Kurt, I've reviewed the patches today and all the improvements look good.
Unfortunately, in performing a build with the patches applied to rocko, I encountered a link error when attempting: bitbake xen-vtpm Details and output are below. A separate minor thing I saw in patch 1 was that "no-red-zone" is applied to STUBDOM_CFLAGS unconditionally, whereas in the original Xen Makefile, it's only set for 64-bit target builds - I haven't inspected further though, or attempted a 32-bit target build yet as my 64-bit build didn't succeed. Christopher Build description: Source: rocko branches of each of: git://git.yoctoproject.org/poky.git git://git.openembedded.org/meta-openembedded git://git.yoctoproject.org/meta-virtualization and applied the 8 proposed patches applied to meta-virtualization (on top of the rocko branch). Build host is x86_64, running Debian 8.8 with gcc 4.9.2 local.conf settings: MACHINE = "genericx86-64" DISTRO_FEATURES_append = " xen virtualization" BB_NUMBER_THREADS ?= "8" PARALLEL_MAKE ?= "-j 4" Error encountered: | x86_64-poky-linux-ld --sysroot=/mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/recipe-sysroot -nostdlib -L/mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/recipe-sysroot/cross-root-x86_64/x86_64-xen-elf/lib -m elf_x86_64 -T /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/arch/x86/minios-x86_64.lds /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o -o /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `vtpmmgr_GroupRegister': | vtpm_cmd_handler.c:(.text+0x38ab): undefined reference to `tpmrsa_free' | vtpm_cmd_handler.c:(.text+0x3b6e): undefined reference to `tpmrsa_free' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `vtpmmgr_handle_cmd': | gdtoa-hexnan.c:(.text+0x4ac6): undefined reference to `tpmrsa_free' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM_TakeOwnership': | gdtoa-hexnan.c:(.text+0x7e33): undefined reference to `unpack3_TPM_KEY' | gdtoa-hexnan.c:(.text+0x7e67): undefined reference to `unpack3_TPM_KEY' | gdtoa-hexnan.c:(.text+0x7ec8): undefined reference to `unpack3_TPM_AUTH_SESSION' | gdtoa-hexnan.c:(.text+0x7f68): undefined reference to `free_TPM_KEY' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM_Seal': | gdtoa-hexnan.c:(.text+0x8b76): undefined reference to `unpack3_TPM_STORED_DATA12' | gdtoa-hexnan.c:(.text+0x8bd7): undefined reference to `unpack3_TPM_AUTH_SESSION' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM_Unseal': | gdtoa-hexnan.c:(.text+0x9115): undefined reference to `unpack_ALLOC' | gdtoa-hexnan.c:(.text+0x9169): undefined reference to `unpack3_TPM_AUTH_SESSION' | gdtoa-hexnan.c:(.text+0x91a3): undefined reference to `unpack3_TPM_AUTH_SESSION' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM_LoadKey': | gdtoa-hexnan.c:(.text+0x9809): undefined reference to `unpack3_TPM_AUTH_SESSION' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM_ReadPubek': | gdtoa-hexnan.c:(.text+0x9cd3): undefined reference to `unpack3_TPM_RSA_KEY_PARMS' | gdtoa-hexnan.c:(.text+0x9cf8): undefined reference to `unpack3_TPM_SYMMETRIC_KEY_PARMS' | gdtoa-hexnan.c:(.text+0x9d57): undefined reference to `unpack3_PTR' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM_GetCapability': | gdtoa-hexnan.c:(.text+0xa23d): undefined reference to `unpack_ALLOC' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM_CreateEndorsementKeyPair': | gdtoa-hexnan.c:(.text+0xa55c): undefined reference to `unpack3_TPM_RSA_KEY_PARMS' | gdtoa-hexnan.c:(.text+0xa580): undefined reference to `unpack3_TPM_SYMMETRIC_KEY_PARMS' | gdtoa-hexnan.c:(.text+0xa5dd): undefined reference to `unpack3_PTR' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM_MakeIdentity': | gdtoa-hexnan.c:(.text+0xad87): undefined reference to `unpack3_TPM_KEY' | gdtoa-hexnan.c:(.text+0xae09): undefined reference to `unpack_ALLOC' | gdtoa-hexnan.c:(.text+0xae6c): undefined reference to `unpack3_TPM_AUTH_SESSION' | gdtoa-hexnan.c:(.text+0xaea9): undefined reference to `unpack3_TPM_AUTH_SESSION' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM_ActivateIdentity': | gdtoa-hexnan.c:(.text+0xb30d): undefined reference to `unpack3_TPM_SYMMETRIC_KEY' | gdtoa-hexnan.c:(.text+0xb37b): undefined reference to `unpack3_TPM_AUTH_SESSION' | gdtoa-hexnan.c:(.text+0xb3b4): undefined reference to `unpack3_TPM_AUTH_SESSION' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM_Quote': | gdtoa-hexnan.c:(.text+0xb756): undefined reference to `unpack3_TPM_PCR_COMPOSITE' | gdtoa-hexnan.c:(.text+0xb7c2): undefined reference to `unpack_ALLOC' | gdtoa-hexnan.c:(.text+0xb81b): undefined reference to `unpack3_TPM_AUTH_SESSION' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM2_Create': | gdtoa-hexnan.c:(.text+0xc794): undefined reference to `unpack_TPMS_ECC_POINT' | /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os.o: In function `TPM2_CreatePrimary': | gdtoa-hexnan.c:(.text+0xd20d): undefined reference to `unpack_TPMS_ECC_POINT' | Makefile:165: recipe for target '/mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os' failed | make: *** [/mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/stubdom/mini-os-x86_64-vtpmmgr/mini-os] Error 1 | make: Leaving directory '/mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/recipe-sysroot/cross-root-x86_64/mini-os' | WARNING: exit code 2 from a shell command. | ERROR: Function failed: do_compile (log file is located at /mnt/3build/review-vtpm/poky/build/tmp/work/core2-64-poky-linux/xen-vtpm/4.9.0-r0/temp/log.do_compile.6524) ERROR: Task (/mnt/3build/review-vtpm/poky/meta-virtualization/recipes-extended/xen/xen-vtpm_4.9.0.bb:do_compile) failed with exit code '1' NOTE: Tasks Summary: Attempted 859 tasks of which 0 didn't need to be rerun and 1 failed. Summary: 1 task failed: /mnt/3build/review-vtpm/poky/meta-virtualization/recipes-extended/xen/xen-vtpm_4.9.0.bb: do_compile Summary: There was 1 ERROR message shown, returning a non-zero exit code. On Fri, Apr 6, 2018 at 10:06 AM, Kurt Bodiker < [email protected]> wrote: > This patchset introduces the basic recipes necessary to build Xen > stubdomains, in particular the vTPM and vTPM Manager stubdomains. vTPM > stubdomains provide Xen guest domains access to a virtualized TPM. The > vTPM Manager stubdomain manages each of the vTPM domains and seals them > to the physical TPM. The intention of this patchset is to provide the > ability to build Xen stubdomains separately from the rest of the Xen > components since the stubdomains have separate dependencies that are > hard-coded within the Xen build and configuration files. Separating the > stubdomain recipes and dependencies from the rest of the Xen build gives > the ability to use newer or different libraries than what is currently > used. > > The stubdom.inc file defines a set of CPPFLAGS, CFLAGS, and LDFLAGS > common for building all Xen stubdomains. Xen stubdomains are > cross-compiled with the MiniOS, which creates some issues when trying to > compile stubdomains in an OpenEmbedded environment. To address these > issues and to ensure the stubdoms are built as Xen had intended, all of > the build flags and build tools that are exported into the environment > by OE have been unset. Each of the new recipes introduced here then > implements the build flags and the tools as though the build had been > run in the bare-metal environment. > > Recipes to create slightly modified source packages for lwIP amd Mini-OS > are introduced to standardize the dependency tree among stubdomain > related recipes and to avoid the hassle of maintaining the same tasks > within many recipes. > > Xen vTPM stubdomains have depencencies on static libraries for newlib, > polarssl, gmp, and tpm emulator. Xen vTPM Manager stubdomain has > dependencies on static libraries for newlib and polarssl. > > The newlib, polarssl, gmp, and tpm emulator recipes are constructed to > behave the same as a bare-metal build. These recipes are cross-compiled > against both the Xen and MiniOS source code. > > The xen-vtpm recipe is responsible for building and installing the vTPM > and vTPM Manager stubdomain images into the Xen boot directory. xen-vtpm > would need to be added to DISTRO_FEATURES the similar for what is done > for Xen. > > --- > Changes in v2: > - Multi-line variables formatted to match OE style guide > - SRC_URI formatted to use SRCREV rather than git tag > - patches formatted to striplevel=1 > - introduced Mini-OS recipe > - Removed Xen dependency since this is handled (mostly) by Mini-OS > - Changed version number of xen-vtpm recipe to match Xen version > --- > > Kurt Bodiker (8): > Define standard values needed to build stubdomains > LWIP source code with patches applied for stubdoms > Mini-OS source code with make links target applied > Newlib recipe and patches for Xen stubdoms > PolarSSL recipe and patches for Xen stubdoms > GMP recipe for Xen stubdoms > TPM Emulator for Xen stubdoms > vTPM and vTPM Manager stubdoms > > .../lwip.dhcp_create_request-hwaddr_len.patch | 13 + > recipes-extended/xen/files/lwip.patch-cvs | 2398 > ++++++++++++++++++++ > recipes-extended/xen/files/newlib-chk.patch | 155 ++ > .../newlib-stdint-size_max-fix-from-1.17.0.patch | 16 + > recipes-extended/xen/files/newlib.patch | 727 ++++++ > recipes-extended/xen/files/polarssl.patch | 64 + > recipes-extended/xen/files/tpmemu-0.7.4.patch | 12 + > recipes-extended/xen/files/vtpm-bufsize.patch | 13 + > recipes-extended/xen/files/vtpm-cmake-Wextra.patch | 21 + > .../xen/files/vtpm-deepquote-anyloc.patch | 127 ++ > recipes-extended/xen/files/vtpm-deepquote.patch | 187 ++ > .../xen/files/vtpm-implicit-fallthrough.patch | 10 + > recipes-extended/xen/files/vtpm-locality.patch | 50 + > .../xen/files/vtpm-parent-sign-ek.patch | 196 ++ > recipes-extended/xen/lwip.inc | 24 + > recipes-extended/xen/lwip_1.3.0.bb | 19 + > recipes-extended/xen/mini-os.inc | 28 + > recipes-extended/xen/mini-os_4.9.0.bb | 17 + > recipes-extended/xen/newlib.inc | 64 + > recipes-extended/xen/newlib_1.16.0.bb | 21 + > recipes-extended/xen/polarssl.inc | 27 + > recipes-extended/xen/polarssl_1.1.4.bb | 19 + > recipes-extended/xen/stubdom-gmp.inc | 42 + > recipes-extended/xen/stubdom-gmp_4.3.2.bb | 20 + > recipes-extended/xen/stubdom.inc | 150 ++ > recipes-extended/xen/tpm-emulator.inc | 37 + > recipes-extended/xen/tpm-emulator_0.7.4.bb | 26 + > recipes-extended/xen/xen-vtpm.inc | 98 + > recipes-extended/xen/xen-vtpm_4.9.0.bb | 21 + > 29 files changed, 4602 insertions(+) > create mode 100644 recipes-extended/xen/files/lwip.dhcp_create_request- > hwaddr_len.patch > create mode 100644 recipes-extended/xen/files/lwip.patch-cvs > create mode 100644 recipes-extended/xen/files/newlib-chk.patch > create mode 100644 recipes-extended/xen/files/newlib-stdint-size_max-fix- > from-1.17.0.patch > create mode 100644 recipes-extended/xen/files/newlib.patch > create mode 100644 recipes-extended/xen/files/polarssl.patch > create mode 100644 recipes-extended/xen/files/tpmemu-0.7.4.patch > create mode 100644 recipes-extended/xen/files/vtpm-bufsize.patch > create mode 100644 recipes-extended/xen/files/vtpm-cmake-Wextra.patch > create mode 100644 recipes-extended/xen/files/vtpm-deepquote-anyloc.patch > create mode 100644 recipes-extended/xen/files/vtpm-deepquote.patch > create mode 100644 recipes-extended/xen/files/vtpm-implicit-fallthrough. > patch > create mode 100644 recipes-extended/xen/files/vtpm-locality.patch > create mode 100644 recipes-extended/xen/files/vtpm-parent-sign-ek.patch > create mode 100644 recipes-extended/xen/lwip.inc > create mode 100644 recipes-extended/xen/lwip_1.3.0.bb > create mode 100644 recipes-extended/xen/mini-os.inc > create mode 100644 recipes-extended/xen/mini-os_4.9.0.bb > create mode 100644 recipes-extended/xen/newlib.inc > create mode 100644 recipes-extended/xen/newlib_1.16.0.bb > create mode 100644 recipes-extended/xen/polarssl.inc > create mode 100644 recipes-extended/xen/polarssl_1.1.4.bb > create mode 100644 recipes-extended/xen/stubdom-gmp.inc > create mode 100644 recipes-extended/xen/stubdom-gmp_4.3.2.bb > create mode 100644 recipes-extended/xen/stubdom.inc > create mode 100644 recipes-extended/xen/tpm-emulator.inc > create mode 100644 recipes-extended/xen/tpm-emulator_0.7.4.bb > create mode 100644 recipes-extended/xen/xen-vtpm.inc > create mode 100644 recipes-extended/xen/xen-vtpm_4.9.0.bb > > -- > 2.14.2 > > > -- > > *This email and all attachments are considered confidential and the > proprietary information of BrainTrust Holdings. Unauthorized disclosure is > prohibited. * > -- > _______________________________________________ > meta-virtualization mailing list > [email protected] > https://lists.yoctoproject.org/listinfo/meta-virtualization >
-- _______________________________________________ meta-virtualization mailing list [email protected] https://lists.yoctoproject.org/listinfo/meta-virtualization
