# Contributor: William Pitcock # Contributor: Roger Pau Monne # Maintainer: William Pitcock setvar pkgname = 'xen' setvar pkgver = '4.9.0' setvar pkgrel = '4' setvar pkgdesc = ""Xen hypervisor"" setvar url = ""http://www.xen.org/"" setvar arch = ""x86_64 armhf aarch64"" setvar license = ""GPL"" setvar depends = ""bash iproute2 logrotate"" setvar depends_dev = ""libressl-dev python2-dev e2fsprogs-dev gettext zlib-dev ncurses-dev dev86 texinfo perl pciutils-dev glib-dev yajl-dev libnl3-dev spice-dev gnutls-dev curl-dev libaio-dev lzo-dev xz-dev util-linux-dev e2fsprogs-dev linux-headers argp-standalone perl-dev"" setvar makedepends = ""$depends_dev autoconf automake libtool dnsmasq"" setvar options = ""!strip"" # secfixes: # 4.7.0-r0: # - CVE-2016-6258 XSA-182 # - CVE-2016-6259 XSA-183 # - CVE-2016-5403 XSA-184 # 4.7.0-r1: # - CVE-2016-7092 XSA-185 # - CVE-2016-7093 XSA-186 # - CVE-2016-7094 XSA-187 # 4.7.0-r5: # - CVE-2016-7777 XSA-190 # 4.7.1-r1: # - CVE-2016-9386 XSA-191 # - CVE-2016-9382 XSA-192 # - CVE-2016-9385 XSA-193 # - CVE-2016-9384 XSA-194 # - CVE-2016-9383 XSA-195 # - CVE-2016-9377 XSA-196 # - CVE-2016-9378 XSA-196 # - CVE-2016-9381 XSA-197 # - CVE-2016-9379 XSA-198 # - CVE-2016-9380 XSA-198 # 4.7.1-r3: # - CVE-2016-9932 XSA-200 # - CVE-2016-9815 XSA-201 # - CVE-2016-9816 XSA-201 # - CVE-2016-9817 XSA-201 # - CVE-2016-9818 XSA-201 # 4.7.1-r4: # - CVE-2016-10024 XSA-202 # - CVE-2016-10025 XSA-203 # - CVE-2016-10013 XSA-204 # 4.7.1-r5: # - XSA-207 # - CVE-2017-2615 XSA-208 # - CVE-2017-2620 XSA-209 # - XSA-210 # 4.7.2-r0: # - CVE-2016-9603 XSA-211 # - CVE-2017-7228 XSA-212 # 4.8.1-r2: # - CVE-2017-8903 XSA-213 # - CVE-2017-8904 XSA-214 # 4.9.0-r0: # - CVE-2017-10911 XSA-216 # - CVE-2017-10912 XSA-217 # - CVE-2017-10913 XSA-218 # - CVE-2017-10914 XSA-218 # - CVE-2017-10915 XSA-219 # - CVE-2017-10916 XSA-220 # - CVE-2017-10917 XSA-221 # - CVE-2017-10918 XSA-222 # - CVE-2017-10919 XSA-223 # - CVE-2017-10920 XSA-224 # - CVE-2017-10921 XSA-224 # - CVE-2017-10922 XSA-224 # - CVE-2017-10923 XSA-225 # 4.9.0-r1: # - CVE-2017-12135 XSA-226 # - CVE-2017-12137 XSA-227 # - CVE-2017-12136 XSA-228 # - CVE-2017-12855 XSA-230 # 4.9.0-r2: # - XSA-235 # 4.9.0-r4: # - CVE-2017-14316 XSA-231 # - CVE-2017-14318 XSA-232 # - CVE-2017-14317 XSA-233 # - CVE-2017-14319 XSA-234 case (CARCH) { x86* { setvar depends = ""$depends syslinux"" setvar makedepends = ""$makedepends iasl seabios-bin"" } arm* { setvar makedepends = ""$makedepends dtc-dev"" } aarch64 { setvar makedepends = ""$makedepends dtc-dev iasl"" } } setvar install = """" #if [ "$CARCH" != "armhf" ]; then # subpackages="$pkgname-dbg" #fi setvar subpackages = ""$subpackages $pkgname-doc $pkgname-dev $pkgname-libs $pkgname-hypervisor $pkgname-bridge"" # grep _VERSION= stubdom/configure setvar _ZLIB_VERSION = ""1.2.3"" setvar _LIBPCI_VERSION = ""2.2.9"" setvar _NEWLIB_VERSION = ""1.16.0"" setvar _LWIP_VERSION = ""1.3.0"" setvar _GRUB_VERSION = ""0.97"" setvar _OCAML_VERSION = ""3.11.0"" setvar _GMP_VERSION = ""4.3.2"" setvar _POLARSSL_VERSION = ""1.1.4"" setvar _TPMEMU_VERSION = ""0.7.4"" # grep ^IPXE_GIT_TAG tools/firmware/etherboot/Makefile setvar _IPXE_GIT_TAG = '827dd1bfee67daa683935ce65316f7e0f057fe1c' setvar source = ""https://downloads.xenproject.org/release/$pkgname/$pkgver/$pkgname-$pkgver.tar.gz http://xenbits.xen.org/xen-extfiles/gmp-$_GMP_VERSION.tar.bz2 http://xenbits.xen.org/xen-extfiles/grub-$_GRUB_VERSION.tar.gz http://xenbits.xen.org/xen-extfiles/lwip-$_LWIP_VERSION.tar.gz http://xenbits.xen.org/xen-extfiles/newlib-$_NEWLIB_VERSION.tar.gz http://xenbits.xen.org/xen-extfiles/pciutils-$_LIBPCI_VERSION.tar.bz2 http://xenbits.xen.org/xen-extfiles/polarssl-$_POLARSSL_VERSION-gpl.tgz http://xenbits.xen.org/xen-extfiles/tpm_emulator-$_TPMEMU_VERSION.tar.gz http://xenbits.xen.org/xen-extfiles/zlib-$_ZLIB_VERSION.tar.gz http://xenbits.xen.org/xen-extfiles/ipxe-git-$_IPXE_GIT_TAG.tar.gz xsa226-1.patch xsa226-2.patch xsa227.patch xsa228.patch xsa230.patch xsa231-4.9.patch xsa232.patch xsa233.patch xsa234-4.9.patch xsa235-4.9.patch qemu-coroutine-gthread.patch qemu-xen_paths.patch hotplug-vif-vtrill.patch rombios-no-pie.patch musl-support.patch musl-hvmloader-fix-stdint.patch stdint_local.h elf_local.h xen-hotplug-lockfd.patch xen-fd-is-file.c xenstore_client_transaction_fix.patch xenqemu-xattr-size-max.patch xenstored.initd xenstored.confd xenconsoled.initd xenconsoled.confd xendomains.initd xendomains.confd xen-consoles.logrotate xenqemu.confd xenqemu.initd "" setvar builddir = ""$srcdir"/$pkgname-$pkgver" setvar _seabios = "/usr/share/seabios/bios-256k.bin" # Override wrong arch detection from xen-$pkgver/Config.mk. case (CARCH) { armhf { export XEN_TARGET_ARCH="arm32"} aarch64 { export XEN_TARGET_ARCH="arm64"} } proc prepare { local i _failed= _series= cd $builddir for i in $source { case (i) { *-etherboot-* { setvar p = ${i%%::*} setvar p = ${p##*/} msg "adding to ipxe: $p" cp "$srcdir"/$p tools/firmware/etherboot/patches/ echo $p >> tools/firmware/etherboot/patches/series } *.patch { msg $i; patch -s -N -p1 -i "$srcdir"/$i \ || setvar _failed = ""$_failed $i"" } */ipxe-git-* { ln -s "$srcdir"/${i##*/} \ tools/firmware/etherboot/ipxe.tar.gz || return 1 } */xen-extfiles/* { ln -s "$srcdir"/${i##*/} stubdom/ || return 1 } } } if test -n $_failed { error "Patches failed:" for i in $_failed { echo $i } return 1 } # install our stdint_local.h and elf_local.h install "$srcdir"/stdint_local.h "$srcdir"/elf_local.h \ "$builddir"/tools/firmware/ || return 1 ln -s ../firmware/stdint_local.h "$builddir"/tools/libxl/ # remove all -Werror msg "Eradicating -Werror..." find . -name '*.mk' -o -name 'Make*' | xargs sed -i -e 's/-Werror//g' \ || return 1 msg "Updating config.sub..." update_config_sub || return 1 msg "Autoreconf..." autoreconf || return 1 unset CFLAGS unset LDFLAGS } # Unset CFLAGS and LDFLAGS because the xen build system # doesn't support them. Instead use .config in xen root # folder if necessary. proc munge_cflags { msg "Munging CFLAGS..." unset CFLAGS unset LDFLAGS unset LANG unset LC_ALL case (CARCH) { armhf { export CFLAGS="-mcpu=cortex-a15"} aarch64 { export CFLAGS="-mcpu=cortex-a53"} } } # These tasks are added as separate tasks to enable a packager # to invoke specific tasks like building the hypervisor. i.e. # $ abuild configure build_tools proc configure { cd $builddir msg "Running configure..." ./configure --prefix=/usr \ --build=$CBUILD \ --host=$CHOST \ --with-system-seabios=$_seabios \ || return 1 } proc build_hypervisor { munge_cflags msg "Building hypervisor..." make xen || return 1 } proc build_tools { munge_cflags msg "Building tools..." make tools || return 1 } proc build_docs { munge_cflags msg "Building documentation..." make docs } proc build_stubdom { munge_cflags msg "Building stub domains..." make stubdom || return 1 } proc build { cd $builddir configure || return 1 build_hypervisor || return 1 build_tools || return 1 build_docs || return 1 case (CARCH) { x86* { build_stubdom || return 1} } ${CC:-gcc} -o xen-fd-is-file "$srcdir"/xen-fd-is-file.c } proc package { cd $builddir unset CFLAGS unset LDFLAGS make -j1 DESTDIR="$pkgdir" install-xen install-tools install-docs \ || return 1 case (CARCH) { x86* { make -j1 DESTDIR="$pkgdir" install-stubdom || return 1} } # remove default xencommons rm -rf "$pkgdir"/etc/init.d/xencommons for i in $source { case (i) { *.initd { install -Dm755 "$srcdir"/$i \ "$pkgdir"/etc/init.d/${i%.*}} *.confd { install -Dm644 "$srcdir"/$i \ "$pkgdir"/etc/conf.d/${i%.*}} } } install -Dm644 "$srcdir"/xen-consoles.logrotate \ "$pkgdir"/etc/xen/xen-consoles.logrotate install -m755 xen-fd-is-file "$pkgdir"/usr/lib/xen/bin/xen-fd-is-file # we need to exclude /usr/share when stripping msg "Stripping binaries" scanelf --recursive --nobanner --etype "ET_DYN,ET_EXEC" "$pkgdir"/usr/lib \ "$pkgdir"/usr/bin \ "$pkgdir"/usr/sbin \ | sed -e 's:^ET_DYN ::' -e 's:^ET_EXEC ::' \ | xargs strip } proc libs { setvar pkgdesc = ""Libraries for Xen tools"" setvar replaces = ""xen"" setvar depends = '' mkdir -p "$subpkgdir"/usr/lib mv "$pkgdir"/usr/lib/*.so.* \ "$pkgdir"/usr/lib/fs \ "$subpkgdir"/usr/lib/ } proc hypervisor { setvar pkgdesc = ""Xen hypervisor"" setvar depends = '' mkdir -p $subpkgdir mv "$pkgdir"/boot "$subpkgdir"/ } proc bridge { setvar depends = ""dnsmasq"" setvar pkgdesc = ""Bridge interface for XEN with dhcp"" mkdir -p "$subpkgdir"/etc/conf.d \ "$subpkgdir"/etc/init.d \ "$subpkgdir"/etc/xen ln -s dnsmasq "$subpkgdir"/etc/init.d/dnsmasq.xenbr0 cat ->>"$subpkgdir"/etc/conf.d/dnsmasq.xenbr0 <<< """ BRIDGE_ADDR="10.0.4.1" BRIDGE_NETMASK="255.255.255.0" BRIDGE_NETWORK="10.0.4.0/24" BRIDGE_DHCP_RANGE="10.0.4.2,10.0.4.254" BRIDGE_DHCP_MAX="253" BRIDGE_MAC="00:16:3f:00:00:00" DNSMASQ_CONFFILE="/etc/xen/dnsmasq.conf" """ cat ->>"$subpkgdir"/etc/xen/dnsmasq.conf <<< """ #dhcp-host=somehost,10.0.4.3 #dhcp-host=otherhost,10.0.4.4 """ } setvar sha512sums = ""97f8075c49ef9ec0adbe95106c0cff4f9379578fd568777697565476c3fd948335d72ddcacf8be65fd9db219c0a35dcdc007f355f7e5874dd950fd4c0a0f966f xen-4.9.0.tar.gz 2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf gmp-4.3.2.tar.bz2 c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb grub-0.97.tar.gz 1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d lwip-1.3.0.tar.gz 40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3 newlib-1.16.0.tar.gz 2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5 pciutils-2.2.9.tar.bz2 88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad polarssl-1.1.4-gpl.tgz 4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35 tpm_emulator-0.7.4.tar.gz 021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e zlib-1.2.3.tar.gz 82ba65e1c676d32b29c71e6395c9506cab952c8f8b03f692e2b50133be8f0c0146d0f22c223262d81a4df579986fde5abc6507869f4965be4846297ef7b4b890 ipxe-git-827dd1bfee67daa683935ce65316f7e0f057fe1c.tar.gz 45fed43bbdcf63fc3ded0a2629e27a5d58306a244dba2e005cf8814aa50cde962c41e5e72075a1d678eb9c18af17e1cbf078884214fd29df0ad551977c9880c2 xsa226-1.patch 4d1e729c592efefd705233b49484991801606b2122a64ff14abbf994bb3e77ec75c4989d43753ce2043cc4fe13d34fb1cef7ee1adb291ff16625bb3b125e5508 xsa226-2.patch 7d66494e833d46f8a213af0f2b107a12617d5e8b45c3b07daee229c75bd6aad98284bc0e19f15706d044b58273cc7f0c193ef8553faa22fadeae349689e763c8 xsa227.patch d406f14531af707325790909d08ce299ac2f2cb4b87f9a8ddb0fba10bd83bed84cc1633e07632cc2f841c50bc1a9af6240c89539a2e6ba6028cb127e218f86fc xsa228.patch df174a1675f74b73e78bc3cb1c9f16536199dfd1922c0cc545a807e92bc24941a816891838258e118f477109548487251a7eaccb2d1dd9b6994c8c76fc5b058f xsa230.patch 7ef6637112c3d24a3541d40ca79b8d5ed8a152401c8b7bfa4cde3e2e264544ba22d27c199d58f24616af2228f5e4075c2af2744d21a70b8cb4d4b1f1a7feedde xsa231-4.9.patch fb742225a4f3dbf2a574c4a6e3ef61a5da0c91aaeed77a2247023bdefcd4e0b6c08f1c9ffb42eaac3d38739c401443c3cf7aebb507b1d779c415b6cbffabbc10 xsa232.patch a322ac6c5ac2f858a59096108032fd42974eaaeeebd8f4966119149665f32bed281e333e743136e79add2e6f3844d88b6a3e4d5a685c2808702fd3a9e6396cd4 xsa233.patch cafeef137cd82cefc3e974b42b974c6562e822c9b359efb654ac374e663d9fc123be210eec17b278f40eabb77c93d3bf0ff03e445607159ad0712808a609a906 xsa234-4.9.patch 8bab6e59577b51f0c6b8a547c9a37a257bd0460e7219512e899d25f80a74084745d2a4c54e55ad12526663d40f218cb8f833b71350220d36e3750d002ff43d29 xsa235-4.9.patch c3c46f232f0bd9f767b232af7e8ce910a6166b126bd5427bb8dc325aeb2c634b956de3fc225cab5af72649070c8205cc8e1cab7689fc266c204f525086f1a562 qemu-coroutine-gthread.patch 1936ab39a1867957fa640eb81c4070214ca4856a2743ba7e49c0cd017917071a9680d015f002c57fa7b9600dbadd29dcea5887f50e6c133305df2669a7a933f3 qemu-xen_paths.patch f095ea373f36381491ad36f0662fb4f53665031973721256b23166e596318581da7cbb0146d0beb2446729adfdb321e01468e377793f6563a67d68b8b0f7ffe3 hotplug-vif-vtrill.patch 5514d7697c87f7d54d64723d44446b9bd84f6c984e763bd21d4eeaf502bf0c5b765f7b2180f8ca496b3baf97e7efd600b1cc1fdd1284b6ecbffe9846190ca069 rombios-no-pie.patch e635cf27ca022ca5bc829e089b5e9a3ce9e566d4701d06bc38a22e356de45a71bc33e170d6db333d4efe8389144419cc27834a2eee0bcae9118d4ca9aff64306 musl-support.patch 77b08e9655e091b0352e4630d520b54c6ca6d659d1d38fbb4b3bfc9ff3e66db433a2e194ead32bb10ff962c382d800a670e82b7a62835b238e294b22808290ea musl-hvmloader-fix-stdint.patch 8c3b57eab8641bcee3dbdc1937ea7874f77b9722a5a0aa3ddb8dff8cc0ced7e19703ef5d998621b3809bea7c16f3346cfa47610ec9ab014ad0de12651c94e5ff stdint_local.h 853467a2d055c5bfbdc7bdca175a334241be44a7c5ac3c0a84a4bc5463b5c070b66d37e2a557429ef860727a6b7350683af758cc2494d85b6be4d883143a2c0d elf_local.h 79cb1b6b81b17cb87a064dfe3548949dfb80f64f203cac11ef327102b7a25794549ce2d9c019ebf05f752214da8e05065e9219d069e679c0ae5bee3d090c685e xen-hotplug-lockfd.patch e76816c6ad0e91dc5f81947f266da3429b20e6d976c3e8c41202c6179532eec878a3f0913921ef3ac853c5dbad8082da3c9cd53b65081910516feb492577b7fc xen-fd-is-file.c 69dfa60628ca838678862383528654ecbdf4269cbb5c9cfb6b84d976202a8dea85d711aa65a52fa1b477fb0b30604ca70cf1337192d6fb9388a08bbe7fe56077 xenstore_client_transaction_fix.patch 2094ea964fa610b2bf72fd2c7ede7e954899a75c0f5b08030cf1d74460fb759ade84866176e32f8fe29c921dfdc6dafd2b31e23ab9b0a3874d3dceeabdd1913b xenqemu-xattr-size-max.patch 52c43beb2596d645934d0f909f2d21f7587b6898ed5e5e7046799a8ed6d58f7a09c5809e1634fa26152f3fd4f3e7cfa07da7076f01b4a20cc8f5df8b9cb77e50 xenstored.initd 093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0 xenstored.confd 3c86ed48fbee0af4051c65c4a3893f131fa66e47bf083caf20c9b6aa4b63fdead8832f84a58d0e27964bc49ec8397251b34e5be5c212c139f556916dc8da9523 xenconsoled.initd 30df69cc38d0bed26bc4d6e08a2b62cbdc654d5f663009a05cb3b83b3e3dc5e206362d3fd59abbb753ceb8d6d79eaa6e15d079bb8f4f35dc74667103faf4e85d xenconsoled.confd 357ab672be7ac36e4b5b056504cd5094d9218c4ea148c2f739d628479ebf0d9c0eb201ea7d4f97f07d01e59b88cafd318de0e1250a5b3db41bd94aa3fb7c7e49 xendomains.initd c7c0eecd5f454d903b57a710902da27dcb2c6b200f88d4eadfab33a447be6b41454109d482aab849a690446ea5c928e619dfc6cf95b7955f00a476f2317bb82b xendomains.confd ab2105c75cfe01768aecd5bcbb56269d63666e8a44e42b6a83aee87df6c84ee2f9ab249171c21b2e09f8fec2cae8318f6e87d160989398a3e7dd68db8d52c426 xen-consoles.logrotate bdbe15c924071cdc2d0f23e53ba8e3f837d4b5369bfb218abd3405f9bef25d105269aaf0784baeb69c073a5786b8c82ffdfd414e86874da34293cfdc2c497928 xenqemu.confd 8475119369409efb8ad930c7735cd3d782191d18fab4fc322a51120c395162ff88e381182876036d1078afd30079dbf3f94a3568689e9b52ba235adead4b97d3 xenqemu.initd""