "none" +COMPATIBLE_HOST_arm = "none" diff --git a/external/meta-virtualization/recipes-extended/libvirt/README b/external/meta-virtualization/recipes-extended/libvirt/README new file mode 100644 index 00000000..af4fd170 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/README @@ -0,0 +1,26 @@ +libvirt default connection mode between client(where for example virsh runs) and +server(where libvirtd runs) is tls which requires keys and certificates for +certificate authority, client and server to be properly generated and deployed. +Otherwise, servers and clients cannot be connected. + +recipes-extended/libvirt/libvirt/gnutls-help.py is provided to help generate +required keys and certificates. + +Usage: +gnutls-help.py [-a|--ca-info] <ca.info> [-b|--server-info] <server.info> [-c|--client-info] <client.info> +If ca.info or server.info or client.info is not provided, a corresponding sample file will be generated. + +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!! "ip_address" field of server.info must be IP address of the server. !! +!! For more details, please refer to: !! +!! https://libvirt.org/remote.html#Remote_certificates !! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +Please deploy cacert.pem to CA and server and client /etc/pki/CA/cacert.pem +Please deploy serverkey.pem to server /etc/pki/libvirt/private/serverkey.pem +Please deploy servercert.pem to server /etc/pki/libvirt/servercert.pem +Please deploy clientkey.pem to client /etc/pki/libvirt/private/clientkey.pem +Please deploy clientcert.pem to client /etc/pki/libvirt/clientcert.pem" + +For more details please refer to libvirt official document, +https://libvirt.org/remote.html#Remote_certificates diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt-python.inc b/external/meta-virtualization/recipes-extended/libvirt/libvirt-python.inc index be9079d7..c5b0fbd2 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt-python.inc +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt-python.inc @@ -1,11 +1,11 @@ -inherit pythonnative python-dir +inherit python3native python3-dir export STAGING_INCDIR export STAGING_LIBDIR export BUILD_SYS export HOST_SYS -RDEPENDS_${PN}-python += "python" +RDEPENDS_${PN}-python += "python3" PACKAGECONFIG_${PN}-python[xen] = ",,,xen-python" PACKAGES += "${PN}-python-staticdev ${PN}-python-dev ${PN}-python-dbg ${PN}-python" @@ -16,10 +16,9 @@ FILES_${PN}-python-dbg += "${PYTHON_SITEPACKAGES_DIR}/.debug/" FILES_${PN}-python = "${bindir}/* ${libdir}/* ${libdir}/${PYTHON_DIR}/*" SRC_URI += "http://libvirt.org/sources/python/libvirt-python-${PV}.tar.gz;name=libvirt_python" -SRC_URI += "file://libvirt_api_xml_path.patch;patchdir=../libvirt-python-${PV}" -SRC_URI[libvirt_python.md5sum] = "32cf281199367aec2881c96d1bd80dc6" -SRC_URI[libvirt_python.sha256sum] = "e36fee5898de3550ed7e63d5d0a8447f9d78f06574634855dee59eae27930908" +SRC_URI[libvirt_python.md5sum] = "2834626b07da6ac4ca1559abfd55c118" +SRC_URI[libvirt_python.sha256sum] = "be644f4809c0e1d368e3ac065df3c66a26dcfe61ecb607ee9706e1799f22c35a" export LIBVIRT_API_PATH = "${S}/docs/libvirt-api.xml" export LIBVIRT_CFLAGS = "-I${S}/include" @@ -41,15 +40,23 @@ python __anonymous () { do_compile_append() { if [ "${LIBVIRT_PYTHON_ENABLE}" = "1" ]; then + # we need the python bindings to look into our source dir, not + # the syroot staged pkgconfig entries. So we clear the sysroot + # for just this portion. + export PKG_CONFIG_SYSROOT_DIR= cd ${WORKDIR}/${BPN}-python-${PV} && \ - ${STAGING_BINDIR_NATIVE}/python-native/python setup.py build + ${STAGING_BINDIR_NATIVE}/python3-native/python3 setup.py build fi } do_install_append() { if [ "${LIBVIRT_PYTHON_ENABLE}" = "1" ]; then + # we need the python bindings to look into our source dir, not + # the syroot staged pkgconfig entries. So we clear the sysroot + # for just this portion. + export PKG_CONFIG_SYSROOT_DIR= cd ${WORKDIR}/${BPN}-python-${PV} && \ - ${STAGING_BINDIR_NATIVE}/python-native/python setup.py install \ + ${STAGING_BINDIR_NATIVE}/python3-native/python3 setup.py install \ --install-lib=${D}/${PYTHON_SITEPACKAGES_DIR} ${LIBVIRT_INSTALL_ARGS} fi } diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-build-drop-unnecessary-libgnu.la-reference.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-build-drop-unnecessary-libgnu.la-reference.patch new file mode 100644 index 00000000..952e8eb0 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-build-drop-unnecessary-libgnu.la-reference.patch @@ -0,0 +1,33 @@ +From 4945576d6c5c7cc9a21a58aaa312829567af13db Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@gmail.com> +Date: Sat, 7 Mar 2020 21:36:27 -0500 +Subject: [PATCH] build: drop unnecessary libgnu.la reference + +Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> +--- + tools/Makefile.am | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/tools/Makefile.am b/tools/Makefile.am +index 2a0a989..93fe283 100644 +--- a/tools/Makefile.am ++++ b/tools/Makefile.am +@@ -168,7 +168,6 @@ virt_host_validate_LDADD = \ + + if WITH_GNUTLS + virt_host_validate_LDADD += ../src/libvirt-net-rpc.la \ +- ../gnulib/lib/libgnu.la \ + $(NULL) + endif + +@@ -270,7 +269,6 @@ BUILT_SOURCES = + + if WITH_GNUTLS + virsh_LDADD += ../src/libvirt-net-rpc.la \ +- ../gnulib/lib/libgnu.la \ + $(NULL) + endif + +-- +2.19.1 + diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-cpu_x86-Do-not-cache-microcode-version.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-cpu_x86-Do-not-cache-microcode-version.patch deleted file mode 100644 index 4413d5fb..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-cpu_x86-Do-not-cache-microcode-version.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 33998cdd47300fc3ca6cb8f85714c149440b9c8b Mon Sep 17 00:00:00 2001 -From: Jiri Denemark <jdenemar@redhat.com> -Date: Fri, 5 Apr 2019 11:33:32 +0200 -Subject: [PATCH 01/11] cpu_x86: Do not cache microcode version -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The microcode version checks are used to invalidate cached CPU data we -get from QEMU. To minimize /proc/cpuinfo parsing the microcode version -was only read when libvirtd started and cached for the daemon's -lifetime. However, the CPU microcode can change anytime (updating the -microcode package can automatically upload it to the CPU) and we need to -stop caching it to avoid using stale CPU model data. - -Signed-off-by: Jiri Denemark <jdenemar@redhat.com> -Reviewed-by: Ján Tomko <jtomko@redhat.com> -(cherry picked from commit be46f613261d3b655a1f15afd635087e68a9c39b) - -Upstream-Status: Backport -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/cpu/cpu_x86.c | 5 +---- - 1 file changed, 1 insertion(+), 4 deletions(-) - -diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c -index cb27550..ce48ca6 100644 ---- a/src/cpu/cpu_x86.c -+++ b/src/cpu/cpu_x86.c -@@ -163,7 +163,6 @@ struct _virCPUx86Map { - }; - - static virCPUx86MapPtr cpuMap; --static unsigned int microcodeVersion; - - int virCPUx86DriverOnceInit(void); - VIR_ONCE_GLOBAL_INIT(virCPUx86Driver); -@@ -1331,8 +1330,6 @@ virCPUx86DriverOnceInit(void) - if (!(cpuMap = virCPUx86LoadMap())) - return -1; - -- microcodeVersion = virHostCPUGetMicrocodeVersion(); -- - return 0; - } - -@@ -2372,7 +2369,7 @@ virCPUx86GetHost(virCPUDefPtr cpu, - goto cleanup; - - ret = x86DecodeCPUData(cpu, cpuData, models); -- cpu->microcodeVersion = microcodeVersion; -+ cpu->microcodeVersion = virHostCPUGetMicrocodeVersion(); - - cleanup: - virCPUx86DataFree(cpuData); --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch index 217bdbc5..02e99ecd 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch @@ -1,4 +1,4 @@ -From ffc71da15c3da068f85d16617b6e0c0175fc0110 Mon Sep 17 00:00:00 2001 +From 1601c21b653bf2bea2547e5efcf1f3cbb8b73f65 Mon Sep 17 00:00:00 2001 From: He Zhe <zhe.he@windriver.com> Date: Tue, 23 Aug 2016 02:28:47 -0400 Subject: [PATCH] ptest: Remove Windows-1252 check from esxutilstest @@ -7,15 +7,16 @@ Currently we use iconv from glibc-locale and it does not support Windows-1252 and we don't need support windows character encoding. Signed-off-by: He Zhe <zhe.he@windriver.com> + --- tests/esxutilstest.c | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/esxutilstest.c b/tests/esxutilstest.c -index 44bdc84..3223de3 100644 +index 2e20200..6c57889 100644 --- a/tests/esxutilstest.c +++ b/tests/esxutilstest.c -@@ -258,7 +258,6 @@ mymain(void) +@@ -256,7 +256,6 @@ mymain(void) DO_TEST(ParseDatastorePath); DO_TEST(ConvertDateTimeToCalendarTime); DO_TEST(EscapeDatastoreItem); @@ -23,6 +24,3 @@ index 44bdc84..3223de3 100644 return result == 0 ? EXIT_SUCCESS : EXIT_FAILURE; } --- -2.8.1 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-to-fix-build-error.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-to-fix-build-error.patch index c920139e..33231960 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-to-fix-build-error.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0001-to-fix-build-error.patch @@ -1,4 +1,4 @@ -From 8353dc1e642011199c3b3ba057d51d8768e4cd54 Mon Sep 17 00:00:00 2001 +From 7cf1d66c4b01c40b45b8a38370c7ffee46dfb10a Mon Sep 17 00:00:00 2001 From: Lei Maohui <leimaohui@cn.fujitsu.com> Date: Fri, 31 Jul 2015 03:17:07 +0900 Subject: [PATCH] to fix build error @@ -17,26 +17,27 @@ Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com> [MA: rebase to v4.3.0] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- docs/Makefile.am | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/Makefile.am b/docs/Makefile.am -index 9620587..060a82b 100644 +index 61862c4..c259535 100644 --- a/docs/Makefile.am +++ b/docs/Makefile.am -@@ -183,7 +183,7 @@ EXTRA_DIST= \ - hvsupport.pl \ +@@ -360,7 +360,7 @@ EXTRA_DIST= \ + aclperms.htmlinc \ $(schema_DATA) -acl_generated = aclperms.htmlinc +acl.html:: $(srcdir)/aclperms.htmlinc - $(srcdir)/aclperms.htmlinc: $(top_srcdir)/src/access/viraccessperm.h \ - $(srcdir)/genaclperms.pl Makefile.am -@@ -247,8 +247,7 @@ MAINTAINERCLEANFILES += \ - %.png: %.fig - convert -rotate 90 $< $@ + aclperms.htmlinc: $(top_srcdir)/src/access/viraccessperm.h \ + $(top_srcdir)/scripts/genaclperms.py Makefile.am +@@ -426,8 +426,7 @@ manpages/%.html.in: manpages/%.rst + $(AM_V_GEN)$(MKDIR_P) `dirname $@` && \ + $(RST2HTML) --strict $< > $@ || { rm $@ && exit 1; } -%.html.tmp: %.html.in site.xsl subsite.xsl page.xsl \ - $(acl_generated) @@ -44,6 +45,3 @@ index 9620587..060a82b 100644 $(AM_V_GEN)name=`echo $@ | sed -e 's/.tmp//'`; \ dir=`dirname $@` ; \ if test "$$dir" = "."; \ --- -1.9.1 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0002-qemu-Don-t-cache-microcode-version.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/0002-qemu-Don-t-cache-microcode-version.patch deleted file mode 100644 index 6d0f2986..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/0002-qemu-Don-t-cache-microcode-version.patch +++ /dev/null @@ -1,155 +0,0 @@ -From d606ac113007901522dab6c4b3979686d43eaa87 Mon Sep 17 00:00:00 2001 -From: Jiri Denemark <jdenemar@redhat.com> -Date: Fri, 12 Apr 2019 21:21:05 +0200 -Subject: [PATCH 02/11] qemu: Don't cache microcode version -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -My earlier commit be46f61326 was incomplete. It removed caching of -microcode version in the CPU driver, which means the capabilities XML -will see the correct microcode version. But it is also cached in the -QEMU capabilities cache where it is used to detect whether we need to -reprobe QEMU. By missing the second place, the original commit -be46f61326 made the situation even worse since libvirt would report -correct microcode version while still using the old host CPU model -(visible in domain capabilities XML). - -Signed-off-by: Jiri Denemark <jdenemar@redhat.com> -Reviewed-by: Ján Tomko <jtomko@redhat.com> -(cherry picked from commit 673c62a3b7855a0685d8f116e227c402720b9ee9) - -Conflicts: - src/qemu/qemu_capabilities.c - - virQEMUCapsCacheLookupByArch refactoring (commits - 7948ad4129a and 1a3de67001c) are missing - -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> - -Upstream-Status: Backport -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/qemu/qemu_capabilities.c | 12 ++++++++---- - src/qemu/qemu_capabilities.h | 3 +-- - src/qemu/qemu_driver.c | 9 +-------- - tests/testutilsqemu.c | 2 +- - 4 files changed, 11 insertions(+), 15 deletions(-) - -diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c -index a075677..eaf369f 100644 ---- a/src/qemu/qemu_capabilities.c -+++ b/src/qemu/qemu_capabilities.c -@@ -4700,7 +4700,7 @@ virQEMUCapsNewData(const char *binary, - priv->libDir, - priv->runUid, - priv->runGid, -- priv->microcodeVersion, -+ virHostCPUGetMicrocodeVersion(), - priv->kernelVersion); - } - -@@ -4783,8 +4783,7 @@ virFileCachePtr - virQEMUCapsCacheNew(const char *libDir, - const char *cacheDir, - uid_t runUid, -- gid_t runGid, -- unsigned int microcodeVersion) -+ gid_t runGid) - { - char *capsCacheDir = NULL; - virFileCachePtr cache = NULL; -@@ -4808,7 +4807,6 @@ virQEMUCapsCacheNew(const char *libDir, - - priv->runUid = runUid; - priv->runGid = runGid; -- priv->microcodeVersion = microcodeVersion; - - if (uname(&uts) == 0 && - virAsprintf(&priv->kernelVersion, "%s %s", uts.release, uts.version) < 0) -@@ -4829,8 +4827,11 @@ virQEMUCapsPtr - virQEMUCapsCacheLookup(virFileCachePtr cache, - const char *binary) - { -+ virQEMUCapsCachePrivPtr priv = virFileCacheGetPriv(cache); - virQEMUCapsPtr ret = NULL; - -+ priv->microcodeVersion = virHostCPUGetMicrocodeVersion(); -+ - ret = virFileCacheLookup(cache, binary); - - VIR_DEBUG("Returning caps %p for %s", ret, binary); -@@ -4876,10 +4877,13 @@ virQEMUCapsPtr - virQEMUCapsCacheLookupByArch(virFileCachePtr cache, - virArch arch) - { -+ virQEMUCapsCachePrivPtr priv = virFileCacheGetPriv(cache); - virQEMUCapsPtr ret = NULL; - virArch target; - struct virQEMUCapsSearchData data = { .arch = arch }; - -+ priv->microcodeVersion = virHostCPUGetMicrocodeVersion(); -+ - ret = virFileCacheLookupByFunc(cache, virQEMUCapsCompareArch, &data); - if (!ret) { - /* If the first attempt at finding capabilities has failed, try -diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h -index 3d3a978..956babc 100644 ---- a/src/qemu/qemu_capabilities.h -+++ b/src/qemu/qemu_capabilities.h -@@ -574,8 +574,7 @@ void virQEMUCapsFilterByMachineType(virQEMUCapsPtr qemuCaps, - virFileCachePtr virQEMUCapsCacheNew(const char *libDir, - const char *cacheDir, - uid_t uid, -- gid_t gid, -- unsigned int microcodeVersion); -+ gid_t gid); - virQEMUCapsPtr virQEMUCapsCacheLookup(virFileCachePtr cache, - const char *binary); - virQEMUCapsPtr virQEMUCapsCacheLookupCopy(virFileCachePtr cache, -diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c -index a0f7c71..75f8699 100644 ---- a/src/qemu/qemu_driver.c -+++ b/src/qemu/qemu_driver.c -@@ -592,8 +592,6 @@ qemuStateInitialize(bool privileged, - char *hugepagePath = NULL; - char *memoryBackingPath = NULL; - size_t i; -- virCPUDefPtr hostCPU = NULL; -- unsigned int microcodeVersion = 0; - - if (VIR_ALLOC(qemu_driver) < 0) - return -1; -@@ -813,15 +811,10 @@ qemuStateInitialize(bool privileged, - run_gid = cfg->group; - } - -- if ((hostCPU = virCPUProbeHost(virArchFromHost()))) -- microcodeVersion = hostCPU->microcodeVersion; -- virCPUDefFree(hostCPU); -- - qemu_driver->qemuCapsCache = virQEMUCapsCacheNew(cfg->libDir, - cfg->cacheDir, - run_uid, -- run_gid, -- microcodeVersion); -+ run_gid); - if (!qemu_driver->qemuCapsCache) - goto error; - -diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c -index 8438613..4e53f03 100644 ---- a/tests/testutilsqemu.c -+++ b/tests/testutilsqemu.c -@@ -707,7 +707,7 @@ int qemuTestDriverInit(virQEMUDriver *driver) - - /* Using /dev/null for libDir and cacheDir automatically produces errors - * upon attempt to use any of them */ -- driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0, 0); -+ driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0); - if (!driver->qemuCapsCache) - goto error; - --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p1.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p1.patch deleted file mode 100644 index 45f51d4a..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p1.patch +++ /dev/null @@ -1,894 +0,0 @@ -From b15a3c9f9bd24d12082b5a6ea505eb3ea48137cb Mon Sep 17 00:00:00 2001 -From: Jiri Denemark <jdenemar@redhat.com> -Date: Fri, 5 Apr 2019 11:19:30 +0200 -Subject: [PATCH 03/11] cputest: Add data for Intel(R) Xeon(R) CPU E3-1225 v5 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Jiri Denemark <jdenemar@redhat.com> -(cherry picked from commit 5cd9db3ac11e88846cbcf95fad9f6fae9d880dee) - -CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 - -Conflicts: - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml - - intel-pt feature is missing - - stibp feature is missing - -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> - -Upstream-Status: Backport - -CVE: CVE-2018-12126 -CVE: CVE-2018-12127 -CVE: CVE-2018-12130 -CVE: CVE-2019-11091 - -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - tests/cputest.c | 1 + - .../x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml | 7 + - .../x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml | 8 + - .../x86_64-cpuid-Xeon-E3-1225-v5-guest.xml | 26 + - .../x86_64-cpuid-Xeon-E3-1225-v5-host.xml | 27 + - .../x86_64-cpuid-Xeon-E3-1225-v5-json.xml | 10 + - .../cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json | 652 +++++++++++++++++++++ - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig | 4 + - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml | 47 ++ - 9 files changed, 782 insertions(+) - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig - create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml - -diff --git a/tests/cputest.c b/tests/cputest.c -index baf2b3c..fbb2a86 100644 ---- a/tests/cputest.c -+++ b/tests/cputest.c -@@ -1190,6 +1190,7 @@ mymain(void) - DO_TEST_CPUID(VIR_ARCH_X86_64, "Phenom-B95", JSON_HOST); - DO_TEST_CPUID(VIR_ARCH_X86_64, "Ryzen-7-1800X-Eight-Core", JSON_HOST); - DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-5110", JSON_NONE); -+ DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E3-1225-v5", JSON_MODELS); - DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E3-1245-v5", JSON_MODELS); - DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E5-2609-v3", JSON_MODELS); - DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E5-2623-v4", JSON_MODELS); -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml -new file mode 100644 -index 0000000..ce51903 ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml -@@ -0,0 +1,7 @@ -+<!-- Features disabled by QEMU --> -+<cpudata arch='x86'> -+ <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x0800c1fc' edx='0xb0600000'/> -+ <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x02000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000008' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x80000007' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000100'/> -+</cpudata> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml -new file mode 100644 -index 0000000..0deca9f ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml -@@ -0,0 +1,8 @@ -+<!-- Features enabled by QEMU --> -+<cpudata arch='x86'> -+ <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/> -+ <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/> -+</cpudata> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml -new file mode 100644 -index 0000000..993db80 ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml -@@ -0,0 +1,26 @@ -+<cpu mode='custom' match='exact'> -+ <model fallback='forbid'>Skylake-Client-IBRS</model> -+ <vendor>Intel</vendor> -+ <feature policy='require' name='ds'/> -+ <feature policy='require' name='acpi'/> -+ <feature policy='require' name='ss'/> -+ <feature policy='require' name='ht'/> -+ <feature policy='require' name='tm'/> -+ <feature policy='require' name='pbe'/> -+ <feature policy='require' name='dtes64'/> -+ <feature policy='require' name='monitor'/> -+ <feature policy='require' name='ds_cpl'/> -+ <feature policy='require' name='vmx'/> -+ <feature policy='require' name='smx'/> -+ <feature policy='require' name='est'/> -+ <feature policy='require' name='tm2'/> -+ <feature policy='require' name='xtpr'/> -+ <feature policy='require' name='pdcm'/> -+ <feature policy='require' name='osxsave'/> -+ <feature policy='require' name='tsc_adjust'/> -+ <feature policy='require' name='clflushopt'/> -+ <feature policy='require' name='ssbd'/> -+ <feature policy='require' name='xsaves'/> -+ <feature policy='require' name='pdpe1gb'/> -+ <feature policy='require' name='invtsc'/> -+</cpu> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml -new file mode 100644 -index 0000000..074a39b ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml -@@ -0,0 +1,27 @@ -+<cpu> -+ <arch>x86_64</arch> -+ <model>Skylake-Client-IBRS</model> -+ <vendor>Intel</vendor> -+ <feature name='ds'/> -+ <feature name='acpi'/> -+ <feature name='ss'/> -+ <feature name='ht'/> -+ <feature name='tm'/> -+ <feature name='pbe'/> -+ <feature name='dtes64'/> -+ <feature name='monitor'/> -+ <feature name='ds_cpl'/> -+ <feature name='vmx'/> -+ <feature name='smx'/> -+ <feature name='est'/> -+ <feature name='tm2'/> -+ <feature name='xtpr'/> -+ <feature name='pdcm'/> -+ <feature name='osxsave'/> -+ <feature name='tsc_adjust'/> -+ <feature name='clflushopt'/> -+ <feature name='ssbd'/> -+ <feature name='xsaves'/> -+ <feature name='pdpe1gb'/> -+ <feature name='invtsc'/> -+</cpu> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml -new file mode 100644 -index 0000000..1984bd4 ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml -@@ -0,0 +1,10 @@ -+<cpu mode='custom' match='exact'> -+ <model fallback='forbid'>Skylake-Client-IBRS</model> -+ <vendor>Intel</vendor> -+ <feature policy='require' name='ss'/> -+ <feature policy='require' name='hypervisor'/> -+ <feature policy='require' name='tsc_adjust'/> -+ <feature policy='require' name='clflushopt'/> -+ <feature policy='require' name='ssbd'/> -+ <feature policy='require' name='pdpe1gb'/> -+</cpu> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json -new file mode 100644 -index 0000000..0847475 ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json -@@ -0,0 +1,652 @@ -+{ -+ "return": { -+ "model": { -+ "name": "base", -+ "props": { -+ "phys-bits": 0, -+ "core-id": -1, -+ "xlevel": 2147483656, -+ "cmov": true, -+ "ia64": false, -+ "aes": true, -+ "mmx": true, -+ "rdpid": false, -+ "arat": true, -+ "gfni": false, -+ "pause-filter": false, -+ "xsavec": true, -+ "intel-pt": false, -+ "osxsave": false, -+ "hv-frequencies": false, -+ "tsc-frequency": 0, -+ "xd": true, -+ "hv-vendor-id": "", -+ "kvm-asyncpf": true, -+ "kvm_asyncpf": true, -+ "perfctr_core": false, -+ "perfctr-core": false, -+ "mpx": true, -+ "pbe": false, -+ "decodeassists": false, -+ "avx512cd": false, -+ "sse4_1": true, -+ "sse4.1": true, -+ "sse4-1": true, -+ "family": 6, -+ "legacy-cache": true, -+ "vmware-cpuid-freq": true, -+ "avx512f": false, -+ "msr": true, -+ "mce": true, -+ "mca": true, -+ "hv-runtime": false, -+ "xcrypt": false, -+ "thread-id": -1, -+ "min-level": 13, -+ "xgetbv1": true, -+ "cid": false, -+ "hv-relaxed": false, -+ "hv-crash": false, -+ "ds": false, -+ "fxsr": true, -+ "xsaveopt": true, -+ "xtpr": false, -+ "avx512vl": false, -+ "avx512-vpopcntdq": false, -+ "phe": false, -+ "extapic": false, -+ "3dnowprefetch": true, -+ "avx512vbmi2": false, -+ "cr8legacy": false, -+ "stibp": true, -+ "cpuid-0xb": true, -+ "xcrypt-en": false, -+ "kvm_pv_eoi": true, -+ "apic-id": 4294967295, -+ "pn": false, -+ "dca": false, -+ "vendor": "GenuineIntel", -+ "pku": false, -+ "smx": false, -+ "cmp_legacy": false, -+ "cmp-legacy": false, -+ "node-id": -1, -+ "avx512-4fmaps": false, -+ "vmcb_clean": false, -+ "vmcb-clean": false, -+ "3dnowext": false, -+ "hle": true, -+ "npt": false, -+ "memory": "/machine/unattached/system[0]", -+ "clwb": false, -+ "lbrv": false, -+ "adx": true, -+ "ss": true, -+ "pni": true, -+ "svm_lock": false, -+ "svm-lock": false, -+ "pfthreshold": false, -+ "smep": true, -+ "smap": true, -+ "x2apic": true, -+ "avx512vbmi": false, -+ "avx512vnni": false, -+ "hv-stimer": false, -+ "i64": true, -+ "flushbyasid": false, -+ "f16c": true, -+ "ace2-en": false, -+ "pat": true, -+ "pae": true, -+ "sse": true, -+ "phe-en": false, -+ "kvm_nopiodelay": true, -+ "kvm-nopiodelay": true, -+ "tm": false, -+ "kvmclock-stable-bit": true, -+ "hypervisor": true, -+ "socket-id": -1, -+ "pcommit": false, -+ "syscall": true, -+ "level": 13, -+ "avx512dq": false, -+ "svm": false, -+ "full-cpuid-auto-level": true, -+ "hv-reset": false, -+ "invtsc": false, -+ "sse3": true, -+ "sse2": true, -+ "ssbd": true, -+ "est": false, -+ "avx512ifma": false, -+ "tm2": false, -+ "kvm-pv-eoi": true, -+ "cx8": true, -+ "kvm_mmu": false, -+ "kvm-mmu": false, -+ "sse4_2": true, -+ "sse4.2": true, -+ "sse4-2": true, -+ "pge": true, -+ "fill-mtrr-mask": true, -+ "avx512bitalg": false, -+ "nodeid_msr": false, -+ "pdcm": false, -+ "movbe": true, -+ "model": 94, -+ "nrip_save": false, -+ "nrip-save": false, -+ "kvm_pv_unhalt": true, -+ "ssse3": true, -+ "sse4a": false, -+ "invpcid": true, -+ "pdpe1gb": true, -+ "tsc-deadline": true, -+ "fma": true, -+ "cx16": true, -+ "de": true, -+ "enforce": false, -+ "stepping": 3, -+ "xsave": true, -+ "clflush": true, -+ "skinit": false, -+ "tsc": true, -+ "tce": false, -+ "fpu": true, -+ "ibs": false, -+ "ds_cpl": false, -+ "ds-cpl": false, -+ "host-phys-bits": true, -+ "fma4": false, -+ "la57": false, -+ "osvw": false, -+ "check": true, -+ "hv-spinlocks": -1, -+ "pmu": false, -+ "pmm": false, -+ "apic": true, -+ "spec-ctrl": true, -+ "min-xlevel2": 0, -+ "tsc-adjust": true, -+ "tsc_adjust": true, -+ "kvm-steal-time": true, -+ "kvm_steal_time": true, -+ "kvmclock": true, -+ "l3-cache": true, -+ "lwp": false, -+ "ibpb": false, -+ "xop": false, -+ "avx": true, -+ "ospke": false, -+ "ace2": false, -+ "avx512bw": false, -+ "acpi": false, -+ "hv-vapic": false, -+ "fsgsbase": true, -+ "ht": false, -+ "nx": true, -+ "pclmulqdq": true, -+ "mmxext": false, -+ "vaes": false, -+ "popcnt": true, -+ "xsaves": false, -+ "tcg-cpuid": true, -+ "lm": true, -+ "umip": false, -+ "pse": true, -+ "avx2": true, -+ "sep": true, -+ "pclmuldq": true, -+ "virt-ssbd": false, -+ "x-hv-max-vps": -1, -+ "nodeid-msr": false, -+ "md-clear": true, -+ "kvm": true, -+ "misalignsse": false, -+ "min-xlevel": 2147483656, -+ "kvm-pv-unhalt": true, -+ "bmi2": true, -+ "bmi1": true, -+ "realized": false, -+ "tsc_scale": false, -+ "tsc-scale": false, -+ "topoext": false, -+ "hv-vpindex": false, -+ "xlevel2": 0, -+ "clflushopt": true, -+ "kvm-no-smi-migration": false, -+ "monitor": false, -+ "avx512er": false, -+ "pmm-en": false, -+ "pcid": true, -+ "3dnow": false, -+ "erms": true, -+ "lahf-lm": true, -+ "lahf_lm": true, -+ "vpclmulqdq": false, -+ "fxsr-opt": false, -+ "hv-synic": false, -+ "xstore": false, -+ "fxsr_opt": false, -+ "kvm-hint-dedicated": false, -+ "rtm": true, -+ "lmce": true, -+ "hv-time": false, -+ "perfctr-nb": false, -+ "perfctr_nb": false, -+ "ffxsr": false, -+ "rdrand": true, -+ "rdseed": true, -+ "avx512-4vnniw": false, -+ "vmx": false, -+ "vme": true, -+ "dtes64": false, -+ "mtrr": true, -+ "rdtscp": true, -+ "pse36": true, -+ "kvm-pv-tlb-flush": false, -+ "tbm": false, -+ "wdt": false, -+ "pause_filter": false, -+ "sha-ni": false, -+ "model-id": "Intel(R) Xeon(R) CPU E3-1225 v5 @ 3.30GHz", -+ "abm": true, -+ "avx512pf": false, -+ "xstore-en": false -+ } -+ } -+ }, -+ "id": "model-expansion" -+} -+ -+{ -+ "return": [ -+ { -+ "name": "max", -+ "typename": "max-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": false -+ }, -+ { -+ "name": "host", -+ "typename": "host-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": false -+ }, -+ { -+ "name": "base", -+ "typename": "base-x86_64-cpu", -+ "unavailable-features": [], -+ "static": true, -+ "migration-safe": true -+ }, -+ { -+ "name": "qemu64", -+ "typename": "qemu64-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "qemu32", -+ "typename": "qemu32-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "phenom", -+ "typename": "phenom-x86_64-cpu", -+ "unavailable-features": [ -+ "mmxext", -+ "fxsr-opt", -+ "3dnowext", -+ "3dnow", -+ "sse4a", -+ "npt" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "pentium3", -+ "typename": "pentium3-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "pentium2", -+ "typename": "pentium2-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "pentium", -+ "typename": "pentium-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "n270", -+ "typename": "n270-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "kvm64", -+ "typename": "kvm64-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "kvm32", -+ "typename": "kvm32-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "cpu64-rhel6", -+ "typename": "cpu64-rhel6-x86_64-cpu", -+ "unavailable-features": [ -+ "sse4a" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "coreduo", -+ "typename": "coreduo-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "core2duo", -+ "typename": "core2duo-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "athlon", -+ "typename": "athlon-x86_64-cpu", -+ "unavailable-features": [ -+ "mmxext", -+ "3dnowext", -+ "3dnow" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Westmere", -+ "typename": "Westmere-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Westmere-IBRS", -+ "typename": "Westmere-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Skylake-Server", -+ "typename": "Skylake-Server-x86_64-cpu", -+ "unavailable-features": [ -+ "avx512f", -+ "avx512dq", -+ "clwb", -+ "avx512cd", -+ "avx512bw", -+ "avx512vl", -+ "avx512f", -+ "avx512f", -+ "avx512f" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Skylake-Server-IBRS", -+ "typename": "Skylake-Server-IBRS-x86_64-cpu", -+ "unavailable-features": [ -+ "avx512f", -+ "avx512dq", -+ "clwb", -+ "avx512cd", -+ "avx512bw", -+ "avx512vl", -+ "avx512f", -+ "avx512f", -+ "avx512f" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Skylake-Client", -+ "typename": "Skylake-Client-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Skylake-Client-IBRS", -+ "typename": "Skylake-Client-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "SandyBridge", -+ "typename": "SandyBridge-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "SandyBridge-IBRS", -+ "typename": "SandyBridge-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Penryn", -+ "typename": "Penryn-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Opteron_G5", -+ "typename": "Opteron_G5-x86_64-cpu", -+ "unavailable-features": [ -+ "sse4a", -+ "misalignsse", -+ "xop", -+ "fma4", -+ "tbm" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Opteron_G4", -+ "typename": "Opteron_G4-x86_64-cpu", -+ "unavailable-features": [ -+ "sse4a", -+ "misalignsse", -+ "xop", -+ "fma4" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Opteron_G3", -+ "typename": "Opteron_G3-x86_64-cpu", -+ "unavailable-features": [ -+ "sse4a", -+ "misalignsse" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Opteron_G2", -+ "typename": "Opteron_G2-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Opteron_G1", -+ "typename": "Opteron_G1-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Nehalem", -+ "typename": "Nehalem-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Nehalem-IBRS", -+ "typename": "Nehalem-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "IvyBridge", -+ "typename": "IvyBridge-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "IvyBridge-IBRS", -+ "typename": "IvyBridge-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Haswell", -+ "typename": "Haswell-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Haswell-noTSX", -+ "typename": "Haswell-noTSX-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Haswell-noTSX-IBRS", -+ "typename": "Haswell-noTSX-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Haswell-IBRS", -+ "typename": "Haswell-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "EPYC", -+ "typename": "EPYC-x86_64-cpu", -+ "unavailable-features": [ -+ "sha-ni", -+ "mmxext", -+ "fxsr-opt", -+ "cr8legacy", -+ "sse4a", -+ "misalignsse", -+ "osvw" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "EPYC-IBPB", -+ "typename": "EPYC-IBPB-x86_64-cpu", -+ "unavailable-features": [ -+ "sha-ni", -+ "mmxext", -+ "fxsr-opt", -+ "cr8legacy", -+ "sse4a", -+ "misalignsse", -+ "osvw", -+ "ibpb" -+ ], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Conroe", -+ "typename": "Conroe-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Broadwell", -+ "typename": "Broadwell-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Broadwell-noTSX", -+ "typename": "Broadwell-noTSX-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Broadwell-noTSX-IBRS", -+ "typename": "Broadwell-noTSX-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "Broadwell-IBRS", -+ "typename": "Broadwell-IBRS-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ }, -+ { -+ "name": "486", -+ "typename": "486-x86_64-cpu", -+ "unavailable-features": [], -+ "static": false, -+ "migration-safe": true -+ } -+ ], -+ "id": "definitions" -+} -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig -new file mode 100644 -index 0000000..7e57c2d ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig -@@ -0,0 +1,4 @@ -+0506e3 -+family: 6 (0x06) -+model: 94 (0x5e) -+stepping: 3 (0x03) -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml -new file mode 100644 -index 0000000..437429d ---- /dev/null -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml -@@ -0,0 +1,47 @@ -+<!-- Intel(R) Xeon(R) CPU E3-1225 v5 @ 3.30GHz --> -+<cpudata arch='x86'> -+ <cpuid eax_in='0x00000000' ecx_in='0x00' eax='0x00000016' ebx='0x756e6547' ecx='0x6c65746e' edx='0x49656e69'/> -+ <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x000506e3' ebx='0x06100800' ecx='0x7ffafbff' edx='0xbfebfbff'/> -+ <cpuid eax_in='0x00000002' ecx_in='0x00' eax='0x76036301' ebx='0x00f0b6ff' ecx='0x00000000' edx='0x00c30000'/> -+ <cpuid eax_in='0x00000003' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000004' ecx_in='0x00' eax='0x1c004121' ebx='0x01c0003f' ecx='0x0000003f' edx='0x00000000'/> -+ <cpuid eax_in='0x00000004' ecx_in='0x01' eax='0x1c004122' ebx='0x01c0003f' ecx='0x0000003f' edx='0x00000000'/> -+ <cpuid eax_in='0x00000004' ecx_in='0x02' eax='0x1c004143' ebx='0x00c0003f' ecx='0x000003ff' edx='0x00000000'/> -+ <cpuid eax_in='0x00000004' ecx_in='0x03' eax='0x1c03c163' ebx='0x03c0003f' ecx='0x00001fff' edx='0x00000006'/> -+ <cpuid eax_in='0x00000005' ecx_in='0x00' eax='0x00000040' ebx='0x00000040' ecx='0x00000003' edx='0x00142120'/> -+ <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x000027f7' ebx='0x00000002' ecx='0x00000009' edx='0x00000000'/> -+ <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x029c6fbf' ecx='0x00000000' edx='0x9c002400'/> -+ <cpuid eax_in='0x00000008' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000009' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000a' ecx_in='0x00' eax='0x07300804' ebx='0x00000000' ecx='0x00000000' edx='0x00000603'/> -+ <cpuid eax_in='0x0000000b' ecx_in='0x00' eax='0x00000001' ebx='0x00000001' ecx='0x00000100' edx='0x00000006'/> -+ <cpuid eax_in='0x0000000b' ecx_in='0x01' eax='0x00000004' ebx='0x00000004' ecx='0x00000201' edx='0x00000006'/> -+ <cpuid eax_in='0x0000000c' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x00' eax='0x0000001f' ebx='0x00000440' ecx='0x00000440' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x0000000f' ebx='0x000003c0' ecx='0x00000100' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x02' eax='0x00000100' ebx='0x00000240' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x03' eax='0x00000040' ebx='0x000003c0' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x04' eax='0x00000040' ebx='0x00000400' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000d' ecx_in='0x08' eax='0x00000080' ebx='0x00000000' ecx='0x00000001' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000e' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x0000000f' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000010' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000011' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000012' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000013' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000014' ecx_in='0x00' eax='0x00000001' ebx='0x0000000f' ecx='0x00000007' edx='0x00000000'/> -+ <cpuid eax_in='0x00000014' ecx_in='0x01' eax='0x02490002' ebx='0x003f3fff' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000015' ecx_in='0x00' eax='0x00000002' ebx='0x00000114' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x00000016' ecx_in='0x00' eax='0x00000ce4' ebx='0x00000e74' ecx='0x00000064' edx='0x00000000'/> -+ <cpuid eax_in='0x80000000' ecx_in='0x00' eax='0x80000008' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/> -+ <cpuid eax_in='0x80000002' ecx_in='0x00' eax='0x65746e49' ebx='0x2952286c' ecx='0x6f655820' edx='0x2952286e'/> -+ <cpuid eax_in='0x80000003' ecx_in='0x00' eax='0x55504320' ebx='0x2d334520' ecx='0x35323231' edx='0x20357620'/> -+ <cpuid eax_in='0x80000004' ecx_in='0x00' eax='0x2e332040' ebx='0x48473033' ecx='0x0000007a' edx='0x00000000'/> -+ <cpuid eax_in='0x80000005' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x80000006' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x01006040' edx='0x00000000'/> -+ <cpuid eax_in='0x80000007' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000100'/> -+ <cpuid eax_in='0x80000008' ecx_in='0x00' eax='0x00003027' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -+ <cpuid eax_in='0x80860000' ecx_in='0x00' eax='0x00000ce4' ebx='0x00000e74' ecx='0x00000064' edx='0x00000000'/> -+ <cpuid eax_in='0xc0000000' ecx_in='0x00' eax='0x00000ce4' ebx='0x00000e74' ecx='0x00000064' edx='0x00000000'/> -+</cpudata> --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch deleted file mode 100644 index b39e8662..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch +++ /dev/null @@ -1,116 +0,0 @@ -From c811c618c114c4a6493ede602bdca22d33c1972a Mon Sep 17 00:00:00 2001 -From: Jiri Denemark <jdenemar@redhat.com> -Date: Tue, 9 Apr 2019 12:35:52 +0200 -Subject: [PATCH 04/11] cpu_map: Define md-clear CPUID bit -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 - -The bit is set when microcode provides the mechanism to invoke a flush -of various exploitable CPU buffers by invoking the VERW instruction. - -Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> -Signed-off-by: Jiri Denemark <jdenemar@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit 538d873571d7a682852dc1d70e5f4478f4d64e85) - -Conflicts: - src/cpu_map/x86_features.xml - - missing pconfig feature - - tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml - tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml - - test data missing downstream - - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml - - intel-pt feature is missing - - stibp feature is missing - -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> - -Upstream-Status: Backport - -CVE: CVE-2018-12126 -CVE: CVE-2018-12127 -CVE: CVE-2018-12130 -CVE: CVE-2019-11091 - -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/cpu_map/x86_features.xml | 3 +++ - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml | 2 +- - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml | 1 + - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml | 1 + - tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml | 1 + - 5 files changed, 7 insertions(+), 1 deletion(-) - -diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml -index 109c653..c8ae540 100644 ---- a/src/cpu_map/x86_features.xml -+++ b/src/cpu_map/x86_features.xml -@@ -290,6 +290,9 @@ - <feature name='avx512-4fmaps'> - <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/> - </feature> -+ <feature name='md-clear'> <!-- md_clear --> -+ <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/> -+ </feature> - <feature name='spec-ctrl'> - <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/> - </feature> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml -index 0deca9f..74763a4 100644 ---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml -@@ -2,7 +2,7 @@ - <cpudata arch='x86'> - <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/> - <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> -- <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/> -+ <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000400'/> - <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/> - <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/> - </cpudata> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml -index 993db80..29c1fdb 100644 ---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml -@@ -19,6 +19,7 @@ - <feature policy='require' name='osxsave'/> - <feature policy='require' name='tsc_adjust'/> - <feature policy='require' name='clflushopt'/> -+ <feature policy='require' name='md-clear'/> - <feature policy='require' name='ssbd'/> - <feature policy='require' name='xsaves'/> - <feature policy='require' name='pdpe1gb'/> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml -index 074a39b..2003ca9 100644 ---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml -@@ -20,6 +20,7 @@ - <feature name='osxsave'/> - <feature name='tsc_adjust'/> - <feature name='clflushopt'/> -+ <feature name='md-clear'/> - <feature name='ssbd'/> - <feature name='xsaves'/> - <feature name='pdpe1gb'/> -diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml -index 1984bd4..d6529c5 100644 ---- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml -+++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml -@@ -5,6 +5,7 @@ - <feature policy='require' name='hypervisor'/> - <feature policy='require' name='tsc_adjust'/> - <feature policy='require' name='clflushopt'/> -+ <feature policy='require' name='md-clear'/> - <feature policy='require' name='ssbd'/> - <feature policy='require' name='pdpe1gb'/> - </cpu> --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch deleted file mode 100644 index 11c1c5df..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch +++ /dev/null @@ -1,63 +0,0 @@ -From dfd22fc50f8f268b9810d2ef21adada021f740eb Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> -Date: Tue, 30 Apr 2019 17:26:13 +0100 -Subject: [PATCH 05/11] admin: reject clients unless their UID matches the - current UID -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The admin protocol RPC messages are only intended for use by the user -running the daemon. As such they should not be allowed for any client -UID that does not match the server UID. - -Fixes CVE-2019-10132 - -Reviewed-by: Ján Tomko <jtomko@redhat.com> -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7) - -Upstream-Status: Backport -CVE: CVE-2019-10132 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/admin/admin_server_dispatch.c | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c -index b78ff90..9f25813 100644 ---- a/src/admin/admin_server_dispatch.c -+++ b/src/admin/admin_server_dispatch.c -@@ -66,6 +66,28 @@ remoteAdmClientNew(virNetServerClientPtr client ATTRIBUTE_UNUSED, - void *opaque) - { - struct daemonAdmClientPrivate *priv; -+ uid_t clientuid; -+ gid_t clientgid; -+ pid_t clientpid; -+ unsigned long long timestamp; -+ -+ if (virNetServerClientGetUNIXIdentity(client, -+ &clientuid, -+ &clientgid, -+ &clientpid, -+ ×tamp) < 0) -+ return NULL; -+ -+ VIR_DEBUG("New client pid %lld uid %lld", -+ (long long)clientpid, -+ (long long)clientuid); -+ -+ if (geteuid() != clientuid) { -+ virReportRestrictedError(_("Disallowing client %lld with uid %lld"), -+ (long long)clientpid, -+ (long long)clientuid); -+ return NULL; -+ } - - if (VIR_ALLOC(priv) < 0) - return NULL; --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch deleted file mode 100644 index 860c1e53..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 54005b84b0165b62b2ef88c7df229bddbaa29e76 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> -Date: Tue, 30 Apr 2019 16:51:37 +0100 -Subject: [PATCH 06/11] locking: restrict sockets to mode 0600 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The virtlockd daemon's only intended client is the libvirtd daemon. As -such it should never allow clients from other user accounts to connect. -The code already enforces this and drops clients from other UIDs, but -we can get earlier (and thus stronger) protection against DoS by setting -the socket permissions to 0600 - -Fixes CVE-2019-10132 - -Reviewed-by: Ján Tomko <jtomko@redhat.com> -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit f111e09468693909b1f067aa575efdafd9a262a1) - -Upstream-Status: Backport -CVE: CVE-2019-10132 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/locking/virtlockd-admin.socket.in | 1 + - src/locking/virtlockd.socket.in | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/src/locking/virtlockd-admin.socket.in b/src/locking/virtlockd-admin.socket.in -index 2a7500f..f674c49 100644 ---- a/src/locking/virtlockd-admin.socket.in -+++ b/src/locking/virtlockd-admin.socket.in -@@ -5,6 +5,7 @@ Before=libvirtd.service - [Socket] - ListenStream=@localstatedir@/run/libvirt/virtlockd-admin-sock - Service=virtlockd.service -+SocketMode=0600 - - [Install] - WantedBy=sockets.target -diff --git a/src/locking/virtlockd.socket.in b/src/locking/virtlockd.socket.in -index 45e0f20..d701b27 100644 ---- a/src/locking/virtlockd.socket.in -+++ b/src/locking/virtlockd.socket.in -@@ -4,6 +4,7 @@ Before=libvirtd.service - - [Socket] - ListenStream=@localstatedir@/run/libvirt/virtlockd-sock -+SocketMode=0600 - - [Install] - WantedBy=sockets.target --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch deleted file mode 100644 index ddd0740e..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 030fdf57255f97289a407529194bf26c77548acb Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> -Date: Tue, 30 Apr 2019 17:27:41 +0100 -Subject: [PATCH 07/11] logging: restrict sockets to mode 0600 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The virtlogd daemon's only intended client is the libvirtd daemon. As -such it should never allow clients from other user accounts to connect. -The code already enforces this and drops clients from other UIDs, but -we can get earlier (and thus stronger) protection against DoS by setting -the socket permissions to 0600 - -Fixes CVE-2019-10132 - -Reviewed-by: Ján Tomko <jtomko@redhat.com> -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit e37bd65f9948c1185456b2cdaa3bd6e875af680f) - -Upstream-Status: Backport -CVE: CVE-2019-10132 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/logging/virtlogd-admin.socket.in | 1 + - src/logging/virtlogd.socket.in | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/src/logging/virtlogd-admin.socket.in b/src/logging/virtlogd-admin.socket.in -index 595e6c4..5c41dfe 100644 ---- a/src/logging/virtlogd-admin.socket.in -+++ b/src/logging/virtlogd-admin.socket.in -@@ -5,6 +5,7 @@ Before=libvirtd.service - [Socket] - ListenStream=@localstatedir@/run/libvirt/virtlogd-admin-sock - Service=virtlogd.service -+SocketMode=0600 - - [Install] - WantedBy=sockets.target -diff --git a/src/logging/virtlogd.socket.in b/src/logging/virtlogd.socket.in -index 22b9360..ae48cda 100644 ---- a/src/logging/virtlogd.socket.in -+++ b/src/logging/virtlogd.socket.in -@@ -4,6 +4,7 @@ Before=libvirtd.service - - [Socket] - ListenStream=@localstatedir@/run/libvirt/virtlogd-sock -+SocketMode=0600 - - [Install] - WantedBy=sockets.target --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch deleted file mode 100644 index 118ece4c..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch +++ /dev/null @@ -1,99 +0,0 @@ -From 3352c8af264a7b9b741208790ecca0bbc6733f42 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> -Date: Fri, 14 Jun 2019 08:47:42 +0200 -Subject: [PATCH 08/11] api: disallow virDomainSaveImageGetXMLDesc on read-only - connections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The virDomainSaveImageGetXMLDesc API is taking a path parameter, -which can point to any path on the system. This file will then be -read and parsed by libvirtd running with root privileges. - -Forbid it on read-only connections. - -Fixes: CVE-2019-10161 -Reported-by: Matthias Gerstner <mgerstner@suse.de> -Signed-off-by: Ján Tomko <jtomko@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit aed6a032cead4386472afb24b16196579e239580) -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Conflicts: - src/libvirt-domain.c - src/remote/remote_protocol.x - -Upstream commit 12a51f372 which introduced the VIR_DOMAIN_SAVE_IMAGE_XML_SECURE -alias for VIR_DOMAIN_XML_SECURE is not backported. -Just skip the commit since we now disallow the whole API on read-only -connections, regardless of the flag. - -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-10161 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/libvirt-domain.c | 11 ++--------- - src/qemu/qemu_driver.c | 2 +- - src/remote/remote_protocol.x | 3 +-- - 3 files changed, 4 insertions(+), 12 deletions(-) - -Index: libvirt-4.7.0/src/libvirt-domain.c -=================================================================== ---- libvirt-4.7.0.orig/src/libvirt-domain.c -+++ libvirt-4.7.0/src/libvirt-domain.c -@@ -1073,9 +1073,7 @@ virDomainRestoreFlags(virConnectPtr conn - * previously by virDomainSave() or virDomainSaveFlags(). - * - * No security-sensitive data will be included unless @flags contains -- * VIR_DOMAIN_XML_SECURE; this flag is rejected on read-only -- * connections. For this API, @flags should not contain either -- * VIR_DOMAIN_XML_INACTIVE or VIR_DOMAIN_XML_UPDATE_CPU. -+ * VIR_DOMAIN_XML_SECURE. - * - * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of - * error. The caller must free() the returned value. -@@ -1091,12 +1089,7 @@ virDomainSaveImageGetXMLDesc(virConnectP - - virCheckConnectReturn(conn, NULL); - virCheckNonNullArgGoto(file, error); -- -- if ((conn->flags & VIR_CONNECT_RO) && (flags & VIR_DOMAIN_XML_SECURE)) { -- virReportError(VIR_ERR_OPERATION_DENIED, "%s", -- _("virDomainSaveImageGetXMLDesc with secure flag")); -- goto error; -- } -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->domainSaveImageGetXMLDesc) { - char *ret; -Index: libvirt-4.7.0/src/qemu/qemu_driver.c -=================================================================== ---- libvirt-4.7.0.orig/src/qemu/qemu_driver.c -+++ libvirt-4.7.0/src/qemu/qemu_driver.c -@@ -6791,7 +6791,7 @@ qemuDomainSaveImageGetXMLDesc(virConnect - if (fd < 0) - goto cleanup; - -- if (virDomainSaveImageGetXMLDescEnsureACL(conn, def, flags) < 0) -+ if (virDomainSaveImageGetXMLDescEnsureACL(conn, def) < 0) - goto cleanup; - - ret = qemuDomainDefFormatXML(driver, def, flags); -Index: libvirt-4.7.0/src/remote/remote_protocol.x -=================================================================== ---- libvirt-4.7.0.orig/src/remote/remote_protocol.x -+++ libvirt-4.7.0/src/remote/remote_protocol.x -@@ -5226,8 +5226,7 @@ enum remote_procedure { - /** - * @generate: both - * @priority: high -- * @acl: domain:read -- * @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE -+ * @acl: domain:write - */ - REMOTE_PROC_DOMAIN_SAVE_IMAGE_GET_XML_DESC = 235, - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch deleted file mode 100644 index 12ab5436..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 6da721ea37bf3624ff9922637cfa657d2dcb20f9 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> -Date: Fri, 14 Jun 2019 09:14:53 +0200 -Subject: [PATCH 09/11] api: disallow virDomainManagedSaveDefineXML on - read-only connections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The virDomainManagedSaveDefineXML can be used to alter the domain's -config used for managedsave or even execute arbitrary emulator binaries. -Forbid it on read-only connections. - -Fixes: CVE-2019-10166 -Reported-by: Matthias Gerstner <mgerstner@suse.de> -Signed-off-by: Ján Tomko <jtomko@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit db0b78457f183e4c7ac45bc94de86044a1e2056a) -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-10166 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/libvirt-domain.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c -index 270e10e..5c764aa 100644 ---- a/src/libvirt-domain.c -+++ b/src/libvirt-domain.c -@@ -9482,6 +9482,7 @@ virDomainManagedSaveDefineXML(virDomainPtr domain, const char *dxml, - - virCheckDomainReturn(domain, -1); - conn = domain->conn; -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->domainManagedSaveDefineXML) { - int ret; --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch deleted file mode 100644 index 576f46c7..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 5441f05a42a90779b0df86518286bf527e94aafb Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> -Date: Fri, 14 Jun 2019 09:16:14 +0200 -Subject: [PATCH 10/11] api: disallow virConnectGetDomainCapabilities on - read-only connections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This API can be used to execute arbitrary emulators. -Forbid it on read-only connections. - -Fixes: CVE-2019-10167 -Signed-off-by: Ján Tomko <jtomko@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit 8afa68bac0cf99d1f8aaa6566685c43c22622f26) -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-10167 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/libvirt-domain.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c -index 5c764aa..9862a5d 100644 ---- a/src/libvirt-domain.c -+++ b/src/libvirt-domain.c -@@ -11274,6 +11274,7 @@ virConnectGetDomainCapabilities(virConnectPtr conn, - virResetLastError(); - - virCheckConnectReturn(conn, NULL); -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->connectGetDomainCapabilities) { - char *ret; --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch deleted file mode 100644 index 16f1a6d9..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch +++ /dev/null @@ -1,49 +0,0 @@ -From f5ace9c05d59b70d4899199a187cb32ec6f600d8 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> -Date: Fri, 14 Jun 2019 09:17:39 +0200 -Subject: [PATCH 11/11] api: disallow virConnect*HypervisorCPU on read-only - connections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -These APIs can be used to execute arbitrary emulators. -Forbid them on read-only connections. - -Fixes: CVE-2019-10168 -Signed-off-by: Ján Tomko <jtomko@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit bf6c2830b6c338b1f5699b095df36f374777b291) -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-10168 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/libvirt-host.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/src/libvirt-host.c b/src/libvirt-host.c -index e20d6ee..2978825 100644 ---- a/src/libvirt-host.c -+++ b/src/libvirt-host.c -@@ -1041,6 +1041,7 @@ virConnectCompareHypervisorCPU(virConnectPtr conn, - - virCheckConnectReturn(conn, VIR_CPU_COMPARE_ERROR); - virCheckNonNullArgGoto(xmlCPU, error); -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->connectCompareHypervisorCPU) { - int ret; -@@ -1234,6 +1235,7 @@ virConnectBaselineHypervisorCPU(virConnectPtr conn, - - virCheckConnectReturn(conn, NULL); - virCheckNonNullArgGoto(xmlCPUs, error); -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->connectBaselineHypervisorCPU) { - char *cpu; --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-3840.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-3840.patch deleted file mode 100644 index 8cca8216..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-3840.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 9ed175fbc2deecfdaeabca7bc77c7e7ae33a3377 Mon Sep 17 00:00:00 2001 -From: John Ferlan <jferlan@redhat.com> -Date: Fri, 7 Sep 2018 16:01:27 -0400 -Subject: [PATCH] qemu: Remove duplicated qemuAgentCheckError - -Commit 5b3492fadb moved qemuAgentCheckError calls into -qemuAgentCommand for various reasons; however, subsequent -commit 0977b8aa0 adding a new command made call again -So let's just remove the duplicitous call from -qemuAgentGetInterfaces. - -Signed-off-by: John Ferlan <jferlan@redhat.com> -ACKed-by: Michal Privoznik <mprivozn@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-3840 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/qemu/qemu_agent.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -Index: libvirt-4.7.0/src/qemu/qemu_agent.c -=================================================================== ---- libvirt-4.7.0.orig/src/qemu/qemu_agent.c -+++ libvirt-4.7.0/src/qemu/qemu_agent.c -@@ -1987,10 +1987,9 @@ qemuAgentGetInterfaces(qemuAgentPtr mon, - if (!(cmd = qemuAgentMakeCommand("guest-network-get-interfaces", NULL))) - goto cleanup; - -- if (qemuAgentCommand(mon, cmd, &reply, false, VIR_DOMAIN_QEMU_AGENT_COMMAND_BLOCK) < 0 || -- qemuAgentCheckError(cmd, reply) < 0) { -+ if (qemuAgentCommand(mon, cmd, &reply, false, -+ VIR_DOMAIN_QEMU_AGENT_COMMAND_BLOCK) < 0) - goto cleanup; -- } - - if (!(ret_array = virJSONValueObjectGet(reply, "return"))) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch index 0a9d5f48..eb75b5a4 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch @@ -1,4 +1,4 @@ -From f10477f0fe5e4b7487a4a41faa216d10cd2bc7c3 Mon Sep 17 00:00:00 2001 +From d074f34dd0fc671ab05367eda9cc7a965708fbed Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Thu, 10 May 2018 12:05:04 -0400 Subject: [PATCH] configure.ac: search for rpc/rpc.h in the sysroot @@ -10,20 +10,21 @@ for libtirpc's rpc.h header. Upstream-Status: Inappropriate [old release] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- m4/virt-xdr.m4 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/m4/virt-xdr.m4 b/m4/virt-xdr.m4 -index 5a6408c..6c19f6d 100644 +index 8375415..12b51f7 100644 --- a/m4/virt-xdr.m4 +++ b/m4/virt-xdr.m4 -@@ -33,10 +33,10 @@ if test x"$with_remote" = x"yes" || test x"$with_libvirtd" = x"yes"; then - dnl check for cygwin's variation in xdr function names - AC_CHECK_FUNCS([xdr_u_int64_t],[],[],[#include <rpc/xdr.h>]) +@@ -30,10 +30,10 @@ AC_DEFUN([LIBVIRT_CHECK_XDR], [ + ]) + with_xdr="yes" -- dnl Cygwin/recent glibc requires -I/usr/include/tirpc for <rpc/rpc.h> -+ dnl Cygwin/recent glibc requires -I=/usr/include/tirpc for <rpc/rpc.h> +- dnl Recent glibc requires -I/usr/include/tirpc for <rpc/rpc.h> ++ dnl Recent glibc requires -I=/usr/include/tirpc for <rpc/rpc.h> old_CFLAGS=$CFLAGS AC_CACHE_CHECK([where to find <rpc/rpc.h>], [lv_cv_xdr_cflags], [ - for add_CFLAGS in '' '-I/usr/include/tirpc' 'missing'; do @@ -31,6 +32,3 @@ index 5a6408c..6c19f6d 100644 if test x"$add_CFLAGS" = xmissing; then lv_cv_xdr_cflags=missing; break fi --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/gnutls-helper.py b/external/meta-virtualization/recipes-extended/libvirt/libvirt/gnutls-helper.py new file mode 100755 index 00000000..b9949469 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/gnutls-helper.py @@ -0,0 +1,136 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2019 Wind River Systems, Inc. +# +# SPDX-License-Identifier: GPL-2.0-only +# + +import os, sys, getopt + +banner = \ +'''\ +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!! "ip_address" field of server.info must be IP address of the server. !! +!! For more details, please refer to: !! +!! https://libvirt.org/remote.html#Remote_certificates !! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +Please deploy cacert.pem to CA and server and client /etc/pki/CA/cacert.pem +Please deploy serverkey.pem to server /etc/pki/libvirt/private/serverkey.pem +Please deploy servercert.pem to server /etc/pki/libvirt/servercert.pem +Please deploy clientkey.pem to client /etc/pki/libvirt/private/clientkey.pem +Please deploy clientcert.pem to client /etc/pki/libvirt/clientcert.pem" +''' + +if os.system('which certtool > /dev/null 2>&1') != 0: + print('certtool is not available. It is provided by \n\ +gnutls-bin on Yocto like Linux or \n\ +gnutls-bin on Debian like distribution or \n\ +gnutls-utils on Redhat like distribution.') + sys.exit() + +cainfo = "" +serverinfo = "" +clientinfo = "" +yes = 0 + +try: + opts, args = getopt.getopt(sys.argv[1:], "ha:b:c:y", ["help", "ca-info=", "server-info=", "client-info=", "yes"]) +except getopt.GetoptError: + print('Usage:\n{} [-a|--ca-info] <ca.info> [-b|--server-info] <server.info> [-c|--client-info] <client.info> [-y|--yes]'.format(sys.argv[0])) + print('If ca.info or server.info or client.info is not provided, a corresponding sample file will be generated.') + sys.exit(2) +for opt, arg in opts: + if opt in ("-h", "--help"): + print('Usage:\n{} [-a|--ca-info] <ca.info> [-b|--server-info] <server.info> [-c|--client-info] <client.info> [-y|--yes]'.format(sys.argv[0])) + print('If ca.info or server.info or client.info is not provided, a corresponding sample file will be generated.\n') + print(banner) + sys.exit() + elif opt in ("-a", "--ca-info"): + cainfo = arg + elif opt in ("-b", "--server-info"): + serverinfo = arg + elif opt in ("-c", "--client-info"): + clientinfo = arg + elif opt in ("-y", "--yes"): + yes = 1 + +cainfodefault = \ +'''cn = CA +ca +cert_signing_key +''' + +serverinfodefault = \ +'''organization = Organization +cn = Server +dns_name = DNS Name +ip_address = 127.0.0.1 +tls_www_server +encryption_key +signing_key +''' + +clientinfodefault = \ +'''country = Country +state = State +locality = Locality +organization = Organization +cn = Client +tls_www_client +encryption_key +signing_key +''' + +if not cainfo: + if yes == 0: + opt = input('{}\nca.info not provided by -a, the above will be used [y/n]?'.format(cainfodefault)) + if opt != 'y': + exit() + cainfo = "ca.info" + with open(cainfo, mode='w') as f: + f.write(cainfodefault) + +if not serverinfo: + if yes == 0: + opt = input('{}\nserver.info not provided by -b, the above will be used [y/n]?'.format(serverinfodefault)) + if opt != 'y': + exit() + serverinfo = "server.info" + with open(serverinfo, mode='w') as f: + f.write(serverinfodefault) + +if not clientinfo: + if yes == 0: + opt = input('{}\nclient.info not provided by -c, the above will be used [y/n]?'.format(clientinfodefault)) + if opt != 'y': + sys.exit() + clientinfo = "client.info" + with open(clientinfo, mode='w') as f: + f.write(clientinfodefault) + +if os.system("certtool --generate-privkey > cakey.pem") != 0: + print('ca private key failed.') + sys.exit() + +if os.system("certtool --generate-self-signed --load-privkey cakey.pem --template {} --outfile cacert.pem".format(cainfo)) != 0: + print('ca cert failed.') + sys.exit() + +if os.system("certtool --generate-privkey > serverkey.pem") != 0: + print('server private key failed.') + sys.exit() + +if os.system("certtool --generate-certificate --load-privkey serverkey.pem --load-ca-certificate cacert.pem --load-ca-privkey cakey.pem --template {} --outfile servercert.pem".format(serverinfo)) != 0: + print('server cert failed.') + sys.exit() + +if os.system("certtool --generate-privkey > clientkey.pem") != 0: + print('client private key failed.') + sys.exit() + +if os.system("certtool --generate-certificate --load-privkey clientkey.pem --load-ca-certificate cacert.pem --load-ca-privkey cakey.pem --template {} --outfile clientcert.pem".format(clientinfo)) != 0: + print('client cert failed.') + sys.exit() + +print(banner) diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/hook_support.py b/external/meta-virtualization/recipes-extended/libvirt/libvirt/hook_support.py new file mode 100755 index 00000000..7c5e2a94 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/hook_support.py @@ -0,0 +1,55 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2014 Wind River Systems, Inc. +# +# Description: Calls other scripts in order, so that there can be multiple +# scripts for a particular hook tied to libvirt. +# +# For example: If this script is called "qemu" and is in the +# "/etc/libvirt/hooks/" directory. This script will be called by libvirt +# when certain actions are performed on a qemu guest. This script then +# will in turn call any executable file in the same directory matching +# "qemu-" followed by at least one alpha-numeric character. The scripts +# are called in order (based on the python sorted function), and once any +# sub-script returns a non-zero exit code no futher scripts are called. +# This script passes any arguments it retrieves on the command line and a +# copy of stdin to the sub-scripts it calls. + +import os +import re +import subprocess +import sys + +def main(): + return_value = 0 + hook_name = os.path.basename( __file__ ) + try: + hook_dir = os.path.dirname( __file__ ) + hook_args = sys.argv + del hook_args[ 0 ] # Remove executable from argument list + + # Save stdin, so we can pass it to each sub-script. + if sys.stdin.isatty(): + stdin_save = [ "" ] + else: + stdin_save = sys.stdin.readlines() + # Match the name name of the hook + a dash + atleast + # one alpha-numeric character. + matcher = re.compile( "%s-\w+" % hook_name ) + for file_name in sorted( os.listdir( hook_dir ) ): + file_path = os.path.join( hook_dir, file_name ) + if matcher.match( file_name ) \ + and os.access( file_path, os.X_OK ) \ + and os.path.isfile( file_path ) \ + and return_value == 0: + cmd = [ file_path ] + hook_args + p = subprocess.Popen( cmd, stdin=subprocess.PIPE ) + p.communicate( input = ''.join( stdin_save ) )[0] + return_value = p.wait() + except Exception as e: + sys.stderr.write( "%s hook error: %s\n" % ( hook_name, str( e ) ) ) + return_value = 1 + return return_value + +if __name__ == '__main__': + sys.exit( main() ) diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/install-missing-file.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/install-missing-file.patch index cb5a20e3..f9341491 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/install-missing-file.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/install-missing-file.patch @@ -1,6 +1,6 @@ -From 0780181a3285511f166487a54ebc231fc657edfe Mon Sep 17 00:00:00 2001 -From: Catalin Enache <catalin.enache@windriver.com> -Date: Mon, 25 Jul 2016 16:38:51 +0300 +From 75c974d28133ff85d299b7a53427653c47513a45 Mon Sep 17 00:00:00 2001 +From: Dengke Du <dengke.du@windriver.com> +Date: Wed, 8 May 2019 17:24:17 +0800 Subject: [PATCH] Install missing conf file openvzutilstest.conf file is needed by openvzutilstest test. @@ -12,15 +12,18 @@ Signed-off-by: Catalin Enache <catalin.enache@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com> [MA: Update context for v4.3.0] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> +[DDU: Update context for v5.3.0] +Signed-off-by: Dengke Du <dengke.du@windriver.com> + --- tests/Makefile.am | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am -index 65f776e..8a6fd44 100644 +index 7a0aee3..380637d 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am -@@ -173,6 +173,7 @@ EXTRA_DIST = \ +@@ -172,6 +172,7 @@ EXTRA_DIST = \ $(NULL) test_helpers = commandhelper ssh @@ -28,7 +31,7 @@ index 65f776e..8a6fd44 100644 test_programs = virshtest sockettest \ virhostcputest virbuftest \ commandtest seclabeltest \ -@@ -305,6 +306,7 @@ endif WITH_LXC +@@ -310,6 +311,7 @@ endif WITH_LXC if WITH_OPENVZ test_programs += openvzutilstest @@ -36,7 +39,7 @@ index 65f776e..8a6fd44 100644 endif WITH_OPENVZ if WITH_ESX -@@ -1488,7 +1490,7 @@ endif ! WITH_CIL +@@ -1553,7 +1555,7 @@ endif ! WITH_LINUX buildtest-TESTS: $(TESTS) $(test_libraries) $(test_helpers) @@ -45,7 +48,3 @@ index 65f776e..8a6fd44 100644 install-ptest: list='$(TESTS) $(test_helpers) test-lib.sh virschematest' - --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt-use-pkg-config-to-locate-libcap.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt-use-pkg-config-to-locate-libcap.patch index 635d1e81..e6c7cae5 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt-use-pkg-config-to-locate-libcap.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt-use-pkg-config-to-locate-libcap.patch @@ -1,4 +1,4 @@ -From 3e271f6db12ffe34843428ec2f0bca7a8fe3aa65 Mon Sep 17 00:00:00 2001 +From 57b645c6db405bf2e22f4589ea5560a14975058f Mon Sep 17 00:00:00 2001 From: Bruce Ashfield <bruce.ashfield@windriver.com> Date: Wed, 8 Apr 2015 13:03:03 -0400 Subject: [PATCH] libvirt: use pkg-config to locate libcap @@ -14,18 +14,19 @@ locate the correct libraries. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> [MA: Update to apply agains v4.3.0] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- m4/virt-libpcap.m4 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/m4/virt-libpcap.m4 b/m4/virt-libpcap.m4 -index 8fa4889..08b2f53 100644 +index 605c2fd..e0ab018 100644 --- a/m4/virt-libpcap.m4 +++ b/m4/virt-libpcap.m4 @@ -23,14 +23,14 @@ AC_DEFUN([LIBVIRT_ARG_LIBPCAP], [ AC_DEFUN([LIBVIRT_CHECK_LIBPCAP], [ - LIBPCAP_REQUIRED="1.0.0" + LIBPCAP_REQUIRED="1.5.0" - LIBPCAP_CONFIG="pcap-config" + LIBPCAP_CONFIG="pkg-config libpcap" LIBPCAP_CFLAGS="" @@ -40,6 +41,3 @@ index 8fa4889..08b2f53 100644 esac AS_IF([test "x$LIBPCAP_CONFIG" != "x"], [ AC_MSG_CHECKING(libpcap $LIBPCAP_CONFIG >= $LIBPCAP_REQUIRED ) --- -2.1.0 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt_api_xml_path.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt_api_xml_path.patch deleted file mode 100644 index 30c30e88..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/libvirt_api_xml_path.patch +++ /dev/null @@ -1,87 +0,0 @@ -Adding support for LIBVIRT_CFLAGS and LIBVIRT_LIBS - -Signed-off-by: Amy Fong <amy.fong@windriver.com> - - -Adding a support for LIBVIRT_API_PATH evironment variable, which can -control where the script should look for the 'libvirt-api.xml' file. -This allows building libvirt-python against different libvirt than the -one installed in the system. This may be used for example in autotest -or by packagers without the need to install libvirt into the system. - -Signed-off-by: Martin Kletzander <mkletzan redhat com> -[ywei: rebased to 1.3.2] -Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com> ---- - setup.py | 35 ++++++++++++++++++++++++----------- - 1 file changed, 24 insertions(+), 11 deletions(-) - -diff --git a/setup.py b/setup.py -index eff9d54..48ec4fe 100755 ---- a/setup.py -+++ b/setup.py -@@ -43,13 +43,7 @@ def check_minimum_libvirt_version(): - "libvirt"]) - - def have_libvirt_lxc(): -- try: -- spawn([get_pkgcfg(), -- "--atleast-version=%s" % MIN_LIBVIRT_LXC, -- "libvirt"]) -- return True -- except DistutilsExecError: -- return False -+ return True - - def have_libvirtaio(): - # This depends on asyncio, which in turn depends on "yield from" syntax. -@@ -77,7 +71,17 @@ def get_api_xml_files(): - """Check with pkg-config that libvirt is present and extract - the API XML file paths we need from it""" - -- libvirt_api = get_pkgconfig_data(["--variable", "libvirt_api"], "libvirt") -+ libvirt_api = os.getenv("LIBVIRT_API_PATH") -+ -+ if libvirt_api: -+ if not libvirt_api.endswith("-api.xml"): -+ raise ValueError("Invalid path '%s' for API XML" % libvirt_api) -+ if not os.path.exists(libvirt_api): -+ raise ValueError("API XML '%s' does not exist, " -+ "have you built libvirt?" % libvirt_api) -+ else: -+ libvirt_api = get_pkgconfig_data(["--variable", "libvirt_api"], -+ "libvirt") - - offset = libvirt_api.index("-api.xml") - libvirt_qemu_api = libvirt_api[0:offset] + "-qemu-api.xml" -@@ -97,8 +101,17 @@ def get_module_lists(): - - c_modules = [] - py_modules = [] -- ldflags = get_pkgconfig_data(["--libs-only-L"], "libvirt", False).split() -- cflags = get_pkgconfig_data(["--cflags"], "libvirt", False).split() -+ libvirt_cflags = os.getenv("LIBVIRT_CFLAGS") -+ if libvirt_cflags: -+ cflags = libvirt_cflags.split() -+ else: -+ cflags = get_pkgconfig_data(["--cflags"], "libvirt", False).split() -+ -+ libvirt_libs = os.getenv("LIBVIRT_LIBS") -+ if libvirt_libs: -+ ldflags = libvirt_libs.split() -+ else: -+ ldflags = get_pkgconfig_data(["--libs-only-L"], "libvirt", False).split() - - module = Extension('libvirtmod', - sources = ['libvirt-override.c', 'build/libvirt.c', 'typewrappers.c', 'libvirt-utils.c'], -@@ -144,7 +157,7 @@ def get_module_lists(): - class my_build(build): - - def run(self): -- check_minimum_libvirt_version() -+# check_minimum_libvirt_version() - apis = get_api_xml_files() - - self.spawn([sys.executable, "generator.py", "libvirt", apis[0]]) --- -2.17.0 diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/lxc_monitor-Avoid-AB-BA-lock-race.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/lxc_monitor-Avoid-AB-BA-lock-race.patch deleted file mode 100644 index fc3880fb..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/lxc_monitor-Avoid-AB-BA-lock-race.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 7882c6eca53fe9abe253497a50f6c5ae062176d3 Mon Sep 17 00:00:00 2001 -From: Mark Asselstine <mark.asselstine@windriver.com> -Date: Mon, 24 Sep 2018 11:11:35 -0400 -Subject: [PATCH] lxc_monitor: Avoid AB / BA lock race - -A deadlock situation can occur when autostarting a LXC domain 'guest' -due to two threads attempting to take opposing locks while holding -opposing locks (AB BA problem). Thread A takes and holds the 'vm' lock -while attempting to take the 'client' lock, meanwhile, thread B takes -and holds the 'client' lock while attempting to take the 'vm' lock. - -The potential for this can be seen as follows: - -Thread A: -virLXCProcessAutostartDomain (takes vm lock) - --> virLXCProcessStart - --> virLXCProcessConnectMonitor - --> virLXCMonitorNew - --> virNetClientSetCloseCallback (wants client lock) - -Thread B: -virNetClientIncomingEvent (takes client lock) - --> virNetClientIOHandleInput - --> virNetClientCallDispatch - --> virNetClientCallDispatchMessage - --> virNetClientProgramDispatch - --> virLXCMonitorHandleEventInit - --> virLXCProcessMonitorInitNotify (wants vm lock) - -Since these threads are scheduled independently and are preemptible it -is possible for the deadlock scenario to occur where each thread locks -their first lock but both will fail to get their second lock and just -spin forever. You get something like: - -virLXCProcessAutostartDomain (takes vm lock) - --> virLXCProcessStart - --> virLXCProcessConnectMonitor - --> virLXCMonitorNew -<...> -virNetClientIncomingEvent (takes client lock) - --> virNetClientIOHandleInput - --> virNetClientCallDispatch - --> virNetClientCallDispatchMessage - --> virNetClientProgramDispatch - --> virLXCMonitorHandleEventInit - --> virLXCProcessMonitorInitNotify (wants vm lock but spins) -<...> - --> virNetClientSetCloseCallback (wants client lock but spins) - -Neither thread ever gets the lock it needs to be able to continue -while holding the lock that the other thread needs. - -The actual window for preemption which can cause this deadlock is -rather small, between the calls to virNetClientProgramNew() and -execution of virNetClientSetCloseCallback(), both in -virLXCMonitorNew(). But it can be seen in real world use that this -small window is enough. - -By moving the call to virNetClientSetCloseCallback() ahead of -virNetClientProgramNew() we can close any possible chance of the -deadlock taking place. There should be no other implications to the -move since the close callback (in the unlikely event was called) will -spin on the vm lock. The remaining work that takes place between the -old call location of virNetClientSetCloseCallback() and the new -location is unaffected by the move. - -Upstream-Status: Backport commit 7882c6eca53f - -Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> -Signed-off-by: Michal Privoznik <mprivozn@redhat.com> ---- - src/lxc/lxc_monitor.c | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/src/lxc/lxc_monitor.c b/src/lxc/lxc_monitor.c -index e765c16..0b18a14 100644 ---- a/src/lxc/lxc_monitor.c -+++ b/src/lxc/lxc_monitor.c -@@ -161,6 +161,13 @@ virLXCMonitorPtr virLXCMonitorNew(virDomainObjPtr vm, - if (virNetClientRegisterAsyncIO(mon->client) < 0) - goto error; - -+ /* avoid deadlock by making this call before assigning virLXCMonitorEvents */ -+ virNetClientSetCloseCallback(mon->client, virLXCMonitorEOFNotify, mon, -+ virLXCMonitorCloseFreeCallback); -+ -+ /* close callback now has its own reference */ -+ virObjectRef(mon); -+ - if (!(mon->program = virNetClientProgramNew(VIR_LXC_MONITOR_PROGRAM, - VIR_LXC_MONITOR_PROGRAM_VERSION, - virLXCMonitorEvents, -@@ -175,10 +182,6 @@ virLXCMonitorPtr virLXCMonitorNew(virDomainObjPtr vm, - mon->vm = virObjectRef(vm); - memcpy(&mon->cb, cb, sizeof(mon->cb)); - -- virObjectRef(mon); -- virNetClientSetCloseCallback(mon->client, virLXCMonitorEOFNotify, mon, -- virLXCMonitorCloseFreeCallback); -- - cleanup: - VIR_FREE(sockpath); - return mon; --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/runptest.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/runptest.patch index 457e8218..9f3ad678 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/runptest.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/runptest.patch @@ -1,7 +1,7 @@ -From 94478517c4f9950b28be3a348387db6ede3db812 Mon Sep 17 00:00:00 2001 -From: Mark Asselstine <mark.asselstine@windriver.com> -Date: Mon, 4 Jun 2018 11:55:37 -0400 -Subject: [PATCH] Add 'install-ptest' rule. +From 9d6bfb4a5e9b44c080ddf3bad4c364ffb0e9d84a Mon Sep 17 00:00:00 2001 +From: Dengke Du <dengke.du@windriver.com> +Date: Wed, 8 May 2019 10:20:47 +0800 +Subject: [PATCH] Add 'install-ptest' rule Change TESTS_ENVIRONMENT to allow running outside build dir. @@ -15,15 +15,18 @@ Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: He Zhe <zhe.he@windriver.com> [MA: Update context for v4.3.0] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> +[DDU: Update context for v5.3.0] +Signed-off-by: Dengke Du <dengke.du@windriver.com> + --- - tests/Makefile.am | 74 +++++++++++++++++++++++++++++++++++++++++++++---------- - 1 file changed, 61 insertions(+), 13 deletions(-) + tests/Makefile.am | 68 +++++++++++++++++++++++++++++++++++++++++------ + 1 file changed, 60 insertions(+), 8 deletions(-) diff --git a/tests/Makefile.am b/tests/Makefile.am -index 7b93fbd..edc1eb9 100644 +index 83326db..7a0aee3 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am -@@ -35,11 +35,13 @@ INCLUDES = \ +@@ -28,11 +28,13 @@ AM_CPPFLAGS = \ WARN_CFLAGS += $(RELAXED_FRAME_LIMIT_CFLAGS) @@ -31,52 +34,34 @@ index 7b93fbd..edc1eb9 100644 + AM_CFLAGS = \ - -Dabs_builddir="\"$(abs_builddir)\"" \ -- -Dabs_topbuilddir="\"$(abs_topbuilddir)\"" \ +- -Dabs_top_builddir="\"$(abs_top_builddir)\"" \ - -Dabs_srcdir="\"$(abs_srcdir)\"" \ -- -Dabs_topsrcdir="\"$(abs_topsrcdir)\"" \ +- -Dabs_top_srcdir="\"$(abs_top_srcdir)\"" \ + -Dabs_builddir="\"$(PTEST_DIR)/tests\"" \ -+ -Dabs_topbuilddir="\"$(PTEST_DIR)\"" \ ++ -Dabs_top_builddir="\"$(PTEST_DIR)\"" \ + -Dabs_srcdir="\"$(PTEST_DIR)/tests\"" \ -+ -Dabs_topsrcdir="\"$(PTEST_DIR)\"" \ ++ -Dabs_top_srcdir="\"$(PTEST_DIR)\"" \ $(LIBXML_CFLAGS) \ + $(GLIB_CFLAGS) \ $(LIBNL_CFLAGS) \ - $(GNUTLS_CFLAGS) \ -@@ -64,7 +66,7 @@ QEMULIB_LDFLAGS = \ - $(MINGW_EXTRA_LDFLAGS) - - INCLUDES += \ -- -DTEST_DRIVER_DIR=\"$(top_builddir)/src/.libs\" -+ -DTEST_DRIVER_DIR=\"$(PTEST_DIR)/src/.libs\" +@@ -472,10 +474,10 @@ TESTS = $(test_programs) \ - PROBES_O = - if WITH_DTRACE_PROBES -@@ -466,17 +468,15 @@ TESTS = $(test_programs) \ - # Also, BSD sh doesn't like 'a=b b=$$a', so we can't use an - # intermediate shell variable, but must do all the expansion in make - --lv_abs_top_builddir=$(shell cd '$(top_builddir)' && pwd) -- VIR_TEST_EXPENSIVE ?= $(VIR_TEST_EXPENSIVE_DEFAULT) TESTS_ENVIRONMENT = \ -- abs_top_builddir=$(lv_abs_top_builddir) \ -- abs_top_srcdir=`cd '$(top_srcdir)'; pwd` \ -- abs_builddir=$(abs_builddir) \ -- abs_srcdir=$(abs_srcdir) \ -- CONFIG_HEADER="$(lv_abs_top_builddir)/config.h" \ +- abs_top_builddir="$(abs_top_builddir)" \ +- abs_top_srcdir="$(abs_top_srcdir)" \ +- abs_builddir="$(abs_builddir)" \ +- abs_srcdir="$(abs_srcdir)" \ + abs_top_builddir="$(PTEST_DIR)" \ + abs_top_srcdir="$(PTEST_DIR)" \ + abs_builddir="$(PTEST_DIR)/tests" \ + abs_srcdir="$(PTEST_DIR)/tests" \ -+ CONFIG_HEADER="$(PTEST_DIR)/config.h" \ - SHELL="$(SHELL)" \ -- LIBVIRT_DRIVER_DIR="$(lv_abs_top_builddir)/src/.libs" \ -+ LIBVIRT_DRIVER_DIR="$(PTEST_DIR)/src/.libs" \ LIBVIRT_AUTOSTART=0 \ LC_ALL=C \ VIR_TEST_EXPENSIVE=$(VIR_TEST_EXPENSIVE) \ -@@ -1486,5 +1486,55 @@ else ! WITH_CIL - EXTRA_DIST += objectlocking.ml - endif ! WITH_CIL +@@ -1549,4 +1551,54 @@ else ! WITH_LINUX + EXTRA_DIST += virscsitest.c + endif ! WITH_LINUX +buildtest-TESTS: $(TESTS) $(test_libraries) $(test_helpers) + @@ -94,7 +79,7 @@ index 7b93fbd..edc1eb9 100644 + install ../src/libvirt_iohelper $(DEST_DIR)/src + install -D ../src/libvirtd $(DEST_DIR)/src/libvirtd + install -d $(DEST_DIR)/src/remote -+ install -D $(top_srcdir)/src/remote/libvirtd.conf $(DEST_DIR)/src/remote/libvirtd.conf ++ install -D $(top_srcdir)/../build/src/remote/libvirtd.conf $(DEST_DIR)/src/remote/libvirtd.conf + install -d $(DEST_DIR)/src/remote/.libs + @(if [ -d ../src/remote/.libs ] ; then cd ../src/remote/.libs; fi; \ + install * $(DEST_DIR)/src/remote/.libs) @@ -128,8 +113,4 @@ index 7b93fbd..edc1eb9 100644 + sed -i -e 's|$(BUILD_DIR)|$(PTEST_DIR)|g' $(DEST_DIR)/Makefile + sed -i -e 's|^\(.*\.log:\) \(.*EXEEXT.*\)|\1|g' $(DEST_DIR)/tests/Makefile + - CLEANFILES = *.cov *.gcov .libs/*.gcda .libs/*.gcno *.gcno *.gcda *.cmi *.cmx \ - objectlocking-files.txt --- -2.7.4 - + CLEANFILES = *.cov *.gcov .libs/*.gcda .libs/*.gcno *.gcno *.gcda diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch index 5f6f9502..f03cc890 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch @@ -1,6 +1,6 @@ -From f73c5c61c921bf773dcba5e4234e23afce5dbe7f Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield <bruce.ashfield@windriver.com> -Date: Fri, 2 Aug 2013 11:38:43 -0400 +From a1696741375c6faca0d09ae6b271a2c56fc2b6fe Mon Sep 17 00:00:00 2001 +From: Dengke Du <dengke.du@windriver.com> +Date: Tue, 7 May 2019 15:26:32 +0800 Subject: [PATCH] tools: add libvirt-net-rpc to virt-host-validate when TLS is enabled @@ -13,30 +13,34 @@ Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com> [MA: rebase to v4.3.0] Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> +[ddu: rebase to v5.3.0] +Signed-off-by: Dengke Du <dengke.du@windriver.com> + --- - examples/Makefile.am | 19 +++++++++++++++++++ - tools/Makefile.am | 13 +++++++++++++ + examples/Makefile.am | 20 ++++++++++++++++++++ + tools/Makefile.am | 12 ++++++++++++ 2 files changed, 32 insertions(+) diff --git a/examples/Makefile.am b/examples/Makefile.am -index 7069d74..c8893e3 100644 +index ad635bd..a94f41d 100644 --- a/examples/Makefile.am +++ b/examples/Makefile.am -@@ -39,6 +39,10 @@ LDADD = $(STATIC_BINARIES) $(WARN_CFLAGS) $(COVERAGE_LDFLAGS) \ - $(top_builddir)/src/libvirt.la $(top_builddir)/gnulib/lib/libgnu.la \ - $(top_builddir)/src/libvirt-admin.la +@@ -74,6 +74,10 @@ LDADD = \ + $(top_builddir)/src/libvirt-admin.la \ + $(NULL) +if WITH_GNUTLS +LDADD += $(top_builddir)/src/libvirt-net-rpc.la +endif + - noinst_PROGRAMS=dominfo/info1 dommigrate/dommigrate domsuspend/suspend \ - domtop/domtop hellolibvirt/hellolibvirt object-events/event-test \ - openauth/openauth rename/rename admin/list_servers admin/list_clients \ -@@ -70,6 +74,21 @@ admin_logging_SOURCES = admin/logging.c - INSTALL_DATA_LOCAL = - UNINSTALL_LOCAL = + noinst_PROGRAMS = \ + c/admin/client_close \ + c/admin/client_info \ +@@ -111,6 +115,22 @@ c_misc_openauth_SOURCES = c/misc/openauth.c + examplesdir = $(docdir)/examples + adminexamplesdir = $(examplesdir)/c/admin ++ +if WITH_GNUTLS +dominfo_info1_LDADD = $(top_builddir)/src/libvirt-net-rpc.la \ + $(LDADD) \ @@ -52,15 +56,15 @@ index 7069d74..c8893e3 100644 + $(NULL) +endif + - if WITH_APPARMOR_PROFILES - apparmordir = $(sysconfdir)/apparmor.d/ - apparmor_DATA = \ + adminexamples_DATA = $(ADMIN_EXAMPLES) + + domainexamplesdir = $(examplesdir)/c/domain diff --git a/tools/Makefile.am b/tools/Makefile.am -index 1452d98..204e772 100644 +index 53df930..2a0a989 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am -@@ -188,6 +188,13 @@ virt_host_validate_LDADD = \ - ../gnulib/lib/libgnu.la \ +@@ -166,6 +166,12 @@ virt_host_validate_LDADD = \ + $(GLIB_LIBS) \ $(NULL) +if WITH_GNUTLS @@ -69,11 +73,10 @@ index 1452d98..204e772 100644 + $(NULL) +endif + -+ virt_host_validate_CFLAGS = \ $(AM_CFLAGS) \ $(NULL) -@@ -268,6 +275,12 @@ virt_admin_CFLAGS = \ +@@ -262,6 +268,12 @@ virt_admin_CFLAGS = \ $(READLINE_CFLAGS) BUILT_SOURCES = @@ -86,6 +89,3 @@ index 1452d98..204e772 100644 if WITH_WIN_ICON virsh_LDADD += virsh_win_icon.$(OBJEXT) --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt_4.7.0.bb b/external/meta-virtualization/recipes-extended/libvirt/libvirt_6.1.0.bb index 1d3b48e8..9aa78b77 100644 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt_4.7.0.bb +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt_6.1.0.bb @@ -8,7 +8,9 @@ SECTION = "console/tools" DEPENDS = "bridge-utils gnutls libxml2 lvm2 avahi parted curl libpcap util-linux e2fsprogs pm-utils \ iptables dnsmasq readline libtasn1 libxslt-native acl libdevmapper libtirpc \ - ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'shadow-native', '', d)}" + python3-docutils-native \ + ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'shadow-native', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'gnutls', 'gnutls-native', '', d)}" # libvirt-guests.sh needs gettext.sh # @@ -35,25 +37,18 @@ SRC_URI = "http://libvirt.org/sources/libvirt-${PV}.tar.xz;name=libvirt \ file://install-missing-file.patch \ file://0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch \ file://configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch \ - file://lxc_monitor-Avoid-AB-BA-lock-race.patch \ - file://CVE-2019-3840.patch \ - file://0001-cpu_x86-Do-not-cache-microcode-version.patch \ - file://0002-qemu-Don-t-cache-microcode-version.patch \ - file://CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p1.patch \ - file://CVE-2018-12126_CVE-2018-12127_CVE-2018-12130_CVE-2019-11091_p2.patch \ - file://CVE-2019-10132_p1.patch \ - file://CVE-2019-10132_p2.patch \ - file://CVE-2019-10132_p3.patch \ - file://CVE-2019-10161.patch \ - file://CVE-2019-10166.patch \ - file://CVE-2019-10167.patch \ - file://CVE-2019-10168.patch \ + file://0001-build-drop-unnecessary-libgnu.la-reference.patch \ + file://hook_support.py \ + file://gnutls-helper.py \ " -SRC_URI[libvirt.md5sum] = "38da6c33250dcbc0a6d68de5c758262b" -SRC_URI[libvirt.sha256sum] = "92c279f7321624ac5a37a81f8bbe8c8d2a16781da04c63c99c92d3de035767e4" +SRC_URI[libvirt.md5sum] = "a870e63f20fac2ccf98e716d05256145" +SRC_URI[libvirt.sha256sum] = "167c185be45560e73dd3e14ed375778b555c01455192de2dafc4d0f74fabebc0" -inherit autotools gettext update-rc.d pkgconfig ptest systemd +inherit autotools gettext update-rc.d pkgconfig ptest systemd useradd perlnative +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM_${PN} = "-r qemu; -r kvm" +USERADD_PARAM_${PN} = "-r -g qemu -G kvm qemu" # Override the default set in autotools.bbclass so that we will use relative pathnames # to our local m4 files. This prevents an "Argument list too long" error during configuration @@ -128,6 +123,7 @@ FILES_${PN}-libvirtd = " \ ${sbindir}/libvirtd \ ${systemd_unitdir}/system/* \ ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', '', '${libexecdir}/libvirt-guests.sh', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'gnutls', '${sysconfdir}/pki/libvirt/* ${sysconfdir}/pki/CA/*', '', d)} \ " FILES_${PN}-virsh = " \ @@ -140,6 +136,7 @@ FILES_${PN} += "${libdir}/libvirt/connection-driver \ ${@bb.utils.contains('PACKAGECONFIG', 'polkit', '${datadir}/polkit-1', '', d)} \ ${datadir}/bash-completion/completions/vsh \ ${datadir}/bash-completion/completions/virt-admin \ + /usr/lib/firewalld/zones/libvirt.xml \ " FILES_${PN}-dbg += "${libdir}/libvirt/connection-driver/.debug ${libdir}/libvirt/lock-driver/.debug" @@ -191,27 +188,30 @@ PRIVATE_LIBS_${PN}-ptest = " \ #PACKAGECONFIG ??= "xen libxl xen-inotify test remote libvirtd" # full config -PACKAGECONFIG ??= "qemu yajl uml openvz vmware vbox esx iproute2 lxc test \ +PACKAGECONFIG ??= "qemu yajl openvz vmware vbox esx iproute2 lxc test \ remote macvtap libvirtd netcf udev python ebtables \ + fuse iproute2 firewalld libpcap \ ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux audit libcap-ng', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'xen', 'libxl', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'polkit', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'polkit', 'polkit', '', d)} \ " # qemu is NOT compatible with mips64 PACKAGECONFIG_remove_mipsarchn32 = "qemu" PACKAGECONFIG_remove_mipsarchn64 = "qemu" +# numactl is NOT compatible with arm +PACKAGECONFIG_remove_arm = "numactl" +PACKAGECONFIG_remove_armeb = "numactl" + # enable,disable,depends,rdepends # -PACKAGECONFIG[qemu] = "--with-qemu,--without-qemu,qemu," +PACKAGECONFIG[gnutls] = ",,,gnutls-bin" +PACKAGECONFIG[qemu] = "--with-qemu --with-qemu-user=qemu --with-qemu-group=qemu,--without-qemu,qemu," PACKAGECONFIG[yajl] = "--with-yajl,--without-yajl,yajl,yajl" -PACKAGECONFIG[xenapi] = "--with-xenapi,--without-xenapi,," -PACKAGECONFIG[libxl] = "--with-libxl=${STAGING_DIR_TARGET}/lib,--without-libxl,libxl," -PACKAGECONFIG[uml] = "--with-uml, --without-uml,," +PACKAGECONFIG[libxl] = "--with-libxl=${STAGING_DIR_TARGET}/lib,--without-libxl,xen," PACKAGECONFIG[openvz] = "--with-openvz,--without-openvz,," PACKAGECONFIG[vmware] = "--with-vmware,--without-vmware,," -PACKAGECONFIG[phyp] = "--with-phyp,--without-phyp,," PACKAGECONFIG[vbox] = "--with-vbox,--without-vbox,," PACKAGECONFIG[esx] = "--with-esx,--without-esx,," PACKAGECONFIG[hyperv] = "--with-hyperv,--without-hyperv,," @@ -226,7 +226,7 @@ PACKAGECONFIG[dtrace] = "--with-dtrace,--without-dtrace,," PACKAGECONFIG[udev] = "--with-udev --with-pciaccess,--without-udev,udev libpciaccess," PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux," PACKAGECONFIG[ebtables] = "ac_cv_path_EBTABLES_PATH=/sbin/ebtables,ac_cv_path_EBTABLES_PATH=,ebtables,ebtables" -PACKAGECONFIG[python] = ",,python," +PACKAGECONFIG[python] = ",,python3," PACKAGECONFIG[sasl] = "--with-sasl,--without-sasl,cyrus-sasl,cyrus-sasl" PACKAGECONFIG[iproute2] = "ac_cv_path_IP_PATH=/sbin/ip,ac_cv_path_IP_PATH=,iproute2,iproute2" PACKAGECONFIG[numactl] = "--with-numactl,--without-numactl,numactl," @@ -234,10 +234,34 @@ PACKAGECONFIG[fuse] = "--with-fuse,--without-fuse,fuse," PACKAGECONFIG[audit] = "--with-audit,--without-audit,audit," PACKAGECONFIG[libcap-ng] = "--with-capng,--without-capng,libcap-ng," PACKAGECONFIG[wireshark] = "--with-wireshark-dissector,--without-wireshark-dissector,wireshark libwsutil," +PACKAGECONFIG[apparmor-profiles] = "--with-apparmor-profiles, --without-apparmor-profiles," +PACKAGECONFIG[firewalld] = "--with-firewalld, --without-firewalld," +PACKAGECONFIG[libpcap] = "--with-libpcap, --without-libpcap,libpcap,libpcap" +PACKAGECONFIG[numad] = "--with-numad, --without-numad," # Enable the Python tool support require libvirt-python.inc +do_compile() { + cd ${B}/src + # There may be race condition, but without creating these directories + # in the source tree, generation of files fails. + for i in access admin logging esx locking rpc hyperv lxc \ + remote network storage interface nwfilter node_device \ + secret vbox qemu; do + mkdir -p $i; + done + + cd ${B} + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:${B}/src:" + oe_runmake all +} + +do_install_prepend() { + # so the install routines can find the libvirt.pc in the source dir + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:${B}/src:" +} + do_install_append() { install -d ${D}/etc/init.d install -d ${D}/etc/libvirt @@ -294,6 +318,10 @@ do_install_append() { # Add hook support for libvirt mkdir -p ${D}/etc/libvirt/hooks + for hook in "daemon" "lxc" "network" "qemu" + do + install -m 0755 ${WORKDIR}/hook_support.py ${D}/etc/libvirt/hooks/${hook} + done # Force the main dnsmasq instance to bind only to specified interfaces and # to not bind to virbr0. Libvirt will run its own instance on this interface. @@ -303,6 +331,46 @@ do_install_append() { for i in `find ${D}${libdir} -type f -name *.la`; do sed -i -e 's#-L${B}/src/.libs##g' $i done + + sed -i -e 's/^\(unix_sock_group\ =\ \).*/\1"kvm"/' ${D}/etc/libvirt/libvirtd.conf + sed -i -e 's/^\(unix_sock_rw_perms\ =\ \).*/\1"0776"/' ${D}/etc/libvirt/libvirtd.conf + + case ${MACHINE_ARCH} in + *mips*) + break + ;; + *) + chown -R qemu:qemu ${D}/${localstatedir}/lib/libvirt/qemu + echo "d qemu qemu 0755 ${localstatedir}/cache/libvirt/qemu none" \ + >> ${D}${sysconfdir}/default/volatiles/99_libvirt + break + ;; + esac + + if ${@bb.utils.contains('PACKAGECONFIG','gnutls','true','false',d)}; then + # Generate sample keys and certificates. + cd ${WORKDIR} + ${WORKDIR}/gnutls-helper.py -y + + # Deploy all sample keys and certificates of CA, server and client + # to target so that libvirtd is able to boot successfully and local + # connection via 127.0.0.1 is available out of box. + install -d ${D}/etc/pki/CA + install -d ${D}/etc/pki/libvirt/private + install -m 0755 ${WORKDIR}/gnutls-helper.py ${D}/${bindir} + install -m 0644 ${WORKDIR}/cakey.pem ${D}/${sysconfdir}/pki/libvirt/private/cakey.pem + install -m 0644 ${WORKDIR}/cacert.pem ${D}/${sysconfdir}/pki/CA/cacert.pem + install -m 0644 ${WORKDIR}/serverkey.pem ${D}/${sysconfdir}/pki/libvirt/private/serverkey.pem + install -m 0644 ${WORKDIR}/servercert.pem ${D}/${sysconfdir}/pki/libvirt/servercert.pem + install -m 0644 ${WORKDIR}/clientkey.pem ${D}/${sysconfdir}/pki/libvirt/private/clientkey.pem + install -m 0644 ${WORKDIR}/clientcert.pem ${D}/${sysconfdir}/pki/libvirt/clientcert.pem + + # Force the connection to be tls. + sed -i -e 's/^\(listen_tls\ =\ .*\)/#\1/' -e 's/^\(listen_tcp\ =\ .*\)/#\1/' ${D}/etc/libvirt/libvirtd.conf + fi + + # virt-login-shell needs to run with setuid permission + chmod 4755 ${D}${bindir}/virt-login-shell } EXTRA_OECONF += " \ @@ -310,8 +378,15 @@ EXTRA_OECONF += " \ --with-test-suite \ " +# gcc9 end up mis-compiling qemuxml2argvtest.o with Og which then +# crashes on target, so remove -Og and use -O2 as workaround +SELECTED_OPTIMIZATION_remove_virtclass-multilib-lib32_mipsarch = "-Og" +SELECTED_OPTIMIZATION_append_virtclass-multilib-lib32_mipsarch = " -O2" + EXTRA_OEMAKE = "BUILD_DIR=${B} DEST_DIR=${D}${PTEST_PATH} PTEST_DIR=${PTEST_PATH} SYSTEMD_UNIT_DIR=${systemd_system_unitdir}" +PRIVATE_LIBS_${PN}-ptest_append = "libvirt-admin.so.0" + do_compile_ptest() { oe_runmake -C tests buildtest-TESTS } @@ -331,6 +406,7 @@ pkg_postinst_${PN}() { if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then /etc/init.d/populate-volatile.sh update fi + mkdir -m 711 -p $D/data/images } python () { diff --git a/external/meta-virtualization/recipes-extended/nagios/nagios-core_4.4.2.bb b/external/meta-virtualization/recipes-extended/nagios/nagios-core_4.4.3.bb index b2196eb3..7a86653b 100644 --- a/external/meta-virtualization/recipes-extended/nagios/nagios-core_4.4.2.bb +++ b/external/meta-virtualization/recipes-extended/nagios/nagios-core_4.4.3.bb @@ -20,12 +20,12 @@ SRC_URI = "http://prdownloads.sourceforge.net/sourceforge/${SRCNAME}/${SRCNAME}- file://nagios-core-systemd-volatile.conf \ " -SRC_URI[md5sum] = "7a9736281d4e2ebe4f4569a782f733c5" -SRC_URI[sha256sum] = "3418923f326aa86dc8c84cfd0df788fa495a90d772f8071acf40fdbef0736853" +SRC_URI[md5sum] = "8beb253b1236ee1407f698b5d2a2d894" +SRC_URI[sha256sum] = "bba8f0e8dc8cf72f7a7ae4e8ce9c60f5bd315629421b9ec34818a28b8da49f67" S = "${WORKDIR}/${SRCNAME}-${PV}" -inherit autotools-brokensep update-rc.d systemd +inherit autotools-brokensep update-rc.d systemd update-alternatives DEPENDS = "gd unzip-native" @@ -149,3 +149,9 @@ USERADD_PARAM_${SRCNAME}-base = "-r -M -g ${NAGIOS_GROUP} ${NAGIOS_USER}" INITSCRIPT_NAME = "nagios" INITSCRIPT_PARAMS = "defaults" + +CVE_PRODUCT = "nagios_core" + +ALTERNATIVE_PRIORITY_${PN} = '20' +ALTERNATIVE_${PN} = "nagios" +ALTERNATIVE_LINK_NAME[nagios] = "${localstatedir}/nagios" diff --git a/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe/0001-Should-fix-235-nasty_metachars-was-not-being-returne.patch b/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe/0001-Should-fix-235-nasty_metachars-was-not-being-returne.patch new file mode 100644 index 00000000..7a12e730 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe/0001-Should-fix-235-nasty_metachars-was-not-being-returne.patch @@ -0,0 +1,30 @@ +From 4f7dd1199f1f3f72f9197e8565da339a4a2490b7 Mon Sep 17 00:00:00 2001 +From: madlohe <swolf@nagios.com> +Date: Thu, 23 Apr 2020 15:33:18 -0500 +Subject: [PATCH] Should fix #235 (nasty_metachars was not being returned when + specified in cfg file + +CVE: CVE-2020-6581 +Upstream Status: Backport [4f7dd1199f1f3f72f9197e8565da339a4a2490b7] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/nrpe.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/nrpe.c b/src/nrpe.c +index 01fbd1d..bf64963 100644 +--- a/src/nrpe.c ++++ b/src/nrpe.c +@@ -823,6 +823,8 @@ char* process_metachars(const char* input) + } + } + copy[j] = '\0'; ++ ++ return copy; + } + + /* read in the configuration file */ +-- +2.20.1 + diff --git a/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe_3.2.1.bb b/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe_4.0.2.bb index 94933367..d9c7b159 100644 --- a/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe_3.2.1.bb +++ b/external/meta-virtualization/recipes-extended/nagios/nagios-nrpe_4.0.2.bb @@ -1,7 +1,7 @@ require nagios-common.inc DESCRIPTION = "Nagios Remote Plugin Executor" -HOMEPAGE = "http://exchange.nagios.org" +HOMEPAGE = "http://www.nagios.com" SECTION = "console/network" PRIORITY = "optional" LICENSE = "GPLv2" @@ -13,14 +13,18 @@ SRCNAME = "nrpe" SRC_URI = "https://github.com/NagiosEnterprises/nrpe/releases/download/${SRCNAME}-${PV}/${SRCNAME}-${PV}.tar.gz \ file://check_nrpe.cfg \ file://nagios-nrpe.service \ + file://0001-Should-fix-235-nasty_metachars-was-not-being-returne.patch \ " -SRC_URI[md5sum] = "8997e195fea93cdceb8c7ed8ac1d43bc" -SRC_URI[sha256sum] = "8ad2d1846ab9011fdd2942b8fc0c99dfad9a97e57f4a3e6e394a4ead99c0f1f0" +SRC_URI[md5sum] = "37b9e23b3e8d75308f8b31f3b61ee8a4" +SRC_URI[sha256sum] = "c5d9d7023eaa49e6fe8cf95c6d101731f07972cf0f8818fa130c171bc9eabd55" +SRC_URI[sha1sum] = "2150e274fc7f24905c63b8a996ed7218e2967478" +SRC_URI[sha384sum] = "0ece79fb312c8d1ee0e6bde1be499f8090a5a86cf90b0b8dcbebb95c5f8f70b2cf9ac0a4064f726bee091c4147b61d82" +SRC_URI[sha512sum] = "4d7cf6abc974bc79df54afc42644418e3f086a279c8c17d0fd104f19e3c21c0f3dae4fb4268dd134446ff9fe505159b0446372c5cac71cfe03a97479ed41c09b" S = "${WORKDIR}/${SRCNAME}-${PV}" -inherit autotools-brokensep update-rc.d systemd +inherit autotools-brokensep update-rc.d systemd update-alternatives # IP address of server which proxy should connect to MONITORING_PROXY_SERVER_IP ??= "192.168.7.2" @@ -39,7 +43,7 @@ EXTRA_OECONF_SSL = "--with-ssl=${STAGING_DIR_HOST} \ --with-ssl-lib=${STAGING_DIR_HOST}${libdir} \ " -PACKAGECONFIG[ssl] = "${EXTRA_OECONF_SSL},--disable-ssl,openssl," +PACKAGECONFIG[ssl] = "${EXTRA_OECONF_SSL},--disable-ssl,openssl-native openssl," PACKAGECONFIG[cmdargs] = "--enable-command-args,--disable-command-args,," PACKAGECONFIG[bashcomp] = "--enable-bash-command-substitution,--disable-bash-command-substitution,," @@ -73,8 +77,6 @@ do_install_append() { install -d ${D}${systemd_unitdir}/system install -m 644 ${WORKDIR}/nagios-nrpe.service ${D}${systemd_unitdir}/system/ fi - - rmdir -p --ignore-fail-on-non-empty ${D}${localstatedir}/nagios } PACKAGES = "${PN}-dbg ${PN}-plugin ${PN}-daemon" @@ -86,6 +88,7 @@ FILES_${PN}-plugin = "${NAGIOS_PLUGIN_DIR} \ FILES_${PN}-daemon = "${sysconfdir} \ ${bindir} \ ${nonarch_libdir}/tmpfiles.d/ \ + ${localstatedir} \ " RDEPENDS_${PN}-daemon = "nagios-base" @@ -98,3 +101,6 @@ SYSTEMD_AUTO_ENABLE_${PN}-daemon = "enable" INITSCRIPT_PACKAGES = "${PN}-daemon" INITSCRIPT_NAME_${PN}-daemon = "nrpe" INITSCRIPT_PARAMS_${PN}-daemon = "defaults" + +ALTERNATIVE_${PN}-daemon = "nagios" +ALTERNATIVE_LINK_NAME[nagios] = "${localstatedir}/nagios" diff --git a/external/meta-virtualization/recipes-extended/nagios/nagios-nsca/0001-Fix-missing-argument-in-open-calls.patch b/external/meta-virtualization/recipes-extended/nagios/nagios-nsca/0001-Fix-missing-argument-in-open-calls.patch deleted file mode 100644 index 6b39fec5..00000000 --- a/external/meta-virtualization/recipes-extended/nagios/nagios-nsca/0001-Fix-missing-argument-in-open-calls.patch +++ /dev/null @@ -1,52 +0,0 @@ -From da37e6ce2a8cc315845440488cd2f8dab0a17bfe Mon Sep 17 00:00:00 2001 -From: "John C. Frickson" <jfrickson@nagios.com> -Date: Wed, 7 Oct 2015 14:06:58 -0500 -Subject: [PATCH] Fix missing argument in open calls - -Commit b9f2c08dfdf31430f972a48781fc115c4af13cfe -from https://github.com/NagiosEnterprises/nsca - -Fix for issue http://tracker.nagios.org/view.php?id=286 - -Upstream-Status: Backport - -Singed-off-by: John C. Frickson <jfrickson@nagios.com> -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> -[MA: Context updated to allow application to older version] -Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> ---- - Changelog | 4 ++++ - src/nsca.c | 2 +- - 2 files changed, 5 insertions(+), 1 deletion(-) - -diff --git a/Changelog b/Changelog -index 3a7edd4..00ea11e 100644 ---- a/Changelog -+++ b/Changelog -@@ -2,6 +2,10 @@ - NSCA Changelog - ************** - -+2.9.x - xx/xx/xxxx -+------------------ -+- Fix missing argument in open calls (Xavier Bachelot / John Frickson) -+ - 2.9.1 - 01/27/2012 - ------------------ - - Applied patch to allow packets arriving with a future time stamp (Daniel Wittenberg) -diff --git a/src/nsca.c b/src/nsca.c -index 6b0e436..0e70b8b 100644 ---- a/src/nsca.c -+++ b/src/nsca.c -@@ -477,7 +477,7 @@ static int read_config_file(char *filename){ - int checkresult_test_fd=-1; - char *checkresult_test=NULL; - asprintf(&checkresult_test,"%s/nsca.test.%i",check_result_path,getpid()); -- checkresult_test_fd=open(checkresult_test,O_WRONLY|O_CREAT); -+ checkresult_test_fd=open(checkresult_test,O_WRONLY|O_CREAT,S_IWUSR); - if (checkresult_test_fd>0){ - unlink(checkresult_test); - } --- -2.11.0 - diff --git a/external/meta-virtualization/recipes-extended/nagios/nagios-nsca_2.9.1.bb b/external/meta-virtualization/recipes-extended/nagios/nagios-nsca_2.9.2.bb index f53a47a0..d342810c 100644 --- a/external/meta-virtualization/recipes-extended/nagios/nagios-nsca_2.9.1.bb +++ b/external/meta-virtualization/recipes-extended/nagios/nagios-nsca_2.9.2.bb @@ -6,18 +6,17 @@ SECTION = "console/network" PRIORITY = "optional" LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://src/nsca.c;beginline=1;endline=16;md5=c1bd17485c5c1dd42f664fe8b3528674" +LIC_FILES_CHKSUM = "file://src/nsca.c;beginline=1;endline=16;md5=dd7a195cc7d8a3ebcfabd65360d0cab4" SRCNAME = "nsca" SRC_URI = "http://prdownloads.sourceforge.net/sourceforge/nagios/${SRCNAME}-${PV}.tar.gz \ file://init-script.in \ file://nagios-nsca.service \ - file://0001-Fix-missing-argument-in-open-calls.patch \ " -SRC_URI[md5sum] = "3fe2576a8cc5b252110a93f4c8d978c6" -SRC_URI[sha256sum] = "fb12349e50838c37954fe896ba6a026c09eaeff2f9408508ad7ede53e9ea9580" +SRC_URI[md5sum] = "43f638c51367a3170476ed106fbb4858" +SRC_URI[sha256sum] = "96eb04ef695873ce462e3f8db08e8a49456ff9595d11acf70a3dd8a2c4af3b5e" S = "${WORKDIR}/${SRCNAME}-${PV}" @@ -26,7 +25,7 @@ inherit update-rc.d autotools-brokensep systemd dos2unix DEPENDS = "libmcrypt" EXTRA_OECONF += "--with-nsca-user=${NAGIOS_USER} \ - --with-nsca-group=${NAGIOS_GROUP} \ + --with-nsca-grp=${NAGIOS_GROUP} \ --with-libmcrypt-prefix=${STAGING_DIR_HOST} \ ac_cv_path_LIBMCRYPT_CONFIG=${STAGING_BINDIR_CROSS}/libmcrypt-config \ ac_cv_lib_wrap_main=no \ diff --git a/external/meta-virtualization/recipes-extended/seabios/seabios/python3.patch b/external/meta-virtualization/recipes-extended/seabios/seabios/python3.patch new file mode 100644 index 00000000..a2786fd7 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/seabios/seabios/python3.patch @@ -0,0 +1,13 @@ +diff --git a/Makefile b/Makefile +index 516cb38..7f6acaa 100644 +--- a/Makefile ++++ b/Makefile +@@ -22,7 +22,7 @@ LD=$(CROSS_PREFIX)ld + OBJCOPY=$(CROSS_PREFIX)objcopy + OBJDUMP=$(CROSS_PREFIX)objdump + STRIP=$(CROSS_PREFIX)strip +-PYTHON=python ++PYTHON=python3 + CPP=$(CROSS_PREFIX)cpp + IASL:=iasl + LD32BIT_FLAG:=-melf_i386 diff --git a/external/meta-virtualization/recipes-extended/seabios/seabios_1.11.2.bb b/external/meta-virtualization/recipes-extended/seabios/seabios_1.13.0.bb index 81eaec96..4cf44201 100644 --- a/external/meta-virtualization/recipes-extended/seabios/seabios_1.11.2.bb +++ b/external/meta-virtualization/recipes-extended/seabios/seabios_1.13.0.bb @@ -3,22 +3,25 @@ HOMEPAGE = "http://www.coreboot.org/SeaBIOS" LICENSE = "LGPLv3" SECTION = "firmware" +inherit python3native + SRC_URI = " \ - https://github.com/qemu/seabios/archive/rel-${PV}.tar.gz \ + https://www.seabios.org/downloads/seabios-${PV}.tar.gz \ file://hostcc.patch \ + file://python3.patch \ " -S = "${WORKDIR}/${PN}-rel-${PV}" +S = "${WORKDIR}/${PN}-${PV}" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ file://COPYING.LESSER;md5=6a6a8e020838b23406c81b19c1d46df6 \ " -SRC_URI[md5sum] = "3f78065837dbd8873513a1b7d5276e78" -SRC_URI[sha256sum] = "73e73c8e406d97265782f6c942b3c1d178ed4f4afc9f381b22336c3968291693" +SRC_URI[md5sum] = "1dc1725bac1d230bfd6b3204eed4f2f7" +SRC_URI[sha256sum] = "37673dc2d6308591b15bdb94e5bcc3e99bdb40198d2247733c43f50b55dbe703" FILES_${PN} = "/usr/share/firmware" -DEPENDS = "util-linux-native file-native bison-native flex-native gettext-native acpica-native python-native" +DEPENDS += "util-linux-native file-native bison-native flex-native gettext-native acpica-native" TUNE_CCARGS = "" EXTRA_OEMAKE += "HOSTCC='${BUILD_CC}'" diff --git a/external/meta-virtualization/recipes-extended/uxen/README.md b/external/meta-virtualization/recipes-extended/uxen/README.md new file mode 100644 index 00000000..09733833 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/uxen/README.md @@ -0,0 +1,48 @@ +# uXen : Open Source type-2 hypervisor support + +For any issues with the uXen recipes please make sure you CC: + + christopher.w.clark@gmail.com + +## uxen-guest-tools : software for within guest VMs, kernel modules + +* uxenhc : hypercall driver +* uxenfb : framebuffer driver +* uxenhid : Human Input Device driver +* uxennet : virtual network device driver +* uxenplatform : uXen platform device driver +* uxenstor : virtual storage device driver +* uxenv4vlib : v4v, Hypervisor-Mediated data eXchange +* v4vvsock : v4v vsock virtual network device driver +* v4vtest : basic v4v vsock test + +To produce a bootable VM disk image file: + + wic create directdisk -e uxen-guest-image-minimal + +To test, copy the .direct file that wic produces to the host with uXen installed and write the following to a new file: `linux-vm.json`. Update the file path within it to point to your wic-generated disk image: + + { + "name" : "Linux Virtual Machine", + "boot-order" : "c", + "block" : + { "id": "ich0", "proto" : "raw", "xsnapshot" : true, + "path" : "c:/Users/Yocto/directdisk-202001010100-sda.direct" }, + "memory" : 768, + "net" : { "type" : "nic", "model" : "e1000" }, + "hpet" : 1, + "vcpus" : 1, + "use-v4v-net" : 1, + "v4v-storage" : true, + + "" : "" + } + +and then boot it: + + uxendm -F linux-vm.json + +References: + https://www.bromium.com/opensource + https://github.com/uxen-virt + https://www.platformsecuritysummit.com/2018/speaker/pratt/ diff --git a/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools/fix-Makefile-for-OE-kernel-build.patch b/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools/fix-Makefile-for-OE-kernel-build.patch new file mode 100644 index 00000000..db4c53f5 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools/fix-Makefile-for-OE-kernel-build.patch @@ -0,0 +1,36 @@ +# OpenEmbedded uses KERNEL_SRC instead of KDIR +# and enable the modules_install target. +# Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> +diff --git a/Makefile b/Makefile +index 3fd3075..80cf0fe 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,10 +1,13 @@ + ifneq ($(KERNELRELEASE),) + # kbuild part of makefile +-else ++include Kbuild + +-KVERSION ?= $(shell uname -r) +-KDIR := /lib/modules/${KVERSION}/build ++else ++#normal makefile ++KERNEL_VERSION ?= $(shell uname -r) ++KERNEL_SRC ?= /lib/modules/${KERNEL_VERSION}/build + UXENDIR ?= $(shell pwd)/include/uxen ++INSTALL_HDR_PATH ?= /usr + + LX_TARGET_FLAGS= -DLX_TARGET_STANDARDVM + LX_TARGET_ATTOVM=n +@@ -19,7 +22,9 @@ EXTRA_CFLAGS=$(LX_TARGET_FLAGS) -g -Wall + NOSTDINC_FLAGS=-I$(shell pwd)/include/ -I$(UXENDIR) -I$(UXENDIR)/xen + + all: +- make -C $(KDIR) $(LX_TARGET) M=$(shell pwd) EXTRA_CFLAGS="$(EXTRA_CFLAGS)" NOSTDINC_FLAGS="$(NOSTDINC_FLAGS)" ++ make -C $(KERNEL_SRC) $(LX_TARGET) M=$(shell pwd) EXTRA_CFLAGS="$(EXTRA_CFLAGS)" NOSTDINC_FLAGS="$(NOSTDINC_FLAGS)" + clean: +- make -C $(KDIR) $(LX_TARGET) M=$(shell pwd) clean ++ make -C $(KERNEL_SRC) $(LX_TARGET) M=$(shell pwd) clean ++modules_install: ++ make -C $(KERNEL_SRC) $(LX_TARGET) M=$(shell pwd) modules_install + endif diff --git a/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools_4.1.7.bb b/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools_4.1.7.bb new file mode 100644 index 00000000..757f1e3b --- /dev/null +++ b/external/meta-virtualization/recipes-extended/uxen/uxen-guest-tools_4.1.7.bb @@ -0,0 +1,22 @@ +SUMMARY = "uXen type-2 Open Source hypervisor Linux guest tools" +DESCRIPTION = "Linux guest virtual machine tools for the uXen hypervisor" +HOMEPAGE = "https://www.bromium.com/opensource" +LICENSE = "GPLv2" + +COMPATIBLE_HOST = '(x86_64.*).*-linux' + +SRC_URI = " \ + https://www.bromium.com/wp-content/uploads/2019/06/uxen-vmsupport-linux-${PV}.zip;name=uxen \ + https://www.bromium.com/wp-content/uploads/2019/11/Bromium-4.1.8-Open-Source-Software.pdf;name=license \ + file://fix-Makefile-for-OE-kernel-build.patch \ + " + +SRC_URI[uxen.sha384sum] = "d9d7a1fa5c44ac77eea3d8d4756f9e07fc02acfe12606325ff0bb8a60c07abc3e9ddb80c2039797fb2122d750219722f" +SRC_URI[license.sha384sum] = "92e48c614df3094cb52321d4c4e01f6df5526d46aee5c6fa36c43ee23d4c33f03baa1fc5f6f29efafff636b6d13bc92c" + +# The software license is GPLv2: please see page 199 of the pdf document +LIC_FILES_CHKSUM = "file://../Bromium-4.1.8-Open-Source-Software.pdf;md5=cf120df6ffa417b36f870a9997650049" + +S = "${WORKDIR}/uxen-vmsupport-linux-${PV}" + +inherit module diff --git a/external/meta-virtualization/recipes-extended/xen/README b/external/meta-virtualization/recipes-extended/xen/README index 3686530c..34e79774 100644 --- a/external/meta-virtualization/recipes-extended/xen/README +++ b/external/meta-virtualization/recipes-extended/xen/README @@ -1,7 +1,9 @@ Xen --- -For any issues with the xen recipes please make sure you CC cardoe@gentoo.org +For any issues with the Xen recipes please make sure you CC: + christopher.w.clark@gmail.com + cardoe@gentoo.org configuring the hypervisor -------------------------- @@ -14,6 +16,15 @@ copy it to your Yocto layer as 'defconfig' inside of 'recipes-extended/xen/files/' and then create a bbappend adding 'file://defconfig' to your SRC_URI. +To generate your own .config file for Xen, you can use the interactive +menuconfig via bitbake: + + bitbake xen -c menuconfig + +Select the config settings that you want and Save the file. If you save it to +the default ".config" file when prompted by menuconfig, you can find it in the +'xen' subdirectory of the build tree. + security patches ---------------- diff --git a/external/meta-virtualization/recipes-extended/xen/files/0001-python-pygrub-pass-DISTUTILS-env-vars-as-setup.py-ar.patch b/external/meta-virtualization/recipes-extended/xen/files/0001-python-pygrub-pass-DISTUTILS-xen.4.12.patch index 03c39fe7..96e907d5 100644 --- a/external/meta-virtualization/recipes-extended/xen/files/0001-python-pygrub-pass-DISTUTILS-env-vars-as-setup.py-ar.patch +++ b/external/meta-virtualization/recipes-extended/xen/files/0001-python-pygrub-pass-DISTUTILS-xen.4.12.patch @@ -9,21 +9,23 @@ This is especially useful when the target libdir is not the default one (/usr/lib), but for example /usr/lib64. Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com> ---- - tools/pygrub/Makefile | 5 +++-- - tools/python/Makefile | 4 ++-- - 2 files changed, 5 insertions(+), 4 deletions(-) + +Forward-ported to Xen 4.12.0 +Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> + +Modified to support pygrub installation with python 3 +Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> diff --git a/tools/pygrub/Makefile b/tools/pygrub/Makefile -index 536af07932b4..e1c773101412 100644 +index 3063c49..513314b 100644 --- a/tools/pygrub/Makefile +++ b/tools/pygrub/Makefile -@@ -10,14 +10,15 @@ INSTALL_LOG = build/installed_files.txt +@@ -10,14 +10,17 @@ INSTALL_LOG = build/installed_files.txt all: build .PHONY: build build: -- CC="$(CC)" CFLAGS="$(PY_CFLAGS)" $(PYTHON) setup.py build -+ CC="$(CC)" CFLAGS="$(PY_CFLAGS)" $(PYTHON) setup.py build $(DISTUTILS_BUILD_ARGS) +- CC="$(CC)" CFLAGS="$(PY_CFLAGS)" LDFLAGS="$(PY_LDFLAGS)" $(PYTHON) setup.py build ++ CC="$(CC)" CFLAGS="$(PY_CFLAGS)" LDFLAGS="$(PY_LDFLAGS)" $(PYTHON) setup.py build $(DISTUTILS_BUILD_ARGS) .PHONY: install install: all @@ -33,11 +35,13 @@ index 536af07932b4..e1c773101412 100644 - --root="$(DESTDIR)" --install-scripts=$(LIBEXEC_BIN) --force + --root="$(DESTDIR)" --install-scripts=$(LIBEXEC_BIN) --force \ + $(DISTUTILS_INSTALL_ARGS) ++ rm -f $(DESTDIR)/$(LIBEXEC_BIN)/pygrub ++ $(INSTALL_PYTHON_PROG) src/pygrub $(DESTDIR)/$(LIBEXEC_BIN)/pygrub set -e; if [ $(bindir) != $(LIBEXEC_BIN) -a \ "`readlink -f $(DESTDIR)/$(bindir)`" != \ "`readlink -f $(LIBEXEC_BIN)`" ]; then \ diff --git a/tools/python/Makefile b/tools/python/Makefile -index 541858e2f886..4d4a344f1d33 100644 +index 541858e..4d4a344 100644 --- a/tools/python/Makefile +++ b/tools/python/Makefile @@ -10,7 +10,7 @@ INSTALL_LOG = build/installed_files.txt @@ -58,6 +62,3 @@ index 541858e2f886..4d4a344f1d33 100644 $(INSTALL_PROG) scripts/convert-legacy-stream $(DESTDIR)$(LIBEXEC_BIN) $(INSTALL_PROG) scripts/verify-stream-v2 $(DESTDIR)$(LIBEXEC_BIN) --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch b/external/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch deleted file mode 100644 index 4bbf21a1..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: src/core/dhcp.c -=================================================================== ---- a/src/core/dhcp.c -+++ b/src/core/dhcp.c -@@ -1356,7 +1358,7 @@ dhcp_create_request(struct netif *netif) - dhcp->msg_out->giaddr.addr = 0; - for (i = 0; i < DHCP_CHADDR_LEN; i++) { - /* copy netif hardware address, pad with zeroes */ -- dhcp->msg_out->chaddr[i] = (i < netif->hwaddr_len) ? netif->hwaddr[i] : 0/* pad byte*/; -+ dhcp->msg_out->chaddr[i] = (i < (netif->hwaddr_len > NETIF_MAX_HWADDR_LEN ? NETIF_MAX_HWADDR_LEN : netif->hwaddr_len)) ? netif->hwaddr[i] : 0/* pad byte*/; - } - for (i = 0; i < DHCP_SNAME_LEN; i++) { - dhcp->msg_out->sname[i] = 0; diff --git a/external/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs b/external/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs deleted file mode 100644 index b2718778..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs +++ /dev/null @@ -1,2398 +0,0 @@ -? .ChangeLog.swp -? ChangeLog -Index: CHANGELOG -=================================================================== -RCS file: /sources/lwip/lwip/CHANGELOG,v -retrieving revision 1.300 -retrieving revision 1.318 -diff -u -p -r1.300 -r1.318 ---- a/CHANGELOG 23 Mar 2008 13:49:39 -0000 1.300 -+++ b/CHANGELOG 14 Jul 2008 20:12:36 -0000 1.318 -@@ -19,9 +19,77 @@ HISTORY - - ++ New features: - -+ 2008-06-30 Simon Goldschmidt -+ * mem.c, opt.h, stats.h: fixed bug #21433: Calling mem_free/pbuf_free from -+ interrupt context isn't safe: LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT allows -+ mem_free to run between mem_malloc iterations. Added illegal counter for -+ mem stats. -+ -+ 2008-06-27 Simon Goldschmidt -+ * stats.h/.c, some other files: patch #6483: stats module improvement: -+ Added defines to display each module's statistic individually, added stats -+ defines for MEM, MEMP and SYS modules, removed (unused) rexmit counter. -+ -+ 2008-06-17 Simon Goldschmidt -+ * err.h: patch #6459: Made err_t overridable to use a more efficient type -+ (define LWIP_ERR_T in cc.h) -+ -+ 2008-06-17 Simon Goldschmidt -+ * slipif.c: patch #6480: Added a configuration option for slipif for symmetry -+ to loopif -+ -+ 2008-06-17 Simon Goldschmidt (patch by Luca Ceresoli) -+ * netif.c, loopif.c, ip.c, netif.h, loopif.h, opt.h: Checked in slightly -+ modified version of patch # 6370: Moved loopif code to netif.c so that -+ loopback traffic is supported on all netifs (all local IPs). -+ Added option to limit loopback packets for each netifs. -+ - - ++ Bugfixes: - -+ 2008-08-14 Simon Goldschmidt -+ * api_msg.c: fixed bug #23847: do_close_internal references freed memory (when -+ tcp_close returns != ERR_OK) -+ -+ 2008-07-08 Frédéric Bernon -+ * stats.h: Fix some build bugs introduced with patch #6483 (missing some parameters -+ in macros, mainly if MEM_STATS=0 and MEMP_STATS=0). -+ -+ 2008-06-24 Jonathan Larmour -+ * tcp_in.c: Fix for bug #23693 as suggested by Art R. Ensure cseg is unused -+ if tcp_seg_copy fails. -+ -+ 2008-06-17 Simon Goldschmidt -+ * inet_chksum.c: Checked in some ideas of patch #6460 (loop optimizations) -+ and created defines for swapping bytes and folding u32 to u16. -+ -+ 2008-05-30 Kieran Mansley -+ * tcp_in.c Remove redundant "if" statement, and use real rcv_wnd -+ rather than rcv_ann_wnd when deciding if packets are in-window. -+ Contributed by <arasmussen@consultant.datasys.swri.edu> -+ -+ 2008-05-30 Kieran Mansley -+ * mem.h: Fix BUG#23254. Change macro definition of mem_* to allow -+ passing as function pointers when MEM_LIBC_MALLOC is defined. -+ -+ 2008-05-09 Jonathan Larmour -+ * err.h, err.c, sockets.c: Fix bug #23119: Reorder timeout error code to -+ stop it being treated as a fatal error. -+ -+ 2008-04-15 Simon Goldschmidt -+ * dhcp.c: fixed bug #22804: dhcp_stop doesn't clear NETIF_FLAG_DHCP -+ (flag now cleared) -+ -+ 2008-03-27 Simon Goldschmidt -+ * mem.c, tcpip.c, tcpip.h, opt.h: fixed bug #21433 (Calling mem_free/pbuf_free -+ from interrupt context isn't safe): set LWIP_USE_HEAP_FROM_INTERRUPT to 1 -+ in lwipopts.h or use pbuf_free_callback(p)/mem_free_callback(m) to free pbufs -+ or heap memory from interrupt context -+ -+ 2008-03-26 Simon Goldschmidt -+ * tcp_in.c, tcp.c: fixed bug #22249: division by zero could occur if a remote -+ host sent a zero mss as TCP option. -+ - - (STABLE-1.3.0) - -Index: src/api/api_msg.c -=================================================================== -RCS file: /sources/lwip/lwip/src/api/api_msg.c,v -retrieving revision 1.102 -retrieving revision 1.104 -diff -u -p -r1.102 -r1.104 ---- a/src/api/api_msg.c 21 Mar 2008 16:23:14 -0000 1.102 -+++ b/src/api/api_msg.c 15 Jul 2008 11:18:58 -0000 1.104 -@@ -598,11 +598,16 @@ do_close_internal(struct netconn *conn) - LWIP_ASSERT("pcb already closed", (conn->pcb.tcp != NULL)); - - /* Set back some callback pointers */ -+ tcp_arg(conn->pcb.tcp, NULL); - if (conn->pcb.tcp->state == LISTEN) { -- tcp_arg(conn->pcb.tcp, NULL); - tcp_accept(conn->pcb.tcp, NULL); - } else { - tcp_recv(conn->pcb.tcp, NULL); -+ tcp_accept(conn->pcb.tcp, NULL); -+ /* some callbacks have to be reset if tcp_close is not successful */ -+ tcp_sent(conn->pcb.tcp, NULL); -+ tcp_poll(conn->pcb.tcp, NULL, 4); -+ tcp_err(conn->pcb.tcp, NULL); - } - /* Try to close the connection */ - err = tcp_close(conn->pcb.tcp); -@@ -610,11 +615,6 @@ do_close_internal(struct netconn *conn) - /* Closing succeeded */ - conn->state = NETCONN_NONE; - /* Set back some callback pointers as conn is going away */ -- tcp_err(conn->pcb.tcp, NULL); -- tcp_poll(conn->pcb.tcp, NULL, 4); -- tcp_sent(conn->pcb.tcp, NULL); -- tcp_recv(conn->pcb.tcp, NULL); -- tcp_arg(conn->pcb.tcp, NULL); - conn->pcb.tcp = NULL; - conn->err = ERR_OK; - /* Trigger select() in socket layer. This send should something else so the -@@ -623,6 +623,14 @@ do_close_internal(struct netconn *conn) - API_EVENT(conn, NETCONN_EVT_SENDPLUS, 0); - /* wake up the application task */ - sys_sem_signal(conn->op_completed); -+ } else { -+ /* Closing failed, restore some of the callbacks */ -+ /* Closing of listen pcb will never fail! */ -+ LWIP_ASSERT("Closing a listen pcb may not fail!", (conn->pcb.tcp->state != LISTEN)); -+ tcp_sent(conn->pcb.tcp, sent_tcp); -+ tcp_poll(conn->pcb.tcp, poll_tcp, 4); -+ tcp_err(conn->pcb.tcp, err_tcp); -+ tcp_arg(conn->pcb.tcp, conn); - } - /* If closing didn't succeed, we get called again either - from poll_tcp or from sent_tcp */ -Index: src/api/err.c -=================================================================== -RCS file: /sources/lwip/lwip/src/api/err.c,v -retrieving revision 1.11 -retrieving revision 1.12 -diff -u -p -r1.11 -r1.12 ---- a/src/api/err.c 13 Dec 2007 23:06:50 -0000 1.11 -+++ b/src/api/err.c 9 May 2008 12:14:23 -0000 1.12 -@@ -44,17 +44,17 @@ static const char *err_strerr[] = { - "Ok.", /* ERR_OK 0 */ - "Out of memory error.", /* ERR_MEM -1 */ - "Buffer error.", /* ERR_BUF -2 */ -- "Routing problem.", /* ERR_RTE -3 */ -- "Connection aborted.", /* ERR_ABRT -4 */ -- "Connection reset.", /* ERR_RST -5 */ -- "Connection closed.", /* ERR_CLSD -6 */ -- "Not connected.", /* ERR_CONN -7 */ -- "Illegal value.", /* ERR_VAL -8 */ -- "Illegal argument.", /* ERR_ARG -9 */ -- "Address in use.", /* ERR_USE -10 */ -- "Low-level netif error.", /* ERR_IF -11 */ -- "Already connected.", /* ERR_ISCONN -12 */ -- "Timeout.", /* ERR_TIMEOUT -13 */ -+ "Timeout.", /* ERR_TIMEOUT -3 */ -+ "Routing problem.", /* ERR_RTE -4 */ -+ "Connection aborted.", /* ERR_ABRT -5 */ -+ "Connection reset.", /* ERR_RST -6 */ -+ "Connection closed.", /* ERR_CLSD -7 */ -+ "Not connected.", /* ERR_CONN -8 */ -+ "Illegal value.", /* ERR_VAL -9 */ -+ "Illegal argument.", /* ERR_ARG -10 */ -+ "Address in use.", /* ERR_USE -11 */ -+ "Low-level netif error.", /* ERR_IF -12 */ -+ "Already connected.", /* ERR_ISCONN -13 */ - "Operation in progress." /* ERR_INPROGRESS -14 */ - }; - -Index: src/api/netdb.c -=================================================================== -RCS file: /sources/lwip/lwip/src/api/netdb.c,v -retrieving revision 1.4 -retrieving revision 1.5 -diff -u -p -r1.4 -r1.5 ---- a/src/api/netdb.c 26 Jan 2008 16:11:39 -0000 1.4 -+++ b/src/api/netdb.c 16 Jul 2008 20:36:12 -0000 1.5 -@@ -326,7 +326,8 @@ lwip_getaddrinfo(const char *nodename, c - if (nodename != NULL) { - /* copy nodename to canonname if specified */ - size_t namelen = strlen(nodename); -- ai->ai_canonname = mem_malloc(namelen + 1); -+ LWIP_ASSERT("namelen is too long", (namelen + 1) <= (mem_size_t)-1); -+ ai->ai_canonname = mem_malloc((mem_size_t)(namelen + 1)); - if (ai->ai_canonname == NULL) { - goto memerr; - } -Index: src/api/sockets.c -=================================================================== -RCS file: /sources/lwip/lwip/src/api/sockets.c,v -retrieving revision 1.116 -retrieving revision 1.117 -diff -u -p -r1.116 -r1.117 ---- a/src/api/sockets.c 13 Mar 2008 20:03:57 -0000 1.116 -+++ b/src/api/sockets.c 9 May 2008 12:14:24 -0000 1.117 -@@ -128,17 +128,17 @@ static const int err_to_errno_table[] = - 0, /* ERR_OK 0 No error, everything OK. */ - ENOMEM, /* ERR_MEM -1 Out of memory error. */ - ENOBUFS, /* ERR_BUF -2 Buffer error. */ -- EHOSTUNREACH, /* ERR_RTE -3 Routing problem. */ -- ECONNABORTED, /* ERR_ABRT -4 Connection aborted. */ -- ECONNRESET, /* ERR_RST -5 Connection reset. */ -- ESHUTDOWN, /* ERR_CLSD -6 Connection closed. */ -- ENOTCONN, /* ERR_CONN -7 Not connected. */ -- EINVAL, /* ERR_VAL -8 Illegal value. */ -- EIO, /* ERR_ARG -9 Illegal argument. */ -- EADDRINUSE, /* ERR_USE -10 Address in use. */ -- -1, /* ERR_IF -11 Low-level netif error */ -- -1, /* ERR_ISCONN -12 Already connected. */ -- ETIMEDOUT, /* ERR_TIMEOUT -13 Timeout */ -+ ETIMEDOUT, /* ERR_TIMEOUT -3 Timeout */ -+ EHOSTUNREACH, /* ERR_RTE -4 Routing problem. */ -+ ECONNABORTED, /* ERR_ABRT -5 Connection aborted. */ -+ ECONNRESET, /* ERR_RST -6 Connection reset. */ -+ ESHUTDOWN, /* ERR_CLSD -7 Connection closed. */ -+ ENOTCONN, /* ERR_CONN -8 Not connected. */ -+ EINVAL, /* ERR_VAL -9 Illegal value. */ -+ EIO, /* ERR_ARG -10 Illegal argument. */ -+ EADDRINUSE, /* ERR_USE -11 Address in use. */ -+ -1, /* ERR_IF -12 Low-level netif error */ -+ -1, /* ERR_ISCONN -13 Already connected. */ - EINPROGRESS /* ERR_INPROGRESS -14 Operation in progress */ - }; - -Index: src/api/tcpip.c -=================================================================== -RCS file: /sources/lwip/lwip/src/api/tcpip.c,v -retrieving revision 1.70 -retrieving revision 1.73 -diff -u -p -r1.70 -r1.73 ---- a/src/api/tcpip.c 12 Jan 2008 11:52:22 -0000 1.70 -+++ b/src/api/tcpip.c 27 Jun 2008 20:34:51 -0000 1.73 -@@ -518,4 +518,42 @@ tcpip_init(void (* initfunc)(void *), vo - sys_thread_new(TCPIP_THREAD_NAME, tcpip_thread, NULL, TCPIP_THREAD_STACKSIZE, TCPIP_THREAD_PRIO); - } - -+/** -+ * Simple callback function used with tcpip_callback to free a pbuf -+ * (pbuf_free has a wrong signature for tcpip_callback) -+ * -+ * @param p The pbuf (chain) to be dereferenced. -+ */ -+static void -+pbuf_free_int(void *p) -+{ -+ struct pbuf *q = p; -+ pbuf_free(q); -+} -+ -+/** -+ * A simple wrapper function that allows you to free a pbuf from interrupt context. -+ * -+ * @param p The pbuf (chain) to be dereferenced. -+ * @return ERR_OK if callback could be enqueued, an err_t if not -+ */ -+err_t -+pbuf_free_callback(struct pbuf *p) -+{ -+ return tcpip_callback_with_block(pbuf_free_int, p, 0); -+} -+ -+/** -+ * A simple wrapper function that allows you to free heap memory from -+ * interrupt context. -+ * -+ * @param m the heap memory to free -+ * @return ERR_OK if callback could be enqueued, an err_t if not -+ */ -+err_t -+mem_free_callback(void *m) -+{ -+ return tcpip_callback_with_block(mem_free, m, 0); -+} -+ - #endif /* !NO_SYS */ -Index: src/core/dhcp.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/dhcp.c,v -retrieving revision 1.86 -retrieving revision 1.87 -diff -u -p -r1.86 -r1.87 ---- a/src/core/dhcp.c 4 Mar 2008 14:25:58 -0000 1.86 -+++ b/src/core/dhcp.c 15 Apr 2008 17:24:55 -0000 1.87 -@@ -568,6 +568,8 @@ dhcp_start(struct netif *netif) - LWIP_ERROR("netif != NULL", (netif != NULL), return ERR_ARG;); - dhcp = netif->dhcp; - LWIP_DEBUGF(DHCP_DEBUG | LWIP_DBG_TRACE | LWIP_DBG_STATE, ("dhcp_start(netif=%p) %c%c%"U16_F"\n", (void*)netif, netif->name[0], netif->name[1], (u16_t)netif->num)); -+ /* Remove the flag that says this netif is handled by DHCP, -+ it is set when we succeeded starting. */ - netif->flags &= ~NETIF_FLAG_DHCP; - - /* no DHCP client attached yet? */ -@@ -609,6 +611,7 @@ dhcp_start(struct netif *netif) - dhcp_stop(netif); - return ERR_MEM; - } -+ /* Set the flag that says this netif is handled by DHCP. */ - netif->flags |= NETIF_FLAG_DHCP; - return result; - } -@@ -1063,6 +1066,8 @@ dhcp_stop(struct netif *netif) - { - struct dhcp *dhcp = netif->dhcp; - LWIP_ERROR("dhcp_stop: netif != NULL", (netif != NULL), return;); -+ /* Remove the flag that says this netif is handled by DHCP. */ -+ netif->flags &= ~NETIF_FLAG_DHCP; - - LWIP_DEBUGF(DHCP_DEBUG | LWIP_DBG_TRACE | 3, ("dhcp_stop()\n")); - /* netif is DHCP configured? */ -Index: src/core/mem.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/mem.c,v -retrieving revision 1.59 -retrieving revision 1.62 -diff -u -p -r1.59 -r1.62 ---- a/src/core/mem.c 4 Mar 2008 16:31:32 -0000 1.59 -+++ b/src/core/mem.c 30 Jun 2008 18:16:51 -0000 1.62 -@@ -177,9 +177,36 @@ static u8_t *ram; - static struct mem *ram_end; - /** pointer to the lowest free block, this is used for faster search */ - static struct mem *lfree; -+ - /** concurrent access protection */ - static sys_sem_t mem_sem; - -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ -+static volatile u8_t mem_free_count; -+ -+/* Allow mem_free from other (e.g. interrupt) context */ -+#define LWIP_MEM_FREE_DECL_PROTECT() SYS_ARCH_DECL_PROTECT(lev_free) -+#define LWIP_MEM_FREE_PROTECT() SYS_ARCH_PROTECT(lev_free) -+#define LWIP_MEM_FREE_UNPROTECT() SYS_ARCH_UNPROTECT(lev_free) -+#define LWIP_MEM_ALLOC_DECL_PROTECT() SYS_ARCH_DECL_PROTECT(lev_alloc) -+#define LWIP_MEM_ALLOC_PROTECT() SYS_ARCH_PROTECT(lev_alloc) -+#define LWIP_MEM_ALLOC_UNPROTECT() SYS_ARCH_UNPROTECT(lev_alloc) -+ -+#else /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ -+/* Protect the heap only by using a semaphore */ -+#define LWIP_MEM_FREE_DECL_PROTECT() -+#define LWIP_MEM_FREE_PROTECT() sys_arch_sem_wait(mem_sem, 0) -+#define LWIP_MEM_FREE_UNPROTECT() sys_sem_signal(mem_sem) -+/* mem_malloc is protected using semaphore AND LWIP_MEM_ALLOC_PROTECT */ -+#define LWIP_MEM_ALLOC_DECL_PROTECT() -+#define LWIP_MEM_ALLOC_PROTECT() -+#define LWIP_MEM_ALLOC_UNPROTECT() -+ -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ -+ - /** - * "Plug holes" by combining adjacent empty struct mems. - * After this function is through, there should not exist -@@ -255,9 +282,7 @@ mem_init(void) - /* initialize the lowest-free pointer to the start of the heap */ - lfree = (struct mem *)ram; - --#if MEM_STATS -- lwip_stats.mem.avail = MEM_SIZE_ALIGNED; --#endif /* MEM_STATS */ -+ MEM_STATS_AVAIL(avail, MEM_SIZE_ALIGNED); - } - - /** -@@ -270,6 +295,7 @@ void - mem_free(void *rmem) - { - struct mem *mem; -+ LWIP_MEM_FREE_DECL_PROTECT(); - - if (rmem == NULL) { - LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_TRACE | 2, ("mem_free(p == NULL) was called.\n")); -@@ -277,20 +303,20 @@ mem_free(void *rmem) - } - LWIP_ASSERT("mem_free: sanity check alignment", (((mem_ptr_t)rmem) & (MEM_ALIGNMENT-1)) == 0); - -- /* protect the heap from concurrent access */ -- sys_arch_sem_wait(mem_sem, 0); -- - LWIP_ASSERT("mem_free: legal memory", (u8_t *)rmem >= (u8_t *)ram && - (u8_t *)rmem < (u8_t *)ram_end); - - if ((u8_t *)rmem < (u8_t *)ram || (u8_t *)rmem >= (u8_t *)ram_end) { -+ SYS_ARCH_DECL_PROTECT(lev); - LWIP_DEBUGF(MEM_DEBUG | 3, ("mem_free: illegal memory\n")); --#if MEM_STATS -- ++lwip_stats.mem.err; --#endif /* MEM_STATS */ -- sys_sem_signal(mem_sem); -+ /* protect mem stats from concurrent access */ -+ SYS_ARCH_PROTECT(lev); -+ MEM_STATS_INC(illegal); -+ SYS_ARCH_UNPROTECT(lev); - return; - } -+ /* protect the heap from concurrent access */ -+ LWIP_MEM_FREE_PROTECT(); - /* Get the corresponding struct mem ... */ - mem = (struct mem *)((u8_t *)rmem - SIZEOF_STRUCT_MEM); - /* ... which has to be in a used state ... */ -@@ -303,13 +329,14 @@ mem_free(void *rmem) - lfree = mem; - } - --#if MEM_STATS -- lwip_stats.mem.used -= mem->next - ((u8_t *)mem - ram); --#endif /* MEM_STATS */ -+ MEM_STATS_DEC_USED(used, mem->next - ((u8_t *)mem - ram)); - - /* finally, see if prev or next are free also */ - plug_holes(mem); -- sys_sem_signal(mem_sem); -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ mem_free_count = 1; -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ LWIP_MEM_FREE_UNPROTECT(); - } - - /** -@@ -321,6 +348,8 @@ mem_free(void *rmem) - * @param newsize required size after shrinking (needs to be smaller than or - * equal to the previous size) - * @return for compatibility reasons: is always == rmem, at the moment -+ * or NULL if newsize is > old size, in which case rmem is NOT touched -+ * or freed! - */ - void * - mem_realloc(void *rmem, mem_size_t newsize) -@@ -328,6 +357,8 @@ mem_realloc(void *rmem, mem_size_t newsi - mem_size_t size; - mem_size_t ptr, ptr2; - struct mem *mem, *mem2; -+ /* use the FREE_PROTECT here: it protects with sem OR SYS_ARCH_PROTECT */ -+ LWIP_MEM_FREE_DECL_PROTECT(); - - /* Expand the size of the allocated memory region so that we can - adjust for alignment. */ -@@ -346,7 +377,12 @@ mem_realloc(void *rmem, mem_size_t newsi - (u8_t *)rmem < (u8_t *)ram_end); - - if ((u8_t *)rmem < (u8_t *)ram || (u8_t *)rmem >= (u8_t *)ram_end) { -+ SYS_ARCH_DECL_PROTECT(lev); - LWIP_DEBUGF(MEM_DEBUG | 3, ("mem_realloc: illegal memory\n")); -+ /* protect mem stats from concurrent access */ -+ SYS_ARCH_PROTECT(lev); -+ MEM_STATS_INC(illegal); -+ SYS_ARCH_UNPROTECT(lev); - return rmem; - } - /* Get the corresponding struct mem ... */ -@@ -366,11 +402,9 @@ mem_realloc(void *rmem, mem_size_t newsi - } - - /* protect the heap from concurrent access */ -- sys_arch_sem_wait(mem_sem, 0); -+ LWIP_MEM_FREE_PROTECT(); - --#if MEM_STATS -- lwip_stats.mem.used -= (size - newsize); --#endif /* MEM_STATS */ -+ MEM_STATS_DEC_USED(used, (size - newsize)); - - mem2 = (struct mem *)&ram[mem->next]; - if(mem2->used == 0) { -@@ -426,7 +460,10 @@ mem_realloc(void *rmem, mem_size_t newsi - -> don't do anyhting. - -> the remaining space stays unused since it is too small - } */ -- sys_sem_signal(mem_sem); -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ mem_free_count = 1; -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ LWIP_MEM_FREE_UNPROTECT(); - return rmem; - } - -@@ -444,6 +481,10 @@ mem_malloc(mem_size_t size) - { - mem_size_t ptr, ptr2; - struct mem *mem, *mem2; -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ u8_t local_mem_free_count = 0; -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ LWIP_MEM_ALLOC_DECL_PROTECT(); - - if (size == 0) { - return NULL; -@@ -464,88 +505,101 @@ mem_malloc(mem_size_t size) - - /* protect the heap from concurrent access */ - sys_arch_sem_wait(mem_sem, 0); -+ LWIP_MEM_ALLOC_PROTECT(); -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ /* run as long as a mem_free disturbed mem_malloc */ -+ do { -+ local_mem_free_count = 0; -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ -+ -+ /* Scan through the heap searching for a free block that is big enough, -+ * beginning with the lowest free block. -+ */ -+ for (ptr = (u8_t *)lfree - ram; ptr < MEM_SIZE_ALIGNED - size; -+ ptr = ((struct mem *)&ram[ptr])->next) { -+ mem = (struct mem *)&ram[ptr]; -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ mem_free_count = 0; -+ LWIP_MEM_ALLOC_UNPROTECT(); -+ /* allow mem_free to run */ -+ LWIP_MEM_ALLOC_PROTECT(); -+ if (mem_free_count != 0) { -+ local_mem_free_count = mem_free_count; -+ } -+ mem_free_count = 0; -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ - -- /* Scan through the heap searching for a free block that is big enough, -- * beginning with the lowest free block. -- */ -- for (ptr = (u8_t *)lfree - ram; ptr < MEM_SIZE_ALIGNED - size; -- ptr = ((struct mem *)&ram[ptr])->next) { -- mem = (struct mem *)&ram[ptr]; -- -- if ((!mem->used) && -- (mem->next - (ptr + SIZEOF_STRUCT_MEM)) >= size) { -- /* mem is not used and at least perfect fit is possible: -- * mem->next - (ptr + SIZEOF_STRUCT_MEM) gives us the 'user data size' of mem */ -- -- if (mem->next - (ptr + SIZEOF_STRUCT_MEM) >= (size + SIZEOF_STRUCT_MEM + MIN_SIZE_ALIGNED)) { -- /* (in addition to the above, we test if another struct mem (SIZEOF_STRUCT_MEM) containing -- * at least MIN_SIZE_ALIGNED of data also fits in the 'user data space' of 'mem') -- * -> split large block, create empty remainder, -- * remainder must be large enough to contain MIN_SIZE_ALIGNED data: if -- * mem->next - (ptr + (2*SIZEOF_STRUCT_MEM)) == size, -- * struct mem would fit in but no data between mem2 and mem2->next -- * @todo we could leave out MIN_SIZE_ALIGNED. We would create an empty -- * region that couldn't hold data, but when mem->next gets freed, -- * the 2 regions would be combined, resulting in more free memory -- */ -- ptr2 = ptr + SIZEOF_STRUCT_MEM + size; -- /* create mem2 struct */ -- mem2 = (struct mem *)&ram[ptr2]; -- mem2->used = 0; -- mem2->next = mem->next; -- mem2->prev = ptr; -- /* and insert it between mem and mem->next */ -- mem->next = ptr2; -- mem->used = 1; -- -- if (mem2->next != MEM_SIZE_ALIGNED) { -- ((struct mem *)&ram[mem2->next])->prev = ptr2; -- } --#if MEM_STATS -- lwip_stats.mem.used += (size + SIZEOF_STRUCT_MEM); -- if (lwip_stats.mem.max < lwip_stats.mem.used) { -- lwip_stats.mem.max = lwip_stats.mem.used; -+ if ((!mem->used) && -+ (mem->next - (ptr + SIZEOF_STRUCT_MEM)) >= size) { -+ /* mem is not used and at least perfect fit is possible: -+ * mem->next - (ptr + SIZEOF_STRUCT_MEM) gives us the 'user data size' of mem */ -+ -+ if (mem->next - (ptr + SIZEOF_STRUCT_MEM) >= (size + SIZEOF_STRUCT_MEM + MIN_SIZE_ALIGNED)) { -+ /* (in addition to the above, we test if another struct mem (SIZEOF_STRUCT_MEM) containing -+ * at least MIN_SIZE_ALIGNED of data also fits in the 'user data space' of 'mem') -+ * -> split large block, create empty remainder, -+ * remainder must be large enough to contain MIN_SIZE_ALIGNED data: if -+ * mem->next - (ptr + (2*SIZEOF_STRUCT_MEM)) == size, -+ * struct mem would fit in but no data between mem2 and mem2->next -+ * @todo we could leave out MIN_SIZE_ALIGNED. We would create an empty -+ * region that couldn't hold data, but when mem->next gets freed, -+ * the 2 regions would be combined, resulting in more free memory -+ */ -+ ptr2 = ptr + SIZEOF_STRUCT_MEM + size; -+ /* create mem2 struct */ -+ mem2 = (struct mem *)&ram[ptr2]; -+ mem2->used = 0; -+ mem2->next = mem->next; -+ mem2->prev = ptr; -+ /* and insert it between mem and mem->next */ -+ mem->next = ptr2; -+ mem->used = 1; -+ -+ if (mem2->next != MEM_SIZE_ALIGNED) { -+ ((struct mem *)&ram[mem2->next])->prev = ptr2; -+ } -+ MEM_STATS_INC_USED(used, (size + SIZEOF_STRUCT_MEM)); -+ } else { -+ /* (a mem2 struct does no fit into the user data space of mem and mem->next will always -+ * be used at this point: if not we have 2 unused structs in a row, plug_holes should have -+ * take care of this). -+ * -> near fit or excact fit: do not split, no mem2 creation -+ * also can't move mem->next directly behind mem, since mem->next -+ * will always be used at this point! -+ */ -+ mem->used = 1; -+ MEM_STATS_INC_USED(used, mem->next - ((u8_t *)mem - ram)); - } --#endif /* MEM_STATS */ -- } else { -- /* (a mem2 struct does no fit into the user data space of mem and mem->next will always -- * be used at this point: if not we have 2 unused structs in a row, plug_holes should have -- * take care of this). -- * -> near fit or excact fit: do not split, no mem2 creation -- * also can't move mem->next directly behind mem, since mem->next -- * will always be used at this point! -- */ -- mem->used = 1; --#if MEM_STATS -- lwip_stats.mem.used += mem->next - ((u8_t *)mem - ram); -- if (lwip_stats.mem.max < lwip_stats.mem.used) { -- lwip_stats.mem.max = lwip_stats.mem.used; -- } --#endif /* MEM_STATS */ -- } - -- if (mem == lfree) { -- /* Find next free block after mem and update lowest free pointer */ -- while (lfree->used && lfree != ram_end) { -- lfree = (struct mem *)&ram[lfree->next]; -+ if (mem == lfree) { -+ /* Find next free block after mem and update lowest free pointer */ -+ while (lfree->used && lfree != ram_end) { -+ LWIP_MEM_ALLOC_UNPROTECT(); -+ /* prevent high interrupt latency... */ -+ LWIP_MEM_ALLOC_PROTECT(); -+ lfree = (struct mem *)&ram[lfree->next]; -+ } -+ LWIP_ASSERT("mem_malloc: !lfree->used", ((lfree == ram_end) || (!lfree->used))); - } -- LWIP_ASSERT("mem_malloc: !lfree->used", ((lfree == ram_end) || (!lfree->used))); -- } -- sys_sem_signal(mem_sem); -- LWIP_ASSERT("mem_malloc: allocated memory not above ram_end.", -- (mem_ptr_t)mem + SIZEOF_STRUCT_MEM + size <= (mem_ptr_t)ram_end); -- LWIP_ASSERT("mem_malloc: allocated memory properly aligned.", -- (unsigned long)((u8_t *)mem + SIZEOF_STRUCT_MEM) % MEM_ALIGNMENT == 0); -- LWIP_ASSERT("mem_malloc: sanity check alignment", -- (((mem_ptr_t)mem) & (MEM_ALIGNMENT-1)) == 0); -+ LWIP_MEM_ALLOC_UNPROTECT(); -+ sys_sem_signal(mem_sem); -+ LWIP_ASSERT("mem_malloc: allocated memory not above ram_end.", -+ (mem_ptr_t)mem + SIZEOF_STRUCT_MEM + size <= (mem_ptr_t)ram_end); -+ LWIP_ASSERT("mem_malloc: allocated memory properly aligned.", -+ (unsigned long)((u8_t *)mem + SIZEOF_STRUCT_MEM) % MEM_ALIGNMENT == 0); -+ LWIP_ASSERT("mem_malloc: sanity check alignment", -+ (((mem_ptr_t)mem) & (MEM_ALIGNMENT-1)) == 0); - -- return (u8_t *)mem + SIZEOF_STRUCT_MEM; -+ return (u8_t *)mem + SIZEOF_STRUCT_MEM; -+ } - } -- } -+#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+ /* if we got interrupted by a mem_free, try again */ -+ } while(local_mem_free_count != 0); -+#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ - LWIP_DEBUGF(MEM_DEBUG | 2, ("mem_malloc: could not allocate %"S16_F" bytes\n", (s16_t)size)); --#if MEM_STATS -- ++lwip_stats.mem.err; --#endif /* MEM_STATS */ -+ MEM_STATS_INC(err); -+ LWIP_MEM_ALLOC_UNPROTECT(); - sys_sem_signal(mem_sem); - return NULL; - } -Index: src/core/memp.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/memp.c,v -retrieving revision 1.55 -retrieving revision 1.56 -diff -u -p -r1.55 -r1.56 ---- a/src/core/memp.c 25 Nov 2007 10:43:28 -0000 1.55 -+++ b/src/core/memp.c 27 Jun 2008 18:37:54 -0000 1.56 -@@ -252,13 +252,12 @@ memp_init(void) - struct memp *memp; - u16_t i, j; - --#if MEMP_STATS - for (i = 0; i < MEMP_MAX; ++i) { -- lwip_stats.memp[i].used = lwip_stats.memp[i].max = -- lwip_stats.memp[i].err = 0; -- lwip_stats.memp[i].avail = memp_num[i]; -+ MEMP_STATS_AVAIL(used, i, 0); -+ MEMP_STATS_AVAIL(max, i, 0); -+ MEMP_STATS_AVAIL(err, i, 0); -+ MEMP_STATS_AVAIL(avail, i, memp_num[i]); - } --#endif /* MEMP_STATS */ - - memp = LWIP_MEM_ALIGN(memp_memory); - /* for every pool: */ -@@ -315,20 +314,13 @@ memp_malloc_fn(memp_t type, const char* - memp->file = file; - memp->line = line; - #endif /* MEMP_OVERFLOW_CHECK */ --#if MEMP_STATS -- ++lwip_stats.memp[type].used; -- if (lwip_stats.memp[type].used > lwip_stats.memp[type].max) { -- lwip_stats.memp[type].max = lwip_stats.memp[type].used; -- } --#endif /* MEMP_STATS */ -+ MEMP_STATS_INC_USED(used, type); - LWIP_ASSERT("memp_malloc: memp properly aligned", - ((mem_ptr_t)memp % MEM_ALIGNMENT) == 0); - memp = (struct memp*)((u8_t*)memp + MEMP_SIZE); - } else { - LWIP_DEBUGF(MEMP_DEBUG | 2, ("memp_malloc: out of memory in pool %s\n", memp_desc[type])); --#if MEMP_STATS -- ++lwip_stats.memp[type].err; --#endif /* MEMP_STATS */ -+ MEMP_STATS_INC(err, type); - } - - SYS_ARCH_UNPROTECT(old_level); -@@ -365,9 +357,7 @@ memp_free(memp_t type, void *mem) - #endif /* MEMP_OVERFLOW_CHECK >= 2 */ - #endif /* MEMP_OVERFLOW_CHECK */ - --#if MEMP_STATS -- lwip_stats.memp[type].used--; --#endif /* MEMP_STATS */ -+ MEMP_STATS_DEC(used, type); - - memp->next = memp_tab[type]; - memp_tab[type] = memp; -Index: src/core/netif.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/netif.c,v -retrieving revision 1.65 -retrieving revision 1.68 -diff -u -p -r1.65 -r1.68 ---- a/src/core/netif.c 9 Oct 2007 20:00:55 -0000 1.65 -+++ b/src/core/netif.c 19 Jun 2008 16:27:18 -0000 1.68 -@@ -45,6 +45,12 @@ - #include "lwip/snmp.h" - #include "lwip/igmp.h" - #include "netif/etharp.h" -+#if ENABLE_LOOPBACK -+#include "lwip/sys.h" -+#if LWIP_NETIF_LOOPBACK_MULTITHREADING -+#include "lwip/tcpip.h" -+#endif /* LWIP_NETIF_LOOPBACK_MULTITHREADING */ -+#endif /* ENABLE_LOOPBACK */ - - #if LWIP_NETIF_STATUS_CALLBACK - #define NETIF_STATUS_CALLBACK(n) { if (n->status_callback) (n->status_callback)(n); } -@@ -106,6 +112,10 @@ netif_add(struct netif *netif, struct ip - #if LWIP_IGMP - netif->igmp_mac_filter = NULL; - #endif /* LWIP_IGMP */ -+#if ENABLE_LOOPBACK -+ netif->loop_first = NULL; -+ netif->loop_last = NULL; -+#endif /* ENABLE_LOOPBACK */ - - /* remember netif specific state information data */ - netif->state = state; -@@ -114,6 +124,9 @@ netif_add(struct netif *netif, struct ip - #if LWIP_NETIF_HWADDRHINT - netif->addr_hint = NULL; - #endif /* LWIP_NETIF_HWADDRHINT*/ -+#if ENABLE_LOOPBACK && LWIP_LOOPBACK_MAX_PBUFS -+ netif->loop_cnt_current = 0; -+#endif /* ENABLE_LOOPBACK && LWIP_LOOPBACK_MAX_PBUFS */ - - netif_set_addr(netif, ipaddr, netmask, gw); - -@@ -493,7 +506,158 @@ u8_t netif_is_link_up(struct netif *neti - */ - void netif_set_link_callback(struct netif *netif, void (* link_callback)(struct netif *netif )) - { -- if ( netif ) -- netif->link_callback = link_callback; -+ if (netif) { -+ netif->link_callback = link_callback; -+ } - } - #endif /* LWIP_NETIF_LINK_CALLBACK */ -+ -+#if ENABLE_LOOPBACK -+/** -+ * Send an IP packet to be received on the same netif (loopif-like). -+ * The pbuf is simply copied and handed back to netif->input. -+ * In multithreaded mode, this is done directly since netif->input must put -+ * the packet on a queue. -+ * In callback mode, the packet is put on an internal queue and is fed to -+ * netif->input by netif_poll(). -+ * -+ * @param netif the lwip network interface structure -+ * @param p the (IP) packet to 'send' -+ * @param ipaddr the ip address to send the packet to (not used) -+ * @return ERR_OK if the packet has been sent -+ * ERR_MEM if the pbuf used to copy the packet couldn't be allocated -+ */ -+err_t -+netif_loop_output(struct netif *netif, struct pbuf *p, -+ struct ip_addr *ipaddr) -+{ -+ struct pbuf *r; -+ err_t err; -+ struct pbuf *last; -+#if LWIP_LOOPBACK_MAX_PBUFS -+ u8_t clen = 0; -+#endif /* LWIP_LOOPBACK_MAX_PBUFS */ -+ SYS_ARCH_DECL_PROTECT(lev); -+ LWIP_UNUSED_ARG(ipaddr); -+ -+ /* Allocate a new pbuf */ -+ r = pbuf_alloc(PBUF_LINK, p->tot_len, PBUF_RAM); -+ if (r == NULL) { -+ return ERR_MEM; -+ } -+#if LWIP_LOOPBACK_MAX_PBUFS -+ clen = pbuf_clen(r); -+ /* check for overflow or too many pbuf on queue */ -+ if(((netif->loop_cnt_current + clen) < netif->loop_cnt_current) || -+ ((netif->loop_cnt_current + clen) > LWIP_LOOPBACK_MAX_PBUFS)) { -+ pbuf_free(r); -+ r = NULL; -+ return ERR_MEM; -+ } -+ netif->loop_cnt_current += clen; -+#endif /* LWIP_LOOPBACK_MAX_PBUFS */ -+ -+ /* Copy the whole pbuf queue p into the single pbuf r */ -+ if ((err = pbuf_copy(r, p)) != ERR_OK) { -+ pbuf_free(r); -+ r = NULL; -+ return err; -+ } -+ -+ /* Put the packet on a linked list which gets emptied through calling -+ netif_poll(). */ -+ -+ /* let last point to the last pbuf in chain r */ -+ for (last = r; last->next != NULL; last = last->next); -+ -+ SYS_ARCH_PROTECT(lev); -+ if(netif->loop_first != NULL) { -+ LWIP_ASSERT("if first != NULL, last must also be != NULL", netif->loop_last != NULL); -+ netif->loop_last->next = r; -+ netif->loop_last = last; -+ } else { -+ netif->loop_first = r; -+ netif->loop_last = last; -+ } -+ SYS_ARCH_UNPROTECT(lev); -+ -+#if LWIP_NETIF_LOOPBACK_MULTITHREADING -+ /* For multithreading environment, schedule a call to netif_poll */ -+ tcpip_callback(netif_poll, netif); -+#endif /* LWIP_NETIF_LOOPBACK_MULTITHREADING */ -+ -+ return ERR_OK; -+} -+ -+/** -+ * Call netif_poll() in the main loop of your application. This is to prevent -+ * reentering non-reentrant functions like tcp_input(). Packets passed to -+ * netif_loop_output() are put on a list that is passed to netif->input() by -+ * netif_poll(). -+ */ -+void -+netif_poll(struct netif *netif) -+{ -+ struct pbuf *in; -+ SYS_ARCH_DECL_PROTECT(lev); -+ -+ do { -+ /* Get a packet from the list. With SYS_LIGHTWEIGHT_PROT=1, this is protected */ -+ SYS_ARCH_PROTECT(lev); -+ in = netif->loop_first; -+ if(in != NULL) { -+ struct pbuf *in_end = in; -+#if LWIP_LOOPBACK_MAX_PBUFS -+ u8_t clen = pbuf_clen(in); -+ /* adjust the number of pbufs on queue */ -+ LWIP_ASSERT("netif->loop_cnt_current underflow", -+ ((netif->loop_cnt_current - clen) < netif->loop_cnt_current)); -+ netif->loop_cnt_current -= clen; -+#endif /* LWIP_LOOPBACK_MAX_PBUFS */ -+ while(in_end->len != in_end->tot_len) { -+ LWIP_ASSERT("bogus pbuf: len != tot_len but next == NULL!", in_end->next != NULL); -+ in_end = in_end->next; -+ } -+ /* 'in_end' now points to the last pbuf from 'in' */ -+ if(in_end == netif->loop_last) { -+ /* this was the last pbuf in the list */ -+ netif->loop_first = netif->loop_last = NULL; -+ } else { -+ /* pop the pbuf off the list */ -+ netif->loop_first = in_end->next; -+ LWIP_ASSERT("should not be null since first != last!", netif->loop_first != NULL); -+ } -+ /* De-queue the pbuf from its successors on the 'loop_' list. */ -+ in_end->next = NULL; -+ } -+ SYS_ARCH_UNPROTECT(lev); -+ -+ if(in != NULL) { -+ /* loopback packets are always IP packets! */ -+ if(ip_input(in, netif) != ERR_OK) { -+ pbuf_free(in); -+ } -+ /* Don't reference the packet any more! */ -+ in = NULL; -+ } -+ /* go on while there is a packet on the list */ -+ } while(netif->loop_first != NULL); -+} -+ -+#if !LWIP_NETIF_LOOPBACK_MULTITHREADING -+/** -+ * Calls netif_poll() for every netif on the netif_list. -+ */ -+void -+netif_poll_all(void) -+{ -+ struct netif *netif = netif_list; -+ /* loop through netifs */ -+ while (netif != NULL) { -+ netif_poll(netif); -+ /* proceed to next network interface */ -+ netif = netif->next; -+ } -+} -+#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */ -+#endif /* ENABLE_LOOPBACK */ -Index: src/core/pbuf.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/pbuf.c,v -retrieving revision 1.127 -retrieving revision 1.128 -diff -u -p -r1.127 -r1.128 ---- a/src/core/pbuf.c 4 Mar 2008 16:37:46 -0000 1.127 -+++ b/src/core/pbuf.c 1 Apr 2008 19:05:40 -0000 1.128 -@@ -667,8 +667,8 @@ pbuf_dechain(struct pbuf *p) - * - * @note Only one packet is copied, no packet queue! - * -- * @param p_to pbuf source of the copy -- * @param p_from pbuf destination of the copy -+ * @param p_to pbuf destination of the copy -+ * @param p_from pbuf source of the copy - * - * @return ERR_OK if pbuf was copied - * ERR_ARG if one of the pbufs is NULL or p_to is not big -Index: src/core/stats.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/stats.c,v -retrieving revision 1.27 -retrieving revision 1.28 -diff -u -p -r1.27 -r1.28 ---- a/src/core/stats.c 4 Mar 2008 16:31:32 -0000 1.27 -+++ b/src/core/stats.c 27 Jun 2008 18:37:54 -0000 1.28 -@@ -54,7 +54,6 @@ stats_display_proto(struct stats_proto * - { - LWIP_PLATFORM_DIAG(("\n%s\n\t", name)); - LWIP_PLATFORM_DIAG(("xmit: %"STAT_COUNTER_F"\n\t", proto->xmit)); -- LWIP_PLATFORM_DIAG(("rexmit: %"STAT_COUNTER_F"\n\t", proto->rexmit)); - LWIP_PLATFORM_DIAG(("recv: %"STAT_COUNTER_F"\n\t", proto->recv)); - LWIP_PLATFORM_DIAG(("fw: %"STAT_COUNTER_F"\n\t", proto->fw)); - LWIP_PLATFORM_DIAG(("drop: %"STAT_COUNTER_F"\n\t", proto->drop)); -@@ -68,6 +67,7 @@ stats_display_proto(struct stats_proto * - LWIP_PLATFORM_DIAG(("cachehit: %"STAT_COUNTER_F"\n", proto->cachehit)); - } - -+#if IGMP_STATS - void - stats_display_igmp(struct stats_igmp *igmp) - { -@@ -82,7 +82,9 @@ stats_display_igmp(struct stats_igmp *ig - LWIP_PLATFORM_DIAG(("report_rxed: %"STAT_COUNTER_F"\n\t", igmp->report_rxed)); - LWIP_PLATFORM_DIAG(("group_query_rxed: %"STAT_COUNTER_F"\n", igmp->group_query_rxed)); - } -+#endif /* IGMP_STATS */ - -+#if MEM_STATS || MEMP_STATS - void - stats_display_mem(struct stats_mem *mem, char *name) - { -@@ -93,48 +95,53 @@ stats_display_mem(struct stats_mem *mem, - LWIP_PLATFORM_DIAG(("err: %"U32_F"\n", (u32_t)mem->err)); - } - -+#if MEMP_STATS - void --stats_display(void) -+stats_display_memp(struct stats_mem *mem, int index) - { --#if MEMP_STATS -- s16_t i; - char * memp_names[] = { - #define LWIP_MEMPOOL(name,num,size,desc) desc, - #include "lwip/memp_std.h" - }; --#endif --#if LINK_STATS -- stats_display_proto(&lwip_stats.link, "LINK"); --#endif --#if ETHARP_STATS -- stats_display_proto(&lwip_stats.etharp, "ETHARP"); --#endif --#if IPFRAG_STATS -- stats_display_proto(&lwip_stats.ip_frag, "IP_FRAG"); --#endif --#if IP_STATS -- stats_display_proto(&lwip_stats.ip, "IP"); --#endif --#if ICMP_STATS -- stats_display_proto(&lwip_stats.icmp, "ICMP"); --#endif --#if IGMP_STATS -- stats_display_igmp(&lwip_stats.igmp); --#endif --#if UDP_STATS -- stats_display_proto(&lwip_stats.udp, "UDP"); --#endif --#if TCP_STATS -- stats_display_proto(&lwip_stats.tcp, "TCP"); --#endif --#if MEM_STATS -- stats_display_mem(&lwip_stats.mem, "HEAP"); --#endif --#if MEMP_STATS -+ if(index < MEMP_MAX) { -+ stats_display_mem(mem, memp_names[index]); -+ } -+} -+#endif /* MEMP_STATS */ -+#endif /* MEM_STATS || MEMP_STATS */ -+ -+#if SYS_STATS -+void -+stats_display_sys(struct stats_sys *sys) -+{ -+ LWIP_PLATFORM_DIAG(("\nSYS\n\t")); -+ LWIP_PLATFORM_DIAG(("sem.used: %"U32_F"\n\t", (u32_t)sys->sem.used)); -+ LWIP_PLATFORM_DIAG(("sem.max: %"U32_F"\n\t", (u32_t)sys->sem.max)); -+ LWIP_PLATFORM_DIAG(("sem.err: %"U32_F"\n\t", (u32_t)sys->sem.err)); -+ LWIP_PLATFORM_DIAG(("mbox.used: %"U32_F"\n\t", (u32_t)sys->mbox.used)); -+ LWIP_PLATFORM_DIAG(("mbox.max: %"U32_F"\n\t", (u32_t)sys->mbox.max)); -+ LWIP_PLATFORM_DIAG(("mbox.err: %"U32_F"\n\t", (u32_t)sys->mbox.err)); -+} -+#endif /* SYS_STATS */ -+ -+void -+stats_display(void) -+{ -+ s16_t i; -+ -+ LINK_STATS_DISPLAY(); -+ ETHARP_STATS_DISPLAY(); -+ IPFRAG_STATS_DISPLAY(); -+ IP_STATS_DISPLAY(); -+ IGMP_STATS_DISPLAY(); -+ ICMP_STATS_DISPLAY(); -+ UDP_STATS_DISPLAY(); -+ TCP_STATS_DISPLAY(); -+ MEM_STATS_DISPLAY(); - for (i = 0; i < MEMP_MAX; i++) { -- stats_display_mem(&lwip_stats.memp[i], memp_names[i]); -+ MEMP_STATS_DISPLAY(i); - } --#endif -+ SYS_STATS_DISPLAY(); - } - #endif /* LWIP_STATS_DISPLAY */ - -Index: src/core/sys.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/sys.c,v -retrieving revision 1.32 -retrieving revision 1.33 -diff -u -p -r1.32 -r1.33 ---- a/src/core/sys.c 25 Nov 2007 13:57:05 -0000 1.32 -+++ b/src/core/sys.c 16 Jul 2008 20:36:12 -0000 1.33 -@@ -65,7 +65,7 @@ struct sswt_cb - void - sys_mbox_fetch(sys_mbox_t mbox, void **msg) - { -- u32_t time; -+ u32_t time_needed; - struct sys_timeouts *timeouts; - struct sys_timeo *tmptimeout; - sys_timeout_handler h; -@@ -76,18 +76,18 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m - - if (!timeouts || !timeouts->next) { - UNLOCK_TCPIP_CORE(); -- time = sys_arch_mbox_fetch(mbox, msg, 0); -+ time_needed = sys_arch_mbox_fetch(mbox, msg, 0); - LOCK_TCPIP_CORE(); - } else { - if (timeouts->next->time > 0) { - UNLOCK_TCPIP_CORE(); -- time = sys_arch_mbox_fetch(mbox, msg, timeouts->next->time); -+ time_needed = sys_arch_mbox_fetch(mbox, msg, timeouts->next->time); - LOCK_TCPIP_CORE(); - } else { -- time = SYS_ARCH_TIMEOUT; -+ time_needed = SYS_ARCH_TIMEOUT; - } - -- if (time == SYS_ARCH_TIMEOUT) { -+ if (time_needed == SYS_ARCH_TIMEOUT) { - /* If time == SYS_ARCH_TIMEOUT, a timeout occured before a message - could be fetched. We should now call the timeout handler and - deallocate the memory allocated for the timeout. */ -@@ -107,8 +107,8 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m - /* If time != SYS_ARCH_TIMEOUT, a message was received before the timeout - occured. The time variable is set to the number of - milliseconds we waited for the message. */ -- if (time < timeouts->next->time) { -- timeouts->next->time -= time; -+ if (time_needed < timeouts->next->time) { -+ timeouts->next->time -= time_needed; - } else { - timeouts->next->time = 0; - } -@@ -125,7 +125,7 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m - void - sys_sem_wait(sys_sem_t sem) - { -- u32_t time; -+ u32_t time_needed; - struct sys_timeouts *timeouts; - struct sys_timeo *tmptimeout; - sys_timeout_handler h; -@@ -139,12 +139,12 @@ sys_sem_wait(sys_sem_t sem) - sys_arch_sem_wait(sem, 0); - } else { - if (timeouts->next->time > 0) { -- time = sys_arch_sem_wait(sem, timeouts->next->time); -+ time_needed = sys_arch_sem_wait(sem, timeouts->next->time); - } else { -- time = SYS_ARCH_TIMEOUT; -+ time_needed = SYS_ARCH_TIMEOUT; - } - -- if (time == SYS_ARCH_TIMEOUT) { -+ if (time_needed == SYS_ARCH_TIMEOUT) { - /* If time == SYS_ARCH_TIMEOUT, a timeout occured before a message - could be fetched. We should now call the timeout handler and - deallocate the memory allocated for the timeout. */ -@@ -164,8 +164,8 @@ sys_sem_wait(sys_sem_t sem) - /* If time != SYS_ARCH_TIMEOUT, a message was received before the timeout - occured. The time variable is set to the number of - milliseconds we waited for the message. */ -- if (time < timeouts->next->time) { -- timeouts->next->time -= time; -+ if (time_needed < timeouts->next->time) { -+ timeouts->next->time -= time_needed; - } else { - timeouts->next->time = 0; - } -Index: src/core/tcp.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/tcp.c,v -retrieving revision 1.85 -retrieving revision 1.86 -diff -u -p -r1.85 -r1.86 ---- a/src/core/tcp.c 22 Jan 2008 21:15:15 -0000 1.85 -+++ b/src/core/tcp.c 26 Mar 2008 11:57:13 -0000 1.86 -@@ -509,7 +509,8 @@ tcp_connect(struct tcp_pcb *pcb, struct - pcb->rcv_wnd = TCP_WND; - pcb->rcv_ann_wnd = TCP_WND; - pcb->snd_wnd = TCP_WND; -- /* The send MSS is updated when an MSS option is received. */ -+ /* As initial send MSS, we use TCP_MSS but limit it to 536. -+ The send MSS is updated when an MSS option is received. */ - pcb->mss = (TCP_MSS > 536) ? 536 : TCP_MSS; - #if TCP_CALCULATE_EFF_SEND_MSS - pcb->mss = tcp_eff_send_mss(pcb->mss, ipaddr); -@@ -991,7 +992,8 @@ tcp_alloc(u8_t prio) - pcb->rcv_ann_wnd = TCP_WND; - pcb->tos = 0; - pcb->ttl = TCP_TTL; -- /* The send MSS is updated when an MSS option is received. */ -+ /* As initial send MSS, we use TCP_MSS but limit it to 536. -+ The send MSS is updated when an MSS option is received. */ - pcb->mss = (TCP_MSS > 536) ? 536 : TCP_MSS; - pcb->rto = 3000 / TCP_SLOW_INTERVAL; - pcb->sa = 0; -Index: src/core/tcp_in.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/tcp_in.c,v -retrieving revision 1.97 -retrieving revision 1.100 -diff -u -p -r1.97 -r1.100 ---- a/src/core/tcp_in.c 22 Jan 2008 21:15:15 -0000 1.97 -+++ b/src/core/tcp_in.c 24 Jun 2008 15:46:39 -0000 1.100 -@@ -511,7 +511,7 @@ tcp_process(struct tcp_pcb *pcb) - } - } else { - if (TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt, -- pcb->rcv_nxt+pcb->rcv_ann_wnd)) { -+ pcb->rcv_nxt+pcb->rcv_wnd)) { - acceptable = 1; - } - } -@@ -1038,7 +1038,7 @@ tcp_receive(struct tcp_pcb *pcb) - and below rcv_nxt + rcv_wnd) in order to be further - processed. */ - if (TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt, -- pcb->rcv_nxt + pcb->rcv_ann_wnd - 1)){ -+ pcb->rcv_nxt + pcb->rcv_wnd - 1)){ - if (pcb->rcv_nxt == seqno) { - accepted_inseq = 1; - /* The incoming segment is the next in sequence. We check if -@@ -1195,14 +1195,14 @@ tcp_receive(struct tcp_pcb *pcb) - } else { - pcb->ooseq = cseg; - } -- } -- tcp_seg_free(next); -- if (cseg->next != NULL) { -- next = cseg->next; -- if (TCP_SEQ_GT(seqno + cseg->len, next->tcphdr->seqno)) { -- /* We need to trim the incoming segment. */ -- cseg->len = (u16_t)(next->tcphdr->seqno - seqno); -- pbuf_realloc(cseg->p, cseg->len); -+ tcp_seg_free(next); -+ if (cseg->next != NULL) { -+ next = cseg->next; -+ if (TCP_SEQ_GT(seqno + cseg->len, next->tcphdr->seqno)) { -+ /* We need to trim the incoming segment. */ -+ cseg->len = (u16_t)(next->tcphdr->seqno - seqno); -+ pbuf_realloc(cseg->p, cseg->len); -+ } - } - } - break; -@@ -1282,10 +1282,7 @@ tcp_receive(struct tcp_pcb *pcb) - - } - } else { -- if(!TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt, -- pcb->rcv_nxt + pcb->rcv_ann_wnd-1)){ -- tcp_ack_now(pcb); -- } -+ tcp_ack_now(pcb); - } - } else { - /* Segments with length 0 is taken care of here. Segments that -@@ -1331,7 +1328,8 @@ tcp_parseopt(struct tcp_pcb *pcb) - opts[c + 1] == 0x04) { - /* An MSS option with the right option length. */ - mss = (opts[c + 2] << 8) | opts[c + 3]; -- pcb->mss = mss > TCP_MSS? TCP_MSS: mss; -+ /* Limit the mss to the configured TCP_MSS and prevent division by zero */ -+ pcb->mss = ((mss > TCP_MSS) || (mss == 0)) ? TCP_MSS : mss; - - /* And we are done processing options. */ - break; -Index: src/core/ipv4/autoip.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/ipv4/autoip.c,v -retrieving revision 1.16 -retrieving revision 1.17 -diff -u -p -r1.16 -r1.17 ---- a/src/core/ipv4/autoip.c 26 Jan 2008 16:11:40 -0000 1.16 -+++ b/src/core/ipv4/autoip.c 17 Jun 2008 20:16:23 -0000 1.17 -@@ -395,8 +395,8 @@ autoip_arp_reply(struct netif *netif, st - /* Copy struct ip_addr2 to aligned ip_addr, to support compilers without - * structure packing (not using structure copy which breaks strict-aliasing rules). - */ -- MEMCPY(&sipaddr, &hdr->sipaddr, sizeof(sipaddr)); -- MEMCPY(&dipaddr, &hdr->dipaddr, sizeof(dipaddr)); -+ SMEMCPY(&sipaddr, &hdr->sipaddr, sizeof(sipaddr)); -+ SMEMCPY(&dipaddr, &hdr->dipaddr, sizeof(dipaddr)); - - if ((netif->autoip->state == AUTOIP_STATE_PROBING) || - ((netif->autoip->state == AUTOIP_STATE_ANNOUNCING) && -Index: src/core/ipv4/inet_chksum.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/ipv4/inet_chksum.c,v -retrieving revision 1.4 -retrieving revision 1.5 -diff -u -p -r1.4 -r1.5 ---- a/src/core/ipv4/inet_chksum.c 10 Mar 2008 16:12:31 -0000 1.4 -+++ b/src/core/ipv4/inet_chksum.c 17 Jun 2008 20:06:25 -0000 1.5 -@@ -41,8 +41,6 @@ - #include "lwip/inet_chksum.h" - #include "lwip/inet.h" - --#include <string.h> -- - /* These are some reference implementations of the checksum algorithm, with the - * aim of being simple, correct and fully portable. Checksumming is the - * first thing you would want to optimize for your platform. If you create -@@ -65,6 +63,11 @@ - # define LWIP_CHKSUM_ALGORITHM 0 - #endif - -+/** Like the name says... */ -+#define SWAP_BYTES_IN_WORD(w) ((w & 0xff) << 8) | ((w & 0xff00) >> 8) -+/** Split an u32_t in two u16_ts and add them up */ -+#define FOLD_U32T(u) ((u >> 16) + (u & 0x0000ffffUL)) -+ - #if (LWIP_CHKSUM_ALGORITHM == 1) /* Version #1 */ - /** - * lwip checksum -@@ -86,8 +89,7 @@ lwip_standard_chksum(void *dataptr, u16_ - acc = 0; - /* dataptr may be at odd or even addresses */ - octetptr = (u8_t*)dataptr; -- while (len > 1) -- { -+ while (len > 1) { - /* declare first octet as most significant - thus assume network order, ignoring host order */ - src = (*octetptr) << 8; -@@ -98,8 +100,7 @@ lwip_standard_chksum(void *dataptr, u16_ - acc += src; - len -= 2; - } -- if (len > 0) -- { -+ if (len > 0) { - /* accumulate remaining octet */ - src = (*octetptr) << 8; - acc += src; -@@ -154,19 +155,22 @@ lwip_standard_chksum(void *dataptr, int - } - - /* Consume left-over byte, if any */ -- if (len > 0) -+ if (len > 0) { - ((u8_t *)&t)[0] = *(u8_t *)ps;; -+ } - - /* Add end bytes */ - sum += t; - -- /* Fold 32-bit sum to 16 bits */ -- while ((sum >> 16) != 0) -- sum = (sum & 0xffff) + (sum >> 16); -+ /* Fold 32-bit sum to 16 bits -+ calling this twice is propably faster than if statements... */ -+ sum = FOLD_U32T(sum); -+ sum = FOLD_U32T(sum); - - /* Swap if alignment was odd */ -- if (odd) -- sum = ((sum & 0xff) << 8) | ((sum & 0xff00) >> 8); -+ if (odd) { -+ sum = SWAP_BYTES_IN_WORD(sum); -+ } - - return sum; - } -@@ -211,18 +215,20 @@ lwip_standard_chksum(void *dataptr, int - - while (len > 7) { - tmp = sum + *pl++; /* ping */ -- if (tmp < sum) -+ if (tmp < sum) { - tmp++; /* add back carry */ -+ } - - sum = tmp + *pl++; /* pong */ -- if (sum < tmp) -+ if (sum < tmp) { - sum++; /* add back carry */ -+ } - - len -= 8; - } - - /* make room in upper bits */ -- sum = (sum >> 16) + (sum & 0xffff); -+ sum = FOLD_U32T(sum); - - ps = (u16_t *)pl; - -@@ -233,16 +239,20 @@ lwip_standard_chksum(void *dataptr, int - } - - /* dangling tail byte remaining? */ -- if (len > 0) /* include odd byte */ -+ if (len > 0) { /* include odd byte */ - ((u8_t *)&t)[0] = *(u8_t *)ps; -+ } - - sum += t; /* add end bytes */ - -- while ((sum >> 16) != 0) /* combine halves */ -- sum = (sum >> 16) + (sum & 0xffff); -+ /* Fold 32-bit sum to 16 bits -+ calling this twice is propably faster than if statements... */ -+ sum = FOLD_U32T(sum); -+ sum = FOLD_U32T(sum); - -- if (odd) -- sum = ((sum & 0xff) << 8) | ((sum & 0xff00) >> 8); -+ if (odd) { -+ sum = SWAP_BYTES_IN_WORD(sum); -+ } - - return sum; - } -@@ -277,18 +287,18 @@ inet_chksum_pseudo(struct pbuf *p, - (void *)q, (void *)q->next)); - acc += LWIP_CHKSUM(q->payload, q->len); - /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): unwrapped lwip_chksum()=%"X32_F" \n", acc));*/ -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffffUL) + (acc >> 16); -- } -+ /* just executing this next line is probably faster that the if statement needed -+ to check whether we really need to execute it, and does no harm */ -+ acc = FOLD_U32T(acc); - if (q->len % 2 != 0) { - swapped = 1 - swapped; -- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): wrapped lwip_chksum()=%"X32_F" \n", acc));*/ - } - - if (swapped) { -- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - acc += (src->addr & 0xffffUL); - acc += ((src->addr >> 16) & 0xffffUL); -@@ -297,9 +307,10 @@ inet_chksum_pseudo(struct pbuf *p, - acc += (u32_t)htons((u16_t)proto); - acc += (u32_t)htons(proto_len); - -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffffUL) + (acc >> 16); -- } -+ /* Fold 32-bit sum to 16 bits -+ calling this twice is propably faster than if statements... */ -+ acc = FOLD_U32T(acc); -+ acc = FOLD_U32T(acc); - LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): pbuf chain lwip_chksum()=%"X32_F"\n", acc)); - return (u16_t)~(acc & 0xffffUL); - } -@@ -340,18 +351,17 @@ inet_chksum_pseudo_partial(struct pbuf * - chksum_len -= chklen; - LWIP_ASSERT("delete me", chksum_len < 0x7fff); - /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): unwrapped lwip_chksum()=%"X32_F" \n", acc));*/ -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffffUL) + (acc >> 16); -- } -+ /* fold the upper bit down */ -+ acc = FOLD_U32T(acc); - if (q->len % 2 != 0) { - swapped = 1 - swapped; -- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): wrapped lwip_chksum()=%"X32_F" \n", acc));*/ - } - - if (swapped) { -- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - acc += (src->addr & 0xffffUL); - acc += ((src->addr >> 16) & 0xffffUL); -@@ -360,9 +370,10 @@ inet_chksum_pseudo_partial(struct pbuf * - acc += (u32_t)htons((u16_t)proto); - acc += (u32_t)htons(proto_len); - -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffffUL) + (acc >> 16); -- } -+ /* Fold 32-bit sum to 16 bits -+ calling this twice is propably faster than if statements... */ -+ acc = FOLD_U32T(acc); -+ acc = FOLD_U32T(acc); - LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): pbuf chain lwip_chksum()=%"X32_F"\n", acc)); - return (u16_t)~(acc & 0xffffUL); - } -@@ -380,13 +391,7 @@ inet_chksum_pseudo_partial(struct pbuf * - u16_t - inet_chksum(void *dataptr, u16_t len) - { -- u32_t acc; -- -- acc = LWIP_CHKSUM(dataptr, len); -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffff) + (acc >> 16); -- } -- return (u16_t)~(acc & 0xffff); -+ return ~LWIP_CHKSUM(dataptr, len); - } - - /** -@@ -407,17 +412,15 @@ inet_chksum_pbuf(struct pbuf *p) - swapped = 0; - for(q = p; q != NULL; q = q->next) { - acc += LWIP_CHKSUM(q->payload, q->len); -- while ((acc >> 16) != 0) { -- acc = (acc & 0xffffUL) + (acc >> 16); -- } -+ acc = FOLD_U32T(acc); - if (q->len % 2 != 0) { - swapped = 1 - swapped; -- acc = (acc & 0x00ffUL << 8) | (acc & 0xff00UL >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - } - - if (swapped) { -- acc = ((acc & 0x00ffUL) << 8) | ((acc & 0xff00UL) >> 8); -+ acc = SWAP_BYTES_IN_WORD(acc); - } - return (u16_t)~(acc & 0xffffUL); - } -Index: src/core/ipv4/ip.c -=================================================================== -RCS file: /sources/lwip/lwip/src/core/ipv4/ip.c,v -retrieving revision 1.66 -retrieving revision 1.68 -diff -u -p -r1.66 -r1.68 ---- a/src/core/ipv4/ip.c 14 Jan 2008 20:53:23 -0000 1.66 -+++ b/src/core/ipv4/ip.c 17 Jun 2008 19:39:22 -0000 1.68 -@@ -531,9 +531,19 @@ ip_output_if(struct pbuf *p, struct ip_a - LWIP_DEBUGF(IP_DEBUG, ("ip_output_if: %c%c%"U16_F"\n", netif->name[0], netif->name[1], netif->num)); - ip_debug_print(p); - -- LWIP_DEBUGF(IP_DEBUG, ("netif->output()")); -+#if (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF) -+ if (ip_addr_cmp(dest, &netif->ip_addr)) { -+ /* Packet to self, enqueue it for loopback */ -+ LWIP_DEBUGF(IP_DEBUG, ("netif_loop_output()")); -+ -+ return netif_loop_output(netif, p, dest); -+ } else -+#endif /* (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF) */ -+ { -+ LWIP_DEBUGF(IP_DEBUG, ("netif->output()")); - -- return netif->output(netif, p, dest); -+ return netif->output(netif, p, dest); -+ } - } - - /** -Index: src/include/lwip/debug.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/debug.h,v -retrieving revision 1.37 -retrieving revision 1.39 -diff -u -p -r1.37 -r1.39 ---- a/src/include/lwip/debug.h 22 Sep 2007 11:16:07 -0000 1.37 -+++ b/src/include/lwip/debug.h 16 Jul 2008 20:36:22 -0000 1.39 -@@ -61,26 +61,28 @@ - #define LWIP_DBG_HALT 0x08U - - #ifndef LWIP_NOASSERT --#define LWIP_ASSERT(x,y) do { if(!(y)) LWIP_PLATFORM_ASSERT(x); } while(0) -+#define LWIP_ASSERT(message, assertion) do { if(!(assertion)) \ -+ LWIP_PLATFORM_ASSERT(message); } while(0) - #else /* LWIP_NOASSERT */ --#define LWIP_ASSERT(x,y) -+#define LWIP_ASSERT(message, assertion) - #endif /* LWIP_NOASSERT */ - --/** print "m" message only if "e" is true, and execute "h" expression */ -+/** if "expression" isn't true, then print "message" and execute "handler" expression */ - #ifndef LWIP_ERROR --#define LWIP_ERROR(m,e,h) do { if (!(e)) { LWIP_PLATFORM_ASSERT(m); h;}} while(0) -+#define LWIP_ERROR(message, expression, handler) do { if (!(expression)) { \ -+ LWIP_PLATFORM_ASSERT(message); handler;}} while(0) - #endif /* LWIP_ERROR */ - - #ifdef LWIP_DEBUG - /** print debug message only if debug message type is enabled... - * AND is of correct type AND is at least LWIP_DBG_LEVEL - */ --#define LWIP_DEBUGF(debug,x) do { \ -+#define LWIP_DEBUGF(debug, message) do { \ - if ( \ - ((debug) & LWIP_DBG_ON) && \ - ((debug) & LWIP_DBG_TYPES_ON) && \ - ((s16_t)((debug) & LWIP_DBG_MASK_LEVEL) >= LWIP_DBG_MIN_LEVEL)) { \ -- LWIP_PLATFORM_DIAG(x); \ -+ LWIP_PLATFORM_DIAG(message); \ - if ((debug) & LWIP_DBG_HALT) { \ - while(1); \ - } \ -@@ -88,7 +90,7 @@ - } while(0) - - #else /* LWIP_DEBUG */ --#define LWIP_DEBUGF(debug,x) -+#define LWIP_DEBUGF(debug, message) - #endif /* LWIP_DEBUG */ - - #endif /* __LWIP_DEBUG_H__ */ -Index: src/include/lwip/err.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/err.h,v -retrieving revision 1.13 -retrieving revision 1.15 -diff -u -p -r1.13 -r1.15 ---- a/src/include/lwip/err.h 13 Dec 2007 23:06:50 -0000 1.13 -+++ b/src/include/lwip/err.h 17 Jun 2008 20:27:32 -0000 1.15 -@@ -33,37 +33,43 @@ - #define __LWIP_ERR_H__ - - #include "lwip/opt.h" -+#include "lwip/arch.h" - - #ifdef __cplusplus - extern "C" { - #endif - --typedef s8_t err_t; -+/** Define LWIP_ERR_T in cc.h if you want to use -+ * a different type for your platform (must be signed). */ -+#ifdef LWIP_ERR_T -+typedef LWIP_ERR_T err_t; -+#else /* LWIP_ERR_T */ -+ typedef s8_t err_t; -+#endif /* LWIP_ERR_T*/ - - /* Definitions for error constants. */ - - #define ERR_OK 0 /* No error, everything OK. */ - #define ERR_MEM -1 /* Out of memory error. */ - #define ERR_BUF -2 /* Buffer error. */ --#define ERR_RTE -3 /* Routing problem. */ -+#define ERR_TIMEOUT -3 /* Timeout. */ -+#define ERR_RTE -4 /* Routing problem. */ - - #define ERR_IS_FATAL(e) ((e) < ERR_RTE) - --#define ERR_ABRT -4 /* Connection aborted. */ --#define ERR_RST -5 /* Connection reset. */ --#define ERR_CLSD -6 /* Connection closed. */ --#define ERR_CONN -7 /* Not connected. */ -+#define ERR_ABRT -5 /* Connection aborted. */ -+#define ERR_RST -6 /* Connection reset. */ -+#define ERR_CLSD -7 /* Connection closed. */ -+#define ERR_CONN -8 /* Not connected. */ - --#define ERR_VAL -8 /* Illegal value. */ -+#define ERR_VAL -9 /* Illegal value. */ - --#define ERR_ARG -9 /* Illegal argument. */ -+#define ERR_ARG -10 /* Illegal argument. */ - --#define ERR_USE -10 /* Address in use. */ -+#define ERR_USE -11 /* Address in use. */ - --#define ERR_IF -11 /* Low-level netif error */ --#define ERR_ISCONN -12 /* Already connected. */ -- --#define ERR_TIMEOUT -13 /* Timeout. */ -+#define ERR_IF -12 /* Low-level netif error */ -+#define ERR_ISCONN -13 /* Already connected. */ - - #define ERR_INPROGRESS -14 /* Operation in progress */ - -Index: src/include/lwip/mem.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/mem.h,v -retrieving revision 1.21 -retrieving revision 1.22 -diff -u -p -r1.21 -r1.22 ---- a/src/include/lwip/mem.h 4 Mar 2008 16:31:32 -0000 1.21 -+++ b/src/include/lwip/mem.h 30 May 2008 11:37:15 -0000 1.22 -@@ -50,16 +50,16 @@ typedef size_t mem_size_t; - * allow these defines to be overridden. - */ - #ifndef mem_free --#define mem_free(x) free(x) -+#define mem_free free - #endif - #ifndef mem_malloc --#define mem_malloc(x) malloc(x) -+#define mem_malloc malloc - #endif - #ifndef mem_calloc --#define mem_calloc(x, y) calloc(x, y) -+#define mem_calloc calloc - #endif - #ifndef mem_realloc --#define mem_realloc(x, size) (x) -+#define mem_realloc realloc - #endif - #else /* MEM_LIBC_MALLOC */ - -Index: src/include/lwip/netif.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/netif.h,v -retrieving revision 1.43 -retrieving revision 1.46 -diff -u -p -r1.43 -r1.46 ---- a/src/include/lwip/netif.h 9 Oct 2007 19:59:59 -0000 1.43 -+++ b/src/include/lwip/netif.h 19 Jun 2008 16:27:23 -0000 1.46 -@@ -34,6 +34,8 @@ - - #include "lwip/opt.h" - -+#define ENABLE_LOOPBACK (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF) -+ - #include "lwip/err.h" - - #include "lwip/ip_addr.h" -@@ -165,6 +167,14 @@ struct netif { - #if LWIP_NETIF_HWADDRHINT - u8_t *addr_hint; - #endif /* LWIP_NETIF_HWADDRHINT */ -+#if ENABLE_LOOPBACK -+ /* List of packets to be queued for ourselves. */ -+ struct pbuf *loop_first; -+ struct pbuf *loop_last; -+#if LWIP_LOOPBACK_MAX_PBUFS -+ u16_t loop_cnt_current; -+#endif /* LWIP_LOOPBACK_MAX_PBUFS */ -+#endif /* ENABLE_LOOPBACK */ - }; - - #if LWIP_SNMP -@@ -242,4 +252,12 @@ void netif_set_link_callback(struct neti - } - #endif - -+#if ENABLE_LOOPBACK -+err_t netif_loop_output(struct netif *netif, struct pbuf *p, struct ip_addr *dest_ip); -+void netif_poll(struct netif *netif); -+#if !LWIP_NETIF_LOOPBACK_MULTITHREADING -+void netif_poll_all(void); -+#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */ -+#endif /* ENABLE_LOOPBACK */ -+ - #endif /* __LWIP_NETIF_H__ */ -Index: src/include/lwip/opt.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/opt.h,v -retrieving revision 1.116 -retrieving revision 1.122 -diff -u -p -r1.116 -r1.122 ---- a/src/include/lwip/opt.h 31 Jan 2008 18:19:29 -0000 1.116 -+++ b/src/include/lwip/opt.h 30 Jun 2008 18:16:52 -0000 1.122 -@@ -155,6 +155,27 @@ - #define MEMP_USE_CUSTOM_POOLS 0 - #endif - -+/** -+ * Set this to 1 if you want to free PBUF_RAM pbufs (or call mem_free()) from -+ * interrupt context (or another context that doesn't allow waiting for a -+ * semaphore). -+ * If set to 1, mem_malloc will be protected by a semaphore and SYS_ARCH_PROTECT, -+ * while mem_free will only use SYS_ARCH_PROTECT. mem_malloc SYS_ARCH_UNPROTECTs -+ * with each loop so that mem_free can run. -+ * -+ * ATTENTION: As you can see from the above description, this leads to dis-/ -+ * enabling interrupts often, which can be slow! Also, on low memory, mem_malloc -+ * can need longer. -+ * -+ * If you don't want that, at least for NO_SYS=0, you can still use the following -+ * functions to enqueue a deallocation call which then runs in the tcpip_thread -+ * context: -+ * - pbuf_free_callback(p); -+ * - mem_free_callback(m); -+ */ -+#ifndef LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT -+#define LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT 0 -+#endif - - /* - ------------------------------------------------ -@@ -815,6 +836,39 @@ - #define LWIP_NETIF_HWADDRHINT 0 - #endif - -+/** -+ * LWIP_NETIF_LOOPBACK==1: Support sending packets with a destination IP -+ * address equal to the netif IP address, looping them back up the stack. -+ */ -+#ifndef LWIP_NETIF_LOOPBACK -+#define LWIP_NETIF_LOOPBACK 0 -+#endif -+ -+/** -+ * LWIP_LOOPBACK_MAX_PBUFS: Maximum number of pbufs on queue for loopback -+ * sending for each netif (0 = disabled) -+ */ -+#ifndef LWIP_LOOPBACK_MAX_PBUFS -+#define LWIP_LOOPBACK_MAX_PBUFS 0 -+#endif -+ -+/** -+ * LWIP_NETIF_LOOPBACK_MULTITHREADING: Indicates whether threading is enabled in -+ * the system, as netifs must change how they behave depending on this setting -+ * for the LWIP_NETIF_LOOPBACK option to work. -+ * Setting this is needed to avoid reentering non-reentrant functions like -+ * tcp_input(). -+ * LWIP_NETIF_LOOPBACK_MULTITHREADING==1: Indicates that the user is using a -+ * multithreaded environment like tcpip.c. In this case, netif->input() -+ * is called directly. -+ * LWIP_NETIF_LOOPBACK_MULTITHREADING==0: Indicates a polling (or NO_SYS) setup. -+ * The packets are put on a list and netif_poll() must be called in -+ * the main application loop. -+ */ -+#ifndef LWIP_NETIF_LOOPBACK_MULTITHREADING -+#define LWIP_NETIF_LOOPBACK_MULTITHREADING (!NO_SYS) -+#endif -+ - /* - ------------------------------------ - ---------- LOOPIF options ---------- -@@ -827,20 +881,16 @@ - #define LWIP_HAVE_LOOPIF 0 - #endif - -+/* -+ ------------------------------------ -+ ---------- SLIPIF options ---------- -+ ------------------------------------ -+*/ - /** -- * LWIP_LOOPIF_MULTITHREADING: Indicates whether threading is enabled in -- * the system, as LOOPIF must change how it behaves depending on this setting. -- * Setting this is needed to avoid reentering non-reentrant functions like -- * tcp_input(). -- * LWIP_LOOPIF_MULTITHREADING==1: Indicates that the user is using a -- * multithreaded environment like tcpip.c. In this case, netif->input() -- * is called directly. -- * LWIP_LOOPIF_MULTITHREADING==0: Indicates a polling (or NO_SYS) setup. -- * The packets are put on a list and loopif_poll() must be called in -- * the main application loop. -+ * LWIP_HAVE_SLIPIF==1: Support slip interface and slipif.c - */ --#ifndef LWIP_LOOPIF_MULTITHREADING --#define LWIP_LOOPIF_MULTITHREADING 1 -+#ifndef LWIP_HAVE_SLIPIF -+#define LWIP_HAVE_SLIPIF 0 - #endif - - /* -Index: src/include/lwip/sio.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/sio.h,v -retrieving revision 1.7 -retrieving revision 1.8 -diff -u -p -r1.7 -r1.8 ---- a/src/include/lwip/sio.h 6 Sep 2007 16:43:44 -0000 1.7 -+++ b/src/include/lwip/sio.h 27 Mar 2008 18:06:02 -0000 1.8 -@@ -32,16 +32,24 @@ - * It needs to be implemented by those platforms which need SLIP or PPP - */ - -+#ifndef __SIO_H__ -+#define __SIO_H__ -+ - #include "lwip/arch.h" - - #ifdef __cplusplus - extern "C" { - #endif - -+/* If you want to define sio_fd_t elsewhere or differently, -+ define this in your cc.h file. */ - #ifndef __sio_fd_t_defined - typedef void * sio_fd_t; - #endif - -+/* The following functions can be defined to something else in your cc.h file -+ or be implemented in your custom sio.c file. */ -+ - #ifndef sio_open - sio_fd_t sio_open(u8_t); - #endif -@@ -69,3 +77,5 @@ void sio_read_abort(sio_fd_t); - #ifdef __cplusplus - } - #endif -+ -+#endif /* __SIO_H__ */ -Index: src/include/lwip/sockets.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/sockets.h,v -retrieving revision 1.38 -retrieving revision 1.39 -diff -u -p -r1.38 -r1.39 ---- a/src/include/lwip/sockets.h 2 Dec 2007 15:24:02 -0000 1.38 -+++ b/src/include/lwip/sockets.h 26 Apr 2008 10:46:23 -0000 1.39 -@@ -177,7 +177,22 @@ typedef struct ip_mreq { - } ip_mreq; - #endif /* LWIP_IGMP */ - --/* Unimplemented for now... */ -+/* -+ * The Type of Service provides an indication of the abstract -+ * parameters of the quality of service desired. These parameters are -+ * to be used to guide the selection of the actual service parameters -+ * when transmitting a datagram through a particular network. Several -+ * networks offer service precedence, which somehow treats high -+ * precedence traffic as more important than other traffic (generally -+ * by accepting only traffic above a certain precedence at time of high -+ * load). The major choice is a three way tradeoff between low-delay, -+ * high-reliability, and high-throughput. -+ * The use of the Delay, Throughput, and Reliability indications may -+ * increase the cost (in some sense) of the service. In many networks -+ * better performance for one of these parameters is coupled with worse -+ * performance on another. Except for very unusual cases at most two -+ * of these three indications should be set. -+ */ - #define IPTOS_TOS_MASK 0x1E - #define IPTOS_TOS(tos) ((tos) & IPTOS_TOS_MASK) - #define IPTOS_LOWDELAY 0x10 -@@ -187,7 +202,13 @@ typedef struct ip_mreq { - #define IPTOS_MINCOST IPTOS_LOWCOST - - /* -- * Definitions for IP precedence (also in ip_tos) (Unimplemented) -+ * The Network Control precedence designation is intended to be used -+ * within a network only. The actual use and control of that -+ * designation is up to each network. The Internetwork Control -+ * designation is intended for use by gateway control originators only. -+ * If the actual use of these precedence designations is of concern to -+ * a particular network, it is the responsibility of that network to -+ * control the access to, and use of, those precedence designations. - */ - #define IPTOS_PREC_MASK 0xe0 - #define IPTOS_PREC(tos) ((tos) & IPTOS_PREC_MASK) -Index: src/include/lwip/stats.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/stats.h,v -retrieving revision 1.19 -retrieving revision 1.23 -diff -u -p -r1.19 -r1.23 ---- a/src/include/lwip/stats.h 28 Nov 2007 21:25:07 -0000 1.19 -+++ b/src/include/lwip/stats.h 8 Jul 2008 09:15:57 -0000 1.23 -@@ -57,7 +57,6 @@ extern "C" { - - struct stats_proto { - STAT_COUNTER xmit; /* Transmitted packets. */ -- STAT_COUNTER rexmit; /* Retransmitted packets. */ - STAT_COUNTER recv; /* Received packets. */ - STAT_COUNTER fw; /* Forwarded packets. */ - STAT_COUNTER drop; /* Dropped packets. */ -@@ -87,7 +86,8 @@ struct stats_mem { - mem_size_t avail; - mem_size_t used; - mem_size_t max; -- mem_size_t err; -+ STAT_COUNTER err; -+ STAT_COUNTER illegal; - }; - - struct stats_syselem { -@@ -142,64 +142,138 @@ extern struct stats_ lwip_stats; - #define stats_init() /* Compatibility define, not init needed. */ - - #define STATS_INC(x) ++lwip_stats.x -+#define STATS_DEC(x) --lwip_stats.x - #else - #define stats_init() - #define STATS_INC(x) -+#define STATS_DEC(x) - #endif /* LWIP_STATS */ - - #if TCP_STATS - #define TCP_STATS_INC(x) STATS_INC(x) -+#define TCP_STATS_DISPLAY() stats_display_proto(&lwip_stats.tcp, "TCP") - #else - #define TCP_STATS_INC(x) -+#define TCP_STATS_DISPLAY() - #endif - - #if UDP_STATS - #define UDP_STATS_INC(x) STATS_INC(x) -+#define UDP_STATS_DISPLAY() stats_display_proto(&lwip_stats.udp, "UDP") - #else - #define UDP_STATS_INC(x) -+#define UDP_STATS_DISPLAY() - #endif - - #if ICMP_STATS - #define ICMP_STATS_INC(x) STATS_INC(x) -+#define ICMP_STATS_DISPLAY() stats_display_proto(&lwip_stats.icmp, "ICMP") - #else - #define ICMP_STATS_INC(x) -+#define ICMP_STATS_DISPLAY() - #endif - - #if IGMP_STATS - #define IGMP_STATS_INC(x) STATS_INC(x) -+#define IGMP_STATS_DISPLAY() stats_display_igmp(&lwip_stats.igmp) - #else - #define IGMP_STATS_INC(x) -+#define IGMP_STATS_DISPLAY() - #endif - - #if IP_STATS - #define IP_STATS_INC(x) STATS_INC(x) -+#define IP_STATS_DISPLAY() stats_display_proto(&lwip_stats.ip, "IP") - #else - #define IP_STATS_INC(x) -+#define IP_STATS_DISPLAY() - #endif - - #if IPFRAG_STATS - #define IPFRAG_STATS_INC(x) STATS_INC(x) -+#define IPFRAG_STATS_DISPLAY() stats_display_proto(&lwip_stats.ip_frag, "IP_FRAG") - #else - #define IPFRAG_STATS_INC(x) -+#define IPFRAG_STATS_DISPLAY() - #endif - - #if ETHARP_STATS - #define ETHARP_STATS_INC(x) STATS_INC(x) -+#define ETHARP_STATS_DISPLAY() stats_display_proto(&lwip_stats.etharp, "ETHARP") - #else - #define ETHARP_STATS_INC(x) -+#define ETHARP_STATS_DISPLAY() - #endif - - #if LINK_STATS - #define LINK_STATS_INC(x) STATS_INC(x) -+#define LINK_STATS_DISPLAY() stats_display_proto(&lwip_stats.link, "LINK") - #else - #define LINK_STATS_INC(x) -+#define LINK_STATS_DISPLAY() -+#endif -+ -+#if MEM_STATS -+#define MEM_STATS_AVAIL(x, y) lwip_stats.mem.x = y -+#define MEM_STATS_INC(x) STATS_INC(mem.x) -+#define MEM_STATS_INC_USED(x, y) do { lwip_stats.mem.used += y; \ -+ if (lwip_stats.mem.max < lwip_stats.mem.used) { \ -+ lwip_stats.mem.max = lwip_stats.mem.used; \ -+ } \ -+ } while(0) -+#define MEM_STATS_DEC_USED(x, y) lwip_stats.mem.x -= y -+#define MEM_STATS_DISPLAY() stats_display_mem(&lwip_stats.mem, "HEAP") -+#else -+#define MEM_STATS_AVAIL(x, y) -+#define MEM_STATS_INC(x) -+#define MEM_STATS_INC_USED(x, y) -+#define MEM_STATS_DEC_USED(x, y) -+#define MEM_STATS_DISPLAY() -+#endif -+ -+#if MEMP_STATS -+#define MEMP_STATS_AVAIL(x, i, y) lwip_stats.memp[i].x = y -+#define MEMP_STATS_INC(x, i) STATS_INC(memp[i].x) -+#define MEMP_STATS_DEC(x, i) STATS_DEC(memp[i].x) -+#define MEMP_STATS_INC_USED(x, i) do { ++lwip_stats.memp[i].used; \ -+ if (lwip_stats.memp[i].max < lwip_stats.memp[i].used) { \ -+ lwip_stats.memp[i].max = lwip_stats.memp[i].used; \ -+ } \ -+ } while(0) -+#define MEMP_STATS_DISPLAY(i) stats_display_memp(&lwip_stats.memp[i], i) -+#else -+#define MEMP_STATS_AVAIL(x, i, y) -+#define MEMP_STATS_INC(x, i) -+#define MEMP_STATS_DEC(x, i) -+#define MEMP_STATS_INC_USED(x, i) -+#define MEMP_STATS_DISPLAY(i) -+#endif -+ -+#if SYS_STATS -+#define SYS_STATS_INC(x) STATS_INC(sys.x) -+#define SYS_STATS_DEC(x) STATS_DEC(sys.x) -+#define SYS_STATS_DISPLAY() stats_display_sys(&lwip_stats.sys) -+#else -+#define SYS_STATS_INC(x) -+#define SYS_STATS_DEC(x) -+#define SYS_STATS_DISPLAY() - #endif - - /* Display of statistics */ - #if LWIP_STATS_DISPLAY - void stats_display(void); -+void stats_display_proto(struct stats_proto *proto, char *name); -+void stats_display_igmp(struct stats_igmp *igmp); -+void stats_display_mem(struct stats_mem *mem, char *name); -+void stats_display_memp(struct stats_mem *mem, int index); -+void stats_display_sys(struct stats_sys *sys); - #else - #define stats_display() -+#define stats_display_proto(proto, name) -+#define stats_display_igmp(igmp) -+#define stats_display_mem(mem, name) -+#define stats_display_memp(mem, index) -+#define stats_display_sys(sys) - #endif /* LWIP_STATS_DISPLAY */ - - #ifdef __cplusplus -Index: src/include/lwip/tcpip.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/lwip/tcpip.h,v -retrieving revision 1.24 -retrieving revision 1.27 -diff -u -p -r1.24 -r1.27 ---- a/src/include/lwip/tcpip.h 12 Jan 2008 11:52:22 -0000 1.24 -+++ b/src/include/lwip/tcpip.h 27 Jun 2008 20:34:55 -0000 1.27 -@@ -83,7 +83,11 @@ err_t tcpip_netifapi_lock(struct netifap - #endif /* LWIP_NETIF_API */ - - err_t tcpip_callback_with_block(void (*f)(void *ctx), void *ctx, u8_t block); --#define tcpip_callback(f,ctx) tcpip_callback_with_block(f,ctx,1) -+#define tcpip_callback(f, ctx) tcpip_callback_with_block(f, ctx, 1) -+ -+/* free pbufs or heap memory from another context without blocking */ -+err_t pbuf_free_callback(struct pbuf *p); -+err_t mem_free_callback(void *m); - - err_t tcpip_timeout(u32_t msecs, sys_timeout_handler h, void *arg); - #define tcpip_untimeout(h, arg) tcpip_timeout(0xffffffff, h, arg) -Index: src/include/netif/loopif.h -=================================================================== -RCS file: /sources/lwip/lwip/src/include/netif/loopif.h,v -retrieving revision 1.7 -retrieving revision 1.9 -diff -u -p -r1.7 -r1.9 ---- a/src/include/netif/loopif.h 10 May 2007 10:59:20 -0000 1.7 -+++ b/src/include/netif/loopif.h 17 Jun 2008 20:12:22 -0000 1.9 -@@ -32,6 +32,7 @@ - #ifndef __NETIF_LOOPIF_H__ - #define __NETIF_LOOPIF_H__ - -+#include "lwip/opt.h" - #include "lwip/netif.h" - #include "lwip/err.h" - -@@ -39,9 +40,9 @@ - extern "C" { - #endif - --#if !LWIP_LOOPIF_MULTITHREADING --void loopif_poll(struct netif *netif); --#endif -+#if !LWIP_NETIF_LOOPBACK_MULTITHREADING -+#define loopif_poll netif_poll -+#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */ - - err_t loopif_init(struct netif *netif); - -Index: src/netif/etharp.c -=================================================================== -RCS file: /sources/lwip/lwip/src/netif/etharp.c,v -retrieving revision 1.145 -retrieving revision 1.148 -diff -u -p -r1.145 -r1.148 ---- a/src/netif/etharp.c 4 Mar 2008 13:41:24 -0000 1.145 -+++ b/src/netif/etharp.c 19 Jun 2008 16:40:59 -0000 1.148 -@@ -353,7 +353,7 @@ find_entry(struct ip_addr *ipaddr, u8_t - * 1) empty entry - * 2) oldest stable entry - * 3) oldest pending entry without queued packets -- * 4) oldest pending entry without queued packets -+ * 4) oldest pending entry with queued packets - * - * { ETHARP_TRY_HARD is set at this point } - */ -@@ -1130,7 +1130,14 @@ ethernet_input(struct pbuf *p, struct ne - - /* points to packet payload, which starts with an Ethernet header */ - ethhdr = p->payload; -- -+ LWIP_DEBUGF(ETHARP_DEBUG | LWIP_DBG_TRACE, -+ ("ethernet_input: dest:%02x:%02x:%02x:%02x:%02x:%02x, src:%02x:%02x:%02x:%02x:%02x:%02x, type:%2hx\n", -+ (unsigned)ethhdr->dest.addr[0], (unsigned)ethhdr->dest.addr[1], (unsigned)ethhdr->dest.addr[2], -+ (unsigned)ethhdr->dest.addr[3], (unsigned)ethhdr->dest.addr[4], (unsigned)ethhdr->dest.addr[5], -+ (unsigned)ethhdr->src.addr[0], (unsigned)ethhdr->src.addr[1], (unsigned)ethhdr->src.addr[2], -+ (unsigned)ethhdr->src.addr[3], (unsigned)ethhdr->src.addr[4], (unsigned)ethhdr->src.addr[5], -+ (unsigned)htons(ethhdr->type))); -+ - switch (htons(ethhdr->type)) { - /* IP packet? */ - case ETHTYPE_IP: -@@ -1165,6 +1172,8 @@ ethernet_input(struct pbuf *p, struct ne - #endif /* PPPOE_SUPPORT */ - - default: -+ ETHARP_STATS_INC(etharp.proterr); -+ ETHARP_STATS_INC(etharp.drop); - pbuf_free(p); - p = NULL; - break; -Index: src/netif/loopif.c -=================================================================== -RCS file: /sources/lwip/lwip/src/netif/loopif.c,v -retrieving revision 1.26 -retrieving revision 1.27 -diff -u -p -r1.26 -r1.27 ---- a/src/netif/loopif.c 31 Aug 2007 10:14:09 -0000 1.26 -+++ b/src/netif/loopif.c 12 Jun 2008 20:10:10 -0000 1.27 -@@ -40,149 +40,8 @@ - #if LWIP_HAVE_LOOPIF - - #include "netif/loopif.h" --#include "lwip/pbuf.h" - #include "lwip/snmp.h" - --#include <string.h> -- --#if !LWIP_LOOPIF_MULTITHREADING -- --#include "lwip/sys.h" --#include "lwip/mem.h" -- --/* helper struct for the linked list of pbufs */ --struct loopif_private { -- struct pbuf *first; -- struct pbuf *last; --}; -- --/** -- * Call loopif_poll() in the main loop of your application. This is to prevent -- * reentering non-reentrant functions like tcp_input(). Packets passed to -- * loopif_output() are put on a list that is passed to netif->input() by -- * loopif_poll(). -- * -- * @param netif the lwip network interface structure for this loopif -- */ --void --loopif_poll(struct netif *netif) --{ -- SYS_ARCH_DECL_PROTECT(lev); -- struct pbuf *in, *in_end; -- struct loopif_private *priv = (struct loopif_private*)netif->state; -- -- LWIP_ERROR("priv != NULL", (priv != NULL), return;); -- -- do { -- /* Get a packet from the list. With SYS_LIGHTWEIGHT_PROT=1, this is protected */ -- SYS_ARCH_PROTECT(lev); -- in = priv->first; -- if(in) { -- in_end = in; -- while(in_end->len != in_end->tot_len) { -- LWIP_ASSERT("bogus pbuf: len != tot_len but next == NULL!", in_end->next != NULL); -- in_end = in_end->next; -- } -- /* 'in_end' now points to the last pbuf from 'in' */ -- if(in_end == priv->last) { -- /* this was the last pbuf in the list */ -- priv->first = priv->last = NULL; -- } else { -- /* pop the pbuf off the list */ -- priv->first = in_end->next; -- LWIP_ASSERT("should not be null since first != last!", priv->first != NULL); -- } -- } -- SYS_ARCH_UNPROTECT(lev); -- -- if(in != NULL) { -- if(in_end->next != NULL) { -- /* De-queue the pbuf from its successors on the 'priv' list. */ -- in_end->next = NULL; -- } -- if(netif->input(in, netif) != ERR_OK) { -- pbuf_free(in); -- } -- /* Don't reference the packet any more! */ -- in = NULL; -- in_end = NULL; -- } -- /* go on while there is a packet on the list */ -- } while(priv->first != NULL); --} --#endif /* LWIP_LOOPIF_MULTITHREADING */ -- --/** -- * Send an IP packet over the loopback interface. -- * The pbuf is simply copied and handed back to netif->input. -- * In multithreaded mode, this is done directly since netif->input must put -- * the packet on a queue. -- * In callback mode, the packet is put on an internal queue and is fed to -- * netif->input by loopif_poll(). -- * -- * @param netif the lwip network interface structure for this loopif -- * @param p the (IP) packet to 'send' -- * @param ipaddr the ip address to send the packet to (not used for loopif) -- * @return ERR_OK if the packet has been sent -- * ERR_MEM if the pbuf used to copy the packet couldn't be allocated -- */ --static err_t --loopif_output(struct netif *netif, struct pbuf *p, -- struct ip_addr *ipaddr) --{ --#if !LWIP_LOOPIF_MULTITHREADING -- SYS_ARCH_DECL_PROTECT(lev); -- struct loopif_private *priv; -- struct pbuf *last; --#endif /* LWIP_LOOPIF_MULTITHREADING */ -- struct pbuf *r; -- err_t err; -- -- LWIP_UNUSED_ARG(ipaddr); -- -- /* Allocate a new pbuf */ -- r = pbuf_alloc(PBUF_RAW, p->tot_len, PBUF_RAM); -- if (r == NULL) { -- return ERR_MEM; -- } -- -- /* Copy the whole pbuf queue p into the single pbuf r */ -- if ((err = pbuf_copy(r, p)) != ERR_OK) { -- pbuf_free(r); -- r = NULL; -- return err; -- } -- --#if LWIP_LOOPIF_MULTITHREADING -- /* Multithreading environment, netif->input() is supposed to put the packet -- into a mailbox, so we can safely call it here without risking to re-enter -- functions that are not reentrant (TCP!!!) */ -- if(netif->input(r, netif) != ERR_OK) { -- pbuf_free(r); -- r = NULL; -- } --#else /* LWIP_LOOPIF_MULTITHREADING */ -- /* Raw API without threads: put the packet on a linked list which gets emptied -- through calling loopif_poll(). */ -- priv = (struct loopif_private*)netif->state; -- -- /* let last point to the last pbuf in chain r */ -- for (last = r; last->next != NULL; last = last->next); -- SYS_ARCH_PROTECT(lev); -- if(priv->first != NULL) { -- LWIP_ASSERT("if first != NULL, last must also be != NULL", priv->last != NULL); -- priv->last->next = r; -- priv->last = last; -- } else { -- priv->first = r; -- priv->last = last; -- } -- SYS_ARCH_UNPROTECT(lev); --#endif /* LWIP_LOOPIF_MULTITHREADING */ -- -- return ERR_OK; --} -- - /** - * Initialize a lwip network interface structure for a loopback interface - * -@@ -193,16 +52,6 @@ loopif_output(struct netif *netif, struc - err_t - loopif_init(struct netif *netif) - { --#if !LWIP_LOOPIF_MULTITHREADING -- struct loopif_private *priv; -- -- priv = (struct loopif_private*)mem_malloc(sizeof(struct loopif_private)); -- if(priv == NULL) -- return ERR_MEM; -- priv->first = priv->last = NULL; -- netif->state = priv; --#endif /* LWIP_LOOPIF_MULTITHREADING */ -- - /* initialize the snmp variables and counters inside the struct netif - * ifSpeed: no assumption can be made! - */ -@@ -210,7 +59,7 @@ loopif_init(struct netif *netif) - - netif->name[0] = 'l'; - netif->name[1] = 'o'; -- netif->output = loopif_output; -+ netif->output = netif_loop_output; - return ERR_OK; - } - -Index: src/netif/slipif.c -=================================================================== -RCS file: /sources/lwip/lwip/src/netif/slipif.c,v -retrieving revision 1.29 -retrieving revision 1.30 -diff -u -p -r1.29 -r1.30 ---- a/src/netif/slipif.c 30 Nov 2007 17:22:21 -0000 1.29 -+++ b/src/netif/slipif.c 17 Jun 2008 20:14:05 -0000 1.30 -@@ -44,6 +44,9 @@ - - #include "netif/slipif.h" - #include "lwip/opt.h" -+ -+#if LWIP_HAVE_SLIPIF -+ - #include "lwip/def.h" - #include "lwip/pbuf.h" - #include "lwip/sys.h" -@@ -273,3 +276,4 @@ slipif_init(struct netif *netif) - sys_thread_new(SLIPIF_THREAD_NAME, slipif_loop, netif, SLIPIF_THREAD_STACKSIZE, SLIPIF_THREAD_PRIO); - return ERR_OK; - } -+#endif /* LWIP_HAVE_SLIPIF */ diff --git a/external/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch b/external/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch deleted file mode 100644 index a5d01495..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch +++ /dev/null @@ -1,155 +0,0 @@ ---- a/newlib/libc/stdio/fprintf_chk.c 1969-12-31 19:00:00.000000000 -0500 -+++ b/newlib/libc/stdio/fprintf_chk.c 2009-02-26 19:02:53.000000000 -0500 -@@ -0,0 +1,21 @@ -+#include <stdarg.h> -+#include <stdio.h> -+ -+/* -+ * Stub implementation of __fprintf_chk adapted from glibc 2.7. This -+ * doesn't actually implement any buffer overflow protection. It just makes -+ * the linker happy :) -+*/ -+int -+__fprintf_chk (FILE *fp, int flag, const char *format, ...) -+{ -+ va_list ap; -+ int done; -+ -+ va_start (ap, format); -+ done = vfprintf (fp, format, ap); -+ va_end (ap); -+ -+ return done; -+} -+ ---- a/newlib/libc/stdio/Makefile.am 2007-08-02 16:23:06.000000000 -0400 -+++ b/newlib/libc/stdio/Makefile.am 2009-02-26 18:14:53.000000000 -0500 -@@ -20,6 +20,7 @@ - flags.c \ - fopen.c \ - fprintf.c \ -+ fprintf_chk.c \ - fputc.c \ - fputs.c \ - fread.c \ -@@ -65,6 +66,7 @@ - sniprintf.c \ - snprintf.c \ - sprintf.c \ -+ sprintf_chk.c \ - sscanf.c \ - stdio.c \ - tmpfile.c \ ---- a/newlib/libc/stdio/Makefile.in 2007-12-19 17:36:38.000000000 -0500 -+++ b/newlib/libc/stdio/Makefile.in 2009-02-26 18:43:52.000000000 -0500 -@@ -63,7 +63,8 @@ - lib_a-fgets.$(OBJEXT) lib_a-fileno.$(OBJEXT) \ - lib_a-findfp.$(OBJEXT) lib_a-fiprintf.$(OBJEXT) \ - lib_a-flags.$(OBJEXT) lib_a-fopen.$(OBJEXT) \ -- lib_a-fprintf.$(OBJEXT) lib_a-fputc.$(OBJEXT) \ -+ lib_a-fprintf.$(OBJEXT) lib_a-fprintf_chk.$(OBJEXT) \ -+ lib_a-fputc.$(OBJEXT) \ - lib_a-fputs.$(OBJEXT) lib_a-fread.$(OBJEXT) \ - lib_a-freopen.$(OBJEXT) lib_a-fscanf.$(OBJEXT) \ - lib_a-fiscanf.$(OBJEXT) lib_a-fseek.$(OBJEXT) \ -@@ -86,6 +87,7 @@ - lib_a-setvbuf.$(OBJEXT) lib_a-siprintf.$(OBJEXT) \ - lib_a-siscanf.$(OBJEXT) lib_a-sniprintf.$(OBJEXT) \ - lib_a-snprintf.$(OBJEXT) lib_a-sprintf.$(OBJEXT) \ -+ lib_a-sprintf_chk.$(OBJEXT) \ - lib_a-sscanf.$(OBJEXT) lib_a-stdio.$(OBJEXT) \ - lib_a-tmpfile.$(OBJEXT) lib_a-tmpnam.$(OBJEXT) \ - lib_a-ungetc.$(OBJEXT) lib_a-vdiprintf.$(OBJEXT) \ -@@ -122,15 +124,15 @@ - LTLIBRARIES = $(noinst_LTLIBRARIES) - am__objects_4 = clearerr.lo fclose.lo fdopen.lo feof.lo ferror.lo \ - fflush.lo fgetc.lo fgetpos.lo fgets.lo fileno.lo findfp.lo \ -- fiprintf.lo flags.lo fopen.lo fprintf.lo fputc.lo fputs.lo \ -- fread.lo freopen.lo fscanf.lo fiscanf.lo fseek.lo fsetpos.lo \ -+ fiprintf.lo flags.lo fopen.lo fprintf.lo fprintf_chk.lo fputc.lo \ -+ fputs.lo fread.lo freopen.lo fscanf.lo fiscanf.lo fseek.lo fsetpos.lo \ - ftell.lo fvwrite.lo fwalk.lo fwrite.lo getc.lo getchar.lo \ - getc_u.lo getchar_u.lo getdelim.lo getline.lo gets.lo \ - iprintf.lo iscanf.lo makebuf.lo perror.lo printf.lo putc.lo \ - putchar.lo putc_u.lo putchar_u.lo puts.lo refill.lo remove.lo \ - rename.lo rewind.lo rget.lo scanf.lo sccl.lo setbuf.lo \ - setbuffer.lo setlinebuf.lo setvbuf.lo siprintf.lo siscanf.lo \ -- sniprintf.lo snprintf.lo sprintf.lo sscanf.lo stdio.lo \ -+ sniprintf.lo snprintf.lo sprintf.lo sprintf_chk.lo sscanf.lo stdio.lo \ - tmpfile.lo tmpnam.lo ungetc.lo vdiprintf.lo vdprintf.lo \ - viprintf.lo viscanf.lo vprintf.lo vscanf.lo vsiprintf.lo \ - vsiscanf.lo vsnprintf.lo vsniprintf.lo vsprintf.lo vsscanf.lo \ -@@ -344,6 +346,7 @@ - flags.c \ - fopen.c \ - fprintf.c \ -+ fprintf_chk.c \ - fputc.c \ - fputs.c \ - fread.c \ -@@ -389,6 +392,7 @@ - sniprintf.c \ - snprintf.c \ - sprintf.c \ -+ sprintf_chk.c \ - sscanf.c \ - stdio.c \ - tmpfile.c \ -@@ -508,6 +512,7 @@ - siprintf.def \ - siscanf.def \ - sprintf.def \ -+ sprintf_chk.def \ - sscanf.def \ - tmpfile.def \ - tmpnam.def \ -@@ -678,6 +683,12 @@ - lib_a-fprintf.obj: fprintf.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf.obj `if test -f 'fprintf.c'; then $(CYGPATH_W) 'fprintf.c'; else $(CYGPATH_W) '$(srcdir)/fprintf.c'; fi` - -+lib_a-fprintf_chk.o: fprintf_chk.c -+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf_chk.o `test -f 'fprintf_chk.c' || echo '$(srcdir)/'`fprintf_chk.c -+ -+lib_a-fprintf_chk.obj: fprintf_chk.c -+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf_chk.obj `if test -f 'fprintf_chk.c'; then $(CYGPATH_W) 'fprintf_chk.c'; else $(CYGPATH_W) '$(srcdir)/fprintf_chk.c'; fi` -+ - lib_a-fputc.o: fputc.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fputc.o `test -f 'fputc.c' || echo '$(srcdir)/'`fputc.c - -@@ -948,6 +959,12 @@ - lib_a-sprintf.obj: sprintf.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf.obj `if test -f 'sprintf.c'; then $(CYGPATH_W) 'sprintf.c'; else $(CYGPATH_W) '$(srcdir)/sprintf.c'; fi` - -+lib_a-sprintf_chk.o: sprintf_chk.c -+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf_chk.o `test -f 'sprintf_chk.c' || echo '$(srcdir)/'`sprintf_chk.c -+ -+lib_a-sprintf_chk.obj: sprintf_chk.c -+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf_chk.obj `if test -f 'sprintf_chk.c'; then $(CYGPATH_W) 'sprintf_chk.c'; else $(CYGPATH_W) '$(srcdir)/sprintf_chk.c'; fi` -+ - lib_a-sscanf.o: sscanf.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sscanf.o `test -f 'sscanf.c' || echo '$(srcdir)/'`sscanf.c - ---- a/newlib/libc/stdio/sprintf_chk.c 1969-12-31 19:00:00.000000000 -0500 -+++ b/newlib/libc/stdio/sprintf_chk.c 2009-02-26 19:02:26.000000000 -0500 -@@ -0,0 +1,21 @@ -+#include <stdarg.h> -+#include <stdio.h> -+ -+/* -+ * Stub implementation of __sprintf_chk adapted from glibc 2.7. This -+ * doesn't actually implement any buffer overflow protection. It just makes -+ * the linker happy :) -+*/ -+int -+__sprintf_chk (char *s, int flags, size_t slen, const char *format, ...) -+{ -+ va_list arg; -+ int done; -+ -+ va_start (arg, format); -+ done = vsprintf (s, format, arg); -+ va_end (arg); -+ -+ return done; -+} -+ diff --git a/external/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch b/external/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch deleted file mode 100644 index 3610d646..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch +++ /dev/null @@ -1,16 +0,0 @@ ---- a/newlib/libc/include/stdint.h.orig 2006-08-17 00:39:43.000000000 +0300 -+++ b/newlib/libc/include/stdint.h 2009-08-25 17:33:23.000000000 +0300 -@@ -348,8 +348,11 @@ - #endif - - /* This must match size_t in stddef.h, currently long unsigned int */ --#define SIZE_MIN (-__STDINT_EXP(LONG_MAX) - 1L) --#define SIZE_MAX __STDINT_EXP(LONG_MAX) -+#ifdef __SIZE_MAX__ -+#define SIZE_MAX __SIZE_MAX__ -+#else -+#define SIZE_MAX (__STDINT_EXP(LONG_MAX) * 2UL + 1) -+#endif - - /* This must match sig_atomic_t in <signal.h> (currently int) */ - #define SIG_ATOMIC_MIN (-__STDINT_EXP(INT_MAX) - 1) diff --git a/external/meta-virtualization/recipes-extended/xen/files/newlib.patch b/external/meta-virtualization/recipes-extended/xen/files/newlib.patch deleted file mode 100644 index dbf409a2..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/newlib.patch +++ /dev/null @@ -1,727 +0,0 @@ -There is a mix between longs and long longs. - -Index: newlib/libc/include/inttypes.h -=================================================================== -RCS file: /cvs/src/src/newlib/libc/include/inttypes.h,v -retrieving revision 1.3 -diff -u -p -r1.3 inttypes.h ---- a/newlib/libc/include/inttypes.h 16 Dec 2005 19:03:12 -0000 1.3 -+++ b/newlib/libc/include/inttypes.h 8 Nov 2007 16:32:44 -0000 -@@ -163,12 +163,12 @@ - - - /* 64-bit types */ --#if __have_longlong64 --#define __PRI64(x) __STRINGIFY(ll##x) --#define __SCN64(x) __STRINGIFY(ll##x) --#elif __have_long64 -+#if __have_long64 - #define __PRI64(x) __STRINGIFY(l##x) - #define __SCN64(x) __STRINGIFY(l##x) -+#elif __have_longlong64 -+#define __PRI64(x) __STRINGIFY(ll##x) -+#define __SCN64(x) __STRINGIFY(ll##x) - #else - #define __PRI64(x) __STRINGIFY(x) - #define __SCN64(x) __STRINGIFY(x) -@@ -217,12 +217,12 @@ - #endif - - /* max-bit types */ --#if __have_longlong64 --#define __PRIMAX(x) __STRINGIFY(ll##x) --#define __SCNMAX(x) __STRINGIFY(ll##x) --#elif __have_long64 -+#if __have_long64 - #define __PRIMAX(x) __STRINGIFY(l##x) - #define __SCNMAX(x) __STRINGIFY(l##x) -+#elif __have_longlong64 -+#define __PRIMAX(x) __STRINGIFY(ll##x) -+#define __SCNMAX(x) __STRINGIFY(ll##x) - #else - #define __PRIMAX(x) __STRINGIFY(x) - #define __SCNMAX(x) __STRINGIFY(x) -@@ -242,12 +242,12 @@ - #define SCNxMAX __SCNMAX(x) - - /* ptr types */ --#if __have_longlong64 --#define __PRIPTR(x) __STRINGIFY(ll##x) --#define __SCNPTR(x) __STRINGIFY(ll##x) --#elif __have_long64 -+#if __have_long64 - #define __PRIPTR(x) __STRINGIFY(l##x) - #define __SCNPTR(x) __STRINGIFY(l##x) -+#elif __have_longlong64 -+#define __PRIPTR(x) __STRINGIFY(ll##x) -+#define __SCNPTR(x) __STRINGIFY(ll##x) - #else - #define __PRIPTR(x) __STRINGIFY(x) - #define __SCNPTR(x) __STRINGIFY(x) - -We don't want u?int32_t to be long as our code assume in a lot of places to be -int. - -Index: newlib/libc/include/stdint.h -=================================================================== -RCS file: /cvs/src/src/newlib/libc/include/stdint.h,v -retrieving revision 1.10 -diff -u -p -r1.10 stdint.h ---- a/newlib/libc/include/stdint.h 16 Aug 2006 21:39:43 -0000 1.10 -+++ b/newlib/libc/include/stdint.h 12 Feb 2008 13:07:52 -0000 -@@ -38,7 +38,7 @@ extern "C" { - #if __STDINT_EXP(LONG_MAX) > 0x7fffffff - #define __have_long64 1 - #elif __STDINT_EXP(LONG_MAX) == 0x7fffffff && !defined(__SPU__) --#define __have_long32 1 -+/* #define __have_long32 1 */ - #endif - - #if __STDINT_EXP(SCHAR_MAX) == 0x7f - -Define the basic ia64 jump buffer - -Index: newlib/libc/include/sys/config.h -=================================================================== -RCS file: /cvs/src/src/newlib/libc/include/sys/config.h,v -retrieving revision 1.47 -diff -u -p -r1.47 config.h ---- a/newlib/libc/include/sys/config.h 15 Mar 2007 21:32:12 -0000 1.47 -+++ b/newlib/libc/include/sys/config.h 8 Nov 2007 16:32:44 -0000 -@@ -71,6 +71,10 @@ - #endif - #endif - -+#ifndef __DYNAMIC_REENT__ -+#define __DYNAMIC_REENT__ -+#endif -+ - #ifdef __mn10200__ - #define __SMALL_BITFIELDS - #endif - -Dynamic pointer to our reentrancy zone - -Index: newlib/libc/reent/getreent.c -=================================================================== -RCS file: /cvs/src/src/newlib/libc/reent/getreent.c,v -retrieving revision 1.2 -diff -u -p -r1.2 getreent.c ---- a/newlib/libc/reent/getreent.c 7 Sep 2007 00:45:55 -0000 1.2 -+++ b/newlib/libc/reent/getreent.c 8 Nov 2007 16:32:44 -0000 -@@ -3,12 +3,20 @@ - #include <_ansi.h> - #include <reent.h> - -+#define weak_alias(name, aliasname) \ -+ extern __typeof (name) aliasname __attribute__ ((weak, alias (#name))); -+ - #ifdef __getreent - #undef __getreent - #endif -+#ifdef __libc_getreent -+#undef __libc_getreent -+#endif - - struct _reent * --_DEFUN_VOID(__getreent) -+__libc_getreent (void) - { - return _impure_ptr; - } -+weak_alias(__libc_getreent,__getreent) -+ - -We can't provide a red zone in mini-os. - -Index: newlib/libc/machine/x86_64/memcpy.S -=================================================================== -RCS file: /cvs/src/src/newlib/libc/machine/x86_64/memcpy.S,v -retrieving revision 1.1 -diff -u -p -r1.1 memcpy.S ---- a/newlib/libc/machine/x86_64/memcpy.S 28 Aug 2007 21:56:49 -0000 1.1 -+++ b/newlib/libc/machine/x86_64/memcpy.S 8 Nov 2007 16:32:44 -0000 -@@ -30,10 +30,18 @@ quadword_aligned: - cmpq $256, rdx - jb quadword_copy - -+#if 1 -+ subq $32, rsp -+ movq rax, 24 (rsp) -+ movq r12, 16 (rsp) -+ movq r13, 8 (rsp) -+ movq r14, 0 (rsp) -+#else - movq rax, -8 (rsp) - movq r12, -16 (rsp) - movq r13, -24 (rsp) - movq r14, -32 (rsp) -+#endif - - movq rdx, rcx /* Copy 128 bytes at a time with minimum cache polution */ - shrq $7, rcx -@@ -89,10 +97,18 @@ loop: - movq rdx, rcx - andq $127, rcx - rep movsb -+#if 1 -+ movq 24 (rsp), rax -+ movq 16 (rsp), r12 -+ movq 8 (rsp), r13 -+ movq 0 (rsp), r14 -+ addq $32, rsp -+#else - movq -8 (rsp), rax - movq -16 (rsp), r12 - movq -24 (rsp), r13 - movq -32 (rsp), r14 -+#endif - ret - - ---- a/newlib/libc/machine/x86_64/x86_64mach.h.orig 2008-07-11 14:57:23.062269000 +0100 -+++ b/newlib/libc/machine/x86_64/x86_64mach.h 2008-07-11 14:58:01.262503000 +0100 -@@ -22,81 +22,81 @@ - - #define REG(x) CONCAT1(__REG_PREFIX__, x) - --#define rax REG(rax) --#define rbx REG(rbx) --#define rcx REG(rcx) --#define rdx REG(rdx) --#define rsi REG(rsi) --#define rdi REG(rdi) --#define rbp REG(rbp) --#define rsp REG(rsp) -- --#define r8 REG(r8) --#define r9 REG(r9) --#define r10 REG(r10) --#define r11 REG(r11) --#define r12 REG(r12) --#define r13 REG(r13) --#define r14 REG(r14) --#define r15 REG(r15) -- --#define eax REG(eax) --#define ebx REG(ebx) --#define ecx REG(ecx) --#define edx REG(edx) --#define esi REG(esi) --#define edi REG(edi) --#define ebp REG(ebp) --#define esp REG(esp) -- --#define st0 REG(st) --#define st1 REG(st(1)) --#define st2 REG(st(2)) --#define st3 REG(st(3)) --#define st4 REG(st(4)) --#define st5 REG(st(5)) --#define st6 REG(st(6)) --#define st7 REG(st(7)) -- --#define ax REG(ax) --#define bx REG(bx) --#define cx REG(cx) --#define dx REG(dx) -- --#define ah REG(ah) --#define bh REG(bh) --#define ch REG(ch) --#define dh REG(dh) -- --#define al REG(al) --#define bl REG(bl) --#define cl REG(cl) --#define dl REG(dl) -- --#define sil REG(sil) -- --#define mm1 REG(mm1) --#define mm2 REG(mm2) --#define mm3 REG(mm3) --#define mm4 REG(mm4) --#define mm5 REG(mm5) --#define mm6 REG(mm6) --#define mm7 REG(mm7) -- --#define xmm0 REG(xmm0) --#define xmm1 REG(xmm1) --#define xmm2 REG(xmm2) --#define xmm3 REG(xmm3) --#define xmm4 REG(xmm4) --#define xmm5 REG(xmm5) --#define xmm6 REG(xmm6) --#define xmm7 REG(xmm7) -- --#define cr0 REG(cr0) --#define cr1 REG(cr1) --#define cr2 REG(cr2) --#define cr3 REG(cr3) --#define cr4 REG(cr4) -+#define rax %rax -+#define rbx %rbx -+#define rcx %rcx -+#define rdx %rdx -+#define rsi %rsi -+#define rdi %rdi -+#define rbp %rbp -+#define rsp %rsp -+ -+#define r8 %r8 -+#define r9 %r9 -+#define r10 %r10 -+#define r11 %r11 -+#define r12 %r12 -+#define r13 %r13 -+#define r14 %r14 -+#define r15 %r15 -+ -+#define eax %eax -+#define ebx %ebx -+#define ecx %ecx -+#define edx %edx -+#define esi %esi -+#define edi %edi -+#define ebp %ebp -+#define esp %esp -+ -+#define st0 %st -+#define st1 %st(1) -+#define st2 %st(2) -+#define st3 %st(3) -+#define st4 %st(4) -+#define st5 %st(5) -+#define st6 %st(6) -+#define st7 %st(7) -+ -+#define ax %ax -+#define bx %bx -+#define cx %cx -+#define dx %dx -+ -+#define ah %ah -+#define bh %bh -+#define ch %ch -+#define dh %dh -+ -+#define al %al -+#define bl %bl -+#define cl %cl -+#define dl %dl -+ -+#define sil %sil -+ -+#define mm1 %mm1 -+#define mm2 %mm2 -+#define mm3 %mm3 -+#define mm4 %mm4 -+#define mm5 %mm5 -+#define mm6 %mm6 -+#define mm7 %mm7 -+ -+#define xmm0 %xmm0 -+#define xmm1 %xmm1 -+#define xmm2 %xmm2 -+#define xmm3 %xmm3 -+#define xmm4 %xmm4 -+#define xmm5 %xmm5 -+#define xmm6 %xmm6 -+#define xmm7 %xmm7 -+ -+#define cr0 %cr0 -+#define cr1 %cr1 -+#define cr2 %cr2 -+#define cr3 %cr3 -+#define cr4 %cr4 - - #ifdef _I386MACH_NEED_SOTYPE_FUNCTION - #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function ---- a/newlib/libc/machine/x86_64/memcpy.S.orig 2008-07-11 15:12:27.494693000 +0100 -+++ b/newlib/libc/machine/x86_64/memcpy.S 2008-07-11 15:12:29.448706000 +0100 -@@ -60,14 +60,14 @@ - movq 48 (rsi), r13 - movq 56 (rsi), r14 - -- movntiq rax, (rdi) -- movntiq r8 , 8 (rdi) -- movntiq r9 , 16 (rdi) -- movntiq r10, 24 (rdi) -- movntiq r11, 32 (rdi) -- movntiq r12, 40 (rdi) -- movntiq r13, 48 (rdi) -- movntiq r14, 56 (rdi) -+ movnti rax, (rdi) -+ movnti r8 , 8 (rdi) -+ movnti r9 , 16 (rdi) -+ movnti r10, 24 (rdi) -+ movnti r11, 32 (rdi) -+ movnti r12, 40 (rdi) -+ movnti r13, 48 (rdi) -+ movnti r14, 56 (rdi) - - movq 64 (rsi), rax - movq 72 (rsi), r8 -@@ -78,14 +78,14 @@ - movq 112 (rsi), r13 - movq 120 (rsi), r14 - -- movntiq rax, 64 (rdi) -- movntiq r8 , 72 (rdi) -- movntiq r9 , 80 (rdi) -- movntiq r10, 88 (rdi) -- movntiq r11, 96 (rdi) -- movntiq r12, 104 (rdi) -- movntiq r13, 112 (rdi) -- movntiq r14, 120 (rdi) -+ movnti rax, 64 (rdi) -+ movnti r8 , 72 (rdi) -+ movnti r9 , 80 (rdi) -+ movnti r10, 88 (rdi) -+ movnti r11, 96 (rdi) -+ movnti r12, 104 (rdi) -+ movnti r13, 112 (rdi) -+ movnti r14, 120 (rdi) - - leaq 128 (rsi), rsi - leaq 128 (rdi), rdi ---- a/newlib/libc/machine/i386/i386mach.h 2000-08-28 18:50:06.000000000 +0100 -+++ b/newlib/libc/machine/i386/i386mach.h 2008-07-11 15:17:13.874409000 +0100 -@@ -27,46 +27,46 @@ - - #define REG(x) CONCAT1(__REG_PREFIX__, x) - --#define eax REG(eax) --#define ebx REG(ebx) --#define ecx REG(ecx) --#define edx REG(edx) --#define esi REG(esi) --#define edi REG(edi) --#define ebp REG(ebp) --#define esp REG(esp) -- --#define st0 REG(st) --#define st1 REG(st(1)) --#define st2 REG(st(2)) --#define st3 REG(st(3)) --#define st4 REG(st(4)) --#define st5 REG(st(5)) --#define st6 REG(st(6)) --#define st7 REG(st(7)) -- --#define ax REG(ax) --#define bx REG(bx) --#define cx REG(cx) --#define dx REG(dx) -- --#define ah REG(ah) --#define bh REG(bh) --#define ch REG(ch) --#define dh REG(dh) -- --#define al REG(al) --#define bl REG(bl) --#define cl REG(cl) --#define dl REG(dl) -- --#define mm1 REG(mm1) --#define mm2 REG(mm2) --#define mm3 REG(mm3) --#define mm4 REG(mm4) --#define mm5 REG(mm5) --#define mm6 REG(mm6) --#define mm7 REG(mm7) -+#define eax %eax -+#define ebx %ebx -+#define ecx %ecx -+#define edx %edx -+#define esi %esi -+#define edi %edi -+#define ebp %ebp -+#define esp %esp -+ -+#define st0 %st -+#define st1 %st(1) -+#define st2 %st(2) -+#define st3 %st(3) -+#define st4 %st(4) -+#define st5 %st(5) -+#define st6 %st(6) -+#define st7 %st(7) -+ -+#define ax %ax -+#define bx %bx -+#define cx %cx -+#define dx %dx -+ -+#define ah %ah -+#define bh %bh -+#define ch %ch -+#define dh %dh -+ -+#define al %al -+#define bl %bl -+#define cl %cl -+#define dl %dl -+ -+#define mm1 %mm1 -+#define mm2 %mm2 -+#define mm3 %mm3 -+#define mm4 %mm4 -+#define mm5 %mm5 -+#define mm6 %mm6 -+#define mm7 %mm7 - - #ifdef _I386MACH_NEED_SOTYPE_FUNCTION - #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function ---- a/newlib/libc/machine/x86_64/memset.S 2007-08-28 22:56:49.000000000 +0100 -+++ b/newlib/libc/machine/x86_64/memset.S 2008-07-11 15:16:59.098320000 +0100 -@@ -40,22 +40,22 @@ - - .p2align 4 - loop: -- movntiq rax, (rdi) -- movntiq rax, 8 (rdi) -- movntiq rax, 16 (rdi) -- movntiq rax, 24 (rdi) -- movntiq rax, 32 (rdi) -- movntiq rax, 40 (rdi) -- movntiq rax, 48 (rdi) -- movntiq rax, 56 (rdi) -- movntiq rax, 64 (rdi) -- movntiq rax, 72 (rdi) -- movntiq rax, 80 (rdi) -- movntiq rax, 88 (rdi) -- movntiq rax, 96 (rdi) -- movntiq rax, 104 (rdi) -- movntiq rax, 112 (rdi) -- movntiq rax, 120 (rdi) -+ movnti rax, (rdi) -+ movnti rax, 8 (rdi) -+ movnti rax, 16 (rdi) -+ movnti rax, 24 (rdi) -+ movnti rax, 32 (rdi) -+ movnti rax, 40 (rdi) -+ movnti rax, 48 (rdi) -+ movnti rax, 56 (rdi) -+ movnti rax, 64 (rdi) -+ movnti rax, 72 (rdi) -+ movnti rax, 80 (rdi) -+ movnti rax, 88 (rdi) -+ movnti rax, 96 (rdi) -+ movnti rax, 104 (rdi) -+ movnti rax, 112 (rdi) -+ movnti rax, 120 (rdi) - - leaq 128 (rdi), rdi - ---- a/newlib/libm/machine/i386/i386mach.h.orig 2008-07-11 15:30:37.367227000 +0100 -+++ b/newlib/libm/machine/i386/i386mach.h 2008-07-11 15:30:55.232337000 +0100 -@@ -27,46 +27,46 @@ - - #define REG(x) CONCAT1(__REG_PREFIX__, x) - --#define eax REG(eax) --#define ebx REG(ebx) --#define ecx REG(ecx) --#define edx REG(edx) --#define esi REG(esi) --#define edi REG(edi) --#define ebp REG(ebp) --#define esp REG(esp) -- --#define st0 REG(st) --#define st1 REG(st(1)) --#define st2 REG(st(2)) --#define st3 REG(st(3)) --#define st4 REG(st(4)) --#define st5 REG(st(5)) --#define st6 REG(st(6)) --#define st7 REG(st(7)) -- --#define ax REG(ax) --#define bx REG(bx) --#define cx REG(cx) --#define dx REG(dx) -- --#define ah REG(ah) --#define bh REG(bh) --#define ch REG(ch) --#define dh REG(dh) -- --#define al REG(al) --#define bl REG(bl) --#define cl REG(cl) --#define dl REG(dl) -- --#define mm1 REG(mm1) --#define mm2 REG(mm2) --#define mm3 REG(mm3) --#define mm4 REG(mm4) --#define mm5 REG(mm5) --#define mm6 REG(mm6) --#define mm7 REG(mm7) -+#define eax %eax -+#define ebx %ebx -+#define ecx %ecx -+#define edx %edx -+#define esi %esi -+#define edi %edi -+#define ebp %ebp -+#define esp %esp -+ -+#define st0 %st -+#define st1 %st(1) -+#define st2 %st(2) -+#define st3 %st(3) -+#define st4 %st(4) -+#define st5 %st(5) -+#define st6 %st(6) -+#define st7 %st(7) -+ -+#define ax %ax -+#define bx %bx -+#define cx %cx -+#define dx %dx -+ -+#define ah %ah -+#define bh %bh -+#define ch %ch -+#define dh %dh -+ -+#define al %al -+#define bl %bl -+#define cl %cl -+#define dl %dl -+ -+#define mm1 %mm1 -+#define mm2 %mm2 -+#define mm3 %mm3 -+#define mm4 %mm4 -+#define mm5 %mm5 -+#define mm6 %mm6 -+#define mm7 %mm7 - - #ifdef _I386MACH_NEED_SOTYPE_FUNCTION - #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function - - -We want to have a 64bit offsets libc even on 32bit platforms. - ---- ./newlib/configure.host.orig 2008-08-07 16:01:17.801946000 +0100 -+++ ./newlib/configure.host 2008-08-07 16:01:34.181064000 +0100 -@@ -317,6 +317,8 @@ - oext=lo - lpfx= - aext=la ;; -+ i[34567]86-xen-elf) -+ stdio64_dir=stdio64 ;; - *) ;; #shared library not supported for ${host} - esac - ---- a/newlib/libc/include/sys/_types.h.orig 2008-08-07 15:22:44.925008000 +0100 -+++ b/newlib/libc/include/sys/_types.h 2008-08-07 15:22:50.824044000 +0100 -@@ -13,8 +13,12 @@ - #include <sys/lock.h> - - #ifndef __off_t_defined -+#ifdef __MINIOS__ -+typedef long long _off_t; -+#else - typedef long _off_t; - #endif -+#endif - - #if defined(__rtems__) - /* device numbers are 32-bit major and and 32-bit minor */ ---- ./newlib/libc/include/sys/config.h.orig 2008-08-07 14:43:25.915866000 +0100 -+++ ./newlib/libc/include/sys/config.h 2008-08-07 14:44:13.508154000 +0100 -@@ -69,6 +69,10 @@ - /* we use some glibc header files so turn on glibc large file feature */ - #define _LARGEFILE64_SOURCE 1 - #endif -+#ifdef __MINIOS__ -+#define __LARGE64_FILES 1 -+#define _LARGEFILE64_SOURCE 1 -+#endif - #endif - - #ifndef __DYNAMIC_REENT__ ---- ./newlib/libc/include/sys/_default_fcntl.h.orig 2008-08-07 15:08:22.377836000 +0100 -+++ ./newlib/libc/include/sys/_default_fcntl.h 2008-08-07 15:08:31.651890000 +0100 -@@ -170,7 +170,11 @@ - /* Provide _<systemcall> prototypes for functions provided by some versions - of newlib. */ - #ifdef _COMPILING_NEWLIB --extern int _open _PARAMS ((const char *, int, ...)); -+extern int _open _PARAMS ((const char *, int, ...)) -+#ifdef __MINIOS__ -+ asm("open64") -+#endif -+ ; - extern int _fcntl _PARAMS ((int, int, ...)); - #ifdef __LARGE64_FILES - extern int _open64 _PARAMS ((const char *, int, ...)); ---- ./newlib/libc/include/sys/unistd.h.orig 2008-08-07 15:09:36.449280000 +0100 -+++ ./newlib/libc/include/sys/unistd.h 2008-08-07 15:09:51.210370000 +0100 -@@ -101,7 +101,11 @@ - int _EXFUN(link, (const char *__path1, const char *__path2 )); - int _EXFUN(nice, (int __nice_value )); - #if !defined(__INSIDE_CYGWIN__) --off_t _EXFUN(lseek, (int __fildes, off_t __offset, int __whence )); -+off_t _EXFUN(lseek, (int __fildes, off_t __offset, int __whence )) -+#ifdef __MINIOS__ -+ asm("lseek64") -+#endif -+ ; - #endif - #if defined(__SPU__) - #define F_ULOCK 0 ---- ./newlib/libc/include/sys/stat.h.orig 2008-08-07 16:08:50.495116000 +0100 -+++ ./newlib/libc/include/sys/stat.h 2008-08-07 16:10:21.799753000 +0100 -@@ -49,6 +49,9 @@ - long st_spare4[2]; - #endif - }; -+#ifdef __MINIOS__ -+#define stat64 stat -+#endif - #endif - - #define _IFMT 0170000 /* type of file */ -@@ -132,7 +135,11 @@ - /* Provide prototypes for most of the _<systemcall> names that are - provided in newlib for some compilers. */ - #ifdef _COMPILING_NEWLIB --int _EXFUN(_fstat,( int __fd, struct stat *__sbuf )); -+int _EXFUN(_fstat,( int __fd, struct stat *__sbuf )) -+#ifdef __MINIOS__ -+ asm("fstat64") -+#endif -+ ; - int _EXFUN(_stat,( const char *__path, struct stat *__sbuf )); - #ifdef __LARGE64_FILES - struct stat64; ---- ./newlib/libc/include/_syslist.h.orig 2008-08-07 16:24:19.122605000 +0100 -+++ ./newlib/libc/include/_syslist.h 2008-08-07 16:24:21.548628000 +0100 -@@ -14,6 +14,7 @@ - #define _kill kill - #define _link link - #define _lseek lseek -+#define _lseek64 lseek64 - #define _open open - #define _read read - #define _sbrk sbrk ---- a/newlib/libc/include/reent.h.orig 2008-08-07 16:28:49.846502000 +0100 -+++ b/newlib/libc/include/reent.h 2008-08-07 16:29:02.096586000 +0100 -@@ -87,6 +87,9 @@ - #if defined(__CYGWIN__) && defined(_COMPILING_NEWLIB) - #define stat64 __stat64 - #endif -+#if defined(__MINIOS__) -+#define stat64 stat -+#endif - - struct stat64; - diff --git a/external/meta-virtualization/recipes-extended/xen/files/polarssl.patch b/external/meta-virtualization/recipes-extended/xen/files/polarssl.patch deleted file mode 100644 index 95487308..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/polarssl.patch +++ /dev/null @@ -1,64 +0,0 @@ -diff -Naur polarssl-1.1.4/include/polarssl/config.h polarssl-x86_64/include/polarssl/config.h ---- a/include/polarssl/config.h 2011-12-22 05:06:27.000000000 -0500 -+++ b/include/polarssl/config.h 2012-10-30 17:18:07.567001000 -0400 -@@ -164,8 +164,8 @@ - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. --#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES - */ -+#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES - - /** - * \def POLARSSL_NO_PLATFORM_ENTROPY -@@ -175,8 +175,8 @@ - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. --#define POLARSSL_NO_PLATFORM_ENTROPY - */ -+#define POLARSSL_NO_PLATFORM_ENTROPY - - /** - * \def POLARSSL_PKCS1_V21 -@@ -426,8 +426,8 @@ - * Requires: POLARSSL_TIMING_C - * - * This module enables the HAVEGE random number generator. -- */ - #define POLARSSL_HAVEGE_C -+ */ - - /** - * \def POLARSSL_MD_C -@@ -490,7 +490,7 @@ - * - * This module provides TCP/IP networking routines. - */ --#define POLARSSL_NET_C -+//#define POLARSSL_NET_C - - /** - * \def POLARSSL_PADLOCK_C -@@ -644,8 +644,8 @@ - * Caller: library/havege.c - * - * This module is used by the HAVEGE random number generator. -- */ - #define POLARSSL_TIMING_C -+ */ - - /** - * \def POLARSSL_VERSION_C -diff -Naur polarssl-1.1.4/library/bignum.c polarssl-x86_64/library/bignum.c ---- a/library/bignum.c 2012-04-29 16:15:55.000000000 -0400 -+++ b/library/bignum.c 2012-10-30 17:21:52.135000999 -0400 -@@ -1101,7 +1101,7 @@ - Z.p[i - t - 1] = ~0; - else - { --#if defined(POLARSSL_HAVE_LONGLONG) -+#if 0 //defined(POLARSSL_HAVE_LONGLONG) - t_udbl r; - - r = (t_udbl) X.p[i] << biL; diff --git a/external/meta-virtualization/recipes-extended/xen/files/tools-xentop-vwprintw.patch b/external/meta-virtualization/recipes-extended/xen/files/tools-xentop-vwprintw.patch deleted file mode 100644 index 5d5d0116..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/tools-xentop-vwprintw.patch +++ /dev/null @@ -1,25 +0,0 @@ -tools/xentop : fix vwprintw -Werror=deprecated-declarations warning - -gcc-8.1 complains: - -| xentop.c: In function 'print': -| xentop.c:304:4: error: 'vwprintw' is deprecated [-Werror=deprecated-declarations] -| vwprintw(stdscr, (curses_str_t)fmt, args); -| ^~~~~~~~ - -vw_printw is the non-deprecated alternative. - -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> -diff --git a/tools/xenstat/xentop/xentop.c b/tools/xenstat/xentop/xentop.c -index 2fd2b67..c465810 100644 ---- a/tools/xenstat/xentop/xentop.c -+++ b/tools/xenstat/xentop/xentop.c -@@ -301,7 +301,7 @@ static void print(const char *fmt, ...) - if (!batch) { - if((current_row() < lines()-1)) { - va_start(args, fmt); -- vwprintw(stdscr, (curses_str_t)fmt, args); -+ vw_printw(stdscr, (curses_str_t)fmt, args); - va_end(args); - } - } else { diff --git a/external/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch b/external/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch deleted file mode 100644 index 622b34f5..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naur tpm_emulator-x86_64-back/tpm/tpm_emulator_extern.c tpm_emulator-x86_64/tpm/tpm_emulator_extern.c ---- a/tpm/tpm_emulator_extern.c 2012-04-27 10:55:46.581963398 -0400 -+++ b/tpm/tpm_emulator_extern.c 2012-04-27 10:56:02.193034152 -0400 -@@ -249,7 +249,7 @@ - #else /* TPM_NO_EXTERN */ - - int (*tpm_extern_init)(void) = NULL; --int (*tpm_extern_release)(void) = NULL; -+void (*tpm_extern_release)(void) = NULL; - void* (*tpm_malloc)(size_t size) = NULL; - void (*tpm_free)(/*const*/ void *ptr) = NULL; - void (*tpm_log)(int priority, const char *fmt, ...) = NULL; diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch deleted file mode 100644 index 9c9304cf..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/config.h.in b/config.h.in -index d16a997..8088a2a 100644 ---- a/config.h.in -+++ b/config.h.in -@@ -27,7 +27,7 @@ - #define TPM_STORAGE_NAME "${TPM_STORAGE_NAME}" - #define TPM_DEVICE_NAME "${TPM_DEVICE_NAME}" - #define TPM_LOG_FILE "${TPM_LOG_FILE}" --#define TPM_CMD_BUF_SIZE 4096 -+#define TPM_CMD_BUF_SIZE 4088 - - #endif /* _CONFIG_H_ */ - diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch deleted file mode 100644 index 5fee4e9a..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- - CMakeLists.txt | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -Index: tpm_emulator-x86_64/CMakeLists.txt -=================================================================== ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -40,10 +40,11 @@ set(TPM_STORAGE_NAME "/var/lib/tpm/tpm_e - set(TPM_DEVICE_NAME "/dev/tpm") - endif() - configure_file(${CMAKE_CURRENT_SOURCE_DIR}/config.h.in ${CMAKE_CURRENT_BINARY_DIR}/config.h) --add_definitions(-Wall -Werror -Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings) -+add_definitions(-Wall -Werror) - if("${CMAKE_SYSTEM}" MATCHES "Linux") - add_definitions(-Wextra) - endif() -+add_definitions(-Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings) - if(USE_OPENSSL) - add_definitions(-DUSE_OPENSSL) - endif() diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch deleted file mode 100644 index b1cbf66e..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch +++ /dev/null @@ -1,127 +0,0 @@ -diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c -index 69511d1..7545d51 100644 ---- a/tpm/tpm_cmd_handler.c -+++ b/tpm/tpm_cmd_handler.c -@@ -3347,12 +3347,13 @@ static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) - { - TPM_NONCE nonce; - TPM_RESULT res; -- UINT32 sigSize; -- BYTE *sig; -+ UINT32 quote_blob_size; -+ BYTE *quote_blob; - BYTE *ptr; - UINT32 len; - TPM_PCR_SELECTION myPCR; - TPM_PCR_SELECTION ptPCR; -+ UINT32 extraInfoFlags = 0; - - tpm_compute_in_param_digest(req); - -@@ -3361,17 +3362,19 @@ static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) - if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce) - || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &myPCR) - || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &ptPCR) -+ || tpm_unmarshal_TPM_DEEP_QUOTE_INFO(&ptr, &len, &extraInfoFlags) - || len != 0) return TPM_BAD_PARAMETER; - -- res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, &sigSize, &sig); -+ res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, extraInfoFlags, -+ "e_blob_size, "e_blob); - if (res != TPM_SUCCESS) return res; -- rsp->paramSize = len = sigSize; -+ rsp->paramSize = len = quote_blob_size; - rsp->param = ptr = tpm_malloc(len); -- if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) { -+ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, quote_blob, quote_blob_size)) { - tpm_free(rsp->param); - res = TPM_FAIL; - } -- tpm_free(sig); -+ tpm_free(quote_blob); - - return res; - } -diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h -index 328d1be..a56dd5f 100644 ---- a/tpm/tpm_commands.h -+++ b/tpm/tpm_commands.h -@@ -3077,6 +3077,7 @@ TPM_RESULT TPM_ParentSignEK( - * @myPCR: [in] PCR selection for the virtual TPM - * @ptPCR: [in] PCR selection for the hardware TPM - * @auth1: [in, out] Authorization protocol parameters -+ * @extraInfoFlags [in] Flags for including, kernel hash, group info, etc - * @sigSize: [out] The length of the returned digital signature - * @sig: [out] The resulting digital signature and PCR values - * Returns: TPM_SUCCESS on success, a TPM error code otherwise. -@@ -3086,6 +3087,7 @@ TPM_RESULT TPM_DeepQuote( - TPM_PCR_SELECTION *myPCR, - TPM_PCR_SELECTION *ptPCR, - TPM_AUTH *auth1, -+ UINT32 extraInfoFlags, - UINT32 *sigSize, - BYTE **sig - ); -diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c -index c0d62e7..6586c22 100644 ---- a/tpm/tpm_credentials.c -+++ b/tpm/tpm_credentials.c -@@ -183,7 +183,8 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_KEY_HANDLE keyHandle, TPM_AUTH *auth1, - - int endorsementKeyFresh = 0; - --TPM_RESULT VTPM_GetParentQuote(TPM_DIGEST* data, TPM_PCR_SELECTION *sel, UINT32 *sigSize, BYTE **sig); -+TPM_RESULT VTPM_GetParentQuote(TPM_NONCE *data, TPM_PCR_SELECTION *sel, -+ UINT32 extraInfoFlags, UINT32 *sigSize, BYTE **sig); - - TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, - TPM_AUTH *auth1, UINT32 *sigSize, BYTE **sig) -@@ -191,7 +192,7 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, - TPM_PUBKEY pubKey; - TPM_RESULT res; - TPM_DIGEST hres; -- -+ UINT32 extraInfoFlags = 0; - info("TPM_ParentSignEK()"); - - res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); -@@ -206,7 +207,7 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, - res = TPM_FAIL; - - if (res == TPM_SUCCESS) -- res = VTPM_GetParentQuote(&hres, sel, sigSize, sig); -+ res = VTPM_GetParentQuote((TPM_NONCE*)&hres, sel, extraInfoFlags, sigSize, sig); - - free_TPM_PUBKEY(pubKey); - return res; -@@ -218,7 +219,7 @@ static const BYTE dquot_hdr[] = { - - TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, - TPM_PCR_SELECTION *ptPCR, TPM_AUTH *auth1, -- UINT32 *sigSize, BYTE **sig) -+ UINT32 extraInfoFlags, UINT32 *quote_blob_size, BYTE **quote_blob) - { - TPM_RESULT res; - TPM_DIGEST hres; -@@ -253,7 +254,7 @@ TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, - - tpm_free(buf); - -- res = VTPM_GetParentQuote(&hres, ptPCR, sigSize, sig); -+ res = VTPM_GetParentQuote((TPM_NONCE*)&hres, ptPCR, extraInfoFlags, quote_blob_size, quote_blob); - - return res; - } -diff --git a/tpm/tpm_marshalling.h b/tpm/tpm_marshalling.h -index d510ebe..2e0c008 100644 ---- a/tpm/tpm_marshalling.h -+++ b/tpm/tpm_marshalling.h -@@ -268,6 +268,8 @@ static inline int tpm_unmarshal_BOOL(BYTE **ptr, UINT32 *length, BOOL *v) - #define tpm_unmarshal_TPM_REDIR_COMMAND tpm_unmarshal_UINT32 - #define tpm_marshal_DAAHANDLE tpm_marshal_UINT32 - #define tpm_unmarshal_DAAHANDLE tpm_unmarshal_UINT32 -+#define tpm_marshal_TPM_DEEP_QUOTE_INFO tpm_marshal_UINT32 -+#define tpm_unmarshal_TPM_DEEP_QUOTE_INFO tpm_unmarshal_UINT32 - - int tpm_marshal_UINT32_ARRAY(BYTE **ptr, UINT32 *length, UINT32 *v, UINT32 n); - int tpm_unmarshal_UINT32_ARRAY(BYTE **ptr, UINT32 *length, UINT32 *v, UINT32 n); diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch deleted file mode 100644 index 6344f387..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch +++ /dev/null @@ -1,187 +0,0 @@ -diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c -index 0fabf98..69511d1 100644 ---- a/tpm/tpm_cmd_handler.c -+++ b/tpm/tpm_cmd_handler.c -@@ -3343,6 +3343,39 @@ static TPM_RESULT execute_TPM_ParentSignEK(TPM_REQUEST *req, TPM_RESPONSE *rsp) - return res; - } - -+static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) -+{ -+ TPM_NONCE nonce; -+ TPM_RESULT res; -+ UINT32 sigSize; -+ BYTE *sig; -+ BYTE *ptr; -+ UINT32 len; -+ TPM_PCR_SELECTION myPCR; -+ TPM_PCR_SELECTION ptPCR; -+ -+ tpm_compute_in_param_digest(req); -+ -+ ptr = req->param; -+ len = req->paramSize; -+ if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce) -+ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &myPCR) -+ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &ptPCR) -+ || len != 0) return TPM_BAD_PARAMETER; -+ -+ res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, &sigSize, &sig); -+ if (res != TPM_SUCCESS) return res; -+ rsp->paramSize = len = sigSize; -+ rsp->param = ptr = tpm_malloc(len); -+ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) { -+ tpm_free(rsp->param); -+ res = TPM_FAIL; -+ } -+ tpm_free(sig); -+ -+ return res; -+} -+ - static void tpm_setup_rsp_auth(TPM_COMMAND_CODE ordinal, TPM_RESPONSE *rsp) - { - tpm_hmac_ctx_t hmac; -@@ -4098,6 +4131,11 @@ void tpm_execute_command(TPM_REQUEST *req, TPM_RESPONSE *rsp) - res = execute_TPM_ParentSignEK(req, rsp); - break; - -+ case TPM_ORD_DeepQuote: -+ debug("[TPM_ORD_DeepQuote]"); -+ res = execute_TPM_DeepQuote(req, rsp); -+ break; -+ - default: - #ifdef MTM_EMULATOR - res = mtm_execute_command(req, rsp); -diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h -index 7fef934..328d1be 100644 ---- a/tpm/tpm_commands.h -+++ b/tpm/tpm_commands.h -@@ -3071,6 +3071,25 @@ TPM_RESULT TPM_ParentSignEK( - BYTE **sig - ); - -+/** -+ * TPM_DeepQuote - gets a hardware TPM quote of a vTPM's PCRs -+ * @externalData: [in] AntiReplay nonce to prevent replay of messages -+ * @myPCR: [in] PCR selection for the virtual TPM -+ * @ptPCR: [in] PCR selection for the hardware TPM -+ * @auth1: [in, out] Authorization protocol parameters -+ * @sigSize: [out] The length of the returned digital signature -+ * @sig: [out] The resulting digital signature and PCR values -+ * Returns: TPM_SUCCESS on success, a TPM error code otherwise. -+ */ -+TPM_RESULT TPM_DeepQuote( -+ TPM_NONCE *externalData, -+ TPM_PCR_SELECTION *myPCR, -+ TPM_PCR_SELECTION *ptPCR, -+ TPM_AUTH *auth1, -+ UINT32 *sigSize, -+ BYTE **sig -+); -+ - /* - * Error handling - * [tpm_error.c] -diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c -index 01f29e6..c0d62e7 100644 ---- a/tpm/tpm_credentials.c -+++ b/tpm/tpm_credentials.c -@@ -211,3 +211,49 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, - free_TPM_PUBKEY(pubKey); - return res; - } -+ -+static const BYTE dquot_hdr[] = { -+ 0, 0, 0, 0, 'D', 'Q', 'U', 'T' -+}; -+ -+TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, -+ TPM_PCR_SELECTION *ptPCR, TPM_AUTH *auth1, -+ UINT32 *sigSize, BYTE **sig) -+{ -+ TPM_RESULT res; -+ TPM_DIGEST hres; -+ TPM_PCR_INFO_SHORT pcrData; -+ tpm_sha1_ctx_t ctx; -+ BYTE *buf, *ptr; -+ UINT32 size, len; -+ -+ info("TPM_DeepQuote()"); -+ -+ res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); -+ if (res != TPM_SUCCESS) return res; -+ -+ res = tpm_compute_pcr_digest(myPCR, &pcrData.digestAtRelease, NULL); -+ if (res != TPM_SUCCESS) return res; -+ -+ pcrData.pcrSelection.sizeOfSelect = myPCR->sizeOfSelect; -+ memcpy(pcrData.pcrSelection.pcrSelect, myPCR->pcrSelect, myPCR->sizeOfSelect); -+ pcrData.localityAtRelease = 1 << tpmData.stany.flags.localityModifier; -+ -+ size = len = sizeof_TPM_PCR_INFO_SHORT(pcrData); -+ buf = ptr = tpm_malloc(size); -+ if (buf == NULL) return TPM_NOSPACE; -+ if (tpm_marshal_TPM_PCR_INFO_SHORT(&ptr, &len, &pcrData)) -+ return TPM_FAIL; -+ -+ tpm_sha1_init(&ctx); -+ tpm_sha1_update(&ctx, dquot_hdr, 8); -+ tpm_sha1_update(&ctx, externalData->nonce, 20); -+ tpm_sha1_update(&ctx, buf, size); -+ tpm_sha1_final(&ctx, hres.digest); -+ -+ tpm_free(buf); -+ -+ res = VTPM_GetParentQuote(&hres, ptPCR, sigSize, sig); -+ -+ return res; -+} -diff --git a/tpm/tpm_structures.h b/tpm/tpm_structures.h -index b0f4625..dfb1894 100644 ---- a/tpm/tpm_structures.h -+++ b/tpm/tpm_structures.h -@@ -660,6 +660,42 @@ typedef struct tdTPM_CMK_MA_APPROVAL { - - /* VTPM-only commands: */ - /* -+ * Deep Quote - Create quote of PCRs -+ * Input: -+ * TPM_TAG tag TPM_TAG_RQU_AUTH1_COMMAND -+ * UINT32 paramSize Total size of request -+ * TPM_COMMAND_CODE ordinal TPM_ORD_DeepQuote -+ * TPM_NONCE externData 20 bytes of external data -+ * TPM_PCR_SELECTION vtSel PCR selection for virtual TPM -+ * TPM_PCR_SELECTION ptSel PCR selection for physical TPM -+ * --- -+ * UINT32 authHandle Owner authorization session (OIAP) -+ * TPM_NONCE nonceOdd Nonce for authHandle -+ * BOOL continueAuth Continue flag for authHandle -+ * TPM_AUTHDATA privAuth Authorization digest for command -+ * -+ * Output: -+ * TPM_TAG tag TPM_TAG_RSP_AUTH1_COMMAND -+ * UINT32 paramSize Total size of response -+ * TPM_RESULT returnCode Return code of the operation -+ * BYTE[] sig Signature provided by physical TPM -+ * TPM_PCRVALUE[] pcrValue Values of hardware PCRs used in the quote -+ * --- -+ * TPM_NONCE nonceEven Nonce for authHandle -+ * BOOL continueAuth Continue flag for authHandle -+ * TPM_AUTHDATA resAuth Authorization digest for response -+ * -+ * The values of the virutal TPM's PCRs are not included in the response. -+ * The signature is a standard TPM_Quote response from the physical TPM; its -+ * externalData is the SHA1 hash of the following structure: -+ * TPM_STRUCT_VER version MUST be 0.0.0.0 -+ * BYTE[4] fixed MUST be the string "DQUT" -+ * TPM_NONCE externData From input to the deep quote -+ * TPM_PCR_INFO_SHORT pcrData Virtual TPM's PCRs -+ */ -+#define TPM_ORD_DeepQuote (TPM_VENDOR_COMMAND | TPM_ORD_Quote) -+ -+/* - * ParentSignEK - Proof of fresh provisioning and EK value - * - * Input: diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch deleted file mode 100644 index e95d41fc..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/tpm/tpm_cmd_handler.c.orig 2017-04-27 13:37:14.408000000 +0200 -+++ b/tpm/tpm_cmd_handler.c 2017-04-27 13:39:53.585000000 +0200 -@@ -3397,6 +3397,7 @@ - sizeof(rsp->auth2->nonceOdd.nonce)); - tpm_hmac_update(&hmac, (BYTE*)&rsp->auth2->continueAuthSession, 1); - tpm_hmac_final(&hmac, rsp->auth2->auth); -+ /* fall-thru */ - case TPM_TAG_RSP_AUTH1_COMMAND: - tpm_hmac_init(&hmac, rsp->auth1->secret, sizeof(rsp->auth1->secret)); - tpm_hmac_update(&hmac, rsp->auth1->digest, sizeof(rsp->auth1->digest)); diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch deleted file mode 100644 index 8ab7dea6..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch +++ /dev/null @@ -1,50 +0,0 @@ -diff --git a/tpm/tpm_capability.c b/tpm/tpm_capability.c -index 60bbb90..f8f7f0f 100644 ---- a/tpm/tpm_capability.c -+++ b/tpm/tpm_capability.c -@@ -949,6 +949,8 @@ static TPM_RESULT set_vendor(UINT32 subCap, BYTE *setValue, - UINT32 setValueSize, BOOL ownerAuth, - BOOL deactivated, BOOL disabled) - { -+ if (tpmData.stany.flags.localityModifier != 8) -+ return TPM_BAD_PARAMETER; - /* set the capability area with the specified data, on failure - deactivate the TPM */ - switch (subCap) { -diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c -index 288d1ce..9e1cfb4 100644 ---- a/tpm/tpm_cmd_handler.c -+++ b/tpm/tpm_cmd_handler.c -@@ -4132,7 +4132,7 @@ void tpm_emulator_shutdown() - tpm_extern_release(); - } - --int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size) -+int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size, int locality) - { - TPM_REQUEST req; - TPM_RESPONSE rsp; -@@ -4140,7 +4140,9 @@ int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint3 - UINT32 len; - BOOL free_out; - -- debug("tpm_handle_command()"); -+ debug("tpm_handle_command(%d)", locality); -+ if (locality != -1) -+ tpmData.stany.flags.localityModifier = locality; - - /* we need the whole packet at once, otherwise unmarshalling will fail */ - if (tpm_unmarshal_TPM_REQUEST((uint8_t**)&in, &in_size, &req) != 0) { -diff --git a/tpm/tpm_emulator.h b/tpm/tpm_emulator.h -index eed749e..4c228bd 100644 ---- a/tpm/tpm_emulator.h -+++ b/tpm/tpm_emulator.h -@@ -59,7 +59,7 @@ void tpm_emulator_shutdown(void); - * its usage. In case of an error, all internally allocated memory - * is released and the the state of out and out_size is unspecified. - */ --int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size); -+int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size, int locality); - - #endif /* _TPM_EMULATOR_H_ */ - diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch deleted file mode 100644 index 14e66eee..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch +++ /dev/null @@ -1,196 +0,0 @@ -diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c -index 9e1cfb4..0fabf98 100644 ---- a/tpm/tpm_cmd_handler.c -+++ b/tpm/tpm_cmd_handler.c -@@ -3312,6 +3312,37 @@ static TPM_RESULT execute_TPM_OwnerReadPubek(TPM_REQUEST *req, TPM_RESPONSE *rsp - return res; - } - -+static TPM_RESULT execute_TPM_ParentSignEK(TPM_REQUEST *req, TPM_RESPONSE *rsp) -+{ -+ TPM_NONCE nonce; -+ TPM_RESULT res; -+ UINT32 sigSize; -+ BYTE *sig; -+ BYTE *ptr; -+ UINT32 len; -+ TPM_PCR_SELECTION targetPCR; -+ -+ tpm_compute_in_param_digest(req); -+ -+ ptr = req->param; -+ len = req->paramSize; -+ if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce) -+ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &targetPCR) -+ || len != 0) return TPM_BAD_PARAMETER; -+ -+ res = TPM_ParentSignEK(&nonce, &targetPCR, &req->auth1, &sigSize, &sig); -+ if (res != TPM_SUCCESS) return res; -+ rsp->paramSize = len = sigSize; -+ rsp->param = ptr = tpm_malloc(len); -+ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) { -+ tpm_free(rsp->param); -+ res = TPM_FAIL; -+ } -+ tpm_free(sig); -+ -+ return res; -+} -+ - static void tpm_setup_rsp_auth(TPM_COMMAND_CODE ordinal, TPM_RESPONSE *rsp) - { - tpm_hmac_ctx_t hmac; -@@ -4062,6 +4093,11 @@ void tpm_execute_command(TPM_REQUEST *req, TPM_RESPONSE *rsp) - res = execute_TPM_OwnerReadPubek(req, rsp); - break; - -+ case TPM_ORD_ParentSignEK: -+ debug("[TPM_ORD_ParentSignEK]"); -+ res = execute_TPM_ParentSignEK(req, rsp); -+ break; -+ - default: - #ifdef MTM_EMULATOR - res = mtm_execute_command(req, rsp); -diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h -index a7666f6..7fef934 100644 ---- a/tpm/tpm_commands.h -+++ b/tpm/tpm_commands.h -@@ -3054,6 +3054,23 @@ TPM_RESULT TPM_OwnerReadPubek( - TPM_PUBKEY *pubEndorsementKey - ); - -+/** -+ * TPM_ParentSignEK - gets a hardware TPM quote of a vTPM's EK -+ * @externalData: [in] AntiReplay nonce to prevent replay of messages -+ * @sel: [in] PCR selection for the hardware TPM's quote -+ * @auth1: [in, out] Authorization protocol parameters -+ * @sigSize: [out] The length of the returned digital signature -+ * @sig: [out] The resulting digital signature and PCR values -+ * Returns: TPM_SUCCESS on success, a TPM error code otherwise. -+ */ -+TPM_RESULT TPM_ParentSignEK( -+ TPM_NONCE *externalData, -+ TPM_PCR_SELECTION *sel, -+ TPM_AUTH *auth1, -+ UINT32 *sigSize, -+ BYTE **sig -+); -+ - /* - * Error handling - * [tpm_error.c] -diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c -index 9cd64af..01f29e6 100644 ---- a/tpm/tpm_credentials.c -+++ b/tpm/tpm_credentials.c -@@ -180,3 +180,34 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_KEY_HANDLE keyHandle, TPM_AUTH *auth1, - return TPM_BAD_PARAMETER; - } - } -+ -+int endorsementKeyFresh = 0; -+ -+TPM_RESULT VTPM_GetParentQuote(TPM_DIGEST* data, TPM_PCR_SELECTION *sel, UINT32 *sigSize, BYTE **sig); -+ -+TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, -+ TPM_AUTH *auth1, UINT32 *sigSize, BYTE **sig) -+{ -+ TPM_PUBKEY pubKey; -+ TPM_RESULT res; -+ TPM_DIGEST hres; -+ -+ info("TPM_ParentSignEK()"); -+ -+ res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); -+ if (res != TPM_SUCCESS) return res; -+ -+ if (!endorsementKeyFresh) return TPM_DISABLED_CMD; -+ -+ res = tpm_get_pubek(&pubKey); -+ if (res != TPM_SUCCESS) return res; -+ -+ if (tpm_compute_pubkey_checksum(externalData, &pubKey, &hres)) -+ res = TPM_FAIL; -+ -+ if (res == TPM_SUCCESS) -+ res = VTPM_GetParentQuote(&hres, sel, sigSize, sig); -+ -+ free_TPM_PUBKEY(pubKey); -+ return res; -+} -diff --git a/tpm/tpm_data.c b/tpm/tpm_data.c -index 50c9697..6a0c499 100644 ---- a/tpm/tpm_data.c -+++ b/tpm/tpm_data.c -@@ -76,6 +76,8 @@ static void init_timeouts(void) - tpmData.permanent.data.cmd_durations[2] = 1000; - } - -+extern int endorsementKeyFresh; -+ - void tpm_init_data(void) - { - /* endorsement key */ -@@ -157,6 +159,7 @@ void tpm_init_data(void) - if (tpmConf & TPM_CONF_GENERATE_EK) { - /* generate a new endorsement key */ - tpm_rsa_generate_key(&tpmData.permanent.data.endorsementKey, 2048); -+ endorsementKeyFresh = 1; - } else { - /* setup endorsement key */ - tpm_rsa_import_key(&tpmData.permanent.data.endorsementKey, -diff --git a/tpm/tpm_structures.h b/tpm/tpm_structures.h -index f746c05..b0f4625 100644 ---- a/tpm/tpm_structures.h -+++ b/tpm/tpm_structures.h -@@ -658,6 +658,49 @@ typedef struct tdTPM_CMK_MA_APPROVAL { - #define TPM_ORD_TickStampBlob 242 - #define TPM_ORD_MAX 256 - -+/* VTPM-only commands: */ -+/* -+ * ParentSignEK - Proof of fresh provisioning and EK value -+ * -+ * Input: -+ * TPM_TAG tag TPM_TAG_RQU_AUTH1_COMMAND -+ * UINT32 paramSize Total size of request -+ * TPM_COMMAND_CODE ordinal TPM_ORD_ParentSignEK -+ * TPM_NONCE externData 20 bytes of external data -+ * TPM_PCR_SELECTION ptSel PCR selection for physical TPM -+ * --- -+ * UINT32 authHandle Owner authorization session (OIAP) -+ * TPM_NONCE nonceOdd Nonce for authHandle -+ * BOOL continueAuth Continue flag for authHandle -+ * TPM_AUTHDATA privAuth Authorization digest for command -+ * -+ * Output: -+ * TPM_TAG tag TPM_TAG_RSP_AUTH1_COMMAND -+ * UINT32 paramSize Total size of response -+ * TPM_RESULT returnCode Return code of the operation -+ * BYTE[] sig Signature provided by physical TPM -+ * TPM_PCRVALUE[] pcrValue Values of hardware PCRs used in the quote -+ * --- -+ * TPM_NONCE nonceEven Nonce for authHandle -+ * BOOL continueAuth Continue flag for authHandle -+ * TPM_AUTHDATA resAuth Authorization digest for response -+ * -+ * This command is only valid on the first boot of a vTPM; on any subsequent -+ * boot, the command returns TPM_DISABLED_CMD. It is intended to be used to -+ * provide evidence of proper platform configuration to the verifier/CA which is -+ * responsible for the creation of the vTPM's endorsement credential, which will -+ * be used on subsequent boots to certify AIKs via the usual Privacy CA protocol. -+ * -+ * The values of the virtual TPM's PCRs are not included in the response. -+ * The signature is a standard TPM_Quote response from the physical TPM; its -+ * externalData is the SHA1 hash of the following structure: -+ * TPM_PUBKEY pubEK The vTPM's public EK -+ * TPM_NONCE externData From input to the deep quote -+ * -+ * This structure was chosen to match the return of TPM_ReadPubek -+ */ -+#define TPM_ORD_ParentSignEK (TPM_VENDOR_COMMAND | TPM_ORD_ReadPubek) -+ - /* - * TCS Ordinals ([TPM_Part2], Section 17.1) - * diff --git a/external/meta-virtualization/recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch b/external/meta-virtualization/recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch deleted file mode 100644 index aefca284..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/vtpm_TPM_ChangeAuthAsymFinish.patch +++ /dev/null @@ -1,28 +0,0 @@ -Patch derived from below Xen changeset. -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> - -commit 22bf5be3237cb482a2ffd772ffd20ce37285eebf -Author: Olaf Hering <olaf@aepfle.de> -Date: Mon Jun 18 14:55:36 2018 +0200 - -stubdom/vtpm: fix memcmp in TPM_ChangeAuthAsymFinish - -gcc8 spotted this error: -error: 'memcmp' reading 20 bytes from a region of size 8 [-Werror=stringop-overflow=] - -Signed-off-by: Olaf Hering <olaf@aepfle.de> -Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> - -diff --git a/tpm/tpm_deprecated.c b/tpm/tpm_deprecated.c -index c362b56..4c49f54 100644 ---- a/tpm/tpm_deprecated.c -+++ b/tpm/tpm_deprecated.c -@@ -434,7 +434,7 @@ TPM_RESULT TPM_ChangeAuthAsymFinish(TPM_KEY_HANDLE parentHandle, - tpm_hmac_final(&hmac_ctx, b1.digest); - /* 6. The TPM SHALL compare b1 with newAuthLink. The TPM SHALL - indicate a failure if the values do not match. */ -- if (memcmp(&b1, &newAuthLink, sizeof(TPM_HMAC))) { -+ if (memcmp(&b1, newAuthLink, sizeof(TPM_HMAC))) { - debug("TPM_ChangeAuthAsymFinish(): newAuthLink value does not match."); - return TPM_FAIL; - } diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-4.11-arm-acpi-fix-string-lengths.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-4.11-arm-acpi-fix-string-lengths.patch deleted file mode 100644 index ece64071..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/xen-4.11-arm-acpi-fix-string-lengths.patch +++ /dev/null @@ -1,101 +0,0 @@ -From 5e1a00969afe98a713bf14d1ba1902403b60e287 Mon Sep 17 00:00:00 2001 -From: Christopher Clark <christopher.w.clark@gmail.com> -Date: Thu, 16 Aug 2018 13:04:52 -0700 -Subject: [PATCH v2] libxl/arm: Fix build on arm64 + acpi w/ gcc 8.2 -To: xen-devel@lists.xenproject.org -Cc: wei.liu2@citrix.com, - ian.jackson@eu.citrix.com, - julien.grall@arm.com, - sstabellini@kernel.org - -[modified for Xen 4.11 to add required: #include <xen-tools/libs.h>] - -Add zero-padding to #defined ACPI table strings that are copied. -Provides sufficient characters to satisfy the length required to -fully populate the destination and prevent array-bounds warnings. -Add BUILD_BUG_ON sizeof checks for compile-time length checking. - -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> -Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> -Acked-by: Wei Liu <wei.liu2@citrix.com> ---- -v2: add BUILD_BUG_ON length checks, requested by Wei. - -v1: Please add this patch to the backport list for the next minor - 4.11 release. - -Prior to this: gcc 8.2 objects to memcpy past bounds: - -| libxl_arm_acpi.c: In function 'make_acpi_header': -| libxl_arm_acpi.c:208:5: error: 'memcpy' forming offset [5, 6] is out -of the bounds [0, 4] [-Werror=array-bounds] -| memcpy(h->oem_id, ACPI_OEM_ID, sizeof(h->oem_id)); -| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| libxl_arm_acpi.c:209:5: error: 'memcpy' forming offset [5, 8] is out -of the bounds [0, 4] [-Werror=array-bounds] -| memcpy(h->oem_table_id, ACPI_OEM_TABLE_ID, -sizeof(h->oem_table_id)); -| -^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| libxl_arm_acpi.c:211:5: error: 'memcpy' forming offset 4 is out of the -bounds [0, 3] [-Werror=array-bounds] -| memcpy(h->asl_compiler_id, ACPI_ASL_COMPILER_ID, -| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| sizeof(h->asl_compiler_id)); -| ~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| In function 'make_acpi_rsdp.isra.4', -| inlined from 'libxl__prepare_acpi' at libxl_arm_acpi.c:389:5: -| libxl_arm_acpi.c:193:5: error: 'memcpy' forming offset [5, 6] is out -of the bounds [0, 4] [-Werror=array-bounds] -| memcpy(rsdp->oem_id, ACPI_OEM_ID, sizeof(rsdp->oem_id)); -| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - - tools/libxl/libxl_arm_acpi.c | 10 +++++++--- - 1 file changed, 7 insertions(+), 3 deletions(-) - -diff --git a/tools/libxl/libxl_arm_acpi.c b/tools/libxl/libxl_arm_acpi.c -index 636f724..8924396 100644 ---- a/tools/libxl/libxl_arm_acpi.c -+++ b/tools/libxl/libxl_arm_acpi.c -@@ -29,6 +29,7 @@ typedef int64_t s64; - - #include <acpi/acconfig.h> - #include <acpi/actbl.h> -+#include <xen-tools/libs.h> - - #ifndef BITS_PER_LONG - #ifdef _LP64 -@@ -48,9 +49,9 @@ extern const unsigned char dsdt_anycpu_arm[]; - _hidden - extern const int dsdt_anycpu_arm_len; - --#define ACPI_OEM_ID "Xen" --#define ACPI_OEM_TABLE_ID "ARM" --#define ACPI_ASL_COMPILER_ID "XL" -+#define ACPI_OEM_ID "Xen\0\0" -+#define ACPI_OEM_TABLE_ID "ARM\0\0\0\0" -+#define ACPI_ASL_COMPILER_ID "XL\0" - - enum { - RSDP, -@@ -190,6 +191,7 @@ static void make_acpi_rsdp(libxl__gc *gc, struct xc_dom_image *dom, - struct acpi_table_rsdp *rsdp = (void *)dom->acpi_modules[0].data + offset; - - memcpy(rsdp->signature, "RSD PTR ", sizeof(rsdp->signature)); -+ BUILD_BUG_ON(sizeof(ACPI_OEM_ID) != sizeof(rsdp->oem_id)); - memcpy(rsdp->oem_id, ACPI_OEM_ID, sizeof(rsdp->oem_id)); - rsdp->length = acpitables[RSDP].size; - rsdp->revision = 0x02; -@@ -205,9 +207,12 @@ static void make_acpi_header(struct acpi_table_header *h, const char *sig, - memcpy(h->signature, sig, 4); - h->length = len; - h->revision = rev; -+ BUILD_BUG_ON(sizeof(ACPI_OEM_ID) != sizeof(h->oem_id)); - memcpy(h->oem_id, ACPI_OEM_ID, sizeof(h->oem_id)); -+ BUILD_BUG_ON(sizeof(ACPI_OEM_TABLE_ID) != sizeof(h->oem_table_id)); - memcpy(h->oem_table_id, ACPI_OEM_TABLE_ID, sizeof(h->oem_table_id)); - h->oem_revision = 0; -+ BUILD_BUG_ON(sizeof(ACPI_ASL_COMPILER_ID) != sizeof(h->asl_compiler_id)); - memcpy(h->asl_compiler_id, ACPI_ASL_COMPILER_ID, - sizeof(h->asl_compiler_id)); - h->asl_compiler_revision = 0; diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-disable-sse-before-inlines.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-disable-sse-before-inlines.patch deleted file mode 100644 index 54a28ee4..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/xen-disable-sse-before-inlines.patch +++ /dev/null @@ -1,140 +0,0 @@ -From 6d50ae155c0f736aa6239eabf1bc8c8e3704742d Mon Sep 17 00:00:00 2001 -From: Christopher Clark <christopher.w.clark@gmail.com> -Date: Fri, 21 Sep 2018 08:28:02 -0700 -Subject: [PATCH v2] fuzz, test x86_emulator: disable sse before including - always_inline fns -To: xen-devel@lists.xenproject.org, - jbeulich@suse.com -Cc: ian.jackson@eu.citrix.com, - wei.liu2@citrix.com, - andrew.cooper3@citrix.com - -Workaround for compiler rejection of SSE-using always_inlines defined before -SSE is disabled. - -Compiling with _FORTIFY_SOURCE or higher levels of optimization enabled -will always_inline several library fns (memset, memcpy, ...) -(with gcc 8.2.0 and glibc 2.28). - -In fuzz and x86_emulator test, the compiler is instructed not -to generate SSE instructions via: #pragma GCC target("no-sse") -because those registers are needed for use by the workload. - -The combination above causes compilation failure as the inline functions -use those instructions. This is resolved by reordering the inclusion of -<stdio.h> and <string.h> to after the pragma disabling SSE generation. - -It would be preferable to locate the no-sse pragma within x86-emulate.h at the -top of the file, prior to including any other headers; unfortunately doing so -before <stdlib.h> causes compilation failure due to declaration of 'atof' with: - "SSE register return with SSE disabled". -Fortunately there is no (known) current dependency on any always_inline -SSE-inclined function declared in <stdlib.h> or any of its dependencies, so the -pragma is therefore issued immediately after inclusion of <stdlib.h> with a -comment introduced to explain its location there. - -Add compile-time checks for unwanted prior inclusion of <string.h> and -<stdio.h>, which are the two headers that provide the library functions that -are handled with wrappers and listed within "x86-emulate.h" as ones "we think -might access any of the FPU state". -* Use standard-defined "EOF" macro to detect prior <stdio.h> inclusion. -* Use "_STRING_H" (non-standardized guard macro) as best-effort - for detection of prior <string.h> inclusion. This is non-universally - viable but will provide error output on common GLIBC systems, so - provides some defensive coverage. - -Adds conditional #include <stdio.h> to x86-emulate.h because fwrite, printf, -etc. are referenced when WRAP has been defined. - -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> -Reviewed-by: Jan Beulich <jbeulich@suse.com> ---- - tools/fuzz/x86_instruction_emulator/fuzz-emul.c | 10 +++++++-- - tools/tests/x86_emulator/wrappers.c | 1 - - tools/tests/x86_emulator/x86-emulate.h | 28 +++++++++++++++++++++++-- - 3 files changed, 34 insertions(+), 5 deletions(-) - -diff --git a/tools/fuzz/x86_instruction_emulator/fuzz-emul.c b/tools/fuzz/x86_instruction_emulator/fuzz-emul.c -index 03a2473..0ffd0fb 100644 ---- a/tools/fuzz/x86_instruction_emulator/fuzz-emul.c -+++ b/tools/fuzz/x86_instruction_emulator/fuzz-emul.c -@@ -6,9 +6,7 @@ - #include <stdbool.h> - #include <stddef.h> - #include <stdint.h> --#include <stdio.h> - #include <stdlib.h> --#include <string.h> - #include <sys/types.h> - #include <sys/stat.h> - #include <sys/mman.h> -@@ -16,6 +14,14 @@ - #include <xen/xen.h> - - #include "x86-emulate.h" -+/* -+ * include "x86-emulate.h" prior to <stdio.h> and <string.h>: -+ * x86-emulate.h disables use of SSE registers, while <stdio.h> and <string.h> -+ * declare functions that may be always_inline and use those registers -+ * unless they have been disabled earlier, which can fail to compile. -+ */ -+#include <stdio.h> -+#include <string.h> - #include "fuzz-emul.h" - - #define MSR_INDEX_MAX 16 -diff --git a/tools/tests/x86_emulator/wrappers.c b/tools/tests/x86_emulator/wrappers.c -index d02013c..eba7cc9 100644 ---- a/tools/tests/x86_emulator/wrappers.c -+++ b/tools/tests/x86_emulator/wrappers.c -@@ -1,5 +1,4 @@ - #include <stdarg.h> --#include <stdio.h> - - #define WRAP(x) typeof(x) emul_##x - #include "x86-emulate.h" -diff --git a/tools/tests/x86_emulator/x86-emulate.h b/tools/tests/x86_emulator/x86-emulate.h -index b249e46..07ea1e8 100644 ---- a/tools/tests/x86_emulator/x86-emulate.h -+++ b/tools/tests/x86_emulator/x86-emulate.h -@@ -3,11 +3,35 @@ - #include <stddef.h> - #include <stdint.h> - #include <stdlib.h> --#include <string.h> -- -+/* -+ * Use of sse registers must be disabled prior to the definition of -+ * always_inline functions that would use them (memcpy, memset, etc), -+ * so do this as early as possible, aiming to be before any always_inline -+ * functions that are used are declared. -+ * Unfortunately, this cannot be done prior to inclusion of <stdlib.h> -+ * due to functions such as 'atof' that have SSE register return declared, -+ * so do so here, immediately after that. -+ */ - #if __GNUC__ >= 6 - #pragma GCC target("no-sse") - #endif -+ /* -+ * Attempt detection of unwanted prior inclusion of some headers known to use -+ * always_inline with SSE registers in some library / compiler / optimization -+ * combinations. -+ */ -+#ifdef _STRING_H -+#error "Must not include <string.h> before x86-emulate.h" -+#endif -+#include <string.h> -+ -+/* EOF is a standard macro defined in <stdio.h> so use it for detection */ -+#ifdef EOF -+#error "Must not include <stdio.h> before x86-emulate.h" -+#endif -+#ifdef WRAP -+#include <stdio.h> -+#endif - - #include <xen/xen.h> - --- -2.1.4 - diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-libxl-gentypes-py3.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-libxl-gentypes-py3.patch new file mode 100644 index 00000000..23997865 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-libxl-gentypes-py3.patch @@ -0,0 +1,140 @@ +From 660d2dd863802ef464c90b32f187cb65861f8185 Mon Sep 17 00:00:00 2001 +From: Wei Liu <wei.liu2@citrix.com> +Date: Thu, 7 Mar 2019 12:33:38 +0000 +Subject: [PATCH] libxl: make python scripts work with python 2.6 and up + +Go through transformations suggested by 2to3 and pick the necessary +ones. + +Signed-off-by: Wei Liu <wei.liu2@citrix.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> +--- + tools/libxl/gentest.py | 4 +++- + tools/libxl/gentypes.py | 12 +++++++----- + tools/libxl/idl.py | 15 ++++++++------- + 3 files changed, 18 insertions(+), 13 deletions(-) + +diff --git a/tools/libxl/gentest.py b/tools/libxl/gentest.py +index 989959fc68..1cc7eebc82 100644 +--- a/tools/libxl/gentest.py ++++ b/tools/libxl/gentest.py +@@ -1,5 +1,7 @@ + #!/usr/bin/python + ++from __future__ import print_function ++ + import os + import sys + import re +@@ -86,7 +88,7 @@ def gen_rand_init(ty, v, indent = " ", parent = None): + + if __name__ == '__main__': + if len(sys.argv) < 3: +- print >>sys.stderr, "Usage: gentest.py <idl> <implementation>" ++ print("Usage: gentest.py <idl> <implementation>", file=sys.stderr) + sys.exit(1) + + random.seed(os.getenv('LIBXL_TESTIDL_SEED')) +diff --git a/tools/libxl/gentypes.py b/tools/libxl/gentypes.py +index 88e5c5f30e..6417c9dd8c 100644 +--- a/tools/libxl/gentypes.py ++++ b/tools/libxl/gentypes.py +@@ -1,5 +1,7 @@ + #!/usr/bin/python + ++from __future__ import print_function ++ + import sys + import re + +@@ -576,14 +578,14 @@ def libxl_C_enum_from_string(ty, str, e, indent = " "): + + if __name__ == '__main__': + if len(sys.argv) != 6: +- print >>sys.stderr, "Usage: gentypes.py <idl> <header> <header-private> <header-json> <implementation>" ++ print("Usage: gentypes.py <idl> <header> <header-private> <header-json> <implementation>", file=sys.stderr) + sys.exit(1) + + (_, idlname, header, header_private, header_json, impl) = sys.argv + + (builtins,types) = idl.parse(idlname) + +- print "outputting libxl type definitions to %s" % header ++ print("outputting libxl type definitions to %s" % header) + + f = open(header, "w") + +@@ -633,7 +635,7 @@ if __name__ == '__main__': + f.write("""#endif /* %s */\n""" % (header_define)) + f.close() + +- print "outputting libxl JSON definitions to %s" % header_json ++ print("outputting libxl JSON definitions to %s" % header_json) + + f = open(header_json, "w") + +@@ -657,7 +659,7 @@ if __name__ == '__main__': + f.write("""#endif /* %s */\n""" % header_json_define) + f.close() + +- print "outputting libxl type internal definitions to %s" % header_private ++ print("outputting libxl type internal definitions to %s" % header_private) + + f = open(header_private, "w") + +@@ -683,7 +685,7 @@ if __name__ == '__main__': + f.write("""#endif /* %s */\n""" % header_json_define) + f.close() + +- print "outputting libxl type implementations to %s" % impl ++ print("outputting libxl type implementations to %s" % impl) + + f = open(impl, "w") + f.write(""" +diff --git a/tools/libxl/idl.py b/tools/libxl/idl.py +index 2a7f3c44fe..d7367503b4 100644 +--- a/tools/libxl/idl.py ++++ b/tools/libxl/idl.py +@@ -1,3 +1,5 @@ ++from __future__ import print_function ++ + import sys + + PASS_BY_VALUE = 1 +@@ -11,7 +13,7 @@ DIR_BOTH = 3 + _default_namespace = "" + def namespace(s): + if type(s) != str: +- raise TypeError, "Require a string for the default namespace." ++ raise TypeError("Require a string for the default namespace.") + global _default_namespace + _default_namespace = s + +@@ -346,7 +348,7 @@ class OrderedDict(dict): + return [(x,self[x]) for x in self.__ordered] + + def parse(f): +- print >>sys.stderr, "Parsing %s" % f ++ print("Parsing %s" % f, file=sys.stderr) + + globs = {} + locs = OrderedDict() +@@ -362,11 +364,10 @@ def parse(f): + globs[n] = t + + try: +- execfile(f, globs, locs) +- except SyntaxError,e: +- raise SyntaxError, \ +- "Errors were found at line %d while processing %s:\n\t%s"\ +- %(e.lineno,f,e.text) ++ exec(compile(open(f).read(), f, 'exec'), globs, locs) ++ except SyntaxError as e: ++ raise SyntaxError("Errors were found at line %d while processing %s:\n\t%s" ++ % (e.lineno, f, e.text)) + + types = [t for t in locs.ordered_values() if isinstance(t,Type)] + +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-change-tabs-into-spaces.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-change-tabs-into-spaces.patch new file mode 100644 index 00000000..d913be20 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-change-tabs-into-spaces.patch @@ -0,0 +1,40 @@ +From b9e1368af14ded6aee3bdf64e8329628b16291ff Mon Sep 17 00:00:00 2001 +From: Wei Liu <wei.liu2@citrix.com> +Date: Mon, 11 Mar 2019 12:55:29 +0000 +Subject: [PATCH] pygrub: change tabs into spaces + +Not sure why Python 2 never complained, but Python 3 does. + +Change tabs to spaces. + +Signed-off-by: Wei Liu <wei.liu2@citrix.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> +--- + tools/pygrub/src/pygrub | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tools/pygrub/src/pygrub b/tools/pygrub/src/pygrub +index 52a8965ad9..1189b1ca48 100755 +--- a/tools/pygrub/src/pygrub ++++ b/tools/pygrub/src/pygrub +@@ -858,7 +858,7 @@ if __name__ == "__main__": + output_directory = a + + if debug: +- logging.basicConfig(level=logging.DEBUG) ++ logging.basicConfig(level=logging.DEBUG) + + + try: +@@ -917,7 +917,7 @@ if __name__ == "__main__": + # IOErrors raised by fsimage.open + # RuntimeErrors raised by run_grub if no menu.lst present + if debug: +- traceback.print_exc() ++ traceback.print_exc() + fs = None + continue + +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-make-python-scripts-work-with-2.6-and-up.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-make-python-scripts-work-with-2.6-and-up.patch new file mode 100644 index 00000000..f4cbb670 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-make-python-scripts-work-with-2.6-and-up.patch @@ -0,0 +1,529 @@ +From 0aabd89dcfee9ee2a6caaa2ec7a475daf5cada53 Mon Sep 17 00:00:00 2001 +From: Wei Liu <wei.liu2@citrix.com> +Date: Thu, 7 Mar 2019 12:45:47 +0000 +Subject: [PATCH] pygrub: make python scripts work with 2.6 and up + +Run 2to3 and pick the sensible suggestions. + +Import print_function and absolute_import so 2.6 can work. + +There has never been a curses.wrapper module according to 2.x and 3.x +doc, only a function, so "import curses.wrapper" is not correct. It +happened to work because 2.x implemented a (undocumented) module. + +We only need to import curses to make curses.wrapper available to +pygrub. + +Signed-off-by: Wei Liu <wei.liu2@citrix.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> +--- + tools/pygrub/src/ExtLinuxConf.py | 19 +++++---- + tools/pygrub/src/GrubConf.py | 39 ++++++++++-------- + tools/pygrub/src/LiloConf.py | 19 +++++---- + tools/pygrub/src/pygrub | 71 ++++++++++++++++---------------- + 4 files changed, 78 insertions(+), 70 deletions(-) + +diff --git a/tools/pygrub/src/ExtLinuxConf.py b/tools/pygrub/src/ExtLinuxConf.py +index d1789bf020..9fd635b9cf 100644 +--- a/tools/pygrub/src/ExtLinuxConf.py ++++ b/tools/pygrub/src/ExtLinuxConf.py +@@ -10,9 +10,11 @@ + # along with this program; If not, see <http://www.gnu.org/licenses/>. + # + ++from __future__ import print_function, absolute_import ++ + import sys, re, os + import logging +-import GrubConf ++from . import GrubConf + + class ExtLinuxImage(object): + def __init__(self, lines, path): +@@ -32,7 +34,8 @@ class ExtLinuxImage(object): + self.lines = [] + self.path = path + self.root = "" +- map(self.set_from_line, lines) ++ for line in lines: ++ self.set_from_line(line) + + def set_from_line(self, line, replace = None): + (com, arg) = GrubConf.grub_exact_split(line, 2) +@@ -67,7 +70,7 @@ class ExtLinuxImage(object): + setattr(self, "initrd", a.replace("initrd=", "")) + arg = arg.replace(a, "") + +- if com is not None and self.commands.has_key(com): ++ if com is not None and com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], re.sub('^"(.+)"$', r"\1", arg.strip())) + else: +@@ -136,7 +139,7 @@ class ExtLinuxConfigFile(object): + def parse(self, buf = None): + if buf is None: + if self.filename is None: +- raise ValueError, "No config file defined to parse!" ++ raise ValueError("No config file defined to parse!") + + f = open(self.filename, 'r') + lines = f.readlines() +@@ -167,7 +170,7 @@ class ExtLinuxConfigFile(object): + + (com, arg) = GrubConf.grub_exact_split(l, 2) + com = com.lower() +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -207,8 +210,8 @@ class ExtLinuxConfigFile(object): + + if __name__ == "__main__": + if len(sys.argv) < 2: +- raise RuntimeError, "Need a configuration file to read" ++ raise RuntimeError("Need a configuration file to read") + g = ExtLinuxConfigFile(sys.argv[1]) + for i in g.images: +- print i +- print g.default ++ print(i) ++ print(g.default) +diff --git a/tools/pygrub/src/GrubConf.py b/tools/pygrub/src/GrubConf.py +index dc810d55cb..f8d3799dc0 100644 +--- a/tools/pygrub/src/GrubConf.py ++++ b/tools/pygrub/src/GrubConf.py +@@ -12,6 +12,8 @@ + # along with this program; If not, see <http://www.gnu.org/licenses/>. + # + ++from __future__ import print_function, absolute_import ++ + import os, sys + import logging + import re +@@ -44,7 +46,7 @@ def get_path(s): + return (None, s) + idx = s.find(')') + if idx == -1: +- raise ValueError, "Unable to find matching ')'" ++ raise ValueError("Unable to find matching ')'") + d = s[:idx] + return (GrubDiskPart(d), s[idx + 1:]) + +@@ -100,7 +102,8 @@ class _GrubImage(object): + " initrd: %s\n" %(self.title, self.root, self.kernel, + self.args, self.initrd)) + def _parse(self, lines): +- map(self.set_from_line, lines) ++ for line in lines: ++ self.set_from_line(line) + + def reset(self, lines): + self._root = self._initrd = self._kernel = self._args = None +@@ -141,7 +144,7 @@ class GrubImage(_GrubImage): + def set_from_line(self, line, replace = None): + (com, arg) = grub_exact_split(line, 2) + +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -177,7 +180,7 @@ class _GrubConfigFile(object): + self.parse() + + def parse(self, buf = None): +- raise RuntimeError, "unimplemented parse function" ++ raise RuntimeError("unimplemented parse function") + + def hasPasswordAccess(self): + return self.passwordAccess +@@ -201,7 +204,7 @@ class _GrubConfigFile(object): + import crypt + if crypt.crypt(password, pwd[1]) == pwd[1]: + return True +- except Exception, e: ++ except Exception as e: + self.passExc = "Can't verify password: %s" % str(e) + return False + +@@ -213,7 +216,7 @@ class _GrubConfigFile(object): + + def set(self, line): + (com, arg) = grub_exact_split(line, 2) +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -233,7 +236,7 @@ class _GrubConfigFile(object): + self._default = val + + if self._default < 0: +- raise ValueError, "default must be positive number" ++ raise ValueError("default must be positive number") + default = property(_get_default, _set_default) + + def set_splash(self, val): +@@ -265,7 +268,7 @@ class GrubConfigFile(_GrubConfigFile): + def parse(self, buf = None): + if buf is None: + if self.filename is None: +- raise ValueError, "No config file defined to parse!" ++ raise ValueError("No config file defined to parse!") + + f = open(self.filename, 'r') + lines = f.readlines() +@@ -296,7 +299,7 @@ class GrubConfigFile(_GrubConfigFile): + continue + + (com, arg) = grub_exact_split(l, 2) +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -328,7 +331,7 @@ class Grub2Image(_GrubImage): + if com == "set": + (com,arg) = grub2_handle_set(arg) + +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -364,7 +367,7 @@ class Grub2ConfigFile(_GrubConfigFile): + def parse(self, buf = None): + if buf is None: + if self.filename is None: +- raise ValueError, "No config file defined to parse!" ++ raise ValueError("No config file defined to parse!") + + f = open(self.filename, 'r') + lines = f.readlines() +@@ -398,7 +401,7 @@ class Grub2ConfigFile(_GrubConfigFile): + title_match = re.match('^menuentry ["\'](.*?)["\'] (.*){', l) + if title_match: + if img is not None: +- raise RuntimeError, "syntax error: cannot nest menuentry (%d %s)" % (len(img),img) ++ raise RuntimeError("syntax error: cannot nest menuentry (%d %s)" % (len(img),img)) + img = [] + title = title_match.group(1) + continue +@@ -413,7 +416,7 @@ class Grub2ConfigFile(_GrubConfigFile): + menu_level -= 1 + continue + else: +- raise RuntimeError, "syntax error: closing brace without menuentry" ++ raise RuntimeError("syntax error: closing brace without menuentry") + + self.add_image(Grub2Image(title, img)) + img = None +@@ -428,7 +431,7 @@ class Grub2ConfigFile(_GrubConfigFile): + if com == "set": + (com,arg) = grub2_handle_set(arg) + +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + arg_strip = arg.strip() + if arg_strip == "${saved_entry}" or arg_strip == "${next_entry}": +@@ -443,7 +446,7 @@ class Grub2ConfigFile(_GrubConfigFile): + logging.warning("Unknown directive %s" %(com,)) + + if img is not None: +- raise RuntimeError, "syntax error: end of file with open menuentry(%d %s)" % (len(img),img) ++ raise RuntimeError("syntax error: end of file with open menuentry(%d %s)" % (len(img),img)) + + if self.hasPassword(): + self.setPasswordAccess(False) +@@ -462,12 +465,12 @@ class Grub2ConfigFile(_GrubConfigFile): + + if __name__ == "__main__": + if len(sys.argv) < 3: +- raise RuntimeError, "Need a grub version (\"grub\" or \"grub2\") and a grub.conf or grub.cfg to read" ++ raise RuntimeError('Need a grub version ("grub" or "grub2") and a grub.conf or grub.cfg to read') + if sys.argv[1] == "grub": + g = GrubConfigFile(sys.argv[2]) + elif sys.argv[1] == "grub2": + g = Grub2ConfigFile(sys.argv[2]) + else: +- raise RuntimeError, "Unknown config type %s" % sys.argv[1] ++ raise RuntimeError("Unknown config type %s" % sys.argv[1]) + for i in g.images: +- print i #, i.title, i.root, i.kernel, i.args, i.initrd ++ print(i) #, i.title, i.root, i.kernel, i.args, i.initrd +diff --git a/tools/pygrub/src/LiloConf.py b/tools/pygrub/src/LiloConf.py +index 2cb649f115..e3bfcb5244 100644 +--- a/tools/pygrub/src/LiloConf.py ++++ b/tools/pygrub/src/LiloConf.py +@@ -2,9 +2,11 @@ + #LiloConf.py + # + ++from __future__ import print_function, absolute_import ++ + import sys, re, os + import logging +-import GrubConf ++from . import GrubConf + + class LiloImage(object): + def __init__(self, lines, path): +@@ -24,12 +26,13 @@ class LiloImage(object): + self.lines = [] + self.path = path + self.root = "" +- map(self.set_from_line, lines) ++ for line in lines: ++ self.set_from_line(line) + + def set_from_line(self, line, replace = None): + (com, arg) = GrubConf.grub_exact_split(line, 2) + +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], re.sub('^"(.+)"$', r"\1", arg.strip())) + else: +@@ -97,7 +100,7 @@ class LiloConfigFile(object): + def parse(self, buf = None): + if buf is None: + if self.filename is None: +- raise ValueError, "No config file defined to parse!" ++ raise ValueError("No config file defined to parse!") + + f = open(self.filename, 'r') + lines = f.readlines() +@@ -127,7 +130,7 @@ class LiloConfigFile(object): + continue + + (com, arg) = GrubConf.grub_exact_split(l, 2) +- if self.commands.has_key(com): ++ if com in self.commands: + if self.commands[com] is not None: + setattr(self, self.commands[com], arg.strip()) + else: +@@ -170,8 +173,8 @@ class LiloConfigFile(object): + + if __name__ == "__main__": + if len(sys.argv) < 2: +- raise RuntimeError, "Need a lilo.conf to read" ++ raise RuntimeError("Need a lilo.conf to read") + g = LiloConfigFile(sys.argv[1]) + for i in g.images: +- print i #, i.title, i.root, i.kernel, i.args, i.initrd +- print g.default ++ print(i) #, i.title, i.root, i.kernel, i.args, i.initrd ++ print(g.default) +diff --git a/tools/pygrub/src/pygrub b/tools/pygrub/src/pygrub +index 1189b1ca48..dbdce315c6 100755 +--- a/tools/pygrub/src/pygrub ++++ b/tools/pygrub/src/pygrub +@@ -12,13 +12,15 @@ + # along with this program; If not, see <http://www.gnu.org/licenses/>. + # + ++from __future__ import print_function ++ + import os, sys, string, struct, tempfile, re, traceback, stat, errno + import copy + import logging + import platform + import xen.lowlevel.xc + +-import curses, _curses, curses.wrapper, curses.textpad, curses.ascii ++import curses, _curses, curses.textpad, curses.ascii + import getopt + + import xenfsimage +@@ -77,7 +79,7 @@ def get_solaris_slice(file, offset): + buf = os.read(fd, 512) + os.close(fd) + if struct.unpack("<H", buf[508:510])[0] != DKL_MAGIC: +- raise RuntimeError, "Invalid disklabel magic" ++ raise RuntimeError("Invalid disklabel magic") + + nslices = struct.unpack("<H", buf[30:32])[0] + +@@ -88,7 +90,7 @@ def get_solaris_slice(file, offset): + if slicetag == V_ROOT: + return slicesect * SECTOR_SIZE + +- raise RuntimeError, "No root slice found" ++ raise RuntimeError("No root slice found") + + def get_fs_offset_gpt(file): + fd = os.open(file, os.O_RDONLY) +@@ -423,20 +425,17 @@ class Grub: + we're being given a raw config file rather than a disk image.""" + + if not os.access(fn, os.R_OK): +- raise RuntimeError, "Unable to access %s" %(fn,) ++ raise RuntimeError("Unable to access %s" %(fn,)) + +- cfg_list = map(lambda x: (x,grub.GrubConf.Grub2ConfigFile), +- ["/boot/grub/grub.cfg", "/grub/grub.cfg", +- "/boot/grub2/grub.cfg", "/grub2/grub.cfg"]) + \ +- map(lambda x: (x,grub.ExtLinuxConf.ExtLinuxConfigFile), +- ["/boot/isolinux/isolinux.cfg", ++ cfg_list = [(x,grub.GrubConf.Grub2ConfigFile) for x in ["/boot/grub/grub.cfg", "/grub/grub.cfg", ++ "/boot/grub2/grub.cfg", "/grub2/grub.cfg"]] + \ ++ [(x,grub.ExtLinuxConf.ExtLinuxConfigFile) for x in ["/boot/isolinux/isolinux.cfg", + "/boot/extlinux/extlinux.conf", + "/boot/extlinux.conf", + "/extlinux/extlinux.conf", +- "/extlinux.conf"]) + \ +- map(lambda x: (x,grub.GrubConf.GrubConfigFile), +- ["/boot/grub/menu.lst", "/boot/grub/grub.conf", +- "/grub/menu.lst", "/grub/grub.conf"]) ++ "/extlinux.conf"]] + \ ++ [(x,grub.GrubConf.GrubConfigFile) for x in ["/boot/grub/menu.lst", "/boot/grub/grub.conf", ++ "/grub/menu.lst", "/grub/grub.conf"]] + + if not fs: + # set the config file and parse it +@@ -448,12 +447,12 @@ class Grub: + + for f,parser in cfg_list: + if fs.file_exists(f): +- print >>sys.stderr, "Using %s to parse %s" % (parser,f) ++ print("Using %s to parse %s" % (parser,f), file=sys.stderr) + self.cf = parser() + self.cf.filename = f + break + if self.__dict__.get('cf', None) is None: +- raise RuntimeError, "couldn't find bootloader config file in the image provided." ++ raise RuntimeError("couldn't find bootloader config file in the image provided.") + f = fs.open_file(self.cf.filename) + # limit read size to avoid pathological cases + buf = f.read(FS_READ_MAX) +@@ -628,11 +627,11 @@ def run_grub(file, entry, fs, cfg_args): + if list_entries: + for i in range(len(g.cf.images)): + img = g.cf.images[i] +- print "title: %s" % img.title +- print " root: %s" % img.root +- print " kernel: %s" % img.kernel[1] +- print " args: %s" % img.args +- print " initrd: %s" % img.initrd[1] ++ print("title: %s" % img.title) ++ print(" root: %s" % img.root) ++ print(" kernel: %s" % img.kernel[1]) ++ print(" args: %s" % img.args) ++ print(" initrd: %s" % img.initrd[1]) + + if interactive and not list_entries: + curses.wrapper(run_main) +@@ -646,7 +645,7 @@ def run_grub(file, entry, fs, cfg_args): + sel = idx + + if sel == -1: +- print "No kernel image selected!" ++ print("No kernel image selected!") + sys.exit(1) + + try: +@@ -731,7 +730,7 @@ def format_sxp(kernel, ramdisk, args): + def format_simple(kernel, ramdisk, args, sep): + for check in (kernel, ramdisk, args): + if check is not None and sep in check: +- raise RuntimeError, "simple format cannot represent delimiter-containing value" ++ raise RuntimeError("simple format cannot represent delimiter-containing value") + s = ("kernel %s" % kernel) + sep + if ramdisk: + s += ("ramdisk %s" % ramdisk) + sep +@@ -744,7 +743,7 @@ if __name__ == "__main__": + sel = None + + def usage(): +- print >> sys.stderr, "Usage: %s [-q|--quiet] [-i|--interactive] [-l|--list-entries] [-n|--not-really] [--output=] [--kernel=] [--ramdisk=] [--args=] [--entry=] [--output-directory=] [--output-format=sxp|simple|simple0] [--offset=] <image>" %(sys.argv[0],) ++ print("Usage: %s [-q|--quiet] [-i|--interactive] [-l|--list-entries] [-n|--not-really] [--output=] [--kernel=] [--ramdisk=] [--args=] [--entry=] [--output-directory=] [--output-format=sxp|simple|simple0] [--offset=] <image>" %(sys.argv[0],), file=sys.stderr) + + def copy_from_image(fs, file_to_read, file_type, output_directory, + not_really): +@@ -755,8 +754,8 @@ if __name__ == "__main__": + sys.exit("The requested %s file does not exist" % file_type) + try: + datafile = fs.open_file(file_to_read) +- except Exception, e: +- print >>sys.stderr, e ++ except Exception as e: ++ print(e, file=sys.stderr) + sys.exit("Error opening %s in guest" % file_to_read) + (tfd, ret) = tempfile.mkstemp(prefix="boot_"+file_type+".", + dir=output_directory) +@@ -769,8 +768,8 @@ if __name__ == "__main__": + return ret + try: + os.write(tfd, data) +- except Exception, e: +- print >>sys.stderr, e ++ except Exception as e: ++ print(e, file=sys.stderr) + os.close(tfd) + os.unlink(ret) + del datafile +@@ -834,7 +833,7 @@ if __name__ == "__main__": + try: + part_offs = [ int(a) ] + except ValueError: +- print "offset value must be an integer" ++ print("offset value must be an integer") + usage() + sys.exit(1) + elif o in ("--entry",): +@@ -847,13 +846,13 @@ if __name__ == "__main__": + debug = True + elif o in ("--output-format",): + if a not in ["sxp", "simple", "simple0"]: +- print "unknown output format %s" % a ++ print("unknown output format %s" % a) + usage() + sys.exit(1) + output_format = a + elif o in ("--output-directory",): + if not os.path.isdir(a): +- print "%s is not an existing directory" % a ++ print("%s is not an existing directory" % a) + sys.exit(1) + output_directory = a + +@@ -862,8 +861,8 @@ if __name__ == "__main__": + + + try: +- os.makedirs(output_directory, 0700) +- except OSError,e: ++ os.makedirs(output_directory, 0o700) ++ except OSError as e: + if (e.errno == errno.EEXIST) and os.path.isdir(output_directory): + pass + else: +@@ -877,10 +876,10 @@ if __name__ == "__main__": + # debug + if isconfig: + chosencfg = run_grub(file, entry, fs, incfg["args"]) +- print " kernel: %s" % chosencfg["kernel"] ++ print(" kernel: %s" % chosencfg["kernel"]) + if chosencfg["ramdisk"]: +- print " initrd: %s" % chosencfg["ramdisk"] +- print " args: %s" % chosencfg["args"] ++ print(" initrd: %s" % chosencfg["ramdisk"]) ++ print(" args: %s" % chosencfg["args"]) + sys.exit(0) + + # if boot filesystem is set then pass to fsimage.open +@@ -926,7 +925,7 @@ if __name__ == "__main__": + + # Did looping through partitions find us a kernel? + if fs is None: +- raise RuntimeError, "Unable to find partition containing kernel" ++ raise RuntimeError("Unable to find partition containing kernel") + + bootcfg["kernel"] = copy_from_image(fs, chosencfg["kernel"], "kernel", + output_directory, not_really) +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-py3.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-py3.patch new file mode 100644 index 00000000..e486646f --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-pygrub-py3.patch @@ -0,0 +1,233 @@ +From 83a204e6951c6358f995da3b60dd61224e9d41ac Mon Sep 17 00:00:00 2001 +From: Wei Liu <wei.liu2@citrix.com> +Date: Tue, 5 Mar 2019 14:13:17 +0000 +Subject: [PATCH] pygrub/fsimage: make it work with python 3 + +With the help of two porting guides and cpython source code: + +1. Use PyBytes to replace PyString counterparts. +2. Use PyVarObject_HEAD_INIT. +3. Remove usage of Py_FindMethod. +4. Use new module initialisation routine. + +For #3, Py_FindMethod was removed, yet an alternative wasn't +documented. The code is the result of reverse-engineering cpython +commit 6116d4a1d1 + +https://docs.python.org/3/howto/cporting.html +http://python3porting.com/cextensions.html + +Signed-off-by: Wei Liu <wei.liu2@citrix.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> +--- + tools/pygrub/src/fsimage/fsimage.c | 123 ++++++++++++++++------------- + 1 file changed, 69 insertions(+), 54 deletions(-) + +diff --git a/tools/pygrub/src/fsimage/fsimage.c b/tools/pygrub/src/fsimage/fsimage.c +index 780207791c..2ebbbe35df 100644 +--- a/tools/pygrub/src/fsimage/fsimage.c ++++ b/tools/pygrub/src/fsimage/fsimage.c +@@ -26,12 +26,6 @@ + #include <xenfsimage.h> + #include <stdlib.h> + +-#if (PYTHON_API_VERSION >= 1011) +-#define PY_PAD 0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L,0L +-#else +-#define PY_PAD 0L,0L,0L,0L +-#endif +- + typedef struct fsimage_fs { + PyObject_HEAD + fsi_t *fs; +@@ -59,12 +53,24 @@ fsimage_file_read(fsimage_file_t *file, PyObject *args, PyObject *kwargs) + + bufsize = size ? size : 4096; + +- if ((buffer = PyString_FromStringAndSize(NULL, bufsize)) == NULL) ++ buffer = ++#if PY_MAJOR_VERSION < 3 ++ PyString_FromStringAndSize(NULL, bufsize); ++#else ++ PyBytes_FromStringAndSize(NULL, bufsize); ++#endif ++ ++ if (buffer == NULL) + return (NULL); + + while (1) { + int err; +- void *buf = PyString_AS_STRING(buffer) + bytesread; ++ void *buf = ++#if PY_MAJOR_VERSION < 3 ++ PyString_AS_STRING(buffer) + bytesread; ++#else ++ PyBytes_AS_STRING(buffer) + bytesread; ++#endif + + err = fsi_pread_file(file->file, buf, bufsize, + bytesread + offset); +@@ -84,12 +90,20 @@ fsimage_file_read(fsimage_file_t *file, PyObject *args, PyObject *kwargs) + if (bufsize == 0) + break; + } else { ++#if PY_MAJOR_VERSION < 3 + if (_PyString_Resize(&buffer, bytesread + bufsize) < 0) ++#else ++ if (_PyBytes_Resize(&buffer, bytesread + bufsize) < 0) ++#endif + return (NULL); + } + } + ++#if PY_MAJOR_VERSION < 3 + _PyString_Resize(&buffer, bytesread); ++#else ++ _PyBytes_Resize(&buffer, bytesread); ++#endif + return (buffer); + } + +@@ -106,11 +120,13 @@ static struct PyMethodDef fsimage_file_methods[] = { + { NULL, NULL, 0, NULL } + }; + ++#if PY_MAJOR_VERSION < 3 + static PyObject * + fsimage_file_getattr(fsimage_file_t *file, char *name) + { + return (Py_FindMethod(fsimage_file_methods, (PyObject *)file, name)); + } ++#endif + + static void + fsimage_file_dealloc(fsimage_file_t *file) +@@ -123,29 +139,18 @@ fsimage_file_dealloc(fsimage_file_t *file) + + static char fsimage_file_type__doc__[] = "Filesystem image file"; + PyTypeObject fsimage_file_type = { +- PyObject_HEAD_INIT(&PyType_Type) +- 0, /* ob_size */ +- "xenfsimage.file", /* tp_name */ +- sizeof(fsimage_file_t), /* tp_size */ +- 0, /* tp_itemsize */ +- (destructor) fsimage_file_dealloc, /* tp_dealloc */ +- 0, /* tp_print */ +- (getattrfunc) fsimage_file_getattr, /* tp_getattr */ +- 0, /* tp_setattr */ +- 0, /* tp_compare */ +- 0, /* tp_repr */ +- 0, /* tp_as_number */ +- 0, /* tp_as_sequence */ +- 0, /* tp_as_mapping */ +- 0, /* tp_hash */ +- 0, /* tp_call */ +- 0, /* tp_str */ +- 0, /* tp_getattro */ +- 0, /* tp_setattro */ +- 0, /* tp_as_buffer */ +- Py_TPFLAGS_DEFAULT, /* tp_flags */ +- fsimage_file_type__doc__, +- PY_PAD ++ PyVarObject_HEAD_INIT(&PyType_Type, 0) ++ .tp_name = "xenfsimage.file", ++ .tp_basicsize = sizeof(fsimage_file_t), ++ .tp_dealloc = (destructor) fsimage_file_dealloc, ++#if PY_MAJOR_VERSION < 3 ++ .tp_getattr = (getattrfunc) fsimage_file_getattr, ++#endif ++ .tp_flags = Py_TPFLAGS_DEFAULT, ++ .tp_doc = fsimage_file_type__doc__, ++#if PY_MAJOR_VERSION >= 3 ++ .tp_methods = fsimage_file_methods, ++#endif + }; + + static PyObject * +@@ -208,11 +213,13 @@ static struct PyMethodDef fsimage_fs_methods[] = { + { NULL, NULL, 0, NULL } + }; + ++#if PY_MAJOR_VERSION < 3 + static PyObject * + fsimage_fs_getattr(fsimage_fs_t *fs, char *name) + { + return (Py_FindMethod(fsimage_fs_methods, (PyObject *)fs, name)); + } ++#endif + + static void + fsimage_fs_dealloc (fsimage_fs_t *fs) +@@ -225,29 +232,18 @@ fsimage_fs_dealloc (fsimage_fs_t *fs) + PyDoc_STRVAR(fsimage_fs_type__doc__, "Filesystem image"); + + PyTypeObject fsimage_fs_type = { +- PyObject_HEAD_INIT(&PyType_Type) +- 0, /* ob_size */ +- "xenfsimage.fs", /* tp_name */ +- sizeof(fsimage_fs_t), /* tp_size */ +- 0, /* tp_itemsize */ +- (destructor) fsimage_fs_dealloc, /* tp_dealloc */ +- 0, /* tp_print */ +- (getattrfunc) fsimage_fs_getattr, /* tp_getattr */ +- 0, /* tp_setattr */ +- 0, /* tp_compare */ +- 0, /* tp_repr */ +- 0, /* tp_as_number */ +- 0, /* tp_as_sequence */ +- 0, /* tp_as_mapping */ +- 0, /* tp_hash */ +- 0, /* tp_call */ +- 0, /* tp_str */ +- 0, /* tp_getattro */ +- 0, /* tp_setattro */ +- 0, /* tp_as_buffer */ +- Py_TPFLAGS_DEFAULT, /* tp_flags */ +- fsimage_fs_type__doc__, +- PY_PAD ++ PyVarObject_HEAD_INIT(&PyType_Type, 0) ++ .tp_name = "xenfsimage.fs", ++ .tp_basicsize = sizeof(fsimage_fs_t), ++ .tp_dealloc = (destructor) fsimage_fs_dealloc, ++#if PY_MAJOR_VERSION < 3 ++ .tp_getattr = (getattrfunc) fsimage_fs_getattr, ++#endif ++ .tp_flags = Py_TPFLAGS_DEFAULT, ++ .tp_doc = fsimage_fs_type__doc__, ++#if PY_MAJOR_VERSION >= 3 ++ .tp_methods = fsimage_fs_methods, ++#endif + }; + + static PyObject * +@@ -309,8 +305,27 @@ static struct PyMethodDef fsimage_module_methods[] = { + { NULL, NULL, 0, NULL } + }; + ++#if PY_MAJOR_VERSION >= 3 ++static struct PyModuleDef fsimage_module_def = { ++ PyModuleDef_HEAD_INIT, ++ .m_name = "xenfsimage", ++ .m_size = -1, ++ .m_methods = fsimage_module_methods, ++}; ++#endif ++ + PyMODINIT_FUNC ++#if PY_MAJOR_VERSION >= 3 ++PyInit_xenfsimage(void) ++#else + initxenfsimage(void) ++#endif + { ++#if PY_MAJOR_VERSION < 3 + Py_InitModule("xenfsimage", fsimage_module_methods); ++#else ++ if (PyType_Ready(&fsimage_fs_type) < 0 || PyType_Ready(&fsimage_file_type) < 0) ++ return NULL; ++ return PyModule_Create(&fsimage_module_def); ++#endif + } +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-python-fix-Wsign-compare-warnings.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-python-fix-Wsign-compare-warnings.patch new file mode 100644 index 00000000..b32c5d06 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-python-fix-Wsign-compare-warnings.patch @@ -0,0 +1,136 @@ +From 88d703a361d34d75f81fc6d30b31d0abc8aa17eb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= + <marmarek@invisiblethingslab.com> +Date: Fri, 9 Aug 2019 03:01:36 +0100 +Subject: [PATCH] python: fix -Wsign-compare warnings +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Specifically: +xen/lowlevel/xc/xc.c: In function ‘pyxc_domain_create’: +xen/lowlevel/xc/xc.c:147:24: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 147 | for ( i = 0; i < sizeof(xen_domain_handle_t); i++ ) + | ^ +xen/lowlevel/xc/xc.c: In function ‘pyxc_domain_sethandle’: +xen/lowlevel/xc/xc.c:312:20: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 312 | for ( i = 0; i < sizeof(xen_domain_handle_t); i++ ) + | ^ +xen/lowlevel/xc/xc.c: In function ‘pyxc_domain_getinfo’: +xen/lowlevel/xc/xc.c:391:24: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 391 | for ( j = 0; j < sizeof(xen_domain_handle_t); j++ ) + | ^ +xen/lowlevel/xc/xc.c: In function ‘pyxc_get_device_group’: +xen/lowlevel/xc/xc.c:677:20: error: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Werror=sign-compare] + 677 | for ( i = 0; i < num_sdevs; i++ ) + | ^ +xen/lowlevel/xc/xc.c: In function ‘pyxc_physinfo’: +xen/lowlevel/xc/xc.c:988:20: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 988 | for ( i = 0; i < sizeof(pinfo.hw_cap)/4; i++ ) + | ^ +xen/lowlevel/xc/xc.c:994:20: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 994 | for ( i = 0; i < ARRAY_SIZE(virtcaps_bits); i++ ) + | ^ +xen/lowlevel/xc/xc.c:998:24: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare] + 998 | for ( i = 0; i < ARRAY_SIZE(virtcaps_bits); i++ ) + | ^ +xen/lowlevel/xs/xs.c: In function ‘xspy_ls’: +xen/lowlevel/xs/xs.c:191:23: error: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Werror=sign-compare] + 191 | for (i = 0; i < xsval_n; i++) + | ^ +xen/lowlevel/xs/xs.c: In function ‘xspy_get_permissions’: +xen/lowlevel/xs/xs.c:297:23: error: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Werror=sign-compare] + 297 | for (i = 0; i < perms_n; i++) { + | ^ +cc1: all warnings being treated as errors + +Use size_t for loop iterators where it's compared with sizeof() or +similar construct. + +Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> +Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> + +Modified to apply to Xen 4.12.2 by Christopher Clark +Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> +--- + tools/python/xen/lowlevel/xc/xc.c | 13 ++++++++----- + tools/python/xen/lowlevel/xs/xs.c | 4 ++-- + 2 files changed, 10 insertions(+), 7 deletions(-) + +diff --git a/tools/python/xen/lowlevel/xc/xc.c b/tools/python/xen/lowlevel/xc/xc.c +index 522cbe3b9c..188bfa34da 100644 +--- a/tools/python/xen/lowlevel/xc/xc.c ++++ b/tools/python/xen/lowlevel/xc/xc.c +@@ -117,7 +117,8 @@ static PyObject *pyxc_domain_create(XcObject *self, + PyObject *kwds) + { + uint32_t dom = 0, target = 0; +- int ret, i; ++ int ret; ++ size_t i; + PyObject *pyhandle = NULL; + struct xen_domctl_createdomain config = { + .handle = { +@@ -295,7 +296,7 @@ static PyObject *pyxc_vcpu_setaffinity(XcObject *self, + + static PyObject *pyxc_domain_sethandle(XcObject *self, PyObject *args) + { +- int i; ++ size_t i; + uint32_t dom; + PyObject *pyhandle; + xen_domain_handle_t handle; +@@ -336,7 +337,8 @@ static PyObject *pyxc_domain_getinfo(XcObject *self, + PyObject *list, *info_dict, *pyhandle; + + uint32_t first_dom = 0; +- int max_doms = 1024, nr_doms, i, j; ++ int max_doms = 1024, nr_doms, i; ++ size_t j; + xc_dominfo_t *info; + + static char *kwd_list[] = { "first_dom", "max_doms", NULL }; +@@ -631,7 +633,8 @@ static PyObject *pyxc_get_device_group(XcObject *self, + { + uint32_t sbdf; + uint32_t max_sdevs, num_sdevs; +- int domid, seg, bus, dev, func, rc, i; ++ int domid, seg, bus, dev, func, rc; ++ size_t i; + PyObject *Pystr; + char *group_str; + char dev_str[9]; +@@ -971,7 +974,7 @@ static PyObject *pyxc_physinfo(XcObject *self) + { + xc_physinfo_t pinfo; + char cpu_cap[128], virt_caps[128], *p; +- int i; ++ size_t i; + const char *virtcap_names[] = { "hvm", "hvm_directio" }; + + if ( xc_physinfo(self->xc_handle, &pinfo) != 0 ) +diff --git a/tools/python/xen/lowlevel/xs/xs.c b/tools/python/xen/lowlevel/xs/xs.c +index 9a0acfc25c..ea50f86bc3 100644 +--- a/tools/python/xen/lowlevel/xs/xs.c ++++ b/tools/python/xen/lowlevel/xs/xs.c +@@ -186,7 +186,7 @@ static PyObject *xspy_ls(XsHandle *self, PyObject *args) + Py_END_ALLOW_THREADS + + if (xsval) { +- int i; ++ size_t i; + PyObject *val = PyList_New(xsval_n); + for (i = 0; i < xsval_n; i++) + #if PY_MAJOR_VERSION >= 3 +@@ -276,7 +276,7 @@ static PyObject *xspy_get_permissions(XsHandle *self, PyObject *args) + struct xs_handle *xh = xshandle(self); + struct xs_permissions *perms; + unsigned int perms_n = 0; +- int i; ++ size_t i; + + xs_transaction_t th; + char *thstr; +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-update-python-scripts-to-py3.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-update-python-scripts-to-py3.patch new file mode 100644 index 00000000..455072ba --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-update-python-scripts-to-py3.patch @@ -0,0 +1,140 @@ +From a9047a722ba5de38e7c1d762ffcfb74c36725fe2 Mon Sep 17 00:00:00 2001 +From: Andrew Cooper <andrew.cooper3@citrix.com> +Date: Mon, 11 Mar 2019 19:18:40 +0000 +Subject: [PATCH] tools/xen-foreign: Update python scripts to be Py3 compatible + +The issues are: + * dict.has_key() was completely removed in Py3 + * dict.keys() is an iterable rather than list in Py3, so .sort() doesn't work. + * list.sort(cmp=) was deprecated in Py2.4 and removed in Py3. + +The has_key() issue is trivially fixed by switching to using the in keyword. +The sorting issue could be trivially fixed, but take the opportunity to +improve the code. + +The reason for the sorting is to ensure that "unsigned long" gets replaced +before "long", and the only reason sorting is necessary is because +inttypes[arch] is needlessly a dictionary. Update inttypes[arch] to be a list +of tuples rather than a dictionary, and process them in list order. + +Reported-by: George Dunlap <george.dunlap@eu.citrix.com> +Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> +Acked-by: Wei Liu <wei.liu2@citrix.com> +--- + tools/include/xen-foreign/mkchecker.py | 2 +- + tools/include/xen-foreign/mkheader.py | 58 +++++++++++++------------- + 2 files changed, 29 insertions(+), 31 deletions(-) + +diff --git a/tools/include/xen-foreign/mkchecker.py b/tools/include/xen-foreign/mkchecker.py +index fdad869a91..199b0eebbc 100644 +--- a/tools/include/xen-foreign/mkchecker.py ++++ b/tools/include/xen-foreign/mkchecker.py +@@ -37,7 +37,7 @@ for struct in structs: + f.write('\tprintf("%%-25s |", "%s");\n' % struct); + for a in archs: + s = struct + "_" + a; +- if compat_arches.has_key(a): ++ if a in compat_arches: + compat = compat_arches[a] + c = struct + "_" + compat; + else: +diff --git a/tools/include/xen-foreign/mkheader.py b/tools/include/xen-foreign/mkheader.py +index 97e0c7a984..fb268f0dce 100644 +--- a/tools/include/xen-foreign/mkheader.py ++++ b/tools/include/xen-foreign/mkheader.py +@@ -17,13 +17,13 @@ header = {}; + footer = {}; + + #arm +-inttypes["arm32"] = { +- "unsigned long" : "__danger_unsigned_long_on_arm32", +- "long" : "__danger_long_on_arm32", +- "xen_pfn_t" : "uint64_t", +- "xen_ulong_t" : "uint64_t", +- "uint64_t" : "__align8__ uint64_t", +-}; ++inttypes["arm32"] = [ ++ ("unsigned long", "__danger_unsigned_long_on_arm32"), ++ ("long", "__danger_long_on_arm32"), ++ ("xen_pfn_t", "uint64_t"), ++ ("xen_ulong_t", "uint64_t"), ++ ("uint64_t", "__align8__ uint64_t"), ++] + header["arm32"] = """ + #define __arm___ARM32 1 + #if defined(__GNUC__) && !defined(__STRICT_ANSI__) +@@ -38,13 +38,13 @@ footer["arm32"] = """ + #undef __DECL_REG + """ + +-inttypes["arm64"] = { +- "unsigned long" : "__danger_unsigned_long_on_arm64", +- "long" : "__danger_long_on_arm64", +- "xen_pfn_t" : "uint64_t", +- "xen_ulong_t" : "uint64_t", +- "uint64_t" : "__align8__ uint64_t", +-}; ++inttypes["arm64"] = [ ++ ("unsigned long", "__danger_unsigned_long_on_arm64"), ++ ("long", "__danger_long_on_arm64"), ++ ("xen_pfn_t", "uint64_t"), ++ ("xen_ulong_t", "uint64_t"), ++ ("uint64_t", "__align8__ uint64_t"), ++] + header["arm64"] = """ + #define __aarch64___ARM64 1 + #if defined(__GNUC__) && !defined(__STRICT_ANSI__) +@@ -60,12 +60,12 @@ footer["arm64"] = """ + """ + + # x86_32 +-inttypes["x86_32"] = { +- "unsigned long" : "uint32_t", +- "long" : "uint32_t", +- "xen_pfn_t" : "uint32_t", +- "xen_ulong_t" : "uint32_t", +-}; ++inttypes["x86_32"] = [ ++ ("unsigned long", "uint32_t"), ++ ("long", "uint32_t"), ++ ("xen_pfn_t", "uint32_t"), ++ ("xen_ulong_t", "uint32_t"), ++] + header["x86_32"] = """ + #define __DECL_REG_LO8(which) uint32_t e ## which ## x + #define __DECL_REG_LO16(name) uint32_t e ## name +@@ -79,12 +79,12 @@ footer["x86_32"] = """ + """; + + # x86_64 +-inttypes["x86_64"] = { +- "unsigned long" : "__align8__ uint64_t", +- "long" : "__align8__ uint64_t", +- "xen_pfn_t" : "__align8__ uint64_t", +- "xen_ulong_t" : "__align8__ uint64_t", +-}; ++inttypes["x86_64"] = [ ++ ("unsigned long", "__align8__ uint64_t"), ++ ("long", "__align8__ uint64_t"), ++ ("xen_pfn_t", "__align8__ uint64_t"), ++ ("xen_ulong_t", "__align8__ uint64_t"), ++] + header["x86_64"] = """ + #if defined(__GNUC__) && !defined(__STRICT_ANSI__) + # define __DECL_REG(name) union { uint64_t r ## name, e ## name; } +@@ -205,10 +205,8 @@ for struct in structs: + output = re.sub("\\b(%s)_t\\b" % struct, "\\1_%s_t" % arch, output); + + # replace: integer types +-integers = inttypes[arch].keys(); +-integers.sort(lambda a, b: cmp(len(b),len(a))); +-for type in integers: +- output = re.sub("\\b%s\\b" % type, inttypes[arch][type], output); ++for old, new in inttypes[arch]: ++ output = re.sub("\\b%s\\b" % old, new, output) + + # print results + f = open(outfile, "w"); +-- +2.17.1 + diff --git a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-xenpmd-snprintf.patch b/external/meta-virtualization/recipes-extended/xen/files/xen-tools-xenpmd-snprintf.patch deleted file mode 100644 index aac7282f..00000000 --- a/external/meta-virtualization/recipes-extended/xen/files/xen-tools-xenpmd-snprintf.patch +++ /dev/null @@ -1,78 +0,0 @@ -From e4d78a67ffbacf30b66464080898227f18f6bf49 Mon Sep 17 00:00:00 2001 -From: Christopher Clark <christopher.w.clark@gmail.com> -Date: Fri, 17 Aug 2018 17:46:10 -0700 -Subject: [PATCH] xenpmd: prevent format-truncation warning with gcc 8.2 + ARM - 32-bit -To: xen-devel@lists.xenproject.org -Cc: ian.jackson@eu.citrix.com, - wei.liu2@citrix.com - -xenpmd writes battery information to xenstore, including a string with a -formatted hex value calculated from summing the lengths of four strings, -plus some constants. - -Each of the four strings has a maximum length of 31 bytes, excluding the -terminating zero byte. The strings are stored in 32-byte arrays in a -struct that is zeroed before it is populated, and logic that writes to -the strings uses strncpy and explicit zero termination. - -The maximum value to be supplied to the xenstore string is: - (9 * 4) + (31 * 4) + 4 , which is 164, ie. 0xa4. - -When used with this value, '%02x' will always fit within 3 bytes, but -gcc 8.2 is apparently not able to deduce this (observed when building -for a 32-bit ARM platform). - -This commit assists the compiler by applying a mask (0xff) to the value, -enabling it to observe a lower maximum value and so pass the truncation -length check. - -Prior to this change, building fails with the compiler warning: - -| xenpmd.c: In function 'write_battery_info_to_xenstore': -| xenpmd.c:354:23: error: '%02x' directive output may be truncated -writing between 2 and 8 bytes into a region of size 3 -[-Werror=format-truncation=] -| snprintf(val, 3, "%02x", -| ^~~~ -| xenpmd.c:354:22: note: directive argument in the range [40, 2147483778] -| snprintf(val, 3, "%02x", -| ^~~~~~ -| xenpmd.c:354:5: note: 'snprintf' output between 3 and 9 bytes into a -destination of size 3 -| snprintf(val, 3, "%02x", -| ^~~~~~~~~~~~~~~~~~~~~~~~ -| (unsigned int)(9*4 + -| ~~~~~~~~~~~~~~~~~~~~ -| strlen(info->model_number) + -| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| strlen(info->serial_number) + -| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| strlen(info->battery_type) + -| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| strlen(info->oem_info) + 4)); -| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| cc1: all warnings being treated as errors - -Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> ---- - tools/xenpmd/xenpmd.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/tools/xenpmd/xenpmd.c b/tools/xenpmd/xenpmd.c -index 56412a9..0c0787e 100644 ---- a/tools/xenpmd/xenpmd.c -+++ b/tools/xenpmd/xenpmd.c -@@ -350,8 +350,10 @@ void write_battery_info_to_xenstore(struct battery_info *info) - - memset(val, 0, 1024); - memset(string_info, 0, 256); -- /* write 9 dwords (so 9*4) + length of 4 strings + 4 null terminators */ -- snprintf(val, 3, "%02x", -+ /* write 9 dwords (so 9*4) + length of 4 strings + 4 null terminators. -+ * mask informs the compiler that format truncation will not occur. -+ */ -+ snprintf(val, 3, "%02x", 0xff & - (unsigned int)(9*4 + - strlen(info->model_number) + - strlen(info->serial_number) + diff --git a/external/meta-virtualization/recipes-extended/xen/lwip.inc b/external/meta-virtualization/recipes-extended/xen/lwip.inc deleted file mode 100644 index e0836332..00000000 --- a/external/meta-virtualization/recipes-extended/xen/lwip.inc +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -# clear this out to break dependency circle -DEPENDS = "" - -# Nothing to configure or compile -# For stubdoms, lwip is basically a source package with a couple of patches applied. -do_configure[noexec] = "1" -do_compile[noexec] = "1" - -# needed because this directory isn't typically part of a sysroot -SYSROOT_DIRS += "${prefix}/lwip" - -FILES_${PN} = "\ - ${prefix} \ -" - -do_install() { - install -d ${D}${prefix}/lwip - cp -r -t ${D}${prefix}/lwip ${S}/src/* -} diff --git a/external/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb b/external/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb deleted file mode 100644 index b7d8e95d..00000000 --- a/external/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "LWIP" -HOMEPAGE = "https://savannah.nongnu.org/projects/lwip" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=59a383b05013356e0c9899b06dc5da3f" - -SRCREV_lwip = "bcb4afa886408bf0a1dde9c2a4a00323c8b07eb1" -SRC_URI = "\ - git://git.savannah.gnu.org/lwip.git;protocol=git;nobranch=1;destsuffix=lwip;name=lwip \ - file://lwip.patch-cvs \ - file://lwip.dhcp_create_request-hwaddr_len.patch \ -" - -S="${WORKDIR}/${PN}" -B="${S}" - -require lwip.inc diff --git a/external/meta-virtualization/recipes-extended/xen/mini-os.inc b/external/meta-virtualization/recipes-extended/xen/mini-os.inc deleted file mode 100644 index 61c27041..00000000 --- a/external/meta-virtualization/recipes-extended/xen/mini-os.inc +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -# clear this out to break dependency circle -DEPENDS = "" - -do_configure() { - ${MAKE} -C ${WORKDIR}/mini-os links -} - -# Nothing to configure or compile -do_compile[noexec] = "1" - -# needed because this directory isn't typically part of a sysroot -SYSROOT_DIRS += "${prefix}/mini-os" -RDEPENDS_${PN}-dev = "perl" - -FILES_${PN}-dev = "\ - ${prefix} \ -" - -do_install() { - install -d ${D}${prefix}/mini-os - cp -r -t ${D}${prefix}/mini-os ${S}/* - rm -rf ${D}${prefix}/mini-os/scripts -} diff --git a/external/meta-virtualization/recipes-extended/xen/mini-os_4.11.0.bb b/external/meta-virtualization/recipes-extended/xen/mini-os_4.11.0.bb deleted file mode 100644 index 85a06a79..00000000 --- a/external/meta-virtualization/recipes-extended/xen/mini-os_4.11.0.bb +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "Mini-OS is a tiny OS kernel distributed with the Xen Project" -HOMEPAGE = "https://wiki.xenproject.org/wiki/Mini-OS" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=8a437231894440a8f7629caa372243d0" - -# git commit hash for: xen-RELEASE-4.11.0 -SRCREV_minios = "0b4b7897e08b967a09bed2028a79fabff82342dd" -SRC_URI = "\ - git://xenbits.xen.org/mini-os.git;protocol=git;nobranch=1;destsuffix=mini-os;name=minios \ -" -S="${WORKDIR}/mini-os" -B="${S}" - -require mini-os.inc diff --git a/external/meta-virtualization/recipes-extended/xen/newlib.inc b/external/meta-virtualization/recipes-extended/xen/newlib.inc deleted file mode 100644 index 1fdbd0aa..00000000 --- a/external/meta-virtualization/recipes-extended/xen/newlib.inc +++ /dev/null @@ -1,64 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -CPPFLAGS_INCLUDE_DIR = "-isystem `${HOST_PREFIX}gcc -print-file-name=include`" -STUBDOM_CFLAGS += "-D_I386MACH_ALLOW_HW_INTERRUPTS" - -export ac_cv_path_CC_FOR_TARGET="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}" -export CC_FOR_TARGET="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}" - -export ac_cv_path_CXX_FOR_TARGET="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}" -export CXX_FOR_TARGET="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}" - -export ac_cv_path_CPP_FOR_TARGET="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}" -export CPP_FOR_TARGET="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}" - -export ac_cv_path_LD_FOR_TARGET="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" -export LD_FOR_TARGET="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" - -export ac_cv_path_AS_FOR_TARGET="${HOST_PREFIX}as" -export AS_FOR_TARGET="${HOST_PREFIX}as" - -export ac_cv_path_AR_FOR_TARGET="${HOST_PREFIX}ar" -export AR_FOR_TARGET="${HOST_PREFIX}ar" - -export ac_cv_path_NM_FOR_TARGET="${HOST_PREFIX}nm" -export NM_FOR_TARGET="${HOST_PREFIX}nm" - -export ac_cv_path_RANLIB_FOR_TARGET="${HOST_PREFIX}ranlib" -export RANLIB_FOR_TARGET="${HOST_PREFIX}ranlib" - -export ac_cv_path_OBJDUMP_FOR_TARGET="${HOST_PREFIX}objdump" -export OBJDUMP_FOR_TARGET="${HOST_PREFIX}objdump" - -export ac_cv_path_OBJCOPY_FOR_TARGET="${HOST_PREFIX}objcopy" -export OBJCOPY_FOR_TARGET="${HOST_PREFIX}objcopy" - -export ac_cv_path_STRIP_FOR_TARGET="${HOST_PREFIX}strip" -export STRIP_FOR_TARGET="${HOST_PREFIX}strip" - -export ac_cv_path_STRINGS_FOR_TARGET="${HOST_PREFIX}strings" -export STRINGS_FOR_TARGET="${HOST_PREFIX}strings" - -export ac_cv_path_READELF_FOR_TARGET="${HOST_PREFIX}readelf" -export READELF_FOR_TARGET="${HOST_PREFIX}readelf" - -do_configure() { - ${S}/configure --verbose --prefix=${prefix} --target=${GNU_TARGET_ARCH}-xen-elf --enable-newlib-io-long-long --disable-multilib - find ${S} -type f | xargs perl -i.bak -pe 's/\b_(tzname|daylight|timezone)\b/$1/g' -} - -do_compile() { - ${MAKE} -} - -do_install() { - ${MAKE} DESTDIR=${D} install - rm -rf ${D}/cross-root-${GNU_TARGET_ARCH}/share - rm -rf ${D}/cross-root-${GNU_TARGET_ARCH}/info - install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stdarg.h -t ${D}/${includedir} - install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stddef.h -t ${D}/${includedir} - install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stdbool.h -t ${D}/${includedir} -} diff --git a/external/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb b/external/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb deleted file mode 100644 index 60672bea..00000000 --- a/external/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "Newlib is a C library intended for use on embedded systems." -HOMEPAGE = "http://sourceware.org/newlib" -LICENSE = "GPLv2 & LGPLv3 & GPLv3 & LGPLv2" -LIC_FILES_CHKSUM = "file://COPYING.NEWLIB;md5=950f50b290e8fcf7a2d3fff61775de9b" - -# this is the hash of version tag 1_16_0 -SRCREV_newlib = "07b4b67a88f386ce4716a14e0ff2c2bce992b985" -SRC_URI = "\ - git://sourceware.org/git/newlib-cygwin.git;protocol=git;nobranch=1;destsuffix=newlib;name=newlib \ - file://newlib.patch \ - file://newlib-chk.patch \ - file://newlib-stdint-size_max-fix-from-1.17.0.patch \ -" - -S="${WORKDIR}/newlib" -B="${WORKDIR}/build" - -require newlib.inc diff --git a/external/meta-virtualization/recipes-extended/xen/polarssl.inc b/external/meta-virtualization/recipes-extended/xen/polarssl.inc deleted file mode 100644 index eae95f40..00000000 --- a/external/meta-virtualization/recipes-extended/xen/polarssl.inc +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -DEPENDS += "\ - newlib \ -" -STUBDOM_CFLAGS += "\ - -Wno-memset-elt-size \ - -Wno-implicit-fallthrough \ -" - -# nothing to configure -do_configure[noexec] = "1" - -do_compile() { - ${MAKE} CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}" -} - -do_install() { - install -d ${D}${includedir} - cp -r -t ${D}${includedir} ${S}/include/polarssl - - install -d ${D}/${libdir} - install -m 644 -t ${D}/${libdir} ${S}/library/libpolarssl.a -} diff --git a/external/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb b/external/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb deleted file mode 100644 index 80ea45a7..00000000 --- a/external/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "PolarSSL (now 'mbed TLS') is an open source, portable, easy to use, readable and flexible SSL library." -HOMEPAGE = "https://tls.mbed.org" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" - -# git hash for release tag polarssl-1.1.4 -SRCREV_polarssl = "d36da11125a9c85c572a4fdf63e0a25e76d7bb18" -SRC_URI = "\ - git://github.com/ARMmbed/mbedtls.git;protocol=https;nobranch=1;destsuffix=polarssl;name=polarssl \ - file://polarssl.patch; \ -" - -S="${WORKDIR}/${PN}" -B="${S}/library" - -require polarssl.inc diff --git a/external/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc b/external/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc deleted file mode 100644 index ef6473d4..00000000 --- a/external/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -DEPENDS += "\ - newlib \ -" - -do_configure() { - # need to modify prefix here during configure otherwise OE-level variables - # (prefix, libdir, includedir, etc...) defined in stubdom.inc get messed up - CPPFLAGS="-isystem ${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include ${STUBDOM_CPPFLAGS}" \ - CFLAGS="${STUBDOM_CFLAGS}" \ - CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" \ - ${S}/configure \ - --disable-shared \ - --enable-static \ - --disable-fft \ - --without-readline \ - --with-gnu-ld \ - --prefix=${prefix}/${GNU_TARGET_ARCH}-xen-elf \ - --libdir=${libdir} \ - --build=`${HOST_PREFIX}gcc -dumpmachine` \ - --host=${GNU_TARGET_ARCH}-xen-elf - - sed -i 's/#define HAVE_OBSTACK_VPRINTF 1/\/\/#define HAVE_OBSTACK_VPRINTF 1/' ${S}/config.h -} - -do_compile() { - ${MAKE} -} - -do_install() { - ${MAKE} DESTDIR=${D} install - rm -rf ${D}${prefix}/${GNU_TARGET_ARCH}-xen-elf/share -} diff --git a/external/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb b/external/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb deleted file mode 100644 index d9a2adbd..00000000 --- a/external/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "GMP library for Xen vTPM's." -HOMEPAGE = "http://gmp" -LICENSE = "GPLv3" -LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ - file://COPYING.LIB;md5=6a6a8e020838b23406c81b19c1d46df6 \ -" - -SRC_URI = "\ - https://gmplib.org/download/gmp/archive/gmp-${PV}.tar.bz2 \ -" -SRC_URI[md5sum] = "dd60683d7057917e34630b4a787932e8" -SRC_URI[sha256sum] = "936162c0312886c21581002b79932829aa048cfaf9937c6265aeaa14f1cd1775" - -S="${WORKDIR}/gmp-${PV}" -B="${S}" - -require stubdom-gmp.inc diff --git a/external/meta-virtualization/recipes-extended/xen/stubdom.inc b/external/meta-virtualization/recipes-extended/xen/stubdom.inc deleted file mode 100644 index bfc67527..00000000 --- a/external/meta-virtualization/recipes-extended/xen/stubdom.inc +++ /dev/null @@ -1,152 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -COMPATIBLE_HOST = '(x86_64.*).*-linux' - -require xen-arch.inc - -# many of the xen stubdom related recipes build and package static instead of shared libraries -EXCLUDE_FROM_SHLIBS = "1" - -# base set of dependencies to be used for xen stubdom recipes -DEPENDS += "\ - lwip \ - mini-os \ -" - -# unset EVERYTHING from the OE environment. -# Weird things happen when these are exported into the environment. -unset CFLAGS -unset BUILD_CFLAGS -unset TARGET_CFLAGS -unset CFLAGS_FOR_BUILD - -unset CPPFLAGS -unset BUILD_CPPFLAGS -unset TARGET_CPPFLAGS -unset CPPFLAGS_FOR_BUILD - -unset LDFLAGS -unset BUILD_LDFLAGS -unset TARGET_LDFLAGS -unset LDFLAGS_FOR_BUILD - -unset CXXFLAGS -unset TARGET_CXXFLAGS -unset BUILD_CXXFLAGS -unset CXXFLAGS_FOR_BUILD - -unset BUILD_CC -unset BUILD_CPP -unset BUILD_CXX -unset BUILD_LD -unset BUILD_AR -unset BUILD_AS -unset BUILD_CCLD -unset BUILD_FC -unset BUILD_RANLIB -unset BUILD_NM -unset BUILD_STRIP -unset BUILD_READELF -unset BUILD_OBJCOPY -unset BUILD_OBJDUMP -unset CC -unset CPP -unset CXX -unset LD -unset AR -unset AS -unset NM -unset RANLIB -unset STRIP -unset STRINGS -unset READELF -unset OBJCOPY -unset OBJDUMP -unset READELF -unset CCLD -unset FC - -# Provide support to build both 32-bit and 64-bit stubdoms -python () { - gnu_dict = { - 'x86_32': 'i686', - 'x86_64': 'x86_64', - } - - if d.expand('${XEN_TARGET_ARCH}') == 'x86_32': - d.setVar("GNU_TARGET_ARCH",gnu_dict[d.expand('${XEN_TARGET_ARCH}')]) - d.setVar("PACKAGE_ARCH","core2-32") - elif d.expand('${XEN_TARGET_ARCH}') == 'x86_64': - d.setVar("GNU_TARGET_ARCH",gnu_dict[d.expand('${XEN_TARGET_ARCH}')]) -} - -export GNU_TARGET_ARCH -export XEN_TARGET_ARCH="${@map_xen_arch(d.getVar('TARGET_ARCH'), d)}" -export XEN_COMPILE_ARCH="${@map_xen_arch(d.getVar('BUILD_ARCH'), d)}" - -LWIP_SRCDIR = "${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/lwip" -MINIOS_SRCDIR = "${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/mini-os" - -# Base set of CPPFLAGS, CFLAGS needed for each component used to build MiniOS-based stubdoms -# LDFLAGS are only used when building stubdoms, so only used in stubdom recipes -# Generic name given because each library uses DEF_, BUILD_, TARGET_, and xxxFLAGS differently -CPPFLAGS_INCLUDE_DIR = "-isystem ${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include" - -STUBDOM_CPPFLAGS += "\ - -isystem ${MINIOS_SRCDIR}/include \ - -D__MINIOS__ \ - -DHAVE_LIBC \ - -isystem ${MINIOS_SRCDIR}/include/posix \ - -isystem ${MINIOS_SRCDIR}/include/xen \ - -isystem ${MINIOS_SRCDIR}/include/x86 \ - -isystem ${MINIOS_SRCDIR}/include/x86/${XEN_TARGET_ARCH} \ - -U __linux__ \ - -U __FreeBSD__ \ - -U __sun__ \ - -nostdinc \ - ${CPPFLAGS_INCLUDE_DIR} \ - -isystem ${LWIP_SRCDIR}/include \ - -isystem ${LWIP_SRCDIR}/include/ipv4 \ -" - -STUBDOM_CFLAGS += "\ - -mno-red-zone \ - -O1 \ - -fno-omit-frame-pointer \ - -m64 \ - -fno-reorder-blocks \ - -fno-asynchronous-unwind-tables \ - -DBUILD_ID \ - -fno-strict-aliasing \ - -std=gnu99 \ - -Wall \ - -Wstrict-prototypes \ - -Wdeclaration-after-statement \ - -Wno-unused-but-set-variable \ - -Wno-unused-local-typedefs \ - -fno-stack-protector \ - -fno-exceptions \ -" - -STUBDOM_LDFLAGS = "\ - -nostdlib \ - -L${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/lib \ -" - -# Need to redefine these for stubdom-related builds. It all starts because of -# the prefix used in newlib and then continues because we don't want to -# cross-contaminate stubdom-related recipes with headers and libraries found in -# the OE-defined locations -export prefix="/cross-root-${GNU_TARGET_ARCH}" -export includedir="${prefix}/${GNU_TARGET_ARCH}-xen-elf/include" -export libdir="${prefix}/${GNU_TARGET_ARCH}-xen-elf/lib" -export libexecdir="${libdir}" -export STAGING_INCDIR -export STAGING_LIBDIR - -# Typically defined in Xen and Minios .mk files that aren't sourced/read, -# defined to trigger some values and paths in Makefiles -export debug="y" -export stubdom="y" -export XEN_OS="MiniOS" diff --git a/external/meta-virtualization/recipes-extended/xen/tpm-emulator.inc b/external/meta-virtualization/recipes-extended/xen/tpm-emulator.inc deleted file mode 100644 index f58a2763..00000000 --- a/external/meta-virtualization/recipes-extended/xen/tpm-emulator.inc +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -DEPENDS += "\ - cmake-native \ - newlib \ - stubdom-gmp \ -" - -# nothing to configure -do_configure[noexec] = "1" - -export CMAKE_C_FLAGS = "\ - -std=c99 \ - -DTPM_NO_EXTERN \ - ${STUBDOM_CPPFLAGS} \ - ${STUBDOM_CFLAGS} \ - -Wno-declaration-after-statement \ - -Wno-implicit-fallthrough \ -" - -do_compile() { - CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" cmake .. -DCMAKE_C_FLAGS:STRING="${CMAKE_C_FLAGS}" - ${MAKE} VERBOSE=1 tpm_crypto tpm -} - -do_install() { - install -d ${D}/${libdir} - install -m 644 -t ${D}/${libdir} ${B}/crypto/libtpm_crypto.a - install -m 644 -t ${D}/${libdir} ${B}/tpm/libtpm.a - - install -D -m 644 -t ${D}/${includedir}/tpm-emulator/build ${S}/build/config.h - install -D -m 644 -t ${D}/${includedir}/tpm-emulator/crypto ${S}/crypto/*.h - install -D -m 644 -t ${D}/${includedir}/tpm-emulator/tpm ${S}/tpm/*.h -} diff --git a/external/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb b/external/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb deleted file mode 100644 index 96a40905..00000000 --- a/external/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "TPM Emulator" -HOMEPAGE = "http://xenbits.xen.org/xen-extfiles" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://README;md5=eeabd77cf8fd8a8bc42983884cb09863" - -SRC_URI = "\ - http://xenbits.xen.org/xen-extfiles/tpm_emulator-${PV}.tar.gz;name=tpm-emulator \ - file://tpmemu-0.7.4.patch \ - file://vtpm-bufsize.patch \ - file://vtpm-locality.patch \ - file://vtpm-parent-sign-ek.patch \ - file://vtpm-deepquote.patch \ - file://vtpm-deepquote-anyloc.patch \ - file://vtpm-cmake-Wextra.patch \ - file://vtpm-implicit-fallthrough.patch \ - file://vtpm_TPM_ChangeAuthAsymFinish.patch \ -" -SRC_URI[tpm-emulator.md5sum] = "e26becb8a6a2b6695f6b3e8097593db8" -SRC_URI[tpm-emulator.sha256sum] = "4e48ea0d83dd9441cc1af04ab18cd6c961b9fa54d5cbf2c2feee038988dea459" - -S="${WORKDIR}/tpm_emulator-${PV}" -B="${S}/build" - -require tpm-emulator.inc diff --git a/external/meta-virtualization/recipes-extended/xen/xen-blktap.inc b/external/meta-virtualization/recipes-extended/xen/xen-blktap.inc new file mode 100644 index 00000000..5f385ddc --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/xen-blktap.inc @@ -0,0 +1,76 @@ +# The Xen block tap components are packaged separately here to support +# the option to build them in a separate recipe from xen-tools. + +BLKTAP_PACKAGES ?= " \ + ${PN}-blktap \ + ${PN}-libblktap \ + ${PN}-libblktapctl \ + ${PN}-libblktapctl-dev \ + ${PN}-libblktap-dev \ + ${PN}-libvhd \ + ${PN}-libvhd-dev \ + ${PN}-blktap-staticdev \ + " + +BLKTAP_PROVIDES ?= " \ + virtual/blktap \ + virtual/libblktap \ + virtual/libblktapctl \ + virtual/libvhd \ + " + +BLKTAP_RRECOMMENDS ?= " \ + virtual/blktap \ + virtual/libblktap \ + virtual/libblktapctl \ + virtual/libvhd \ + " + +RPROVIDES_${PN}-blktap = "virtual/blktap" +RPROVIDES_${PN}-libblktap = "virtual/libblktap" +RPROVIDES_${PN}-libblktapctl = "virtual/libblktapctl" +RPROVIDES_${PN}-libvhd = "virtual/libvhd" + +FILES_${PN}-blktap-staticdev += "\ + ${libdir}/libblktapctl.a \ + ${libdir}/libvhd.a \ + ${libdir}/libblktap.a \ + " + +FILES_${PN}-libblktapctl = "${libdir}/libblktapctl.so.*" +FILES_${PN}-libblktapctl-dev = " \ + ${libdir}/libblktapctl.so \ + ${libdir}/pkgconfig/xenblktapctl.pc \ + ${datadir}/pkgconfig/xenblktapctl.pc \ + " + +FILES_${PN}-libvhd = "${libdir}/libvhd.so.*" +FILES_${PN}-libvhd-dev = " \ + ${libdir}/libvhd.so \ + ${libdir}/pkgconfig/vhd.pc \ + ${datadir}/pkgconfig/vhd.pc \ + " + +FILES_${PN}-libblktap = "${libdir}/libblktap.so.*" +FILES_${PN}-libblktap-dev = " \ + ${libdir}/libblktap.so \ + ${libdir}/pkgconfig/blktap.pc \ + ${datadir}/pkgconfig/blktap.pc \ + " + +FILES_${PN}-blktap = "\ + ${sbindir}/blktapctrl \ + ${sbindir}/img2qcow \ + ${sbindir}/lock-util \ + ${sbindir}/qcow2raw \ + ${sbindir}/qcow-create \ + ${sbindir}/tap-ctl \ + ${sbindir}/tapdisk \ + ${sbindir}/tapdisk2 \ + ${sbindir}/tapdisk-client \ + ${sbindir}/tapdisk-diff \ + ${sbindir}/tapdisk-stream \ + ${sbindir}/td-util \ + ${sbindir}/vhd-update \ + ${sbindir}/vhd-util \ + " diff --git a/external/meta-virtualization/recipes-extended/xen/xen-hypervisor.inc b/external/meta-virtualization/recipes-extended/xen/xen-hypervisor.inc new file mode 100644 index 00000000..c386917d --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/xen-hypervisor.inc @@ -0,0 +1,111 @@ +SUMMARY = "Xen hypervisor" +DESCRIPTION = "The Xen hypervisor" + +# This recipe is for just the Xen hypervisor. +# Separate recipes are used to build Xen and its components: +# this allows for varying the target architecture or toolchain used +# to build the different components. eg. 32-bit tools and a 64-bit hypervisor. + +# The Xen hypervisor has a narrower compatible platform range than the Xen tools +COMPATIBLE_HOST = '(x86_64.*).*-linux|aarch64.*-linux|arm-.*-linux-gnueabi' + +inherit deploy python3native + +PACKAGES = " \ + ${PN} \ + ${PN}-dbg \ + ${PN}-efi \ + " + +FILES_${PN} = " \ + /boot/xen-* \ + /boot/xen \ + /boot/xen-*.gz \ + /boot/xen.gz \ + /boot/xen-syms-* \ + " + +FILES_${PN}-dbg += "${libdir}/debug/*" + +FILES_${PN}-efi = " \ + /boot/xen.efi \ + ${exec_prefix}/lib64/efi/xen* \ + " + +do_configure() { + do_configure_common +} + +do_compile() { + oe_runmake xen PYTHON="${PYTHON}" +} + +do_install() { + oe_runmake DESTDIR="${D}" install-xen +} + +do_deploy() { + install -d ${DEPLOYDIR} + + if [ -f ${B}/xen/xen ]; then + install -m 0644 ${B}/xen/xen ${DEPLOYDIR}/xen-${MACHINE} + fi + + if [ -f ${B}/xen/xen.gz ]; then + install -m 0644 ${B}/xen/xen.gz ${DEPLOYDIR}/xen-${MACHINE}.gz + fi + + if [ -f ${B}/xen/xen.efi ]; then + install -m 0644 ${B}/xen/xen.efi ${DEPLOYDIR}/xen-${MACHINE}.efi + fi +} +# Scheduling the do_deploy task: +# - deploy copies files from ${B} that are written during do_compile so must +# at least run afer that task has completed +# - the hypervisor binaries may be included in the image filesystem, so we +# must ensure that the binaries deployed match what is staged in the sysroot: +# so do deploy must run after do_populate_sysroot -- which is always after +# do_compile, so that handles 'after do_compile' too +# - add the task before do_build to ensure that deployment has completed when +# the recipe build done stamp is written +addtask deploy after do_populate_sysroot before do_build +# To ensure that a deployed hypervisor has matching tools, add a dependency to +# make sure that the tools have built and been staged: +do_deploy[depends] += "xen-tools:do_populate_sysroot" +# Also ensure anything that the tools recipe needs to deploy, such as a +# XSM policy file, has been deployed first: +do_deploy[depends] += "xen-tools:do_deploy" + +# Enable use of menuconfig directly from bitbake and also within the devshell +OE_TERMINAL_EXPORTS += "HOST_EXTRACFLAGS HOSTLDFLAGS TERMINFO" +HOST_EXTRACFLAGS = "${BUILD_CFLAGS} ${BUILD_LDFLAGS}" +HOSTLDFLAGS = "${BUILD_LDFLAGS}" +TERMINFO = "${STAGING_DATADIR_NATIVE}/terminfo" +do_devshell[depends] += "ncurses-native:do_populate_sysroot" + +KCONFIG_CONFIG_COMMAND ??= "menuconfig" +python do_menuconfig() { + import shutil + + try: + mtime = os.path.getmtime("xen/.config") + shutil.copy("xen/.config", "xen/.config.orig") + except OSError: + mtime = 0 + + oe_terminal("${SHELL} -c \"cd xen; XEN_CONFIG_EXPERT=y make %s; if [ \$? -ne 0 ]; then echo 'Command failed.'; printf 'Press any key to continue... '; read r; fi\"" % d.getVar('KCONFIG_CONFIG_COMMAND'), + d.getVar('PN') + ' Configuration', d) + + try: + newmtime = os.path.getmtime("xen/.config") + except OSError: + newmtime = 0 + + if newmtime > mtime: + bb.note("Configuration changed, recompile will be forced") + bb.build.write_taint('do_compile', d) +} +do_menuconfig[depends] += "ncurses-native:do_populate_sysroot" +do_menuconfig[nostamp] = "1" +do_menuconfig[dirs] = "${B}" +addtask menuconfig after do_configure diff --git a/external/meta-virtualization/recipes-extended/xen/xen-python2.bb b/external/meta-virtualization/recipes-extended/xen/xen-python2.bb new file mode 100644 index 00000000..ad3c1fd6 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/xen-python2.bb @@ -0,0 +1,71 @@ +SUMMARY = "Xen hypervisor tools written in python 2" +DESCRIPTION = "Unported utility scripts for the Xen hypervisor" +HOMEPAGE = "http://xen.org" +LICENSE = "GPLv2" +SECTION = "console/tools" + +SRCREV ?= "a5fcafbfbee55261853fba07149c1c795f2baf58" + +# The same restriction as xen-tools.inc, because of the dependency on xen-tools-xentrace from xen-tools-xentrace-format +COMPATIBLE_HOST = 'i686-.*-linux|(x86_64.*).*-linux|aarch64.*-linux|arm-.*-linux-gnueabi' + +XEN_REL ?= "4.12" +XEN_BRANCH ?= "stable-4.12" + +SRC_URI = "git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH}" + +LIC_FILES_CHKSUM ?= "file://COPYING;md5=bbb4b1bdc2c3b6743da3c39d03249095" + +PV = "${XEN_REL}+git${SRCPV}" + +S = "${WORKDIR}/git" + +# Packages in this recipe do not use ${PN} to allow for simpler +# movement of the package back into the xen-tools recipe if/when +# the scripts are ported to python 3. + +RDEPENDS_xen-tools-xencov-split ="python" +RDEPENDS_xen-tools-xencons = "python" +RDEPENDS_xen-tools-xenpvnetboot = "python" +RDEPENDS_xen-tools-xentrace-format = "python" + +RRECOMMENDS_xen-tools-xencov-trace = "xen-tools-xencov" +RRECOMMENDS_xen-tools-xentrace-format = "xen-tools-xentrace" + +PACKAGES = " \ + xen-tools-xencons \ + xen-tools-xencov-split \ + xen-tools-xenpvnetboot \ + xen-tools-xentrace-format \ + " + +FILES_xen-tools-xencons = " \ + ${bindir}/xencons \ + " + +FILES_xen-tools-xencov-split = " \ + ${bindir}/xencov_split \ + " + +FILES_xen-tools-xenpvnetboot = " \ + ${libdir}/xen/bin/xenpvnetboot \ + " + +FILES_xen-tools-xentrace-format = " \ + ${bindir}/xentrace_format \ + " + +do_configure[noexec] = "1" +do_compile[noexec] = "1" + +do_install() { + install -d ${D}${bindir} + install -m 0755 ${S}/tools/xentrace/xentrace_format \ + ${D}${bindir}/xentrace_format + install -m 0755 ${S}/tools/misc/xencons ${D}${bindir}/xencons + install -m 0755 ${S}/tools/misc/xencov_split ${D}${bindir}/xencov_split + + install -d ${D}${libdir}/xen/bin + install -m 0755 ${S}/tools/misc/xenpvnetboot \ + ${D}${libdir}/xen/bin/xenpvnetboot +} diff --git a/external/meta-virtualization/recipes-extended/xen/xen-tools.inc b/external/meta-virtualization/recipes-extended/xen/xen-tools.inc new file mode 100644 index 00000000..8b86f7b2 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/xen-tools.inc @@ -0,0 +1,792 @@ +SUMMARY = "Xen hypervisor tools" +DESCRIPTION = "Tools and utility software for the Xen hypervisor" + +COMPATIBLE_HOST = 'i686-.*-linux|(x86_64.*).*-linux|aarch64.*-linux|arm-.*-linux-gnueabi' + +inherit setuptools3 update-rc.d systemd deploy +require xen-blktap.inc + +# To build hvmloader, which is needed on x86-64 targets when 'hvm' is enabled +# in PACKAGECONFIG, to support running HVM-mode guest VMs, some files from +# 32-bit glibc are needed. +# Add the multilib 32-bit glibc to DEPENDS only when necessary. +# +# To enable multilib, please add the following to your local.conf -: +# +# require conf/multilib.conf +# MULTILIBS = "multilib:lib32" +# DEFAULTTUNE_virtclass-multilib-lib32 = "x86" + +# Use this multilib prefix for x86 32-bit to match local.conf: +MLPREFIX32 = "lib32-" + +# The DEPENDS on a multilib 32-bit glibc is only added when target is x86-64 +# and 'hvm' is enabled in PACKAGECONFIG. +# This x86-64 override is never intended for native use, so clear that. +GLIBC32 = "" +GLIBC32_x86-64 = \ + "${@bb.utils.contains('PACKAGECONFIG', 'hvm', '${MLPREFIX32}glibc', '', d)}" +GLIBC32_class-native = "" +DEPENDS += "${GLIBC32}" + +RDEPENDS_${PN} = "\ + bash perl xz \ + ${PN}-console \ + ${PN}-libxenguest \ + ${PN}-libxenlight \ + ${PN}-libxenvchan \ + ${PN}-libxenctrl \ + ${PN}-libxlutil \ + ${PN}-libxenstat \ + ${PN}-libxenstore \ + ${PN}-libfsimage \ + ${PN}-fsimage \ + ${PN}-scripts-block \ + ${PN}-scripts-network \ + ${PN}-xen-watchdog \ + ${PN}-xencommons \ + ${PN}-xendomains \ + ${PN}-xenstore \ + virtual/xenstored \ + ${PN}-xl \ + " + +RDEPENDS_${PN}-dev = "" + +RRECOMMENDS_${PN} = " \ + ${@bb.utils.contains('PACKAGECONFIG', 'hvm', 'seabios', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'externalblktap', '', '${BLKTAP_RRECOMMENDS}', d)} \ + ${PN}-flask \ + ${PN}-hvmloader \ + ${PN}-shim \ + ${PN}-xenpaging \ + " + +RDEPENDS_${PN}-devd = " \ + ${PN}-xl \ + " + +RDEPENDS_${PN}-fsimage = " \ + libext2fs \ + " + +RDEPENDS_${PN}-misc = " \ + perl \ + python3 \ + ${PN}-xencov \ + " + +RSUGGESTS_${PN}-misc = " \ + ${PN}-xencons \ + ${PN}-xenpvnetboot \ + " + +RDEPENDS_${PN}-python = " \ + python3 \ + " + +RDEPENDS_${PN}-pygrub = " \ + python3 \ + ${PN}-python \ + " + +RDEPENDS_${PN}-remus = "bash" + +RDEPENDS_${PN}-scripts-block = "\ + bash \ + ${PN}-scripts-common \ + ${PN}-volatiles \ + " + +RDEPENDS_${PN}-scripts-common = "bash" + +RDEPENDS_${PN}-scripts-network = "\ + bash \ + bridge-utils \ + ${PN}-scripts-common \ + ${PN}-volatiles \ + " + +RSUGGESTS_${PN}-xencov = "${PN}-xencov-split" + +RDEPENDS_${PN}-xencommons = "\ + bash \ + ${PN}-console \ + ${PN}-xenstore \ + virtual/xenstored \ + ${PN}-xl \ + ${PN}-scripts-common \ + " + +RDEPENDS_${PN}-xendomains = "\ + bash \ + ${PN}-console \ + ${PN}-scripts-block \ + ${PN}-scripts-common \ + virtual/xenstored \ + " + +RDEPENDS_${PN}-xl = "libgcc" + +RDEPENDS_${PN}-xenmon = " \ + python3 \ + " + +RSUGGESTS_${PN}-xentrace = "${PN}-xentrace-format" + +RDEPENDS_${PN}-xen-watchdog = "bash" + +PACKAGES = " \ + ${PN} \ + ${@bb.utils.contains('PACKAGECONFIG', 'externalblktap', '', '${BLKTAP_PACKAGES}', d)} \ + ${PN}-console \ + ${PN}-cpuid \ + ${PN}-dbg \ + ${PN}-dev \ + ${PN}-devd \ + ${PN}-doc \ + ${PN}-flask \ + ${PN}-flask-tools \ + ${PN}-fsimage \ + ${PN}-gdbsx \ + ${PN}-hvmloader \ + ${PN}-init-xenstore-dom \ + ${PN}-kdd \ + ${PN}-libfsimage \ + ${PN}-libfsimage-dev \ + ${PN}-libxencall \ + ${PN}-libxencall-dev \ + ${PN}-libxenctrl \ + ${PN}-libxenctrl-dev \ + ${PN}-libxendevicemodel \ + ${PN}-libxendevicemodel-dev \ + ${PN}-libxenevtchn \ + ${PN}-libxenevtchn-dev \ + ${PN}-libxenforeignmemory \ + ${PN}-libxenforeignmemory-dev \ + ${PN}-libxengnttab \ + ${PN}-libxengnttab-dev \ + ${PN}-libxenguest \ + ${PN}-libxenguest-dev \ + ${PN}-libxenlight \ + ${PN}-libxenlight-dev \ + ${PN}-libxenstat \ + ${PN}-libxenstat-dev \ + ${PN}-libxenstore \ + ${PN}-libxenstore-dev \ + ${PN}-libxentoolcore \ + ${PN}-libxentoolcore-dev \ + ${PN}-libxentoollog \ + ${PN}-libxentoollog-dev \ + ${PN}-libxenvchan \ + ${PN}-libxenvchan-dev \ + ${PN}-libxlutil \ + ${PN}-libxlutil-dev \ + ${PN}-livepatch \ + ${PN}-misc \ + ${PN}-pygrub \ + ${PN}-python \ + ${PN}-remus \ + ${PN}-scripts-block \ + ${PN}-scripts-common \ + ${PN}-scripts-network \ + ${PN}-shim \ + ${PN}-staticdev \ + ${PN}-volatiles \ + ${PN}-xcutils \ + ${PN}-xencommons \ + ${PN}-xencov \ + ${PN}-xend \ + ${PN}-xend-examples \ + ${PN}-xendomains \ + ${PN}-xenmon \ + ${PN}-xenpaging \ + ${PN}-xenpmd \ + ${PN}-xenstat \ + ${PN}-xenstore \ + ${PN}-xenstored \ + ${PN}-xentrace \ + ${PN}-xen-watchdog \ + ${PN}-xl \ + ${PN}-xl-examples \ + ${PN}-xm \ + ${PN}-xm-examples \ + " + +PROVIDES =+ " \ + virtual/xenstored \ + ${@bb.utils.contains('PACKAGECONFIG', 'externalblktap', '', '${BLKTAP_PROVIDES}', d)} \ + " + +# There are multiple implementations of the XenStore daemon, so we use a +# virtual package to allow for substitution. +RPROVIDES_${PN}-xenstored = "virtual/xenstored" + +FILES_${PN}-dbg += "\ + ${libdir}/xen/bin/.debug \ + ${libdir}/${PYTHON_DIR}/site-packages/.debug \ + ${libdir}/${PYTHON_DIR}/site-packages/xen/lowlevel/.debug \ + ${libdir}/fs/xfs/.debug \ + ${libdir}/fs/ufs/.debug \ + ${libdir}/fs/ext2fs-lib/.debug \ + ${libdir}/fs/fat/.debug \ + ${libdir}/fs/zfs/.debug \ + ${libdir}/fs/reiserfs/.debug \ + ${libdir}/fs/iso9660/.debug \ + ${libdir}/fs/**/.debug \ + ${sbindir}/.debug \ + ${libdir}exec/.debug \ + ${libdir}/xen/libexec/.debug \ + ${bindir}/.debug \ + ${libdir}/${PYTHON_DIR}/dist-packages/.debug \ + ${libdir}/${PYTHON_DIR}/dist-packages/xen/lowlevel/.debug \ + " + +FILES_${PN}-dev = "\ + ${includedir} \ + " + +FILES_${PN}-doc = "\ + ${sysconfdir}/xen/README \ + ${sysconfdir}/xen/README.incompatibilities \ + ${datadir}/doc \ + ${datadir}/man \ + " + +FILES_${PN}-staticdev += "\ + ${libdir}/libxenguest.a \ + ${libdir}/libxenlight.a \ + ${libdir}/libxenvchan.a \ + ${libdir}/libxenctrl.a \ + ${libdir}/libxlutil.a \ + ${libdir}/libxenstat.a \ + ${libdir}/libxenstore.a \ + " + +FILES_${PN}-libxencall = "${libdir}/libxencall.so.*" +FILES_${PN}-libxencall-dev = " \ + ${libdir}/libxencall.so \ + ${libdir}/pkgconfig/xencall.pc \ + ${datadir}/pkgconfig/xencall.pc \ + " + +FILES_${PN}-libxenctrl = "${libdir}/libxenctrl.so.*" +FILES_${PN}-libxenctrl-dev = " \ + ${libdir}/libxenctrl.so \ + ${libdir}/pkgconfig/xencontrol.pc \ + ${datadir}/pkgconfig/xencontrol.pc \ + " + +FILES_${PN}-libxendevicemodel = "${libdir}/libxendevicemodel.so.*" +FILES_${PN}-libxendevicemodel-dev = " \ + ${libdir}/libxendevicemodel.so \ + ${libdir}/pkgconfig/xendevicemodel.pc \ + ${datadir}/pkgconfig/xendevicemodel.pc \ + " + +FILES_${PN}-libxenevtchn = "${libdir}/libxenevtchn.so.*" +FILES_${PN}-libxenevtchn-dev = " \ + ${libdir}/libxenevtchn.so \ + ${libdir}/pkgconfig/xenevtchn.pc \ + ${datadir}/pkgconfig/xenevtchn.pc \ + " + +FILES_${PN}-libxenforeignmemory = "${libdir}/libxenforeignmemory.so.*" +FILES_${PN}-libxenforeignmemory-dev = " \ + ${libdir}/libxenforeignmemory.so \ + ${libdir}/pkgconfig/xenforeignmemory.pc \ + ${datadir}/pkgconfig/xenforeignmemory.pc \ + " + +FILES_${PN}-libxengnttab = "${libdir}/libxengnttab.so.*" +FILES_${PN}-libxengnttab-dev = " \ + ${libdir}/libxengnttab.so \ + ${libdir}/pkgconfig/xengnttab.pc \ + ${datadir}/pkgconfig/xengnttab.pc \ + " + +FILES_${PN}-libxenguest = "${libdir}/libxenguest.so.*" +FILES_${PN}-libxenguest-dev = " \ + ${libdir}/libxenguest.so \ + ${libdir}/pkgconfig/xenguest.pc \ + ${datadir}/pkgconfig/xenguest.pc \ + " + +FILES_${PN}-libxenlight = "${libdir}/libxenlight.so.*" +FILES_${PN}-libxenlight-dev = " \ + ${libdir}/libxenlight.so \ + ${libdir}/pkgconfig/xenlight.pc \ + ${datadir}/pkgconfig/xenlight.pc \ + " + +FILES_${PN}-libxenstat = "${libdir}/libxenstat.so.*" +FILES_${PN}-libxenstat-dev = " \ + ${libdir}/libxenstat.so \ + ${libdir}/pkgconfig/xenstat.pc \ + ${datadir}/pkgconfig/xenstat.pc \ + " + +FILES_${PN}-libxenstore = "${libdir}/libxenstore.so.*" +FILES_${PN}-libxenstore-dev = " \ + ${libdir}/libxenstore.so \ + ${libdir}/pkgconfig/xenstore.pc \ + ${datadir}/pkgconfig/xenstore.pc \ + " + +FILES_${PN}-libxentoolcore = "${libdir}/libxentoolcore.so.*" +FILES_${PN}-libxentoolcore-dev = " \ + ${libdir}/libxentoolcore.so \ + ${libdir}/pkgconfig/xentoolcore.pc \ + ${datadir}/pkgconfig/xentoolcore.pc \ + " + +FILES_${PN}-libxentoollog = "${libdir}/libxentoollog.so.*" +FILES_${PN}-libxentoollog-dev = " \ + ${libdir}/libxentoollog.so \ + ${libdir}/pkgconfig/xentoollog.pc \ + ${datadir}/pkgconfig/xentoollog.pc \ + " + +FILES_${PN}-libxenvchan = "${libdir}/libxenvchan.so.*" +FILES_${PN}-libxenvchan-dev = " \ + ${libdir}/libxenvchan.so \ + ${libdir}/pkgconfig/xenvchan.pc \ + ${datadir}/pkgconfig/xenvchan.pc \ + " + +FILES_${PN}-libxlutil = "${libdir}/libxlutil.so.*" +FILES_${PN}-libxlutil-dev = " \ + ${libdir}/libxlutil.so \ + ${libdir}/pkgconfig/xlutil.pc \ + ${datadir}/pkgconfig/xlutil.pc \ + " +FILES_${PN}-libvhd = "${libdir}/libvhd.so.*" +FILES_${PN}-libvhd-dev = " \ + ${libdir}/libvhd.so \ + ${libdir}/pkgconfig/vhd.pc \ + ${datadir}/pkgconfig/vhd.pc \ + " + +FILES_${PN}-libfsimage = " \ + ${libdir}/libfsimage.so.* \ + ${libdir}/libxenfsimage.so.* \ + " + +FILES_${PN}-libfsimage-dev = " \ + ${libdir}/libfsimage.so \ + ${libdir}/libxenfsimage.so \ + ${libdir}/pkgconfig/fsimage.pc \ + ${datadir}/pkgconfig/fsimage.pc \ + ${libdir}/pkgconfig/xenfsimage.pc \ + ${datadir}/pkgconfig/xenfsimage.pc \ + " + +FILES_${PN}-fsimage = " \ + ${libdir}/fs/**/[a-z]*fsimage.so \ + ${libdir}/xenfsimage/**/fsimage.so \ + " + +FILES_${PN}-init-xenstore-dom = "${libdir}/xen/bin/init-xenstore-domain" + +FILES_${PN} = "\ + ${sysconfdir}/xen/auto \ + ${sysconfdir}/xen/cpupool \ + ${localstatedir}/xen/dump \ + " + +FILES_${PN}-console = "\ + ${libdir}/xen/bin/xenconsole \ + ${sbindir}/xenconsoled \ + " + +FILES_${PN}-cpuid = "\ + ${bindir}/xen-cpuid \ + " + +FILES_${PN}-devd = "\ + ${sysconfdir}/init.d/xendriverdomain \ + ${systemd_unitdir}/system/xendriverdomain.service \ + " + +FILES_${PN}-flask = "\ + /boot/xenpolicy-* \ + " + +FILES_${PN}-flask-tools = "\ + ${sbindir}/flask-get-bool \ + ${sbindir}/flask-getenforce \ + ${sbindir}/flask-label-pci \ + ${sbindir}/flask-loadpolicy \ + ${sbindir}/flask-set-bool \ + ${sbindir}/flask-setenforce \ + " + +FILES_${PN}-gdbsx = "\ + ${sbindir}/gdbsx \ + " + +INSANE_SKIP_${PN}-hvmloader = "arch" +FILES_${PN}-hvmloader = "\ + ${libdir}/xen/boot/hvmloader \ + " + +FILES_${PN}-kdd = "\ + ${sbindir}/kdd \ + ${sbindir}/xen-kdd \ + " + +FILES_${PN}-livepatch += " \ + ${sbindir}/xen-livepatch \ + " + +FILES_${PN}-misc = "\ + ${bindir}/xen-detect \ + ${libdir}/xen/bin/depriv-fd-checker \ + ${sbindir}/gtracestat \ + ${sbindir}/gtraceview \ + ${sbindir}/xen-bugtool \ + ${sbindir}/xenperf \ + ${sbindir}/xenpm \ + ${sbindir}/xsview \ + ${sbindir}/xen-diag \ + ${sbindir}/xen-tmem-list-parse \ + ${sbindir}/xen-python-path \ + ${sbindir}/xen-ringwatch \ + ${sbindir}/xen-hptool \ + ${sbindir}/xen-hvmcrash \ + ${sbindir}/xen-hvmctx \ + ${sbindir}/xenlockprof \ + ${sbindir}/xen-lowmemd \ + ${sbindir}/xen-mfndump \ + ${libdir}/xen/bin/verify-stream-v2 \ + ${libdir}/xen/bin/convert-legacy-stream \ + " + +FILES_${PN}-pygrub = "\ + ${bindir}/pygrub \ + ${libdir}/xen/bin/pygrub \ + " + +FILES_${PN}-python = "\ + ${libdir}/${PYTHON_DIR} \ + " + +FILES_${PN}-remus = "\ + ${sysconfdir}/xen/scripts/remus-netbuf-setup \ + " + +FILES_${PN}-scripts-network = " \ + ${sysconfdir}/xen/scripts/colo-proxy-setup \ + ${sysconfdir}/xen/scripts/network-bridge \ + ${sysconfdir}/xen/scripts/network-nat \ + ${sysconfdir}/xen/scripts/network-route \ + ${sysconfdir}/xen/scripts/qemu-ifup \ + ${sysconfdir}/xen/scripts/vif2 \ + ${sysconfdir}/xen/scripts/vif-bridge \ + ${sysconfdir}/xen/scripts/vif-common.sh \ + ${sysconfdir}/xen/scripts/vif-nat \ + ${sysconfdir}/xen/scripts/vif-openvswitch \ + ${sysconfdir}/xen/scripts/vif-route \ + ${sysconfdir}/xen/scripts/vif-setup \ + " + +FILES_${PN}-scripts-block = " \ + ${sysconfdir}/xen/scripts/blktap \ + ${sysconfdir}/xen/scripts/block \ + ${sysconfdir}/xen/scripts/block-common.sh \ + ${sysconfdir}/xen/scripts/block-dummy \ + ${sysconfdir}/xen/scripts/block-enbd \ + ${sysconfdir}/xen/scripts/block-iscsi \ + ${sysconfdir}/xen/scripts/block-nbd \ + ${sysconfdir}/xen/scripts/block-drbd-probe \ + ${sysconfdir}/xen/scripts/block-tap \ + ${sysconfdir}/xen/scripts/vscsi \ + " + +FILES_${PN}-scripts-common = " \ + ${sysconfdir}/xen/scripts/external-device-migrate \ + ${sysconfdir}/xen/scripts/hotplugpath.sh \ + ${sysconfdir}/xen/scripts/locking.sh \ + ${sysconfdir}/xen/scripts/logging.sh \ + ${sysconfdir}/xen/scripts/xen-hotplug-cleanup \ + ${sysconfdir}/xen/scripts/xen-hotplug-common.sh \ + ${sysconfdir}/xen/scripts/xen-network-common.sh \ + ${sysconfdir}/xen/scripts/xen-script-common.sh \ + " + +INSANE_SKIP_${PN}-shim = "arch" +FILES_${PN}-shim = " \ + ${libdir}/xen/boot/xen-shim \ + " + +FILES_${PN}-volatiles = "\ + ${sysconfdir}/default/volatiles/99_xen \ + ${sysconfdir}/tmpfiles.d/xen.conf \ + " + +FILES_${PN}-xcutils = "\ + ${libdir}/xen/bin/lsevtchn \ + ${libdir}/xen/bin/readnotes \ + ${libdir}/xen/bin/xc_restore \ + ${libdir}/xen/bin/xc_save \ + " + +FILES_${PN}-xencov = "\ + ${sbindir}/xencov \ + " + +FILES_${PN}-xend-examples = "\ + ${sysconfdir}/xen/xend-config.sxp \ + ${sysconfdir}/xen/xend-pci-permissive.sxp \ + ${sysconfdir}/xen/xend-pci-quirks.sxp \ + " + +FILES_${PN}-xenpaging = "\ + ${libdir}/xen/bin/xenpaging \ + ${localstatedir}/lib/xen/xenpaging \ + " + +FILES_${PN}-xenpmd = "\ + ${sbindir}/xenpmd \ + " + +FILES_${PN}-xenstat = "\ + ${sbindir}/xentop \ + " + +FILES_${PN}-xenstore = "\ + ${bindir}/xenstore \ + ${bindir}/xenstore-chmod \ + ${bindir}/xenstore-control \ + ${bindir}/xenstore-exists \ + ${bindir}/xenstore-list \ + ${bindir}/xenstore-ls \ + ${bindir}/xenstore-read \ + ${bindir}/xenstore-rm \ + ${bindir}/xenstore-watch \ + ${bindir}/xenstore-write \ + " + +FILES_${PN}-xenstored = "\ + ${sbindir}/xenstored \ + ${localstatedir}/lib/xenstored \ + " + +FILES_${PN}-xentrace = "\ + ${bindir}/xentrace \ + ${bindir}/xentrace_setsize \ + ${libdir}/xen/bin/xenctx \ + ${bindir}/xenalyze \ + ${sbindir}/xentrace \ + ${sbindir}/xentrace_setsize \ + ${sbindir}/xentrace_setmask \ + " + +FILES_${PN}-xen-watchdog = "\ + ${sbindir}/xenwatchdogd \ + ${sysconfdir}/init.d/xen-watchdog \ + ${systemd_unitdir}/system/xen-watchdog.service \ + " + +FILES_${PN}-xl = "\ + ${sysconfdir}/bash_completion.d/xl.sh \ + ${sysconfdir}/xen/xl.conf \ + ${libdir}/xen/bin/libxl-save-helper \ + ${sbindir}/xl \ + ${libdir}/xen/bin/xen-init-dom0 \ + " + +FILES_${PN}-xl-examples = "\ + ${sysconfdir}/xen/xlexample.hvm \ + ${sysconfdir}/xen/xlexample.pvlinux \ + " + +FILES_${PN}-xm-examples = "\ + ${sysconfdir}/xen/xmexample1 \ + ${sysconfdir}/xen/xmexample2 \ + ${sysconfdir}/xen/xmexample3 \ + ${sysconfdir}/xen/xmexample.hvm \ + ${sysconfdir}/xen/xmexample.hvm-stubdom \ + ${sysconfdir}/xen/xmexample.nbd \ + ${sysconfdir}/xen/xmexample.pv-grub \ + ${sysconfdir}/xen/xmexample.vti \ + " + +FILES_${PN}-xenmon = "\ + ${sbindir}/xenbaked \ + ${sbindir}/xenmon.py \ + ${sbindir}/xenmon \ + " + +FILES_${PN}-xm = "\ + ${sysconfdir}/xen/xm-config.xml \ + ${datadir}/xen/create.dtd \ + ${sbindir}/xm \ + " + +FILES_${PN}-xencommons += "\ + ${sysconfdir}/default/xencommons \ + ${sysconfdir}/init.d/xencommons \ + ${sysconfdir}/xen/scripts/launch-xenstore \ + ${systemd_unitdir}/modules-load.d/xen.conf \ + ${systemd_unitdir}/system/proc-xen.mount \ + ${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service \ + ${systemd_unitdir}/system/xenconsoled.service \ + ${systemd_unitdir}/system/xen-init-dom0.service \ + ${systemd_unitdir}/system/xenstored.service \ + ${systemd_unitdir}/system/var-lib-xenstored.mount \ + " + +FILES_${PN}-xend += " \ + ${sysconfdir}/init.d/xend \ + ${sbindir}/xend \ + " + +FILES_${PN}-xendomains += "\ + ${libdir}/xen/bin/xendomains \ + ${sysconfdir}/default/xendomains \ + ${sysconfdir}/init.d/xendomains \ + ${sysconfdir}/sysconfig/xendomains \ + ${systemd_unitdir}/system/xendomains.service \ + " + +INSANE_SKIP_${PN} = "already-stripped" + +# configure init.d scripts +INITSCRIPT_PACKAGES = "${PN}-xend ${PN}-xencommons ${PN}-xen-watchdog ${PN}-xendomains ${PN}-devd" +INITSCRIPT_NAME_${PN}-xencommons = "xencommons" +INITSCRIPT_PARAMS_${PN}-xencommons = "defaults 80" +INITSCRIPT_NAME_${PN}-xen-watchdog = "xen-watchdog" +INITSCRIPT_PARAMS_${PN}-xen-watchdog = "defaults 81" +INITSCRIPT_NAME_${PN}-xend = "xend" +INITSCRIPT_PARAMS_${PN}-xend = "defaults 82" +INITSCRIPT_NAME_${PN}-xendomains = "xendomains" +INITSCRIPT_PARAMS_${PN}-xendomains = "defaults 83" +INITSCRIPT_NAME_${PN}-devd = "xendriverdomain" +INITSCRIPT_PARAMS_${PN}-devd = "defaults 82" + +# systemd packages +SYSTEMD_PACKAGES = "${PN}-xen-watchdog ${PN}-xencommons ${PN}-xendomains ${PN}-devd" +SYSTEMD_SERVICE_${PN}-devd = "xendriverdomain.service" +SYSTEMD_SERVICE_${PN}-xen-watchdog = "xen-watchdog.service" +SYSTEMD_SERVICE_${PN}-xencommons = " \ + proc-xen.mount \ + var-lib-xenstored.mount \ + xen-qemu-dom0-disk-backend.service \ + xenconsoled.service \ + xen-init-dom0.service \ + xenstored.service \ + " +SYSTEMD_SERVICE_${PN}-xendomains = "xendomains.service" + +# To build hvmloader, which is needed on x86-64 targets when 'hvm' is enabled +# in PACKAGECONFIG, additional CFLAGS are needed to set the 32-bit sysroot. +RECIPE_SYSROOT32 = "${WORKDIR}/${MLPREFIX32}recipe-sysroot" +ADD_SYSROOT32_CFLAGS = "" +ADD_SYSROOT32_CFLAGS_x86-64 = \ + "${@bb.utils.contains('PACKAGECONFIG', 'hvm', \ + 'CFLAGS += "--sysroot=${RECIPE_SYSROOT32}"', '', d)}" +# This x86-64 override is never intended for native use, so clear that. +ADD_SYSROOT32_CFLAGS_class-native = "" + +do_configure() { + do_configure_common + + if [ -n '${ADD_SYSROOT32_CFLAGS}' ] ; then + echo '${ADD_SYSROOT32_CFLAGS}' >>"${S}/tools/firmware/Rules.mk" + fi +} + +do_compile() { + cd ${S} + oe_runmake tools PYTHON="${PYTHON}" +} + +do_install() { + cd ${S} + oe_runmake DESTDIR="${D}" install-tools + + # Remove unported python 2 scripts -- see the separate xen-python2 recipe + rm -f ${D}${bindir}/xentrace_format \ + ${D}${bindir}/xencons \ + ${D}${bindir}/xencov_split \ + ${D}${libdir}/xen/bin/xenpvnetboot + + # remove installed volatiles + rm -rf ${D}${base_prefix}/run \ + ${D}${localstatedir}/run \ + ${D}${localstatedir}/lock \ + ${D}${localstatedir}/log \ + ${D}${localstatedir}/volatile \ + ${D}${localstatedir}/lib/xen + + VOLATILE_DIRS=" \ + ${base_prefix}/run/xenstored \ + ${base_prefix}/run/xend \ + ${base_prefix}/run/xend/boot \ + ${base_prefix}/run/xen \ + ${localstatedir}/log/xen \ + ${localstatedir}/lock/xen \ + ${localstatedir}/lock/subsys \ + ${localstatedir}/lib/xen \ + " + + # install volatiles using populate_volatiles mechanism + install -d ${D}${sysconfdir}/default/volatiles + for i in $VOLATILE_DIRS; do + echo "d root root 0755 $i none" >> ${D}${sysconfdir}/default/volatiles/99_xen + done + + # workaround for xendomains script which searchs sysconfig if directory exists + install -d ${D}${sysconfdir}/sysconfig + ln -sf ${sysconfdir}/default/xendomains ${D}${sysconfdir}/sysconfig/xendomains + + # systemd + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + # install volatiles using systemd tmpfiles.d + install -d ${D}${sysconfdir}/tmpfiles.d + for i in $VOLATILE_DIRS; do + echo "d $i 0755 root root - -" >> ${D}${sysconfdir}/tmpfiles.d/xen.conf + done + fi + + # fixup default path to qemu-system-i386 + sed -i 's#\(test -z "$QEMU_XEN" && QEMU_XEN=\).*$#\1"/usr/bin/qemu-system-i386"#' ${D}/etc/init.d/xencommons + + if [ -e ${D}${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service ]; then + sed -i 's#ExecStart=.*qemu-system-i386\(.*\)$#ExecStart=/usr/bin/qemu-system-i386\1#' \ + ${D}${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service + fi +} + +pkg_postinst_${PN}-volatiles() { + if [ -z "$D" ]; then + if command -v systemd-tmpfiles >/dev/null; then + systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/xen.conf + elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then + ${sysconfdir}/init.d/populate-volatile.sh update + fi + fi +} + +do_deploy() { + XEN_FULLVERSION=$(oe_runmake -C ${S}/xen xenversion --no-print-directory) + FLASK_POLICY_FILE="xenpolicy-${XEN_FULLVERSION}" + + install -d ${DEPLOYDIR} + + # Install the flask policy in the deploy directory if it exists + if [ -f ${D}/boot/${FLASK_POLICY_FILE} ]; then + install -m 0644 ${D}/boot/${FLASK_POLICY_FILE} ${DEPLOYDIR} + ln -sf ${FLASK_POLICY_FILE} ${DEPLOYDIR}/xenpolicy-${MACHINE} + fi +} +# Scheduling the do_deploy task: +# - deploy copies files from ${D} that are written during do_install so must run +# after that task +# - the tools binaries are included in the image filesystem, so we must ensure +# that the binaries deployed match what is staged in the sysroot: +# so do_deploy must run after do_populate_sysroot +# - add the task before do_build to ensure that deployment has completed when +# the recipe build done stamp is written +addtask deploy after do_install do_populate_sysroot before do_build diff --git a/external/meta-virtualization/recipes-extended/xen/xen-tools_git.bb b/external/meta-virtualization/recipes-extended/xen/xen-tools_git.bb new file mode 100644 index 00000000..00060df7 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xen/xen-tools_git.bb @@ -0,0 +1,24 @@ +SRCREV ?= "a5fcafbfbee55261853fba07149c1c795f2baf58" + +XEN_REL ?= "4.12" +XEN_BRANCH ?= "stable-${XEN_REL}" + +SRC_URI = " \ + git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH} \ + file://0001-python-pygrub-pass-DISTUTILS-xen.4.12.patch \ + file://xen-tools-update-python-scripts-to-py3.patch \ + file://xen-tools-libxl-gentypes-py3.patch \ + file://xen-tools-python-fix-Wsign-compare-warnings.patch \ + file://xen-tools-pygrub-change-tabs-into-spaces.patch \ + file://xen-tools-pygrub-make-python-scripts-work-with-2.6-and-up.patch \ + file://xen-tools-pygrub-py3.patch \ + " + +LIC_FILES_CHKSUM ?= "file://COPYING;md5=bbb4b1bdc2c3b6743da3c39d03249095" + +PV = "${XEN_REL}+git${SRCPV}" + +S = "${WORKDIR}/git" + +require xen.inc +require xen-tools.inc diff --git a/external/meta-virtualization/recipes-extended/xen/xen-vtpm.inc b/external/meta-virtualization/recipes-extended/xen/xen-vtpm.inc deleted file mode 100644 index a94c7503..00000000 --- a/external/meta-virtualization/recipes-extended/xen/xen-vtpm.inc +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -require stubdom.inc - -DEPENDS = "\ - newlib \ - lwip \ - mini-os \ - polarssl \ - stubdom-gmp \ - tpm-emulator \ -" -# These were unset by stubdom.inc to allow us to scope them per recipe -export CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" -export CCLD="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" -export CXX="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}" -export CPP="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}" -export LD="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" -export LD_LTO="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" -export AS="${HOST_PREFIX}as" -export AR="${HOST_PREFIX}ar" -export NM="${HOST_PREFIX}nm" -export RANLIB="${HOST_PREFIX}ranlib" -export OBJDUMP="${HOST_PREFIX}objdump" -export OBJCOPY="${HOST_PREFIX}objcopy" -export STRIP="${HOST_PREFIX}strip" -export STRINGS="${HOST_PREFIX}strings" -export READELF="${HOST_PREFIX}readelf" - - -# Required for some of the config stuff -export STUBDOM_TARGETS="vtpm vtpmmgr" - -VTPM_CPPFLAGS = "\ - -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/build \ - -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/crypto \ - -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/tpm \ - -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator \ -" - -# The includes from this Xen directory are not in the MiniOS repo, although they probably should be. -STUBDOM_CPPFLAGS += "-isystem ${B}/include/" - -do_configure() { - - # GCC 7 fails linking header defined inlines if not declared 'static' or 'extern' - # This appears to be fixed in Xen 4.10.0+, so let's look at version of Xen source - # to determine if we need to modify inline declarations. - # - # 'echo -e' to enable interpretation of backslashes - # 'sort -V' to natural sort version numbers - # 'head -n1' to capture the first line of output from sort command - - if [ "${PV}" = "$(echo "${PV};4.9.999" | sed 's/;/\n/' | sort -V | head -n1)" ]; then - sed -i "s/^inline/static inline/g" ${B}/vtpmmgr/*.h - fi - - for i in AR AS NM RANLIB OBJDUMP OBJCOPY STRIP STRINGS READELF CXX LD LD_LTO CC CPP; do - sed -i "s/^\($i\s\s*\).*=/\1?=/" ${MINIOS_SRCDIR}/Config.mk - done - - # replicate the TARGETS_MINIOS target in xen/stubdom/Makefile - for i in ${STUBDOM_TARGETS}; do - [ -d ${B}/mini-os-${XEN_TARGET_ARCH}-$i ] || - for j in $(cd ${MINIOS_SRCDIR} ; find . -type d) ; do \ - mkdir -p ${B}/mini-os-${XEN_TARGET_ARCH}-$i/$j; \ - done - done -} - -do_compile() { - ${MAKE} MINIOS_CONFIG="${B}/vtpm/minios.cfg" CONFIG_FILE="${B}/vtpm-minios-config.mk" DESTDIR= -C ${MINIOS_SRCDIR} config - CPPFLAGS="`cat ${B}/vtpm-minios-config.mk` ${STUBDOM_CPPFLAGS} ${VTPM_CPPFLAGS}" CFLAGS="${STUBDOM_CFLAGS}" ${MAKE} -C ${B}/vtpm - DEF_CPPFLAGS="${STUBDOM_CPPFLAGS}" \ - DEF_CFLAGS="${STUBDOM_CFLAGS}" \ - DEF_LDFLAGS="${STUBDOM_LDFLAGS}" \ - MINIOS_CONFIG="${B}/vtpm/minios.cfg" \ - ${MAKE} -C ${MINIOS_SRCDIR} \ - OBJ_DIR=${B}/mini-os-${XEN_TARGET_ARCH}-vtpm \ - APP_OBJS="${B}/vtpm/vtpm.a" \ - APP_LDLIBS="-ltpm -ltpm_crypto -lgmp -lpolarssl" - - ${MAKE} MINIOS_CONFIG="${B}/vtpmmgr/minios.cfg" CONFIG_FILE="${B}/vtpmmgr-minios-config.mk" DESTDIR= -C ${MINIOS_SRCDIR} config - CPPFLAGS="`cat ${B}/vtpmmgr-minios-config.mk` ${STUBDOM_CPPFLAGS}" CFLAGS="${STUBDOM_CFLAGS}" ${MAKE} -C ${B}/vtpmmgr - DEF_CPPFLAGS="${STUBDOM_CPPFLAGS}" \ - DEF_CFLAGS="${STUBDOM_CFLAGS}" \ - DEF_LDFLAGS="${STUBDOM_LDFLAGS}" \ - MINIOS_CONFIG="${B}/vtpmmgr/minios.cfg" \ - ${MAKE} -C ${MINIOS_SRCDIR} \ - OBJ_DIR=${B}/mini-os-${XEN_TARGET_ARCH}-vtpmmgr \ - APP_OBJS="${B}/vtpmmgr/vtpmmgr.a" \ - APP_LDLIBS="-lm -lpolarssl" -} - -PACKAGES = "\ - ${PN}-vtpm-stubdom \ - ${PN}-vtpmmgr-stubdom \ -" -FILES_${PN}-vtpm-stubdom="\ - ${libdir}/xen/boot/vtpm-stubdom.gz \ -" - -FILES_${PN}-vtpmmgr-stubdom="\ - ${libdir}/xen/boot/vtpmmgr-stubdom.gz \ -" - -do_install() { - install -m 644 -D ${B}/mini-os-${XEN_TARGET_ARCH}-vtpm/mini-os.gz ${D}${libdir}/xen/boot/vtpm-stubdom.gz - install -m 644 -D ${B}/mini-os-${XEN_TARGET_ARCH}-vtpmmgr/mini-os.gz ${D}${libdir}/xen/boot/vtpmmgr-stubdom.gz -} diff --git a/external/meta-virtualization/recipes-extended/xen/xen-vtpm_4.11.0.bb b/external/meta-virtualization/recipes-extended/xen/xen-vtpm_4.11.0.bb deleted file mode 100644 index 088e985b..00000000 --- a/external/meta-virtualization/recipes-extended/xen/xen-vtpm_4.11.0.bb +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> -# Released under the MIT license (see COPYING.MIT for the terms) - -DESCRIPTION = "MiniOS-based vTPMs for Xen" -HOMEPAGE = "https://www.xenproject.org" -LICENSE = "GPLv2 & BSD-3-Clause" -LIC_FILES_CHKSUM = "file://COPYING;md5=b1ceb1b03a49b202ee6f41ffd1ed0155 \ - file://vtpm/COPYING;md5=75a98062ab0322ded060d9026a1bda61 \ -" - -# git commit hash for Xen's RELEASE-4.11.0 tag -SRCREV_xen = "1eb6544a567e3e5133fafe0c4ef3545c5138d0e4" -SRC_URI = "\ - git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;subpath=stubdom \ - git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;destsuffix=stubdom/include;subpath=tools/xenstore/include \ -" - -S="${WORKDIR}/stubdom" -B="${S}" - -require xen-vtpm.inc diff --git a/external/meta-virtualization/recipes-extended/xen/xen.inc b/external/meta-virtualization/recipes-extended/xen/xen.inc index 7eb2ac4b..2a02805f 100644 --- a/external/meta-virtualization/recipes-extended/xen/xen.inc +++ b/external/meta-virtualization/recipes-extended/xen/xen.inc @@ -1,13 +1,8 @@ -DESCRIPTION = "Xen hypervisor" HOMEPAGE = "http://xen.org" LICENSE = "GPLv2" SECTION = "console/tools" -LIC_FILES_CHKSUM = "file://COPYING;md5=bbb4b1bdc2c3b6743da3c39d03249095" - -COMPATIBLE_HOST = '(x86_64.*).*-linux|aarch64.*-linux|arm-.*-linux-gnueabi' - -inherit autotools-brokensep setuptools update-rc.d systemd deploy +inherit autotools-brokensep require xen-arch.inc @@ -17,16 +12,15 @@ PACKAGECONFIG ??= " \ ${@bb.utils.contains('XEN_TARGET_ARCH', 'x86_64', 'hvm', '', d)} \ " -FLASK_POLICY_FILE ?= "xenpolicy-${PV}" - PACKAGECONFIG[sdl] = "--enable-sdl,--disable-sdl,virtual/libsdl," PACKAGECONFIG[xsm] = "--enable-xsmpolicy,--disable-xsmpolicy,checkpolicy-native," PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd," PACKAGECONFIG[hvm] = "--with-system-seabios="/usr/share/firmware/bios.bin",--disable-seabios,seabios ipxe vgabios," +PACKAGECONFIG[externalblktap] = ",,," DEPENDS = " \ + ${@bb.utils.contains('XEN_TARGET_ARCH', 'x86_64', 'dev86-native', '', d)} \ bison-native \ - dev86-native \ flex-native \ file-native \ gettext-native \ @@ -47,7 +41,7 @@ DEPENDS = " \ pciutils \ pixman \ procps \ - python \ + python3 \ libaio \ lzo \ util-linux \ @@ -57,748 +51,6 @@ DEPENDS = " \ gnu-efi \ " -# inherit setuptools adds python to RDEPENDS, override it -RDEPENDS_${PN} = "" - -RDEPENDS_${PN}-base = "\ - bash perl xz \ - ${PN}-console \ - ${PN}-libxenguest \ - ${PN}-libxenlight \ - ${PN}-libxenvchan \ - ${PN}-libxenctrl \ - ${PN}-libxlutil \ - ${PN}-libxenstat \ - ${PN}-libxenstore \ - ${PN}-libfsimage \ - ${PN}-fsimage \ - ${PN}-scripts-block \ - ${PN}-scripts-network \ - ${PN}-xen-watchdog \ - ${PN}-xencommons \ - ${PN}-xendomains \ - ${PN}-xenstore \ - ${PN}-xenstored \ - ${PN}-xl \ - " - -RDEPENDS_${PN}-dev = "" - -RRECOMMENDS_${PN}-base = " \ - ${PN}-blktap \ - ${PN}-libblktap \ - ${PN}-libblktapctl \ - ${PN}-libvhd \ - ${PN}-flask \ - ${PN}-hvmloader \ - ${PN}-shim \ - ${PN}-xenpaging \ - " - -RDEPENDS_${PN}-devd = " \ - ${PN}-xl \ - " - -RDEPENDS_${PN}-fsimage = " \ - libext2fs \ - " - -RDEPENDS_${PN}-misc = " \ - perl \ - python \ - " - -RDEPENDS_${PN}-remus = " \ - bash \ - python \ - " - -RDEPENDS_${PN}-scripts-block = "\ - bash \ - ${PN}-scripts-common \ - ${PN}-volatiles \ - " - -RDEPENDS_${PN}-scripts-common = "bash" - -RDEPENDS_${PN}-scripts-network = "\ - bash \ - bridge-utils \ - ${PN}-scripts-common \ - ${PN}-volatiles \ - " - -RDEPENDS_${PN}-xencommons = "\ - bash \ - ${PN}-console \ - ${PN}-xenstore \ - ${PN}-xenstored \ - ${PN}-xl \ - ${PN}-scripts-common \ - " - -RDEPENDS_${PN}-xendomains = "\ - bash \ - ${PN}-console \ - ${PN}-scripts-block \ - ${PN}-scripts-common \ - ${PN}-xenstored \ - " - -RDEPENDS_${PN}-xl = "libgcc" - -RDEPENDS_${PN}-xentrace = "python" - -RDEPENDS_${PN}-xen-watchdog = "bash" - -PACKAGES = "\ - ${PN}-base \ - ${PN}-blktap \ - ${PN}-console \ - ${PN}-cpuid \ - ${PN}-dbg \ - ${PN}-dev \ - ${PN}-devd \ - ${PN}-doc \ - ${PN}-efi \ - ${PN}-flask \ - ${PN}-flask-tools \ - ${PN}-fsimage \ - ${PN}-gdbsx \ - ${PN}-hvmloader \ - ${PN}-hypervisor \ - ${PN}-init-xenstore-dom \ - ${PN}-kdd \ - ${PN}-libblktap \ - ${PN}-libblktapctl \ - ${PN}-libblktapctl-dev \ - ${PN}-libblktap-dev \ - ${PN}-libfsimage \ - ${PN}-libfsimage-dev \ - ${PN}-libvhd \ - ${PN}-libvhd-dev \ - ${PN}-libxencall \ - ${PN}-libxencall-dev \ - ${PN}-libxenctrl \ - ${PN}-libxenctrl-dev \ - ${PN}-libxendevicemodel \ - ${PN}-libxendevicemodel-dev \ - ${PN}-libxenevtchn \ - ${PN}-libxenevtchn-dev \ - ${PN}-libxenforeignmemory \ - ${PN}-libxenforeignmemory-dev \ - ${PN}-libxengnttab \ - ${PN}-libxengnttab-dev \ - ${PN}-libxenguest \ - ${PN}-libxenguest-dev \ - ${PN}-libxenlight \ - ${PN}-libxenlight-dev \ - ${PN}-libxenstat \ - ${PN}-libxenstat-dev \ - ${PN}-libxenstore \ - ${PN}-libxenstore-dev \ - ${PN}-libxentoolcore \ - ${PN}-libxentoolcore-dev \ - ${PN}-libxentoollog \ - ${PN}-libxentoollog-dev \ - ${PN}-libxenvchan \ - ${PN}-libxenvchan-dev \ - ${PN}-libxlutil \ - ${PN}-libxlutil-dev \ - ${PN}-livepatch \ - ${PN}-misc \ - ${PN}-pygrub \ - ${PN}-python \ - ${PN}-qemu \ - ${PN}-remus \ - ${PN}-scripts-block \ - ${PN}-scripts-common \ - ${PN}-scripts-network \ - ${PN}-shim \ - ${PN}-staticdev \ - ${PN}-volatiles \ - ${PN}-xcutils \ - ${PN}-xencommons \ - ${PN}-xend \ - ${PN}-xend-examples \ - ${PN}-xendomains \ - ${PN}-xenmon \ - ${PN}-xenpaging \ - ${PN}-xenpmd \ - ${PN}-xenstat \ - ${PN}-xenstore \ - ${PN}-xenstored \ - ${PN}-xentrace \ - ${PN}-xen-watchdog \ - ${PN}-xl \ - ${PN}-xl-examples \ - ${PN}-xm \ - ${PN}-xm-examples \ - " - -FILES_${PN}-dbg += "\ - ${libdir}/.debug \ - ${libdir}/debug/* \ - ${libdir}/xen/bin/.debug \ - ${libdir}/python2.7/site-packages/.debug \ - ${libdir}/python2.7/site-packages/xen/lowlevel/.debug \ - ${libdir}/fs/xfs/.debug \ - ${libdir}/fs/ufs/.debug \ - ${libdir}/fs/ext2fs-lib/.debug \ - ${libdir}/fs/fat/.debug \ - ${libdir}/fs/zfs/.debug \ - ${libdir}/fs/reiserfs/.debug \ - ${libdir}/fs/iso9660/.debug \ - ${libdir}/fs/*/.debug \ - ${sbindir}/.debug \ - ${libdir}exec/.debug \ - ${libdir}/xen/libexec/.debug \ - ${bindir}/.debug \ - ${libdir}/python2.7/dist-packages/.debug \ - ${libdir}/python2.7/dist-packages/xen/lowlevel/.debug \ - " - -FILES_${PN}-dev = "\ - ${includedir} \ - " - -FILES_${PN}-doc = "\ - ${sysconfdir}/xen/README \ - ${sysconfdir}/xen/README.incompatibilities \ - ${datadir}/doc \ - ${datadir}/man \ - " - -FILES_${PN}-staticdev += "\ - ${libdir}/libblktapctl.a \ - ${libdir}/libxenguest.a \ - ${libdir}/libxenlight.a \ - ${libdir}/libxenvchan.a \ - ${libdir}/libxenctrl.a \ - ${libdir}/libxlutil.a \ - ${libdir}/libvhd.a \ - ${libdir}/libxenstat.a \ - ${libdir}/libxenstore.a \ - ${libdir}/libblktap.a \ - " - -FILES_${PN}-libblktapctl = "${libdir}/libblktapctl.so.*" -FILES_${PN}-libblktapctl-dev = " \ - ${libdir}/libblktapctl.so \ - ${datadir}/pkgconfig/xenblktapctl.pc \ - " - -FILES_${PN}-libxencall = "${libdir}/libxencall.so.*" -FILES_${PN}-libxencall-dev = " \ - ${libdir}/libxencall.so \ - ${datadir}/pkgconfig/xencall.pc \ - " - -FILES_${PN}-libxenctrl = "${libdir}/libxenctrl.so.*" -FILES_${PN}-libxenctrl-dev = " \ - ${libdir}/libxenctrl.so \ - ${datadir}/pkgconfig/xencontrol.pc \ - " - -FILES_${PN}-libxendevicemodel = "${libdir}/libxendevicemodel.so.*" -FILES_${PN}-libxendevicemodel-dev = " \ - ${libdir}/libxendevicemodel.so \ - ${datadir}/pkgconfig/xendevicemodel.pc \ - " - -FILES_${PN}-libxenevtchn = "${libdir}/libxenevtchn.so.*" -FILES_${PN}-libxenevtchn-dev = " \ - ${libdir}/libxenevtchn.so \ - ${datadir}/pkgconfig/xenevtchn.pc \ - " - -FILES_${PN}-libxenforeignmemory = "${libdir}/libxenforeignmemory.so.*" -FILES_${PN}-libxenforeignmemory-dev = " \ - ${libdir}/libxenforeignmemory.so \ - ${datadir}/pkgconfig/xenforeignmemory.pc \ - " - -FILES_${PN}-libxengnttab = "${libdir}/libxengnttab.so.*" -FILES_${PN}-libxengnttab-dev = " \ - ${libdir}/libxengnttab.so \ - ${datadir}/pkgconfig/xengnttab.pc \ - " - -FILES_${PN}-libxenguest = "${libdir}/libxenguest.so.*" -FILES_${PN}-libxenguest-dev = " \ - ${libdir}/libxenguest.so \ - ${datadir}/pkgconfig/xenguest.pc \ - " - -FILES_${PN}-libxenlight = "${libdir}/libxenlight.so.*" -FILES_${PN}-libxenlight-dev = " \ - ${libdir}/libxenlight.so \ - ${datadir}/pkgconfig/xenlight.pc \ - " - -FILES_${PN}-libxenstat = "${libdir}/libxenstat.so.*" -FILES_${PN}-libxenstat-dev = " \ - ${libdir}/libxenstat.so \ - ${datadir}/pkgconfig/xenstat.pc \ - " - -FILES_${PN}-libxenstore = "${libdir}/libxenstore.so.*" -FILES_${PN}-libxenstore-dev = " \ - ${libdir}/libxenstore.so \ - ${datadir}/pkgconfig/xenstore.pc \ - " - -FILES_${PN}-libxentoolcore = "${libdir}/libxentoolcore.so.*" -FILES_${PN}-libxentoolcore-dev = " \ - ${libdir}/libxentoolcore.so \ - ${datadir}/pkgconfig/xentoolcore.pc \ - " - -FILES_${PN}-libxentoollog = "${libdir}/libxentoollog.so.*" -FILES_${PN}-libxentoollog-dev = " \ - ${libdir}/libxentoollog.so \ - ${datadir}/pkgconfig/xentoollog.pc \ - " - -FILES_${PN}-libxenvchan = "${libdir}/libxenvchan.so.*" -FILES_${PN}-libxenvchan-dev = " \ - ${libdir}/libxenvchan.so \ - ${datadir}/pkgconfig/xenvchan.pc \ - " - -FILES_${PN}-libxlutil = "${libdir}/libxlutil.so.*" -FILES_${PN}-libxlutil-dev = " \ - ${libdir}/libxlutil.so \ - ${datadir}/pkgconfig/xlutil.pc \ - " -FILES_${PN}-libvhd = "${libdir}/libvhd.so.*" -FILES_${PN}-libvhd-dev = " \ - ${libdir}/libvhd.so \ - ${datadir}/pkgconfig/vhd.pc \ - " - -FILES_${PN}-libblktap = "${libdir}/libblktap.so.*" -FILES_${PN}-libblktap-dev = " \ - ${libdir}/libblktap.so \ - ${datadir}/pkgconfig/blktap.pc \ - " - -FILES_${PN}-libfsimage = "${libdir}/libfsimage.so.*" -FILES_${PN}-libfsimage-dev = " \ - ${libdir}/libfsimage.so \ - ${datadir}/pkgconfig/fsimage.pc \ - " - -FILES_${PN}-fsimage = "${libdir}/fs/*/*fsimage.so" - -FILES_${PN}-hypervisor = "\ - /boot/xen-* \ - /boot/xen \ - /boot/xen-*.gz \ - /boot/xen.gz \ - /boot/xen-syms-* \ - " - -FILES_${PN}-init-xenstore-dom = "${libdir}/xen/bin/init-xenstore-domain" - -FILES_${PN}-efi = "\ - ${exec_prefix}/lib64/efi/xen* \ - " - -FILES_${PN}-base = "\ - ${sysconfdir}/xen/auto \ - ${sysconfdir}/xen/cpupool \ - ${localstatedir}/xen/dump \ - " - -FILES_${PN}-blktap = "\ - ${sbindir}/blktapctrl \ - ${sbindir}/img2qcow \ - ${sbindir}/lock-util \ - ${sbindir}/qcow2raw \ - ${sbindir}/qcow-create \ - ${sbindir}/tap-ctl \ - ${sbindir}/tapdisk \ - ${sbindir}/tapdisk2 \ - ${sbindir}/tapdisk-client \ - ${sbindir}/tapdisk-diff \ - ${sbindir}/tapdisk-stream \ - ${sbindir}/td-util \ - ${sbindir}/vhd-update \ - ${sbindir}/vhd-util \ - " - -FILES_${PN}-console = "\ - ${libdir}/xen/bin/xenconsole \ - ${sbindir}/xenconsoled \ - " - -FILES_${PN}-cpuid = "\ - ${bindir}/xen-cpuid \ - " - -FILES_${PN}-devd = "\ - ${sysconfdir}/init.d/xendriverdomain \ - ${systemd_unitdir}/system/xendriverdomain.service \ - " - -FILES_${PN}-flask = "\ - /boot/${FLASK_POLICY_FILE} \ - " - -FILES_${PN}-flask-tools = "\ - ${sbindir}/flask-get-bool \ - ${sbindir}/flask-getenforce \ - ${sbindir}/flask-label-pci \ - ${sbindir}/flask-loadpolicy \ - ${sbindir}/flask-set-bool \ - ${sbindir}/flask-setenforce \ - " - -FILES_${PN}-gdbsx = "\ - ${sbindir}/gdbsx \ - " - -INSANE_SKIP_${PN}-hvmloader = "arch" -FILES_${PN}-hvmloader = "\ - ${libdir}/xen/boot/hvmloader \ - " - -FILES_${PN}-kdd = "\ - ${sbindir}/kdd \ - " - -FILES_${PN}-livepatch += " \ - ${sbindir}/xen-livepatch \ - " - -FILES_${PN}-misc = "\ - ${bindir}/xencons \ - ${bindir}/xencov_split \ - ${bindir}/xen-detect \ - ${libdir}/xen/bin/xenpvnetboot \ - ${libdir}/xen/bin/depriv-fd-checker \ - ${sbindir}/gtracestat \ - ${sbindir}/gtraceview \ - ${sbindir}/xen-bugtool \ - ${sbindir}/xencov \ - ${sbindir}/xenperf \ - ${sbindir}/xenpm \ - ${sbindir}/xsview \ - ${sbindir}/xen-diag \ - ${sbindir}/xen-tmem-list-parse \ - ${sbindir}/xen-python-path \ - ${sbindir}/xen-ringwatch \ - ${sbindir}/xen-hptool \ - ${sbindir}/xen-hvmcrash \ - ${sbindir}/xen-hvmctx \ - ${sbindir}/xenlockprof \ - ${sbindir}/xen-lowmemd \ - ${sbindir}/xen-mfndump \ - ${libdir}/xen/bin/verify-stream-v2 \ - ${libdir}/xen/bin/convert-legacy-stream \ - " - -FILES_${PN}-pygrub = "\ - ${bindir}/pygrub \ - ${libdir}/xen/bin/pygrub \ - " - -FILES_${PN}-python = "\ - ${libdir}/python2.7 \ - " - -INSANE_SKIP_${PN} = "already-stripped" -INSANE_SKIP_${PN}-qemu = "arch" -FILES_${PN}-qemu = " \ - ${datadir}/xen/qemu \ - ${libdir}/xen/bin/qemu-system-i386 \ - ${libdir}/xen/bin/qemu-system-x86_64 \ - ${libdir}/xen/bin/qemu-img \ - ${libdir}/xen/bin/qemu-nbd \ - ${libdir}/xen/bin/qemu-ga \ - ${libdir}/xen/bin/qemu-io \ - ${libdir}/xen/bin/qemu-dm \ - ${libdir}/xen/bin/virtfs-proxy-helper \ - /usr/libexec/qemu-bridge-helper \ - ${libdir}/xen/libexec/qemu-bridge-helper \ - /usr/etc/qemu \ - /usr/etc/qemu/target-x86_64.conf \ - ${libdir}/xen/etc/qemu/target-x86_64.conf \ - ${datadir}/qemu-xen \ - ${datadir}/qemu-xen/qemu \ - ${datadir}/qemu-xen/qemu/bamboo.dtb \ - ${datadir}/qemu-xen/qemu/pxe-pcnet.rom \ - ${datadir}/qemu-xen/qemu/vgabios-vmware.bin \ - ${datadir}/qemu-xen/qemu/pxe-eepro100.rom \ - ${datadir}/qemu-xen/qemu/pxe-e1000.rom \ - ${datadir}/qemu-xen/qemu/openbios-ppc \ - ${datadir}/qemu-xen/qemu/multiboot.bin \ - ${datadir}/qemu-xen/qemu/vgabios-cirrus.bin \ - ${datadir}/qemu-xen/qemu/bios.bin \ - ${datadir}/qemu-xen/qemu/vgabios-stdvga.bin \ - ${datadir}/qemu-xen/qemu/palcode-clipper \ - ${datadir}/qemu-xen/qemu/pxe-ne2k_pci.rom \ - ${datadir}/qemu-xen/qemu/spapr-rtas.bin \ - ${datadir}/qemu-xen/qemu/slof.bin \ - ${datadir}/qemu-xen/qemu/vgabios-qxl.bin \ - ${datadir}/qemu-xen/qemu/pxe-rtl8139.rom \ - ${datadir}/qemu-xen/qemu/openbios-sparc64 \ - ${datadir}/qemu-xen/qemu/pxe-virtio.rom \ - ${datadir}/qemu-xen/qemu/kvmvapic.bin \ - ${datadir}/qemu-xen/qemu/openbios-sparc32 \ - ${datadir}/qemu-xen/qemu/petalogix-s3adsp1800.dtb \ - ${datadir}/qemu-xen/qemu/sgabios.bin \ - ${datadir}/qemu-xen/qemu/linuxboot.bin \ - ${datadir}/qemu-xen/qemu/qemu-icon.bmp \ - ${datadir}/qemu-xen/qemu/ppc_rom.bin \ - ${datadir}/qemu-xen/qemu/vgabios.bin \ - ${datadir}/qemu-xen/qemu/s390-zipl.rom \ - ${datadir}/qemu-xen/qemu/petalogix-ml605.dtb \ - ${datadir}/qemu-xen/qemu/keymaps \ - ${datadir}/qemu-xen/qemu/keymaps/common \ - ${datadir}/qemu-xen/qemu/keymaps/th \ - ${datadir}/qemu-xen/qemu/keymaps/is \ - ${datadir}/qemu-xen/qemu/keymaps/en-gb \ - ${datadir}/qemu-xen/qemu/keymaps/ar \ - ${datadir}/qemu-xen/qemu/keymaps/fr-be \ - ${datadir}/qemu-xen/qemu/keymaps/ru \ - ${datadir}/qemu-xen/qemu/keymaps/hu \ - ${datadir}/qemu-xen/qemu/keymaps/de-ch \ - ${datadir}/qemu-xen/qemu/keymaps/no \ - ${datadir}/qemu-xen/qemu/keymaps/fr \ - ${datadir}/qemu-xen/qemu/keymaps/pl \ - ${datadir}/qemu-xen/qemu/keymaps/fr-ca \ - ${datadir}/qemu-xen/qemu/keymaps/de \ - ${datadir}/qemu-xen/qemu/keymaps/fr-ch \ - ${datadir}/qemu-xen/qemu/keymaps/bepo \ - ${datadir}/qemu-xen/qemu/keymaps/lv \ - ${datadir}/qemu-xen/qemu/keymaps/ja \ - ${datadir}/qemu-xen/qemu/keymaps/da \ - ${datadir}/qemu-xen/qemu/keymaps/lt \ - ${datadir}/qemu-xen/qemu/keymaps/hr \ - ${datadir}/qemu-xen/qemu/keymaps/es \ - ${datadir}/qemu-xen/qemu/keymaps/modifiers \ - ${datadir}/qemu-xen/qemu/keymaps/sl \ - ${datadir}/qemu-xen/qemu/keymaps/it \ - ${datadir}/qemu-xen/qemu/keymaps/nl \ - ${datadir}/qemu-xen/qemu/keymaps/fo \ - ${datadir}/qemu-xen/qemu/keymaps/mk \ - ${datadir}/qemu-xen/qemu/keymaps/pt-br \ - ${datadir}/qemu-xen/qemu/keymaps/tr \ - ${datadir}/qemu-xen/qemu/keymaps/sv \ - ${datadir}/qemu-xen/qemu/keymaps/fi \ - ${datadir}/qemu-xen/qemu/keymaps/en-us \ - ${datadir}/qemu-xen/qemu/keymaps/et \ - ${datadir}/qemu-xen/qemu/keymaps/nl-be \ - ${datadir}/qemu-xen/qemu/keymaps/pt \ - ${bindir}/qemu-nbd-xen \ - ${bindir}/qemu-img-xen \ - " - -FILES_${PN}-remus = "\ - ${bindir}/remus \ - ${sysconfdir}/xen/scripts/remus-netbuf-setup \ - " - -FILES_${PN}-scripts-network = " \ - ${sysconfdir}/xen/scripts/colo-proxy-setup \ - ${sysconfdir}/xen/scripts/network-bridge \ - ${sysconfdir}/xen/scripts/network-nat \ - ${sysconfdir}/xen/scripts/network-route \ - ${sysconfdir}/xen/scripts/qemu-ifup \ - ${sysconfdir}/xen/scripts/vif2 \ - ${sysconfdir}/xen/scripts/vif-bridge \ - ${sysconfdir}/xen/scripts/vif-common.sh \ - ${sysconfdir}/xen/scripts/vif-nat \ - ${sysconfdir}/xen/scripts/vif-openvswitch \ - ${sysconfdir}/xen/scripts/vif-route \ - ${sysconfdir}/xen/scripts/vif-setup \ - " - -FILES_${PN}-scripts-block = " \ - ${sysconfdir}/xen/scripts/blktap \ - ${sysconfdir}/xen/scripts/block \ - ${sysconfdir}/xen/scripts/block-common.sh \ - ${sysconfdir}/xen/scripts/block-dummy \ - ${sysconfdir}/xen/scripts/block-enbd \ - ${sysconfdir}/xen/scripts/block-iscsi \ - ${sysconfdir}/xen/scripts/block-nbd \ - ${sysconfdir}/xen/scripts/block-drbd-probe \ - ${sysconfdir}/xen/scripts/block-tap \ - ${sysconfdir}/xen/scripts/vscsi \ - " - -FILES_${PN}-scripts-common = " \ - ${sysconfdir}/xen/scripts/external-device-migrate \ - ${sysconfdir}/xen/scripts/hotplugpath.sh \ - ${sysconfdir}/xen/scripts/locking.sh \ - ${sysconfdir}/xen/scripts/logging.sh \ - ${sysconfdir}/xen/scripts/xen-hotplug-cleanup \ - ${sysconfdir}/xen/scripts/xen-hotplug-common.sh \ - ${sysconfdir}/xen/scripts/xen-network-common.sh \ - ${sysconfdir}/xen/scripts/xen-script-common.sh \ - " - -INSANE_SKIP_${PN}-shim = "arch" -FILES_${PN}-shim = " \ - ${libdir}/xen/boot/xen-shim \ - " - -FILES_${PN}-volatiles = "\ - ${sysconfdir}/default/volatiles/99_xen \ - ${sysconfdir}/tmpfiles.d/xen.conf \ - " - -FILES_${PN}-xcutils = "\ - ${libdir}/xen/bin/lsevtchn \ - ${libdir}/xen/bin/readnotes \ - ${libdir}/xen/bin/xc_restore \ - ${libdir}/xen/bin/xc_save \ - " - -FILES_${PN}-xend-examples = "\ - ${sysconfdir}/xen/xend-config.sxp \ - ${sysconfdir}/xen/xend-pci-permissive.sxp \ - ${sysconfdir}/xen/xend-pci-quirks.sxp \ - " - -FILES_${PN}-xenpaging = "\ - ${libdir}/xen/bin/xenpaging \ - ${localstatedir}/lib/xen/xenpaging \ - " - -FILES_${PN}-xenpmd = "\ - ${sbindir}/xenpmd \ - " - -FILES_${PN}-xenstat = "\ - ${sbindir}/xentop \ - " - -FILES_${PN}-xenstore = "\ - ${bindir}/xenstore \ - ${bindir}/xenstore-chmod \ - ${bindir}/xenstore-control \ - ${bindir}/xenstore-exists \ - ${bindir}/xenstore-list \ - ${bindir}/xenstore-ls \ - ${bindir}/xenstore-read \ - ${bindir}/xenstore-rm \ - ${bindir}/xenstore-watch \ - ${bindir}/xenstore-write \ - " - -FILES_${PN}-xenstored = "\ - ${sbindir}/xenstored \ - ${localstatedir}/lib/xenstored \ - " - -FILES_${PN}-xentrace = "\ - ${bindir}/xentrace \ - ${bindir}/xentrace_format \ - ${bindir}/xentrace_setsize \ - ${libdir}/xen/bin/xenctx \ - ${bindir}/xenalyze \ - ${sbindir}/xentrace \ - ${sbindir}/xentrace_setsize \ - " - -FILES_${PN}-xen-watchdog = "\ - ${sbindir}/xenwatchdogd \ - ${sysconfdir}/init.d/xen-watchdog \ - ${systemd_unitdir}/system/xen-watchdog.service \ - " - -FILES_${PN}-xl = "\ - ${sysconfdir}/bash_completion.d/xl.sh \ - ${sysconfdir}/xen/xl.conf \ - ${libdir}/xen/bin/libxl-save-helper \ - ${sbindir}/xl \ - ${libdir}/xen/bin/xen-init-dom0 \ - " - -FILES_${PN}-xl-examples = "\ - ${sysconfdir}/xen/xlexample.hvm \ - ${sysconfdir}/xen/xlexample.pvlinux \ - " - -FILES_${PN}-xm-examples = "\ - ${sysconfdir}/xen/xmexample1 \ - ${sysconfdir}/xen/xmexample2 \ - ${sysconfdir}/xen/xmexample3 \ - ${sysconfdir}/xen/xmexample.hvm \ - ${sysconfdir}/xen/xmexample.hvm-stubdom \ - ${sysconfdir}/xen/xmexample.nbd \ - ${sysconfdir}/xen/xmexample.pv-grub \ - ${sysconfdir}/xen/xmexample.vti \ - " - -FILES_${PN}-xenmon = "\ - ${sbindir}/xenbaked \ - ${sbindir}/xentrace_setmask \ - ${sbindir}/xenmon.py \ - " - -FILES_${PN}-xm = "\ - ${sysconfdir}/xen/xm-config.xml \ - ${datadir}/xen/create.dtd \ - ${sbindir}/xm \ - " - -FILES_${PN}-xencommons += "\ - ${sysconfdir}/default/xencommons \ - ${sysconfdir}/init.d/xencommons \ - ${sysconfdir}/xen/scripts/launch-xenstore \ - ${systemd_unitdir}/modules-load.d/xen.conf \ - ${systemd_unitdir}/system/proc-xen.mount \ - ${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service \ - ${systemd_unitdir}/system/xenconsoled.service \ - ${systemd_unitdir}/system/xen-init-dom0.service \ - ${systemd_unitdir}/system/xenstored.service \ - ${systemd_unitdir}/system/var-lib-xenstored.mount \ - " - -FILES_${PN}-xend += " \ - ${sysconfdir}/init.d/xend \ - ${sbindir}/xend \ - " - -FILES_${PN}-xendomains += "\ - ${libdir}/xen/bin/xendomains \ - ${sysconfdir}/default/xendomains \ - ${sysconfdir}/init.d/xendomains \ - ${sysconfdir}/sysconfig/xendomains \ - ${systemd_unitdir}/system/xendomains.service \ - " - -# configure init.d scripts -INITSCRIPT_PACKAGES = "${PN}-xend ${PN}-xencommons ${PN}-xen-watchdog ${PN}-xendomains ${PN}-devd" -INITSCRIPT_NAME_${PN}-xencommons = "xencommons" -INITSCRIPT_PARAMS_${PN}-xencommons = "defaults 80" -INITSCRIPT_NAME_${PN}-xen-watchdog = "xen-watchdog" -INITSCRIPT_PARAMS_${PN}-xen-watchdog = "defaults 81" -INITSCRIPT_NAME_${PN}-xend = "xend" -INITSCRIPT_PARAMS_${PN}-xend = "defaults 82" -INITSCRIPT_NAME_${PN}-xendomains = "xendomains" -INITSCRIPT_PARAMS_${PN}-xendomains = "defaults 83" -INITSCRIPT_NAME_${PN}-devd = "xendriverdomain" -INITSCRIPT_PARAMS_${PN}-devd = "defaults 82" - -# systemd packages -SYSTEMD_PACKAGES = "${PN}-xen-watchdog ${PN}-xencommons ${PN}-xendomains ${PN}-devd" -SYSTEMD_SERVICE_${PN}-devd = "xendriverdomain.service" -SYSTEMD_SERVICE_${PN}-xen-watchdog = "xen-watchdog.service" -SYSTEMD_SERVICE_${PN}-xencommons = " \ - proc-xen.mount \ - var-lib-xenstored.mount \ - xen-qemu-dom0-disk-backend.service \ - xenconsoled.service \ - xen-init-dom0.service \ - xenstored.service \ - " -SYSTEMD_SERVICE_${PN}-xendomains = "xendomains.service" - #### REQUIRED ENVIRONMENT VARIABLES #### export BUILD_SYS export HOST_SYS @@ -823,8 +75,8 @@ libexecdir = "${libdir}" export XEN_OS = "Linux" # this is used for the header (#!${bindir}/python) of the install python scripts -export PYTHONPATH="${bindir}/python" -export ac_cv_path_PYTHONPATH="${bindir}/python" +export PYTHONPATH="${bindir}/env python3" +export ac_cv_path_PYTHONPATH="${bindir}/env python3" export DISTUTILS_BUILD_ARGS export DISTUTILS_INSTALL_ARGS @@ -838,15 +90,27 @@ export CROSS_COMPILE="${TARGET_PREFIX}" # overide LDFLAGS to allow xen to build without: "x86_64-oe-linux-ld: unrecognized option '-Wl,-O1'" export LDFLAGS="" -# Yocto injects -mfpmath=sse for some machine types into the CFLAGS which -# conflicts with -mno-sse so instead we strip -mfpmath=sse instead of -# patching the build to be ok with this -TUNE_CCARGS := "${@oe.utils.str_filter_out('-mfpmath=sse', '${TUNE_CCARGS}', d)}" -TUNE_CCARGS := "${@oe.utils.str_filter_out('-msse4.2', '${TUNE_CCARGS}', d)}" - -# Supply the full set of compiler flags via the tool variables -# Yocto supplys _FORTIFY_SOURCE via CC/CPP/CXX but optimization -O via C*FLAGS -CC_append = " ${CFLAGS}" +# Pass through the Yocto distro compiler flags via the Xen-provided variables. +# Special handling: +# - Yocto supplies the _FORTIFY_SOURCE flag via CC/CPP/CXX but then passes the +# optimization -O via C*FLAGS which is problematic when the CFLAGS are cleared +# within the build because compilation fails with the compiler stating +# "_FORTIFY_SOURCE requires compiling with optimization (-O)". +# - Move HOST_CC_ARCH into the Xen-provided CFLAGS variables and keep +# TOOLCHAIN_OPTIONS set via CC: this enables hvmloader to be built correctly. +# It must not be compiled with SSE compiler options enabled and the Xen build +# explicitly clears CFLAGS to ensure that, so such options must not be passed +# in via the tool variable. hvmloader is required to run HVM-mode guest VMs. +CC="${CCACHE}${HOST_PREFIX}gcc ${TOOLCHAIN_OPTIONS} ${CC_REPRODUCIBLE_OPTIONS}" +EXTRA_CFLAGS_XEN_CORE="${HOST_CC_ARCH} ${CFLAGS}" +EXTRA_CFLAGS_XEN_TOOLS="${HOST_CC_ARCH} ${CFLAGS}" +# 32-bit ARM needs the TUNE_CCARGS component of HOST_CC_ARCH to be passed +# in CC to ensure that configure can compile binaries for the right arch. +CC_arm="${CCACHE}${HOST_PREFIX}gcc ${TUNE_CCARGS} ${TOOLCHAIN_OPTIONS} ${CC_REPRODUCIBLE_OPTIONS}" +EXTRA_CFLAGS_XEN_CORE_arm="${SECURITY_CFLAGS} ${CFLAGS}" +EXTRA_CFLAGS_XEN_TOOLS_arm="${SECURITY_CFLAGS} ${CFLAGS}" + +# There are no Xen-provided variables for C++, so append to the tool variables: CPP_append = " ${CPPFLAGS}" CXX_append = " ${CXXFLAGS}" @@ -891,10 +155,10 @@ EXTRA_OEMAKE += "${@['', 'XEN_WHOAMI=${PF} XEN_DOMAIN=${DISTRO} XEN_BUILD_HOST=$ [d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1']}${@get_build_time_vars(d)}" # Improve build reproducibility: compiler flags to remove filesystem differences. -# Suppress __FILE__ via an alternative builtin. -CC += "${@['', '-gno-record-gcc-switches -Wno-builtin-macro-redefined -D__FILE__=__VERSION__ ' + \ - '-fdebug-prefix-map=${WORKDIR}=${PN}'] \ - [d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1']}" +CC_REPRODUCIBLE_OPTIONS = "${@['', '-gno-record-gcc-switches ' + \ + '-ffile-prefix-map=${S}=${PN}-source ' + \ + '-fdebug-prefix-map=${WORKDIR}=${PN}'] \ + [d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1']}" # check for XSM in package config to allow XSM_ENABLE to be set python () { @@ -928,26 +192,11 @@ do_post_patch() { do_post_patch_append_arm() { # The hypervisor binary must not be built with the hard floating point ABI. - echo "CC := \$(filter-out ${TUNE_CCARGS},\$(CC))" >> ${B}/xen/arch/arm/Rules.mk + echo "CC := \$(filter-out ${TUNE_CCARGS},\$(CC))" >> ${S}/xen/arch/arm/Rules.mk } addtask post_patch after do_patch before do_configure -do_stubs() { - # no stubs-32.h in our 64-bit sysroot - hack it into tools/include/gnu - if ! test -f ${STAGING_DIR_TARGET}/usr/include/gnu/stubs-32.h ; then - if test -f ${STAGING_DIR_TARGET}/usr/include/gnu/stubs-64.h ; then - test -d ${S}/tools/include/gnu || mkdir ${S}/tools/include/gnu - cat ${STAGING_DIR_TARGET}/usr/include/gnu/stubs-64.h | grep -v stub_bdflush | grep -v stub_getmsg | grep -v stub_putmsg > ${S}/tools/include/gnu/stubs-32.h - echo \#define __stub___kernel_cosl >> ${S}/tools/include/gnu/stubs-32.h - echo \#define __stub___kernel_sinl >> ${S}/tools/include/gnu/stubs-32.h - echo \#define __stub___kernel_tanl >> ${S}/tools/include/gnu/stubs-32.h - fi - fi -} - -addtask stubs after do_configure before do_compile - # Allow all hypervisor settings in a defconfig EXTRA_OEMAKE += "XEN_CONFIG_EXPERT=y" # Build release versions always. Technically since we track release @@ -955,7 +204,8 @@ EXTRA_OEMAKE += "XEN_CONFIG_EXPERT=y" # from staging that reverts this EXTRA_OEMAKE += "debug=n" -do_configure() { +do_configure_common() { + cd ${S} #./configure --enable-xsmpolicy does not set XSM_ENABLE must be done manually if [ "${XSM_ENABLED}" = "1" ]; then @@ -967,140 +217,22 @@ do_configure() { bbfatal "Unable to copy defconfig to .config" fi + unset CFLAGS + # do configure - oe_runconf - if [ ! -e ${STAGING_INCDIR}/bits/long-double-32.h ]; then - cp ${STAGING_INCDIR}/bits/long-double-64.h ${STAGING_INCDIR}/bits/long-double-32.h - fi + oe_runconf EXTRA_CFLAGS_XEN_CORE="${EXTRA_CFLAGS_XEN_CORE}" \ + EXTRA_CFLAGS_XEN_TOOLS="${EXTRA_CFLAGS_XEN_TOOLS}" \ + PYTHON="${PYTHON}" } -do_compile() { +do_compile_prepend() { # workaround for build bug when CFLAGS is exported # https://www.mail-archive.com/xen-devel@lists.xen.org/msg67822.html unset CFLAGS - - # Workaround for parallel build bug: build xen first. - # https://lists.xenproject.org/archives/html/xen-devel/2018-07/msg02551.html - oe_runmake xen - oe_runmake } -do_install() { +do_install_prepend() { # CFLAGS is used to set PY_CFLAGS which affects the pygrub install # so also need to unset CFLAGS here: unset CFLAGS - oe_runmake DESTDIR="${D}" install - - # remove installed volatiles - rm -rf ${D}${localstatedir}/run \ - ${D}${localstatedir}/lock \ - ${D}${localstatedir}/log \ - ${D}${localstatedir}/volatile \ - ${D}${localstatedir}/lib/xen - - VOLATILE_DIRS=" \ - ${localstatedir}/run/xenstored \ - ${localstatedir}/run/xend \ - ${localstatedir}/run/xend/boot \ - ${localstatedir}/run/xen \ - ${localstatedir}/log/xen \ - ${localstatedir}/lock/xen \ - ${localstatedir}/lock/subsys \ - ${localstatedir}/lib/xen \ - " - - # install volatiles using populate_volatiles mechanism - install -d ${D}${sysconfdir}/default/volatiles - for i in $VOLATILE_DIRS; do - echo "d root root 0755 $i none" >> ${D}${sysconfdir}/default/volatiles/99_xen - done - - # workaround for xendomains script which searchs sysconfig if directory exists - install -d ${D}${sysconfdir}/sysconfig - ln -sf ${sysconfdir}/default/xendomains ${D}${sysconfdir}/sysconfig/xendomains - - # systemd - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - # install volatiles using systemd tmpfiles.d - install -d ${D}${sysconfdir}/tmpfiles.d - for i in $VOLATILE_DIRS; do - echo "d $i 0755 root root - -" >> ${D}${sysconfdir}/tmpfiles.d/xen.conf - done - fi - - # fixup default path to qemu-system-i386 - sed -i 's#\(test -z "$QEMU_XEN" && QEMU_XEN=\).*$#\1"/usr/bin/qemu-system-i386"#' ${D}/etc/init.d/xencommons - - if [ -e ${D}${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service ]; then - sed -i 's#ExecStart=.*qemu-system-i386\(.*\)$#ExecStart=/usr/bin/qemu-system-i386\1#' \ - ${D}${systemd_unitdir}/system/xen-qemu-dom0-disk-backend.service - fi -} - -pkg_postinst_${PN}-volatiles() { - if [ -z "$D" ]; then - if command -v systemd-tmpfiles >/dev/null; then - systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/xen.conf - elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then - ${sysconfdir}/init.d/populate-volatile.sh update - fi - fi -} - -do_deploy() { - install -d ${DEPLOYDIR} - - if [ -f ${D}/boot/xen ]; then - install -m 0644 ${D}/boot/xen ${DEPLOYDIR}/xen-${MACHINE} - fi - - if [ -f ${D}/boot/xen.gz ]; then - install -m 0644 ${D}/boot/xen.gz ${DEPLOYDIR}/xen-${MACHINE}.gz - fi - - if [ -f ${D}/usr/lib64/efi/xen.efi ]; then - install -m 0644 ${D}/usr/lib64/efi/xen.efi ${DEPLOYDIR}/xen-${MACHINE}.efi - fi - - # Install the flask policy in the deploy directory if it exists - if [ -f ${D}/boot/${FLASK_POLICY_FILE} ]; then - install -m 0644 ${D}/boot/${FLASK_POLICY_FILE} ${DEPLOYDIR} - ln -sf ${FLASK_POLICY_FILE} ${DEPLOYDIR}/xenpolicy-${MACHINE} - fi -} - -addtask deploy after do_populate_sysroot - -# Enable use of menuconfig directly from bitbake and also within the devshell -OE_TERMINAL_EXPORTS += "HOST_EXTRACFLAGS HOSTLDFLAGS TERMINFO" -HOST_EXTRACFLAGS = "${BUILD_CFLAGS} ${BUILD_LDFLAGS}" -HOSTLDFLAGS = "${BUILD_LDFLAGS}" -TERMINFO = "${STAGING_DATADIR_NATIVE}/terminfo" -do_devshell[depends] += "ncurses-native:do_populate_sysroot" - -KCONFIG_CONFIG_COMMAND ??= "menuconfig" -python do_menuconfig() { - import shutil - - try: - mtime = os.path.getmtime("xen/.config") - shutil.copy("xen/.config", "xen/.config.orig") - except OSError: - mtime = 0 - - oe_terminal("${SHELL} -c \"cd xen; XEN_CONFIG_EXPERT=y make %s; if [ \$? -ne 0 ]; then echo 'Command failed.'; printf 'Press any key to continue... '; read r; fi\"" % d.getVar('KCONFIG_CONFIG_COMMAND'), - d.getVar('PN') + ' Configuration', d) - - try: - newmtime = os.path.getmtime("xen/.config") - except OSError: - newmtime = 0 - - if newmtime > mtime: - bb.note("Configuration changed, recompile will be forced") - bb.build.write_taint('do_compile', d) } -do_menuconfig[depends] += "ncurses-native:do_populate_sysroot" -do_menuconfig[nostamp] = "1" -do_menuconfig[dirs] = "${B}" -addtask menuconfig after do_configure diff --git a/external/meta-virtualization/recipes-extended/xen/xen_4.11.0.bb b/external/meta-virtualization/recipes-extended/xen/xen_4.11.0.bb deleted file mode 100644 index 870caa72..00000000 --- a/external/meta-virtualization/recipes-extended/xen/xen_4.11.0.bb +++ /dev/null @@ -1,16 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/files:" -require xen.inc - -SRC_URI = " \ - https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \ - file://tools-xentop-vwprintw.patch \ - file://xen-4.11-arm-acpi-fix-string-lengths.patch \ - file://xen-tools-xenpmd-snprintf.patch \ - file://xen-disable-sse-before-inlines.patch \ - file://0001-python-pygrub-pass-DISTUTILS-env-vars-as-setup.py-ar.patch \ - " - -SRC_URI[md5sum] = "cbec0600284921744bc14119f4ed3fff" -SRC_URI[sha256sum] = "826e3a9f6d0eac94a825d272cc2c1294e22640ae75af906eb13920f9ad667643" - -S = "${WORKDIR}/xen-${PV}" diff --git a/external/meta-virtualization/recipes-extended/xen/xen_git.bb b/external/meta-virtualization/recipes-extended/xen/xen_git.bb index 0ebd81ce..a7475ac3 100644 --- a/external/meta-virtualization/recipes-extended/xen/xen_git.bb +++ b/external/meta-virtualization/recipes-extended/xen/xen_git.bb @@ -1,19 +1,15 @@ -require xen.inc +SRCREV ?= "a5fcafbfbee55261853fba07149c1c795f2baf58" + +XEN_REL ?= "4.12" +XEN_BRANCH ?= "stable-${XEN_REL}" -SRCREV ?= "2b50cdbc444c637575580dcfa6c9525a84d5cc62" +SRC_URI = "git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH}" -XEN_REL = "4.12" -XEN_BRANCH = "staging" -FLASK_POLICY_FILE = "xenpolicy-${XEN_REL}-unstable" +LIC_FILES_CHKSUM ?= "file://COPYING;md5=bbb4b1bdc2c3b6743da3c39d03249095" PV = "${XEN_REL}+git${SRCPV}" S = "${WORKDIR}/git" -SRC_URI = " \ - git://xenbits.xen.org/xen.git;branch=${XEN_BRANCH} \ - file://xen-disable-sse-before-inlines.patch \ - file://0001-python-pygrub-pass-DISTUTILS-env-vars-as-setup.py-ar.patch \ - " - -DEFAULT_PREFERENCE = "-1" +require xen.inc +require xen-hypervisor.inc diff --git a/external/meta-virtualization/recipes-extended/xvisor/files/0001-TESTS-Don-t-specify-mabi-or-march-for-RISC-V.patch b/external/meta-virtualization/recipes-extended/xvisor/files/0001-TESTS-Don-t-specify-mabi-or-march-for-RISC-V.patch new file mode 100644 index 00000000..2e53943f --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xvisor/files/0001-TESTS-Don-t-specify-mabi-or-march-for-RISC-V.patch @@ -0,0 +1,34 @@ +From 022c885d077dce6fad3eca5fd2f54b2070c375d2 Mon Sep 17 00:00:00 2001 +From: Alistair Francis <alistair.francis@wdc.com> +Date: Fri, 17 May 2019 14:21:44 -0700 +Subject: [PATCH] TESTS: Don't specify mabi or march for RISC-V + +To avoid + can't link double-float modules with soft-float modules +errors when building 32-bit baremetal guests don't specify mabi +or march. + +Upstream-Status: Inappropriate [Fixes a 32-bit Yocto flow bug] +Signed-off-by: Alistair Francis <alistair.francis@wdc.com> +--- + tests/riscv/common/basic/Makefile.inc | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tests/riscv/common/basic/Makefile.inc b/tests/riscv/common/basic/Makefile.inc +index 9fa5abed..f3ff1864 100644 +--- a/tests/riscv/common/basic/Makefile.inc ++++ b/tests/riscv/common/basic/Makefile.inc +@@ -24,8 +24,8 @@ + ARCH_CPPFLAGS=$(board_cppflags) -DFIRMWARE_BOOT + ARCH_CPPFLAGS+=-DTEXT_START=$(board_text_start) + ifeq ($(board_32bit),y) +-ARCH_CFLAGS=$(board_cflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mabi=ilp32 -march=rv32imafdc -mcmodel=medany +-ARCH_ASFLAGS=$(board_asflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mabi=ilp32 -march=rv32imafdc -mcmodel=medany ++ARCH_CFLAGS=$(board_cflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mcmodel=medany ++ARCH_ASFLAGS=$(board_asflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mcmodel=medany + else + ARCH_CFLAGS=$(board_cflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mabi=lp64 -march=rv64imafdc -mcmodel=medany + ARCH_ASFLAGS=$(board_asflags) -fno-omit-frame-pointer -fno-optimize-sibling-calls -mno-save-restore -mstrict-align -mabi=lp64 -march=rv64imafdc -mcmodel=medany +-- +2.21.0 + diff --git a/external/meta-virtualization/recipes-extended/xvisor/xvisor-configs.inc b/external/meta-virtualization/recipes-extended/xvisor/xvisor-configs.inc new file mode 100644 index 00000000..099128dd --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xvisor/xvisor-configs.inc @@ -0,0 +1,25 @@ +def get_oemake_config(d): + plat = d.getVar('XVISOR_PLAT') + + if plat is None: + return "" + + if 'riscv/virt32' in plat: + return "generic-32b-defconfig" + if 'riscv/virt64' in plat: + return "generic-64b-defconfig" + + return "" + +def map_xvisor_arch(a, d): + import re + + if re.match('(i.86|x86.64)$', a): return 'x86' + elif re.match('armeb$', a): return 'arm' + elif re.match('aarch64$', a): return 'arm' + elif re.match('aarch64_be$', a): return 'arm' + elif re.match('aarch64_ilp32$', a): return 'arm' + elif re.match('aarch64_be_ilp32$', a): return 'arm' + elif re.match('riscv(32|64|)(eb|)$', a): return 'riscv' + else: + bb.error("cannot map '%s' to a Xvisor architecture" % a) diff --git a/external/meta-virtualization/recipes-extended/xvisor/xvisor_0.3.0.bb b/external/meta-virtualization/recipes-extended/xvisor/xvisor_0.3.0.bb new file mode 100644 index 00000000..66ad6187 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/xvisor/xvisor_0.3.0.bb @@ -0,0 +1,44 @@ +SUMMARY = "Xvisor is an open-source type-1 hypervisor, which aims at providing a monolithic, light-weight, portable, and flexible virtualization solution." +DESCRIPTION = "Xvisor primarily supports Full virtualization hence, supports a wide range of unmodified guest operating systems. Paravirtualization is optional for Xvisor and will be supported in an architecture independent manner (such as VirtIO PCI/MMIO devices) to ensure no-change in guest OS for using paravirtualization." +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" +DEPENDS += "dtc-native dosfstools-native mtools-native" + +require xvisor-configs.inc + +inherit autotools-brokensep + +SRCREV = "58592ef18c71526a0045935d1e8eed5e8553b7d6" +SRC_URI = "git://github.com/xvisor/xvisor.git \ + file://0001-TESTS-Don-t-specify-mabi-or-march-for-RISC-V.patch \ + " + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE += "ARCH=\"${@map_xvisor_arch(d.getVar('TARGET_ARCH'), d)}\" I=${D}" + +CONFIG = "${@get_oemake_config(d)}" + +do_configure() { + oe_runmake ${CONFIG} +} + +do_install_append() { + install -d ${D} + install -m 755 ${B}/build/vmm.* ${D}/ + + # We don't need this + rm ${D}/system.map +} + +do_deploy () { + install -d ${DEPLOY_DIR_IMAGE} + install -m 755 ${D}/vmm.* ${DEPLOY_DIR_IMAGE}/ +} + +addtask deploy after do_install + +FILES_${PN} += "/vmm.*" + +COMPATIBLE_HOST = "(riscv64|riscv32).*" +INHIBIT_PACKAGE_STRIP = "1" diff --git a/external/meta-virtualization/recipes-graphics/xorg-xserver/xserver-xorg_%.bbappend b/external/meta-virtualization/recipes-graphics/xorg-xserver/xserver-xorg_%.bbappend index 95034045..f5ae9033 100644 --- a/external/meta-virtualization/recipes-graphics/xorg-xserver/xserver-xorg_%.bbappend +++ b/external/meta-virtualization/recipes-graphics/xorg-xserver/xserver-xorg_%.bbappend @@ -1,13 +1,2 @@ -# Change the default Xserver OpenGL configuration for non-x86 distros with Xen: deselect 'glamor'. -# This removes the dependency on libegl to simplify the domU build. -# -# To override this (eg. if wanted for dom0 images) define: -# REMOVED_OPENGL_PKGCONFIGS = "" +require ${@bb.utils.contains('DISTRO_FEATURES', 'xen', '${BPN}_xen.inc', '', d)} -XEN_REMOVED_OPENGL_PKGCONFIGS ?= "glamor" -XEN_REMOVED_OPENGL_PKGCONFIGS_x86 = "" -XEN_REMOVED_OPENGL_PKGCONFIGS_x86-64 = "" - -REMOVED_OPENGL_PKGCONFIGS ?= "${@bb.utils.contains('DISTRO_FEATURES', 'xen', "${XEN_REMOVED_OPENGL_PKGCONFIGS}", '', d)}" - -OPENGL_PKGCONFIGS_remove = "${REMOVED_OPENGL_PKGCONFIGS}" diff --git a/external/meta-virtualization/recipes-graphics/xorg-xserver/xserver-xorg_xen.inc b/external/meta-virtualization/recipes-graphics/xorg-xserver/xserver-xorg_xen.inc new file mode 100644 index 00000000..95034045 --- /dev/null +++ b/external/meta-virtualization/recipes-graphics/xorg-xserver/xserver-xorg_xen.inc @@ -0,0 +1,13 @@ +# Change the default Xserver OpenGL configuration for non-x86 distros with Xen: deselect 'glamor'. +# This removes the dependency on libegl to simplify the domU build. +# +# To override this (eg. if wanted for dom0 images) define: +# REMOVED_OPENGL_PKGCONFIGS = "" + +XEN_REMOVED_OPENGL_PKGCONFIGS ?= "glamor" +XEN_REMOVED_OPENGL_PKGCONFIGS_x86 = "" +XEN_REMOVED_OPENGL_PKGCONFIGS_x86-64 = "" + +REMOVED_OPENGL_PKGCONFIGS ?= "${@bb.utils.contains('DISTRO_FEATURES', 'xen', "${XEN_REMOVED_OPENGL_PKGCONFIGS}", '', d)}" + +OPENGL_PKGCONFIGS_remove = "${REMOVED_OPENGL_PKGCONFIGS}" diff --git a/external/meta-virtualization/recipes-kernel/linux/linux-%.bbappend b/external/meta-virtualization/recipes-kernel/linux/linux-%.bbappend new file mode 100644 index 00000000..2a2335bc --- /dev/null +++ b/external/meta-virtualization/recipes-kernel/linux/linux-%.bbappend @@ -0,0 +1,10 @@ +# any kernel recipe with fragment support, that sets LINUX_VERSION to one of the tested +# values, will get the appropriate fragments included in their SRC_URI + +LINUX_MAJOR = "${@(d.getVar('LINUX_VERSION') or "x.y").split('.')[0]}" +LINUX_MINOR = "${@(d.getVar('LINUX_VERSION') or "x.y").split('.')[1]}" + +include ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', 'linux-yocto_${LINUX_MAJOR}.${LINUX_MINOR}_virtualization.inc', '', d)} + + + diff --git a/external/meta-virtualization/recipes-kernel/linux/linux-yocto_4.18.bbappend b/external/meta-virtualization/recipes-kernel/linux/linux-yocto-dev.bbappend index 617caccb..20eeba95 100644 --- a/external/meta-virtualization/recipes-kernel/linux/linux-yocto_4.18.bbappend +++ b/external/meta-virtualization/recipes-kernel/linux/linux-yocto-dev.bbappend @@ -1 +1 @@ -require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', '${BPN}_virtualization.inc', '', d)} +require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', 'linux-yocto_virtualization.inc', '', d)} diff --git a/external/meta-virtualization/recipes-kernel/linux/linux-yocto/docker.cfg b/external/meta-virtualization/recipes-kernel/linux/linux-yocto/docker.cfg index 4ee8e369..79012a6a 100644 --- a/external/meta-virtualization/recipes-kernel/linux/linux-yocto/docker.cfg +++ b/external/meta-virtualization/recipes-kernel/linux/linux-yocto/docker.cfg @@ -1,7 +1,7 @@ CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m CONFIG_IP_NF_FILTER=m CONFIG_NF_NAT=m -CONFIG_NF_CONNTRACK_IPV4=y +CONFIG_NF_CONNTRACK=y CONFIG_DM_THIN_PROVISIONING=m diff --git a/external/meta-virtualization/recipes-kernel/linux/linux-yocto/lxc.cfg b/external/meta-virtualization/recipes-kernel/linux/linux-yocto/lxc.cfg index c25d60f9..3fefc034 100644 --- a/external/meta-virtualization/recipes-kernel/linux/linux-yocto/lxc.cfg +++ b/external/meta-virtualization/recipes-kernel/linux/linux-yocto/lxc.cfg @@ -1,8 +1,7 @@ CONFIG_CGROUP_DEVICE=y CONFIG_CPUSETS=y CONFIG_PROC_PID_CPUSET=y -CONFIG_RESOURCE_COUNTERS=y -CONFIG_CGROUP_MEM_RES_CTLR=y +CONFIG_MEMCG=y CONFIG_CGROUP_SCHED=y CONFIG_FAIR_GROUP_SCHED=y CONFIG_RT_GROUP_SCHED=y @@ -14,25 +13,12 @@ CONFIG_USER_NS=y CONFIG_PID_NS=y CONFIG_NET_NS=y -CONFIG_CLS_CGROUP=m +CONFIG_NET_CLS_CGROUP=m CONFIG_BLK_CGROUP=y -CONFIG_NETPRIO_CGROUP=m - -CONFIG_DEVPTS_MULTIPLE_INSTANCES=y +CONFIG_CGROUP_NET_PRIO=y # Virtual drivers -CONFIG_VIRTIO_BLK=y -CONFIG_SCSI_VIRTIO=y -CONFIG_VIRTIO_NET=m CONFIG_HVC_DRIVER=y -CONFIG_VIRTIO_CONSOLE=y -CONFIG_HW_RANDOM_VIRTIO=m -CONFIG_VIRTIO=y -CONFIG_VIRTIO_RING=y -CONFIG_VIRTIO_PCI=y -CONFIG_VIRTIO_BALLOON=y -CONFIG_VIRTIO_MMIO=y - # Base support for live boot CONFIG_BLK_DEV_LOOP=y @@ -44,3 +30,4 @@ CONFIG_RD_GZIP=y # Support for virtual ethernet and LXC CONFIG_VETH=y CONFIG_MACVLAN=y +CONFIG_VXLAN=m diff --git a/external/meta-virtualization/recipes-kernel/linux/linux-yocto/xen.cfg b/external/meta-virtualization/recipes-kernel/linux/linux-yocto/xen.cfg index 4780311d..af821d2f 100644 --- a/external/meta-virtualization/recipes-kernel/linux/linux-yocto/xen.cfg +++ b/external/meta-virtualization/recipes-kernel/linux/linux-yocto/xen.cfg @@ -3,7 +3,6 @@ CONFIG_PARAVIRT=y CONFIG_XEN=y CONFIG_XEN_DOM0=y CONFIG_XEN_PVHVM=y -CONFIG_XEN_MAX_DOMAIN_MEMORY=500 CONFIG_XEN_SAVE_RESTORE=y # CONFIG_XEN_DEBUG_FS is not set CONFIG_XEN_PVH=y @@ -30,7 +29,7 @@ CONFIG_FB_SYS_FOPS=y CONFIG_FB_DEFERRED_IO=y CONFIG_XEN_FBDEV_FRONTEND=y CONFIG_XEN_BALLOON=y -CONFIG_XEN_SCRUB_PAGES=y +CONFIG_XEN_SCRUB_PAGES_DEFAULT=y CONFIG_XEN_DEV_EVTCHN=y CONFIG_XEN_BACKEND=y CONFIG_XENFS=y diff --git a/external/meta-virtualization/recipes-kernel/linux/linux-yocto_5.4_virtualization.inc b/external/meta-virtualization/recipes-kernel/linux/linux-yocto_5.4_virtualization.inc new file mode 100644 index 00000000..59311487 --- /dev/null +++ b/external/meta-virtualization/recipes-kernel/linux/linux-yocto_5.4_virtualization.inc @@ -0,0 +1,4 @@ +# include the baseline meta virtualization configuration options +# after this include, we can do version specific things + +include linux-yocto_virtualization.inc diff --git a/external/meta-virtualization/recipes-kernel/linux/linux-yocto_virtualization.inc b/external/meta-virtualization/recipes-kernel/linux/linux-yocto_virtualization.inc index 5d3cbc66..f050b3fa 100644 --- a/external/meta-virtualization/recipes-kernel/linux/linux-yocto_virtualization.inc +++ b/external/meta-virtualization/recipes-kernel/linux/linux-yocto_virtualization.inc @@ -14,5 +14,7 @@ KERNEL_MODULE_AUTOLOAD += "${@bb.utils.contains('DISTRO_FEATURES', 'kvm', 'kvm', # aufs kernel support required for xen-image-minimal KERNEL_FEATURES_append += "${@bb.utils.contains('DISTRO_FEATURES', 'aufs', ' features/aufs/aufs-enable.scc', '', d)}" +KERNEL_FEATURES_append = " cfg/virtio.scc" + # xen kernel support SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'xen', ' file://xen.scc', '', d)}" diff --git a/external/meta-virtualization/recipes-networking/cni/cni_git.bb b/external/meta-virtualization/recipes-networking/cni/cni_git.bb index f7a7597b..3ad939bd 100644 --- a/external/meta-virtualization/recipes-networking/cni/cni_git.bb +++ b/external/meta-virtualization/recipes-networking/cni/cni_git.bb @@ -9,11 +9,12 @@ Because of this focus, CNI has a wide range of support and the specification \ is simple to implement. \ " -SRCREV_cni = "cc562d1b44b3d00b8c341250d49a8a0823a1c085" -SRCREV_plugins = "9abd20edd6c83385ff6c2a6e6ff265158059e723" +SRCREV_cni = "4cfb7b568922a3c79a23e438dc52fe537fc9687e" +# Version 0.8.5 +SRCREV_plugins = "1f33fb729ae2b8900785f896df2dc1f6fe5e8239" SRC_URI = "\ git://github.com/containernetworking/cni.git;nobranch=1;name=cni \ - git://github.com/containernetworking/plugins.git;nobranch=1;destsuffix=plugins;name=plugins \ + git://github.com/containernetworking/plugins.git;nobranch=1;destsuffix=${S}/src/github.com/containernetworking/plugins;name=plugins \ " RPROVIDES_${PN} += "kubernetes-cni" @@ -23,76 +24,47 @@ LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=fa818a259cbed7ce8bc2a22d35a464 GO_IMPORT = "import" -PV = "0.6.0+git${SRCREV_cni}" +PV = "0.7.1+git${SRCREV_cni}" inherit go inherit goarch do_compile() { - export GOARCH="${TARGET_GOARCH}" - export GOROOT="${STAGING_LIBDIR_NATIVE}/${TARGET_SYS}/go" - export GOPATH="${S}/src/import:${S}/src/import/vendor" - - # Pass the needed cflags/ldflags so that cgo - # can find the needed headers files and libraries - export CGO_ENABLED="1" - export CFLAGS="" - export LDFLAGS="" - export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" - - # link fixups for compilation - rm -f ${S}/src/import/vendor/src - mkdir -p ${S}/src/import/vendor/ - ln -sf ./ ${S}/src/import/vendor/src - rm -rf ${S}/src/import/plugins - rm -rf ${S}/src/import/vendor/github.com/containernetworking/plugins - - mkdir -p ${S}/src/import/vendor/github.com/containernetworking/cni - - ln -sf ../../../../libcni ${S}/src/import/vendor/github.com/containernetworking/cni/libcni - ln -sf ../../../../pkg ${S}/src/import/vendor/github.com/containernetworking/cni/pkg - ln -sf ../../../../cnitool ${S}/src/import/vendor/github.com/containernetworking/cni/cnitool - ln -sf ${WORKDIR}/plugins ${S}/src/import/vendor/github.com/containernetworking/plugins - - export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go" - export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go" - - # Pass the needed cflags/ldflags so that cgo - # can find the needed headers files and libraries - export CGO_ENABLED="1" - export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" - - cd ${S}/src/import/vendor/github.com/containernetworking/cni/libcni - go build - - cd ${S}/src/import/vendor/github.com/containernetworking/cni/cnitool - go build - - cd ${S}/src/import/vendor/github.com/containernetworking/plugins/ - PLUGINS="$(ls -d plugins/meta/*; ls -d plugins/main/* | grep -v windows)" - mkdir -p ${WORKDIR}/plugins/bin/ + mkdir -p ${S}/src/github.com/containernetworking + ln -sfr ${S}/src/import ${S}/src/github.com/containernetworking/cni + + cd ${B}/src/github.com/containernetworking/cni/libcni + ${GO} build + + cd ${B}/src/github.com/containernetworking/cni/cnitool + ${GO} build + + cd ${B}/src/github.com/containernetworking/plugins + PLUGINS="$(ls -d plugins/meta/*; ls -d plugins/ipam/*; ls -d plugins/main/* | grep -v windows)" + mkdir -p ${B}/plugins/bin/ for p in $PLUGINS; do plugin="$(basename "$p")" echo "building: $p" - go build -o ${WORKDIR}/plugins/bin/$plugin github.com/containernetworking/plugins/$p + ${GO} build -mod=vendor -o ${B}/plugins/bin/$plugin github.com/containernetworking/plugins/$p done } do_install() { - localbindir="/opt/cni/bin" + localbindir="${libexecdir}/cni/" install -d ${D}${localbindir} install -d ${D}/${sysconfdir}/cni/net.d install -m 755 ${S}/src/import/cnitool/cnitool ${D}/${localbindir} - install -m 755 -D ${WORKDIR}/plugins/bin/* ${D}/${localbindir} + install -m 755 -D ${B}/plugins/bin/* ${D}/${localbindir} + + # Parts of k8s expect the cni binaries to be available in /opt/cni + install -d ${D}/opt/cni + ln -sf ${libexecdir}/cni/ ${D}/opt/cni/bin } -FILES_${PN} += "/opt/cni/bin/*" +FILES_${PN} += "${libexecdir}/cni/* /opt/cni/bin" -INHIBIT_PACKAGE_STRIP = "1" INSANE_SKIP_${PN} += "ldflags already-stripped" deltask compile_ptest_base diff --git a/external/meta-virtualization/recipes-networking/netns/files/0001-Allow-selection-of-go-compiler.patch b/external/meta-virtualization/recipes-networking/netns/files/0001-Allow-selection-of-go-compiler.patch deleted file mode 100644 index 84fb9a43..00000000 --- a/external/meta-virtualization/recipes-networking/netns/files/0001-Allow-selection-of-go-compiler.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 6576f228339b7931e05a8e861f085f483817806b Mon Sep 17 00:00:00 2001 -From: Paul Barker <pbarker@toganlabs.com> -Date: Tue, 8 May 2018 11:01:14 +0000 -Subject: [PATCH] Allow selection of go compiler - -By running `make GO=/path/to/go` we can now select the appropriate go compiler -to use. This also makes it possible to cross compile netns more easily. - -Signed-off-by: Paul Barker <pbarker@toganlabs.com> -Upstream-status: Pending ---- - Makefile | 25 ++++++++++++++----------- - 1 file changed, 14 insertions(+), 11 deletions(-) - -diff --git a/Makefile b/Makefile -index 3a22f3e..476cb9b 100644 ---- a/src/import/Makefile -+++ b/src/import/Makefile -@@ -23,6 +23,9 @@ CTIMEVAR=-X $(PKG)/version.GITCOMMIT=$(GITCOMMIT) -X $(PKG)/version.VERSION=$(VE - GO_LDFLAGS=-ldflags "-w $(CTIMEVAR)" - GO_LDFLAGS_STATIC=-ldflags "-w $(CTIMEVAR) -extldflags -static" - -+# Set our default go compiler -+GO := go -+ - # List the GOOS and GOARCH to build - GOOSARCHES = linux/arm linux/arm64 linux/amd64 linux/386 - -@@ -33,12 +36,12 @@ build: $(NAME) ## Builds a dynamic executable or package - - $(NAME): *.go VERSION.txt - @echo "+ $@" -- go build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) . -+ $(GO) build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) . - - .PHONY: static - static: ## Builds a static executable - @echo "+ $@" -- CGO_ENABLED=0 go build \ -+ CGO_ENABLED=0 $(GO) build \ - -tags "$(BUILDTAGS) static_build" \ - ${GO_LDFLAGS_STATIC} -o $(NAME) . - -@@ -55,23 +58,23 @@ lint: ## Verifies `golint` passes - .PHONY: test - test: ## Runs the go tests - @echo "+ $@" -- @go test -v -tags "$(BUILDTAGS) cgo" $(shell go list ./... | grep -v vendor) -+ @$(GO) test -v -tags "$(BUILDTAGS) cgo" $(shell $(GO) list ./... | grep -v vendor) - - .PHONY: vet - vet: ## Verifies `go vet` passes - @echo "+ $@" -- @go vet $(shell go list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr -+ @$(GO) vet $(shell $(GO) list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr - - .PHONY: staticcheck - staticcheck: ## Verifies `staticcheck` passes - @echo "+ $@" -- @staticcheck $(shell go list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr -+ @staticcheck $(shell $(GO) list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr - - .PHONY: cover - cover: ## Runs go test with coverage - @echo "" > coverage.txt -- @for d in $(shell go list ./... | grep -v vendor); do \ -- go test -race -coverprofile=profile.out -covermode=atomic "$$d"; \ -+ @for d in $(shell $(GO) list ./... | grep -v vendor); do \ -+ $(GO) test -race -coverprofile=profile.out -covermode=atomic "$$d"; \ - if [ -f profile.out ]; then \ - cat profile.out >> coverage.txt; \ - rm profile.out; \ -@@ -81,11 +84,11 @@ cover: ## Runs go test with coverage - .PHONY: install - install: ## Installs the executable or package - @echo "+ $@" -- go install -a -tags "$(BUILDTAGS)" ${GO_LDFLAGS} . -+ $(GO) install -a -tags "$(BUILDTAGS)" ${GO_LDFLAGS} . - - define buildpretty - mkdir -p $(BUILDDIR)/$(1)/$(2); --GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \ -+GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 $(GO) build \ - -o $(BUILDDIR)/$(1)/$(2)/$(NAME) \ - -a -tags "$(BUILDTAGS) static_build netgo" \ - -installsuffix netgo ${GO_LDFLAGS_STATIC} .; -@@ -99,7 +102,7 @@ cross: *.go VERSION.txt ## Builds the cross-compiled binaries, creating a clean - $(foreach GOOSARCH,$(GOOSARCHES), $(call buildpretty,$(subst /,,$(dir $(GOOSARCH))),$(notdir $(GOOSARCH)))) - - define buildrelease --GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \ -+GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 $(GO) build \ - -o $(BUILDDIR)/$(NAME)-$(1)-$(2) \ - -a -tags "$(BUILDTAGS) static_build netgo" \ - -installsuffix netgo ${GO_LDFLAGS_STATIC} .; -@@ -115,7 +118,7 @@ release: *.go VERSION.txt ## Builds the cross-compiled binaries, naming them in - .PHONY: bump-version - BUMP := patch - bump-version: ## Bump the version in the version file. Set BUMP to [ patch | major | minor ] -- @go get -u github.com/jessfraz/junk/sembump # update sembump tool -+ @$(GO) get -u github.com/jessfraz/junk/sembump # update sembump tool - $(eval NEW_VERSION = $(shell sembump --kind $(BUMP) $(VERSION))) - @echo "Bumping VERSION.txt from $(VERSION) to $(NEW_VERSION)" - echo $(NEW_VERSION) > VERSION.txt --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-networking/netns/files/0001-Use-correct-go-cross-compiler.patch b/external/meta-virtualization/recipes-networking/netns/files/0001-Use-correct-go-cross-compiler.patch deleted file mode 100644 index ed66e11b..00000000 --- a/external/meta-virtualization/recipes-networking/netns/files/0001-Use-correct-go-cross-compiler.patch +++ /dev/null @@ -1,77 +0,0 @@ -From d5c319bb61155d94bef2571a095d82983d786b94 Mon Sep 17 00:00:00 2001 -From: Paul Barker <pbarker@toganlabs.com> -Date: Fri, 13 Oct 2017 17:58:11 +0000 -Subject: [PATCH] Use correct go cross-compiler - -Signed-off-by: Paul Barker <pbarker@toganlabs.com> -Upstream-status: Pending ---- - Makefile | 16 ++++++++-------- - 1 file changed, 8 insertions(+), 8 deletions(-) - -diff --git a/Makefile b/Makefile -index cb9a46d..633f884 100644 ---- a/src/import/Makefile -+++ b/src/import/Makefile -@@ -33,12 +33,12 @@ build: $(NAME) ## Builds a dynamic executable or package - - $(NAME): *.go VERSION - @echo "+ $@" -- go build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) . -+ $(GO) build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) . - - .PHONY: static - static: ## Builds a static executable - @echo "+ $@" -- CGO_ENABLED=0 go build \ -+ CGO_ENABLED=0 $(GO) build \ - -tags "$(BUILDTAGS) static_build" \ - ${GO_LDFLAGS_STATIC} -o $(NAME) . - -@@ -55,21 +55,21 @@ lint: ## Verifies `golint` passes - .PHONY: test - test: ## Runs the go tests - @echo "+ $@" -- @go test -v -tags "$(BUILDTAGS) cgo" $(shell go list ./... | grep -v vendor) -+ @$(GO) test -v -tags "$(BUILDTAGS) cgo" $(shell $(GO) list ./... | grep -v vendor) - - .PHONY: vet - vet: ## Verifies `go vet` passes - @echo "+ $@" -- @go vet $(shell go list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr -+ @$(GO) vet $(shell $(GO) list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr - - .PHONY: install - install: ## Installs the executable or package - @echo "+ $@" -- @go install . -+ @$(GO) install . - - define buildpretty - mkdir -p $(BUILDDIR)/$(1)/$(2); --GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \ -+GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 $(GO) build \ - -o $(BUILDDIR)/$(1)/$(2)/$(NAME) \ - -a -tags "$(BUILDTAGS) static_build netgo" \ - -installsuffix netgo ${GO_LDFLAGS_STATIC} .; -@@ -83,7 +83,7 @@ cross: *.go VERSION ## Builds the cross-compiled binaries, creating a clean dire - $(foreach GOOSARCH,$(GOOSARCHES), $(call buildpretty,$(subst /,,$(dir $(GOOSARCH))),$(notdir $(GOOSARCH)))) - - define buildrelease --GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \ -+GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 $(GO) build \ - -o $(BUILDDIR)/$(NAME)-$(1)-$(2) \ - -a -tags "$(BUILDTAGS) static_build netgo" \ - -installsuffix netgo ${GO_LDFLAGS_STATIC} .; -@@ -99,7 +99,7 @@ release: *.go VERSION ## Builds the cross-compiled binaries, naming them in such - .PHONY: bump-version - BUMP := patch - bump-version: ## Bump the version in the version file. Set KIND to [ patch | major | minor ] -- @go get -u github.com/jessfraz/junk/sembump # update sembump tool -+ @$(GO) get -u github.com/jessfraz/junk/sembump # update sembump tool - $(eval NEW_VERSION = $(shell sembump --kind $(BUMP) $(VERSION))) - @echo "Bumping VERSION from $(VERSION) to $(NEW_VERSION)" - echo $(NEW_VERSION) > VERSION --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-networking/netns/files/Makefile-force-rebuilding-all-packages-to-avoid-cgo.patch b/external/meta-virtualization/recipes-networking/netns/files/Makefile-force-rebuilding-all-packages-to-avoid-cgo.patch new file mode 100644 index 00000000..e4967d2e --- /dev/null +++ b/external/meta-virtualization/recipes-networking/netns/files/Makefile-force-rebuilding-all-packages-to-avoid-cgo.patch @@ -0,0 +1,64 @@ +From fa402247e9b24470648a366cfda1c9134660146a Mon Sep 17 00:00:00 2001 +From: Mark Asselstine <mark.asselstine@windriver.com> +Date: Mon, 18 Mar 2019 14:04:16 -0400 +Subject: [PATCH] Makefile: force rebuilding all packages to avoid cgo + +We are running into an issue when attempting to build 'static', +similar to what is described by + +https://plus.google.com/117192131596509381660/posts/eNnNePihYnK +and +https://github.com/golang/go/issues/9369 + +In our case we can see that it manifests as a build error + + cannot find package runtime/cgo (using -importcfg) + ...go/pkg/tool/linux_amd64/link: cannot open file : open : no such file or directory + +Although the descriptions of issue indicate that newer versions of GO, +such as the version we are using, should not have this issue it is +clear from the error that cgo is being referenced when it should be +out of the picture. + +Interesting enough this issue only manifests when we are building on +x86-64 and building for x86-64 which might indicate that GO might be +finding -native packages and not -cross packages. + +This change works around the issue and will allow for the building of +the 'static' make target, but at this time and until the issue is +completely understood, it is recommended that the 'build' target is +used. + +Upstream-Status: Inappropriate [only an issue with our builds] + +Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + +Forward-ported to v0.5.3. + +Signed-off-by: Paul Barker <paul@betafive.co.uk> +--- + basic.mk | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/basic.mk b/basic.mk +index 187dff3..76a8d93 100644 +--- a/src/import/basic.mk ++++ b/src/import/basic.mk +@@ -45,12 +45,12 @@ build: prebuild $(NAME) ## Builds a dynamic executable or package. + + $(NAME): $(wildcard *.go) $(wildcard */*.go) VERSION.txt + @echo "+ $@" +- $(GO) build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) . ++ $(GO) build -a -pkgdir dontusecurrentpkgs -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) . + + .PHONY: static + static: prebuild ## Builds a static executable. + @echo "+ $@" +- CGO_ENABLED=$(CGO_ENABLED) $(GO) build \ ++ CGO_ENABLED=$(CGO_ENABLED) $(GO) build -a -pkgdir dontusecurrentpkgs \ + -tags "$(BUILDTAGS) static_build" \ + ${GO_LDFLAGS_STATIC} -o $(NAME) . + +-- +2.23.0 + diff --git a/external/meta-virtualization/recipes-networking/netns/netns_git.bb b/external/meta-virtualization/recipes-networking/netns/netns_git.bb index b6d35948..da6aac21 100644 --- a/external/meta-virtualization/recipes-networking/netns/netns_git.bb +++ b/external/meta-virtualization/recipes-networking/netns/netns_git.bb @@ -4,10 +4,10 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=48ef0979a2bcc3fae14ff30b8a7f5dbf" SRC_URI = "git://github.com/genuinetools/netns;branch=master \ - file://0001-Allow-selection-of-go-compiler.patch \ + file://Makefile-force-rebuilding-all-packages-to-avoid-cgo.patch \ " -SRCREV = "0da6ab0997707024debe68c91e940c9168041bf8" -PV = "0.4.0" +SRCREV = "9b103a19b917cc3762a33b7d78244b1d5e45ccfd" +PV = "0.5.3" GO_IMPORT = "import" S = "${WORKDIR}/git" @@ -42,7 +42,15 @@ do_compile() { export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" cd ${S}/src/import - oe_runmake static + # Static builds work but are not recommended. See Makefile*cgo patch. + #oe_runmake static + oe_runmake build + + # Golang forces permissions to 0500 on directories and 0400 on files in + # the module cache which prevents us from easily cleaning up the build + # directory. Let's just fix the permissions here so we don't have to + # hack the clean tasks. + chmod -R u+w vendor/pkg/mod } do_install() { diff --git a/external/meta-virtualization/recipes-networking/openvswitch/files/openvswitch-testcontroller b/external/meta-virtualization/recipes-networking/openvswitch/files/openvswitch-testcontroller index aad5ad60..57c77983 100755 --- a/external/meta-virtualization/recipes-networking/openvswitch/files/openvswitch-testcontroller +++ b/external/meta-virtualization/recipes-networking/openvswitch/files/openvswitch-testcontroller @@ -40,7 +40,7 @@ PIDFILE=/var/run/openvswitch/$NAME.pid test -x $DAEMON || exit 0 -. /lib/lsb/init-functions +. /usr/share/openvswitch/scripts/ovs-lib # Default options, these can be overriden by the information # at /etc/default/openvswitch-testcontroller @@ -89,6 +89,14 @@ running_pid() { return 0 } +log_begin_msg () { + echo "$@" +} + +log_end_msg () { + echo "$@" +} + running() { # Check if the process is running looking at /proc # (works for all users) diff --git a/external/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch b/external/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch deleted file mode 100644 index 0dc6b11b..00000000 --- a/external/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch +++ /dev/null @@ -1,372 +0,0 @@ -From a0a2d829642e916bd5d1c498a3e6f3641ed717a0 Mon Sep 17 00:00:00 2001 -From: Mark Asselstine <mark.asselstine@windriver.com> -Date: Fri, 13 Jan 2017 16:12:55 -0500 -Subject: [PATCH] python: make remaining scripts use /usr/bin/env - -Unfortunately there is no concept of a host python vs. target python -to facilitate cross compilation. There is only one PYTHON variable and -this is used during building and in the header of python scripts after -installation. The best approach for cross compilation is to thus to -ensure python is in the path and avoid passing a path as part of -PYTHON. To make this function smoothly all installed scripts should -make use of /usr/bin/env to increase the chances of finding python. - -Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> ---- - build-aux/check-structs | 2 +- - build-aux/dpdkstrip.py | 2 +- - build-aux/extract-ofp-actions | 2 +- - build-aux/extract-ofp-errors | 2 +- - build-aux/extract-ofp-fields | 2 +- - build-aux/extract-ofp-msgs | 2 +- - build-aux/sodepends.py | 2 +- - build-aux/soexpand.py | 2 +- - build-aux/text2c | 2 +- - build-aux/xml2nroff | 2 +- - ovn/utilities/ovn-detrace.in | 2 +- - ovn/utilities/ovn-docker-overlay-driver.in | 2 +- - ovn/utilities/ovn-docker-underlay-driver.in | 2 +- - ovsdb/dot2pic | 2 +- - ovsdb/ovsdb-doc | 2 +- - ovsdb/ovsdb-dot.in | 2 +- - ovsdb/ovsdb-idlc.in | 2 +- - python/build/soutil.py | 2 +- - tests/flowgen.py | 2 +- - tests/ovsdb-monitor-sort.py | 2 +- - tests/uuidfilt.py | 2 +- - utilities/bugtool/ovs-bugtool.in | 2 +- - utilities/ovs-check-dead-ifs.in | 2 +- - utilities/ovs-dpctl-top.in | 2 +- - utilities/ovs-l3ping.in | 2 +- - utilities/ovs-parse-backtrace.in | 2 +- - utilities/ovs-pcap.in | 2 +- - utilities/ovs-tcpdump.in | 2 +- - utilities/ovs-tcpundump.in | 2 +- - utilities/ovs-test.in | 2 +- - utilities/ovs-vlan-test.in | 2 +- - vtep/ovs-vtep.in | 2 +- - 32 files changed, 32 insertions(+), 32 deletions(-) - -diff --git a/build-aux/check-structs b/build-aux/check-structs -index 37ffa06..eb44c91 100755 ---- a/build-aux/check-structs -+++ b/build-aux/check-structs -@@ -1,4 +1,4 @@ --#! /usr/bin/python -+#! /usr/bin/env python3 - - import os.path - import sys -diff --git a/build-aux/dpdkstrip.py b/build-aux/dpdkstrip.py -index 48c7f06..b8b8ba9 100755 ---- a/build-aux/dpdkstrip.py -+++ b/build-aux/dpdkstrip.py -@@ -1,4 +1,4 @@ --#! /usr/bin/env python -+#! /usr/bin/env python3 - # Copyright (c) 2017 Red Hat, Inc. - # - # Licensed under the Apache License, Version 2.0 (the "License"); -diff --git a/build-aux/extract-ofp-actions b/build-aux/extract-ofp-actions -index bd7131f..4d05ef9 100755 ---- a/build-aux/extract-ofp-actions -+++ b/build-aux/extract-ofp-actions -@@ -1,4 +1,4 @@ --#! /usr/bin/python -+#! /usr/bin/env python3 - - import sys - import os.path -diff --git a/build-aux/extract-ofp-errors b/build-aux/extract-ofp-errors -index 71ae0bd..58ba006 100755 ---- a/build-aux/extract-ofp-errors -+++ b/build-aux/extract-ofp-errors -@@ -1,4 +1,4 @@ --#! /usr/bin/python -+#! /usr/bin/env python3 - - import sys - import os.path -diff --git a/build-aux/extract-ofp-fields b/build-aux/extract-ofp-fields -index 184b75e..cf339f8 100755 ---- a/build-aux/extract-ofp-fields -+++ b/build-aux/extract-ofp-fields -@@ -1,4 +1,4 @@ --#! /usr/bin/python -+#! /usr/bin/env python3 - - import getopt - import sys -diff --git a/build-aux/extract-ofp-msgs b/build-aux/extract-ofp-msgs -index a67e870..92c4bda 100755 ---- a/build-aux/extract-ofp-msgs -+++ b/build-aux/extract-ofp-msgs -@@ -1,4 +1,4 @@ --#! /usr/bin/python -+#! /usr/bin/env python3 - - import sys - import os.path -diff --git a/build-aux/sodepends.py b/build-aux/sodepends.py -index 90cfaa0..45812bc 100755 ---- a/build-aux/sodepends.py -+++ b/build-aux/sodepends.py -@@ -1,4 +1,4 @@ --#! /usr/bin/env python -+#! /usr/bin/env python3 - - # Copyright (c) 2008, 2011, 2017 Nicira, Inc. - # -diff --git a/build-aux/soexpand.py b/build-aux/soexpand.py -index 53ca640..00adcf4 100755 ---- a/build-aux/soexpand.py -+++ b/build-aux/soexpand.py -@@ -1,4 +1,4 @@ --#! /usr/bin/env python -+#! /usr/bin/env python3 - - # Copyright (c) 2008, 2017 Nicira, Inc. - # -diff --git a/build-aux/text2c b/build-aux/text2c -index cb1f256..ab7910e 100755 ---- a/build-aux/text2c -+++ b/build-aux/text2c -@@ -1,4 +1,4 @@ --#! /usr/bin/python -+#! /usr/bin/env python3 - - import re - import sys -diff --git a/build-aux/xml2nroff b/build-aux/xml2nroff -index bd4e879..db45c56 100755 ---- a/build-aux/xml2nroff -+++ b/build-aux/xml2nroff -@@ -1,4 +1,4 @@ --#! /usr/bin/python -+#! /usr/bin/env python3 - - # Copyright (c) 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc. - # -diff --git a/ovn/utilities/ovn-detrace.in b/ovn/utilities/ovn-detrace.in -index e2e5b4c..5549219 100755 ---- a/ovn/utilities/ovn-detrace.in -+++ b/ovn/utilities/ovn-detrace.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # - # Copyright (c) 2017 eBay Inc. - # -diff --git a/ovn/utilities/ovn-docker-overlay-driver.in b/ovn/utilities/ovn-docker-overlay-driver.in -index 65edfcd..895426b 100755 ---- a/ovn/utilities/ovn-docker-overlay-driver.in -+++ b/ovn/utilities/ovn-docker-overlay-driver.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # Copyright (C) 2015 Nicira, Inc. - # - # Licensed under the Apache License, Version 2.0 (the "License"); -diff --git a/ovn/utilities/ovn-docker-underlay-driver.in b/ovn/utilities/ovn-docker-underlay-driver.in -index d91ce9f..e0c8db6 100755 ---- a/ovn/utilities/ovn-docker-underlay-driver.in -+++ b/ovn/utilities/ovn-docker-underlay-driver.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # Copyright (C) 2015 Nicira, Inc. - # - # Licensed under the Apache License, Version 2.0 (the "License"); -diff --git a/ovsdb/dot2pic b/ovsdb/dot2pic -index de67261..174e723 100755 ---- a/ovsdb/dot2pic -+++ b/ovsdb/dot2pic -@@ -1,4 +1,4 @@ --#! /usr/bin/env python -+#! /usr/bin/env python3 - - # Copyright (c) 2009, 2010, 2011, 2013, 2017 Nicira, Inc. - # -diff --git a/ovsdb/ovsdb-doc b/ovsdb/ovsdb-doc -index 406c293..d55c6e6 100755 ---- a/ovsdb/ovsdb-doc -+++ b/ovsdb/ovsdb-doc -@@ -1,4 +1,4 @@ --#! /usr/bin/python -+#! /usr/bin/env python3 - - # Copyright (c) 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc. - # -diff --git a/ovsdb/ovsdb-dot.in b/ovsdb/ovsdb-dot.in -index 8eea617..38ba33a 100755 ---- a/ovsdb/ovsdb-dot.in -+++ b/ovsdb/ovsdb-dot.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#! /usr/bin/env @PYTHON@ - - from datetime import date - import ovs.db.error -diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in -index 1ea2115..4ecb2e2 100755 ---- a/ovsdb/ovsdb-idlc.in -+++ b/ovsdb/ovsdb-idlc.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - - from __future__ import print_function - import getopt -diff --git a/python/build/soutil.py b/python/build/soutil.py -index b8027af..8f52803 100755 ---- a/python/build/soutil.py -+++ b/python/build/soutil.py -@@ -1,4 +1,4 @@ --#! /usr/bin/env python -+#! /usr/bin/env python3 - - # Copyright (c) 2008, 2017 Nicira, Inc. - # -diff --git a/tests/flowgen.py b/tests/flowgen.py -index 221a8f2..5d96d76 100755 ---- a/tests/flowgen.py -+++ b/tests/flowgen.py -@@ -1,4 +1,4 @@ --#! /usr/bin/env python -+#! /usr/bin/env python3 - - # Copyright (c) 2009, 2010, 2011, 2012, 2015, 2017 Nicira, Inc. - # -diff --git a/tests/ovsdb-monitor-sort.py b/tests/ovsdb-monitor-sort.py -index 7d368a7..ab4c38c 100755 ---- a/tests/ovsdb-monitor-sort.py -+++ b/tests/ovsdb-monitor-sort.py -@@ -1,4 +1,4 @@ --#! /usr/bin/env python -+#! /usr/bin/env python3 - - # Breaks lines read from stdin into groups using blank lines as - # group separators, then sorts lines within the groups for -diff --git a/tests/uuidfilt.py b/tests/uuidfilt.py -index ea72812..f1a9aff 100755 ---- a/tests/uuidfilt.py -+++ b/tests/uuidfilt.py -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/env python3 - - import re - import sys -diff --git a/utilities/bugtool/ovs-bugtool.in b/utilities/bugtool/ovs-bugtool.in -index 8d220fd..76cedf4 100755 ---- a/utilities/bugtool/ovs-bugtool.in -+++ b/utilities/bugtool/ovs-bugtool.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#! /usr/bin/env @PYTHON@ - - # This library is free software; you can redistribute it and/or - # modify it under the terms of version 2.1 of the GNU Lesser General Public -diff --git a/utilities/ovs-check-dead-ifs.in b/utilities/ovs-check-dead-ifs.in -index ac54f6c..13d86b3 100755 ---- a/utilities/ovs-check-dead-ifs.in -+++ b/utilities/ovs-check-dead-ifs.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - - import os - import re -diff --git a/utilities/ovs-dpctl-top.in b/utilities/ovs-dpctl-top.in -index 7f0f1f8..ece707a 100755 ---- a/utilities/ovs-dpctl-top.in -+++ b/utilities/ovs-dpctl-top.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # - # Copyright (c) 2013 Nicira, Inc. - # -diff --git a/utilities/ovs-l3ping.in b/utilities/ovs-l3ping.in -index 1b07972..9852699 100644 ---- a/utilities/ovs-l3ping.in -+++ b/utilities/ovs-l3ping.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. -diff --git a/utilities/ovs-parse-backtrace.in b/utilities/ovs-parse-backtrace.in -index 350cbd9..1960fb4 100755 ---- a/utilities/ovs-parse-backtrace.in -+++ b/utilities/ovs-parse-backtrace.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # - # Copyright (c) 2012 Nicira, Inc. - # -diff --git a/utilities/ovs-pcap.in b/utilities/ovs-pcap.in -index fc15321..bd55a41 100755 ---- a/utilities/ovs-pcap.in -+++ b/utilities/ovs-pcap.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # - # Copyright (c) 2010 Nicira, Inc. - # -diff --git a/utilities/ovs-tcpdump.in b/utilities/ovs-tcpdump.in -index 91fa14e..bad67b7 100755 ---- a/utilities/ovs-tcpdump.in -+++ b/utilities/ovs-tcpdump.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # - # Copyright (c) 2016 Red Hat, Inc. - # -diff --git a/utilities/ovs-tcpundump.in b/utilities/ovs-tcpundump.in -index c99015b..9a617ce 100755 ---- a/utilities/ovs-tcpundump.in -+++ b/utilities/ovs-tcpundump.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # - # Copyright (c) 2010 Nicira, Inc. - # -diff --git a/utilities/ovs-test.in b/utilities/ovs-test.in -index fb1f9ad..4dba169 100644 ---- a/utilities/ovs-test.in -+++ b/utilities/ovs-test.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. -diff --git a/utilities/ovs-vlan-test.in b/utilities/ovs-vlan-test.in -index e229498..5b70118 100755 ---- a/utilities/ovs-vlan-test.in -+++ b/utilities/ovs-vlan-test.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # - # Copyright (c) 2010 Nicira, Inc. - # -diff --git a/vtep/ovs-vtep.in b/vtep/ovs-vtep.in -index 98748e4..3f12ae2 100755 ---- a/vtep/ovs-vtep.in -+++ b/vtep/ovs-vtep.in -@@ -1,4 +1,4 @@ --#! @PYTHON@ -+#!/usr/bin/env @PYTHON@ - # Copyright (C) 2013 Nicira, Inc. All Rights Reserved. - # - # Licensed under the Apache License, Version 2.0 (the "License"); --- -2.7.4 - diff --git a/external/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch b/external/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch index 64e0e3f4..113bc91d 100644 --- a/external/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch +++ b/external/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch @@ -10,13 +10,12 @@ Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> --- ofproto/ipfix-gen-entities | 2 +- tests/test-l7.py | 2 +- - utilities/checkpatch.py | 2 +- utilities/ovs-dev.py | 2 +- utilities/ovs-pipegen.py | 2 +- xenserver/etc_xapi.d_plugins_openvswitch-cfg-update | 2 +- xenserver/opt_xensource_libexec_interface-reconfigure | 2 +- xenserver/usr_share_openvswitch_scripts_ovs-xapi-sync | 2 +- - 8 files changed, 8 insertions(+), 8 deletions(-) + 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ofproto/ipfix-gen-entities b/ofproto/ipfix-gen-entities index 0be7199..d2cce42 100755 @@ -38,16 +37,6 @@ index d7854a1..f09defb 100755 # Copyright (c) 2015, 2016 Nicira, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); -diff --git a/utilities/checkpatch.py b/utilities/checkpatch.py -index f929714..e17a1cf 100755 ---- a/utilities/checkpatch.py -+++ b/utilities/checkpatch.py -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/env python3 - # Copyright (c) 2016, 2017 Red Hat, Inc. - # Copyright (c) 2018 Nicira, Inc. - # diff --git a/utilities/ovs-dev.py b/utilities/ovs-dev.py index 9ce0f04..839e13e 100755 --- a/utilities/ovs-dev.py diff --git a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch deleted file mode 100644 index f997bbff..00000000 --- a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 801023e72b31e7c49cbccedd76ade33a17fcbe45 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 20 Mar 2017 12:13:30 -0700 -Subject: [PATCH] Define WAIT_ANY if not provided by system - -POSIX does not define it and uses -1 directly -some libc do not have this definitions - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - ---- - tests/test-ovn.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/tests/test-ovn.c b/tests/test-ovn.c -index 84adf81..2bc6bdf 100644 ---- a/tests/test-ovn.c -+++ b/tests/test-ovn.c -@@ -38,6 +38,10 @@ - #include "simap.h" - #include "util.h" - -+#ifndef WAIT_ANY -+# define WAIT_ANY (-1) /* Any process. */ -+#endif -+ - /* --relops: Bitmap of the relational operators to test, in exhaustive test. */ - static unsigned int test_relops; - diff --git a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch index c177202f..5e5a38d9 100644 --- a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch +++ b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch @@ -1,26 +1,29 @@ -From adfd2380d71dff1a31efaf63cf7ac97470466ec9 Mon Sep 17 00:00:00 2001 -From: Amy Fong <amy.fong@windriver.com> -Date: Thu, 29 Jan 2015 09:56:03 -0500 -Subject: [PATCH] Specify install path for kernel module +From 9b7fb1346702d59af67435487254ef35940bc16a Mon Sep 17 00:00:00 2001 +From: "Hongzhi.Song" <hongzhi.song@windriver.com> +Date: Wed, 23 Jan 2019 03:41:30 -0500 +Subject: [PATCH] datapatch/linux: Specify install path for kernel module Signed-off-by: Amy Fong <amy.fong@windriver.com> - +Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com> --- datapath/linux/Makefile.main.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/datapath/linux/Makefile.main.in b/datapath/linux/Makefile.main.in -index 7d18253..63c520f 100644 +index 328bbfb..6dcc8d0 100644 --- a/datapath/linux/Makefile.main.in +++ b/datapath/linux/Makefile.main.in @@ -71,8 +71,8 @@ default: - $(MAKE) -C $(KSRC) M=$(builddir) modules + $(MAKE) -C $(KSRC) $(if @KARCH@,ARCH=@KARCH@) M=$(builddir) modules modules_install: -- $(MAKE) -C $(KSRC) M=$(builddir) modules_install -- depmod `sed -n 's/#define UTS_RELEASE "\([^"]*\)"/\1/p' $(KSRC)/include/generated/utsrelease.h` -+ $(MAKE) -C $(KSRC) M=$(builddir) modules_install INSTALL_MOD_PATH=${INSTALL_MOD_PATH} -+ # depmod `sed -n 's/#define UTS_RELEASE "\([^"]*\)"/\1/p' $(KSRC)/include/generated/utsrelease.h` +- $(MAKE) -C $(KSRC) $(if @KARCH@,ARCH=@KARCH@) M=$(builddir) modules_install +- /sbin/depmod `sed -n 's/#define UTS_RELEASE "\([^"]*\)"/\1/p' $(KSRC)/include/generated/utsrelease.h` ++ $(MAKE) -C $(KSRC) $(if @KARCH@,ARCH=@KARCH@) M=$(builddir) modules_install INSTALL_MOD_PATH=${INSTALL_MOD_PATH} ++ #/sbin/depmod `sed -n 's/#define UTS_RELEASE "\([^"]*\)"/\1/p' $(KSRC)/include/generated/utsrelease.h` endif # Much of the kernel build system in this file is derived from Intel's +-- +2.8.1 + diff --git a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-5563e309b80bbea9bff538e71ecfd7e5e538bab9.patch b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-71d553b995d0bd527d3ab1e9fbaf5a2ae34de2f3.patch index a8fc86c9..fc74debb 100644 --- a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-5563e309b80bbea9bff538e71ecfd7e5e538bab9.patch +++ b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-71d553b995d0bd527d3ab1e9fbaf5a2ae34de2f3.patch @@ -13,6 +13,8 @@ Fix ptest for v2.5 Signed-off-by: He Zhe <zhe.he@windriver.com> +refresh patch to fix patch-fuzz warning +Signed-off-by: Changqing Li <changqing.li@windriver.com> --- Makefile.am | 1 + test.mk | 74 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ @@ -23,8 +25,8 @@ diff --git a/Makefile.am b/Makefile.am index 7889728..6435399 100644 --- a/Makefile.am +++ b/Makefile.am -@@ -494,3 +494,4 @@ include windows/automake.mk - include ovn/automake.mk +@@ -497,3 +497,4 @@ include windows/automake.mk + include windows/automake.mk include selinux/automake.mk include build-aux/automake.mk +include test.mk diff --git a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/systemd-create-runtime-dirs.patch b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/systemd-create-runtime-dirs.patch index 65290cf6..0438cf88 100644 --- a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/systemd-create-runtime-dirs.patch +++ b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/systemd-create-runtime-dirs.patch @@ -1,4 +1,4 @@ -From 219e7cf9f28fdf14747fdf674bec293f763fe8e3 Mon Sep 17 00:00:00 2001 +From 6876e0c155b7f83e1f8545446e2dd69c2b7989f2 Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Tue, 4 Sep 2018 15:38:59 -0400 Subject: [PATCH] systemd: create runtime dirs @@ -15,17 +15,17 @@ Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> 1 file changed, 1 insertion(+) diff --git a/rhel/usr_lib_systemd_system_ovsdb-server.service b/rhel/usr_lib_systemd_system_ovsdb-server.service -index 694598f..0bb2274 100644 +index aad557f..69b0bf6 100644 --- a/rhel/usr_lib_systemd_system_ovsdb-server.service +++ b/rhel/usr_lib_systemd_system_ovsdb-server.service -@@ -10,6 +10,7 @@ Type=forking +@@ -11,6 +11,7 @@ PIDFile=/var/run/openvswitch/ovsdb-server.pid Restart=on-failure EnvironmentFile=/etc/openvswitch/default.conf EnvironmentFile=-/etc/sysconfig/openvswitch +ExecStartPre=-/bin/mkdir /var/run/openvswitch /var/log/openvswitch - ExecStartPre=/bin/chown ${OVS_USER_ID} /var/run/openvswitch /var/log/openvswitch - ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch/useropts; if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /bin/echo "OVSUSER=--ovs-user=${OVS_USER_ID}" > /run/openvswitch/useropts; fi' - EnvironmentFile=-/run/openvswitch/useropts + ExecStartPre=-/bin/chown ${OVS_USER_ID} /var/run/openvswitch /var/log/openvswitch + ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch.useropts; /bin/echo "OVS_USER_ID=${OVS_USER_ID}" > /run/openvswitch.useropts' + ExecStartPre=/bin/sh -c 'if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /bin/echo "OVS_USER_OPT=--ovs-user=${OVS_USER_ID}" >> /run/openvswitch.useropts; fi' -- 2.7.4 diff --git a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/systemd-update-tool-paths.patch b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/systemd-update-tool-paths.patch index d7d4c159..aae44fe7 100644 --- a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/systemd-update-tool-paths.patch +++ b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/systemd-update-tool-paths.patch @@ -1,7 +1,7 @@ -From 163020a5bba1323dc337d72d4771bb81d824b0dc Mon Sep 17 00:00:00 2001 +From efd6b8f03ef7278d2477833f84bb8488bd0c346d Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Tue, 29 May 2018 18:57:46 +0000 -Subject: [PATCH] systemd: update tool paths +Subject: [PATCH 1/2] systemd: update tool paths We are using the rhel files but we install our tools in a slightly different path, update accordingly. @@ -9,16 +9,16 @@ different path, update accordingly. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> --- rhel/usr_lib_systemd_system_ovs-vswitchd.service.in | 4 ++-- - rhel/usr_lib_systemd_system_ovsdb-server.service | 4 ++-- - 2 files changed, 4 insertions(+), 4 deletions(-) + rhel/usr_lib_systemd_system_ovsdb-server.service | 6 +++--- + 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in -index 11b34c6..94c48f8 100644 +index ff43dae..f88b57c 100644 --- a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in +++ b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in -@@ -15,8 +15,8 @@ EnvironmentFile=/etc/openvswitch/default.conf - EnvironmentFile=-/etc/sysconfig/openvswitch - EnvironmentFile=-/run/openvswitch/useropts +@@ -17,8 +17,8 @@ EnvironmentFile=-/etc/sysconfig/openvswitch + EnvironmentFile=-/run/openvswitch.useropts + LimitSTACK=2M @begin_dpdk@ -ExecStartPre=-/bin/sh -c '/usr/bin/chown :$${OVS_USER_ID##*:} /dev/hugepages' -ExecStartPre=-/usr/bin/chmod 0775 /dev/hugepages @@ -28,18 +28,20 @@ index 11b34c6..94c48f8 100644 ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \ --no-ovsdb-server --no-monitor --system-id=random \ diff --git a/rhel/usr_lib_systemd_system_ovsdb-server.service b/rhel/usr_lib_systemd_system_ovsdb-server.service -index 70da1ec..694598f 100644 +index 4c170c0..aad557f 100644 --- a/rhel/usr_lib_systemd_system_ovsdb-server.service +++ b/rhel/usr_lib_systemd_system_ovsdb-server.service -@@ -10,8 +10,8 @@ Type=forking +@@ -11,9 +11,9 @@ PIDFile=/var/run/openvswitch/ovsdb-server.pid Restart=on-failure EnvironmentFile=/etc/openvswitch/default.conf EnvironmentFile=-/etc/sysconfig/openvswitch --ExecStartPre=/usr/bin/chown ${OVS_USER_ID} /var/run/openvswitch /var/log/openvswitch --ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch/useropts; if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /usr/bin/echo "OVSUSER=--ovs-user=${OVS_USER_ID}" > /run/openvswitch/useropts; fi' -+ExecStartPre=/bin/chown ${OVS_USER_ID} /var/run/openvswitch /var/log/openvswitch -+ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch/useropts; if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /bin/echo "OVSUSER=--ovs-user=${OVS_USER_ID}" > /run/openvswitch/useropts; fi' - EnvironmentFile=-/run/openvswitch/useropts +-ExecStartPre=-/usr/bin/chown ${OVS_USER_ID} /var/run/openvswitch /var/log/openvswitch +-ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch.useropts; /usr/bin/echo "OVS_USER_ID=${OVS_USER_ID}" > /run/openvswitch.useropts' +-ExecStartPre=/bin/sh -c 'if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /usr/bin/echo "OVS_USER_OPT=--ovs-user=${OVS_USER_ID}" >> /run/openvswitch.useropts; fi' ++ExecStartPre=-/bin/chown ${OVS_USER_ID} /var/run/openvswitch /var/log/openvswitch ++ExecStartPre=/bin/sh -c 'rm -f /run/openvswitch.useropts; /bin/echo "OVS_USER_ID=${OVS_USER_ID}" > /run/openvswitch.useropts' ++ExecStartPre=/bin/sh -c 'if [ "$${OVS_USER_ID/:*/}" != "root" ]; then /bin/echo "OVS_USER_OPT=--ovs-user=${OVS_USER_ID}" >> /run/openvswitch.useropts; fi' + EnvironmentFile=-/run/openvswitch.useropts ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \ --no-ovs-vswitchd --no-monitor --system-id=random \ -- diff --git a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch.inc b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch.inc index 8aab739b..37fbe5ab 100644 --- a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch.inc +++ b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch.inc @@ -16,7 +16,7 @@ DEPENDS += "bridge-utils openssl python3 perl python3-six-native coreutils-nativ RDEPENDS_${PN} += "util-linux-uuidgen util-linux-libuuid coreutils \ python3 perl perl-module-strict ${PN}-switch \ bash python3-twisted python3-six" -RDEPENDS_${PN}-testcontroller = "${PN} lsb ${PN}-pki" +RDEPENDS_${PN}-testcontroller = "${PN} ${PN}-pki" RDEPENDS_${PN}-switch = "${PN} openssl procps util-linux-uuidgen" RDEPENDS_${PN}-pki = "${PN}" RDEPENDS_${PN}-brcompat = "${PN} ${PN}-switch" @@ -129,6 +129,9 @@ do_install_append() { install -m 644 ${S}/rhel/usr_lib_systemd_system_ovsdb-server.service \ ${D}/${systemd_unitdir}/system/ovsdb-server.service + install -d ${D}/usr/share/openvswitch/scripts/ + install -m 755 ${S}/rhel/usr_share_openvswitch_scripts_ovs-systemd-reload ${D}/usr/share/openvswitch/scripts/ovs-systemd-reload + oe_runmake modules_install INSTALL_MOD_PATH=${D} install -d ${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages cp -r ${S}/python/ovstest/ ${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages/ diff --git a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb index a9309332..07258be7 100644 --- a/external/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb +++ b/external/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb @@ -5,31 +5,29 @@ DEPENDS += "virtual/kernel" PACKAGE_ARCH = "${MACHINE_ARCH}" RDEPENDS_${PN}-ptest += "\ - python3-logging python3-syslog python3-io \ + python3-logging python3-syslog python3-io python3-core \ python3-fcntl python3-shell python3-xml python3-math \ python3-datetime python3-netclient python3 sed \ ldd perl-module-socket perl-module-carp perl-module-exporter \ perl-module-xsloader python3-netserver python3-threading \ - python3-resource findutils which \ + python3-resource findutils which diffutils \ " S = "${WORKDIR}/git" -PV = "2.10.0+${SRCREV}" +PV = "2.13+${SRCPV}" FILESEXTRAPATHS_append := "${THISDIR}/${PN}-git:" -SRCREV = "5563e309b80bbea9bff538e71ecfd7e5e538bab9" +SRCREV = "71d553b995d0bd527d3ab1e9fbaf5a2ae34de2f3" SRC_URI = "file://openvswitch-switch \ file://openvswitch-switch-setup \ file://openvswitch-testcontroller \ file://openvswitch-testcontroller-setup \ - git://github.com/openvswitch/ovs.git;protocol=git;branch=branch-2.10 \ - file://openvswitch-add-ptest-${SRCREV}.patch \ + git://github.com/openvswitch/ovs.git;protocol=git;branch=branch-2.13 \ + file://openvswitch-add-ptest-71d553b995d0bd527d3ab1e9fbaf5a2ae34de2f3.patch \ file://run-ptest \ file://disable_m4_check.patch \ file://kernel_module.patch \ - file://python-make-remaining-scripts-use-usr-bin-env.patch \ - file://0002-Define-WAIT_ANY-if-not-provided-by-system.patch \ file://python-switch-remaining-scripts-to-use-python3.patch \ file://systemd-update-tool-paths.patch \ file://systemd-create-runtime-dirs.patch \ diff --git a/external/meta-virtualization/recipes-networking/slirp4netns/slirp4netns_0.4.1.bb b/external/meta-virtualization/recipes-networking/slirp4netns/slirp4netns_0.4.1.bb new file mode 100644 index 00000000..b47df968 --- /dev/null +++ b/external/meta-virtualization/recipes-networking/slirp4netns/slirp4netns_0.4.1.bb @@ -0,0 +1,16 @@ +SUMMARY = "User-mode networking for unprivileged network namespaces." +DESCRIPTION = "slirp4netns allows connecting a network namespace to the \ +Internet in a completely unprivileged way, by connecting a TAP device in a \ +network namespace to the usermode TCP/IP stack ("slirp")." + +LICENSE = "GPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=1e2efd29c201480c6be2744d9edade26" + +SRCREV = "4d38845e2e311b684fc8d1c775c725bfcd5ddc27" +SRC_URI = "git://github.com/rootless-containers/slirp4netns.git;nobranch=1" + +DEPENDS = "glib-2.0 libcap libseccomp" + +S = "${WORKDIR}/git" + +inherit autotools pkgconfig diff --git a/external/meta-virtualization/scripts/lib/wic/plugins/source/bootimg-biosxen.py b/external/meta-virtualization/scripts/lib/wic/plugins/source/bootimg-biosxen.py new file mode 100644 index 00000000..f00747db --- /dev/null +++ b/external/meta-virtualization/scripts/lib/wic/plugins/source/bootimg-biosxen.py @@ -0,0 +1,212 @@ +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# DESCRIPTION +# This implements the 'bootimg-biosxen' source plugin class for 'wic' +# +# Bootloader arguments: Xen args are separated from Linux ones at '---': +# eg. +# bootloader --append="console=com1,vga com1=115200,8n1 --- console=hvc0" +# +# Optional source param: initrd +# accepts multiple ramdisk files to be supplied to multiboot. +# eg. +# part /boot --source bootimg-biosxen --sourceparams="initrd=foo.initrd;bar.initrd" +# +# AUTHORS +# Christopher Clark <christopher.w.clark [at] gmail.com> +# Elements derived from bootimg-biosplusefi.py by: +# William Bourque <wbourque [at] gmail.com> + +import logging +import os +import types + +from wic import WicError +import wic.pluginbase +from importlib.machinery import SourceFileLoader +from wic.misc import (exec_cmd, get_bitbake_var) + +logger = logging.getLogger('wic') + +class BootimgBiosXenPlugin(wic.pluginbase.SourcePlugin): + """ + Create MBR boot partition including files for Xen + + """ + + name = 'bootimg-biosxen' + __PCBIOS_MODULE_NAME = "bootimg-pcbios" + __imgBiosObj = None + + @classmethod + def __init__(cls): + """ + Constructor (init) + """ + # original comment from bootimg-biosplusefi.py : + # "XXX For some reasons, __init__ constructor is never called. + # Something to do with how pluginbase works?" + cls.__instanciateBIOSClass() + + @classmethod + def __instanciateBIOSClass(cls): + """ + + """ + # Import bootimg-pcbios (class name "BootimgPcbiosPlugin") + modulePath = os.path.join(os.path.dirname(wic.pluginbase.__file__), + "plugins", "source", + cls.__PCBIOS_MODULE_NAME + ".py") + loader = SourceFileLoader(cls.__PCBIOS_MODULE_NAME, modulePath) + mod = types.ModuleType(loader.name) + loader.exec_module(mod) + cls.__imgBiosObj = mod.BootimgPcbiosPlugin() + + @classmethod + def do_install_disk(cls, disk, disk_name, creator, workdir, oe_builddir, + bootimg_dir, kernel_dir, native_sysroot): + """ + Called after all partitions have been prepared and assembled into a + disk image. + """ + if not cls.__imgBiosObj: + cls.__instanciateBIOSClass() + + cls.__imgBiosObj.do_install_disk(disk, disk_name, creator, workdir, + oe_builddir, bootimg_dir, kernel_dir, + native_sysroot) + + @classmethod + def do_configure_partition(cls, part, source_params, creator, cr_workdir, + oe_builddir, bootimg_dir, kernel_dir, + native_sysroot): + """ + Called before do_prepare_partition(), creates syslinux config + """ + if not cls.__imgBiosObj: + cls.__instanciateBIOSClass() + + bootloader = creator.ks.bootloader + + if not bootloader.configfile: + splash = os.path.join(cr_workdir, "/hdd/boot/splash.jpg") + if os.path.exists(splash): + splashline = "menu background splash.jpg" + else: + splashline = "" + + syslinux_conf = "" + syslinux_conf += "PROMPT 0\n" + syslinux_conf += "TIMEOUT " + str(bootloader.timeout) + "\n" + syslinux_conf += "\n" + syslinux_conf += "ALLOWOPTIONS 1\n" + syslinux_conf += "\n" + if splashline: + syslinux_conf += "%s\n" % splashline + + syslinux_conf += "DEFAULT boot\n" + syslinux_conf += "LABEL boot\n" + syslinux_conf += " KERNEL mboot.c32\n" + + # Split the bootloader args at '---' to separate the Xen args + # from the Linux kernel args. + # The Xen args here are defaults; overridden by bootloader append. + xen_args = "console=com1,vga com1=115200,8n1" + kernel_append = "" + if bootloader.append: + separator_pos = bootloader.append.find('---') + if separator_pos != -1: + xen_args = bootloader.append[:separator_pos] + kernel_append = bootloader.append[separator_pos+3:] + else: + kernel_append = bootloader.append + + kernel_args = "label=boot root=%s %s" % \ + (creator.rootdev, kernel_append) + + syslinux_conf += " APPEND /xen.gz %s --- /vmlinuz %s" % \ + (xen_args, kernel_args) + + initrd = source_params.get('initrd') + if initrd: + initrds = initrd.split(';') + for initrd_file in initrds: + syslinux_conf += " --- /%s" % os.path.basename(initrd_file) + syslinux_conf += "\n" + + logger.debug("Writing syslinux config %s/hdd/boot/syslinux.cfg", + cr_workdir) + + hdddir = "%s/hdd/boot" % cr_workdir + install_cmd = "install -d %s" % hdddir + exec_cmd(install_cmd) + + cfg = open("%s/hdd/boot/syslinux.cfg" % cr_workdir, "w") + cfg.write(syslinux_conf) + cfg.close() + + else: + cls.__imgBiosObj.do_configure_partition(part, source_params, + creator, cr_workdir, + oe_builddir, bootimg_dir, + kernel_dir, native_sysroot) + + @classmethod + def do_prepare_partition(cls, part, source_params, creator, cr_workdir, + oe_builddir, bootimg_dir, kernel_dir, + rootfs_dir, native_sysroot): + """ + Called to do the actual content population for a partition i.e. it + 'prepares' the partition to be incorporated into the image. + """ + if not cls.__imgBiosObj: + cls.__instanciateBIOSClass() + + bootimg_dir = cls.__imgBiosObj._get_bootimg_dir(bootimg_dir, 'syslinux') + hdddir = "%s/hdd/boot" % cr_workdir + + # machine-deduction logic originally from isoimage-isohybrid.py + initrd_dir = get_bitbake_var("DEPLOY_DIR_IMAGE") + if not initrd_dir: + raise WicError("Couldn't find DEPLOY_DIR_IMAGE, exiting.") + machine = os.path.basename(initrd_dir) + + xen = "xen-" + machine + ".gz" + + cmds = ["install -m 0644 %s/%s %s/xen.gz" % + (kernel_dir, xen, hdddir), + "install -m 0644 %s/syslinux/mboot.c32 %s/mboot.c32" % + (bootimg_dir, hdddir)] + + initrd = source_params.get('initrd') + + # Allow multiple 'initrds', as per the bootimg-efi class. + # This can be used to install additional binaries for multiboot. + # eg. TXT ACMs, XSM/Flask policy file, microcode binary + if initrd: + initrds = initrd.split(';') + for initrd_file in initrds: + cmds.append("install -m 0644 %s/%s %s/%s" % + (kernel_dir, initrd_file, hdddir, + os.path.basename(initrd_file))) + + for install_cmd in cmds: + exec_cmd(install_cmd) + + cls.__imgBiosObj.do_prepare_partition(part, source_params, + creator, cr_workdir, + oe_builddir, bootimg_dir, + kernel_dir, rootfs_dir, + native_sysroot) diff --git a/external/meta-virtualization/wic/directdisk-bootloader-xen.cfg b/external/meta-virtualization/wic/directdisk-bootloader-xen.cfg new file mode 100644 index 00000000..3ad76d6c --- /dev/null +++ b/external/meta-virtualization/wic/directdisk-bootloader-xen.cfg @@ -0,0 +1,17 @@ +ALLOWOPTIONS 1 +DEFAULT boot +TIMEOUT 10 +PROMPT 1 +SERIAL 0 115200 + +UI vesamenu.c32 +menu title Select boot options +menu tabmsg Press [Tab] to edit, [Return] to select + +LABEL boot + KERNEL mboot.c32 + APPEND /xen.gz console=com1,vga com1=115200,8n1 --- /vmlinuz quiet console=hvc0 root=LABEL=root rw rootwait panic=10 + +LABEL verbose + KERNEL mboot.c32 + APPEND /xen.gz console=com1,vga com1=115200,8n1 loglvl=all guest_loglvl=all --- /vmlinuz quiet console=hvc0 earlyprintk=xen root=LABEL=root rw rootwait panic=10 diff --git a/external/meta-virtualization/wic/directdisk-bootloader-xen.wks b/external/meta-virtualization/wic/directdisk-bootloader-xen.wks new file mode 100644 index 00000000..c34120a5 --- /dev/null +++ b/external/meta-virtualization/wic/directdisk-bootloader-xen.wks @@ -0,0 +1,12 @@ +# short-description: Create a 'pcbios' direct disk image with Xen hypervisor and bootloader config +# long-description: Creates a partitioned legacy BIOS disk image to boot Xen +# with a bootloader config that the user can directly dd to boot media. +# Boot files are located on the first vfat partition. + +part /boot --source bootimg-biosxen --ondisk sda --label boot --active --align 1024 + +# For the main partition, it can be useful to add additional space for VMs; +# eg. increase partition size by appending: --size 10G +part / --source rootfs --ondisk sda --use-uuid --fstype=ext4 --label root --align 1024 + +bootloader --configfile="directdisk-bootloader-xen.cfg" diff --git a/external/meta-virtualization/wic/directdisk-xen.wks b/external/meta-virtualization/wic/directdisk-xen.wks new file mode 100644 index 00000000..d6ca46a4 --- /dev/null +++ b/external/meta-virtualization/wic/directdisk-xen.wks @@ -0,0 +1,10 @@ +# short-description: Create a 'pcbios' direct disk image with Xen hypervisor +# long-description: Creates a partitioned legacy BIOS disk image to boot Xen +# that the user can directly dd to boot media. Boot files are located on the +# first vfat partition. + +part /boot --source bootimg-biosxen --ondisk sda --label boot --active --align 1024 + +# For the main partition, it can be useful to add additional space for VMs: +# eg. increase partition size by appending: --size 10G +part / --source rootfs --ondisk sda --use-uuid --fstype=ext4 --label root --align 1024 |