Re: 23.10.1 amd64 l4linux doesn't build

2024-04-11 Thread Adam Lackorzynski 
Hi Richard,

which Linux variant are you doing this on, out of curiosity? This is
typically assembled on stable Debian, so it's good to know the
difference.

On another note, regarding virtualization, please focus on uvmm instead
of L4Linux. L4Linux is pure paravirtualization while on today's systems
we obviosly want to exploit the CPUs virtualization support capabilities
which uvmm does nicely.


Best regards, Adam

On Thu Apr 11, 2024 at 14:47:55 +, Richard Clark wrote:
> Hi!
> 
> I'm doing microkernel evaluations for a US gov't contract to find a nice 
> shiny new replacement for
> the dismal little l4 microkernel they've been using and failing with... 
> Fiasco/L4/L4linux seems to
> be a wonderfully full-featured software platform that easily fits the bill. 
> Separation/Capability
> microkernel, fully developed user space, l4-native linux, and even a vmm that 
> runs a sandboxed linux.
> 
> Latest build with snapshot 23.10.1 and l4linux 23.10.1 seems the amd64 
> l4linux is broken with
> issues in libelf.h, gelf.h, and elf.h.  32bit build seems to build ok.
> 
> Still trying to get something up and running. I'll try 32-bit with qemu for 
> now. I do need 64-bit to
> compile and run, so I would appreciate any info on how to fix the build 
> issues.

___
l4-hackers mailing list -- l4-hackers@os.inf.tu-dresden.de
To unsubscribe send an email to l4-hackers-le...@os.inf.tu-dresden.de

Re: 23.10.1 amd64 l4linux doesn't build

2024-04-11 Thread Richard Clark 
Adam,

Thank you for the response!

I'm building on a fresh install of linux mint cinnamon.
That should be irrelevant as the build should be using its own include files, 
not that of the host.

Yes, everyone and their sister has a virtual machine nowadays. These are of 
limited use, however.
There are instances where the user-space runtime directly on top of the l4 
kernel (native l4 app) is extremely useful.
There are also instances where it is helpful to have a full unikernel to run 
paravirtualized directly on top of the l4 kernel.
And of course, completely untrusted code which is expected to be attacked and 
owned gets
sandboxed into its own virtual space. I have use for all three cases.

I'm (was?) assuming that running a multicore AMD64 linux in a vm is functional, 
and am exploring the
other two options. I wanted to check the paravirtualzed version first since 
there seems to be some
instructions for it. It comes packaged alongside the snapshots.


Here is about where it seems to go astray:

===
  For quick build instructions, please visit:
http://wiki.tudos.org/Quickstart
http://l4linux.org/build.shtml
===
  DESCEND objtool
:1:10: fatal error: libelf.h: No such file or directory
compilation terminated.
  CALL
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/scripts/checksyscalls.sh
  INSTALL libsubcmd_headers
  HOSTLD  scripts/mod/modpost
  CC  kernel/bounds.s
  CHKSHA1 
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/include/linux/atomic/atomic-arch-fallback.h
  UPD include/generated/timeconst.h
  CHKSHA1 
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/include/linux/atomic/atomic-instrumented.h
  CHKSHA1 
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/include/linux/atomic/atomic-long.h
  CC  
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/arch/x86/special.o
  MKDIR   
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/arch/x86/lib/
  CC  
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/weak.o
  GEN 
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/arch/x86/lib/inat-tables.c
In file included from 
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/objtool.h:13,
 from 
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/arch.h:11,
 from 
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/check.h:11,
 from 
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/special.h:10,
 from arch/x86/special.c:4:
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/elf.h:37:9:
 error: unknown type name ‘GElf_Shdr’
   37 | GElf_Shdr sh;
  | ^
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/elf.h:42:9:
 error: unknown type name ‘Elf_Data’
   42 | Elf_Data *data;
  | ^~~~
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/elf.h:54:9:
 error: unknown type name ‘GElf_Sym’
   54 | GElf_Sym sym;
  | ^~~~
/home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/elf.h:82:9:
 error: unknown type name ‘Elf’
   82 | Elf *elf;
  | ^~~


Thanks!

Richard






From: Adam Lackorzynski 
Sent: Thursday, April 11, 2024 1:18 PM
To: Richard Clark ; 
l4-hackers@os.inf.tu-dresden.de 
Subject: Re: 23.10.1 amd64 l4linux doesn't build

[EXTERNAL]

Hi Richard,

which Linux variant are you doing this on, out of curiosity? This is
typically assembled on stable Debian, so it's good to know the
difference.

On another note, regarding virtualization, please focus on uvmm instead
of L4Linux. L4Linux is pure paravirtualization while on today's systems
we obviosly want to exploit the CPUs virtualization support capabilities
which uvmm does nicely.


Best regards, Adam

On Thu Apr 11, 2024 at 14:47:55 +, Richard Clark wrote:
> Hi!
>
> I'm doing microkernel evaluations for a US gov't contract to find a nice 
> shiny new replacement for
> the dismal little l4 microkernel they've been using and failing with... 
> Fiasco/L4/L4linux seems to
> be a wonderfully full-featured software platform that easily fits the bill. 
> Separation/Capability
> microkernel, fully developed user space, l4-native linux, and even a vmm that 
> runs a sandboxed linux.
>
> Latest build with snapshot 23.10.1 and l4linux 23.10.1 seems the amd64 
> l4linux is broken with
> issues in libelf.h, gelf.h, and elf.h.  32bit build seems to build ok.
>
> Still trying to get something up and running. I'll try 32-bit with qemu for 
> now. I do need 64-bit to
> compile

23.10.1 amd64 l4linux doesn't build

2024-04-11 Thread Richard Clark 
Hi!

I'm doing microkernel evaluations for a US gov't contract to find a nice shiny 
new replacement for
the dismal little l4 microkernel they've been using and failing with... 
Fiasco/L4/L4linux seems to
be a wonderfully full-featured software platform that easily fits the bill. 
Separation/Capability
microkernel, fully developed user space, l4-native linux, and even a vmm that 
runs a sandboxed linux.

Latest build with snapshot 23.10.1 and l4linux 23.10.1 seems the amd64 l4linux 
is broken with
issues in libelf.h, gelf.h, and elf.h.  32bit build seems to build ok.

Still trying to get something up and running. I'll try 32-bit with qemu for 
now. I do need 64-bit to
compile and run, so I would appreciate any info on how to fix the build issues.


Thanks!

Richard H. Clark

___
l4-hackers mailing list -- l4-hackers@os.inf.tu-dresden.de
To unsubscribe send an email to l4-hackers-le...@os.inf.tu-dresden.de

Re: 23.10.1 amd64 l4linux doesn't build

2024-04-11 Thread Richard Clark 
Adam,

What's the recommended Debian distro to build on?
Could you point me at an iso image so I can spin up a VM, please?


Thanks!

Richard


From: Adam Lackorzynski 
Sent: Thursday, April 11, 2024 3:55 PM
To: Richard Clark ; 
l4-hackers@os.inf.tu-dresden.de 
Subject: Re: 23.10.1 amd64 l4linux doesn't build

[EXTERNAL]

Hi Richard,

On Thu Apr 11, 2024 at 17:51:40 +, Richard Clark wrote:
> Adam,
>
> Thank you for the response!
>
> I'm building on a fresh install of linux mint cinnamon.
> That should be irrelevant as the build should be using its own include files, 
> not that of the host.

Ah! Building Linux requires to have libelf-dev installed nowadays, for
building the objtool tool.

> Yes, everyone and their sister has a virtual machine nowadays. These are of 
> limited use, however.
> There are instances where the user-space runtime directly on top of the l4 
> kernel (native l4 app) is extremely useful.

Absolutely.

> There are also instances where it is helpful to have a full unikernel to run 
> paravirtualized directly on top of the l4 kernel.

Yep.

> And of course, completely untrusted code which is expected to be attacked and 
> owned gets
> sandboxed into its own virtual space. I have use for all three cases.

Sure.

All that is possible of course. I was just referring to the different
virtualization options and did not want to exclude the other options
besides virtualization.

> I'm (was?) assuming that running a multicore AMD64 linux in a vm is 
> functional, and am exploring the
> other two options.

Good assumption :)

> I wanted to check the paravirtualzed version first since there seems to be 
> some
> instructions for it. It comes packaged alongside the snapshots.

Yep. The snapshot also has some targets for running uvmm VMs.
Please check the screencasts at 
https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fl4re.org%2Fcast-multi-vm-qemu.html=05%7C02%7Crichard.clark%40coheretechnology.com%7C1cff7939aaf24ddb460108dc5a615601%7Ca6ccb3020300496187c25d60f8287e77%7C0%7C0%7C638484621329126751%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C=umCmEgBwuamLD98dCEnJxPErwVvTV2v2ZqHsWmdV4Bo%3D=0


Adam

>
> Here is about where it seems to go astray:
>
> ===
>   For quick build instructions, please visit:
> 
> https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.tudos.org%2FQuickstart=05%7C02%7Crichard.clark%40coheretechnology.com%7C1cff7939aaf24ddb460108dc5a615601%7Ca6ccb3020300496187c25d60f8287e77%7C0%7C0%7C638484621329136974%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C=kFjA59XmzO5KfpucO94eHep5BelvFg0PDRD1w2rt9bg%3D=0
> 
> https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fl4linux.org%2Fbuild.shtml=05%7C02%7Crichard.clark%40coheretechnology.com%7C1cff7939aaf24ddb460108dc5a615601%7Ca6ccb3020300496187c25d60f8287e77%7C0%7C0%7C638484621329143922%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C=AE%2BAq8rj7jr2zh3sCr1BDcscqJ0C1Fk6zako621JKcA%3D=0
> ===
>   DESCEND objtool
> :1:10: fatal error: libelf.h: No such file or directory
> compilation terminated.
>   CALL
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/scripts/checksyscalls.sh
>   INSTALL libsubcmd_headers
>   HOSTLD  scripts/mod/modpost
>   CC  kernel/bounds.s
>   CHKSHA1 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/include/linux/atomic/atomic-arch-fallback.h
>   UPD include/generated/timeconst.h
>   CHKSHA1 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/include/linux/atomic/atomic-instrumented.h
>   CHKSHA1 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/include/linux/atomic/atomic-long.h
>   CC  
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/arch/x86/special.o
>   MKDIR   
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/arch/x86/lib/
>   CC  
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/weak.o
>   GEN 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/arch/x86/lib/inat-tables.c
> In file included from 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/objtool.h:13,
>  from 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/arch.h:11,
>  from 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/check.h:11,
>  from 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/special.h:10,
>  from

Re: 23.10.1 amd64 l4linux doesn't build

2024-04-11 Thread Adam Lackorzynski 
Hi Richard,

On Thu Apr 11, 2024 at 17:51:40 +, Richard Clark wrote:
> Adam,
> 
> Thank you for the response!
> 
> I'm building on a fresh install of linux mint cinnamon.
> That should be irrelevant as the build should be using its own include files, 
> not that of the host.

Ah! Building Linux requires to have libelf-dev installed nowadays, for
building the objtool tool.

> Yes, everyone and their sister has a virtual machine nowadays. These are of 
> limited use, however.
> There are instances where the user-space runtime directly on top of the l4 
> kernel (native l4 app) is extremely useful.

Absolutely.

> There are also instances where it is helpful to have a full unikernel to run 
> paravirtualized directly on top of the l4 kernel.

Yep.

> And of course, completely untrusted code which is expected to be attacked and 
> owned gets
> sandboxed into its own virtual space. I have use for all three cases.

Sure.

All that is possible of course. I was just referring to the different
virtualization options and did not want to exclude the other options
besides virtualization.

> I'm (was?) assuming that running a multicore AMD64 linux in a vm is 
> functional, and am exploring the
> other two options.

Good assumption :)

> I wanted to check the paravirtualzed version first since there seems to be 
> some
> instructions for it. It comes packaged alongside the snapshots.

Yep. The snapshot also has some targets for running uvmm VMs.
Please check the screencasts at https://l4re.org/cast-multi-vm-qemu.html


Adam

> 
> Here is about where it seems to go astray:
> 
> ===
>   For quick build instructions, please visit:
> http://wiki.tudos.org/Quickstart
> http://l4linux.org/build.shtml
> ===
>   DESCEND objtool
> :1:10: fatal error: libelf.h: No such file or directory
> compilation terminated.
>   CALL
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/scripts/checksyscalls.sh
>   INSTALL libsubcmd_headers
>   HOSTLD  scripts/mod/modpost
>   CC  kernel/bounds.s
>   CHKSHA1 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/include/linux/atomic/atomic-arch-fallback.h
>   UPD include/generated/timeconst.h
>   CHKSHA1 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/include/linux/atomic/atomic-instrumented.h
>   CHKSHA1 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/include/linux/atomic/atomic-long.h
>   CC  
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/arch/x86/special.o
>   MKDIR   
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/arch/x86/lib/
>   CC  
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/weak.o
>   GEN 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/obj/l4linux/amd64/tools/objtool/arch/x86/lib/inat-tables.c
> In file included from 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/objtool.h:13,
>  from 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/arch.h:11,
>  from 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/check.h:11,
>  from 
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/special.h:10,
>  from arch/x86/special.c:4:
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/elf.h:37:9:
>  error: unknown type name ‘GElf_Shdr’
>37 | GElf_Shdr sh;
>   | ^
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/elf.h:42:9:
>  error: unknown type name ‘Elf_Data’
>42 | Elf_Data *data;
>   | ^~~~
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/elf.h:54:9:
>  error: unknown type name ‘GElf_Sym’
>54 | GElf_Sym sym;
>   | ^~~~
> /home/webadmin/Fiasco/l4re-snapshot-23.10.1/src/l4linux/tools/objtool/include/objtool/elf.h:82:9:
>  error: unknown type name ‘Elf’
>82 | Elf *elf;
>   | ^~~
> 
> 
> Thanks!
> 
> Richard
> 
> 
> 
> 
> 
> 
> From: Adam Lackorzynski 
> Sent: Thursday, April 11, 2024 1:18 PM
> To: Richard Clark ; 
> l4-hackers@os.inf.tu-dresden.de 
> Subject: Re: 23.10.1 amd64 l4linux doesn't build
> 
> [EXTERNAL]
> 
> Hi Richard,
> 
> which Linux variant are you doing this on, out of curiosity? This is
> typically assembled on stable Debian, so it's good to know the
> difference.
> 
> On another note, regarding virtualization, please focus on uvmm instead
> of L4Linux. L4Linux is pure paravirtualization while on today's systems
> we obviosly want to exploit the CPUs virtualization support capabilities
> which uvmm does nicely.
> 
> 
> Best regards, Adam
> 
> On Thu Apr 11, 2024 at