# Contributor: Roger Pau Monne <roger.pau@entel.upc.edu>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=xen
pkgver=4.13.0
pkgrel=1
pkgdesc="Xen hypervisor"
url="https://www.xenproject.org/"
arch="x86_64 armhf aarch64" # enable armv7 when builds with gcc8
license="GPL-2.0-only"
depends="bash iproute2 logrotate"
depends_dev="openssl-dev python3-dev e2fsprogs-dev gettext zlib-dev ncurses-dev
dev86 texinfo perl pciutils-dev glib-dev yajl-dev libnl3-dev
spice-dev gnutls-dev curl-dev libaio-dev lzo-dev xz-dev util-linux-dev
e2fsprogs-dev linux-headers argp-standalone perl-dev flex bison"
makedepends="$depends_dev autoconf automake libtool dnsmasq"
options="!strip"
# secfixes:
# 4.7.0-r0:
# - CVE-2016-6258 XSA-182
# - CVE-2016-6259 XSA-183
# - CVE-2016-5403 XSA-184
# 4.7.0-r1:
# - CVE-2016-7092 XSA-185
# - CVE-2016-7093 XSA-186
# - CVE-2016-7094 XSA-187
# 4.7.0-r5:
# - CVE-2016-7777 XSA-190
# 4.7.1-r1:
# - CVE-2016-9386 XSA-191
# - CVE-2016-9382 XSA-192
# - CVE-2016-9385 XSA-193
# - CVE-2016-9384 XSA-194
# - CVE-2016-9383 XSA-195
# - CVE-2016-9377 XSA-196
# - CVE-2016-9378 XSA-196
# - CVE-2016-9381 XSA-197
# - CVE-2016-9379 XSA-198
# - CVE-2016-9380 XSA-198
# 4.7.1-r3:
# - CVE-2016-9932 XSA-200
# - CVE-2016-9815 XSA-201
# - CVE-2016-9816 XSA-201
# - CVE-2016-9817 XSA-201
# - CVE-2016-9818 XSA-201
# 4.7.1-r4:
# - CVE-2016-10024 XSA-202
# - CVE-2016-10025 XSA-203
# - CVE-2016-10013 XSA-204
# 4.7.1-r5:
# - XSA-207
# - CVE-2017-2615 XSA-208
# - CVE-2017-2620 XSA-209
# - XSA-210
# 4.7.2-r0:
# - CVE-2016-9603 XSA-211
# - CVE-2017-7228 XSA-212
# 4.8.1-r2:
# - CVE-2017-8903 XSA-213
# - CVE-2017-8904 XSA-214
# 4.9.0-r0:
# - CVE-2017-10911 XSA-216
# - CVE-2017-10912 XSA-217
# - CVE-2017-10913 XSA-218
# - CVE-2017-10914 XSA-218
# - CVE-2017-10915 XSA-219
# - CVE-2017-10916 XSA-220
# - CVE-2017-10917 XSA-221
# - CVE-2017-10918 XSA-222
# - CVE-2017-10919 XSA-223
# - CVE-2017-10920 XSA-224
# - CVE-2017-10921 XSA-224
# - CVE-2017-10922 XSA-224
# - CVE-2017-10923 XSA-225
# 4.9.0-r1:
# - CVE-2017-12135 XSA-226
# - CVE-2017-12137 XSA-227
# - CVE-2017-12136 XSA-228
# - CVE-2017-12855 XSA-230
# 4.9.0-r2:
# - XSA-235
# 4.9.0-r4:
# - CVE-2017-14316 XSA-231
# - CVE-2017-14318 XSA-232
# - CVE-2017-14317 XSA-233
# - CVE-2017-14319 XSA-234
# 4.9.0-r5:
# - XSA-245
# 4.9.0-r6:
# - CVE-2017-15590 XSA-237
# - XSA-238
# - CVE-2017-15589 XSA-239
# - CVE-2017-15595 XSA-240
# - CVE-2017-15588 XSA-241
# - CVE-2017-15593 XSA-242
# - CVE-2017-15592 XSA-243
# - CVE-2017-15594 XSA-244
# 4.9.0-r7:
# - CVE-2017-15597 XSA-236
# 4.9.1-r1:
# - XSA-246
# - XSA-247
# 4.10.0-r1:
# - XSA-248
# - XSA-249
# - XSA-250
# - XSA-251
# - XSA-253
# - XSA-254
# 4.10.0-r2:
# - CVE-2018-7540 XSA-252
# - CVE-2018-7541 XSA-255
# - CVE-2018-7542 XSA-256
# 4.10.1-r0:
# - CVE-2018-10472 XSA-258
# - CVE-2018-10471 XSA-259
# 4.10-1-r1:
# - CVE-2018-8897 XSA-260
# - CVE-2018-10982 XSA-261
# - CVE-2018-10981 XSA-262
# 4.11.0-r0:
# - CVE-2018-3639 XSA-263
# - CVE-2018-128911 XSA-264
# - CVE-2018-12893 XSA-265
# - CVE-2018-12892 XSA-266
# - CVE-2018-3665 XSA-267
# 4.11.1-r0:
# - CVE-2018-15469 XSA-268
# - CVE-2018-15468 XSA-269
# - CVE-2018-15470 XSA-272
# - CVE-2018-3620 XSA-273
# - CVE-2018-3646 XSA-273
# - CVE-2018-19961 XSA-275
# - CVE-2018-19962 XSA-275
# - CVE-2018-19963 XSA-276
# - CVE-2018-19964 XSA-277
# - CVE-2018-18883 XSA-278
# - CVE-2018-19965 XSA-279
# - CVE-2018-19966 XSA-280
# - CVE-2018-19967 XSA-282
# 4.12.0-r2:
# - CVE-2018-12126 XSA-297
# - CVE-2018-12127 XSA-297
# - CVE-2018-12130 XSA-297
# - CVE-2019-11091 XSA-297
# 4.12.1-r0:
# - CVE-????-????? XSA-295
# 4.13.0-r0:
# - CVE-2019-18425 XSA-298
# - CVE-2019-18421 XSA-299
# - CVE-2019-18423 XSA-301
# - CVE-2019-18424 XSA-302
# - CVE-2019-18422 XSA-303
# - CVE-2018-12207 XSA-304
# - CVE-2019-11135 XSA-305
# - CVE-2019-19579 XSA-306
# - CVE-2019-19582 XSA-307
# - CVE-2019-19583 XSA-308
# - CVE-2019-19578 XSA-309
# - CVE-2019-19580 XSA-310
# - CVE-2019-19577 XSA-311
case "$CARCH" in
x86*)
depends="$depends syslinux"
makedepends="$makedepends iasl seabios-bin"
;;
arm*)
makedepends="$makedepends dtc-dev"
;;
aarch64)
makedepends="$makedepends dtc-dev iasl"
;;
esac
install=""
#if [ "$CARCH" != "armhf" ]; then
# subpackages="$pkgname-dbg"
#fi
subpackages="$subpackages $pkgname-doc $pkgname-dev $pkgname-libs
$pkgname-hypervisor $pkgname-bridge"
# grep _VERSION= stubdom/configure
_ZLIB_VERSION="1.2.3"
_LIBPCI_VERSION="2.2.9"
_NEWLIB_VERSION="1.16.0"
_LWIP_VERSION="1.3.0"
_GRUB_VERSION="0.97"
_OCAML_VERSION="4.02.0"
_GMP_VERSION="4.3.2"
_POLARSSL_VERSION="1.1.4"
_TPMEMU_VERSION="0.7.4"
# grep ^IPXE_GIT_TAG tools/firmware/etherboot/Makefile
_IPXE_GIT_TAG=1dd56dbd11082fb622c2ed21cfaced4f47d798a6
source="https://downloads.xenproject.org/release/xen/$pkgver/$pkgname-$pkgver.tar.gz
https://xenbits.xen.org/xen-extfiles/gmp-$_GMP_VERSION.tar.bz2
https://xenbits.xen.org/xen-extfiles/grub-$_GRUB_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/lwip-$_LWIP_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/newlib-$_NEWLIB_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/pciutils-$_LIBPCI_VERSION.tar.bz2
https://xenbits.xen.org/xen-extfiles/polarssl-$_POLARSSL_VERSION-gpl.tgz
https://xenbits.xen.org/xen-extfiles/tpm_emulator-$_TPMEMU_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/zlib-$_ZLIB_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/ipxe-git-$_IPXE_GIT_TAG.tar.gz
mini-os-__divmoddi4.patch
qemu-xen_paths.patch
hotplug-vif-vtrill.patch
musl-hvmloader-fix-stdint.patch
stdint_local.h
elf_local.h
xen-hotplug-lockfd.patch
xen-fd-is-file.c
xenqemu-xattr-size-max.patch
hotplug-Linux-iscsi-block-handle-lun-1.patch
drop-test.py.patch
py3-compat.patch
xenstored.initd
xenstored.confd
xenconsoled.initd
xenconsoled.confd
xendomains.initd
xendomains.confd
xen-consoles.logrotate
xenqemu.confd
xenqemu.initd
xendriverdomain.initd
xen-pci.initd
xen-pci.confd
"
_seabios=/usr/share/seabios/bios-256k.bin
# Override wrong arch detection from xen-$pkgver/Config.mk.
case "$CARCH" in
armhf) export XEN_TARGET_ARCH="arm32";;
aarch64) export XEN_TARGET_ARCH="arm64";;
esac
prepare() {
local i _failed= _series=
for i in $source; do
case $i in
*-etherboot-*)
p=${i%%::*}
p=${p##*/}
msg "adding to ipxe: $p"
cp "$srcdir"/$p tools/firmware/etherboot/patches/
echo "$p" >> tools/firmware/etherboot/patches/series
;;
*.patch) msg $i; patch -s -N -p1 -i "$srcdir"/$i \
|| _failed="$_failed $i"
;;
*/ipxe-git-*)
ln -s "$srcdir"/${i##*/} \
tools/firmware/etherboot/ipxe.tar.gz
;;
*/xen-extfiles/*)
ln -s "$srcdir"/${i##*/} stubdom/
;;
esac
done
if [ -n "$_failed" ]; then
error "Patches failed:"
for i in $_failed; do
echo $i
done
return 1
fi
# install our stdint_local.h and elf_local.h
install "$srcdir"/stdint_local.h "$srcdir"/elf_local.h \
"$builddir"/tools/firmware/
ln -s ../firmware/stdint_local.h "$builddir"/tools/libxl/
# remove all -Werror
msg "Eradicating -Werror..."
find . -name '*.mk' -o -name 'Make*' | xargs sed -i -e 's/-Werror//g'
msg "Updating config.sub..."
update_config_sub
msg "Autoreconf..."
autoreconf
unset CFLAGS
unset LDFLAGS
}
# Unset CFLAGS and LDFLAGS because the xen build system
# doesn't support them. Instead use .config in xen root
# folder if necessary.
munge_cflags() {
msg "Munging CFLAGS..."
unset CFLAGS
unset LDFLAGS
unset LANG
unset LC_ALL
case "$CARCH" in
armhf) export CFLAGS="-mcpu=cortex-a15";;
aarch64) export CFLAGS="-mcpu=cortex-a53";;
esac
}
# These tasks are added as separate tasks to enable a packager
# to invoke specific tasks like building the hypervisor. i.e.
# $ abuild configure build_tools
configure() {
msg "Running configure..."
./configure --prefix=/usr \
--build=$CBUILD \
--host=$CHOST \
--with-system-seabios=$_seabios
}
build_hypervisor() {
munge_cflags
msg "Building hypervisor..."
make xen
}
build_tools() {
munge_cflags
msg "Building tools..."
make tools
}
build_docs() {
munge_cflags
msg "Building documentation..."
make docs
}
build_stubdom() {
munge_cflags
msg "Building stub domains..."
make stubdom
}
build() {
configure
build_hypervisor
build_tools
build_docs
case "$CARCH" in
x86*) build_stubdom;;
esac
${CC:-gcc} -o xen-fd-is-file "$srcdir"/xen-fd-is-file.c
}
package() {
unset CFLAGS
unset LDFLAGS
make -j1 DESTDIR="$pkgdir" install-xen install-tools install-docs
case "$CARCH" in
x86*) make -j1 DESTDIR="$pkgdir" install-stubdom;;
esac
# remove default xencommons
rm -rf "$pkgdir"/etc/init.d/xencommons
# remove default xendriverdomain
rm -rf "$pkgdir"/etc/init.d/xendriverdomain
for i in $source; do
case $i in
*.initd) install -Dm755 "$srcdir"/$i \
"$pkgdir"/etc/init.d/${i%.*};;
*.confd) install -Dm644 "$srcdir"/$i \
"$pkgdir"/etc/conf.d/${i%.*};;
esac
done
install -Dm644 "$srcdir"/xen-consoles.logrotate \
"$pkgdir"/etc/xen/xen-consoles.logrotate
install -m755 xen-fd-is-file "$pkgdir"/usr/lib/xen/bin/xen-fd-is-file
# we need to exclude /usr/share when stripping
msg "Stripping binaries"
scanelf --recursive --nobanner --etype "ET_DYN,ET_EXEC" "$pkgdir"/usr/lib \
"$pkgdir"/usr/bin \
"$pkgdir"/usr/sbin \
| sed -e 's:^ET_DYN ::' -e 's:^ET_EXEC ::' \
| xargs strip
}
check() {
make test
}
libs() {
pkgdesc="Libraries for Xen tools"
replaces="xen"
depends=
mkdir -p "$subpkgdir"/usr/lib
mv "$pkgdir"/usr/lib/*.so.* \
"$pkgdir"/usr/lib/xenfsimage \
"$subpkgdir"/usr/lib/
}
hypervisor() {
pkgdesc="Xen hypervisor"
depends=
mkdir -p "$subpkgdir"
mv "$pkgdir"/boot "$subpkgdir"/
}
bridge() {
depends="dnsmasq"
pkgdesc="Bridge interface for XEN with dhcp"
mkdir -p "$subpkgdir"/etc/conf.d \
"$subpkgdir"/etc/init.d \
"$subpkgdir"/etc/xen
ln -s dnsmasq "$subpkgdir"/etc/init.d/dnsmasq.xenbr0
cat ->>"$subpkgdir"/etc/conf.d/dnsmasq.xenbr0 <<EOF
BRIDGE_ADDR="10.0.4.1"
BRIDGE_NETMASK="255.255.255.0"
BRIDGE_NETWORK="10.0.4.0/24"
BRIDGE_DHCP_RANGE="10.0.4.2,10.0.4.254"
BRIDGE_DHCP_MAX="253"
BRIDGE_MAC="00:16:3f:00:00:00"
DNSMASQ_CONFFILE="/etc/xen/dnsmasq.conf"
EOF
cat ->>"$subpkgdir"/etc/xen/dnsmasq.conf <<EOF
#dhcp-host=somehost,10.0.4.3
#dhcp-host=otherhost,10.0.4.4
EOF
}
sha512sums="5b2ded9a2fe3f7ddf40eed1fa9858baead06233a01eb6099cc45b3c78b6c3823acfe7b731910733e87125dfa49d08c53f74c215fb1b320a92b44b87a0a105225 xen-4.13.0.tar.gz
2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf gmp-4.3.2.tar.bz2
c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb grub-0.97.tar.gz
1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d lwip-1.3.0.tar.gz
40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3 newlib-1.16.0.tar.gz
2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5 pciutils-2.2.9.tar.bz2
88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad polarssl-1.1.4-gpl.tgz
4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35 tpm_emulator-0.7.4.tar.gz
021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e zlib-1.2.3.tar.gz
8120696ba6d79fd9189664deed9b0489825d8d1edf7b931023b3979b7b9f82248e5b808c4517036cd40a85442ddf51a8dcad3b05d7f3c3cc6650654d53da4050 ipxe-git-1dd56dbd11082fb622c2ed21cfaced4f47d798a6.tar.gz
b9c754220187955d01ffbb6e030dace9d9aaae755db1765d07e407858c71a2cb0de04e0ab2099cd121d9e1bc1978af06c7dbd2fd805e06eca12ac5d527f15a52 mini-os-__divmoddi4.patch
1936ab39a1867957fa640eb81c4070214ca4856a2743ba7e49c0cd017917071a9680d015f002c57fa7b9600dbadd29dcea5887f50e6c133305df2669a7a933f3 qemu-xen_paths.patch
f095ea373f36381491ad36f0662fb4f53665031973721256b23166e596318581da7cbb0146d0beb2446729adfdb321e01468e377793f6563a67d68b8b0f7ffe3 hotplug-vif-vtrill.patch
77b08e9655e091b0352e4630d520b54c6ca6d659d1d38fbb4b3bfc9ff3e66db433a2e194ead32bb10ff962c382d800a670e82b7a62835b238e294b22808290ea musl-hvmloader-fix-stdint.patch
8c3b57eab8641bcee3dbdc1937ea7874f77b9722a5a0aa3ddb8dff8cc0ced7e19703ef5d998621b3809bea7c16f3346cfa47610ec9ab014ad0de12651c94e5ff stdint_local.h
853467a2d055c5bfbdc7bdca175a334241be44a7c5ac3c0a84a4bc5463b5c070b66d37e2a557429ef860727a6b7350683af758cc2494d85b6be4d883143a2c0d elf_local.h
79cb1b6b81b17cb87a064dfe3548949dfb80f64f203cac11ef327102b7a25794549ce2d9c019ebf05f752214da8e05065e9219d069e679c0ae5bee3d090c685e xen-hotplug-lockfd.patch
e76816c6ad0e91dc5f81947f266da3429b20e6d976c3e8c41202c6179532eec878a3f0913921ef3ac853c5dbad8082da3c9cd53b65081910516feb492577b7fc xen-fd-is-file.c
2094ea964fa610b2bf72fd2c7ede7e954899a75c0f5b08030cf1d74460fb759ade84866176e32f8fe29c921dfdc6dafd2b31e23ab9b0a3874d3dceeabdd1913b xenqemu-xattr-size-max.patch
8c9cfc6afca325df1d8026e21ed03fa8cd2c7e1a21a56cc1968301c5ab634bfe849951899e75d328951d7a41273d1e49a2448edbadec0029ed410c43c0549812 hotplug-Linux-iscsi-block-handle-lun-1.patch
61f66bab603778fb41bfe8e85320c15f2bf3e5d8583e077b56a93784dbdb9b2c7c5e55ce18f06b87501429086f8410d102d3ed5f2a77d54bcfa328bc07681f4d drop-test.py.patch
8cb12dbfc05a53898a97d47d71ab6b8a6f81c5e5579fd765b37303faea95c645cb8dedc05e3d064bdf070e93814e00bf8939767acc1127513375bab0fe2f4436 py3-compat.patch
52c43beb2596d645934d0f909f2d21f7587b6898ed5e5e7046799a8ed6d58f7a09c5809e1634fa26152f3fd4f3e7cfa07da7076f01b4a20cc8f5df8b9cb77e50 xenstored.initd
093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0 xenstored.confd
3c86ed48fbee0af4051c65c4a3893f131fa66e47bf083caf20c9b6aa4b63fdead8832f84a58d0e27964bc49ec8397251b34e5be5c212c139f556916dc8da9523 xenconsoled.initd
30df69cc38d0bed26bc4d6e08a2b62cbdc654d5f663009a05cb3b83b3e3dc5e206362d3fd59abbb753ceb8d6d79eaa6e15d079bb8f4f35dc74667103faf4e85d xenconsoled.confd
357ab672be7ac36e4b5b056504cd5094d9218c4ea148c2f739d628479ebf0d9c0eb201ea7d4f97f07d01e59b88cafd318de0e1250a5b3db41bd94aa3fb7c7e49 xendomains.initd
c7c0eecd5f454d903b57a710902da27dcb2c6b200f88d4eadfab33a447be6b41454109d482aab849a690446ea5c928e619dfc6cf95b7955f00a476f2317bb82b xendomains.confd
ab2105c75cfe01768aecd5bcbb56269d63666e8a44e42b6a83aee87df6c84ee2f9ab249171c21b2e09f8fec2cae8318f6e87d160989398a3e7dd68db8d52c426 xen-consoles.logrotate
bdbe15c924071cdc2d0f23e53ba8e3f837d4b5369bfb218abd3405f9bef25d105269aaf0784baeb69c073a5786b8c82ffdfd414e86874da34293cfdc2c497928 xenqemu.confd
8475119369409efb8ad930c7735cd3d782191d18fab4fc322a51120c395162ff88e381182876036d1078afd30079dbf3f94a3568689e9b52ba235adead4b97d3 xenqemu.initd
85afec835a374aac3d307b3226eee7a08a676b1daac7e39bb7463d564ef72438dc27dd188a871cfd031e80c6992b756951f26bdca0d445e07eab6dba5245de46 xendriverdomain.initd
a46337bebce24337f00adbe08095b9f5128c1f440e2033329e5ace9fd817a31fb772d75c0ecc7cc06f34b1522ebf8b21874ee4d0881a0f29851b1c1235f29cf3 xen-pci.initd
2db5fa6edeeb028236460029b976a849f22b3a15d3929acc3911dc41f365b471c2b815eb111639bc230a69528b1571f3c2e9e8e1e81a6679e55387e39355aa99 xen-pci.confd"