[meta-virtualization] [PATCH v5 0/8] xen: Xen vTPM stubdomains
Bruce Ashfield
bruce.ashfield at gmail.com
Tue May 1 10:49:44 PDT 2018
Looks good to me as well.
I'm out of the office on vacation, and am having trouble reaching my build
machines, so it will likely be Friday before I can get this merged.
Bruce
On Tue, May 1, 2018 at 1:22 PM, Christopher Clark <
christopher.w.clark at gmail.com> wrote:
>
>
> On Tue, May 1, 2018 at 7:05 AM, Kurt Bodiker <kurt.bodiker at braintrust-us.
> com> wrote:
>
>> This patchset introduces the basic recipes necessary to build Xen
>> stubdomains, in particular the vTPM and vTPM Manager stubdomains. vTPM
>> stubdomains provide Xen guest domains access to a virtualized TPM. The
>> vTPM Manager stubdomain manages each of the vTPM domains and seals them
>> to the physical TPM. The intention of this patchset is to provide the
>> ability to build Xen stubdomains separately from the rest of the Xen
>> components since the stubdomains have separate dependencies that are
>> hard-coded within the Xen build and configuration files. Separating the
>> stubdomain recipes and dependencies from the rest of the Xen build gives
>> the ability to use newer or different libraries than what is currently
>> used.
>>
>> The stubdom.inc file defines a set of CPPFLAGS, CFLAGS, and LDFLAGS
>> common for building all Xen stubdomains. Xen stubdomains are
>> cross-compiled with the MiniOS, which creates some issues when trying to
>> compile stubdomains in an OpenEmbedded environment. To address these
>> issues and to ensure the stubdoms are built as Xen had intended, all of
>> the build flags and build tools that are exported into the environment
>> by OE have been unset. Each of the new recipes introduced here then
>> implements the build flags and the tools as though the build had been
>> run in the bare-metal environment.
>>
>> Recipes to create slightly modified source packages for lwIP amd Mini-OS
>> are introduced to standardize the dependency tree among stubdomain
>> related recipes and to avoid the hassle of maintaining the same tasks
>> within many recipes.
>>
>> Xen vTPM stubdomains have depencencies on static libraries for newlib,
>> polarssl, gmp, and tpm emulator. Xen vTPM Manager stubdomain has
>> dependencies on static libraries for newlib and polarssl.
>>
>> The newlib, polarssl, gmp, and tpm emulator recipes are constructed to
>> behave the same as a bare-metal build. These recipes are cross-compiled
>> against both the Xen and MiniOS source code.
>>
>> The xen-vtpm recipe is responsible for building and installing the vTPM
>> and vTPM Manager stubdomain images into the Xen boot directory. xen-vtpm
>> would need to be added to DISTRO_FEATURES the similar for what is done
>> for Xen.
>>
>> ---
>> Changes in v5:
>> - Correct license in TPM Emulator recipe
>> - Remove aarch64 from COMPATIBLE_HOST in stubdom.inc
>> Changes in v4:
>> - Fix whitespace errors in MiniOS, Newlib, and TPM Emulator patchfiles
>> - Corrected type in Newlib recipe
>> Changes in v3:
>> - Limit builds to 64-bit only through COMPATIBLE_HOST
>> - Change Xen version comparison logic in xen-vtpm recipe
>> - Introduce MiniOS patch for GCC v7 that was not backported into the
>> 4.9.x releases
>> - Change cross-root-${XEN_TARGET_ARCH} to cross-root-${GNU_TARGET_ARCH}
>> Changes in v2:
>> - Multi-line variables formatted to match OE style guide
>> - SRC_URI formatted to use SRCREV rather than git tag
>> - patches formatted to striplevel=1
>> - introduced Mini-OS recipe
>> - Removed Xen dependency since this is handled (mostly) by Mini-OS
>> - Changed version number of xen-vtpm recipe to match Xen version
>> ---
>>
>> Kurt Bodiker (8):
>> Define standard values needed to build stubdomains
>> LWIP source code with patches applied for stubdoms
>> Mini-OS source code with make links target applied
>> Newlib recipe and patches for Xen stubdoms
>> PolarSSL recipe and patches for Xen stubdoms
>> GMP recipe for Xen stubdoms
>> TPM Emulator for Xen stubdoms
>> vTPM and vTPM Manager stubdoms
>>
>>
> For this whole series (v5):
> Reviewed-by: Christopher Clark <christopher.clark6 at baesystems.com>
>
> Thanks,
>
> Christopher
>
>
> --
> _______________________________________________
> meta-virtualization mailing list
> meta-virtualization at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/meta-virtualization
>
>
--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee
at its end"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-virtualization/attachments/20180501/de96b34d/attachment-0001.html>
More information about the meta-virtualization
mailing list