aboutsummaryrefslogtreecommitdiffstats
path: root/main/xen/APKBUILD
blob: d51fbb3d6245486fbd6def812896c773f1a9d838 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
# Contributor: William Pitcock <nenolod@dereferenced.org>
# Contributor: Roger Pau Monne <roger.pau@entel.upc.edu>
# Maintainer: William Pitcock <nenolod@dereferenced.org>
pkgname=xen
pkgver=4.11.0
pkgrel=0
pkgdesc="Xen hypervisor"
url="http://www.xen.org/"
arch="x86_64 armhf armv7 aarch64"
license="GPL"
depends="bash iproute2 logrotate"
depends_dev="libressl-dev python2-dev e2fsprogs-dev gettext zlib-dev ncurses-dev
	dev86 texinfo perl pciutils-dev glib-dev yajl-dev libnl3-dev
	spice-dev gnutls-dev curl-dev libaio-dev lzo-dev xz-dev util-linux-dev
	e2fsprogs-dev linux-headers argp-standalone perl-dev flex bison"
makedepends="$depends_dev autoconf automake libtool dnsmasq"
options="!strip"

# secfixes:
#   4.7.0-r0:
#     - CVE-2016-6258 XSA-182
#     - CVE-2016-6259 XSA-183
#     - CVE-2016-5403 XSA-184
#   4.7.0-r1:
#     - CVE-2016-7092 XSA-185
#     - CVE-2016-7093 XSA-186
#     - CVE-2016-7094 XSA-187
#   4.7.0-r5:
#     - CVE-2016-7777 XSA-190
#   4.7.1-r1:
#     - CVE-2016-9386 XSA-191
#     - CVE-2016-9382 XSA-192
#     - CVE-2016-9385 XSA-193
#     - CVE-2016-9384 XSA-194
#     - CVE-2016-9383 XSA-195
#     - CVE-2016-9377 XSA-196
#     - CVE-2016-9378 XSA-196
#     - CVE-2016-9381 XSA-197
#     - CVE-2016-9379 XSA-198
#     - CVE-2016-9380 XSA-198
#   4.7.1-r3:
#     - CVE-2016-9932 XSA-200
#     - CVE-2016-9815 XSA-201
#     - CVE-2016-9816 XSA-201
#     - CVE-2016-9817 XSA-201
#     - CVE-2016-9818 XSA-201
#   4.7.1-r4:
#     - CVE-2016-10024 XSA-202
#     - CVE-2016-10025 XSA-203
#     - CVE-2016-10013 XSA-204
#   4.7.1-r5:
#     - XSA-207
#     - CVE-2017-2615 XSA-208
#     - CVE-2017-2620 XSA-209
#     - XSA-210
#   4.7.2-r0:
#     - CVE-2016-9603 XSA-211
#     - CVE-2017-7228 XSA-212
#   4.8.1-r2:
#     - CVE-2017-8903 XSA-213
#     - CVE-2017-8904 XSA-214
#   4.9.0-r0:
#     - CVE-2017-10911 XSA-216
#     - CVE-2017-10912 XSA-217
#     - CVE-2017-10913 XSA-218
#     - CVE-2017-10914 XSA-218
#     - CVE-2017-10915 XSA-219
#     - CVE-2017-10916 XSA-220
#     - CVE-2017-10917 XSA-221
#     - CVE-2017-10918 XSA-222
#     - CVE-2017-10919 XSA-223
#     - CVE-2017-10920 XSA-224
#     - CVE-2017-10921 XSA-224
#     - CVE-2017-10922 XSA-224
#     - CVE-2017-10923 XSA-225
#   4.9.0-r1:
#     - CVE-2017-12135 XSA-226
#     - CVE-2017-12137 XSA-227
#     - CVE-2017-12136 XSA-228
#     - CVE-2017-12855 XSA-230
#   4.9.0-r2:
#     - XSA-235
#   4.9.0-r4:
#     - CVE-2017-14316 XSA-231
#     - CVE-2017-14318 XSA-232
#     - CVE-2017-14317 XSA-233
#     - CVE-2017-14319 XSA-234
#   4.9.0-r5:
#     - XSA-245
#   4.9.0-r6:
#     - CVE-2017-15590 XSA-237
#     - XSA-238
#     - CVE-2017-15589 XSA-239
#     - CVE-2017-15595 XSA-240
#     - CVE-2017-15588 XSA-241
#     - CVE-2017-15593 XSA-242
#     - CVE-2017-15592 XSA-243
#     - CVE-2017-15594 XSA-244
#   4.9.0-r7:
#     - CVE-2017-15597 XSA-236
#   4.9.1-r1:
#     - XSA-246
#     - XSA-247
#   4.10.0-r1:
#     - XSA-248
#     - XSA-249
#     - XSA-250
#     - XSA-251
#     - XSA-253
#     - XSA-254
#   4.10.0-r2:
#     - CVE-2018-7540 XSA-252
#     - CVE-2018-7541 XSA-255
#     - CVE-2018-7542 XSA-256
#   4.10.1-r0:
#     - CVE-2018-10472 XSA-258
#     - CVE-2018-10471 XSA-259
#   4.10-1-r1:
#     - CVE-2018-8897 XSA-260
#     - CVE-2018-10982 XSA-261
#     - CVE-2018-10981 XSA-262
#   4.11-0-r0:
#     - CVE-2018-3639   XSA-263
#     - CVE-2018-128911 XSA-264
#     - CVE-2018-12893  XSA-265
#     - CVE-2018-12892  XSA-266
#     - CVE-2018-3665   XSA-267

case "$CARCH" in
x86*)
	depends="$depends syslinux"
	makedepends="$makedepends iasl seabios-bin"
	;;
arm*)
	makedepends="$makedepends dtc-dev"
	;;
aarch64)
	makedepends="$makedepends dtc-dev iasl"
	;;
esac

install=""

#if [ "$CARCH" != "armhf" ]; then
#	subpackages="$pkgname-dbg"
#fi
subpackages="$subpackages $pkgname-doc $pkgname-dev $pkgname-libs
	$pkgname-hypervisor $pkgname-bridge"

# grep _VERSION= stubdom/configure
_ZLIB_VERSION="1.2.3"
_LIBPCI_VERSION="2.2.9"
_NEWLIB_VERSION="1.16.0"
_LWIP_VERSION="1.3.0"
_GRUB_VERSION="0.97"
_OCAML_VERSION="4.02.0"
_GMP_VERSION="4.3.2"
_POLARSSL_VERSION="1.1.4"
_TPMEMU_VERSION="0.7.4"

# grep ^IPXE_GIT_TAG tools/firmware/etherboot/Makefile
_IPXE_GIT_TAG=356f6c1b64d7a97746d1816cef8ca22bdd8d0b5d

source="https://downloads.xenproject.org/release/$pkgname/$pkgver/$pkgname-$pkgver.tar.gz
	https://xenbits.xen.org/xen-extfiles/gmp-$_GMP_VERSION.tar.bz2
	https://xenbits.xen.org/xen-extfiles/grub-$_GRUB_VERSION.tar.gz
	https://xenbits.xen.org/xen-extfiles/lwip-$_LWIP_VERSION.tar.gz
	https://xenbits.xen.org/xen-extfiles/newlib-$_NEWLIB_VERSION.tar.gz
	https://xenbits.xen.org/xen-extfiles/pciutils-$_LIBPCI_VERSION.tar.bz2
	https://xenbits.xen.org/xen-extfiles/polarssl-$_POLARSSL_VERSION-gpl.tgz
	https://xenbits.xen.org/xen-extfiles/tpm_emulator-$_TPMEMU_VERSION.tar.gz
	https://xenbits.xen.org/xen-extfiles/zlib-$_ZLIB_VERSION.tar.gz
	https://xenbits.xen.org/xen-extfiles/ipxe-git-$_IPXE_GIT_TAG.tar.gz

	qemu-xen_paths.patch

	hotplug-vif-vtrill.patch

	musl-hvmloader-fix-stdint.patch
	stdint_local.h
	elf_local.h

	xen-hotplug-lockfd.patch
	xen-fd-is-file.c

	xenstore_client_transaction_fix.patch

	xenqemu-xattr-size-max.patch

	hotplug-Linux-iscsi-block-handle-lun-1.patch

	xenstored.initd
	xenstored.confd
	xenconsoled.initd
	xenconsoled.confd
	xendomains.initd
	xendomains.confd
	xen-consoles.logrotate
	xenqemu.confd
	xenqemu.initd
	xendriverdomain.initd
	xen-pci.initd
	xen-pci.confd
	"

builddir="$srcdir"/$pkgname-$pkgver
_seabios=/usr/share/seabios/bios-256k.bin

# Override wrong arch detection from xen-$pkgver/Config.mk.
case "$CARCH" in
armhf) export XEN_TARGET_ARCH="arm32";;
aarch64) export XEN_TARGET_ARCH="arm64";;
esac

prepare() {
	local i _failed= _series=
	cd "$builddir"

	for i in $source; do
		case $i in
		*-etherboot-*)
			p=${i%%::*}
			p=${p##*/}
			msg "adding to ipxe: $p"
			cp "$srcdir"/$p tools/firmware/etherboot/patches/
			echo "$p" >> tools/firmware/etherboot/patches/series
			;;
		*.patch) msg $i; patch -s -N -p1 -i "$srcdir"/$i \
				|| _failed="$_failed $i"
			;;
		*/ipxe-git-*)
			ln -s "$srcdir"/${i##*/} \
				tools/firmware/etherboot/ipxe.tar.gz || return 1
			;;
		*/xen-extfiles/*)
			ln -s "$srcdir"/${i##*/} stubdom/ || return 1
			;;
		esac
	done
	if [ -n "$_failed" ]; then
		error "Patches failed:"
		for i in $_failed; do
			echo $i
		done
		return 1
	fi

	# install our stdint_local.h and elf_local.h
	install "$srcdir"/stdint_local.h "$srcdir"/elf_local.h \
		"$builddir"/tools/firmware/ || return 1
	ln -s ../firmware/stdint_local.h "$builddir"/tools/libxl/

	# remove all -Werror
	msg "Eradicating -Werror..."
	find . -name '*.mk' -o -name 'Make*' | xargs sed -i -e 's/-Werror//g' \
		|| return 1

	msg "Updating config.sub..."
	update_config_sub || return 1

	msg "Autoreconf..."
	autoreconf || return 1

	unset CFLAGS
	unset LDFLAGS
}

# Unset CFLAGS and LDFLAGS because the xen build system
# doesn't support them. Instead use .config in xen root
# folder if necessary.
munge_cflags() {
	msg "Munging CFLAGS..."

	unset CFLAGS
	unset LDFLAGS
	unset LANG
	unset LC_ALL

	case "$CARCH" in
	armhf) export CFLAGS="-mcpu=cortex-a15";;
	aarch64) export CFLAGS="-mcpu=cortex-a53";;
	esac
}

# These tasks are added as separate tasks to enable a packager
# to invoke specific tasks like building the hypervisor.  i.e.
#    $ abuild configure build_tools
configure() {
	cd "$builddir"

	msg "Running configure..."
	./configure --prefix=/usr \
		--build=$CBUILD \
		--host=$CHOST \
		--with-system-seabios=$_seabios \
		|| return 1
}

build_hypervisor() {
	munge_cflags

	msg "Building hypervisor..."
	make xen || return 1
}

build_tools() {
	munge_cflags

	msg "Building tools..."
	make tools || return 1
}

build_docs() {
	munge_cflags

	msg "Building documentation..."
	make docs
}

build_stubdom() {
	munge_cflags

	msg "Building stub domains..."
	make stubdom || return 1
}

build() {
	cd "$builddir"
	configure || return 1
	build_hypervisor || return 1
	build_tools || return 1
	build_docs || return 1
	case "$CARCH" in
	x86*) build_stubdom || return 1;;
	esac

	${CC:-gcc} -o xen-fd-is-file "$srcdir"/xen-fd-is-file.c
}

package() {
	cd "$builddir"

	unset CFLAGS
	unset LDFLAGS

	make -j1 DESTDIR="$pkgdir" install-xen install-tools install-docs \
		|| return 1
	case "$CARCH" in
	x86*) make -j1 DESTDIR="$pkgdir" install-stubdom || return 1;;
	esac

	# remove default xencommons
	rm -rf "$pkgdir"/etc/init.d/xencommons
	# remove default xendriverdomain
	rm -rf "$pkgdir"/etc/init.d/xendriverdomain

	for i in $source; do
		case $i in
		*.initd) install -Dm755 "$srcdir"/$i \
				"$pkgdir"/etc/init.d/${i%.*};;
		*.confd) install -Dm644 "$srcdir"/$i \
				"$pkgdir"/etc/conf.d/${i%.*};;
		esac
	done
	install -Dm644 "$srcdir"/xen-consoles.logrotate \
		"$pkgdir"/etc/xen/xen-consoles.logrotate

	install -m755 xen-fd-is-file "$pkgdir"/usr/lib/xen/bin/xen-fd-is-file

	# we need to exclude /usr/share when stripping
        msg "Stripping binaries"
	scanelf --recursive --nobanner --etype "ET_DYN,ET_EXEC" "$pkgdir"/usr/lib \
		"$pkgdir"/usr/bin \
		"$pkgdir"/usr/sbin \
                | sed -e 's:^ET_DYN ::' -e 's:^ET_EXEC ::' \
                | xargs strip
}

check() {
	cd "$builddir"
	make test
}

libs() {
	pkgdesc="Libraries for Xen tools"
	replaces="xen"
	depends=
	mkdir -p "$subpkgdir"/usr/lib
	mv "$pkgdir"/usr/lib/*.so.* \
		"$pkgdir"/usr/lib/fs \
		"$subpkgdir"/usr/lib/
}

hypervisor() {
	pkgdesc="Xen hypervisor"
	depends=
	mkdir -p "$subpkgdir"
	mv "$pkgdir"/boot "$subpkgdir"/
}

bridge() {
	depends="bridge-utils dnsmasq"
	pkgdesc="Bridge interface for XEN with dhcp"
	mkdir -p "$subpkgdir"/etc/conf.d \
		"$subpkgdir"/etc/init.d \
		"$subpkgdir"/etc/xen

	ln -s dnsmasq "$subpkgdir"/etc/init.d/dnsmasq.xenbr0
	cat ->>"$subpkgdir"/etc/conf.d/dnsmasq.xenbr0 <<EOF
		BRIDGE_ADDR="10.0.4.1"
		BRIDGE_NETMASK="255.255.255.0"
		BRIDGE_NETWORK="10.0.4.0/24"
		BRIDGE_DHCP_RANGE="10.0.4.2,10.0.4.254"
		BRIDGE_DHCP_MAX="253"
		BRIDGE_MAC="00:16:3f:00:00:00"
		DNSMASQ_CONFFILE="/etc/xen/dnsmasq.conf"
EOF
	cat ->>"$subpkgdir"/etc/xen/dnsmasq.conf <<EOF
		#dhcp-host=somehost,10.0.4.3
		#dhcp-host=otherhost,10.0.4.4
EOF

}

sha512sums="33d431c194f10d5ee767558404a1f80a66b3df019012b0bbd587fcbc9524e1bba7ea04269020ce891fe9d211d2f81c63bf78abedcdbe1595aee26251c803a50a  xen-4.11.0.tar.gz
2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf  gmp-4.3.2.tar.bz2
c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb  grub-0.97.tar.gz
1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d  lwip-1.3.0.tar.gz
40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3  newlib-1.16.0.tar.gz
2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5  pciutils-2.2.9.tar.bz2
88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad  polarssl-1.1.4-gpl.tgz
4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35  tpm_emulator-0.7.4.tar.gz
021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e  zlib-1.2.3.tar.gz
bbcce5e55040e7e29adebd4a5253a046016a6e2e7ff34cf801a42d147e1ec1af57e0297318249bfa9c5bbeac969fe4b37c18cbf845a80b2136d65387a4fc31da  ipxe-git-356f6c1b64d7a97746d1816cef8ca22bdd8d0b5d.tar.gz
1936ab39a1867957fa640eb81c4070214ca4856a2743ba7e49c0cd017917071a9680d015f002c57fa7b9600dbadd29dcea5887f50e6c133305df2669a7a933f3  qemu-xen_paths.patch
f095ea373f36381491ad36f0662fb4f53665031973721256b23166e596318581da7cbb0146d0beb2446729adfdb321e01468e377793f6563a67d68b8b0f7ffe3  hotplug-vif-vtrill.patch
77b08e9655e091b0352e4630d520b54c6ca6d659d1d38fbb4b3bfc9ff3e66db433a2e194ead32bb10ff962c382d800a670e82b7a62835b238e294b22808290ea  musl-hvmloader-fix-stdint.patch
8c3b57eab8641bcee3dbdc1937ea7874f77b9722a5a0aa3ddb8dff8cc0ced7e19703ef5d998621b3809bea7c16f3346cfa47610ec9ab014ad0de12651c94e5ff  stdint_local.h
853467a2d055c5bfbdc7bdca175a334241be44a7c5ac3c0a84a4bc5463b5c070b66d37e2a557429ef860727a6b7350683af758cc2494d85b6be4d883143a2c0d  elf_local.h
79cb1b6b81b17cb87a064dfe3548949dfb80f64f203cac11ef327102b7a25794549ce2d9c019ebf05f752214da8e05065e9219d069e679c0ae5bee3d090c685e  xen-hotplug-lockfd.patch
e76816c6ad0e91dc5f81947f266da3429b20e6d976c3e8c41202c6179532eec878a3f0913921ef3ac853c5dbad8082da3c9cd53b65081910516feb492577b7fc  xen-fd-is-file.c
69dfa60628ca838678862383528654ecbdf4269cbb5c9cfb6b84d976202a8dea85d711aa65a52fa1b477fb0b30604ca70cf1337192d6fb9388a08bbe7fe56077  xenstore_client_transaction_fix.patch
2094ea964fa610b2bf72fd2c7ede7e954899a75c0f5b08030cf1d74460fb759ade84866176e32f8fe29c921dfdc6dafd2b31e23ab9b0a3874d3dceeabdd1913b  xenqemu-xattr-size-max.patch
8c9cfc6afca325df1d8026e21ed03fa8cd2c7e1a21a56cc1968301c5ab634bfe849951899e75d328951d7a41273d1e49a2448edbadec0029ed410c43c0549812  hotplug-Linux-iscsi-block-handle-lun-1.patch
52c43beb2596d645934d0f909f2d21f7587b6898ed5e5e7046799a8ed6d58f7a09c5809e1634fa26152f3fd4f3e7cfa07da7076f01b4a20cc8f5df8b9cb77e50  xenstored.initd
093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0  xenstored.confd
3c86ed48fbee0af4051c65c4a3893f131fa66e47bf083caf20c9b6aa4b63fdead8832f84a58d0e27964bc49ec8397251b34e5be5c212c139f556916dc8da9523  xenconsoled.initd
30df69cc38d0bed26bc4d6e08a2b62cbdc654d5f663009a05cb3b83b3e3dc5e206362d3fd59abbb753ceb8d6d79eaa6e15d079bb8f4f35dc74667103faf4e85d  xenconsoled.confd
357ab672be7ac36e4b5b056504cd5094d9218c4ea148c2f739d628479ebf0d9c0eb201ea7d4f97f07d01e59b88cafd318de0e1250a5b3db41bd94aa3fb7c7e49  xendomains.initd
c7c0eecd5f454d903b57a710902da27dcb2c6b200f88d4eadfab33a447be6b41454109d482aab849a690446ea5c928e619dfc6cf95b7955f00a476f2317bb82b  xendomains.confd
ab2105c75cfe01768aecd5bcbb56269d63666e8a44e42b6a83aee87df6c84ee2f9ab249171c21b2e09f8fec2cae8318f6e87d160989398a3e7dd68db8d52c426  xen-consoles.logrotate
bdbe15c924071cdc2d0f23e53ba8e3f837d4b5369bfb218abd3405f9bef25d105269aaf0784baeb69c073a5786b8c82ffdfd414e86874da34293cfdc2c497928  xenqemu.confd
8475119369409efb8ad930c7735cd3d782191d18fab4fc322a51120c395162ff88e381182876036d1078afd30079dbf3f94a3568689e9b52ba235adead4b97d3  xenqemu.initd
85afec835a374aac3d307b3226eee7a08a676b1daac7e39bb7463d564ef72438dc27dd188a871cfd031e80c6992b756951f26bdca0d445e07eab6dba5245de46  xendriverdomain.initd
a46337bebce24337f00adbe08095b9f5128c1f440e2033329e5ace9fd817a31fb772d75c0ecc7cc06f34b1522ebf8b21874ee4d0881a0f29851b1c1235f29cf3  xen-pci.initd
2db5fa6edeeb028236460029b976a849f22b3a15d3929acc3911dc41f365b471c2b815eb111639bc230a69528b1571f3c2e9e8e1e81a6679e55387e39355aa99  xen-pci.confd"