# Contributor: William Pitcock # Contributor: Roger Pau Monne # Maintainer: William Pitcock pkgname=xen pkgver=4.8.1 pkgrel=2 pkgdesc="Xen hypervisor" url="http://www.xen.org/" arch="x86_64 armhf" license="GPL" depends="bash iproute2 logrotate" depends_dev="libressl-dev python2-dev e2fsprogs-dev gettext zlib-dev ncurses-dev dev86 texinfo perl pciutils-dev glib-dev yajl-dev libnl3-dev spice-dev gnutls-dev curl-dev libaio-dev lzo-dev xz-dev util-linux-dev e2fsprogs-dev linux-headers argp-standalone perl-dev" makedepends="$depends_dev autoconf automake libtool " options="!strip" # secfixes: # 4.7.0-r0: # - CVE-2016-6258 XSA-182 # - CVE-2016-6259 XSA-183 # - CVE-2016-5403 XSA-184 # 4.7.0-r1: # - CVE-2016-7092 XSA-185 # - CVE-2016-7093 XSA-186 # - CVE-2016-7094 XSA-187 # 4.7.0-r5: # - CVE-2016-7777 XSA-190 # 4.7.1-r1: # - CVE-2016-9386 XSA-191 # - CVE-2016-9382 XSA-192 # - CVE-2016-9385 XSA-193 # - CVE-2016-9384 XSA-194 # - CVE-2016-9383 XSA-195 # - CVE-2016-9377 XSA-196 # - CVE-2016-9378 XSA-196 # - CVE-2016-9381 XSA-197 # - CVE-2016-9379 XSA-198 # - CVE-2016-9380 XSA-198 # 4.7.1-r3: # - CVE-2016-9932 XSA-200 # - CVE-2016-9815 XSA-201 # - CVE-2016-9816 XSA-201 # - CVE-2016-9817 XSA-201 # - CVE-2016-9818 XSA-201 # 4.7.1-r4: # - CVE-2016-10024 XSA-202 # - CVE-2016-10025 XSA-203 # - CVE-2016-10013 XSA-204 # 4.7.1-r5: # - XSA-207 # - CVE-2017-2615 XSA-208 # - CVE-2017-2620 XSA-209 # - XSA-210 # 4.7.2-r0: # - CVE-2016-9603 XSA-211 # - CVE-2017-7228 XSA-212 # 4.8.1-r2: # - CVE-2017-8903 XSA-213 # - CVE-2017-8904 XSA-214 case "$CARCH" in x86*) depends="$depends syslinux" makedepends="$makedepends iasl seabios-bin" ;; arm*) makedepends="$makedepends dtc-dev" ;; esac install="" #if [ "$CARCH" != "armhf" ]; then # subpackages="$pkgname-dbg" #fi subpackages="$subpackages $pkgname-doc $pkgname-dev $pkgname-libs $pkgname-hypervisor" # grep _VERSION= stubdom/configure _ZLIB_VERSION="1.2.3" _LIBPCI_VERSION="2.2.9" _NEWLIB_VERSION="1.16.0" _LWIP_VERSION="1.3.0" _GRUB_VERSION="0.97" _OCAML_VERSION="3.11.0" _GMP_VERSION="4.3.2" _POLARSSL_VERSION="1.1.4" _TPMEMU_VERSION="0.7.4" # grep ^IPXE_GIT_TAG tools/firmware/etherboot/Makefile _IPXE_GIT_TAG=827dd1bfee67daa683935ce65316f7e0f057fe1c source="http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.gz http://xenbits.xen.org/xen-extfiles/gmp-$_GMP_VERSION.tar.bz2 http://xenbits.xen.org/xen-extfiles/grub-$_GRUB_VERSION.tar.gz http://xenbits.xen.org/xen-extfiles/lwip-$_LWIP_VERSION.tar.gz http://xenbits.xen.org/xen-extfiles/newlib-$_NEWLIB_VERSION.tar.gz http://xenbits.xen.org/xen-extfiles/pciutils-$_LIBPCI_VERSION.tar.bz2 http://xenbits.xen.org/xen-extfiles/polarssl-$_POLARSSL_VERSION-gpl.tgz http://xenbits.xen.org/xen-extfiles/tpm_emulator-$_TPMEMU_VERSION.tar.gz http://xenbits.xen.org/xen-extfiles/zlib-$_ZLIB_VERSION.tar.gz http://xenbits.xen.org/xen-extfiles/ipxe-git-$_IPXE_GIT_TAG.tar.gz xsa213-4.8.patch xsa214.patch qemu-coroutine-gthread.patch qemu-xen_paths.patch hotplug-vif-vtrill.patch rombios-no-pie.patch musl-support.patch musl-hvmloader-fix-stdint.patch stdint_local.h elf_local.h xen-hotplug-lockfd.patch xen-fd-is-file.c xenstore_client_transaction_fix.patch xenqemu-configure-ifunc.patch xenstored.initd xenstored.confd xenconsoled.initd xenconsoled.confd xendomains.initd xendomains.confd xen-consoles.logrotate xenqemu.confd xenqemu.initd " builddir="$srcdir"/$pkgname-$pkgver _seabios=/usr/share/seabios/bios-256k.bin # Override wrong arch detection from xen-$pkgver/Config.mk. case "$CARCH" in armhf) export XEN_TARGET_ARCH="arm32";; esac prepare() { local i _failed= _series= cd "$builddir" for i in $source; do case $i in *-etherboot-*) p=${i%%::*} p=${p##*/} msg "adding to ipxe: $p" cp "$srcdir"/$p tools/firmware/etherboot/patches/ echo "$p" >> tools/firmware/etherboot/patches/series ;; *.patch) msg $i; patch -s -N -p1 -i "$srcdir"/$i \ || _failed="$_failed $i" ;; */ipxe-git-*) ln -s "$srcdir"/${i##*/} \ tools/firmware/etherboot/ipxe.tar.gz || return 1 ;; */xen-extfiles/*) ln -s "$srcdir"/${i##*/} stubdom/ || return 1 ;; esac done if [ -n "$_failed" ]; then error "Patches failed:" for i in $_failed; do echo $i done return 1 fi # install our stdint_local.h and elf_local.h install "$srcdir"/stdint_local.h "$srcdir"/elf_local.h \ "$builddir"/tools/firmware/ || return 1 ln -s ../firmware/stdint_local.h "$builddir"/tools/libxl/ # remove all -Werror msg "Eradicating -Werror..." find . -name '*.mk' -o -name 'Make*' | xargs sed -i -e 's/-Werror//g' \ || return 1 msg "Updating config.sub..." update_config_sub || return 1 msg "Autoreconf..." autoreconf || return 1 unset CFLAGS unset LDFLAGS } # Unset CFLAGS and LDFLAGS because the xen build system # doesn't support them. Instead use .config in xen root # folder if necessary. munge_cflags() { msg "Munging CFLAGS..." unset CFLAGS unset LDFLAGS unset LANG unset LC_ALL case "$CARCH" in armhf) export CFLAGS="-mcpu=cortex-a15";; esac } # These tasks are added as separate tasks to enable a packager # to invoke specific tasks like building the hypervisor. i.e. # $ abuild configure build_tools configure() { cd "$builddir" msg "Running configure..." ./configure --prefix=/usr \ --build=$CBUILD \ --host=$CHOST \ --with-system-seabios=$_seabios \ || return 1 } build_hypervisor() { munge_cflags msg "Building hypervisor..." make xen || return 1 } build_tools() { munge_cflags msg "Building tools..." make tools || return 1 } build_docs() { munge_cflags msg "Building documentation..." make docs || return 1 } build_stubdom() { munge_cflags msg "Building stub domains..." make stubdom || return 1 } build() { cd "$builddir" configure || return 1 build_hypervisor || return 1 build_tools || return 1 build_docs || return 1 case "$CARCH" in x86*) build_stubdom || return 1;; esac ${CC:-gcc} -o xen-fd-is-file "$srcdir"/xen-fd-is-file.c } package() { cd "$builddir" unset CFLAGS unset LDFLAGS make -j1 DESTDIR="$pkgdir" install-xen install-tools install-docs \ || return 1 case "$CARCH" in x86*) make -j1 DESTDIR="$pkgdir" install-stubdom || return 1;; esac # remove default xencommons rm -rf "$pkgdir"/etc/init.d/xencommons for i in $source; do case $i in *.initd) install -Dm755 "$srcdir"/$i \ "$pkgdir"/etc/init.d/${i%.*};; *.confd) install -Dm644 "$srcdir"/$i \ "$pkgdir"/etc/conf.d/${i%.*};; esac done install -Dm644 "$srcdir"/xen-consoles.logrotate \ "$pkgdir"/etc/xen/xen-consoles.logrotate install -m755 xen-fd-is-file "$pkgdir"/usr/lib/xen/bin/xen-fd-is-file # we need to exclude /usr/share when stripping msg "Stripping binaries" scanelf --recursive --nobanner --etype "ET_DYN,ET_EXEC" "$pkgdir"/usr/lib \ "$pkgdir"/usr/bin \ "$pkgdir"/usr/sbin \ | sed -e 's:^ET_DYN ::' -e 's:^ET_EXEC ::' \ | xargs strip } libs() { pkgdesc="Libraries for Xen tools" replaces="xen" depends= mkdir -p "$subpkgdir"/usr/lib mv "$pkgdir"/usr/lib/*.so.* \ "$pkgdir"/usr/lib/fs \ "$subpkgdir"/usr/lib/ } hypervisor() { pkgdesc="Xen hypervisor" depends= mkdir -p "$subpkgdir" mv "$pkgdir"/boot "$subpkgdir"/ } sha512sums="9f535b4bb57d285dfb92c974d55513505cf485b2d7218fe8f6ed62768e2cee7f225b08adf6706590b2c0a04feca16e10915297c33b98e1b110f8ea7035f46c15 xen-4.8.1.tar.gz 2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf gmp-4.3.2.tar.bz2 c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb grub-0.97.tar.gz 1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d lwip-1.3.0.tar.gz 40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3 newlib-1.16.0.tar.gz 2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5 pciutils-2.2.9.tar.bz2 88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad polarssl-1.1.4-gpl.tgz 4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35 tpm_emulator-0.7.4.tar.gz 021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e zlib-1.2.3.tar.gz 82ba65e1c676d32b29c71e6395c9506cab952c8f8b03f692e2b50133be8f0c0146d0f22c223262d81a4df579986fde5abc6507869f4965be4846297ef7b4b890 ipxe-git-827dd1bfee67daa683935ce65316f7e0f057fe1c.tar.gz a3d0884cb2514c2b59a2715464600618cc41de0c59e0949e37d9544b1790dc43a6580b0d2bb2c7fcc15a518d9899660728b1d7ed961b74b37cabd99f7751c4f2 xsa213-4.8.patch ea12702e97b9417ea6c4120dbc7cf9c5e2b89f82b41cfd389069d3238891749474a5d3925d2dc571a7cc2aaf5e88af03ccc9af60046eaa39425b5af05f62fba0 xsa214.patch c3c46f232f0bd9f767b232af7e8ce910a6166b126bd5427bb8dc325aeb2c634b956de3fc225cab5af72649070c8205cc8e1cab7689fc266c204f525086f1a562 qemu-coroutine-gthread.patch 1936ab39a1867957fa640eb81c4070214ca4856a2743ba7e49c0cd017917071a9680d015f002c57fa7b9600dbadd29dcea5887f50e6c133305df2669a7a933f3 qemu-xen_paths.patch f095ea373f36381491ad36f0662fb4f53665031973721256b23166e596318581da7cbb0146d0beb2446729adfdb321e01468e377793f6563a67d68b8b0f7ffe3 hotplug-vif-vtrill.patch 5514d7697c87f7d54d64723d44446b9bd84f6c984e763bd21d4eeaf502bf0c5b765f7b2180f8ca496b3baf97e7efd600b1cc1fdd1284b6ecbffe9846190ca069 rombios-no-pie.patch 15d8bfd94ef81b90bfa7480d482d7ff6a5a9dfe6769b3dd3e1d656a95523521e89b9e99f40f3edb457170df8bb5f921d1f720d566a70895882f8197ae0f3708d musl-support.patch 77b08e9655e091b0352e4630d520b54c6ca6d659d1d38fbb4b3bfc9ff3e66db433a2e194ead32bb10ff962c382d800a670e82b7a62835b238e294b22808290ea musl-hvmloader-fix-stdint.patch 8c3b57eab8641bcee3dbdc1937ea7874f77b9722a5a0aa3ddb8dff8cc0ced7e19703ef5d998621b3809bea7c16f3346cfa47610ec9ab014ad0de12651c94e5ff stdint_local.h 853467a2d055c5bfbdc7bdca175a334241be44a7c5ac3c0a84a4bc5463b5c070b66d37e2a557429ef860727a6b7350683af758cc2494d85b6be4d883143a2c0d elf_local.h 79cb1b6b81b17cb87a064dfe3548949dfb80f64f203cac11ef327102b7a25794549ce2d9c019ebf05f752214da8e05065e9219d069e679c0ae5bee3d090c685e xen-hotplug-lockfd.patch e76816c6ad0e91dc5f81947f266da3429b20e6d976c3e8c41202c6179532eec878a3f0913921ef3ac853c5dbad8082da3c9cd53b65081910516feb492577b7fc xen-fd-is-file.c 69dfa60628ca838678862383528654ecbdf4269cbb5c9cfb6b84d976202a8dea85d711aa65a52fa1b477fb0b30604ca70cf1337192d6fb9388a08bbe7fe56077 xenstore_client_transaction_fix.patch e0dd7069968d51574d6e5603d5738494b112bfda085bc75f10102658be3b2901d8d253c52927c707668e1cdb62d12c101213e42cd72d9b307fa83d1355a7526a xenqemu-configure-ifunc.patch 52c43beb2596d645934d0f909f2d21f7587b6898ed5e5e7046799a8ed6d58f7a09c5809e1634fa26152f3fd4f3e7cfa07da7076f01b4a20cc8f5df8b9cb77e50 xenstored.initd 093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0 xenstored.confd 3c86ed48fbee0af4051c65c4a3893f131fa66e47bf083caf20c9b6aa4b63fdead8832f84a58d0e27964bc49ec8397251b34e5be5c212c139f556916dc8da9523 xenconsoled.initd 30df69cc38d0bed26bc4d6e08a2b62cbdc654d5f663009a05cb3b83b3e3dc5e206362d3fd59abbb753ceb8d6d79eaa6e15d079bb8f4f35dc74667103faf4e85d xenconsoled.confd b1037fdf2fe477e153f7e9408e34943a8e8ca4e5518e6b0513137f95f3abbcbb20acb1de37c875825a1d4a30b2506290ec76b8c9fb183db6b4b0e1cffe329ca5 xendomains.initd a3dddcb841a22305cfe1780c4ef6cf1ee67227ca9fe6ca0d24a7cc8be2cff9e5f3fbd75c2faf85e5ce6dc3b73631879ce10e19b02afb4611c72db183e116123a xendomains.confd ab2105c75cfe01768aecd5bcbb56269d63666e8a44e42b6a83aee87df6c84ee2f9ab249171c21b2e09f8fec2cae8318f6e87d160989398a3e7dd68db8d52c426 xen-consoles.logrotate bdbe15c924071cdc2d0f23e53ba8e3f837d4b5369bfb218abd3405f9bef25d105269aaf0784baeb69c073a5786b8c82ffdfd414e86874da34293cfdc2c497928 xenqemu.confd 8475119369409efb8ad930c7735cd3d782191d18fab4fc322a51120c395162ff88e381182876036d1078afd30079dbf3f94a3568689e9b52ba235adead4b97d3 xenqemu.initd"