Newer
Older
# Contributor: Roger Pau Monne <roger.pau@entel.upc.edu>
arch="x86_64 armhf aarch64" # enable armv7 when builds with gcc8
depends_dev="openssl-dev python2-dev e2fsprogs-dev gettext zlib-dev ncurses-dev
dev86 texinfo perl pciutils-dev glib-dev yajl-dev libnl3-dev
spice-dev gnutls-dev curl-dev libaio-dev lzo-dev xz-dev util-linux-dev
linux-headers argp-standalone perl-dev flex bison"
makedepends="$depends_dev autoconf automake libtool dnsmasq"
# secfixes:
# 4.7.0-r0:
# - CVE-2016-6258 XSA-182
# - CVE-2016-6259 XSA-183
# - CVE-2016-5403 XSA-184
# 4.7.0-r1:
# - CVE-2016-7092 XSA-185
# - CVE-2016-7093 XSA-186
# - CVE-2016-7094 XSA-187
# 4.7.0-r5:
# - CVE-2016-7777 XSA-190
# 4.7.1-r1:
# - CVE-2016-9386 XSA-191
# - CVE-2016-9382 XSA-192
# - CVE-2016-9385 XSA-193
# - CVE-2016-9384 XSA-194
# - CVE-2016-9383 XSA-195
# - CVE-2016-9377 XSA-196
# - CVE-2016-9378 XSA-196
# - CVE-2016-9381 XSA-197
# - CVE-2016-9379 XSA-198
# - CVE-2016-9380 XSA-198
# - CVE-2016-9815 XSA-201
# - CVE-2016-9816 XSA-201
# - CVE-2016-9817 XSA-201
# - CVE-2016-9818 XSA-201
# 4.7.1-r4:
# - CVE-2016-10024 XSA-202
# - CVE-2016-10025 XSA-203
# - CVE-2016-10013 XSA-204
# 4.7.1-r5:
# - XSA-207
# - CVE-2017-2615 XSA-208
# - CVE-2017-2620 XSA-209
# - XSA-210
# 4.7.2-r0:
# - CVE-2016-9603 XSA-211
# - CVE-2017-7228 XSA-212
# 4.8.1-r2:
# - CVE-2017-8903 XSA-213
# - CVE-2017-8904 XSA-214
# 4.9.0-r0:
# - CVE-2017-10911 XSA-216
# - CVE-2017-10912 XSA-217
# - CVE-2017-10913 XSA-218
# - CVE-2017-10914 XSA-218
# - CVE-2017-10915 XSA-219
# - CVE-2017-10916 XSA-220
# - CVE-2017-10917 XSA-221
# - CVE-2017-10918 XSA-222
# - CVE-2017-10919 XSA-223
# - CVE-2017-10920 XSA-224
# - CVE-2017-10921 XSA-224
# - CVE-2017-10922 XSA-224
# - CVE-2017-10923 XSA-225
# 4.9.0-r1:
# - CVE-2017-12135 XSA-226
# - CVE-2017-12137 XSA-227
# - CVE-2017-12136 XSA-228
# - CVE-2017-12855 XSA-230
# 4.9.0-r2:
# - XSA-235
# 4.9.0-r4:
# - CVE-2017-14316 XSA-231
# - CVE-2017-14318 XSA-232
# - CVE-2017-14317 XSA-233
# - CVE-2017-14319 XSA-234
# 4.9.0-r6:
# - CVE-2017-15590 XSA-237
# - XSA-238
# - CVE-2017-15589 XSA-239
# - CVE-2017-15595 XSA-240
# - CVE-2017-15588 XSA-241
# - CVE-2017-15593 XSA-242
# - CVE-2017-15592 XSA-243
# - CVE-2017-15594 XSA-244
# 4.9.0-r7:
# - CVE-2017-15597 XSA-236
# 4.9.1-r1:
# - XSA-246
# - XSA-247
# - XSA-248
# - XSA-249
# - XSA-250
# - XSA-251
# 4.10.0-r2:
# - CVE-2018-7540 XSA-252
# - CVE-2018-7541 XSA-255
# - CVE-2018-7542 XSA-256
# 4.10.1-r0:
# - CVE-2018-10472 XSA-258
# - CVE-2018-10471 XSA-259
# - CVE-2018-8897 XSA-260
# - CVE-2018-10982 XSA-261
# - CVE-2018-10981 XSA-262
# - CVE-2018-3639 XSA-263
# - CVE-2018-128911 XSA-264
# - CVE-2018-12893 XSA-265
# - CVE-2018-12892 XSA-266
# - CVE-2018-3665 XSA-267
# 4.11.1-r0:
# - CVE-2018-15469 XSA-268
# - CVE-2018-15468 XSA-269
# - CVE-2018-15470 XSA-272
# - CVE-2018-3620 XSA-273
# - CVE-2018-3646 XSA-273
# - CVE-2018-19961 XSA-275
# - CVE-2018-19962 XSA-275
# - CVE-2018-19963 XSA-276
# - CVE-2018-19964 XSA-277
# - CVE-2018-19965 XSA-279
# - CVE-2018-19966 XSA-280
# - CVE-2018-19967 XSA-282
# 4.12.0-r2:
# - CVE-2018-12126 XSA-297
# - CVE-2018-12127 XSA-297
# - CVE-2018-12130 XSA-297
# - CVE-2019-11091 XSA-297
# 4.12.1-r1:
# - CVE-2019-18425 XSA-298
# - CVE-2019-18421 XSA-299
# - CVE-2019-18423 XSA-301
# - CVE-2019-18424 XSA-302
# - CVE-2019-18422 XSA-303
# - CVE-2018-12207 XSA-304
# - CVE-2019-11135 XSA-305
# 4.12.2-r0:
# - CVE-2019-19579 XSA-306
# - CVE-2019-19582 XSA-307
# - CVE-2019-19583 XSA-308
# - CVE-2019-19578 XSA-309
# - CVE-2019-19580 XSA-310
# - CVE-2019-19577 XSA-311
# 4.12.2-r1:
# - CVE-2020-11740 CVE-2020-11741 XSA-313
# - CVE-2020-11739 XSA-314
# - CVE-2020-11743 XSA-316
# - CVE-2020-11742 XSA-318
case "$CARCH" in
x86*)
depends="$depends syslinux"
makedepends="$makedepends iasl seabios-bin"
;;
arm*)
makedepends="$makedepends dtc-dev"
;;
aarch64)
makedepends="$makedepends dtc-dev iasl"
;;
#if [ "$CARCH" != "armhf" ]; then
# subpackages="$pkgname-dbg"
#fi
subpackages="$subpackages $pkgname-doc $pkgname-dev $pkgname-libs
$pkgname-hypervisor $pkgname-bridge"
# grep _VERSION= stubdom/configure
_ZLIB_VERSION="1.2.3"
_LIBPCI_VERSION="2.2.9"
_NEWLIB_VERSION="1.16.0"
_LWIP_VERSION="1.3.0"
_GRUB_VERSION="0.97"
_GMP_VERSION="4.3.2"
_POLARSSL_VERSION="1.1.4"
_TPMEMU_VERSION="0.7.4"
# grep ^IPXE_GIT_TAG tools/firmware/etherboot/Makefile
_IPXE_GIT_TAG=d2063b7693e0e35db97b2264aa987eb6341ae779
source="https://downloads.xenproject.org/release/$pkgname/$pkgver/$pkgname-$pkgver.tar.gz
https://xenbits.xen.org/xen-extfiles/gmp-$_GMP_VERSION.tar.bz2
https://xenbits.xen.org/xen-extfiles/grub-$_GRUB_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/lwip-$_LWIP_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/newlib-$_NEWLIB_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/pciutils-$_LIBPCI_VERSION.tar.bz2
https://xenbits.xen.org/xen-extfiles/polarssl-$_POLARSSL_VERSION-gpl.tgz
https://xenbits.xen.org/xen-extfiles/tpm_emulator-$_TPMEMU_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/zlib-$_ZLIB_VERSION.tar.gz
https://xenbits.xen.org/xen-extfiles/ipxe-git-$_IPXE_GIT_TAG.tar.gz
mini-os-__divmoddi4.patch
Ariadne Conill
committed
hotplug-vif-vtrill.patch
Ariadne Conill
committed
musl-hvmloader-fix-stdint.patch
stdint_local.h
elf_local.h
xen-hotplug-lockfd.patch
xen-fd-is-file.c
hotplug-Linux-iscsi-block-handle-lun-1.patch
xsa313-1.patch
xsa313-2.patch
xsa314-4.13.patch
xsa316-xen.patch
xsa318.patch
xenstored.initd
xenstored.confd
xenconsoled.initd
xenconsoled.confd
xendomains.initd
xendomains.confd
xen-consoles.logrotate
xen-pci.initd
xen-pci.confd
_seabios=/usr/share/seabios/bios-256k.bin
# Override wrong arch detection from xen-$pkgver/Config.mk.
case "$CARCH" in
armhf) export XEN_TARGET_ARCH="arm32";;
*-etherboot-*)
p=${i%%::*}
p=${p##*/}
msg "adding to ipxe: $p"
cp "$srcdir"/$p tools/firmware/etherboot/patches/
echo "$p" >> tools/firmware/etherboot/patches/series
;;
*.patch) msg $i; patch -s -N -p1 -i "$srcdir"/$i \
|| _failed="$_failed $i"
;;
*/ipxe-git-*)
ln -s "$srcdir"/${i##*/} \
tools/firmware/etherboot/ipxe.tar.gz || return 1
;;
*/xen-extfiles/*)
ln -s "$srcdir"/${i##*/} stubdom/ || return 1
;;
if [ -n "$_failed" ]; then
error "Patches failed:"
for i in $_failed; do
echo $i
done
return 1
fi
# install our stdint_local.h and elf_local.h
install "$srcdir"/stdint_local.h "$srcdir"/elf_local.h \
"$builddir"/tools/firmware/ || return 1
ln -s ../firmware/stdint_local.h "$builddir"/tools/libxl/
find . -name '*.mk' -o -name 'Make*' | xargs sed -i -e 's/-Werror//g' \
|| return 1
msg "Updating config.sub..."
update_config_sub || return 1
msg "Autoreconf..."
autoreconf || return 1
Ariadne Conill
committed
# Unset CFLAGS and LDFLAGS because the xen build system
# doesn't support them. Instead use .config in xen root
# folder if necessary.
munge_cflags() {
msg "Munging CFLAGS..."
unset CFLAGS
unset LDFLAGS
unset LANG
unset LC_ALL
armhf) export CFLAGS="-mcpu=cortex-a15";;
aarch64) export CFLAGS="-mcpu=cortex-a53";;
Ariadne Conill
committed
}
# These tasks are added as separate tasks to enable a packager
# to invoke specific tasks like building the hypervisor. i.e.
# $ abuild configure build_tools
configure() {
./configure --prefix=/usr \
--build=$CBUILD \
--host=$CHOST \
--with-system-seabios=$_seabios \
Ariadne Conill
committed
}
Ariadne Conill
committed
build_hypervisor() {
munge_cflags
Ariadne Conill
committed
}
build_tools() {
munge_cflags
Ariadne Conill
committed
}
build_docs() {
munge_cflags
make docs
Ariadne Conill
committed
}
build_stubdom() {
munge_cflags
Ariadne Conill
committed
build() {
configure || return 1
build_hypervisor || return 1
build_tools || return 1
build_docs || return 1
case "$CARCH" in
x86*) build_stubdom || return 1;;
esac
${CC:-gcc} -o xen-fd-is-file "$srcdir"/xen-fd-is-file.c
Ariadne Conill
committed
}
make -j1 DESTDIR="$pkgdir" install-xen install-tools install-docs \
|| return 1
case "$CARCH" in
x86*) make -j1 DESTDIR="$pkgdir" install-stubdom || return 1;;
esac
# remove default xencommons
rm -rf "$pkgdir"/etc/init.d/xencommons
# remove default xendriverdomain
rm -rf "$pkgdir"/etc/init.d/xendriverdomain
for i in $source; do
case $i in
*.initd) install -Dm755 "$srcdir"/$i \
"$pkgdir"/etc/init.d/${i%.*};;
*.confd) install -Dm644 "$srcdir"/$i \
"$pkgdir"/etc/conf.d/${i%.*};;
esac
done
install -Dm644 "$srcdir"/xen-consoles.logrotate \
"$pkgdir"/etc/xen/xen-consoles.logrotate
install -m755 xen-fd-is-file "$pkgdir"/usr/lib/xen/bin/xen-fd-is-file
# we need to exclude /usr/share when stripping
msg "Stripping binaries"
scanelf --recursive --nobanner --etype "ET_DYN,ET_EXEC" "$pkgdir"/usr/lib \
"$pkgdir"/usr/bin \
"$pkgdir"/usr/sbin \
| sed -e 's:^ET_DYN ::' -e 's:^ET_EXEC ::' \
| xargs strip
check() {
cd "$builddir"
make test
}
libs() {
pkgdesc="Libraries for Xen tools"
replaces="xen"
mkdir -p "$subpkgdir"/usr/lib
mv "$pkgdir"/usr/lib/*.so.* \
"$subpkgdir"/usr/lib/
}
hypervisor() {
pkgdesc="Xen hypervisor"
mkdir -p "$subpkgdir"
mv "$pkgdir"/boot "$subpkgdir"/
}
pkgdesc="Bridge interface for XEN with dhcp"
mkdir -p "$subpkgdir"/etc/conf.d \
"$subpkgdir"/etc/init.d \
"$subpkgdir"/etc/xen
ln -s dnsmasq "$subpkgdir"/etc/init.d/dnsmasq.xenbr0
cat ->>"$subpkgdir"/etc/conf.d/dnsmasq.xenbr0 <<EOF
BRIDGE_ADDR="10.0.4.1"
BRIDGE_NETMASK="255.255.255.0"
BRIDGE_NETWORK="10.0.4.0/24"
BRIDGE_DHCP_RANGE="10.0.4.2,10.0.4.254"
BRIDGE_DHCP_MAX="253"
BRIDGE_MAC="00:16:3f:00:00:00"
DNSMASQ_CONFFILE="/etc/xen/dnsmasq.conf"
EOF
cat ->>"$subpkgdir"/etc/xen/dnsmasq.conf <<EOF
#dhcp-host=somehost,10.0.4.3
#dhcp-host=otherhost,10.0.4.4
EOF
}
sha512sums="7d9e7921271830c9eadf1bb8eca1aec20d343ad7475b0dc3165ef6d681759e7cb70739f8d9f85622a23aef960988820e822267fb198b12ee3dd657ad6164069f xen-4.12.2.tar.gz
2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf gmp-4.3.2.tar.bz2
c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb grub-0.97.tar.gz
1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d lwip-1.3.0.tar.gz
40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3 newlib-1.16.0.tar.gz
2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5 pciutils-2.2.9.tar.bz2
88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad polarssl-1.1.4-gpl.tgz
4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35 tpm_emulator-0.7.4.tar.gz
021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e zlib-1.2.3.tar.gz
2b4ae8e65cd678dbb376f24001294eb54aead8d66456e06fc270dec178d90b282c1eb19731234d8b458054e49c5b8b8c4a89345c63ed0a4dafaf205e642b00b7 ipxe-git-d2063b7693e0e35db97b2264aa987eb6341ae779.tar.gz
b9c754220187955d01ffbb6e030dace9d9aaae755db1765d07e407858c71a2cb0de04e0ab2099cd121d9e1bc1978af06c7dbd2fd805e06eca12ac5d527f15a52 mini-os-__divmoddi4.patch
1936ab39a1867957fa640eb81c4070214ca4856a2743ba7e49c0cd017917071a9680d015f002c57fa7b9600dbadd29dcea5887f50e6c133305df2669a7a933f3 qemu-xen_paths.patch
Ariadne Conill
committed
f095ea373f36381491ad36f0662fb4f53665031973721256b23166e596318581da7cbb0146d0beb2446729adfdb321e01468e377793f6563a67d68b8b0f7ffe3 hotplug-vif-vtrill.patch
77b08e9655e091b0352e4630d520b54c6ca6d659d1d38fbb4b3bfc9ff3e66db433a2e194ead32bb10ff962c382d800a670e82b7a62835b238e294b22808290ea musl-hvmloader-fix-stdint.patch
8c3b57eab8641bcee3dbdc1937ea7874f77b9722a5a0aa3ddb8dff8cc0ced7e19703ef5d998621b3809bea7c16f3346cfa47610ec9ab014ad0de12651c94e5ff stdint_local.h
853467a2d055c5bfbdc7bdca175a334241be44a7c5ac3c0a84a4bc5463b5c070b66d37e2a557429ef860727a6b7350683af758cc2494d85b6be4d883143a2c0d elf_local.h
79cb1b6b81b17cb87a064dfe3548949dfb80f64f203cac11ef327102b7a25794549ce2d9c019ebf05f752214da8e05065e9219d069e679c0ae5bee3d090c685e xen-hotplug-lockfd.patch
e76816c6ad0e91dc5f81947f266da3429b20e6d976c3e8c41202c6179532eec878a3f0913921ef3ac853c5dbad8082da3c9cd53b65081910516feb492577b7fc xen-fd-is-file.c
2094ea964fa610b2bf72fd2c7ede7e954899a75c0f5b08030cf1d74460fb759ade84866176e32f8fe29c921dfdc6dafd2b31e23ab9b0a3874d3dceeabdd1913b xenqemu-xattr-size-max.patch
8c9cfc6afca325df1d8026e21ed03fa8cd2c7e1a21a56cc1968301c5ab634bfe849951899e75d328951d7a41273d1e49a2448edbadec0029ed410c43c0549812 hotplug-Linux-iscsi-block-handle-lun-1.patch
a5443da59c75a786ecd0c5ad5df4c84de8b0f7ac92bc11d840d1fb4c2c33653f7e883640c2081ba594fb1ca92a61f5c970b821a5f2d37c6e666bc2e7da6c8e8f xsa313-1.patch
afc34c39e14b3b3d7bcd5b9bb7d2e6eaeb52fdc8733845cafd0b200c764ebd5a79f540cd818143f99bf084d1a33e50ad1614e5e98af6582412975bd73a5c48dd xsa313-2.patch
6e319c3856ed4a4d96705a258c2654c89a7d645d8b16c03dd257c57d320ee220ffa675eeef615c5bbcf4d5d25b66ceb8b77f57df59da757a3a554a316db074b6 xsa314-4.13.patch
cd6ac97375742bacd55f51062849ba5dcef6026f673d3fb6ab73723befbf52570ea08765af44d636df65b7c16a9dce2fe6c9b6c47b671872ffb83c8121a181df xsa316-xen.patch
66e178a859844a3839333b19934ede5db1d83d8b84bfcce70c51a46077287811a92a8ad2ad60663a88162112d65a867815605202a2c9ca44ba32251b42f0ca23 xsa318.patch
52c43beb2596d645934d0f909f2d21f7587b6898ed5e5e7046799a8ed6d58f7a09c5809e1634fa26152f3fd4f3e7cfa07da7076f01b4a20cc8f5df8b9cb77e50 xenstored.initd
Ariadne Conill
committed
093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0 xenstored.confd
3c86ed48fbee0af4051c65c4a3893f131fa66e47bf083caf20c9b6aa4b63fdead8832f84a58d0e27964bc49ec8397251b34e5be5c212c139f556916dc8da9523 xenconsoled.initd
Roger Pau Monne
committed
30df69cc38d0bed26bc4d6e08a2b62cbdc654d5f663009a05cb3b83b3e3dc5e206362d3fd59abbb753ceb8d6d79eaa6e15d079bb8f4f35dc74667103faf4e85d xenconsoled.confd
357ab672be7ac36e4b5b056504cd5094d9218c4ea148c2f739d628479ebf0d9c0eb201ea7d4f97f07d01e59b88cafd318de0e1250a5b3db41bd94aa3fb7c7e49 xendomains.initd
c7c0eecd5f454d903b57a710902da27dcb2c6b200f88d4eadfab33a447be6b41454109d482aab849a690446ea5c928e619dfc6cf95b7955f00a476f2317bb82b xendomains.confd
Roger Pau Monne
committed
ab2105c75cfe01768aecd5bcbb56269d63666e8a44e42b6a83aee87df6c84ee2f9ab249171c21b2e09f8fec2cae8318f6e87d160989398a3e7dd68db8d52c426 xen-consoles.logrotate
bdbe15c924071cdc2d0f23e53ba8e3f837d4b5369bfb218abd3405f9bef25d105269aaf0784baeb69c073a5786b8c82ffdfd414e86874da34293cfdc2c497928 xenqemu.confd
8475119369409efb8ad930c7735cd3d782191d18fab4fc322a51120c395162ff88e381182876036d1078afd30079dbf3f94a3568689e9b52ba235adead4b97d3 xenqemu.initd
85afec835a374aac3d307b3226eee7a08a676b1daac7e39bb7463d564ef72438dc27dd188a871cfd031e80c6992b756951f26bdca0d445e07eab6dba5245de46 xendriverdomain.initd
a46337bebce24337f00adbe08095b9f5128c1f440e2033329e5ace9fd817a31fb772d75c0ecc7cc06f34b1522ebf8b21874ee4d0881a0f29851b1c1235f29cf3 xen-pci.initd
2db5fa6edeeb028236460029b976a849f22b3a15d3929acc3911dc41f365b471c2b815eb111639bc230a69528b1571f3c2e9e8e1e81a6679e55387e39355aa99 xen-pci.confd"