This patchset introduces the basic recipes necessary to build Xen stubdomains, in particular the vTPM and vTPM Manager stubdomains. vTPM stubdomains provide Xen guest domains access to a virtualized TPM. The vTPM Manager stubdomain manages each of the vTPM domains and seals them to the physical TPM. The intention of this patchset is to provide the ability to build Xen stubdomains separately from the rest of the Xen components since the stubdomains have separate dependencies that are hard-coded within the Xen build and configuration files. Separating the stubdomain recipes and dependencies from the rest of the Xen build gives the ability to use newer or different libraries than what is currently used.
The stubdom.inc file defines a set of CPPFLAGS, CFLAGS, and LDFLAGS common for building all Xen stubdomains. Xen stubdomains are cross-compiled with the MiniOS, which creates some issues when trying to compile stubdomains in an OpenEmbedded environment. To address these issues and to ensure the stubdoms are built as Xen had intended, all of the build flags and build tools that are exported into the environment by OE have been unset. Each of the new recipes introduced here then implements the build flags and the tools as though the build had been run in the bare-metal environment. Recipes to create slightly modified source packages for lwIP amd Mini-OS are introduced to standardize the dependency tree among stubdomain related recipes and to avoid the hassle of maintaining the same tasks within many recipes. Xen vTPM stubdomains have depencencies on static libraries for newlib, polarssl, gmp, and tpm emulator. Xen vTPM Manager stubdomain has dependencies on static libraries for newlib and polarssl. The newlib, polarssl, gmp, and tpm emulator recipes are constructed to behave the same as a bare-metal build. These recipes are cross-compiled against both the Xen and MiniOS source code. The xen-vtpm recipe is responsible for building and installing the vTPM and vTPM Manager stubdomain images into the Xen boot directory. xen-vtpm would need to be added to DISTRO_FEATURES the similar for what is done for Xen. --- Changes in v2: - Multi-line variables formatted to match OE style guide - SRC_URI formatted to use SRCREV rather than git tag - patches formatted to striplevel=1 - introduced Mini-OS recipe - Removed Xen dependency since this is handled (mostly) by Mini-OS - Changed version number of xen-vtpm recipe to match Xen version --- Kurt Bodiker (8): Define standard values needed to build stubdomains LWIP source code with patches applied for stubdoms Mini-OS source code with make links target applied Newlib recipe and patches for Xen stubdoms PolarSSL recipe and patches for Xen stubdoms GMP recipe for Xen stubdoms TPM Emulator for Xen stubdoms vTPM and vTPM Manager stubdoms .../lwip.dhcp_create_request-hwaddr_len.patch | 13 + recipes-extended/xen/files/lwip.patch-cvs | 2398 ++++++++++++++++++++ recipes-extended/xen/files/newlib-chk.patch | 155 ++ .../newlib-stdint-size_max-fix-from-1.17.0.patch | 16 + recipes-extended/xen/files/newlib.patch | 727 ++++++ recipes-extended/xen/files/polarssl.patch | 64 + recipes-extended/xen/files/tpmemu-0.7.4.patch | 12 + recipes-extended/xen/files/vtpm-bufsize.patch | 13 + recipes-extended/xen/files/vtpm-cmake-Wextra.patch | 21 + .../xen/files/vtpm-deepquote-anyloc.patch | 127 ++ recipes-extended/xen/files/vtpm-deepquote.patch | 187 ++ .../xen/files/vtpm-implicit-fallthrough.patch | 10 + recipes-extended/xen/files/vtpm-locality.patch | 50 + .../xen/files/vtpm-parent-sign-ek.patch | 196 ++ recipes-extended/xen/lwip.inc | 24 + recipes-extended/xen/lwip_1.3.0.bb | 19 + recipes-extended/xen/mini-os.inc | 28 + recipes-extended/xen/mini-os_4.9.0.bb | 17 + recipes-extended/xen/newlib.inc | 64 + recipes-extended/xen/newlib_1.16.0.bb | 21 + recipes-extended/xen/polarssl.inc | 27 + recipes-extended/xen/polarssl_1.1.4.bb | 19 + recipes-extended/xen/stubdom-gmp.inc | 42 + recipes-extended/xen/stubdom-gmp_4.3.2.bb | 20 + recipes-extended/xen/stubdom.inc | 150 ++ recipes-extended/xen/tpm-emulator.inc | 37 + recipes-extended/xen/tpm-emulator_0.7.4.bb | 26 + recipes-extended/xen/xen-vtpm.inc | 98 + recipes-extended/xen/xen-vtpm_4.9.0.bb | 21 + 29 files changed, 4602 insertions(+) create mode 100644 recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch create mode 100644 recipes-extended/xen/files/lwip.patch-cvs create mode 100644 recipes-extended/xen/files/newlib-chk.patch create mode 100644 recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch create mode 100644 recipes-extended/xen/files/newlib.patch create mode 100644 recipes-extended/xen/files/polarssl.patch create mode 100644 recipes-extended/xen/files/tpmemu-0.7.4.patch create mode 100644 recipes-extended/xen/files/vtpm-bufsize.patch create mode 100644 recipes-extended/xen/files/vtpm-cmake-Wextra.patch create mode 100644 recipes-extended/xen/files/vtpm-deepquote-anyloc.patch create mode 100644 recipes-extended/xen/files/vtpm-deepquote.patch create mode 100644 recipes-extended/xen/files/vtpm-implicit-fallthrough.patch create mode 100644 recipes-extended/xen/files/vtpm-locality.patch create mode 100644 recipes-extended/xen/files/vtpm-parent-sign-ek.patch create mode 100644 recipes-extended/xen/lwip.inc create mode 100644 recipes-extended/xen/lwip_1.3.0.bb create mode 100644 recipes-extended/xen/mini-os.inc create mode 100644 recipes-extended/xen/mini-os_4.9.0.bb create mode 100644 recipes-extended/xen/newlib.inc create mode 100644 recipes-extended/xen/newlib_1.16.0.bb create mode 100644 recipes-extended/xen/polarssl.inc create mode 100644 recipes-extended/xen/polarssl_1.1.4.bb create mode 100644 recipes-extended/xen/stubdom-gmp.inc create mode 100644 recipes-extended/xen/stubdom-gmp_4.3.2.bb create mode 100644 recipes-extended/xen/stubdom.inc create mode 100644 recipes-extended/xen/tpm-emulator.inc create mode 100644 recipes-extended/xen/tpm-emulator_0.7.4.bb create mode 100644 recipes-extended/xen/xen-vtpm.inc create mode 100644 recipes-extended/xen/xen-vtpm_4.9.0.bb -- 2.14.2 -- *This email and all attachments are considered confidential and the proprietary information of BrainTrust Holdings. Unauthorized disclosure is prohibited. * -- _______________________________________________ meta-virtualization mailing list [email protected] https://lists.yoctoproject.org/listinfo/meta-virtualization
