[meta-virtualization] [PATCH v5 0/8] xen: Xen vTPM stubdomains

Christopher Clark christopher.w.clark at gmail.com
Tue May 1 10:22:45 PDT 2018


On Tue, May 1, 2018 at 7:05 AM, Kurt Bodiker <kurt.bodiker at braintrust-us.com
> wrote:

> This patchset introduces the basic recipes necessary to build Xen
> stubdomains, in particular the vTPM and vTPM Manager stubdomains. vTPM
> stubdomains provide Xen guest domains access to a virtualized TPM. The
> vTPM Manager stubdomain manages each of the vTPM domains and seals them
> to the physical TPM. The intention of this patchset is to provide the
> ability to build Xen stubdomains separately from the rest of the Xen
> components since the stubdomains have separate dependencies that are
> hard-coded within the Xen build and configuration files.  Separating the
> stubdomain recipes and dependencies from the rest of the Xen build gives
> the ability to use newer or different libraries than what is currently
> used.
>
> The stubdom.inc file defines a set of CPPFLAGS, CFLAGS, and LDFLAGS
> common for building all Xen stubdomains. Xen stubdomains are
> cross-compiled with the MiniOS, which creates some issues when trying to
> compile stubdomains in an OpenEmbedded environment. To address these
> issues and to ensure the stubdoms are built as Xen had intended, all of
> the build flags and build tools that are exported into the environment
> by OE have been unset. Each of the new recipes introduced here then
> implements the build flags and the tools as though the build had been
> run in the bare-metal environment.
>
> Recipes to create slightly modified source packages for lwIP amd Mini-OS
> are introduced to standardize the dependency tree among stubdomain
> related recipes and to avoid the hassle of maintaining the same tasks
> within many recipes.
>
> Xen vTPM stubdomains have depencencies on static libraries for newlib,
> polarssl, gmp, and tpm emulator. Xen vTPM Manager stubdomain has
> dependencies on static libraries for newlib and polarssl.
>
> The newlib, polarssl, gmp, and tpm emulator recipes are constructed to
> behave the same as a bare-metal build. These recipes are cross-compiled
> against both the Xen and MiniOS source code.
>
> The xen-vtpm recipe is responsible for building and installing the vTPM
> and vTPM Manager stubdomain images into the Xen boot directory. xen-vtpm
> would need to be added to DISTRO_FEATURES the similar for what is done
> for Xen.
>
> ---
> Changes in v5:
>  - Correct license in TPM Emulator recipe
>  - Remove aarch64 from COMPATIBLE_HOST in stubdom.inc
> Changes in v4:
>  - Fix whitespace errors in MiniOS, Newlib, and TPM Emulator patchfiles
>  - Corrected type in Newlib recipe
> Changes in v3:
>  - Limit builds to 64-bit only through COMPATIBLE_HOST
>  - Change Xen version comparison logic in xen-vtpm recipe
>  - Introduce MiniOS patch for GCC v7 that was not backported into the
>    4.9.x releases
>  - Change cross-root-${XEN_TARGET_ARCH} to cross-root-${GNU_TARGET_ARCH}
> Changes in v2:
>  - Multi-line variables formatted to match OE style guide
>  - SRC_URI formatted to use SRCREV rather than git tag
>  - patches formatted to striplevel=1
>  - introduced Mini-OS recipe
>  - Removed Xen dependency since this is handled (mostly) by Mini-OS
>  - Changed version number of xen-vtpm recipe to match Xen version
> ---
>
> Kurt Bodiker (8):
>   Define standard values needed to build stubdomains
>   LWIP source code with patches applied for stubdoms
>   Mini-OS source code with make links target applied
>   Newlib recipe and patches for Xen stubdoms
>   PolarSSL recipe and patches for Xen stubdoms
>   GMP recipe for Xen stubdoms
>   TPM Emulator for Xen stubdoms
>   vTPM and vTPM Manager stubdoms
>
>
For this whole series (v5):
Reviewed-by: Christopher Clark <christopher.clark6 at baesystems.com>

Thanks,

Christopher
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-virtualization/attachments/20180501/36e3c0f5/attachment.html>


More information about the meta-virtualization mailing list