[meta-virtualization] [PATCH v5 0/8] xen: Xen vTPM stubdomains

Bruce Ashfield bruce.ashfield at gmail.com
Tue May 1 10:49:44 PDT 2018 

Looks good to me as well.

I'm out of the office on vacation, and am having trouble reaching my build
machines, so it will likely be Friday before I can get this merged.

Bruce

On Tue, May 1, 2018 at 1:22 PM, Christopher Clark <
christopher.w.clark at gmail.com> wrote:

>
>
> On Tue, May 1, 2018 at 7:05 AM, Kurt Bodiker <kurt.bodiker at braintrust-us.
> com> wrote:
>
>> This patchset introduces the basic recipes necessary to build Xen
>> stubdomains, in particular the vTPM and vTPM Manager stubdomains. vTPM
>> stubdomains provide Xen guest domains access to a virtualized TPM. The
>> vTPM Manager stubdomain manages each of the vTPM domains and seals them
>> to the physical TPM. The intention of this patchset is to provide the
>> ability to build Xen stubdomains separately from the rest of the Xen
>> components since the stubdomains have separate dependencies that are
>> hard-coded within the Xen build and configuration files.  Separating the
>> stubdomain recipes and dependencies from the rest of the Xen build gives
>> the ability to use newer or different libraries than what is currently
>> used.
>>
>> The stubdom.inc file defines a set of CPPFLAGS, CFLAGS, and LDFLAGS
>> common for building all Xen stubdomains. Xen stubdomains are
>> cross-compiled with the MiniOS, which creates some issues when trying to
>> compile stubdomains in an OpenEmbedded environment. To address these
>> issues and to ensure the stubdoms are built as Xen had intended, all of
>> the build flags and build tools that are exported into the environment
>> by OE have been unset. Each of the new recipes introduced here then
>> implements the build flags and the tools as though the build had been
>> run in the bare-metal environment.
>>
>> Recipes to create slightly modified source packages for lwIP amd Mini-OS
>> are introduced to standardize the dependency tree among stubdomain
>> related recipes and to avoid the hassle of maintaining the same tasks
>> within many recipes.
>>
>> Xen vTPM stubdomains have depencencies on static libraries for newlib,
>> polarssl, gmp, and tpm emulator. Xen vTPM Manager stubdomain has
>> dependencies on static libraries for newlib and polarssl.
>>
>> The newlib, polarssl, gmp, and tpm emulator recipes are constructed to
>> behave the same as a bare-metal build. These recipes are cross-compiled
>> against both the Xen and MiniOS source code.
>>
>> The xen-vtpm recipe is responsible for building and installing the vTPM
>> and vTPM Manager stubdomain images into the Xen boot directory. xen-vtpm
>> would need to be added to DISTRO_FEATURES the similar for what is done
>> for Xen.
>>
>> ---
>> Changes in v5:
>>  - Correct license in TPM Emulator recipe
>>  - Remove aarch64 from COMPATIBLE_HOST in stubdom.inc
>> Changes in v4:
>>  - Fix whitespace errors in MiniOS, Newlib, and TPM Emulator patchfiles
>>  - Corrected type in Newlib recipe
>> Changes in v3:
>>  - Limit builds to 64-bit only through COMPATIBLE_HOST
>>  - Change Xen version comparison logic in xen-vtpm recipe
>>  - Introduce MiniOS patch for GCC v7 that was not backported into the
>>    4.9.x releases
>>  - Change cross-root-${XEN_TARGET_ARCH} to cross-root-${GNU_TARGET_ARCH}
>> Changes in v2:
>>  - Multi-line variables formatted to match OE style guide
>>  - SRC_URI formatted to use SRCREV rather than git tag
>>  - patches formatted to striplevel=1
>>  - introduced Mini-OS recipe
>>  - Removed Xen dependency since this is handled (mostly) by Mini-OS
>>  - Changed version number of xen-vtpm recipe to match Xen version
>> ---
>>
>> Kurt Bodiker (8):
>>   Define standard values needed to build stubdomains
>>   LWIP source code with patches applied for stubdoms
>>   Mini-OS source code with make links target applied
>>   Newlib recipe and patches for Xen stubdoms
>>   PolarSSL recipe and patches for Xen stubdoms
>>   GMP recipe for Xen stubdoms
>>   TPM Emulator for Xen stubdoms
>>   vTPM and vTPM Manager stubdoms
>>
>>
> For this whole series (v5):
> Reviewed-by: Christopher Clark <christopher.clark6 at baesystems.com>
>
> Thanks,
>
> Christopher
>
>
> --
> _______________________________________________
> meta-virtualization mailing list
> meta-virtualization at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/meta-virtualization
>
>


-- 
"Thou shalt not follow the NULL pointer, for chaos and madness await thee
at its end"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-virtualization/attachments/20180501/de96b34d/attachment-0001.html>

More information about the meta-virtualization mailing list