[meta-virtualization] [V2 Patch 2/2] Enables XSM functionality in builds that contain "xsm" in the PACKAGECONFIG.
M. Gregory
mbgrego at tycho.nsa.gov
Tue Dec 22 04:25:23 PST 2015
I believe this patch will still be needed. Your patch to Xen just
enables the flask utilities to be built. The XSM framework and policy
loading code will still need to be compiled.
-Machon
On 12/22/2015 12:45 AM, Doug Goldstein wrote:
> On 12/16/15 11:08 AM, Machon Gregory wrote:
>> * Correctly identifies xenpolicy by ${PV}
>> * Adds a check to identify if xsm is specified in PACKAGECONFIG and if so manually sets XSM_ENABLE in Xen's .config
>>
>> Signed-off-by: Machon Gregory <mbgrego at tycho.nsa.gov>
>> ---
>> recipes-extended/xen/xen.inc | 16 +++++++++++++++-
>> 1 file changed, 15 insertions(+), 1 deletion(-)
>>
>> diff --git a/recipes-extended/xen/xen.inc b/recipes-extended/xen/xen.inc
>> index 9e35459..03ec935 100644
>> --- a/recipes-extended/xen/xen.inc
>> +++ b/recipes-extended/xen/xen.inc
>> @@ -333,7 +333,7 @@ FILES_${PN}-flask = "\
>> ${sbindir}/flask-loadpolicy \
>> ${sbindir}/flask-set-bool \
>> ${sbindir}/flask-setenforce \
>> - /boot/xenpolicy.24 \
>> + /boot/xenpolicy-${PV} \
>> "
>>
>> FILES_${PN}-gdbsx = "\
>> @@ -715,6 +715,15 @@ EXTRA_OECONF += " \
>> --disable-ocamltools \
>> "
>>
>> +# check for XSM in package config to allow XSM_ENABLE to be set
>> +python () {
>> + pkgconfig = d.getVar('PACKAGECONFIG', True)
>> + if ('xsm') in pkgconfig.split():
>> + d.setVar('XSM_ENABLED', '1')
>> + else:
>> + d.setVar('XSM_ENABLED', '0')
>> +}
>> +
>> do_configure() {
>> # no stubs-32.h in our 64-bit sysroot - hack it into tools/include/gnu
>> if ! test -f ${STAGING_DIR_TARGET}/usr/include/gnu/stubs-32.h ; then
>> @@ -727,6 +736,11 @@ do_configure() {
>> fi
>> fi
>>
>> + #./configure --enable-xsm does not set XSM_ENABLE must be done manually
>> + if [ "${XSM_ENABLED}" = "1" ]; then
>> + echo "XSM_ENABLE := y" > ${S}/.config
>> + fi
>> +
>> # do configure
>> oe_runconf
>> }
>>
> This should do the trick for Xen 4.5 and Xen 4.6, however for 4.7 I've
> just submitted some changes to how FLASK and XSM are built and this will
> break there but we'll cross that bridge then.
>
> Reviewed-by: Doug Goldstein <cardoe at cardoe.com>
>
More information about the meta-virtualization
mailing list