[meta-virtualization] [PATCH 4/7] xen: PolarSSL recipe and patches for Xen stubdoms
Kurt Bodiker
kurt.bodiker at braintrust-us.com
Mon Mar 5 07:35:04 PST 2018
From: kebodiker <kurt.bodiker at braintrust-us.com>
PolarSSL (now mbedTLS) is a lightweight SSL library optimized for
embedded systems. In the case of Xen stubdomains, we are using MiniOS.
This PolarSSL recipe creates a static library that is cross-compiled
against MiniOS, Xen, LWIP, and Newlib headers and subsequently used
during the cross-compilation and linking of the stubdom specific GMP,
TPM Emulator, and the Xen vTPM and vTPM Manager stubdomains.
The current Xen source code is hardcoded to fetch a specific version of
this package. The patch files originate from the Xen/stubdom source
tree. This recipe provides the flexibility to change version or modify
the patches.
Signed-off-by: Kurt Bodiker <kurt.bodiker at braintrust-us.com>
---
recipes-extended/xen/files/polarssl.patch | 64 +++++++++++++++++++++++++++++++
recipes-extended/xen/polarssl.inc | 25 ++++++++++++
recipes-extended/xen/polarssl_1.1.4.bb | 17 ++++++++
3 files changed, 106 insertions(+)
create mode 100644 recipes-extended/xen/files/polarssl.patch
create mode 100644 recipes-extended/xen/polarssl.inc
create mode 100644 recipes-extended/xen/polarssl_1.1.4.bb
diff --git a/recipes-extended/xen/files/polarssl.patch b/recipes-extended/xen/files/polarssl.patch
new file mode 100644
index 0000000..d387d4e
--- /dev/null
+++ b/recipes-extended/xen/files/polarssl.patch
@@ -0,0 +1,64 @@
+diff -Naur polarssl-1.1.4/include/polarssl/config.h polarssl-x86_64/include/polarssl/config.h
+--- polarssl-1.1.4/include/polarssl/config.h 2011-12-22 05:06:27.000000000 -0500
++++ polarssl-x86_64/include/polarssl/config.h 2012-10-30 17:18:07.567001000 -0400
+@@ -164,8 +164,8 @@
+ * application.
+ *
+ * Uncomment this macro to prevent loading of default entropy functions.
+-#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
+ */
++#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
+
+ /**
+ * \def POLARSSL_NO_PLATFORM_ENTROPY
+@@ -175,8 +175,8 @@
+ * standards like the /dev/urandom or Windows CryptoAPI.
+ *
+ * Uncomment this macro to disable the built-in platform entropy functions.
+-#define POLARSSL_NO_PLATFORM_ENTROPY
+ */
++#define POLARSSL_NO_PLATFORM_ENTROPY
+
+ /**
+ * \def POLARSSL_PKCS1_V21
+@@ -426,8 +426,8 @@
+ * Requires: POLARSSL_TIMING_C
+ *
+ * This module enables the HAVEGE random number generator.
+- */
+ #define POLARSSL_HAVEGE_C
++ */
+
+ /**
+ * \def POLARSSL_MD_C
+@@ -490,7 +490,7 @@
+ *
+ * This module provides TCP/IP networking routines.
+ */
+-#define POLARSSL_NET_C
++//#define POLARSSL_NET_C
+
+ /**
+ * \def POLARSSL_PADLOCK_C
+@@ -644,8 +644,8 @@
+ * Caller: library/havege.c
+ *
+ * This module is used by the HAVEGE random number generator.
+- */
+ #define POLARSSL_TIMING_C
++ */
+
+ /**
+ * \def POLARSSL_VERSION_C
+diff -Naur polarssl-1.1.4/library/bignum.c polarssl-x86_64/library/bignum.c
+--- polarssl-1.1.4/library/bignum.c 2012-04-29 16:15:55.000000000 -0400
++++ polarssl-x86_64/library/bignum.c 2012-10-30 17:21:52.135000999 -0400
+@@ -1101,7 +1101,7 @@
+ Z.p[i - t - 1] = ~0;
+ else
+ {
+-#if defined(POLARSSL_HAVE_LONGLONG)
++#if 0 //defined(POLARSSL_HAVE_LONGLONG)
+ t_udbl r;
+
+ r = (t_udbl) X.p[i] << biL;
diff --git a/recipes-extended/xen/polarssl.inc b/recipes-extended/xen/polarssl.inc
new file mode 100644
index 0000000..f90cd2f
--- /dev/null
+++ b/recipes-extended/xen/polarssl.inc
@@ -0,0 +1,25 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker at braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+require stubdom.inc
+
+DEPENDS += "\
+ newlib \
+"
+STUBDOM_CFLAGS += "-Wno-memset-elt-size -Wno-implicit-fallthrough"
+
+# even though there's nothing to configure, we still need this to run the "make links" target in mini-os
+do_configure(){
+}
+
+do_compile() {
+ ${MAKE} CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}"
+}
+
+do_install() {
+ install -d ${D}${includedir}
+ cp -r -t ${D}${includedir} ${S}/include/polarssl
+
+ install -d ${D}/${libdir}
+ install -m 644 -t ${D}/${libdir} ${S}/library/libpolarssl.a
+}
diff --git a/recipes-extended/xen/polarssl_1.1.4.bb b/recipes-extended/xen/polarssl_1.1.4.bb
new file mode 100644
index 0000000..2d4c2e0
--- /dev/null
+++ b/recipes-extended/xen/polarssl_1.1.4.bb
@@ -0,0 +1,17 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker at braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+DESCRIPTION = "PolarSSL (now 'mbed TLS') is an open source, portable, easy to use, readable and flexible SSL library."
+HOMEPAGE = "https://tls.mbed.org"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe"
+
+S="${WORKDIR}/${PN}"
+B="${S}/library"
+
+SRC_URI += "\
+ git://github.com/ARMmbed/mbedtls.git;protocol=https;rev=${PN}-${PV};destsuffix=${PN};nobranch=1;name=${PN} \
+ file://polarssl.patch;striplevel=1 \
+"
+
+require polarssl.inc
--
2.14.2
--
*This email and all attachments are considered confidential and the
proprietary information of BrainTrust Holdings. Unauthorized disclosure is
prohibited. *
More information about the meta-virtualization
mailing list