| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
| tpm_emulator-0.7.4/tpm/tpm_deprecated.c:437:7:
| error: 'memcmp' reading 20 bytes from a region of size 8
| [-Werror=stringop-overflow=]
| if (memcmp(&b1, &newAuthLink, sizeof(TPM_HMAC))) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Apply patch from Xen: vtpm_TPM_ChangeAuthAsymFinish.patch
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
| |
Adds packaging for new binary: xen-shim.
Builds the hypervisor before building the tools to workaround an upstream
parallel build bug that causes the shim to be rebuilt during install.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vTPM stubdomain allows a virtual TPM to be created and used to
provide TPM functionality to Xen guest domains. The vTPM Manager
stubdomain seals the secrets of each vTPM to the physical TPM, thereby
extending the chain of trust to the virtual machines in Xen. More
information on Xen vTPMs found at
https://xenbits.xen.org/docs/unstable/man/xen-vtpm.7.html This xen-vtpm
recipe uses Xen/stubdom source tree to build the Xen vTPM and vTPM
Manager binaries and MiniOS source tree to build the Xen vTPM and vTPM
Manager stubdomains.
This recipe provides the ability to modify how the vTPM stubdomains are
created and the ability to independently patch the vTPM stubdomain
source code as necessary.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TPM Emulator is a software-based TPM and MTM emulator. This TPM Emulator
recipe creates a static library that is cross-compiled against MiniOS,
Xen, LWIP, Newlib, PolarSSL, and the stubdom-specific GMP headers and
subsequently used during the cross-compilation and linking of the Xen
vTPM and vTPM Manager stubdomains.
The current Xen source code is hardcoded to fetch a specific version of
this package. The patch files originate from the Xen/stubdom source
tree. This recipe provides the flexibility to change version or modify
the patches.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
GMP is a fast precision arithmetic library targeted for cryptographic
applications. This GMP recipe creates a static library that is
cross-compiled against that is cross-compiled against MiniOS, Xen, LWIP,
Newlib, and PolarSSL headers and subsquently used during the
cross-compilation and linking of the TPM Emulator and the Xen vTPM and
vTPM Manager stubdomains.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PolarSSL (now mbedTLS) is a lightweight SSL library optimized for
embedded systems. In the case of Xen stubdomains, we are using MiniOS.
This PolarSSL recipe creates a static library that is cross-compiled
against MiniOS, Xen, LWIP, and Newlib headers and subsequently used
during the cross-compilation and linking of the stubdom specific GMP,
TPM Emulator, and the Xen vTPM and vTPM Manager stubdomains. The
current Xen source code is hardcoded to fetch a specific version of this
package. The patch files originate from the Xen/stubdom source tree.
This recipe provides the flexibility to change version or modify the
patches.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Newlib provides a fast, C library optimized for embedded systems. In the
case of Xen stubdomains, we are using MiniOS. This Newlib recipe creates
static libraries that are cross-compiled against MiniOS, Xen, and LWIP
headers and subsequently used during the cross-compilation and linking
of PolarSSL, the stubdom specific GMP, TPM Emulator, and the Xen vTPM
and vTPM Manager stubdomains. The current Xen source code is hardcoded
to fetch a specific version of this package. The patch files originate
from the Xen/stubdom source tree. This recipe provides the flexibility
to change version or modify the patches.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mini-OS is a tiny OS kernel distributed with the Xen Project Hypervisor
sources. It is mainly used as operating system for stub domains that are
used for Dom0 Disaggregation.
The Mini-OS source tree is updated and released in coordination with Xen
releases. The Mini-OS source tree and architecture-specific symbolic
links are required for building the dependencies used to build Xen
stubodmains. For convenience, the make links target was executed before
packaging. Otherwise, this is a source package. The current build
methods for Xen stubdomains require either a source archive which
contains the Mini-OS source code or execution of a make target that will
fetch the appropriate Mini-OS source tree from it's git repository. This
recipe removes the mysticism of relating to the version of Mini-OS being
used and it's origins and provides the flexibility to easily changes
versions or patch as necessary.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
lwIP is a small implementation of the TCP/IP stack designed for use in
embedded systems. This lwIP recipe does not configure nor does it build
the product. Instead, this recipe applies the patches normally found in
the Xen/stubdom source tree and creates a source package that can be
used for cross-compiling for MiniOS.
The current Xen source code is hardcoded to fetch a specific version of
this package. The patch files originate from the Xen/stubdom source
tree. This recipe provides the flexibility to change version or modify
the patches.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This commit introduces the stubdom.inc file that is required for each
recipe that is/will be built for Xen stubdomains. This file defines the
standard values to be used such as common dependencies, compiler and
linker flags, and unsets every flag and build tool that is exported into
the OE environment.
Signed-off-by: Kurt Bodiker <kurt.bodiker@braintrust-us.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
| |
oe_filter_out is not available in oe-core anymore so use
oe.utils.str_filter_out instead.
Signed-off-by: Ricardo Salveti <ricardo@opensourcefoundries.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
| |
Fix a memory leak with MSR emulation on x86.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
| |
Introduce the recipe for Xen 4.10.0.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Xen 4.10, blktap is deprecated and no longer built by default,
so make the xen-blktap, xen-libblktap and xen-libvhd packages optional
instead of required dependencies for the xen-base package.
Move xen-blktap and related packages to RRECOMMENDS to preserve
xen.inc compatability with previous Xen releases.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
| |
Package a new library, libxentoolstore, introduced in Xen 4.10.
Also package the xen-diag tool in the xen-misc package.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade the Xen 4.9.x series recipe to latest 4.9.1
and apply patches for:
XSA-245 / CVE-2017-17046
XSA-246 / CVE-2017-17044
XSA-247 / CVE-2017-17045
XSA-248 / CVE-2017-17566
XSA-249 / CVE-2017-17563
XSA-250 / CVE-2017-17564
XSA-251 / CVE-2017-17565
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
| |
These files were removed since the followine patch
http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=976ce01e103fc03bb3336cdbc6c951a709e285fe
and are absent in xen 4.8.0 and further, which leads to
the following error during the Xen build process:
do_package: SYSTEMD_SERVICE_xen-xencommons value xenstored.socket does not exist
Signed-off-by: Yan Yankovskyi <yan.yankovskyi@globallogic.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the build when libc-locale-code is not a DISTRO_FEATURE.
xen's configure script checks for xgettext and will abort if not found.
xgettext is provided by the gettext-native package but not by
gettext-minimal-native. This means that "inherit gettext" is not
sufficient to satisfy Xen's build requirements: gettext-native is
required.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix Xen 4.9.0 build error on ARM architecture with gcc 7:
Import upstream Xen patch 88bfbf90e35f1213f9967a97dee0b2039f9998a4
Error was:
xc_dom_arm.c:229:31: error: 'domctl.u.address_size.size' may be used
uninitialized in this function [-Werror=maybe-uninitialized]
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Xen supports Kconfig for configuring optional build settings.
This commit adds the menuconfig task to simplify interactive use:
bitbake xen -c menuconfig
and also ensures that menuconfig works when using the devshell.
This change adds ncurses-native as a build dependency.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
| |
Only copy long-double-64.h to create long-double-32.h if it is not
already present.
Compile tested with both ARM 32-bit build and x86 64-bit build.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the xen build when MACHINE = "genericx86-64" by providing long-double-32.h
Inspired by a similar recent patch to meta/recipes-bsp/gnu-efi/gnu-efi_3.0.5.bb
since the contents of the header are minimal:
cp ${STAGING_INCDIR}/bits/long-double-64.h ${STAGING_INCDIR}/bits/long-double-32.h
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
| |
This configuration option sets a run-time search path rather
than the location of a build-time dependency.
Tested with Xen 4.9 on OpenXT.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
| |
We have 4.9 in the tree, so we no longer need the 4.8 variant.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
| |
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
| |
Due to error in naming this service will not be autoenabled in
systems with systemd init manager
Signed-off-by: Iurii Mykhalskyi <iurii.mykhalskyi@globallogic.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
| |
Provided some basic documentation on how to use the xen recipe properly.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
| |
The checksum of the license changed with the 4.8.0 release.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
| |
Don't build with asserts on. This is the default for release tarballs
but if someone bbappends patches in we should ensure they don't shoot
themselves.
Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
| |
The hypervisor is now configured with Kconfig like busybox and the
kernel. This makes Xen behave like the busybox recipe by taking a
defconfig if the user has one provided with a bbappend.
Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
| |
Allow Xen to build the EFI loader by including the required dependency.
Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
| |
getVar() now defaults to expanding by default.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
| |
Version bump to the latest release.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
| |
The Xen Project has changed the officially supported download URL to be
from xenproject.org. This changes to the officially supported URLs.
Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
| |
xenstore is no longer launched by xencommons directly. Instead its
launched indirectly via the launch-xenstore script to allow users to
switch between xenstore running in a stubdom or within dom0 easily.
Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- update packages and add additional ones for new binaries
(cpuid and livepatch)
- update xen_git to point to 4.7, make branch= fully variable,
and remove assumed .0 from release version
- add patch to fix compilation of xen with gcc 6 on arm/aarch64
Build tested x86_64 and aarch64 targets.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce@zedd.org>
|
|
|
|
|
| |
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
| |
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
| |
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
| |
When using non-release versions, the policy files may have a different name (xenpolicy-${PV}-unstable). Allow the policy file name to be configured by the xen recipe.
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
| |
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
| |
Addresses QA warnings with regards to rdepends for xen-qemu.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
| |
Drop xsm fix backport, no longer required.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When building for the aarch64 based machines the following QA Issue is
produced:
ERROR: QA Issue: xen: Files/directories were installed but not shipped in any package:
/usr/lib64
/usr/lib64/efi
/usr/lib64/efi/xen-4.6.efi
/usr/lib64/efi/xen-4.6.0.efi
/usr/lib64/efi/xen.efi
/usr/lib64/efi/xen-4.efi
Signed-off-by: Machon Gregory <mbgrego@tycho.nsa.gov>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Placing the stubs function between patch and configure steps
breaks because it has dependencies which are not guranteed
until the configure step.
Build error:
"fatal error: gnu/stubs-32.h: No such file or directory"
This patch simply moves the step between configure and compile
to resolve the dependency issue.
Reported-by: Machon Gregory <mbgrego@tycho.nsa.gov>
Signed-off-by: Chris Patterson <cjp256@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
|
|
|
|
|
| |
To avoid parse errors with oe-core master, we need to expliictly pass the
expansion parameter to getVar.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|