blob: d51fbb3d6245486fbd6def812896c773f1a9d838 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
|
# Contributor: William Pitcock <nenolod@dereferenced.org>
# Contributor: Roger Pau Monne <roger.pau@entel.upc.edu>
# Maintainer: William Pitcock <nenolod@dereferenced.org>
pkgname=xen
pkgver=4.11.0
pkgrel=0
pkgdesc="Xen hypervisor"
url="http://www.xen.org/"
arch="x86_64 armhf armv7 aarch64"
license="GPL"
depends="bash iproute2 logrotate"
depends_dev="libressl-dev python2-dev e2fsprogs-dev gettext zlib-dev ncurses-dev
dev86 texinfo perl pciutils-dev glib-dev yajl-dev libnl3-dev
spice-dev gnutls-dev curl-dev libaio-dev lzo-dev xz-dev util-linux-dev
e2fsprogs-dev linux-headers argp-standalone perl-dev flex bison"
makedepends="$depends_dev autoconf automake libtool dnsmasq"
options="!strip"
# secfixes:
# 4.7.0-r0:
# - CVE-2016-6258 XSA-182
# - CVE-2016-6259 XSA-183
# - CVE-2016-5403 XSA-184
# 4.7.0-r1:
# - CVE-2016-7092 XSA-185
# - CVE-2016-7093 XSA-186
# - CVE-2016-7094 XSA-187
# 4.7.0-r5:
# - CVE-2016-7777 XSA-190
# 4.7.1-r1:
# - CVE-2016-9386 XSA-191
# - CVE-2016-9382 XSA-192
# - CVE-2016-9385 XSA-193
# - CVE-2016-9384 XSA-194
# - CVE-2016-9383 XSA-195
# - CVE-2016-9377 XSA-196
# - CVE-2016-9378 XSA-196
# - CVE-2016-9381 XSA-197
# - CVE-2016-9379 XSA-198
# - CVE-2016-9380 XSA-198
# 4.7.1-r3:
# - CVE-2016-9932 XSA-200
# - CVE-2016-9815 XSA-201
# - CVE-2016-9816 XSA-201
# - CVE-2016-9817 XSA-201
# - CVE-2016-9818 XSA-201
# 4.7.1-r4:
# - CVE-2016-10024 XSA-202
# - CVE-2016-10025 XSA-203
# - CVE-2016-10013 XSA-204
# 4.7.1-r5:
# - XSA-207
# - CVE-2017-2615 XSA-208
# - CVE-2017-2620 XSA-209
# - XSA-210
# 4.7.2-r0:
# - CVE-2016-9603 XSA-211
# - CVE-2017-7228 XSA-212
# 4.8.1-r2:
# - CVE-2017-8903 XSA-213
# - CVE-2017-8904 XSA-214
# 4.9.0-r0:
# - CVE-2017-10911 XSA-216
# - CVE-2017-10912 XSA-217
# - CVE-2017-10913 XSA-218
# - CVE-2017-10914 XSA-218
# - CVE-2017-10915 XSA-219
# - CVE-2017-10916 XSA-220
# - CVE-2017-10917 XSA-221
# - CVE-2017-10918 XSA-222
# - CVE-2017-10919 XSA-223
# - CVE-2017-10920 XSA-224
# - CVE-2017-10921 XSA-224
# - CVE-2017-10922 XSA-224
# - CVE-2017-10923 XSA-225
# 4.9.0-r1:
# - CVE-2017-12135 XSA-226
# - CVE-2017-12137 XSA-227
# - CVE-2017-12136 XSA-228
# - CVE-2017-12855 XSA-230
# 4.9.0-r2:
# - XSA-235
# 4.9.0-r4:
# - CVE-2017-14316 XSA-231
# - CVE-2017-14318 XSA-232
# - CVE-2017-14317 XSA-233
# - CVE-2017-14319 XSA-234
# 4.9.0-r5:
# - XSA-245
# 4.9.0-r6:
# - CVE-2017-15590 XSA-237
# - XSA-238
# - CVE-2017-15589 XSA-239
# - CVE-2017-15595 XSA-240
# - CVE-2017-15588 XSA-241
# - CVE-2017-15593 XSA-242
# - CVE-2017-15592 XSA-243
# - CVE-2017-15594 XSA-244
# 4.9.0-r7:
# - CVE-2017-15597 XSA-236
# 4.9.1-r1:
# - XSA-246
# - XSA-247
# 4.10.0-r1:
# - XSA-248
# - XSA-249
# - XSA-250
# - XSA-251
# - XSA-253
# - XSA-254
# 4.10.0-r2:
# - CVE-2018-7540 XSA-252
# - CVE-2018-7541 XSA-255
# - CVE-2018-7542 XSA-256
# 4.10.1-r0:
# - CVE-2018-10472 XSA-258
# - CVE-2018-10471 XSA-259
# 4.10-1-r1:
# - CVE-2018-8897 XSA-260
# - CVE-2018-10982 XSA-261
# - CVE-2018-10981 XSA-262
# 4.11-0-r0:
# - CVE-2018-3639 XSA-263
# - CVE-2018-128911 XSA-264
# - CVE-2018-12893 XSA-265
# - CVE-2018-12892 XSA-266
# - CVE-2018-3665 XSA-267
case "$CARCH" in
x86*)
depends="$depends syslinux"
makedepends="$makedepends iasl seabios-bin"
;;
arm*)
makedepends="$makedepends dtc-dev"
;;
aarch64)
makedepends="$makedepends dtc-dev iasl"
;;
esac
install=""
#if [ "$CARCH" != "armhf" ]; then
# subpackages="$pkgname-dbg"
#fi
subpackages="$subpackages $pkgname-doc $pkgname-dev $pkgname-libs
$pkgname-hypervisor $pkgname-bridge"
# grep _VERSION= stubdom/configure
_ZLIB_VERSION="1.2.3"
_LIBPCI_VERSION="2.2.9"
_NEWLIB_VERSION="1.16.0"
_LWIP_VERSION="1.3.0"
_GRUB_VERSION="0.97"
_OCAML_VERSION="4.02.0"
_GMP_VERSION="4.3.2"
_POLARSSL_VERSION="1.1.4"
_TPMEMU_VERSION="0.7.4"
# grep ^IPXE_GIT_TAG tools/firmware/etherboot/Makefile
_IPXE_GIT_TAG=356f6c1b64d7a97746d1816cef8ca22bdd8d0b5d
source="https://downloads.xenproject.org/release/$pkgname/$pkgver/$pkgname-$pkgver.tar.gz
https://xenbits.xen.org/xen-extfiles/gmp-$_GMP_VERSION.tar.bz2
https://xenbits.xen.org/xen-extfiles/grub-$_GRUB_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/lwip-$_LWIP_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/newlib-$_NEWLIB_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/pciutils-$_LIBPCI_VERSION.tar.bz2
https://xenbits.xen.org/xen-extfiles/polarssl-$_POLARSSL_VERSION-gpl.tgz
https://xenbits.xen.org/xen-extfiles/tpm_emulator-$_TPMEMU_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/zlib-$_ZLIB_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/ipxe-git-$_IPXE_GIT_TAG.tar.gz
qemu-xen_paths.patch
hotplug-vif-vtrill.patch
musl-hvmloader-fix-stdint.patch
stdint_local.h
elf_local.h
xen-hotplug-lockfd.patch
xen-fd-is-file.c
xenstore_client_transaction_fix.patch
xenqemu-xattr-size-max.patch
hotplug-Linux-iscsi-block-handle-lun-1.patch
xenstored.initd
xenstored.confd
xenconsoled.initd
xenconsoled.confd
xendomains.initd
xendomains.confd
xen-consoles.logrotate
xenqemu.confd
xenqemu.initd
xendriverdomain.initd
xen-pci.initd
xen-pci.confd
"
builddir="$srcdir"/$pkgname-$pkgver
_seabios=/usr/share/seabios/bios-256k.bin
# Override wrong arch detection from xen-$pkgver/Config.mk.
case "$CARCH" in
armhf) export XEN_TARGET_ARCH="arm32";;
aarch64) export XEN_TARGET_ARCH="arm64";;
esac
prepare() {
local i _failed= _series=
cd "$builddir"
for i in $source; do
case $i in
*-etherboot-*)
p=${i%%::*}
p=${p##*/}
msg "adding to ipxe: $p"
cp "$srcdir"/$p tools/firmware/etherboot/patches/
echo "$p" >> tools/firmware/etherboot/patches/series
;;
*.patch) msg $i; patch -s -N -p1 -i "$srcdir"/$i \
|| _failed="$_failed $i"
;;
*/ipxe-git-*)
ln -s "$srcdir"/${i##*/} \
tools/firmware/etherboot/ipxe.tar.gz || return 1
;;
*/xen-extfiles/*)
ln -s "$srcdir"/${i##*/} stubdom/ || return 1
;;
esac
done
if [ -n "$_failed" ]; then
error "Patches failed:"
for i in $_failed; do
echo $i
done
return 1
fi
# install our stdint_local.h and elf_local.h
install "$srcdir"/stdint_local.h "$srcdir"/elf_local.h \
"$builddir"/tools/firmware/ || return 1
ln -s ../firmware/stdint_local.h "$builddir"/tools/libxl/
# remove all -Werror
msg "Eradicating -Werror..."
find . -name '*.mk' -o -name 'Make*' | xargs sed -i -e 's/-Werror//g' \
|| return 1
msg "Updating config.sub..."
update_config_sub || return 1
msg "Autoreconf..."
autoreconf || return 1
unset CFLAGS
unset LDFLAGS
}
# Unset CFLAGS and LDFLAGS because the xen build system
# doesn't support them. Instead use .config in xen root
# folder if necessary.
munge_cflags() {
msg "Munging CFLAGS..."
unset CFLAGS
unset LDFLAGS
unset LANG
unset LC_ALL
case "$CARCH" in
armhf) export CFLAGS="-mcpu=cortex-a15";;
aarch64) export CFLAGS="-mcpu=cortex-a53";;
esac
}
# These tasks are added as separate tasks to enable a packager
# to invoke specific tasks like building the hypervisor. i.e.
# $ abuild configure build_tools
configure() {
cd "$builddir"
msg "Running configure..."
./configure --prefix=/usr \
--build=$CBUILD \
--host=$CHOST \
--with-system-seabios=$_seabios \
|| return 1
}
build_hypervisor() {
munge_cflags
msg "Building hypervisor..."
make xen || return 1
}
build_tools() {
munge_cflags
msg "Building tools..."
make tools || return 1
}
build_docs() {
munge_cflags
msg "Building documentation..."
make docs
}
build_stubdom() {
munge_cflags
msg "Building stub domains..."
make stubdom || return 1
}
build() {
cd "$builddir"
configure || return 1
build_hypervisor || return 1
build_tools || return 1
build_docs || return 1
case "$CARCH" in
x86*) build_stubdom || return 1;;
esac
${CC:-gcc} -o xen-fd-is-file "$srcdir"/xen-fd-is-file.c
}
package() {
cd "$builddir"
unset CFLAGS
unset LDFLAGS
make -j1 DESTDIR="$pkgdir" install-xen install-tools install-docs \
|| return 1
case "$CARCH" in
x86*) make -j1 DESTDIR="$pkgdir" install-stubdom || return 1;;
esac
# remove default xencommons
rm -rf "$pkgdir"/etc/init.d/xencommons
# remove default xendriverdomain
rm -rf "$pkgdir"/etc/init.d/xendriverdomain
for i in $source; do
case $i in
*.initd) install -Dm755 "$srcdir"/$i \
"$pkgdir"/etc/init.d/${i%.*};;
*.confd) install -Dm644 "$srcdir"/$i \
"$pkgdir"/etc/conf.d/${i%.*};;
esac
done
install -Dm644 "$srcdir"/xen-consoles.logrotate \
"$pkgdir"/etc/xen/xen-consoles.logrotate
install -m755 xen-fd-is-file "$pkgdir"/usr/lib/xen/bin/xen-fd-is-file
# we need to exclude /usr/share when stripping
msg "Stripping binaries"
scanelf --recursive --nobanner --etype "ET_DYN,ET_EXEC" "$pkgdir"/usr/lib \
"$pkgdir"/usr/bin \
"$pkgdir"/usr/sbin \
| sed -e 's:^ET_DYN ::' -e 's:^ET_EXEC ::' \
| xargs strip
}
check() {
cd "$builddir"
make test
}
libs() {
pkgdesc="Libraries for Xen tools"
replaces="xen"
depends=
mkdir -p "$subpkgdir"/usr/lib
mv "$pkgdir"/usr/lib/*.so.* \
"$pkgdir"/usr/lib/fs \
"$subpkgdir"/usr/lib/
}
hypervisor() {
pkgdesc="Xen hypervisor"
depends=
mkdir -p "$subpkgdir"
mv "$pkgdir"/boot "$subpkgdir"/
}
bridge() {
depends="bridge-utils dnsmasq"
pkgdesc="Bridge interface for XEN with dhcp"
mkdir -p "$subpkgdir"/etc/conf.d \
"$subpkgdir"/etc/init.d \
"$subpkgdir"/etc/xen
ln -s dnsmasq "$subpkgdir"/etc/init.d/dnsmasq.xenbr0
cat ->>"$subpkgdir"/etc/conf.d/dnsmasq.xenbr0 <<EOF
BRIDGE_ADDR="10.0.4.1"
BRIDGE_NETMASK="255.255.255.0"
BRIDGE_NETWORK="10.0.4.0/24"
BRIDGE_DHCP_RANGE="10.0.4.2,10.0.4.254"
BRIDGE_DHCP_MAX="253"
BRIDGE_MAC="00:16:3f:00:00:00"
DNSMASQ_CONFFILE="/etc/xen/dnsmasq.conf"
EOF
cat ->>"$subpkgdir"/etc/xen/dnsmasq.conf <<EOF
#dhcp-host=somehost,10.0.4.3
#dhcp-host=otherhost,10.0.4.4
EOF
}
sha512sums="33d431c194f10d5ee767558404a1f80a66b3df019012b0bbd587fcbc9524e1bba7ea04269020ce891fe9d211d2f81c63bf78abedcdbe1595aee26251c803a50a xen-4.11.0.tar.gz
2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf gmp-4.3.2.tar.bz2
c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb grub-0.97.tar.gz
1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d lwip-1.3.0.tar.gz
40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3 newlib-1.16.0.tar.gz
2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5 pciutils-2.2.9.tar.bz2
88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad polarssl-1.1.4-gpl.tgz
4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35 tpm_emulator-0.7.4.tar.gz
021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e zlib-1.2.3.tar.gz
bbcce5e55040e7e29adebd4a5253a046016a6e2e7ff34cf801a42d147e1ec1af57e0297318249bfa9c5bbeac969fe4b37c18cbf845a80b2136d65387a4fc31da ipxe-git-356f6c1b64d7a97746d1816cef8ca22bdd8d0b5d.tar.gz
1936ab39a1867957fa640eb81c4070214ca4856a2743ba7e49c0cd017917071a9680d015f002c57fa7b9600dbadd29dcea5887f50e6c133305df2669a7a933f3 qemu-xen_paths.patch
f095ea373f36381491ad36f0662fb4f53665031973721256b23166e596318581da7cbb0146d0beb2446729adfdb321e01468e377793f6563a67d68b8b0f7ffe3 hotplug-vif-vtrill.patch
77b08e9655e091b0352e4630d520b54c6ca6d659d1d38fbb4b3bfc9ff3e66db433a2e194ead32bb10ff962c382d800a670e82b7a62835b238e294b22808290ea musl-hvmloader-fix-stdint.patch
8c3b57eab8641bcee3dbdc1937ea7874f77b9722a5a0aa3ddb8dff8cc0ced7e19703ef5d998621b3809bea7c16f3346cfa47610ec9ab014ad0de12651c94e5ff stdint_local.h
853467a2d055c5bfbdc7bdca175a334241be44a7c5ac3c0a84a4bc5463b5c070b66d37e2a557429ef860727a6b7350683af758cc2494d85b6be4d883143a2c0d elf_local.h
79cb1b6b81b17cb87a064dfe3548949dfb80f64f203cac11ef327102b7a25794549ce2d9c019ebf05f752214da8e05065e9219d069e679c0ae5bee3d090c685e xen-hotplug-lockfd.patch
e76816c6ad0e91dc5f81947f266da3429b20e6d976c3e8c41202c6179532eec878a3f0913921ef3ac853c5dbad8082da3c9cd53b65081910516feb492577b7fc xen-fd-is-file.c
69dfa60628ca838678862383528654ecbdf4269cbb5c9cfb6b84d976202a8dea85d711aa65a52fa1b477fb0b30604ca70cf1337192d6fb9388a08bbe7fe56077 xenstore_client_transaction_fix.patch
2094ea964fa610b2bf72fd2c7ede7e954899a75c0f5b08030cf1d74460fb759ade84866176e32f8fe29c921dfdc6dafd2b31e23ab9b0a3874d3dceeabdd1913b xenqemu-xattr-size-max.patch
8c9cfc6afca325df1d8026e21ed03fa8cd2c7e1a21a56cc1968301c5ab634bfe849951899e75d328951d7a41273d1e49a2448edbadec0029ed410c43c0549812 hotplug-Linux-iscsi-block-handle-lun-1.patch
52c43beb2596d645934d0f909f2d21f7587b6898ed5e5e7046799a8ed6d58f7a09c5809e1634fa26152f3fd4f3e7cfa07da7076f01b4a20cc8f5df8b9cb77e50 xenstored.initd
093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0 xenstored.confd
3c86ed48fbee0af4051c65c4a3893f131fa66e47bf083caf20c9b6aa4b63fdead8832f84a58d0e27964bc49ec8397251b34e5be5c212c139f556916dc8da9523 xenconsoled.initd
30df69cc38d0bed26bc4d6e08a2b62cbdc654d5f663009a05cb3b83b3e3dc5e206362d3fd59abbb753ceb8d6d79eaa6e15d079bb8f4f35dc74667103faf4e85d xenconsoled.confd
357ab672be7ac36e4b5b056504cd5094d9218c4ea148c2f739d628479ebf0d9c0eb201ea7d4f97f07d01e59b88cafd318de0e1250a5b3db41bd94aa3fb7c7e49 xendomains.initd
c7c0eecd5f454d903b57a710902da27dcb2c6b200f88d4eadfab33a447be6b41454109d482aab849a690446ea5c928e619dfc6cf95b7955f00a476f2317bb82b xendomains.confd
ab2105c75cfe01768aecd5bcbb56269d63666e8a44e42b6a83aee87df6c84ee2f9ab249171c21b2e09f8fec2cae8318f6e87d160989398a3e7dd68db8d52c426 xen-consoles.logrotate
bdbe15c924071cdc2d0f23e53ba8e3f837d4b5369bfb218abd3405f9bef25d105269aaf0784baeb69c073a5786b8c82ffdfd414e86874da34293cfdc2c497928 xenqemu.confd
8475119369409efb8ad930c7735cd3d782191d18fab4fc322a51120c395162ff88e381182876036d1078afd30079dbf3f94a3568689e9b52ba235adead4b97d3 xenqemu.initd
85afec835a374aac3d307b3226eee7a08a676b1daac7e39bb7463d564ef72438dc27dd188a871cfd031e80c6992b756951f26bdca0d445e07eab6dba5245de46 xendriverdomain.initd
a46337bebce24337f00adbe08095b9f5128c1f440e2033329e5ace9fd817a31fb772d75c0ecc7cc06f34b1522ebf8b21874ee4d0881a0f29851b1c1235f29cf3 xen-pci.initd
2db5fa6edeeb028236460029b976a849f22b3a15d3929acc3911dc41f365b471c2b815eb111639bc230a69528b1571f3c2e9e8e1e81a6679e55387e39355aa99 xen-pci.confd"
|