diff options
Diffstat (limited to 'import-layers/meta-virtualization')
134 files changed, 6554 insertions, 1327 deletions
diff --git a/import-layers/meta-virtualization/README b/import-layers/meta-virtualization/README index 7d842329fb..f13de08967 100644 --- a/import-layers/meta-virtualization/README +++ b/import-layers/meta-virtualization/README @@ -4,7 +4,7 @@ meta-virtualization This layer provides support for building Xen, KVM, Libvirt, and associated packages necessary for constructing OE-based virtualized solutions. -The bbappend files for some recipe (e.g. linux-yocto) in this layer needs to +The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line. @@ -23,8 +23,16 @@ variable in your configuration: SKIP_META_VIRT_SANITY_CHECK = 1 -Also note that there are kvm and xen specific distro flags/features that depending -on your use case. +Depending on your use case, there are other distro features in meta-virtualization +that may also be enabled: + + - xen: enables xen functionality in various packages (kernel, libvirt, etc) + - kvm: enables KVM configurations in the kernel and autoloads modules + - aufs: enables aufs support in docker and linux-yocto + - x11: enable xen and libvirt functionality related to x11 + - selinux: enables functionality in libvirt and lxc + - systemd: enable systemd services and unit files (for recipes for support) + - sysvinit: enable sysvinit scripts (for recipes with support) Dependencies ------------ @@ -39,14 +47,10 @@ URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe - meta-networking + meta-networking meta-filesystems meta-python -URI: git://github.com/errordeveloper/oe-meta-go.git -branch: master -revision: HEAD - BBFILE_PRIORITY_openembedded-layer = "4" Required for Xen XSM policy: @@ -64,7 +68,7 @@ Maintainers: Raymond Danks <ray.danks@se-eng.com> Bruce Ashfield <bruce.ashfield@gmail.com> When sending single patches, please using something like: -$ git send-email -1 --to meta-virtualization@yoctoproject.org --subject-prefix='meta-virtualization][PATCH' +$ git send-email -1 -M --to meta-virtualization@yoctoproject.org --subject-prefix='meta-virtualization][PATCH' License ------- diff --git a/import-layers/meta-virtualization/conf/distro/include/meta-virt-default-versions.inc b/import-layers/meta-virtualization/conf/distro/include/meta-virt-default-versions.inc new file mode 100644 index 0000000000..27e7b90d42 --- /dev/null +++ b/import-layers/meta-virtualization/conf/distro/include/meta-virt-default-versions.inc @@ -0,0 +1,9 @@ +# Meta-virtuailization PREFERED_VERSION + +PREFERRED_VERSION_python-blinker = "1.3" +PREFERRED_VERSION_python-gevent = "1.0.1" +PREFERRED_VERSION_python-m2crypto = "0.22.3" +PREFERRED_VERSION_python-pyyaml = "3.11" +PREFERRED_VERSION_python-redis = "2.10.3" +PREFERRED_VERSION_python-sqlalchemy = "1.1.5" +PREFERRED_VERSION_python-werkzeug = "0.10.4" diff --git a/import-layers/meta-virtualization/conf/layer.conf b/import-layers/meta-virtualization/conf/layer.conf index f71c117d6d..fa2e015e05 100644 --- a/import-layers/meta-virtualization/conf/layer.conf +++ b/import-layers/meta-virtualization/conf/layer.conf @@ -14,15 +14,17 @@ LICENSE_PATH += "${LAYERDIR}/files/custom-licenses" # This should only be incremented on significant changes that will # cause compatibility issues with other layers LAYERVERSION_virtualization-layer = "1" - +LAYERSERIES_COMPAT_virtualization-layer = "sumo" LAYERDEPENDS_virtualization-layer = "core networking-layer" # Override security flags require conf/distro/include/virt_security_flags.inc PREFERRED_PROVIDER_virtual/runc ?= "runc-docker" -PREFERRED_PROVIDER_virtual/containerd ?= "containerd-docker" +PREFERRED_PROVIDER_virtual/containerd ?= "containerd-opencontainers" # Sanity check for meta-virtualization layer. # Setting SKIP_META_VIRT_SANITY_CHECK to "1" would skip the bbappend files check. INHERIT += "sanity-meta-virt" + +require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', 'meta-virt-default-versions.inc', '', d)} diff --git a/import-layers/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb b/import-layers/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb index 37f85472f6..c6b4f5e4c6 100644 --- a/import-layers/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb +++ b/import-layers/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb @@ -1,9 +1,11 @@ +SRCREV = "cfd04396dc68220d1cecbe686a6cc3aa5ce3667c" +SRC_URI = "git://github.com/containerd/containerd;nobranch=1 \ + file://0001-build-use-oe-provided-GO-and-flags.patch \ + " + include containerd.inc -SRCREV = "0ac3cd1be170d180b2baed755e8f0da547ceb267" -SRC_URI = "git://github.com/docker/containerd.git;nobranch=1 \ - " -CONTAINERD_VERSION = "0.2.2" +CONTAINERD_VERSION = "v1.0.2" PROVIDES += "virtual/containerd" RPROVIDES_${PN} = "virtual/containerd" diff --git a/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc b/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc index e7a371926f..eb47cc9eec 100644 --- a/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc +++ b/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc @@ -6,7 +6,7 @@ DESCRIPTION = "containerd is a daemon to control runC, built for performance and # Apache-2.0 for containerd LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE.code;md5=aadc30f9c14d876ded7bedc0afd2d3d7" +LIC_FILES_CHKSUM = "file://src/import/LICENSE.code;md5=aadc30f9c14d876ded7bedc0afd2d3d7" SRC_URI += "file://containerd.service" @@ -17,6 +17,8 @@ PV = "${CONTAINERD_VERSION}+git${SRCREV}" inherit go inherit goarch +GO_IMPORT = "import" + RRECOMMENDS_${PN} = "lxc docker" CONTAINERD_PKG="github.com/containerd/containerd" @@ -25,30 +27,37 @@ INSANE_SKIP_${PN} += "ldflags" do_configure[noexec] = "1" do_compile() { - # Set GOPATH. See 'PACKAGERS.md'. Don't rely on - # docker to download its dependencies but rather - # use dependencies packaged independently. - cd ${S} - rm -rf .gopath - mkdir -p .gopath/src/"$(dirname "${CONTAINERD_PKG}")" - ln -sf ../../../.. .gopath/src/"${CONTAINERD_PKG}" - - export GOPATH="${WORKDIR}/git/" - export GOROOT="${STAGING_LIBDIR_NATIVE}/${TARGET_SYS}/go" - - # Pass the needed cflags/ldflags so that cgo - # can find the needed headers files and libraries - export GOARCH="${TARGET_GOARCH}" - export CGO_ENABLED="1" - export CFLAGS="" - export LDFLAGS="" - export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export GO_GCFLAGS="" - export CC_FOR_TARGET="${TARGET_PREFIX}gcc ${TARGET_CC_ARCH} --sysroot=${STAGING_DIR_TARGET}" - export CXX_FOR_TARGET="${TARGET_PREFIX}g++ ${TARGET_CC_ARCH} --sysroot=${STAGING_DIR_TARGET}" - - oe_runmake static + export GOARCH="${TARGET_GOARCH}" + + # link fixups for compilation + rm -f ${S}/src/import/vendor/src + ln -sf ./ ${S}/src/import/vendor/src + + mkdir -p ${S}/src/import/vendor/src/github.com/containerd/containerd/ + # without this, the stress test parts of the build fail + cp ${S}/src/import/*.go ${S}/src/import/vendor/src/github.com/containerd/containerd + + for c in content errdefs fs images mount snapshots linux api runtimes defaults progress \ + protobuf reference diff platforms runtime remotes version archive dialer gc metadata \ + metrics filters identifiers labels leases plugin server services \ + cmd cio containers namespaces oci events log reaper sys rootfs; do + ln -sfn ${S}/src/import/${c} ${S}/src/import/vendor/github.com/containerd/containerd/${c} + done + + export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go" + export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go" + + # Pass the needed cflags/ldflags so that cgo + # can find the needed headers files and libraries + export CGO_ENABLED="1" + export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" + export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" + export BUILDTAGS="no_btrfs static_build netgo" + export CFLAGS="${CFLAGS}" + export LDFLAGS="${LDFLAGS}" + + cd ${S}/src/import + oe_runmake binaries } # Note: disabled for now, since docker is launching containerd @@ -59,9 +68,9 @@ do_compile() { do_install() { mkdir -p ${D}/${bindir} - cp ${S}/bin/containerd ${D}/${bindir}/containerd - cp ${S}/bin/containerd-shim ${D}/${bindir}/containerd-shim - cp ${S}/bin/ctr ${D}/${bindir}/containerd-ctr + cp ${S}/src/import/bin/containerd ${D}/${bindir}/containerd + cp ${S}/src/import/bin/containerd-shim ${D}/${bindir}/containerd-shim + cp ${S}/src/import/bin/ctr ${D}/${bindir}/containerd-ctr ln -sf containerd ${D}/${bindir}/docker-containerd ln -sf containerd-shim ${D}/${bindir}/docker-containerd-shim @@ -78,3 +87,4 @@ do_install() { FILES_${PN} += "${systemd_system_unitdir}/*" INHIBIT_PACKAGE_STRIP = "1" +INSANE_SKIP_${PN} += "ldflags already-stripped" diff --git a/import-layers/meta-virtualization/recipes-containers/containerd/files/0001-build-use-oe-provided-GO-and-flags.patch b/import-layers/meta-virtualization/recipes-containers/containerd/files/0001-build-use-oe-provided-GO-and-flags.patch new file mode 100644 index 0000000000..75a984be46 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-containers/containerd/files/0001-build-use-oe-provided-GO-and-flags.patch @@ -0,0 +1,26 @@ +From e31acef290181434efaf47e70db7ad0d92dbe300 Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@windriver.com> +Date: Thu, 19 Apr 2018 17:09:51 -0400 +Subject: [PATCH] build: use oe provided GO and flags + +Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/import/Makefile b/src/import/Makefile +index 9d8cf8a18fbc..492d033fe2a7 100644 +--- a/src/import/Makefile ++++ b/src/import/Makefile +@@ -134,7 +134,7 @@ bin/%: cmd/% FORCE + + bin/containerd-shim: cmd/containerd-shim FORCE # set !cgo and omit pie for a static shim build: https://github.com/golang/go/issues/17789#issuecomment-258542220 + @echo "$(WHALE) bin/containerd-shim" +- @CGO_ENABLED=0 go build -o bin/containerd-shim ${SHIM_GO_LDFLAGS} ${GO_TAGS} ./cmd/containerd-shim ++ @$(GO) build -o bin/containerd-shim ${SHIM_GO_LDFLAGS} $(GOBUILDFLAGS) ${GO_TAGS} ./cmd/containerd-shim + + binaries: $(BINARIES) ## build binaries + @echo "$(WHALE) $@" +-- +2.4.0.53.g8440f74 + diff --git a/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb b/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb index 3a021031ab..7d62f354b1 100644 --- a/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb +++ b/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb @@ -21,6 +21,7 @@ SRC_URI = "git://github.com/xemul/criu.git;protocol=git \ file://0002-criu-Skip-documentation-install.patch \ file://0001-criu-Change-libraries-install-directory.patch \ file://lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch \ + file://fix-building-on-newest-glibc-and-kernel.patch \ " COMPATIBLE_HOST = "(x86_64|arm|aarch64).*-linux" @@ -57,6 +58,8 @@ inherit setuptools PACKAGECONFIG ??= "" PACKAGECONFIG[selinux] = ",,libselinux" +CLEANBROKEN = "1" + do_compile_prepend() { rm -rf ${S}/images/google/protobuf/descriptor.proto ln -s ${PKG_CONFIG_SYSROOT_DIR}/usr/include/google/protobuf/descriptor.proto ${S}/images/google/protobuf/descriptor.proto diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch index 4908e474a1..afb1332da4 100644 --- a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch +++ b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch @@ -1,4 +1,4 @@ -From 78390305829316633acee2ca5607331b0e37a104 Mon Sep 17 00:00:00 2001 +From f64fbca70e6049dad3c404d871f2383d97725d2d Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Fri, 8 Sep 2017 15:11:31 -0400 Subject: [PATCH] criu: Change libraries install directory @@ -7,12 +7,13 @@ Install the libraries into /usr/lib(or /usr/lib64) Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com> Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- Makefile.install | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/Makefile.install b/Makefile.install -index 3987bcc..73d98a4 100644 +index 1def3cf..d020eef 100644 --- a/Makefile.install +++ b/Makefile.install @@ -9,19 +9,6 @@ LIBEXECDIR ?= $(PREFIX)/libexec @@ -35,6 +36,3 @@ index 3987bcc..73d98a4 100644 # LIBDIR falls back to the standard path. LIBDIR ?= $(PREFIX)/lib --- -2.7.4 - diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch index dc5b897742..d1f136c404 100644 --- a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch +++ b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch @@ -1,4 +1,4 @@ -From af679853a45fe63f680c99e70416c8ac620d23b8 Mon Sep 17 00:00:00 2001 +From c005b7a4874f55df687ff22bc425551775581421 Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Fri, 8 Sep 2017 15:02:14 -0400 Subject: [PATCH] criu: Fix toolchain hardcode @@ -9,6 +9,7 @@ be taken. Signed-off-by: Yang Shi <yang.shi@windriver.com> Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com> Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- Makefile | 2 +- scripts/nmk/scripts/include.mk | 2 +- @@ -96,6 +97,3 @@ index 56dba84..1698821 100644 export RM HOSTLD LD HOSTCC CC CPP AS AR STRIP OBJCOPY OBJDUMP export NM SH MAKE MKDIR AWK PERL PYTHON SH CSCOPE --- -2.7.4 - diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/0002-criu-Skip-documentation-install.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/0002-criu-Skip-documentation-install.patch index ba414d966a..af45db73e8 100644 --- a/import-layers/meta-virtualization/recipes-containers/criu/files/0002-criu-Skip-documentation-install.patch +++ b/import-layers/meta-virtualization/recipes-containers/criu/files/0002-criu-Skip-documentation-install.patch @@ -1,21 +1,22 @@ -From 07d9b3d0c372e45127dd51781d9564e8bee90dbe Mon Sep 17 00:00:00 2001 +From 45d74ae8a314c481398ba91a3697ffbd074cd98b Mon Sep 17 00:00:00 2001 From: Jianchuan Wang <jianchuan.wang@windriver.com> Date: Tue, 16 Aug 2016 09:42:24 +0800 -Subject: [PATCH 2/2] criu: Skip documentation install +Subject: [PATCH] criu: Skip documentation install asciidoc is needed to generate CRIU documentation, so skip it in install. Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com> + --- Makefile.install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.install b/Makefile.install -index a30dc96..33143fb 100644 +index 3987bcc..1def3cf 100644 --- a/Makefile.install +++ b/Makefile.install -@@ -22,7 +22,7 @@ install-tree: - .PHONY: install-tree +@@ -29,7 +29,7 @@ export PREFIX BINDIR SBINDIR MANDIR RUNDIR + export LIBDIR INCLUDEDIR LIBEXECDIR install-man: - $(Q) $(MAKE) -C Documentation install @@ -23,6 +24,3 @@ index a30dc96..33143fb 100644 .PHONY: install-man install-lib: lib --- -2.7.4 - diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/fix-building-on-newest-glibc-and-kernel.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/fix-building-on-newest-glibc-and-kernel.patch new file mode 100644 index 0000000000..9361adc26d --- /dev/null +++ b/import-layers/meta-virtualization/recipes-containers/criu/files/fix-building-on-newest-glibc-and-kernel.patch @@ -0,0 +1,45 @@ +From b59947007362b53e9f41f1e5a33071dedf1c59ac Mon Sep 17 00:00:00 2001 +From: Adrian Reber <areber@redhat.com> +Date: Thu, 28 Sep 2017 09:13:33 +0000 +Subject: [PATCH] fix building on newest glibc and kernel + +On Fedora rawhide with kernel-headers-4.14.0-0.rc2.git0.1.fc28.x86_64 +glibc-devel-2.26.90-15.fc28.x86_64 criu does not build any more: + +In file included from /usr/include/linux/aio_abi.h:31:0, + from criu/cr-check.c:24: +/usr/include/sys/mount.h:35:3: error: expected identifier before numeric constant + MS_RDONLY = 1, /* Mount read-only. */ + ^ +make[2]: *** [/builddir/build/BUILD/criu-3.5/scripts/nmk/scripts/build.mk:111: criu/cr-check.o] Error 1 +make[1]: *** [criu/Makefile:73: criu/built-in.o] Error 2 +make: *** [Makefile:233: criu] Error 2 + +This simple re-ordering of includes fixes it for me. + +Signed-off-by: Adrian Reber <areber@redhat.com> +Signed-off-by: Andrei Vagin <avagin@virtuozzo.com> + +Upstream-Status: Backport +[https://github.com/checkpoint-restore/criu/commit/f41e386d4d40e3e26b0cfdc85a812b7edb337f1d#diff-cc847b1cc975358c6582595be92d48db] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> + +--- + criu/cr-check.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/criu/cr-check.c b/criu/cr-check.c +index 1dd887a..93df2ab 100644 +--- a/criu/cr-check.c ++++ b/criu/cr-check.c +@@ -21,8 +21,8 @@ + #include <netinet/in.h> + #include <sys/prctl.h> + #include <sched.h> +-#include <linux/aio_abi.h> + #include <sys/mount.h> ++#include <linux/aio_abi.h> + + #include "../soccr/soccr.h" + diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch index c2512a0eaa..59e7bcbf9b 100644 --- a/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch +++ b/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch @@ -1,4 +1,4 @@ -From 89f9b87904bd312b817ffaa7d83abfd5e84d723d Mon Sep 17 00:00:00 2001 +From 6caf90592d61c8c45b32cb7ff76709f9326030e2 Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Fri, 8 Sep 2017 15:40:49 -0400 Subject: [PATCH] lib/Makefile: overwrite install-lib, to allow multiarch @@ -8,6 +8,7 @@ I am not sure why Yocto installs python modules in arch specific INSTALL_LIB. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- lib/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) @@ -25,6 +26,3 @@ index b1bb057..06f5c5d 100644 .PHONY: install uninstall: --- -2.7.4 - diff --git a/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb b/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb index 4e761d0b12..851c251031 100644 --- a/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb +++ b/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb @@ -19,7 +19,6 @@ RDEPENDS_${PN} = "\ ${PYTHON_PN}-docker-pycreds \ ${PYTHON_PN}-dockerpty \ ${PYTHON_PN}-docopt \ - ${PYTHON_PN}-enum \ ${PYTHON_PN}-idna \ ${PYTHON_PN}-jsonschema \ ${PYTHON_PN}-pyyaml \ diff --git a/import-layers/meta-virtualization/recipes-containers/docker/docker-ce_git.bb b/import-layers/meta-virtualization/recipes-containers/docker/docker-ce_git.bb new file mode 100644 index 0000000000..0dfda5f10e --- /dev/null +++ b/import-layers/meta-virtualization/recipes-containers/docker/docker-ce_git.bb @@ -0,0 +1,172 @@ +HOMEPAGE = "http://www.docker.com" +SUMMARY = "Linux container runtime" +DESCRIPTION = "Linux container runtime \ + Docker complements kernel namespacing with a high-level API which \ + operates at the process level. It runs unix processes with strong \ + guarantees of isolation and repeatability across servers. \ + . \ + Docker is a great building block for automating distributed systems: \ + large-scale web deployments, database clusters, continuous deployment \ + systems, private PaaS, service-oriented architectures, etc. \ + . \ + This package contains the daemon and client. Using docker.io is \ + officially supported on x86_64 and arm (32-bit) hosts. \ + Other architectures are considered experimental. \ + . \ + Also, note that kernel version 3.10 or above is required for proper \ + operation of the daemon process, and that any lower versions may have \ + subtle and/or glaring issues. \ + " + +SRCREV_docker = "0520e243029d1361649afb0706a1c5d9a1c012b8" +SRCREV_libnetwork = "4cb38c2987c236dce03c868d99b57b1e28a4b81c" +SRCREV_cli = "0f1bb353423e45e02315e985bd9ddebe6da18457" +SRC_URI = "\ + git://github.com/docker/docker-ce.git;nobranch=1;name=docker \ + git://github.com/docker/libnetwork.git;branch=master;name=libnetwork;destsuffix=libnetwork \ + git://github.com/docker/cli;branch=master;name=cli;destsuffix=cli \ + file://docker.init \ + file://hi.Dockerfile \ + " + +# Apache-2.0 for docker +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://src/import/components/engine/LICENSE;md5=9740d093a080530b5c5c6573df9af45a" + +GO_IMPORT = "import" + +S = "${WORKDIR}/git" + +DOCKER_VERSION = "18.03.0-ce" +PV = "${DOCKER_VERSION}+git${SRCREV_docker}" + +DEPENDS = " \ + go-cli \ + go-pty \ + go-context \ + go-mux \ + go-patricia \ + go-logrus \ + go-fsnotify \ + go-dbus \ + go-capability \ + go-systemd \ + btrfs-tools \ + sqlite3 \ + go-distribution \ + compose-file \ + go-connections \ + notary \ + grpc-go \ + libtool-native \ + libtool \ + " + +PACKAGES =+ "${PN}-contrib" + +DEPENDS_append_class-target = " lvm2" +RDEPENDS_${PN} = "util-linux iptables \ + ${@bb.utils.contains('DISTRO_FEATURES', 'aufs', 'aufs-util', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'cgroup-lite', d)} \ + " +RDEPENDS_${PN} += "virtual/containerd virtual/runc" + +RRECOMMENDS_${PN} = "kernel-module-dm-thin-pool kernel-module-nf-nat" +RSUGGESTS_${PN} = "lxc rt-tests" +DOCKER_PKG="github.com/docker/docker" + +inherit systemd update-rc.d +inherit go +inherit goarch +inherit pkgconfig + +do_configure[noexec] = "1" + +do_compile() { + # Set GOPATH. See 'PACKAGERS.md'. Don't rely on + # docker to download its dependencies but rather + # use dependencies packaged independently. + cd ${S}/src/import + rm -rf .gopath + mkdir -p .gopath/src/"$(dirname "${DOCKER_PKG}")" + ln -sf ../../../../components/engine/ .gopath/src/"${DOCKER_PKG}" + + mkdir -p .gopath/src/github.com/docker + ln -sf ${WORKDIR}/libnetwork .gopath/src/github.com/docker/libnetwork + ln -sf ${WORKDIR}/cli .gopath/src/github.com/docker/cli + + export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go" + export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go" + + # Pass the needed cflags/ldflags so that cgo + # can find the needed headers files and libraries + export GOARCH=${TARGET_GOARCH} + export CGO_ENABLED="1" + export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" + export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" + # in order to exclude devicemapper and btrfs - https://github.com/docker/docker/issues/14056 + export DOCKER_BUILDTAGS='exclude_graphdriver_btrfs exclude_graphdriver_devicemapper' + + export DISABLE_WARN_OUTSIDE_CONTAINER=1 + + cd ${S}/src/import/components/engine + + # this is the unsupported built structure + # that doesn't rely on an existing docker + # to build this: + VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" ./hack/make.sh dynbinary + + # build the proxy + go build -o ${S}/src/import/docker-proxy github.com/docker/libnetwork/cmd/proxy + + # build the cli + ##go build -o ${S}/src/import/bundles/latest/dynbinary-client/docker github.com/docker/cli/cmd/docker + cd ${S}/src/import/.gopath/src/github.com/docker/cli + export CFLAGS="" + export LDFLAGS="" + export DOCKER_VERSION=${DOCKER_VERSION} + VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" make dynbinary +} + +SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}" +SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','docker.service','',d)}" + +SYSTEMD_AUTO_ENABLE_${PN} = "enable" + +INITSCRIPT_PACKAGES += "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','${PN}','',d)}" +INITSCRIPT_NAME_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','docker.init','',d)}" +INITSCRIPT_PARAMS_${PN} = "defaults" + +do_install() { + mkdir -p ${D}/${bindir} + cp ${WORKDIR}/cli/build/docker ${D}/${bindir}/docker + cp ${S}/src/import/components/engine/bundles/latest/dynbinary-daemon/dockerd ${D}/${bindir}/dockerd + cp ${S}/src/import/docker-proxy ${D}/${bindir}/docker-proxy + + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -d ${D}${systemd_unitdir}/system + install -m 644 ${S}/src/import/components/engine/contrib/init/systemd/docker.* ${D}/${systemd_unitdir}/system + # replaces one copied from above with one that uses the local registry for a mirror + install -m 644 ${S}/src/import/components/engine/contrib/init/systemd/docker.service ${D}/${systemd_unitdir}/system + else + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/docker.init ${D}${sysconfdir}/init.d/docker.init + fi + + mkdir -p ${D}${datadir}/docker/ + cp ${WORKDIR}/hi.Dockerfile ${D}${datadir}/docker/ + install -m 0755 ${S}/src/import/components/engine/contrib/check-config.sh ${D}${datadir}/docker/ +} + +inherit useradd +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM_${PN} = "-r docker" + +FILES_${PN} += "${systemd_unitdir}/system/*" + +FILES_${PN}-contrib += "${datadir}/docker/check-config.sh" +RDEPENDS_${PN}-contrib += "bash" + +# DO NOT STRIP docker +INHIBIT_PACKAGE_STRIP = "1" +INSANE_SKIP_${PN} += "ldflags" diff --git a/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb b/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb index 4ba5e817bf..e055a4f607 100644 --- a/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb +++ b/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb @@ -18,16 +18,16 @@ DESCRIPTION = "Linux container runtime \ subtle and/or glaring issues. \ " -SRCREV_docker = "e639a70fbe999d96354a5bcf560231b7b8aa935c" -SRCREV_libnetwork = "26addf43a5d925ff79d262dbbdb5344bc2b6e198" -SRCREV_cli = "a765218f1988e85b68aa3977f34893ec7b059a60" +SRCREV_docker = "708b068d3095c6a6be939eb2da78c921d2e945e2" +SRCREV_libnetwork = "4cb38c2987c236dce03c868d99b57b1e28a4b81c" +SRCREV_cli = "0f1bb353423e45e02315e985bd9ddebe6da18457" SRC_URI = "\ git://github.com/moby/moby.git;nobranch=1;name=docker \ - git://github.com/docker/libnetwork.git;branch=master;name=libnetwork;destsuffix=libnetwork \ - git://github.com/docker/cli;branch=master;name=cli;destsuffix=cli \ + git://github.com/docker/libnetwork.git;branch=master;name=libnetwork;destsuffix=git/libnetwork \ + git://github.com/docker/cli;branch=master;name=cli;destsuffix=git/cli \ file://docker.init \ file://hi.Dockerfile \ - file://context-use-golang.org-x-net-pkg-until-we-move-to-go.patch \ + file://0001-libnetwork-use-GO-instead-of-go.patch \ " # Apache-2.0 for docker @@ -38,7 +38,7 @@ GO_IMPORT = "import" S = "${WORKDIR}/git" -DOCKER_VERSION = "17.06.0" +DOCKER_VERSION = "18.03.0" PV = "${DOCKER_VERSION}+git${SRCREV_docker}" DEPENDS = " \ @@ -59,13 +59,15 @@ DEPENDS = " \ go-connections \ notary \ grpc-go \ + libtool \ " PACKAGES =+ "${PN}-contrib" DEPENDS_append_class-target = " lvm2" -RDEPENDS_${PN} = "curl aufs-util git util-linux iptables \ - ${@bb.utils.contains('DISTRO_FEATURES','systemd','','cgroup-lite',d)} \ +RDEPENDS_${PN} = "util-linux iptables \ + ${@bb.utils.contains('DISTRO_FEATURES', 'aufs', 'aufs-util', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'cgroup-lite', d)} \ " RDEPENDS_${PN} += "virtual/containerd virtual/runc" @@ -76,6 +78,7 @@ DOCKER_PKG="github.com/docker/docker" inherit systemd update-rc.d inherit go inherit goarch +inherit pkgconfig do_configure[noexec] = "1" @@ -89,8 +92,8 @@ do_compile() { ln -sf ../../../.. .gopath/src/"${DOCKER_PKG}" mkdir -p .gopath/src/github.com/docker - ln -sf ${WORKDIR}/libnetwork .gopath/src/github.com/docker/libnetwork - ln -sf ${WORKDIR}/cli .gopath/src/github.com/docker/cli + ln -sf ${WORKDIR}/git/libnetwork .gopath/src/github.com/docker/libnetwork + ln -sf ${WORKDIR}/git/cli .gopath/src/github.com/docker/cli export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go" export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go" @@ -104,17 +107,25 @@ do_compile() { # in order to exclude devicemapper and btrfs - https://github.com/docker/docker/issues/14056 export DOCKER_BUILDTAGS='exclude_graphdriver_btrfs exclude_graphdriver_devicemapper' + export DISABLE_WARN_OUTSIDE_CONTAINER=1 + + cd ${S}/src/import/ + # this is the unsupported built structure # that doesn't rely on an existing docker # to build this: - DOCKER_GITCOMMIT="${SRCREV}" \ - ./hack/make.sh dynbinary - - # build the proxy - go build -o ${S}/src/import/docker-proxy github.com/docker/libnetwork/cmd/proxy + VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" ./hack/make.sh dynbinary # build the cli - go build -o ${S}/src/import/bundles/latest/dynbinary-client/docker github.com/docker/cli/cmd/docker + cd ${S}/src/import/.gopath/src/github.com/docker/cli + export CFLAGS="" + export LDFLAGS="" + export DOCKER_VERSION=${DOCKER_VERSION} + VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" make dynbinary + + # build the proxy + cd ${S}/src/import/.gopath/src/github.com/docker/libnetwork + oe_runmake cross-local } SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}" @@ -128,9 +139,9 @@ INITSCRIPT_PARAMS_${PN} = "defaults" do_install() { mkdir -p ${D}/${bindir} - cp ${S}/src/import/bundles/latest/dynbinary-client/docker ${D}/${bindir}/docker + cp ${WORKDIR}/git/cli/build/docker ${D}/${bindir}/docker cp ${S}/src/import/bundles/latest/dynbinary-daemon/dockerd ${D}/${bindir}/dockerd - cp ${S}/src/import/docker-proxy ${D}/${bindir}/docker-proxy + cp ${WORKDIR}/git/libnetwork/bin/docker-proxy* ${D}/${bindir}/docker-proxy if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then install -d ${D}${systemd_unitdir}/system diff --git a/import-layers/meta-virtualization/recipes-containers/docker/files/0001-libnetwork-use-GO-instead-of-go.patch b/import-layers/meta-virtualization/recipes-containers/docker/files/0001-libnetwork-use-GO-instead-of-go.patch new file mode 100644 index 0000000000..61ddd26de2 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-containers/docker/files/0001-libnetwork-use-GO-instead-of-go.patch @@ -0,0 +1,62 @@ +From 04c07804930faad708218a3134c81de06a9c742a Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@windriver.com> +Date: Fri, 6 Apr 2018 23:58:22 -0400 +Subject: [PATCH] libnetwork: use $(GO) instead of go + +Ensure that the libnetwork makefile uses the go cross flags and +utilities. + +Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> +--- + Makefile | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/libnetwork/Makefile b/libnetwork/Makefile +index 17060bc212c7..90cc7a72ef45 100644 +--- a/libnetwork/Makefile ++++ b/libnetwork/Makefile +@@ -26,9 +26,9 @@ build: ${build_image}.created + build-local: + @echo "🐳 $@" + @mkdir -p "bin" +- go build -tags experimental -o "bin/dnet" ./cmd/dnet +- go build -o "bin/docker-proxy" ./cmd/proxy +- GOOS=linux go build -o "./cmd/diagnostic/diagnosticClient" ./cmd/diagnostic ++ $(GO) build -tags experimental -o "bin/dnet" ./cmd/dnet ++ $(GO) build -o "bin/proxy" ./cmd/proxy ++ GOOS=linux $(GO) build -o "./cmd/diagnostic/diagnosticClient" ./cmd/diagnostic + + clean: + @echo "🐳 $@" +@@ -51,8 +51,8 @@ cross: ${build_image}.created + + cross-local: + @echo "🐳 $@" +- go build -o "bin/dnet-$$GOOS-$$GOARCH" ./cmd/dnet +- go build -o "bin/docker-proxy-$$GOOS-$$GOARCH" ./cmd/proxy ++ @$(GO) build -linkshared $(GOBUILDFLAGS) -o "bin/docker-proxy-$$GOOS-$$GOARCH" ./cmd/proxy ++ @$(GO) build -linkshared $(GOBUILDFLAGS) -o "bin/dnet-$$GOOS-$$GOARCH" ./cmd/dnet + + check: ${build_image}.created + @${docker} ./wrapmake.sh check-local +@@ -68,7 +68,7 @@ run-tests: + if ls $$dir/*.go &> /dev/null; then \ + pushd . &> /dev/null ; \ + cd $$dir ; \ +- go test ${INSIDECONTAINER} -test.parallel 5 -test.v -covermode=count -coverprofile=./profile.tmp ; \ ++ $(GO) test ${INSIDECONTAINER} -test.parallel 5 -test.v -covermode=count -coverprofile=./profile.tmp ; \ + ret=$$? ;\ + if [ $$ret -ne 0 ]; then exit $$ret; fi ;\ + popd &> /dev/null; \ +@@ -94,7 +94,7 @@ coveralls: + # Depends on binaries because vet will silently fail if it can not load compiled imports + vet: ## run go vet + @echo "🐳 $@" +- @test -z "$$(go vet ${PACKAGES} 2>&1 | grep -v 'constant [0-9]* not a string in call to Errorf' | egrep -v '(timestamp_test.go|duration_test.go|exit status 1)' | tee /dev/stderr)" ++ @test -z "$$($(GO) vet ${PACKAGES} 2>&1 | grep -v 'constant [0-9]* not a string in call to Errorf' | egrep -v '(timestamp_test.go|duration_test.go|exit status 1)' | tee /dev/stderr)" + + misspell: + @echo "🐳 $@" +-- +2.4.0.53.g8440f74 + diff --git a/import-layers/meta-virtualization/recipes-containers/docker/files/context-use-golang.org-x-net-pkg-until-we-move-to-go.patch b/import-layers/meta-virtualization/recipes-containers/docker/files/context-use-golang.org-x-net-pkg-until-we-move-to-go.patch deleted file mode 100644 index 7ed606ff5d..0000000000 --- a/import-layers/meta-virtualization/recipes-containers/docker/files/context-use-golang.org-x-net-pkg-until-we-move-to-go.patch +++ /dev/null @@ -1,75 +0,0 @@ -From de69555afaf05efcdeea7b7c20c6f7b12f3e1bac Mon Sep 17 00:00:00 2001 -From: Mark Asselstine <mark.asselstine@windriver.com> -Date: Fri, 20 Jan 2017 11:58:44 -0500 -Subject: [PATCH] context: use golang.org/x/net pkg until we move to go 1.7 - -In go 1.6 the context.go is not yet integrated and as such we will get -build errors like: - -walwrap.go:4:2: cannot find package "context" in any of: -... - -Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> ---- - client/README.md | 2 +- - client/client.go | 2 +- - daemon/info_unix.go | 2 +- - integration-cli/docker_api_attach_test.go | 2 +- - integration-cli/docker_cli_save_load_unix_test.go | 2 +- - 5 files changed, 5 insertions(+), 5 deletions(-) - ---- a/src/import/client/README.md -+++ b/src/import/client/README.md -@@ -8,7 +8,7 @@ For example, to list running containers - package main - - import ( -- "context" -+ "golang.org/x/net/context" - "fmt" - - "github.com/docker/docker/api/types" ---- a/src/import/client/client.go -+++ b/src/import/client/client.go -@@ -19,7 +19,7 @@ For example, to list running containers - package main - - import ( -- "context" -+ "golang.org/x/net/context" - "fmt" - - "github.com/docker/docker/api/types" ---- a/src/import/daemon/info_unix.go -+++ b/src/import/daemon/info_unix.go -@@ -3,7 +3,7 @@ - package daemon - - import ( -- "context" -+ "golang.org/x/net/context" - "os/exec" - "strings" - ---- a/src/import/integration-cli/docker_api_attach_test.go -+++ b/src/import/integration-cli/docker_api_attach_test.go -@@ -3,7 +3,7 @@ package main - import ( - "bufio" - "bytes" -- "context" -+ "golang.org/x/net/context" - "io" - "net" - "net/http" ---- a/src/import/integration-cli/docker_cli_save_load_unix_test.go -+++ b/src/import/integration-cli/docker_cli_save_load_unix_test.go -@@ -3,7 +3,7 @@ - package main - - import ( -- "context" -+ "golang.org/x/net/context" - "fmt" - "io/ioutil" - "os" diff --git a/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb b/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb index 2c7161ec06..1677ff4863 100644 --- a/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb +++ b/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb @@ -5,7 +5,7 @@ applications across multiple hosts, providing basic mechanisms for deployment, \ maintenance, and scaling of applications. \ " -SRCREV_kubernetes = "4b839465f84e7faf876c51703aaf49b37fd10d9c" +SRCREV_kubernetes = "fc32d2f3698e36b93322a3465f63a14e9f0eaead" SRC_URI = "git://github.com/kubernetes/kubernetes.git;nobranch=1;name=kubernetes \ " @@ -16,6 +16,7 @@ DEPENDS += "rsync-native \ PACKAGES =+ "kubeadm" PACKAGES =+ "kubectl" PACKAGES =+ "kubelet" +PACKAGES =+ "kube-proxy" ALLOW_EMPTY_${PN} = "1" @@ -27,14 +28,14 @@ RDEPENDS_${PN} += "kubeadm \ cni" RDEPENDS_kubeadm = "kubelet kubectl" -RDEPENDS_kubelet = "iptables socat util-linux ethtool iproute2 ebtables" +RDEPENDS_kubelet = "iptables socat util-linux ethtool iproute2 ebtables iproute2-tc" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" GO_IMPORT = "import" -PV = "1.9.0-alpha.1+git${SRCREV_kubernetes}" +PV = "1.10.0+git${SRCREV_kubernetes}" inherit systemd inherit go @@ -90,6 +91,7 @@ SYSTEMD_AUTO_ENABLE_kubelet = "enable" FILES_kubeadm = "${bindir}/kubeadm ${systemd_unitdir}/system/kubelet.service.d/*" FILES_kubectl = "${bindir}/kubectl" +FILES_kube-proxy = "${bindir}/kube-proxy" FILES_kubelet = "${bindir}/kubelet ${systemd_unitdir}/system/kubelet.service ${sysconfdir}/kubernetes/manifests/" INHIBIT_PACKAGE_STRIP = "1" diff --git a/import-layers/meta-virtualization/recipes-containers/lxc/files/dnsmasq.conf b/import-layers/meta-virtualization/recipes-containers/lxc/files/dnsmasq.conf new file mode 100644 index 0000000000..124f7ebea4 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-containers/lxc/files/dnsmasq.conf @@ -0,0 +1,2 @@ +bind-interfaces +except-interface=lxcbr0 diff --git a/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb b/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb index 93d5a10672..c87b875692 100644 --- a/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb +++ b/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb @@ -6,6 +6,8 @@ DEPENDS = "libxml2 libcap" RDEPENDS_${PN} = " \ rsync \ gzip \ + xz \ + tar \ libcap-bin \ bridge-utils \ dnsmasq \ @@ -22,6 +24,9 @@ RDEPENDS_${PN} = " \ gnutls \ nettle \ " + +RDEPENDS_${PN}_append_libc-glibc = " glibc-utils" + RDEPENDS_${PN}-ptest += "file make gmp nettle gnutls bash" SRC_URI = "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \ @@ -33,6 +38,7 @@ SRC_URI = "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \ file://lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch \ file://logs-optionally-use-base-filenames-to-report-src-fil.patch \ file://cgroups-work-around-issue-in-gcc-7.patch \ + file://dnsmasq.conf \ " SRC_URI[md5sum] = "7bfd95280522d7936c0979dfea92cdb5" @@ -54,14 +60,16 @@ EXTRA_OECONF += "--enable-log-src-basename" CFLAGS_append = " -Wno-error=deprecated-declarations" PACKAGECONFIG ??= "templates \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)} \ " PACKAGECONFIG[doc] = "--enable-doc --enable-api-docs,--disable-doc --disable-api-docs,," PACKAGECONFIG[rpath] = "--enable-rpath,--disable-rpath,," -PACKAGECONFIG[apparmour] = "--enable-apparmor,--disable-apparmor,apparmor,apparmor" +PACKAGECONFIG[apparmor] = "--enable-apparmor,--disable-apparmor,apparmor,apparmor" PACKAGECONFIG[templates] = ",,, ${PN}-templates" PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux" PACKAGECONFIG[seccomp] ="--enable-seccomp,--disable-seccomp,libseccomp,libseccomp" +PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/,--without-systemdsystemunitdir,systemd," PACKAGECONFIG[python] = "--enable-python,--disable-python,python3,python3-core" PACKAGECONFIG[lua] = "--enable-lua,--disable-lua,lua,lua" @@ -131,6 +139,11 @@ do_install_append() { if [ -d ${D}${exec_prefix}/lib/python* ]; then mv ${D}${exec_prefix}/lib/python* ${D}${libdir}/; fi rmdir --ignore-fail-on-non-empty ${D}${exec_prefix}/lib fi + + # Force the main dnsmasq instance to bind only to specified interfaces and + # to not bind to virbr0. Libvirt will run its own instance on this interface. + install -d ${D}/${sysconfdir}/dnsmasq.d + install -m 644 ${WORKDIR}/dnsmasq.conf ${D}/${sysconfdir}/dnsmasq.d/lxc } EXTRA_OEMAKE += "TEST_DIR=${D}${PTEST_PATH}/src/tests" diff --git a/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0001-config-make-Config.User-mapping-errors-a-warning.patch b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0001-config-make-Config.User-mapping-errors-a-warning.patch new file mode 100644 index 0000000000..78d2b9d000 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0001-config-make-Config.User-mapping-errors-a-warning.patch @@ -0,0 +1,30 @@ +From fbd62eff9ff2f447c2eb4634398110609fbf9d59 Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@windriver.com> +Date: Thu, 16 Nov 2017 23:40:17 -0500 +Subject: [PATCH] config: make Config.User mapping errors a warning + +Rather than throwing an error if we can't map a user to a uid, +output a warning. We aren't actually running the code, but are +just extracting it .. so the user not existing isn't an issue. + +Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> +--- + image/config.go | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/import/image/config.go b/src/import/image/config.go +index d28b1bc4fe5f..37dfd1f14ef7 100644 +--- a/src/import/image/config.go ++++ b/src/import/image/config.go +@@ -106,7 +106,7 @@ func (c *config) runtimeSpec(rootfs string) (*specs.Spec, error) { + s.Process.User.UID = uint32(uid) + s.Process.User.GID = uint32(gid) + } else if c.Config.User != "" { +- return nil, errors.New("config.User: unsupported format") ++ fmt.Println("Warning: could not map UID for user:", c.Config.User) + } + + s.Linux = &specs.Linux{} +-- +2.4.0.53.g8440f74 + diff --git a/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb index 68d73c37e0..807ee26c66 100644 --- a/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb +++ b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb @@ -14,7 +14,8 @@ DEPENDS = "\ SRC_URI = "git://github.com/opencontainers/image-tools.git \ file://0001-image-manifest-Recursively-remove-pre-existing-entri.patch \ - file://0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch" + file://0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch \ + file://0001-config-make-Config.User-mapping-errors-a-warning.patch" SRCREV = "4abe1a166f9be97e8e71b1bb4d7599cc29323011" PV = "0.2.0-dev+git${SRCPV}" diff --git a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch new file mode 100644 index 0000000000..753a77d114 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch @@ -0,0 +1,76 @@ +From f59cddcedd6535e0b809ec9b4e95672d34b41a16 Mon Sep 17 00:00:00 2001 +From: Jason Wessel <jason.wessel@windriver.com> +Date: Tue, 14 Nov 2017 07:41:41 -0800 +Subject: [PATCH] Add additional cgroup mounts from root NS automatically + +Signed-off-by: Jason Wessel <jason.wessel@windriver.com> +--- + src/systemdhook.c | 45 +++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 45 insertions(+) + +diff --git a/src/systemdhook.c b/src/systemdhook.c +index 78575ef..f735484 100644 +--- a/src/systemdhook.c ++++ b/src/systemdhook.c +@@ -238,6 +238,11 @@ static char *get_process_cgroup_subsystem_path(int pid, const char *subsystem) { + static int mount_cgroup(const char *rootfs, const char *options, char *systemd_path) + { + _cleanup_free_ char *cgroup_path = NULL; ++ char *spath, *dpath; ++ DIR *dir; ++ struct dirent *d; ++ char link[80]; ++ int got; + + if (asprintf(&cgroup_path, "%s/%s", rootfs, CGROUP_ROOT) < 0) { + pr_perror("Failed to create path for %s", CGROUP_ROOT); +@@ -256,6 +261,46 @@ static int mount_cgroup(const char *rootfs, const char *options, char *systemd_p + pr_perror("Failed to mkdir new dest: %s", systemd_path); + return -1; + } ++ /* Create all additional cgroup mounts which are in the root namespace */ ++ dir = opendir(CGROUP_ROOT); ++ if (!dir) { ++ pr_perror("Failed to open %s", CGROUP_ROOT); ++ return -1; ++ } ++ /* Skip "." and ".." */ ++ readdir(dir); ++ readdir(dir); ++ while ((d = readdir(dir))) { ++ /* Systemd is already handled above */ ++ if (strcmp(d->d_name, "systemd") == 0) { ++ continue; ++ } ++ if (asprintf(&spath, "%s/%s", CGROUP_ROOT, d->d_name) < 0) { ++ pr_perror("Failed to create path for %s", d->d_name); ++ return -1; ++ } ++ if (asprintf(&dpath, "%s%s/%s", rootfs, CGROUP_ROOT, d->d_name) < 0) { ++ pr_perror("Failed to create path for %s", d->d_name); ++ return -1; ++ } ++ got = readlink(spath, link, sizeof(link) - 1); ++ if (got > 0) { ++ link[got] = '\0'; ++ symlink(link, dpath); ++ } else { ++ if ((makepath(dpath, 0755) == -1) && (errno != EEXIST)) { ++ pr_perror("Failed to mkdir new dest: %s", dpath); ++ return -1; ++ } ++ if (bind_mount(spath, dpath, false)) { ++ pr_perror("Failed to bind mount %s on %s", spath, dpath); ++ return -1; ++ } ++ } ++ free(spath); ++ free(dpath); ++ } ++ closedir(dir); + if (mount(cgroup_path, cgroup_path, "bind", MS_REMOUNT|MS_BIND|MS_RDONLY, "") == -1) { + pr_perror("Failed to remount %s readonly", cgroup_path); + return -1; +-- +2.11.0 + diff --git a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb index fc88905334..e07b741062 100644 --- a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb +++ b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb @@ -10,6 +10,7 @@ SRCREV = "1ac958a4197a9ea52174812fc7d7d036af8140d3" SRC_URI = "git://github.com/projectatomic/oci-systemd-hook \ file://0001-selinux-drop-selinux-support.patch \ file://0001-configure-drop-selinux-support.patch \ + file://0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch \ " PV = "0.0.1+git${SRCPV}" diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch deleted file mode 100644 index fa1f695b23..0000000000 --- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch +++ /dev/null @@ -1,26 +0,0 @@ -From aa2fc7b0eacba61175f083cc8d8adc233bcd0575 Mon Sep 17 00:00:00 2001 -From: Paul Barker <pbarker@toganlabs.com> -Date: Thu, 12 Oct 2017 11:34:24 +0000 -Subject: [PATCH] Disable building recvtty - -Signed-off-by: Paul Barker <pbarker@toganlabs.com> -Upstream-status: Inappropriate ---- - Makefile | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/Makefile b/Makefile -index 0fcf508..24f47dc 100644 ---- a/src/import/Makefile -+++ b/src/import/Makefile -@@ -38,7 +38,6 @@ contrib/cmd/recvtty/recvtty: $(SOURCES) - - static: $(SOURCES) - CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . -- CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty - - release: - @flag_list=(seccomp selinux apparmor static); \ --- -2.7.4 - diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch deleted file mode 100644 index bcc76fc4e1..0000000000 --- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch +++ /dev/null @@ -1,89 +0,0 @@ -From e8ef6025a4f48620baf91737cd37eb5e6a40f48c Mon Sep 17 00:00:00 2001 -From: Justin Cormack <justin.cormack@docker.com> -Date: Fri, 23 Jun 2017 17:14:59 -0700 -Subject: [PATCH 1/3] Update to runtime spec - 198f23f827eea397d4331d7eb048d9d4c7ff7bee - -Updates memory limits to be int64, and removes Platform from spec. - -Signed-off-by: Justin Cormack <justin.cormack@docker.com> ---- - vendor.conf | 2 +- - .../opencontainers/runtime-spec/specs-go/config.go | 23 ++++++---------------- - 2 files changed, 7 insertions(+), 18 deletions(-) - -diff --git a/vendor.conf b/vendor.conf -index e23e7ea7..09a8a924 100644 ---- a/src/import/vendor.conf -+++ b/src/import/vendor.conf -@@ -1,7 +1,7 @@ - # OCI runtime-spec. When updating this, make sure you use a version tag rather - # than a commit ID so it's much more obvious what version of the spec we are - # using. --github.com/opencontainers/runtime-spec 239c4e44f2a612ed85f6db9c66247aa33f437e91 -+github.com/opencontainers/runtime-spec 198f23f827eea397d4331d7eb048d9d4c7ff7bee - # Core libcontainer functionality. - github.com/mrunalp/fileutils ed869b029674c0e9ce4c0dfa781405c2d9946d08 - github.com/opencontainers/selinux v1.0.0-rc1 -diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go -index 8bf8d924..68ab112e 100644 ---- a/src/import/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go -+++ b/src/import/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go -@@ -6,8 +6,6 @@ import "os" - type Spec struct { - // Version of the Open Container Runtime Specification with which the bundle complies. - Version string `json:"ociVersion"` -- // Platform specifies the configuration's target platform. -- Platform Platform `json:"platform"` - // Process configures the container process. - Process *Process `json:"process,omitempty"` - // Root configures the container's root filesystem. -@@ -101,15 +99,6 @@ type Root struct { - Readonly bool `json:"readonly,omitempty"` - } - --// Platform specifies OS and arch information for the host system that the container --// is created for. --type Platform struct { -- // OS is the operating system. -- OS string `json:"os"` -- // Arch is the architecture -- Arch string `json:"arch"` --} -- - // Mount specifies a mount for a container. - type Mount struct { - // Destination is the absolute path where the mount will be placed in the container. -@@ -284,15 +273,15 @@ type LinuxBlockIO struct { - // LinuxMemory for Linux cgroup 'memory' resource management - type LinuxMemory struct { - // Memory limit (in bytes). -- Limit *uint64 `json:"limit,omitempty"` -+ Limit *int64 `json:"limit,omitempty"` - // Memory reservation or soft_limit (in bytes). -- Reservation *uint64 `json:"reservation,omitempty"` -+ Reservation *int64 `json:"reservation,omitempty"` - // Total memory limit (memory + swap). -- Swap *uint64 `json:"swap,omitempty"` -+ Swap *int64 `json:"swap,omitempty"` - // Kernel memory limit (in bytes). -- Kernel *uint64 `json:"kernel,omitempty"` -+ Kernel *int64 `json:"kernel,omitempty"` - // Kernel memory limit for tcp (in bytes) -- KernelTCP *uint64 `json:"kernelTCP,omitempty"` -+ KernelTCP *int64 `json:"kernelTCP,omitempty"` - // How aggressive the kernel will swap memory pages. - Swappiness *uint64 `json:"swappiness,omitempty"` - } -@@ -486,7 +475,7 @@ type WindowsNetwork struct { - EndpointList []string `json:"endpointList,omitempty"` - // Specifies if unqualified DNS name resolution is allowed. - AllowUnqualifiedDNSQuery bool `json:"allowUnqualifiedDNSQuery,omitempty"` -- // Comma seperated list of DNS suffixes to use for name resolution. -+ // Comma separated list of DNS suffixes to use for name resolution. - DNSSearchList []string `json:"DNSSearchList,omitempty"` - // Name (ID) of the container that we will share with the network stack. - NetworkSharedContainerName string `json:"networkSharedContainerName,omitempty"` --- -2.11.0 - diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch deleted file mode 100644 index 8f5171ab15..0000000000 --- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 037c20b3b3ef5e9ead0282aa64f9b88c0c18934d Mon Sep 17 00:00:00 2001 -From: Paul Barker <pbarker@toganlabs.com> -Date: Thu, 5 Oct 2017 13:14:40 +0000 -Subject: [PATCH] Use correct go cross-compiler - -We need to use '${GO}' as set by OpenEmbedded instead of just 'go'. Just using -'go' will invoke go-native. - -Signed-off-by: Paul Barker <pbarker@toganlabs.com> -Upstream-status: Inappropriate ---- - Makefile | 20 ++++++++++---------- - 1 file changed, 10 insertions(+), 10 deletions(-) - -diff --git a/Makefile b/Makefile -index 8117892..0fcf508 100644 ---- a/src/import/Makefile -+++ b/src/import/Makefile -@@ -27,18 +27,18 @@ SHELL := $(shell command -v bash 2>/dev/null) - .DEFAULT: runc - - runc: $(SOURCES) -- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc . -+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc . - - all: runc recvtty - - recvtty: contrib/cmd/recvtty/recvtty - - contrib/cmd/recvtty/recvtty: $(SOURCES) -- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty -+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty - - static: $(SOURCES) -- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . -- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty -+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . -+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty - - release: - @flag_list=(seccomp selinux apparmor static); \ -@@ -62,15 +62,15 @@ release: - CGO_ENABLED=1; \ - }; \ - echo "Building target: $$output"; \ -- go build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \ -+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \ - done - - dbuild: runcimage - docker run --rm -v $(CURDIR):/go/src/$(PROJECT) --privileged $(RUNC_IMAGE) make clean all - - lint: -- go vet $(allpackages) -- go fmt $(allpackages) -+ $(GO) vet $(allpackages) -+ $(GO) fmt $(allpackages) - - man: - man/md2man-all.sh -@@ -88,7 +88,7 @@ unittest: runcimage - docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localunittest - - localunittest: all -- go test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages) -+ $(GO) test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages) - - integration: runcimage - docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localintegration -@@ -134,10 +134,10 @@ clean: - validate: - script/validate-gofmt - script/validate-shfmt -- go vet $(allpackages) -+ $(GO) vet $(allpackages) - - ci: validate localtest - - # memoize allpackages, so that it's executed only once and only if used --_allpackages = $(shell go list ./... | grep -v vendor) -+_allpackages = $(shell $(GO) list ./... | grep -v vendor) - allpackages = $(if $(__allpackages),,$(eval __allpackages := $$(_allpackages)))$(__allpackages) --- -2.7.4 - diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch new file mode 100644 index 0000000000..f885aaf733 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch @@ -0,0 +1,27 @@ +From a9a2b9e72027d0b2357f6dfe8b154762aaa8dd02 Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@windriver.com> +Date: Thu, 19 Apr 2018 16:39:41 -0400 +Subject: [PATCH] build: drop recvtty and use GOBUILDFLAGS + +Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> +--- + Makefile | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/import/Makefile b/src/import/Makefile +index c6de11d..0e9bddb 100644 +--- a/src/import/Makefile ++++ b/src/import/Makefile +@@ -39,8 +39,7 @@ contrib/cmd/recvtty/recvtty: $(SOURCES) + $(GO) build -buildmode=pie $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty + + static: $(SOURCES) +- CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo cgo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . +- CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo cgo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty ++ CGO_ENABLED=1 $(GO) build -tags "$(BUILDTAGS) netgo cgo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" $(GOBUILDFLAGS) -o runc . + + release: + script/release.sh -r release/$(VERSION) -v $(VERSION) +-- +2.7.4 + diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch new file mode 100644 index 0000000000..9ccbccb259 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch @@ -0,0 +1,129 @@ +From cd7d76a6d1ecb1856f6ed666fb5c30dc105aa94e Mon Sep 17 00:00:00 2001 +From: Jason Wessel <jason.wessel@windriver.com> +Date: Tue, 5 Dec 2017 18:28:28 -0800 +Subject: [PATCH] runc-docker: Allow "run start ..." to daemonize with $SIGUSR1_PARENT_PID + +The runc-docker has all the code in it to properly run a stop hook if +you use it in the foreground. It doesn't work in the back ground +because there is no way for a golang application to fork a child exit +out of the parent process because all the golang threads stay with the +parent. + +This patch has three parts that happen ONLY when $SIGUSR1_PARENT_PID +is set. + +1) The code was copied which performs the normal the signal handling + block which is used for the foreground operation of runc. + +2) At the point where runc start would normally exit, it closes + stdin/stdout/stderr so it would be possible to daemonize "runc start ...". + +3) The code to send a SIGUSR1 to the parent process was added. The + idea being that a parent process would simply exit at that point + because it was blocking until runc performed everything it was + required to perform. + +Signed-off-by: Jason Wessel <jason.wessel@windriver.com> +--- + signals.go | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++---- + utils_linux.go | 2 +- + 2 files changed, 51 insertions(+), 5 deletions(-) + +Index: git/src/import/signals.go +=================================================================== +--- git.orig/src/import/signals.go ++++ git/src/import/signals.go +@@ -6,6 +6,7 @@ + "os" + "os/signal" + "syscall" // only for Signal ++ "strconv" + + "github.com/opencontainers/runc/libcontainer" + "github.com/opencontainers/runc/libcontainer/system" +@@ -56,9 +57,6 @@ + func (h *signalHandler) forward(process *libcontainer.Process, tty *tty, detach bool) (int, error) { + // make sure we know the pid of our main process so that we can return + // after it dies. +- if detach && h.notifySocket == nil { +- return 0, nil +- } + + pid1, err := process.Pid() + if err != nil { +@@ -68,12 +66,61 @@ + if h.notifySocket != nil { + if detach { + h.notifySocket.run(pid1) +- return 0, nil + } else { + go h.notifySocket.run(0) + } + } + ++ if (detach) { ++ // This allows the parent process to daemonize this process ++ // so long as stdin/stderr/stdout are closed ++ if envVal := os.Getenv("SIGUSR1_PARENT_PID"); envVal != "" { ++ // Close stdin/stdout/stderr ++ os.Stdin.Close() ++ os.Stdout.Close() ++ os.Stderr.Close() ++ // Notify parent to detach ++ i, err := strconv.Atoi(envVal) ++ if (err != nil) { ++ return 0, nil ++ } ++ unix.Kill(i, unix.SIGUSR1) ++ // Loop waiting on the child to signal or exit, ++ // after which all stop hooks will be run ++ for s := range h.signals { ++ switch s { ++ case unix.SIGCHLD: ++ exits, err := h.reap() ++ if err != nil { ++ logrus.Error(err) ++ } ++ for _, e := range exits { ++ logrus.WithFields(logrus.Fields{ ++ "pid": e.pid, ++ "status": e.status, ++ }).Debug("process exited") ++ if e.pid == pid1 { ++ // call Wait() on the process even though we already have the exit ++ // status because we must ensure that any of the go specific process ++ // fun such as flushing pipes are complete before we return. ++ process.Wait() ++ if h.notifySocket != nil { ++ h.notifySocket.Close() ++ } ++ return e.status, nil ++ } ++ } ++ default: ++ logrus.Debugf("sending signal to process %s", s) ++ if err := unix.Kill(pid1, s.(syscall.Signal)); err != nil { ++ logrus.Error(err) ++ } ++ } ++ } ++ } ++ return 0, nil ++ } ++ + // Perform the initial tty resize. Always ignore errors resizing because + // stdout might have disappeared (due to races with when SIGHUP is sent). + _ = tty.resize() +Index: git/src/import/utils_linux.go +=================================================================== +--- git.orig/src/import/utils_linux.go ++++ git/src/import/utils_linux.go +@@ -338,7 +338,7 @@ + if err != nil { + r.terminate(process) + } +- if detach { ++ if (detach && os.Getenv("SIGUSR1_PARENT_PID") == "") { + return 0, nil + } + r.destroy() diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch deleted file mode 100644 index 7970dec390..0000000000 --- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch +++ /dev/null @@ -1,75 +0,0 @@ -From e1146182a8cebb5a6133a9e298a5e4acf99652e9 Mon Sep 17 00:00:00 2001 -From: Justin Cormack <justin.cormack@docker.com> -Date: Fri, 23 Jun 2017 17:16:08 -0700 -Subject: [PATCH 2/3] Remove Platform as no longer in OCI spec - -This was never used, just validated, so was removed from spec. - -Signed-off-by: Justin Cormack <justin.cormack@docker.com> ---- - libcontainer/specconv/example.go | 5 ----- - spec.go | 14 -------------- - 2 files changed, 19 deletions(-) - -diff --git a/libcontainer/specconv/example.go b/libcontainer/specconv/example.go -index 33134116..d6621194 100644 ---- a/src/import/libcontainer/specconv/example.go -+++ b/src/import/libcontainer/specconv/example.go -@@ -2,7 +2,6 @@ package specconv - - import ( - "os" -- "runtime" - "strings" - - "github.com/opencontainers/runtime-spec/specs-go" -@@ -15,10 +14,6 @@ func sPtr(s string) *string { return &s } - func Example() *specs.Spec { - return &specs.Spec{ - Version: specs.Version, -- Platform: specs.Platform{ -- OS: runtime.GOOS, -- Arch: runtime.GOARCH, -- }, - Root: specs.Root{ - Path: "rootfs", - Readonly: true, -diff --git a/spec.go b/spec.go -index 92d38f57..876937d2 100644 ---- a/src/import/spec.go -+++ b/src/import/spec.go -@@ -7,7 +7,6 @@ import ( - "fmt" - "io/ioutil" - "os" -- "runtime" - - "github.com/opencontainers/runc/libcontainer/configs" - "github.com/opencontainers/runc/libcontainer/specconv" -@@ -131,9 +130,6 @@ func loadSpec(cPath string) (spec *specs.Spec, err error) { - if err = json.NewDecoder(cf).Decode(&spec); err != nil { - return nil, err - } -- if err = validatePlatform(&spec.Platform); err != nil { -- return nil, err -- } - return spec, validateProcessSpec(spec.Process) - } - -@@ -148,13 +144,3 @@ func createLibContainerRlimit(rlimit specs.LinuxRlimit) (configs.Rlimit, error) - Soft: rlimit.Soft, - }, nil - } -- --func validatePlatform(platform *specs.Platform) error { -- if platform.OS != runtime.GOOS { -- return fmt.Errorf("target os %s mismatch with current os %s", platform.OS, runtime.GOOS) -- } -- if platform.Arch != runtime.GOARCH { -- return fmt.Errorf("target arch %s mismatch with current arch %s", platform.Arch, runtime.GOARCH) -- } -- return nil --} --- -2.11.0 - diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch deleted file mode 100644 index 50a9b7fc73..0000000000 --- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch +++ /dev/null @@ -1,194 +0,0 @@ -From 3d9074ead33a5c27dc20bb49457c69c6d2ae6b57 Mon Sep 17 00:00:00 2001 -From: Justin Cormack <justin.cormack@docker.com> -Date: Fri, 23 Jun 2017 17:17:00 -0700 -Subject: [PATCH 3/3] Update memory specs to use int64 not uint64 - -replace #1492 #1494 -fix #1422 - -Since https://github.com/opencontainers/runtime-spec/pull/876 the memory -specifications are now `int64`, as that better matches the visible interface where -`-1` is a valid value. Otherwise finding the correct value was difficult as it -was kernel dependent. - -Signed-off-by: Justin Cormack <justin.cormack@docker.com> ---- - libcontainer/cgroups/fs/memory.go | 36 +++++++++++++++++------------------- - libcontainer/configs/cgroup_linux.go | 10 +++++----- - update.go | 14 +++++++------- - 3 files changed, 29 insertions(+), 31 deletions(-) - -diff --git a/libcontainer/cgroups/fs/memory.go b/libcontainer/cgroups/fs/memory.go -index da2cc9f8..b739c631 100644 ---- a/src/import/libcontainer/cgroups/fs/memory.go -+++ b/src/import/libcontainer/cgroups/fs/memory.go -@@ -73,14 +73,14 @@ func EnableKernelMemoryAccounting(path string) error { - // until a limit is set on the cgroup and limit cannot be set once the - // cgroup has children, or if there are already tasks in the cgroup. - for _, i := range []int64{1, -1} { -- if err := setKernelMemory(path, uint64(i)); err != nil { -+ if err := setKernelMemory(path, i); err != nil { - return err - } - } - return nil - } - --func setKernelMemory(path string, kernelMemoryLimit uint64) error { -+func setKernelMemory(path string, kernelMemoryLimit int64) error { - if path == "" { - return fmt.Errorf("no such directory for %s", cgroupKernelMemoryLimit) - } -@@ -88,7 +88,7 @@ func setKernelMemory(path string, kernelMemoryLimit uint64) error { - // kernel memory is not enabled on the system so we should do nothing - return nil - } -- if err := ioutil.WriteFile(filepath.Join(path, cgroupKernelMemoryLimit), []byte(strconv.FormatUint(kernelMemoryLimit, 10)), 0700); err != nil { -+ if err := ioutil.WriteFile(filepath.Join(path, cgroupKernelMemoryLimit), []byte(strconv.FormatInt(kernelMemoryLimit, 10)), 0700); err != nil { - // Check if the error number returned by the syscall is "EBUSY" - // The EBUSY signal is returned on attempts to write to the - // memory.kmem.limit_in_bytes file if the cgroup has children or -@@ -106,14 +106,12 @@ func setKernelMemory(path string, kernelMemoryLimit uint64) error { - } - - func setMemoryAndSwap(path string, cgroup *configs.Cgroup) error { -- ulimited := -1 -- -- // If the memory update is set to uint64(-1) we should also -- // set swap to uint64(-1), it means unlimited memory. -- if cgroup.Resources.Memory == uint64(ulimited) { -- // Only set swap if it's enbled in kernel -+ // If the memory update is set to -1 we should also -+ // set swap to -1, it means unlimited memory. -+ if cgroup.Resources.Memory == -1 { -+ // Only set swap if it's enabled in kernel - if cgroups.PathExists(filepath.Join(path, cgroupMemorySwapLimit)) { -- cgroup.Resources.MemorySwap = uint64(ulimited) -+ cgroup.Resources.MemorySwap = -1 - } - } - -@@ -128,29 +126,29 @@ func setMemoryAndSwap(path string, cgroup *configs.Cgroup) error { - // When update memory limit, we should adapt the write sequence - // for memory and swap memory, so it won't fail because the new - // value and the old value don't fit kernel's validation. -- if cgroup.Resources.MemorySwap == uint64(ulimited) || memoryUsage.Limit < cgroup.Resources.MemorySwap { -- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil { -+ if cgroup.Resources.MemorySwap == -1 || memoryUsage.Limit < uint64(cgroup.Resources.MemorySwap) { -+ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil { - return err - } -- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil { -+ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil { - return err - } - } else { -- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil { -+ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil { - return err - } -- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil { -+ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil { - return err - } - } - } else { - if cgroup.Resources.Memory != 0 { -- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil { -+ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil { - return err - } - } - if cgroup.Resources.MemorySwap != 0 { -- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil { -+ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil { - return err - } - } -@@ -171,13 +169,13 @@ func (s *MemoryGroup) Set(path string, cgroup *configs.Cgroup) error { - } - - if cgroup.Resources.MemoryReservation != 0 { -- if err := writeFile(path, "memory.soft_limit_in_bytes", strconv.FormatUint(cgroup.Resources.MemoryReservation, 10)); err != nil { -+ if err := writeFile(path, "memory.soft_limit_in_bytes", strconv.FormatInt(cgroup.Resources.MemoryReservation, 10)); err != nil { - return err - } - } - - if cgroup.Resources.KernelMemoryTCP != 0 { -- if err := writeFile(path, "memory.kmem.tcp.limit_in_bytes", strconv.FormatUint(cgroup.Resources.KernelMemoryTCP, 10)); err != nil { -+ if err := writeFile(path, "memory.kmem.tcp.limit_in_bytes", strconv.FormatInt(cgroup.Resources.KernelMemoryTCP, 10)); err != nil { - return err - } - } -diff --git a/libcontainer/configs/cgroup_linux.go b/libcontainer/configs/cgroup_linux.go -index 3e0509de..e15a662f 100644 ---- a/src/import/libcontainer/configs/cgroup_linux.go -+++ b/src/import/libcontainer/configs/cgroup_linux.go -@@ -43,19 +43,19 @@ type Resources struct { - Devices []*Device `json:"devices"` - - // Memory limit (in bytes) -- Memory uint64 `json:"memory"` -+ Memory int64 `json:"memory"` - - // Memory reservation or soft_limit (in bytes) -- MemoryReservation uint64 `json:"memory_reservation"` -+ MemoryReservation int64 `json:"memory_reservation"` - - // Total memory usage (memory + swap); set `-1` to enable unlimited swap -- MemorySwap uint64 `json:"memory_swap"` -+ MemorySwap int64 `json:"memory_swap"` - - // Kernel memory limit (in bytes) -- KernelMemory uint64 `json:"kernel_memory"` -+ KernelMemory int64 `json:"kernel_memory"` - - // Kernel memory limit for TCP use (in bytes) -- KernelMemoryTCP uint64 `json:"kernel_memory_tcp"` -+ KernelMemoryTCP int64 `json:"kernel_memory_tcp"` - - // CPU shares (relative weight vs. other containers) - CpuShares uint64 `json:"cpu_shares"` -diff --git a/update.go b/update.go -index 0ea90d60..133be999 100644 ---- a/src/import/update.go -+++ b/src/import/update.go -@@ -124,11 +124,11 @@ other options are ignored. - - r := specs.LinuxResources{ - Memory: &specs.LinuxMemory{ -- Limit: u64Ptr(0), -- Reservation: u64Ptr(0), -- Swap: u64Ptr(0), -- Kernel: u64Ptr(0), -- KernelTCP: u64Ptr(0), -+ Limit: i64Ptr(0), -+ Reservation: i64Ptr(0), -+ Swap: i64Ptr(0), -+ Kernel: i64Ptr(0), -+ KernelTCP: i64Ptr(0), - }, - CPU: &specs.LinuxCPU{ - Shares: u64Ptr(0), -@@ -213,7 +213,7 @@ other options are ignored. - } - for _, pair := range []struct { - opt string -- dest *uint64 -+ dest *int64 - }{ - {"memory", r.Memory.Limit}, - {"memory-swap", r.Memory.Swap}, -@@ -232,7 +232,7 @@ other options are ignored. - } else { - v = -1 - } -- *pair.dest = uint64(v) -+ *pair.dest = v - } - } - r.Pids.Limit = int64(context.Int("pids-limit")) --- -2.11.0 - diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb index 9db48ee6fb..81e5a5d482 100644 --- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb +++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb @@ -2,14 +2,11 @@ include runc.inc # Note: this rev is before the required protocol field, update when all components # have been updated to match. -SRCREV_runc-docker = "9d6821d1b53908e249487741eccd567249ca1d99" -SRC_URI = "git://github.com/docker/runc.git;nobranch=1;name=runc-docker \ - file://0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch \ - file://0002-Remove-Platform-as-no-longer-in-OCI-spec.patch \ - file://0003-Update-memory-specs-to-use-int64-not-uint64.patch \ +SRCREV_runc-docker = "4fc53a81fb7c994640722ac585fa9ca548971871" +SRC_URI = "git://github.com/opencontainers/runc;nobranch=1;name=runc-docker \ file://0001-runc-Add-console-socket-dev-null.patch \ - file://0001-Use-correct-go-cross-compiler.patch \ - file://0001-Disable-building-recvtty.patch \ + file://0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch \ + file://0001-runc-docker-SIGUSR1-daemonize.patch \ " -RUNC_VERSION = "1.0.0-rc3" +RUNC_VERSION = "1.0.0-rc5" diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers/0001-Use-correct-go-cross-compiler.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers/0001-Use-correct-go-cross-compiler.patch deleted file mode 100644 index 67d7014819..0000000000 --- a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers/0001-Use-correct-go-cross-compiler.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 621e5e9a196daaaf5eb430a413fe51218cf42c89 Mon Sep 17 00:00:00 2001 -From: Paul Barker <pbarker@toganlabs.com> -Date: Wed, 4 Oct 2017 15:45:27 +0000 -Subject: [PATCH] Use correct go cross-compiler - -We need to use '${GO}' as set by OpenEmbedded instead of just 'go'. Just using -'go' will invoke go-native. - -Signed-off-by: Paul Barker <pbarker@toganlabs.com> -Upstream-status: Inappropriate ---- - Makefile | 20 ++++++++++---------- - 1 file changed, 10 insertions(+), 10 deletions(-) - -diff --git a/Makefile b/Makefile -index 6781ac7..74e551d 100644 ---- a/src/import/Makefile -+++ b/src/import/Makefile -@@ -27,18 +27,18 @@ SHELL := $(shell command -v bash 2>/dev/null) - .DEFAULT: runc - - runc: $(SOURCES) -- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc . -+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc . - - all: runc recvtty - - recvtty: contrib/cmd/recvtty/recvtty - - contrib/cmd/recvtty/recvtty: $(SOURCES) -- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty -+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty - - static: $(SOURCES) -- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . -- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty -+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . -+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty - - release: - @flag_list=(seccomp selinux apparmor static); \ -@@ -62,15 +62,15 @@ release: - CGO_ENABLED=1; \ - }; \ - echo "Building target: $$output"; \ -- go build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \ -+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \ - done - - dbuild: runcimage - docker run --rm -v $(CURDIR):/go/src/$(PROJECT) --privileged $(RUNC_IMAGE) make clean all - - lint: -- go vet $(allpackages) -- go fmt $(allpackages) -+ $(GO) vet $(allpackages) -+ $(GO) fmt $(allpackages) - - man: - man/md2man-all.sh -@@ -88,7 +88,7 @@ unittest: runcimage - docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localunittest - - localunittest: all -- go test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages) -+ $(GO) test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages) - - integration: runcimage - docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localintegration -@@ -133,10 +133,10 @@ clean: - - validate: - script/validate-gofmt -- go vet $(allpackages) -+ $(GO) vet $(allpackages) - - ci: validate localtest - - # memoize allpackages, so that it's executed only once and only if used --_allpackages = $(shell go list ./... | grep -v vendor) -+_allpackages = $(shell $(GO) list ./... | grep -v vendor) - allpackages = $(if $(__allpackages),,$(eval __allpackages := $$(_allpackages)))$(__allpackages) --- -2.7.4 - diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb b/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb index a97676b60b..ed48abf66c 100644 --- a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb +++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb @@ -1,8 +1,7 @@ include runc.inc -SRCREV = "2e7cfe036e2c6dc51ccca6eb7fa3ee6b63976dcd" +SRCREV = "58415b4b12650291f435db8770cea48207b78afe" SRC_URI = " \ git://github.com/opencontainers/runc;branch=master \ - file://0001-Use-correct-go-cross-compiler.patch \ " -RUNC_VERSION = "1.0.0-rc4" +RUNC_VERSION = "1.0.0-rc5" diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc.inc b/import-layers/meta-virtualization/recipes-containers/runc/runc.inc index 0179103092..9199cef958 100644 --- a/import-layers/meta-virtualization/recipes-containers/runc/runc.inc +++ b/import-layers/meta-virtualization/recipes-containers/runc/runc.inc @@ -11,6 +11,8 @@ S = "${WORKDIR}/git" PV = "${RUNC_VERSION}+git${SRCPV}" inherit go +inherit goarch + RRECOMMENDS_${PN} = "lxc docker" PROVIDES += "virtual/runc" RPROVIDES_${PN} = "virtual/runc" @@ -20,7 +22,7 @@ GO_IMPORT = "import" LIBCONTAINER_PACKAGE="github.com/opencontainers/runc/libcontainer" do_configure[noexec] = "1" -EXTRA_OEMAKE="BUILDTAGS=''" +EXTRA_OEMAKE="BUILDTAGS='' GO=${GO}" do_compile() { # Set GOPATH. See 'PACKAGERS.md'. Don't rely on @@ -44,10 +46,12 @@ do_compile() { export CGO_ENABLED="1" export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" + export GO=${GO} + export CFLAGS="" export LDFLAGS="" - oe_runmake static + oe_runmake static } do_install() { diff --git a/import-layers/meta-virtualization/recipes-core/busybox/busybox_%.bbappend b/import-layers/meta-virtualization/recipes-core/busybox/busybox_%.bbappend index 8369a03112..617caccbd8 100644 --- a/import-layers/meta-virtualization/recipes-core/busybox/busybox_%.bbappend +++ b/import-layers/meta-virtualization/recipes-core/busybox/busybox_%.bbappend @@ -1,10 +1 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" - -SRC_URI += " \ - file://lspci.cfg \ - file://lsusb.cfg \ - file://mdev.cfg \ - file://mount-cifs.cfg \ - file://ps-extras.cfg \ - file://getopt.cfg \ - " +require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', '${BPN}_virtualization.inc', '', d)} diff --git a/import-layers/meta-virtualization/recipes-core/busybox/busybox_virtualization.inc b/import-layers/meta-virtualization/recipes-core/busybox/busybox_virtualization.inc new file mode 100644 index 0000000000..d9c4e677c7 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-core/busybox/busybox_virtualization.inc @@ -0,0 +1,10 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/busybox:" + +SRC_URI += " \ + file://lspci.cfg \ + file://lsusb.cfg \ + file://mdev.cfg \ + file://mount-cifs.cfg \ + file://ps-extras.cfg \ + file://getopt.cfg \ + " diff --git a/import-layers/meta-virtualization/recipes-core/runv/runv_git.bb b/import-layers/meta-virtualization/recipes-core/runv/runv_git.bb index 5125d90622..0301dd281b 100644 --- a/import-layers/meta-virtualization/recipes-core/runv/runv_git.bb +++ b/import-layers/meta-virtualization/recipes-core/runv/runv_git.bb @@ -22,7 +22,7 @@ inherit autotools-brokensep PACKAGECONFIG[xen] = "--with-xen,--without-xen," AUTOTOOLS_SCRIPT_PATH = "${S}/src/import/" -RDEPENDS_${PN} += " qemu" +RDEPENDS_${PN} += " qemu hyperstart" do_compile() { export GOARCH="${TARGET_GOARCH}" diff --git a/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend b/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend index 1b89aecdbf..8c0883255d 100644 --- a/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend +++ b/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend @@ -1,6 +1 @@ -do_install_append() { - if echo "${DISTRO_FEATURES}" | grep -q 'xen'; then - echo "" >> ${D}${sysconfdir}/inittab - echo "X0:12345:respawn:/sbin/getty 115200 hvc0" >> ${D}${sysconfdir}/inittab - fi -} +require ${@bb.utils.contains('DISTRO_FEATURES', 'xen', 'sysvinit-inittab_xen.inc', '', d)} diff --git a/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_xen.inc b/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_xen.inc new file mode 100644 index 0000000000..9d0589ce2a --- /dev/null +++ b/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_xen.inc @@ -0,0 +1,4 @@ +do_install_append() { + echo "" >> ${D}${sysconfdir}/inittab + echo "X0:12345:respawn:/sbin/getty 115200 hvc0" >> ${D}${sysconfdir}/inittab +} diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb index 24e19b501f..8abb9c0723 100644 --- a/import-layers/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb +++ b/import-layers/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb @@ -18,5 +18,7 @@ SRC_URI[sha256sum] = "6811010809262261e41ab7b92f3f6d23f35cf816fbec2bc05077992eeb S = "${WORKDIR}/${SRCNAME}-${PV}" +DEFAULT_PREFERENCE = "-1" + inherit setuptools diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb index 5a97c8c4f6..8cd1388ade 100644 --- a/import-layers/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb +++ b/import-layers/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb @@ -26,3 +26,5 @@ SRC_URI += "file://gevent-allow-ssl-v2-or-v3-certificates.patch" do_configure_append() { sed -i -e 's/^cross_compiling=no/cross_compiling=yes/' ${S}/libev/configure } + +DEFAULT_PREFERENCE = "-1" diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb index 2c2625d315..e151dcc4b7 100644 --- a/import-layers/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb +++ b/import-layers/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb @@ -22,6 +22,8 @@ SRC_URI += " \ SRC_URI[md5sum] = "573f21aaac7d5c9549798e72ffcefedd" SRC_URI[sha256sum] = "6071bfc817d94723e9b458a010d565365104f84aa73f7fe11919871f7562ff72" +DEFAULT_PREFERENCE = "-1" + inherit setuptools pypi DEPENDS += "openssl swig-native" diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb index cb1db8c604..ecb1719aae 100644 --- a/import-layers/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb +++ b/import-layers/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb @@ -25,6 +25,8 @@ SRC_URI[sha256sum] = "c36c938a872e5ff494938b33b14aaa156cb439ec67548fcab3535bb78b S = "${WORKDIR}/${SRCNAME}-${PV}" +DEFAULT_PREFERENCE = "-1" + inherit setuptools DEPENDS += "libyaml python-cython-native" diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb index 9eda8a5c88..2ef2b6b79c 100644 --- a/import-layers/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb +++ b/import-layers/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb @@ -15,6 +15,8 @@ SRC_URI[sha256sum] = "a4fb37b02860f6b1617f6469487471fd086dd2d38bbce640c2055862b9 S = "${WORKDIR}/${SRCNAME}-${PV}" +DEFAULT_PREFERENCE = "-1" + inherit setuptools RDEPENDS_${PN} = "redis" diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb index 63caeb488c..f22d2728ed 100644 --- a/import-layers/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb +++ b/import-layers/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb @@ -13,4 +13,6 @@ SRC_URI[sha256sum] = "68fb40049690e567ebda7b270176f5abf0d53d9fbd515fec4e43326f60 S = "${WORKDIR}/${SRCNAME}-${PV}" +DEFAULT_PREFERENCE = "-1" + inherit setuptools diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-twisted.inc b/import-layers/meta-virtualization/recipes-devtools/python/python-twisted.inc deleted file mode 100644 index d734e03b36..0000000000 --- a/import-layers/meta-virtualization/recipes-devtools/python/python-twisted.inc +++ /dev/null @@ -1,244 +0,0 @@ -DESCRIPTION = "Twisted is an event-driven networking framework written in Python and licensed under the LGPL. \ -Twisted supports TCP, UDP, SSL/TLS, multicast, Unix sockets, a large number of protocols \ -(including HTTP, NNTP, IMAP, SSH, IRC, FTP, and others), and much more." -HOMEPAGE = "http://www.twistedmatrix.com" - -#twisted/topfiles/NEWS:655: - Relicensed: Now under the MIT license, rather than LGPL. -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE;md5=5602d7228daf59a16f0f1b2640c46bca" - -SRC_URI[md5sum] = "83fe6c0c911cc1602dbffb036be0ba79" -SRC_URI[sha256sum] = "095175638c019ac7c0604f4c291724a16ff1acd062e181b01293bf4dcbc62cf3" - -PYPI_PACKAGE = "Twisted" -PYPI_PACKAGE_EXT = "tar.bz2" - -do_install_append() { - # remove some useless files before packaging - find ${D} \( -name "*.bat" -o -name "*.c" -o -name "*.h" \) -exec rm -f {} \; -} - -PACKAGES += "\ - ${PN}-zsh \ - ${PN}-test \ - ${PN}-protocols \ - ${PN}-conch \ - ${PN}-lore \ - ${PN}-mail \ - ${PN}-names \ - ${PN}-news \ - ${PN}-runner \ - ${PN}-web \ - ${PN}-words \ - ${PN}-flow \ - ${PN}-pair \ - ${PN}-core \ -" - -PACKAGES =+ "\ - ${PN}-src \ - ${PN}-bin \ -" - -RDEPENDS_${PN} = "\ - ${PN}-bin \ - ${PN}-conch \ - ${PN}-lore \ - ${PN}-mail \ - ${PN}-names \ - ${PN}-news \ - ${PN}-runner \ - ${PN}-web \ - ${PN}-words \ -" - -RDEPENDS_${PN}-core = "python-core python-zopeinterface python-contextlib" -RDEPENDS_${PN}-test = "${PN}" -RDEPENDS_${PN}-conch = "${PN}-core ${PN}-protocols" -RDEPENDS_${PN}-lore = "${PN}-core" -RDEPENDS_${PN}-mail = "${PN}-core ${PN}-protocols" -RDEPENDS_${PN}-names = "${PN}-core" -RDEPENDS_${PN}-news = "${PN}-core ${PN}-protocols" -RDEPENDS_${PN}-runner = "${PN}-core ${PN}-protocols" -RDEPENDS_${PN}-web += "${PN}-core ${PN}-protocols" -RDEPENDS_${PN}-words += "${PN}-core" -RDEPENDS_${PN}-flow += "${PN}-core" -RDEPENDS_${PN}-pair += "${PN}-core" -RDEPENDS_${PN}-dbg = "${PN}" - -ALLOW_EMPTY_${PN} = "1" -FILES_${PN} = "" - -FILES_${PN}-test = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/test \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/*/test \ -" - -FILES_${PN}-protocols = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/protocols/*.py* \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/protocols/gps/ \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/protocols/mice/ \ -" - -FILES_${PN}-zsh = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/python/zsh \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/python/zshcomp.* \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/python/twisted-completion.zsh \ -" - -FILES_${PN}-conch = " \ - ${bindir}/ckeygen \ - ${bindir}/tkconch \ - ${bindir}/conch \ - ${bindir}/conchftp \ - ${bindir}/cftp \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_conch.py* \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/conch \ -" - -FILES_${PN}-core = " \ -${bindir}/manhole \ -${bindir}/mktap \ -${bindir}/twistd \ -${bindir}/tap2deb \ -${bindir}/tap2rpm \ -${bindir}/tapconvert \ -${bindir}/tkmktap \ -${bindir}/trial \ -${bindir}/easy_install* \ -${bindir}/pyhtmlizer \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/*.so \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/*.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__init__.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/notestplugin.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/testplugin.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_ftp.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_inet.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_manhole.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_portforward.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_socks.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_telnet.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_trial.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/dropin.cache \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/application \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/cred \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/enterprise \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/internet \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/manhole \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/manhole \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/persisted \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/protocols\ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python\ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/timeoutqueue.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/filepath.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/dxprofile.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/plugin.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/htmlizer.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/__init__.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/dispatch.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/hook.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/threadpool.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/otp.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/usage.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/roots.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/versions.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/urlpath.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/util.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/components.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/logfile.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/runtime.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/reflect.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/context.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/threadable.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/rebuild.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/failure.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/lockfile.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/formmethod.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/finalize.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/win32.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/dist.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/shortcut.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/zipstream.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/release.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/syslog.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/log.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/compat.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/zshcomp.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/procutils.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/text.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/_twisted_zsh_stub \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/scripts/ \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/spread/ \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/tap/ \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/trial/ \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/__init__.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/_version.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/copyright.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/im.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/*.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/python/*.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/*.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/topfiles \ -${libdir}/${PYTHON_DIR}/site-packages/Twisted*egg-info \ -" - -FILES_${PN}-lore = " \ -${bindir}/bookify \ -${bindir}/lore \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_lore.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/lore \ -" - -FILES_${PN}-mail = " \ -${bindir}/mailmail \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_mail.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/mail \ -" - -FILES_${PN}-names = " \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_names.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/names \ -" - -FILES_${PN}-news = " \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_news.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/news \ -" - -FILES_${PN}-runner = " \ -${libdir}/site-packages/twisted/runner/portmap.so \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/runner\ -" - -FILES_${PN}-web = " \ -${bindir}/websetroot \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_web.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/web\ -" - -FILES_${PN}-words = " \ -${bindir}/im \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_words.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/words\ -" - -FILES_${PN}-flow = " \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_flow.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/flow \" - -FILES_${PN}-pair = " \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_pair.py* \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/pair \ -" - -FILES_${PN}-dbg += " \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/*/.debug \ -${libdir}/${PYTHON_DIR}/site-packages/twisted/*/*/.debug \ -" - -RDEPENDS_{PN}-src = "${PN}" -FILES_${PN}-src = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/*.py \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/*/*.py \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/*/*/*.py \ -" diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.6.0.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.6.0.bb deleted file mode 100644 index 71c74ffd15..0000000000 --- a/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.6.0.bb +++ /dev/null @@ -1,23 +0,0 @@ -DESCRIPTION = "WSGI request and response object" -HOMEPAGE = "http://webob.org/" -SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://docs/license.txt;md5=8ed3584bcc78c16da363747ccabc5af5" - -PR = "r0" -SRCNAME = "WebOb" - -SRC_URI = "http://pypi.python.org/packages/source/W/${SRCNAME}/${SRCNAME}-${PV}.tar.gz" - -SRC_URI[md5sum] = "089d7fc6745f175737800237c7287802" -SRC_URI[sha256sum] = "63d262d8f61b516321f786879c9277fa2209f7f57eb47b537eeecfea383d55b7" - -S = "${WORKDIR}/${SRCNAME}-${PV}" - -inherit setuptools - -RDEPENDS_${PN} += " \ - python-sphinx \ - python-nose \ - " - diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.7.3.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.7.3.bb new file mode 100644 index 0000000000..a2448bef3b --- /dev/null +++ b/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.7.3.bb @@ -0,0 +1,18 @@ +DESCRIPTION = "WSGI request and response object" +HOMEPAGE = "http://webob.org/" +SECTION = "devel/python" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://docs/license.txt;md5=8ed3584bcc78c16da363747ccabc5af5" + +PYPI_PACKAGE = "WebOb" + +SRC_URI[md5sum] = "350028baffc508e3d23c078118e35316" +SRC_URI[sha256sum] = "e65ca14b9f5ae5b031988ffc93f8b7f305ddfcf17a4c774ae0db47bcb3b87283" + +inherit setuptools pypi + +RDEPENDS_${PN} += " \ + python-sphinx \ + python-nose \ + " + diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client.inc b/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client.inc new file mode 100644 index 0000000000..31778c68d0 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client.inc @@ -0,0 +1,11 @@ +SUMMARY = "WebSocket client for python. hybi13 is supported." +HOMEPAGE = "https://github.com/websocket-client/websocket-client.git" +LICENSE = "LGPL-3.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=18b09a20dd186af4fd60f1a08311628c" + +inherit pypi + +PYPI_PACKAGE = "websocket_client" + +SRC_URI[md5sum] = "73d87aa16a2212da448b30aca9c5bf3b" +SRC_URI[sha256sum] = "15f585566e2ea7459136a632b9785aa081093064391878a448c382415e948d72" diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client_0.44.0.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client_0.44.0.bb new file mode 100644 index 0000000000..11eeb04ae3 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client_0.44.0.bb @@ -0,0 +1,2 @@ +require python-websocket-client.inc +inherit setuptools
\ No newline at end of file diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb index 763e5b9870..5f3e01fdcb 100644 --- a/import-layers/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb +++ b/import-layers/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb @@ -14,6 +14,8 @@ SRC_URI[sha256sum] = "9d2771e4c89be127bc4bac056ab7ceaf0e0064c723d6b6e195739c3af4 S = "${WORKDIR}/${SRCNAME}-${PV}" +DEFAULT_PREFERENCE = "-1" + inherit setuptools RDEPENDS_${PN} += "python-io \ diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python3-dockerpty_0.4.1.bb b/import-layers/meta-virtualization/recipes-devtools/python/python3-dockerpty_0.4.1.bb index a40f2a3051..31a864a5ed 100644 --- a/import-layers/meta-virtualization/recipes-devtools/python/python3-dockerpty_0.4.1.bb +++ b/import-layers/meta-virtualization/recipes-devtools/python/python3-dockerpty_0.4.1.bb @@ -1,7 +1,7 @@ SUMMARY = "Python library to use the pseudo-tty of a docker container" HOMEPAGE = "https://github.com/d11wtq/dockerpty" LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=afaf767baa20ac524dc12f1071ca493a" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57" inherit pypi setuptools3 diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python3-twisted_13.2.0.bb b/import-layers/meta-virtualization/recipes-devtools/python/python3-twisted_13.2.0.bb deleted file mode 100644 index 98016cca39..0000000000 --- a/import-layers/meta-virtualization/recipes-devtools/python/python3-twisted_13.2.0.bb +++ /dev/null @@ -1,67 +0,0 @@ -inherit pypi setuptools3 -require python-twisted.inc - -RDEPENDS_${PN}-core = "python3-core python3-zopeinterface python3-lang" - -FILES_${PN}-core_append += " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/__pycache__ \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/python/__pycache__/*pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/__init__*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/notestplugin*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/testplugin*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_ftp*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_inet*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_manhole*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_portforward*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_socks*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_telnet*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_trial*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_core*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_qtstub*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_reactors*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/cred*.pyc \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/dropin*.cache \ -" - -FILES_${PN}-names_append = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_names*.pyc \ -" - -FILES_${PN}-news_append = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_news*.pyc \ -" - -FILES_${PN}-protocols_append += " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/protocols/__pycache__/*pyc \ -" - -FILES_${PN}-conch_append = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_conch*.pyc \ -" - -FILES_${PN}-lore_append = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_lore*.pyc \ -" -FILES_${PN}-mail_append = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_mail*.pyc \ -" - -FILES_${PN}-web_append = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_web*.pyc \ -" - -FILES_${PN}-words_append = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_words*.pyc \ -" - -FILES_${PN}-flow_append = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_flow*.pyc \ -" - -FILES_${PN}-pair_append = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_pair*.pyc \ -" - -FILES_${PN}-runner_append = " \ - ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_runner*.pyc \ -" diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.44.0.bb b/import-layers/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.44.0.bb index 8dfc95f549..473e31ffb1 100644 --- a/import-layers/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.44.0.bb +++ b/import-layers/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.44.0.bb @@ -1,11 +1,2 @@ -SUMMARY = "WebSocket client for python. hybi13 is supported." -HOMEPAGE = "https://github.com/websocket-client/websocket-client.git" -LICENSE = "LGPL-3.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=18b09a20dd186af4fd60f1a08311628c" - -inherit pypi setuptools3 - -PYPI_PACKAGE = "websocket_client" - -SRC_URI[md5sum] = "73d87aa16a2212da448b30aca9c5bf3b" -SRC_URI[sha256sum] = "15f585566e2ea7459136a632b9785aa081093064391878a448c382415e948d72" +require python-websocket-client.inc +inherit setuptools3
\ No newline at end of file diff --git a/import-layers/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb b/import-layers/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb new file mode 100644 index 0000000000..0297477223 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb @@ -0,0 +1,25 @@ +SUMMARY = "The tiny Init service for HyperContainer" +DESCRIPTION = "The init Task for HyperContainer" + +LICENSE = "Apache-2" +LIC_FILES_CHKSUM = "file://LICENSE;md5=fa818a259cbed7ce8bc2a22d35a464fc" + +inherit autotools-brokensep + +SRC_URI = "git://github.com/hyperhq/hyperstart.git" + +SRCREV = "ad48a3230836f59ada163659cde151a37522068b" +PV = "v0.2+git${SRCREV}" + +S = "${WORKDIR}/git" + +CACHED_CONFIGUREVARS = "ac_cv_file__usr_include_linux_vm_sockets_h=true" + +do_install() { + install -d ${D}/var/lib/hyper/ + + install -m644 ${S}/build/hyper-initrd.img ${D}/var/lib/hyper/ + install -m644 ${S}/build/arch/x86_64/kernel ${D}/var/lib/hyper/ +} + +FILES_${PN} += "/var/lib/hyper" diff --git a/import-layers/meta-virtualization/recipes-extended/images/kvm-image-minimal.bb b/import-layers/meta-virtualization/recipes-extended/images/kvm-image-minimal.bb index c96edca7d6..b28cc309ca 100644 --- a/import-layers/meta-virtualization/recipes-extended/images/kvm-image-minimal.bb +++ b/import-layers/meta-virtualization/recipes-extended/images/kvm-image-minimal.bb @@ -2,7 +2,6 @@ DESCRIPTION = "A minimal kvm image" IMAGE_INSTALL = " \ packagegroup-core-boot \ - ${ROOTFS_PKGMANAGE_BOOTSTRAP} \ qemu \ libvirt \ libvirt-libvirtd \ diff --git a/import-layers/meta-virtualization/recipes-extended/iptables/iptables-meta-virtualization.inc b/import-layers/meta-virtualization/recipes-extended/iptables/iptables-meta-virtualization.inc new file mode 100644 index 0000000000..8fd521c94d --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/iptables/iptables-meta-virtualization.inc @@ -0,0 +1,19 @@ +RRECOMMENDS_${PN} += "kernel-module-ip6-tables \ + kernel-module-ip-tables \ + kernel-module-ip6table-filter \ + kernel-module-iptable-filter \ + kernel-module-ip6table-raw \ + kernel-module-iptable-raw \ + kernel-module-ip6table-nat \ + kernel-module-iptable-nat \ + kernel-module-ip6table-mangle \ + kernel-module-iptable-magle \ + kernel-module-ip6table-security \ + kernel-module-iptable-security \ + kernel-module-ipt-reject \ + kernel-module-iptable-mangle \ + kernel-module-xt-checksum \ + kernel-module-xt-conntrack \ + kernel-module-xt-state \ + kernel-module-xt-tcpudp \ + " diff --git a/import-layers/meta-virtualization/recipes-extended/iptables/iptables_1.%.bbappend b/import-layers/meta-virtualization/recipes-extended/iptables/iptables_1.%.bbappend index 52a4c4fe75..9a15e60c59 100644 --- a/import-layers/meta-virtualization/recipes-extended/iptables/iptables_1.%.bbappend +++ b/import-layers/meta-virtualization/recipes-extended/iptables/iptables_1.%.bbappend @@ -1,8 +1 @@ -RRECOMMENDS_${PN} += "kernel-module-ip6-tables \ - kernel-module-ip6table-filter \ - kernel-module-xt-tcpudp \ - kernel-module-ipt-reject \ - kernel-module-iptable-mangle \ - kernel-module-xt-checksum \ - kernel-module-xt-state \ - " +require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', '${BPN}-meta-virtualization.inc', '', d)} diff --git a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/add-initscript.patch b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/add-initscript.patch index 46a75a86f8..b0e608e66c 100644 --- a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/add-initscript.patch +++ b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/add-initscript.patch @@ -1,14 +1,23 @@ -irqbalance: add basic init script +From 80c45eecc193c6c13430ddeb40b9b0fd1841ceee Mon Sep 17 00:00:00 2001 +From: Mark Asselstine <mark.asselstine@windriver.com> +Date: Thu, 14 Mar 2013 23:31:38 -0700 +Subject: [PATCH] irqbalance: add basic init script The upstream irqbalance release package does not contain an init script so we create a basic one here. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- -Index: irqbalance-0.56/irqbalance.init -=================================================================== + irqbalance.init | 35 +++++++++++++++++++++++++++++++++++ + 1 file changed, 35 insertions(+) + create mode 100644 irqbalance.init + +diff --git a/irqbalance.init b/irqbalance.init +new file mode 100644 +index 0000000..d12d62c --- /dev/null -+++ irqbalance-0.56/irqbalance.init ++++ b/irqbalance.init @@ -0,0 +1,35 @@ +#!/bin/sh +# diff --git a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch index 5be52434ba..fb22d7a2ff 100644 --- a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch +++ b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch @@ -1,17 +1,22 @@ +From 20a1b2ff2e6d80924824983c363c80f66e05c0d0 Mon Sep 17 00:00:00 2001 +From: Ming Liu <ming.liu@windriver.com> +Date: Sun, 6 Sep 2015 14:43:24 +0800 Subject: [PATCH] grasp withval for libcap-ng Upstream-Status: Pending Signed-off-by: Ming Liu <ming.liu@windriver.com> + --- - configure.ac | 5 ++++- + configure.ac | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) -diff -urpN a/configure.ac b/configure.ac +diff --git a/configure.ac b/configure.ac +index 38a1bee..95f1488 100644 --- a/configure.ac +++ b/configure.ac -@@ -61,7 +61,10 @@ AS_IF( - AM_CONDITIONAL([LOCAL_GLIB], [test "x$local_glib2" = "xyes"]) +@@ -62,7 +62,10 @@ AS_IF( + ]) AC_ARG_WITH([libcap-ng], - AS_HELP_STRING([libcap-ng], [Add libcap-ng-support @<:@default=auto@:>@])) diff --git a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/irqbalance-Add-status-and-reload-commands.patch b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/irqbalance-Add-status-and-reload-commands.patch index d853d0b4a6..ec01448fc8 100644 --- a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/irqbalance-Add-status-and-reload-commands.patch +++ b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/irqbalance-Add-status-and-reload-commands.patch @@ -1,4 +1,4 @@ -From dc7366896dd5a5bae82be4b11530bc9fdb7cbcdd Mon Sep 17 00:00:00 2001 +From 9a16da2628cc4fddf37fe0368b4f6424270f0b2d Mon Sep 17 00:00:00 2001 From: Yang Shi <yang.shi@windriver.com> Date: Mon, 26 Aug 2013 10:58:02 -0700 Subject: [PATCH] irqbalance: Add status and reload commands @@ -6,9 +6,10 @@ Subject: [PATCH] irqbalance: Add status and reload commands Add status and reload commands for irqbalanced init script Signed-off-by: Yang Shi <yang.shi@windriver.com> + --- - irqbalance.init | 12 +++++++++--- - 1 files changed, 9 insertions(+), 3 deletions(-) + irqbalance.init | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/irqbalance.init b/irqbalance.init index d12d62c..f58bf55 100644 @@ -50,6 +51,3 @@ index d12d62c..f58bf55 100644 exit 1 ;; esac --- -1.7.5.4 - diff --git a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.1.0.bb b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.3.0.bb index 16efa95064..5581a8b531 100644 --- a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.1.0.bb +++ b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.3.0.bb @@ -4,8 +4,8 @@ require irqbalance.inc -SRC_URI[md5sum] = "b15d975336080bcac4be0c1752d43cf3" -SRC_URI[sha256sum] = "91506e638b03bf27cf5da7dc250d58a753ce8a0288a20265fc7ff0266040706b" +SRC_URI[md5sum] = "53ee393adcfbc8e5ab23cbbd920df687" +SRC_URI[sha256sum] = "41c2c0842d8fb24240d8069b389cd8d1669625a40009a17ad886967845dc6e43" SRC_URI = "https://github.com/Irqbalance/irqbalance/archive/v${PV}.tar.gz;downloadfilename=irqbalance-${PV}.tar.gz \ file://add-initscript.patch \ diff --git a/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/Makefiles-Add-more-XDR_CFLAGS-as-needed.patch b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/Makefiles-Add-more-XDR_CFLAGS-as-needed.patch new file mode 100644 index 0000000000..826cdd0a6f --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/Makefiles-Add-more-XDR_CFLAGS-as-needed.patch @@ -0,0 +1,62 @@ +From dcfc263db9e69e5381cb511c51836271dec577a3 Mon Sep 17 00:00:00 2001 +From: Mark Asselstine <mark.asselstine@windriver.com> +Date: Thu, 10 May 2018 13:27:47 -0400 +Subject: [PATCH] Makefiles: Add more $XDR_CFLAGS as needed + +When building with libtirpc instead of libc-xdr the include search +path needs to be used. In several places this was missing and it was +only looking in /usr/include and failing. + +Upstream-Status: Inappropriate [old release] + +Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> +--- + src/Makefile.am | 5 +++-- + tests/Makefile.am | 1 + + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/Makefile.am b/src/Makefile.am +index e9ce941..38114b7 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -1157,7 +1157,7 @@ libvirt_la_BUILT_LIBADD += libvirt_driver.la + libvirt_driver_la_SOURCES = $(DRIVER_SOURCES) + + libvirt_driver_la_CFLAGS = \ +- $(GNUTLS_CFLAGS) $(CURL_CFLAGS) \ ++ $(GNUTLS_CFLAGS) $(CURL_CFLAGS) $(XDR_CFLAGS) \ + -I$(srcdir)/conf $(AM_CFLAGS) + libvirt_driver_la_LIBADD = \ + $(GNUTLS_LIBS) $(CURL_LIBS) $(DLOPEN_LIBS) +@@ -1348,6 +1348,7 @@ endif ! WITH_DRIVER_MODULES + + libvirt_driver_qemu_impl_la_CFLAGS = \ + $(GNUTLS_CFLAGS) \ ++ $(XDR_CFLAGS) \ + $(LIBNL_CFLAGS) \ + -I$(srcdir)/access \ + -I$(srcdir)/conf \ +@@ -2306,7 +2307,7 @@ libvirt_lxc_la_LDFLAGS = \ + $(CYGWIN_EXTRA_LDFLAGS) \ + $(MINGW_EXTRA_LDFLAGS) \ + $(NULL) +-libvirt_lxc_la_CFLAGS = $(AM_CFLAGS) ++libvirt_lxc_la_CFLAGS = $(AM_CFLAGS) $(XDR_CFLAGS) + libvirt_lxc_la_LIBADD = libvirt.la $(CYGWIN_EXTRA_LIBADD) + + # Since virt-login-shell will be setuid, we must do everything +diff --git a/tests/Makefile.am b/tests/Makefile.am +index 2f8b9eb..aec9a3e 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -48,6 +48,7 @@ AM_CFLAGS = \ + $(APPARMOR_CFLAGS) \ + $(YAJL_CFLAGS) \ + $(COVERAGE_CFLAGS) \ ++ $(XDR_CFLAGS) \ + $(WARN_CFLAGS) + + AM_LDFLAGS = \ +-- +2.7.4 + diff --git a/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch new file mode 100644 index 0000000000..edbadb63ef --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch @@ -0,0 +1,36 @@ +From f10477f0fe5e4b7487a4a41faa216d10cd2bc7c3 Mon Sep 17 00:00:00 2001 +From: Mark Asselstine <mark.asselstine@windriver.com> +Date: Thu, 10 May 2018 12:05:04 -0400 +Subject: [PATCH] configure.ac: search for rpc/rpc.h in the sysroot + +We want to avoid host contamination and use the sysroot as the base +directory for our search so add the '=' the the '-I' when searching +for libtirpc's rpc.h header. + +Upstream-Status: Inappropriate [old release] + +Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> +--- + configure.ac | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 5a6408c..6c19f6d 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -705,10 +705,10 @@ if test x"$with_remote" = x"yes" || test x"$with_libvirtd" = x"yes"; then + dnl check for cygwin's variation in xdr function names + AC_CHECK_FUNCS([xdr_u_int64_t],[],[],[#include <rpc/xdr.h>]) + +- dnl Cygwin/recent glibc requires -I/usr/include/tirpc for <rpc/rpc.h> ++ dnl Cygwin/recent glibc requires -I=/usr/include/tirpc for <rpc/rpc.h> + old_CFLAGS=$CFLAGS + AC_CACHE_CHECK([where to find <rpc/rpc.h>], [lv_cv_xdr_cflags], [ +- for add_CFLAGS in '' '-I/usr/include/tirpc' 'missing'; do ++ for add_CFLAGS in '' '-I=/usr/include/tirpc' 'missing'; do + if test x"$add_CFLAGS" = xmissing; then + lv_cv_xdr_cflags=missing; break + fi +-- +2.7.4 + diff --git a/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt/dnsmasq.conf b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt/dnsmasq.conf new file mode 100644 index 0000000000..a7c3059862 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt/dnsmasq.conf @@ -0,0 +1,2 @@ +bind-interfaces +except-interface=virbr0 diff --git a/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt_1.3.5.bb b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt_1.3.5.bb index 8ed2505e49..35fd577eb0 100644 --- a/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt_1.3.5.bb +++ b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt_1.3.5.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ SECTION = "console/tools" DEPENDS = "bridge-utils gnutls libxml2 lvm2 avahi parted curl libpcap util-linux e2fsprogs pm-utils \ - iptables dnsmasq readline libtasn1 libxslt-native acl libdevmapper \ + iptables dnsmasq readline libtasn1 libxslt-native acl libdevmapper libtirpc \ ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'shadow-native', '', d)}" # libvirt-guests.sh needs gettext.sh @@ -27,6 +27,7 @@ SRC_URI = "http://libvirt.org/sources/libvirt-${PV}.tar.gz;name=libvirt \ file://tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch \ file://libvirtd.sh \ file://libvirtd.conf \ + file://dnsmasq.conf \ file://runptest.patch \ file://run-ptest \ file://tests-allow-separated-src-and-build-dirs.patch \ @@ -39,6 +40,8 @@ SRC_URI = "http://libvirt.org/sources/libvirt-${PV}.tar.gz;name=libvirt \ file://0001-ptest-add-missing-test_helper-files.patch \ file://0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch \ file://0001-Added-configure-variable-for-placing-systemd-untis-l.patch \ + file://configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch \ + file://Makefiles-Add-more-XDR_CFLAGS-as-needed.patch \ " SRC_URI[libvirt.md5sum] = "f9dc1e63d559eca50ae0ee798a4c6c6d" @@ -219,6 +222,7 @@ require libvirt-python.inc do_install_append() { install -d ${D}/etc/init.d install -d ${D}/etc/libvirt + install -d ${D}/etc/dnsmasq.d install -m 0755 ${WORKDIR}/libvirtd.sh ${D}/etc/init.d/libvirtd install -m 0644 ${WORKDIR}/libvirtd.conf ${D}/etc/libvirt/libvirtd.conf @@ -266,6 +270,10 @@ do_install_append() { # Add hook support for libvirt mkdir -p ${D}/etc/libvirt/hooks + # Force the main dnsmasq instance to bind only to specified interfaces and + # to not bind to virbr0. Libvirt will run its own instance on this interface. + install -m 644 ${WORKDIR}/dnsmasq.conf ${D}/${sysconfdir}/dnsmasq.d/libvirt-daemon + # remove .la references to our working diretory for i in `find ${D}${libdir} -type f -name *.la`; do sed -i -e 's#-L${B}/src/.libs##g' $i diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch new file mode 100644 index 0000000000..ad9524a304 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch @@ -0,0 +1,176 @@ +From ad208b8b7e45fb2b7c572b86c61c26412609e82d Mon Sep 17 00:00:00 2001 +From: George Dunlap <george.dunlap@citrix.com> +Date: Fri, 10 Nov 2017 16:53:54 +0000 +Subject: [PATCH 1/2] p2m: Always check to see if removing a p2m entry actually + worked + +The PoD zero-check functions speculatively remove memory from the p2m, +then check to see if it's completely zeroed, before putting it in the +cache. + +Unfortunately, the p2m_set_entry() calls may fail if the underlying +pagetable structure needs to change and the domain has exhausted its +p2m memory pool: for instance, if we're removing a 2MiB region out of +a 1GiB entry (in the p2m_pod_zero_check_superpage() case), or a 4k +region out of a 2MiB or larger entry (in the p2m_pod_zero_check() +case); and the return value is not checked. + +The underlying mfn will then be added into the PoD cache, and at some +point mapped into another location in the p2m. If the guest +afterwards ballons out this memory, it will be freed to the hypervisor +and potentially reused by another domain, in spite of the fact that +the original domain still has writable mappings to it. + +There are several places where p2m_set_entry() shouldn't be able to +fail, as it is guaranteed to write an entry of the same order that +succeeded before. Add a backstop of crashing the domain just in case, +and an ASSERT_UNREACHABLE() to flag up the broken assumption on debug +builds. + +While we're here, use PAGE_ORDER_2M rather than a magic constant. + +This is part of XSA-247. + +Reported-by: George Dunlap <george.dunlap.com> +Signed-off-by: George Dunlap <george.dunlap@citrix.com> +Reviewed-by: Jan Beulich <jbeulich@suse.com> +--- +v4: +- Removed some training whitespace +v3: +- Reformat reset clause to be more compact +- Make sure to set map[i] = NULL when unmapping in case we need to bail +v2: +- Crash a domain if a p2m_set_entry we think cannot fail fails anyway. +--- + xen/arch/x86/mm/p2m-pod.c | 77 +++++++++++++++++++++++++++++++++++++---------- + 1 file changed, 61 insertions(+), 16 deletions(-) + +diff --git a/xen/arch/x86/mm/p2m-pod.c b/xen/arch/x86/mm/p2m-pod.c +index 730a48f928..f2ed751892 100644 +--- a/xen/arch/x86/mm/p2m-pod.c ++++ b/xen/arch/x86/mm/p2m-pod.c +@@ -752,8 +752,10 @@ p2m_pod_zero_check_superpage(struct p2m_domain *p2m, unsigned long gfn) + } + + /* Try to remove the page, restoring old mapping if it fails. */ +- p2m_set_entry(p2m, gfn, INVALID_MFN, PAGE_ORDER_2M, +- p2m_populate_on_demand, p2m->default_access); ++ if ( p2m_set_entry(p2m, gfn, INVALID_MFN, PAGE_ORDER_2M, ++ p2m_populate_on_demand, p2m->default_access) ) ++ goto out; ++ + p2m_tlb_flush_sync(p2m); + + /* Make none of the MFNs are used elsewhere... for example, mapped +@@ -810,9 +812,18 @@ p2m_pod_zero_check_superpage(struct p2m_domain *p2m, unsigned long gfn) + ret = SUPERPAGE_PAGES; + + out_reset: +- if ( reset ) +- p2m_set_entry(p2m, gfn, mfn0, 9, type0, p2m->default_access); +- ++ /* ++ * This p2m_set_entry() call shouldn't be able to fail, since the same order ++ * on the same gfn succeeded above. If that turns out to be false, crashing ++ * the domain should be the safest way of making sure we don't leak memory. ++ */ ++ if ( reset && p2m_set_entry(p2m, gfn, mfn0, PAGE_ORDER_2M, ++ type0, p2m->default_access) ) ++ { ++ ASSERT_UNREACHABLE(); ++ domain_crash(d); ++ } ++ + out: + gfn_unlock(p2m, gfn, SUPERPAGE_ORDER); + return ret; +@@ -869,19 +880,30 @@ p2m_pod_zero_check(struct p2m_domain *p2m, unsigned long *gfns, int count) + } + + /* Try to remove the page, restoring old mapping if it fails. */ +- p2m_set_entry(p2m, gfns[i], INVALID_MFN, PAGE_ORDER_4K, +- p2m_populate_on_demand, p2m->default_access); ++ if ( p2m_set_entry(p2m, gfns[i], INVALID_MFN, PAGE_ORDER_4K, ++ p2m_populate_on_demand, p2m->default_access) ) ++ goto skip; + + /* See if the page was successfully unmapped. (Allow one refcount + * for being allocated to a domain.) */ + if ( (mfn_to_page(mfns[i])->count_info & PGC_count_mask) > 1 ) + { ++ /* ++ * If the previous p2m_set_entry call succeeded, this one shouldn't ++ * be able to fail. If it does, crashing the domain should be safe. ++ */ ++ if ( p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K, ++ types[i], p2m->default_access) ) ++ { ++ ASSERT_UNREACHABLE(); ++ domain_crash(d); ++ goto out_unmap; ++ } ++ ++ skip: + unmap_domain_page(map[i]); + map[i] = NULL; + +- p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K, +- types[i], p2m->default_access); +- + continue; + } + } +@@ -900,12 +922,25 @@ p2m_pod_zero_check(struct p2m_domain *p2m, unsigned long *gfns, int count) + + unmap_domain_page(map[i]); + +- /* See comment in p2m_pod_zero_check_superpage() re gnttab +- * check timing. */ +- if ( j < PAGE_SIZE/sizeof(*map[i]) ) ++ map[i] = NULL; ++ ++ /* ++ * See comment in p2m_pod_zero_check_superpage() re gnttab ++ * check timing. ++ */ ++ if ( j < (PAGE_SIZE / sizeof(*map[i])) ) + { +- p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K, +- types[i], p2m->default_access); ++ /* ++ * If the previous p2m_set_entry call succeeded, this one shouldn't ++ * be able to fail. If it does, crashing the domain should be safe. ++ */ ++ if ( p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K, ++ types[i], p2m->default_access) ) ++ { ++ ASSERT_UNREACHABLE(); ++ domain_crash(d); ++ goto out_unmap; ++ } + } + else + { +@@ -929,7 +964,17 @@ p2m_pod_zero_check(struct p2m_domain *p2m, unsigned long *gfns, int count) + p2m->pod.entry_count++; + } + } +- ++ ++ return; ++ ++out_unmap: ++ /* ++ * Something went wrong, probably crashing the domain. Unmap ++ * everything and return. ++ */ ++ for ( i = 0; i < count; i++ ) ++ if ( map[i] ) ++ unmap_domain_page(map[i]); + } + + #define POD_SWEEP_LIMIT 1024 +-- +2.15.0 + diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch new file mode 100644 index 0000000000..8c850bd7f5 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch @@ -0,0 +1,109 @@ +From d4bc7833707351a5341a6bdf04c752a028d9560d Mon Sep 17 00:00:00 2001 +From: George Dunlap <george.dunlap@citrix.com> +Date: Fri, 10 Nov 2017 16:53:55 +0000 +Subject: [PATCH 2/2] p2m: Check return value of p2m_set_entry() when + decreasing reservation + +If the entire range specified to p2m_pod_decrease_reservation() is marked +populate-on-demand, then it will make a single p2m_set_entry() call, +reducing its PoD entry count. + +Unfortunately, in the right circumstances, this p2m_set_entry() call +may fail. It that case, repeated calls to decrease_reservation() may +cause p2m->pod.entry_count to fall below zero, potentially tripping +over BUG_ON()s to the contrary. + +Instead, check to see if the entry succeeded, and return false if not. +The caller will then call guest_remove_page() on the gfns, which will +return -EINVAL upon finding no valid memory there to return. + +Unfortunately if the order > 0, the entry may have partially changed. +A domain_crash() is probably the safest thing in that case. + +Other p2m_set_entry() calls in the same function should be fine, +because they are writing the entry at its current order. Nonetheless, +check the return value and crash if our assumption turns otu to be +wrong. + +This is part of XSA-247. + +Reported-by: George Dunlap <george.dunlap.com> +Signed-off-by: George Dunlap <george.dunlap@citrix.com> +Reviewed-by: Jan Beulich <jbeulich@suse.com> +--- +v2: Crash the domain if we're not sure it's safe (or if we think it +can't happen) +--- + xen/arch/x86/mm/p2m-pod.c | 42 +++++++++++++++++++++++++++++++++--------- + 1 file changed, 33 insertions(+), 9 deletions(-) + +diff --git a/xen/arch/x86/mm/p2m-pod.c b/xen/arch/x86/mm/p2m-pod.c +index f2ed751892..473d6a6dbf 100644 +--- a/xen/arch/x86/mm/p2m-pod.c ++++ b/xen/arch/x86/mm/p2m-pod.c +@@ -555,11 +555,23 @@ p2m_pod_decrease_reservation(struct domain *d, + + if ( !nonpod ) + { +- /* All PoD: Mark the whole region invalid and tell caller +- * we're done. */ +- p2m_set_entry(p2m, gpfn, INVALID_MFN, order, p2m_invalid, +- p2m->default_access); +- p2m->pod.entry_count-=(1<<order); ++ /* ++ * All PoD: Mark the whole region invalid and tell caller ++ * we're done. ++ */ ++ if ( p2m_set_entry(p2m, gpfn, INVALID_MFN, order, p2m_invalid, ++ p2m->default_access) ) ++ { ++ /* ++ * If this fails, we can't tell how much of the range was changed. ++ * Best to crash the domain unless we're sure a partial change is ++ * impossible. ++ */ ++ if ( order != 0 ) ++ domain_crash(d); ++ goto out_unlock; ++ } ++ p2m->pod.entry_count -= 1UL << order; + BUG_ON(p2m->pod.entry_count < 0); + ret = 1; + goto out_entry_check; +@@ -600,8 +612,14 @@ p2m_pod_decrease_reservation(struct domain *d, + n = 1UL << cur_order; + if ( t == p2m_populate_on_demand ) + { +- p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order, +- p2m_invalid, p2m->default_access); ++ /* This shouldn't be able to fail */ ++ if ( p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order, ++ p2m_invalid, p2m->default_access) ) ++ { ++ ASSERT_UNREACHABLE(); ++ domain_crash(d); ++ goto out_unlock; ++ } + p2m->pod.entry_count -= n; + BUG_ON(p2m->pod.entry_count < 0); + pod -= n; +@@ -622,8 +640,14 @@ p2m_pod_decrease_reservation(struct domain *d, + + page = mfn_to_page(mfn); + +- p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order, +- p2m_invalid, p2m->default_access); ++ /* This shouldn't be able to fail */ ++ if ( p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order, ++ p2m_invalid, p2m->default_access) ) ++ { ++ ASSERT_UNREACHABLE(); ++ domain_crash(d); ++ goto out_unlock; ++ } + p2m_tlb_flush_sync(p2m); + for ( j = 0; j < n; ++j ) + set_gpfn_from_mfn(mfn_x(mfn), INVALID_M2P_ENTRY); +-- +2.15.0 + diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/fix-libxc-xc_dom_arm-missing-initialization.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/fix-libxc-xc_dom_arm-missing-initialization.patch deleted file mode 100644 index 05016a7a36..0000000000 --- a/import-layers/meta-virtualization/recipes-extended/xen/files/fix-libxc-xc_dom_arm-missing-initialization.patch +++ /dev/null @@ -1,36 +0,0 @@ -commit 88bfbf90e35f1213f9967a97dee0b2039f9998a4 -Author: Bernd Kuhls <bernd.kuhls@t-online.de> -Date: Sat Aug 19 16:21:42 2017 +0200 - - tools/libxc/xc_dom_arm: add missing variable initialization - - The variable domctl.u.address_size.size may remain uninitialized if - guest_type is not one of xen-3.0-aarch64 or xen-3.0-armv7l. And the - code precisely checks if this variable is still 0 to decide if the - guest type is supported or not. - - This fixes the following build failure with gcc 7.x: - - xc_dom_arm.c:229:31: error: 'domctl.u.address_size.size' may be used uninitialized in this function [-Werror=maybe-uninitialized] - if ( domctl.u.address_size.size == 0 ) - - Patch originally taken from - https://www.mail-archive.com/xen-devel@lists.xen.org/msg109313.html. - - Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> - Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> - Acked-by: Wei Liu <wei.liu2@citrix.com> - -diff --git a/tools/libxc/xc_dom_arm.c b/tools/libxc/xc_dom_arm.c -index e7d4bd0..e669fb0 100644 ---- a/tools/libxc/xc_dom_arm.c -+++ b/tools/libxc/xc_dom_arm.c -@@ -223,6 +223,8 @@ static int set_mode(xc_interface *xch, domid_t domid, char *guest_type) - - domctl.domain = domid; - domctl.cmd = XEN_DOMCTL_set_address_size; -+ domctl.u.address_size.size = 0; -+ - for ( i = 0; i < ARRAY_SIZE(types); i++ ) - if ( !strcmp(types[i].guest, guest_type) ) - domctl.u.address_size.size = types[i].size; diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch new file mode 100644 index 0000000000..4bbf21a18c --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch @@ -0,0 +1,13 @@ +Index: src/core/dhcp.c +=================================================================== +--- a/src/core/dhcp.c ++++ b/src/core/dhcp.c +@@ -1356,7 +1358,7 @@ dhcp_create_request(struct netif *netif) + dhcp->msg_out->giaddr.addr = 0; + for (i = 0; i < DHCP_CHADDR_LEN; i++) { + /* copy netif hardware address, pad with zeroes */ +- dhcp->msg_out->chaddr[i] = (i < netif->hwaddr_len) ? netif->hwaddr[i] : 0/* pad byte*/; ++ dhcp->msg_out->chaddr[i] = (i < (netif->hwaddr_len > NETIF_MAX_HWADDR_LEN ? NETIF_MAX_HWADDR_LEN : netif->hwaddr_len)) ? netif->hwaddr[i] : 0/* pad byte*/; + } + for (i = 0; i < DHCP_SNAME_LEN; i++) { + dhcp->msg_out->sname[i] = 0; diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs b/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs new file mode 100644 index 0000000000..b2718778c6 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs @@ -0,0 +1,2398 @@ +? .ChangeLog.swp +? ChangeLog +Index: CHANGELOG +=================================================================== +RCS file: /sources/lwip/lwip/CHANGELOG,v +retrieving revision 1.300 +retrieving revision 1.318 +diff -u -p -r1.300 -r1.318 +--- a/CHANGELOG 23 Mar 2008 13:49:39 -0000 1.300 ++++ b/CHANGELOG 14 Jul 2008 20:12:36 -0000 1.318 +@@ -19,9 +19,77 @@ HISTORY + + ++ New features: + ++ 2008-06-30 Simon Goldschmidt ++ * mem.c, opt.h, stats.h: fixed bug #21433: Calling mem_free/pbuf_free from ++ interrupt context isn't safe: LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT allows ++ mem_free to run between mem_malloc iterations. Added illegal counter for ++ mem stats. ++ ++ 2008-06-27 Simon Goldschmidt ++ * stats.h/.c, some other files: patch #6483: stats module improvement: ++ Added defines to display each module's statistic individually, added stats ++ defines for MEM, MEMP and SYS modules, removed (unused) rexmit counter. ++ ++ 2008-06-17 Simon Goldschmidt ++ * err.h: patch #6459: Made err_t overridable to use a more efficient type ++ (define LWIP_ERR_T in cc.h) ++ ++ 2008-06-17 Simon Goldschmidt ++ * slipif.c: patch #6480: Added a configuration option for slipif for symmetry ++ to loopif ++ ++ 2008-06-17 Simon Goldschmidt (patch by Luca Ceresoli) ++ * netif.c, loopif.c, ip.c, netif.h, loopif.h, opt.h: Checked in slightly ++ modified version of patch # 6370: Moved loopif code to netif.c so that ++ loopback traffic is supported on all netifs (all local IPs). ++ Added option to limit loopback packets for each netifs. ++ + + ++ Bugfixes: + ++ 2008-08-14 Simon Goldschmidt ++ * api_msg.c: fixed bug #23847: do_close_internal references freed memory (when ++ tcp_close returns != ERR_OK) ++ ++ 2008-07-08 Frédéric Bernon ++ * stats.h: Fix some build bugs introduced with patch #6483 (missing some parameters ++ in macros, mainly if MEM_STATS=0 and MEMP_STATS=0). ++ ++ 2008-06-24 Jonathan Larmour ++ * tcp_in.c: Fix for bug #23693 as suggested by Art R. Ensure cseg is unused ++ if tcp_seg_copy fails. ++ ++ 2008-06-17 Simon Goldschmidt ++ * inet_chksum.c: Checked in some ideas of patch #6460 (loop optimizations) ++ and created defines for swapping bytes and folding u32 to u16. ++ ++ 2008-05-30 Kieran Mansley ++ * tcp_in.c Remove redundant "if" statement, and use real rcv_wnd ++ rather than rcv_ann_wnd when deciding if packets are in-window. ++ Contributed by <arasmussen@consultant.datasys.swri.edu> ++ ++ 2008-05-30 Kieran Mansley ++ * mem.h: Fix BUG#23254. Change macro definition of mem_* to allow ++ passing as function pointers when MEM_LIBC_MALLOC is defined. ++ ++ 2008-05-09 Jonathan Larmour ++ * err.h, err.c, sockets.c: Fix bug #23119: Reorder timeout error code to ++ stop it being treated as a fatal error. ++ ++ 2008-04-15 Simon Goldschmidt ++ * dhcp.c: fixed bug #22804: dhcp_stop doesn't clear NETIF_FLAG_DHCP ++ (flag now cleared) ++ ++ 2008-03-27 Simon Goldschmidt ++ * mem.c, tcpip.c, tcpip.h, opt.h: fixed bug #21433 (Calling mem_free/pbuf_free ++ from interrupt context isn't safe): set LWIP_USE_HEAP_FROM_INTERRUPT to 1 ++ in lwipopts.h or use pbuf_free_callback(p)/mem_free_callback(m) to free pbufs ++ or heap memory from interrupt context ++ ++ 2008-03-26 Simon Goldschmidt ++ * tcp_in.c, tcp.c: fixed bug #22249: division by zero could occur if a remote ++ host sent a zero mss as TCP option. ++ + + (STABLE-1.3.0) + +Index: src/api/api_msg.c +=================================================================== +RCS file: /sources/lwip/lwip/src/api/api_msg.c,v +retrieving revision 1.102 +retrieving revision 1.104 +diff -u -p -r1.102 -r1.104 +--- a/src/api/api_msg.c 21 Mar 2008 16:23:14 -0000 1.102 ++++ b/src/api/api_msg.c 15 Jul 2008 11:18:58 -0000 1.104 +@@ -598,11 +598,16 @@ do_close_internal(struct netconn *conn) + LWIP_ASSERT("pcb already closed", (conn->pcb.tcp != NULL)); + + /* Set back some callback pointers */ ++ tcp_arg(conn->pcb.tcp, NULL); + if (conn->pcb.tcp->state == LISTEN) { +- tcp_arg(conn->pcb.tcp, NULL); + tcp_accept(conn->pcb.tcp, NULL); + } else { + tcp_recv(conn->pcb.tcp, NULL); ++ tcp_accept(conn->pcb.tcp, NULL); ++ /* some callbacks have to be reset if tcp_close is not successful */ ++ tcp_sent(conn->pcb.tcp, NULL); ++ tcp_poll(conn->pcb.tcp, NULL, 4); ++ tcp_err(conn->pcb.tcp, NULL); + } + /* Try to close the connection */ + err = tcp_close(conn->pcb.tcp); +@@ -610,11 +615,6 @@ do_close_internal(struct netconn *conn) + /* Closing succeeded */ + conn->state = NETCONN_NONE; + /* Set back some callback pointers as conn is going away */ +- tcp_err(conn->pcb.tcp, NULL); +- tcp_poll(conn->pcb.tcp, NULL, 4); +- tcp_sent(conn->pcb.tcp, NULL); +- tcp_recv(conn->pcb.tcp, NULL); +- tcp_arg(conn->pcb.tcp, NULL); + conn->pcb.tcp = NULL; + conn->err = ERR_OK; + /* Trigger select() in socket layer. This send should something else so the +@@ -623,6 +623,14 @@ do_close_internal(struct netconn *conn) + API_EVENT(conn, NETCONN_EVT_SENDPLUS, 0); + /* wake up the application task */ + sys_sem_signal(conn->op_completed); ++ } else { ++ /* Closing failed, restore some of the callbacks */ ++ /* Closing of listen pcb will never fail! */ ++ LWIP_ASSERT("Closing a listen pcb may not fail!", (conn->pcb.tcp->state != LISTEN)); ++ tcp_sent(conn->pcb.tcp, sent_tcp); ++ tcp_poll(conn->pcb.tcp, poll_tcp, 4); ++ tcp_err(conn->pcb.tcp, err_tcp); ++ tcp_arg(conn->pcb.tcp, conn); + } + /* If closing didn't succeed, we get called again either + from poll_tcp or from sent_tcp */ +Index: src/api/err.c +=================================================================== +RCS file: /sources/lwip/lwip/src/api/err.c,v +retrieving revision 1.11 +retrieving revision 1.12 +diff -u -p -r1.11 -r1.12 +--- a/src/api/err.c 13 Dec 2007 23:06:50 -0000 1.11 ++++ b/src/api/err.c 9 May 2008 12:14:23 -0000 1.12 +@@ -44,17 +44,17 @@ static const char *err_strerr[] = { + "Ok.", /* ERR_OK 0 */ + "Out of memory error.", /* ERR_MEM -1 */ + "Buffer error.", /* ERR_BUF -2 */ +- "Routing problem.", /* ERR_RTE -3 */ +- "Connection aborted.", /* ERR_ABRT -4 */ +- "Connection reset.", /* ERR_RST -5 */ +- "Connection closed.", /* ERR_CLSD -6 */ +- "Not connected.", /* ERR_CONN -7 */ +- "Illegal value.", /* ERR_VAL -8 */ +- "Illegal argument.", /* ERR_ARG -9 */ +- "Address in use.", /* ERR_USE -10 */ +- "Low-level netif error.", /* ERR_IF -11 */ +- "Already connected.", /* ERR_ISCONN -12 */ +- "Timeout.", /* ERR_TIMEOUT -13 */ ++ "Timeout.", /* ERR_TIMEOUT -3 */ ++ "Routing problem.", /* ERR_RTE -4 */ ++ "Connection aborted.", /* ERR_ABRT -5 */ ++ "Connection reset.", /* ERR_RST -6 */ ++ "Connection closed.", /* ERR_CLSD -7 */ ++ "Not connected.", /* ERR_CONN -8 */ ++ "Illegal value.", /* ERR_VAL -9 */ ++ "Illegal argument.", /* ERR_ARG -10 */ ++ "Address in use.", /* ERR_USE -11 */ ++ "Low-level netif error.", /* ERR_IF -12 */ ++ "Already connected.", /* ERR_ISCONN -13 */ + "Operation in progress." /* ERR_INPROGRESS -14 */ + }; + +Index: src/api/netdb.c +=================================================================== +RCS file: /sources/lwip/lwip/src/api/netdb.c,v +retrieving revision 1.4 +retrieving revision 1.5 +diff -u -p -r1.4 -r1.5 +--- a/src/api/netdb.c 26 Jan 2008 16:11:39 -0000 1.4 ++++ b/src/api/netdb.c 16 Jul 2008 20:36:12 -0000 1.5 +@@ -326,7 +326,8 @@ lwip_getaddrinfo(const char *nodename, c + if (nodename != NULL) { + /* copy nodename to canonname if specified */ + size_t namelen = strlen(nodename); +- ai->ai_canonname = mem_malloc(namelen + 1); ++ LWIP_ASSERT("namelen is too long", (namelen + 1) <= (mem_size_t)-1); ++ ai->ai_canonname = mem_malloc((mem_size_t)(namelen + 1)); + if (ai->ai_canonname == NULL) { + goto memerr; + } +Index: src/api/sockets.c +=================================================================== +RCS file: /sources/lwip/lwip/src/api/sockets.c,v +retrieving revision 1.116 +retrieving revision 1.117 +diff -u -p -r1.116 -r1.117 +--- a/src/api/sockets.c 13 Mar 2008 20:03:57 -0000 1.116 ++++ b/src/api/sockets.c 9 May 2008 12:14:24 -0000 1.117 +@@ -128,17 +128,17 @@ static const int err_to_errno_table[] = + 0, /* ERR_OK 0 No error, everything OK. */ + ENOMEM, /* ERR_MEM -1 Out of memory error. */ + ENOBUFS, /* ERR_BUF -2 Buffer error. */ +- EHOSTUNREACH, /* ERR_RTE -3 Routing problem. */ +- ECONNABORTED, /* ERR_ABRT -4 Connection aborted. */ +- ECONNRESET, /* ERR_RST -5 Connection reset. */ +- ESHUTDOWN, /* ERR_CLSD -6 Connection closed. */ +- ENOTCONN, /* ERR_CONN -7 Not connected. */ +- EINVAL, /* ERR_VAL -8 Illegal value. */ +- EIO, /* ERR_ARG -9 Illegal argument. */ +- EADDRINUSE, /* ERR_USE -10 Address in use. */ +- -1, /* ERR_IF -11 Low-level netif error */ +- -1, /* ERR_ISCONN -12 Already connected. */ +- ETIMEDOUT, /* ERR_TIMEOUT -13 Timeout */ ++ ETIMEDOUT, /* ERR_TIMEOUT -3 Timeout */ ++ EHOSTUNREACH, /* ERR_RTE -4 Routing problem. */ ++ ECONNABORTED, /* ERR_ABRT -5 Connection aborted. */ ++ ECONNRESET, /* ERR_RST -6 Connection reset. */ ++ ESHUTDOWN, /* ERR_CLSD -7 Connection closed. */ ++ ENOTCONN, /* ERR_CONN -8 Not connected. */ ++ EINVAL, /* ERR_VAL -9 Illegal value. */ ++ EIO, /* ERR_ARG -10 Illegal argument. */ ++ EADDRINUSE, /* ERR_USE -11 Address in use. */ ++ -1, /* ERR_IF -12 Low-level netif error */ ++ -1, /* ERR_ISCONN -13 Already connected. */ + EINPROGRESS /* ERR_INPROGRESS -14 Operation in progress */ + }; + +Index: src/api/tcpip.c +=================================================================== +RCS file: /sources/lwip/lwip/src/api/tcpip.c,v +retrieving revision 1.70 +retrieving revision 1.73 +diff -u -p -r1.70 -r1.73 +--- a/src/api/tcpip.c 12 Jan 2008 11:52:22 -0000 1.70 ++++ b/src/api/tcpip.c 27 Jun 2008 20:34:51 -0000 1.73 +@@ -518,4 +518,42 @@ tcpip_init(void (* initfunc)(void *), vo + sys_thread_new(TCPIP_THREAD_NAME, tcpip_thread, NULL, TCPIP_THREAD_STACKSIZE, TCPIP_THREAD_PRIO); + } + ++/** ++ * Simple callback function used with tcpip_callback to free a pbuf ++ * (pbuf_free has a wrong signature for tcpip_callback) ++ * ++ * @param p The pbuf (chain) to be dereferenced. ++ */ ++static void ++pbuf_free_int(void *p) ++{ ++ struct pbuf *q = p; ++ pbuf_free(q); ++} ++ ++/** ++ * A simple wrapper function that allows you to free a pbuf from interrupt context. ++ * ++ * @param p The pbuf (chain) to be dereferenced. ++ * @return ERR_OK if callback could be enqueued, an err_t if not ++ */ ++err_t ++pbuf_free_callback(struct pbuf *p) ++{ ++ return tcpip_callback_with_block(pbuf_free_int, p, 0); ++} ++ ++/** ++ * A simple wrapper function that allows you to free heap memory from ++ * interrupt context. ++ * ++ * @param m the heap memory to free ++ * @return ERR_OK if callback could be enqueued, an err_t if not ++ */ ++err_t ++mem_free_callback(void *m) ++{ ++ return tcpip_callback_with_block(mem_free, m, 0); ++} ++ + #endif /* !NO_SYS */ +Index: src/core/dhcp.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/dhcp.c,v +retrieving revision 1.86 +retrieving revision 1.87 +diff -u -p -r1.86 -r1.87 +--- a/src/core/dhcp.c 4 Mar 2008 14:25:58 -0000 1.86 ++++ b/src/core/dhcp.c 15 Apr 2008 17:24:55 -0000 1.87 +@@ -568,6 +568,8 @@ dhcp_start(struct netif *netif) + LWIP_ERROR("netif != NULL", (netif != NULL), return ERR_ARG;); + dhcp = netif->dhcp; + LWIP_DEBUGF(DHCP_DEBUG | LWIP_DBG_TRACE | LWIP_DBG_STATE, ("dhcp_start(netif=%p) %c%c%"U16_F"\n", (void*)netif, netif->name[0], netif->name[1], (u16_t)netif->num)); ++ /* Remove the flag that says this netif is handled by DHCP, ++ it is set when we succeeded starting. */ + netif->flags &= ~NETIF_FLAG_DHCP; + + /* no DHCP client attached yet? */ +@@ -609,6 +611,7 @@ dhcp_start(struct netif *netif) + dhcp_stop(netif); + return ERR_MEM; + } ++ /* Set the flag that says this netif is handled by DHCP. */ + netif->flags |= NETIF_FLAG_DHCP; + return result; + } +@@ -1063,6 +1066,8 @@ dhcp_stop(struct netif *netif) + { + struct dhcp *dhcp = netif->dhcp; + LWIP_ERROR("dhcp_stop: netif != NULL", (netif != NULL), return;); ++ /* Remove the flag that says this netif is handled by DHCP. */ ++ netif->flags &= ~NETIF_FLAG_DHCP; + + LWIP_DEBUGF(DHCP_DEBUG | LWIP_DBG_TRACE | 3, ("dhcp_stop()\n")); + /* netif is DHCP configured? */ +Index: src/core/mem.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/mem.c,v +retrieving revision 1.59 +retrieving revision 1.62 +diff -u -p -r1.59 -r1.62 +--- a/src/core/mem.c 4 Mar 2008 16:31:32 -0000 1.59 ++++ b/src/core/mem.c 30 Jun 2008 18:16:51 -0000 1.62 +@@ -177,9 +177,36 @@ static u8_t *ram; + static struct mem *ram_end; + /** pointer to the lowest free block, this is used for faster search */ + static struct mem *lfree; ++ + /** concurrent access protection */ + static sys_sem_t mem_sem; + ++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT ++ ++static volatile u8_t mem_free_count; ++ ++/* Allow mem_free from other (e.g. interrupt) context */ ++#define LWIP_MEM_FREE_DECL_PROTECT() SYS_ARCH_DECL_PROTECT(lev_free) ++#define LWIP_MEM_FREE_PROTECT() SYS_ARCH_PROTECT(lev_free) ++#define LWIP_MEM_FREE_UNPROTECT() SYS_ARCH_UNPROTECT(lev_free) ++#define LWIP_MEM_ALLOC_DECL_PROTECT() SYS_ARCH_DECL_PROTECT(lev_alloc) ++#define LWIP_MEM_ALLOC_PROTECT() SYS_ARCH_PROTECT(lev_alloc) ++#define LWIP_MEM_ALLOC_UNPROTECT() SYS_ARCH_UNPROTECT(lev_alloc) ++ ++#else /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ ++ ++/* Protect the heap only by using a semaphore */ ++#define LWIP_MEM_FREE_DECL_PROTECT() ++#define LWIP_MEM_FREE_PROTECT() sys_arch_sem_wait(mem_sem, 0) ++#define LWIP_MEM_FREE_UNPROTECT() sys_sem_signal(mem_sem) ++/* mem_malloc is protected using semaphore AND LWIP_MEM_ALLOC_PROTECT */ ++#define LWIP_MEM_ALLOC_DECL_PROTECT() ++#define LWIP_MEM_ALLOC_PROTECT() ++#define LWIP_MEM_ALLOC_UNPROTECT() ++ ++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ ++ ++ + /** + * "Plug holes" by combining adjacent empty struct mems. + * After this function is through, there should not exist +@@ -255,9 +282,7 @@ mem_init(void) + /* initialize the lowest-free pointer to the start of the heap */ + lfree = (struct mem *)ram; + +-#if MEM_STATS +- lwip_stats.mem.avail = MEM_SIZE_ALIGNED; +-#endif /* MEM_STATS */ ++ MEM_STATS_AVAIL(avail, MEM_SIZE_ALIGNED); + } + + /** +@@ -270,6 +295,7 @@ void + mem_free(void *rmem) + { + struct mem *mem; ++ LWIP_MEM_FREE_DECL_PROTECT(); + + if (rmem == NULL) { + LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_TRACE | 2, ("mem_free(p == NULL) was called.\n")); +@@ -277,20 +303,20 @@ mem_free(void *rmem) + } + LWIP_ASSERT("mem_free: sanity check alignment", (((mem_ptr_t)rmem) & (MEM_ALIGNMENT-1)) == 0); + +- /* protect the heap from concurrent access */ +- sys_arch_sem_wait(mem_sem, 0); +- + LWIP_ASSERT("mem_free: legal memory", (u8_t *)rmem >= (u8_t *)ram && + (u8_t *)rmem < (u8_t *)ram_end); + + if ((u8_t *)rmem < (u8_t *)ram || (u8_t *)rmem >= (u8_t *)ram_end) { ++ SYS_ARCH_DECL_PROTECT(lev); + LWIP_DEBUGF(MEM_DEBUG | 3, ("mem_free: illegal memory\n")); +-#if MEM_STATS +- ++lwip_stats.mem.err; +-#endif /* MEM_STATS */ +- sys_sem_signal(mem_sem); ++ /* protect mem stats from concurrent access */ ++ SYS_ARCH_PROTECT(lev); ++ MEM_STATS_INC(illegal); ++ SYS_ARCH_UNPROTECT(lev); + return; + } ++ /* protect the heap from concurrent access */ ++ LWIP_MEM_FREE_PROTECT(); + /* Get the corresponding struct mem ... */ + mem = (struct mem *)((u8_t *)rmem - SIZEOF_STRUCT_MEM); + /* ... which has to be in a used state ... */ +@@ -303,13 +329,14 @@ mem_free(void *rmem) + lfree = mem; + } + +-#if MEM_STATS +- lwip_stats.mem.used -= mem->next - ((u8_t *)mem - ram); +-#endif /* MEM_STATS */ ++ MEM_STATS_DEC_USED(used, mem->next - ((u8_t *)mem - ram)); + + /* finally, see if prev or next are free also */ + plug_holes(mem); +- sys_sem_signal(mem_sem); ++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT ++ mem_free_count = 1; ++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ ++ LWIP_MEM_FREE_UNPROTECT(); + } + + /** +@@ -321,6 +348,8 @@ mem_free(void *rmem) + * @param newsize required size after shrinking (needs to be smaller than or + * equal to the previous size) + * @return for compatibility reasons: is always == rmem, at the moment ++ * or NULL if newsize is > old size, in which case rmem is NOT touched ++ * or freed! + */ + void * + mem_realloc(void *rmem, mem_size_t newsize) +@@ -328,6 +357,8 @@ mem_realloc(void *rmem, mem_size_t newsi + mem_size_t size; + mem_size_t ptr, ptr2; + struct mem *mem, *mem2; ++ /* use the FREE_PROTECT here: it protects with sem OR SYS_ARCH_PROTECT */ ++ LWIP_MEM_FREE_DECL_PROTECT(); + + /* Expand the size of the allocated memory region so that we can + adjust for alignment. */ +@@ -346,7 +377,12 @@ mem_realloc(void *rmem, mem_size_t newsi + (u8_t *)rmem < (u8_t *)ram_end); + + if ((u8_t *)rmem < (u8_t *)ram || (u8_t *)rmem >= (u8_t *)ram_end) { ++ SYS_ARCH_DECL_PROTECT(lev); + LWIP_DEBUGF(MEM_DEBUG | 3, ("mem_realloc: illegal memory\n")); ++ /* protect mem stats from concurrent access */ ++ SYS_ARCH_PROTECT(lev); ++ MEM_STATS_INC(illegal); ++ SYS_ARCH_UNPROTECT(lev); + return rmem; + } + /* Get the corresponding struct mem ... */ +@@ -366,11 +402,9 @@ mem_realloc(void *rmem, mem_size_t newsi + } + + /* protect the heap from concurrent access */ +- sys_arch_sem_wait(mem_sem, 0); ++ LWIP_MEM_FREE_PROTECT(); + +-#if MEM_STATS +- lwip_stats.mem.used -= (size - newsize); +-#endif /* MEM_STATS */ ++ MEM_STATS_DEC_USED(used, (size - newsize)); + + mem2 = (struct mem *)&ram[mem->next]; + if(mem2->used == 0) { +@@ -426,7 +460,10 @@ mem_realloc(void *rmem, mem_size_t newsi + -> don't do anyhting. + -> the remaining space stays unused since it is too small + } */ +- sys_sem_signal(mem_sem); ++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT ++ mem_free_count = 1; ++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ ++ LWIP_MEM_FREE_UNPROTECT(); + return rmem; + } + +@@ -444,6 +481,10 @@ mem_malloc(mem_size_t size) + { + mem_size_t ptr, ptr2; + struct mem *mem, *mem2; ++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT ++ u8_t local_mem_free_count = 0; ++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ ++ LWIP_MEM_ALLOC_DECL_PROTECT(); + + if (size == 0) { + return NULL; +@@ -464,88 +505,101 @@ mem_malloc(mem_size_t size) + + /* protect the heap from concurrent access */ + sys_arch_sem_wait(mem_sem, 0); ++ LWIP_MEM_ALLOC_PROTECT(); ++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT ++ /* run as long as a mem_free disturbed mem_malloc */ ++ do { ++ local_mem_free_count = 0; ++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ ++ ++ /* Scan through the heap searching for a free block that is big enough, ++ * beginning with the lowest free block. ++ */ ++ for (ptr = (u8_t *)lfree - ram; ptr < MEM_SIZE_ALIGNED - size; ++ ptr = ((struct mem *)&ram[ptr])->next) { ++ mem = (struct mem *)&ram[ptr]; ++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT ++ mem_free_count = 0; ++ LWIP_MEM_ALLOC_UNPROTECT(); ++ /* allow mem_free to run */ ++ LWIP_MEM_ALLOC_PROTECT(); ++ if (mem_free_count != 0) { ++ local_mem_free_count = mem_free_count; ++ } ++ mem_free_count = 0; ++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ + +- /* Scan through the heap searching for a free block that is big enough, +- * beginning with the lowest free block. +- */ +- for (ptr = (u8_t *)lfree - ram; ptr < MEM_SIZE_ALIGNED - size; +- ptr = ((struct mem *)&ram[ptr])->next) { +- mem = (struct mem *)&ram[ptr]; +- +- if ((!mem->used) && +- (mem->next - (ptr + SIZEOF_STRUCT_MEM)) >= size) { +- /* mem is not used and at least perfect fit is possible: +- * mem->next - (ptr + SIZEOF_STRUCT_MEM) gives us the 'user data size' of mem */ +- +- if (mem->next - (ptr + SIZEOF_STRUCT_MEM) >= (size + SIZEOF_STRUCT_MEM + MIN_SIZE_ALIGNED)) { +- /* (in addition to the above, we test if another struct mem (SIZEOF_STRUCT_MEM) containing +- * at least MIN_SIZE_ALIGNED of data also fits in the 'user data space' of 'mem') +- * -> split large block, create empty remainder, +- * remainder must be large enough to contain MIN_SIZE_ALIGNED data: if +- * mem->next - (ptr + (2*SIZEOF_STRUCT_MEM)) == size, +- * struct mem would fit in but no data between mem2 and mem2->next +- * @todo we could leave out MIN_SIZE_ALIGNED. We would create an empty +- * region that couldn't hold data, but when mem->next gets freed, +- * the 2 regions would be combined, resulting in more free memory +- */ +- ptr2 = ptr + SIZEOF_STRUCT_MEM + size; +- /* create mem2 struct */ +- mem2 = (struct mem *)&ram[ptr2]; +- mem2->used = 0; +- mem2->next = mem->next; +- mem2->prev = ptr; +- /* and insert it between mem and mem->next */ +- mem->next = ptr2; +- mem->used = 1; +- +- if (mem2->next != MEM_SIZE_ALIGNED) { +- ((struct mem *)&ram[mem2->next])->prev = ptr2; +- } +-#if MEM_STATS +- lwip_stats.mem.used += (size + SIZEOF_STRUCT_MEM); +- if (lwip_stats.mem.max < lwip_stats.mem.used) { +- lwip_stats.mem.max = lwip_stats.mem.used; ++ if ((!mem->used) && ++ (mem->next - (ptr + SIZEOF_STRUCT_MEM)) >= size) { ++ /* mem is not used and at least perfect fit is possible: ++ * mem->next - (ptr + SIZEOF_STRUCT_MEM) gives us the 'user data size' of mem */ ++ ++ if (mem->next - (ptr + SIZEOF_STRUCT_MEM) >= (size + SIZEOF_STRUCT_MEM + MIN_SIZE_ALIGNED)) { ++ /* (in addition to the above, we test if another struct mem (SIZEOF_STRUCT_MEM) containing ++ * at least MIN_SIZE_ALIGNED of data also fits in the 'user data space' of 'mem') ++ * -> split large block, create empty remainder, ++ * remainder must be large enough to contain MIN_SIZE_ALIGNED data: if ++ * mem->next - (ptr + (2*SIZEOF_STRUCT_MEM)) == size, ++ * struct mem would fit in but no data between mem2 and mem2->next ++ * @todo we could leave out MIN_SIZE_ALIGNED. We would create an empty ++ * region that couldn't hold data, but when mem->next gets freed, ++ * the 2 regions would be combined, resulting in more free memory ++ */ ++ ptr2 = ptr + SIZEOF_STRUCT_MEM + size; ++ /* create mem2 struct */ ++ mem2 = (struct mem *)&ram[ptr2]; ++ mem2->used = 0; ++ mem2->next = mem->next; ++ mem2->prev = ptr; ++ /* and insert it between mem and mem->next */ ++ mem->next = ptr2; ++ mem->used = 1; ++ ++ if (mem2->next != MEM_SIZE_ALIGNED) { ++ ((struct mem *)&ram[mem2->next])->prev = ptr2; ++ } ++ MEM_STATS_INC_USED(used, (size + SIZEOF_STRUCT_MEM)); ++ } else { ++ /* (a mem2 struct does no fit into the user data space of mem and mem->next will always ++ * be used at this point: if not we have 2 unused structs in a row, plug_holes should have ++ * take care of this). ++ * -> near fit or excact fit: do not split, no mem2 creation ++ * also can't move mem->next directly behind mem, since mem->next ++ * will always be used at this point! ++ */ ++ mem->used = 1; ++ MEM_STATS_INC_USED(used, mem->next - ((u8_t *)mem - ram)); + } +-#endif /* MEM_STATS */ +- } else { +- /* (a mem2 struct does no fit into the user data space of mem and mem->next will always +- * be used at this point: if not we have 2 unused structs in a row, plug_holes should have +- * take care of this). +- * -> near fit or excact fit: do not split, no mem2 creation +- * also can't move mem->next directly behind mem, since mem->next +- * will always be used at this point! +- */ +- mem->used = 1; +-#if MEM_STATS +- lwip_stats.mem.used += mem->next - ((u8_t *)mem - ram); +- if (lwip_stats.mem.max < lwip_stats.mem.used) { +- lwip_stats.mem.max = lwip_stats.mem.used; +- } +-#endif /* MEM_STATS */ +- } + +- if (mem == lfree) { +- /* Find next free block after mem and update lowest free pointer */ +- while (lfree->used && lfree != ram_end) { +- lfree = (struct mem *)&ram[lfree->next]; ++ if (mem == lfree) { ++ /* Find next free block after mem and update lowest free pointer */ ++ while (lfree->used && lfree != ram_end) { ++ LWIP_MEM_ALLOC_UNPROTECT(); ++ /* prevent high interrupt latency... */ ++ LWIP_MEM_ALLOC_PROTECT(); ++ lfree = (struct mem *)&ram[lfree->next]; ++ } ++ LWIP_ASSERT("mem_malloc: !lfree->used", ((lfree == ram_end) || (!lfree->used))); + } +- LWIP_ASSERT("mem_malloc: !lfree->used", ((lfree == ram_end) || (!lfree->used))); +- } +- sys_sem_signal(mem_sem); +- LWIP_ASSERT("mem_malloc: allocated memory not above ram_end.", +- (mem_ptr_t)mem + SIZEOF_STRUCT_MEM + size <= (mem_ptr_t)ram_end); +- LWIP_ASSERT("mem_malloc: allocated memory properly aligned.", +- (unsigned long)((u8_t *)mem + SIZEOF_STRUCT_MEM) % MEM_ALIGNMENT == 0); +- LWIP_ASSERT("mem_malloc: sanity check alignment", +- (((mem_ptr_t)mem) & (MEM_ALIGNMENT-1)) == 0); ++ LWIP_MEM_ALLOC_UNPROTECT(); ++ sys_sem_signal(mem_sem); ++ LWIP_ASSERT("mem_malloc: allocated memory not above ram_end.", ++ (mem_ptr_t)mem + SIZEOF_STRUCT_MEM + size <= (mem_ptr_t)ram_end); ++ LWIP_ASSERT("mem_malloc: allocated memory properly aligned.", ++ (unsigned long)((u8_t *)mem + SIZEOF_STRUCT_MEM) % MEM_ALIGNMENT == 0); ++ LWIP_ASSERT("mem_malloc: sanity check alignment", ++ (((mem_ptr_t)mem) & (MEM_ALIGNMENT-1)) == 0); + +- return (u8_t *)mem + SIZEOF_STRUCT_MEM; ++ return (u8_t *)mem + SIZEOF_STRUCT_MEM; ++ } + } +- } ++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT ++ /* if we got interrupted by a mem_free, try again */ ++ } while(local_mem_free_count != 0); ++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */ + LWIP_DEBUGF(MEM_DEBUG | 2, ("mem_malloc: could not allocate %"S16_F" bytes\n", (s16_t)size)); +-#if MEM_STATS +- ++lwip_stats.mem.err; +-#endif /* MEM_STATS */ ++ MEM_STATS_INC(err); ++ LWIP_MEM_ALLOC_UNPROTECT(); + sys_sem_signal(mem_sem); + return NULL; + } +Index: src/core/memp.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/memp.c,v +retrieving revision 1.55 +retrieving revision 1.56 +diff -u -p -r1.55 -r1.56 +--- a/src/core/memp.c 25 Nov 2007 10:43:28 -0000 1.55 ++++ b/src/core/memp.c 27 Jun 2008 18:37:54 -0000 1.56 +@@ -252,13 +252,12 @@ memp_init(void) + struct memp *memp; + u16_t i, j; + +-#if MEMP_STATS + for (i = 0; i < MEMP_MAX; ++i) { +- lwip_stats.memp[i].used = lwip_stats.memp[i].max = +- lwip_stats.memp[i].err = 0; +- lwip_stats.memp[i].avail = memp_num[i]; ++ MEMP_STATS_AVAIL(used, i, 0); ++ MEMP_STATS_AVAIL(max, i, 0); ++ MEMP_STATS_AVAIL(err, i, 0); ++ MEMP_STATS_AVAIL(avail, i, memp_num[i]); + } +-#endif /* MEMP_STATS */ + + memp = LWIP_MEM_ALIGN(memp_memory); + /* for every pool: */ +@@ -315,20 +314,13 @@ memp_malloc_fn(memp_t type, const char* + memp->file = file; + memp->line = line; + #endif /* MEMP_OVERFLOW_CHECK */ +-#if MEMP_STATS +- ++lwip_stats.memp[type].used; +- if (lwip_stats.memp[type].used > lwip_stats.memp[type].max) { +- lwip_stats.memp[type].max = lwip_stats.memp[type].used; +- } +-#endif /* MEMP_STATS */ ++ MEMP_STATS_INC_USED(used, type); + LWIP_ASSERT("memp_malloc: memp properly aligned", + ((mem_ptr_t)memp % MEM_ALIGNMENT) == 0); + memp = (struct memp*)((u8_t*)memp + MEMP_SIZE); + } else { + LWIP_DEBUGF(MEMP_DEBUG | 2, ("memp_malloc: out of memory in pool %s\n", memp_desc[type])); +-#if MEMP_STATS +- ++lwip_stats.memp[type].err; +-#endif /* MEMP_STATS */ ++ MEMP_STATS_INC(err, type); + } + + SYS_ARCH_UNPROTECT(old_level); +@@ -365,9 +357,7 @@ memp_free(memp_t type, void *mem) + #endif /* MEMP_OVERFLOW_CHECK >= 2 */ + #endif /* MEMP_OVERFLOW_CHECK */ + +-#if MEMP_STATS +- lwip_stats.memp[type].used--; +-#endif /* MEMP_STATS */ ++ MEMP_STATS_DEC(used, type); + + memp->next = memp_tab[type]; + memp_tab[type] = memp; +Index: src/core/netif.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/netif.c,v +retrieving revision 1.65 +retrieving revision 1.68 +diff -u -p -r1.65 -r1.68 +--- a/src/core/netif.c 9 Oct 2007 20:00:55 -0000 1.65 ++++ b/src/core/netif.c 19 Jun 2008 16:27:18 -0000 1.68 +@@ -45,6 +45,12 @@ + #include "lwip/snmp.h" + #include "lwip/igmp.h" + #include "netif/etharp.h" ++#if ENABLE_LOOPBACK ++#include "lwip/sys.h" ++#if LWIP_NETIF_LOOPBACK_MULTITHREADING ++#include "lwip/tcpip.h" ++#endif /* LWIP_NETIF_LOOPBACK_MULTITHREADING */ ++#endif /* ENABLE_LOOPBACK */ + + #if LWIP_NETIF_STATUS_CALLBACK + #define NETIF_STATUS_CALLBACK(n) { if (n->status_callback) (n->status_callback)(n); } +@@ -106,6 +112,10 @@ netif_add(struct netif *netif, struct ip + #if LWIP_IGMP + netif->igmp_mac_filter = NULL; + #endif /* LWIP_IGMP */ ++#if ENABLE_LOOPBACK ++ netif->loop_first = NULL; ++ netif->loop_last = NULL; ++#endif /* ENABLE_LOOPBACK */ + + /* remember netif specific state information data */ + netif->state = state; +@@ -114,6 +124,9 @@ netif_add(struct netif *netif, struct ip + #if LWIP_NETIF_HWADDRHINT + netif->addr_hint = NULL; + #endif /* LWIP_NETIF_HWADDRHINT*/ ++#if ENABLE_LOOPBACK && LWIP_LOOPBACK_MAX_PBUFS ++ netif->loop_cnt_current = 0; ++#endif /* ENABLE_LOOPBACK && LWIP_LOOPBACK_MAX_PBUFS */ + + netif_set_addr(netif, ipaddr, netmask, gw); + +@@ -493,7 +506,158 @@ u8_t netif_is_link_up(struct netif *neti + */ + void netif_set_link_callback(struct netif *netif, void (* link_callback)(struct netif *netif )) + { +- if ( netif ) +- netif->link_callback = link_callback; ++ if (netif) { ++ netif->link_callback = link_callback; ++ } + } + #endif /* LWIP_NETIF_LINK_CALLBACK */ ++ ++#if ENABLE_LOOPBACK ++/** ++ * Send an IP packet to be received on the same netif (loopif-like). ++ * The pbuf is simply copied and handed back to netif->input. ++ * In multithreaded mode, this is done directly since netif->input must put ++ * the packet on a queue. ++ * In callback mode, the packet is put on an internal queue and is fed to ++ * netif->input by netif_poll(). ++ * ++ * @param netif the lwip network interface structure ++ * @param p the (IP) packet to 'send' ++ * @param ipaddr the ip address to send the packet to (not used) ++ * @return ERR_OK if the packet has been sent ++ * ERR_MEM if the pbuf used to copy the packet couldn't be allocated ++ */ ++err_t ++netif_loop_output(struct netif *netif, struct pbuf *p, ++ struct ip_addr *ipaddr) ++{ ++ struct pbuf *r; ++ err_t err; ++ struct pbuf *last; ++#if LWIP_LOOPBACK_MAX_PBUFS ++ u8_t clen = 0; ++#endif /* LWIP_LOOPBACK_MAX_PBUFS */ ++ SYS_ARCH_DECL_PROTECT(lev); ++ LWIP_UNUSED_ARG(ipaddr); ++ ++ /* Allocate a new pbuf */ ++ r = pbuf_alloc(PBUF_LINK, p->tot_len, PBUF_RAM); ++ if (r == NULL) { ++ return ERR_MEM; ++ } ++#if LWIP_LOOPBACK_MAX_PBUFS ++ clen = pbuf_clen(r); ++ /* check for overflow or too many pbuf on queue */ ++ if(((netif->loop_cnt_current + clen) < netif->loop_cnt_current) || ++ ((netif->loop_cnt_current + clen) > LWIP_LOOPBACK_MAX_PBUFS)) { ++ pbuf_free(r); ++ r = NULL; ++ return ERR_MEM; ++ } ++ netif->loop_cnt_current += clen; ++#endif /* LWIP_LOOPBACK_MAX_PBUFS */ ++ ++ /* Copy the whole pbuf queue p into the single pbuf r */ ++ if ((err = pbuf_copy(r, p)) != ERR_OK) { ++ pbuf_free(r); ++ r = NULL; ++ return err; ++ } ++ ++ /* Put the packet on a linked list which gets emptied through calling ++ netif_poll(). */ ++ ++ /* let last point to the last pbuf in chain r */ ++ for (last = r; last->next != NULL; last = last->next); ++ ++ SYS_ARCH_PROTECT(lev); ++ if(netif->loop_first != NULL) { ++ LWIP_ASSERT("if first != NULL, last must also be != NULL", netif->loop_last != NULL); ++ netif->loop_last->next = r; ++ netif->loop_last = last; ++ } else { ++ netif->loop_first = r; ++ netif->loop_last = last; ++ } ++ SYS_ARCH_UNPROTECT(lev); ++ ++#if LWIP_NETIF_LOOPBACK_MULTITHREADING ++ /* For multithreading environment, schedule a call to netif_poll */ ++ tcpip_callback(netif_poll, netif); ++#endif /* LWIP_NETIF_LOOPBACK_MULTITHREADING */ ++ ++ return ERR_OK; ++} ++ ++/** ++ * Call netif_poll() in the main loop of your application. This is to prevent ++ * reentering non-reentrant functions like tcp_input(). Packets passed to ++ * netif_loop_output() are put on a list that is passed to netif->input() by ++ * netif_poll(). ++ */ ++void ++netif_poll(struct netif *netif) ++{ ++ struct pbuf *in; ++ SYS_ARCH_DECL_PROTECT(lev); ++ ++ do { ++ /* Get a packet from the list. With SYS_LIGHTWEIGHT_PROT=1, this is protected */ ++ SYS_ARCH_PROTECT(lev); ++ in = netif->loop_first; ++ if(in != NULL) { ++ struct pbuf *in_end = in; ++#if LWIP_LOOPBACK_MAX_PBUFS ++ u8_t clen = pbuf_clen(in); ++ /* adjust the number of pbufs on queue */ ++ LWIP_ASSERT("netif->loop_cnt_current underflow", ++ ((netif->loop_cnt_current - clen) < netif->loop_cnt_current)); ++ netif->loop_cnt_current -= clen; ++#endif /* LWIP_LOOPBACK_MAX_PBUFS */ ++ while(in_end->len != in_end->tot_len) { ++ LWIP_ASSERT("bogus pbuf: len != tot_len but next == NULL!", in_end->next != NULL); ++ in_end = in_end->next; ++ } ++ /* 'in_end' now points to the last pbuf from 'in' */ ++ if(in_end == netif->loop_last) { ++ /* this was the last pbuf in the list */ ++ netif->loop_first = netif->loop_last = NULL; ++ } else { ++ /* pop the pbuf off the list */ ++ netif->loop_first = in_end->next; ++ LWIP_ASSERT("should not be null since first != last!", netif->loop_first != NULL); ++ } ++ /* De-queue the pbuf from its successors on the 'loop_' list. */ ++ in_end->next = NULL; ++ } ++ SYS_ARCH_UNPROTECT(lev); ++ ++ if(in != NULL) { ++ /* loopback packets are always IP packets! */ ++ if(ip_input(in, netif) != ERR_OK) { ++ pbuf_free(in); ++ } ++ /* Don't reference the packet any more! */ ++ in = NULL; ++ } ++ /* go on while there is a packet on the list */ ++ } while(netif->loop_first != NULL); ++} ++ ++#if !LWIP_NETIF_LOOPBACK_MULTITHREADING ++/** ++ * Calls netif_poll() for every netif on the netif_list. ++ */ ++void ++netif_poll_all(void) ++{ ++ struct netif *netif = netif_list; ++ /* loop through netifs */ ++ while (netif != NULL) { ++ netif_poll(netif); ++ /* proceed to next network interface */ ++ netif = netif->next; ++ } ++} ++#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */ ++#endif /* ENABLE_LOOPBACK */ +Index: src/core/pbuf.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/pbuf.c,v +retrieving revision 1.127 +retrieving revision 1.128 +diff -u -p -r1.127 -r1.128 +--- a/src/core/pbuf.c 4 Mar 2008 16:37:46 -0000 1.127 ++++ b/src/core/pbuf.c 1 Apr 2008 19:05:40 -0000 1.128 +@@ -667,8 +667,8 @@ pbuf_dechain(struct pbuf *p) + * + * @note Only one packet is copied, no packet queue! + * +- * @param p_to pbuf source of the copy +- * @param p_from pbuf destination of the copy ++ * @param p_to pbuf destination of the copy ++ * @param p_from pbuf source of the copy + * + * @return ERR_OK if pbuf was copied + * ERR_ARG if one of the pbufs is NULL or p_to is not big +Index: src/core/stats.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/stats.c,v +retrieving revision 1.27 +retrieving revision 1.28 +diff -u -p -r1.27 -r1.28 +--- a/src/core/stats.c 4 Mar 2008 16:31:32 -0000 1.27 ++++ b/src/core/stats.c 27 Jun 2008 18:37:54 -0000 1.28 +@@ -54,7 +54,6 @@ stats_display_proto(struct stats_proto * + { + LWIP_PLATFORM_DIAG(("\n%s\n\t", name)); + LWIP_PLATFORM_DIAG(("xmit: %"STAT_COUNTER_F"\n\t", proto->xmit)); +- LWIP_PLATFORM_DIAG(("rexmit: %"STAT_COUNTER_F"\n\t", proto->rexmit)); + LWIP_PLATFORM_DIAG(("recv: %"STAT_COUNTER_F"\n\t", proto->recv)); + LWIP_PLATFORM_DIAG(("fw: %"STAT_COUNTER_F"\n\t", proto->fw)); + LWIP_PLATFORM_DIAG(("drop: %"STAT_COUNTER_F"\n\t", proto->drop)); +@@ -68,6 +67,7 @@ stats_display_proto(struct stats_proto * + LWIP_PLATFORM_DIAG(("cachehit: %"STAT_COUNTER_F"\n", proto->cachehit)); + } + ++#if IGMP_STATS + void + stats_display_igmp(struct stats_igmp *igmp) + { +@@ -82,7 +82,9 @@ stats_display_igmp(struct stats_igmp *ig + LWIP_PLATFORM_DIAG(("report_rxed: %"STAT_COUNTER_F"\n\t", igmp->report_rxed)); + LWIP_PLATFORM_DIAG(("group_query_rxed: %"STAT_COUNTER_F"\n", igmp->group_query_rxed)); + } ++#endif /* IGMP_STATS */ + ++#if MEM_STATS || MEMP_STATS + void + stats_display_mem(struct stats_mem *mem, char *name) + { +@@ -93,48 +95,53 @@ stats_display_mem(struct stats_mem *mem, + LWIP_PLATFORM_DIAG(("err: %"U32_F"\n", (u32_t)mem->err)); + } + ++#if MEMP_STATS + void +-stats_display(void) ++stats_display_memp(struct stats_mem *mem, int index) + { +-#if MEMP_STATS +- s16_t i; + char * memp_names[] = { + #define LWIP_MEMPOOL(name,num,size,desc) desc, + #include "lwip/memp_std.h" + }; +-#endif +-#if LINK_STATS +- stats_display_proto(&lwip_stats.link, "LINK"); +-#endif +-#if ETHARP_STATS +- stats_display_proto(&lwip_stats.etharp, "ETHARP"); +-#endif +-#if IPFRAG_STATS +- stats_display_proto(&lwip_stats.ip_frag, "IP_FRAG"); +-#endif +-#if IP_STATS +- stats_display_proto(&lwip_stats.ip, "IP"); +-#endif +-#if ICMP_STATS +- stats_display_proto(&lwip_stats.icmp, "ICMP"); +-#endif +-#if IGMP_STATS +- stats_display_igmp(&lwip_stats.igmp); +-#endif +-#if UDP_STATS +- stats_display_proto(&lwip_stats.udp, "UDP"); +-#endif +-#if TCP_STATS +- stats_display_proto(&lwip_stats.tcp, "TCP"); +-#endif +-#if MEM_STATS +- stats_display_mem(&lwip_stats.mem, "HEAP"); +-#endif +-#if MEMP_STATS ++ if(index < MEMP_MAX) { ++ stats_display_mem(mem, memp_names[index]); ++ } ++} ++#endif /* MEMP_STATS */ ++#endif /* MEM_STATS || MEMP_STATS */ ++ ++#if SYS_STATS ++void ++stats_display_sys(struct stats_sys *sys) ++{ ++ LWIP_PLATFORM_DIAG(("\nSYS\n\t")); ++ LWIP_PLATFORM_DIAG(("sem.used: %"U32_F"\n\t", (u32_t)sys->sem.used)); ++ LWIP_PLATFORM_DIAG(("sem.max: %"U32_F"\n\t", (u32_t)sys->sem.max)); ++ LWIP_PLATFORM_DIAG(("sem.err: %"U32_F"\n\t", (u32_t)sys->sem.err)); ++ LWIP_PLATFORM_DIAG(("mbox.used: %"U32_F"\n\t", (u32_t)sys->mbox.used)); ++ LWIP_PLATFORM_DIAG(("mbox.max: %"U32_F"\n\t", (u32_t)sys->mbox.max)); ++ LWIP_PLATFORM_DIAG(("mbox.err: %"U32_F"\n\t", (u32_t)sys->mbox.err)); ++} ++#endif /* SYS_STATS */ ++ ++void ++stats_display(void) ++{ ++ s16_t i; ++ ++ LINK_STATS_DISPLAY(); ++ ETHARP_STATS_DISPLAY(); ++ IPFRAG_STATS_DISPLAY(); ++ IP_STATS_DISPLAY(); ++ IGMP_STATS_DISPLAY(); ++ ICMP_STATS_DISPLAY(); ++ UDP_STATS_DISPLAY(); ++ TCP_STATS_DISPLAY(); ++ MEM_STATS_DISPLAY(); + for (i = 0; i < MEMP_MAX; i++) { +- stats_display_mem(&lwip_stats.memp[i], memp_names[i]); ++ MEMP_STATS_DISPLAY(i); + } +-#endif ++ SYS_STATS_DISPLAY(); + } + #endif /* LWIP_STATS_DISPLAY */ + +Index: src/core/sys.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/sys.c,v +retrieving revision 1.32 +retrieving revision 1.33 +diff -u -p -r1.32 -r1.33 +--- a/src/core/sys.c 25 Nov 2007 13:57:05 -0000 1.32 ++++ b/src/core/sys.c 16 Jul 2008 20:36:12 -0000 1.33 +@@ -65,7 +65,7 @@ struct sswt_cb + void + sys_mbox_fetch(sys_mbox_t mbox, void **msg) + { +- u32_t time; ++ u32_t time_needed; + struct sys_timeouts *timeouts; + struct sys_timeo *tmptimeout; + sys_timeout_handler h; +@@ -76,18 +76,18 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m + + if (!timeouts || !timeouts->next) { + UNLOCK_TCPIP_CORE(); +- time = sys_arch_mbox_fetch(mbox, msg, 0); ++ time_needed = sys_arch_mbox_fetch(mbox, msg, 0); + LOCK_TCPIP_CORE(); + } else { + if (timeouts->next->time > 0) { + UNLOCK_TCPIP_CORE(); +- time = sys_arch_mbox_fetch(mbox, msg, timeouts->next->time); ++ time_needed = sys_arch_mbox_fetch(mbox, msg, timeouts->next->time); + LOCK_TCPIP_CORE(); + } else { +- time = SYS_ARCH_TIMEOUT; ++ time_needed = SYS_ARCH_TIMEOUT; + } + +- if (time == SYS_ARCH_TIMEOUT) { ++ if (time_needed == SYS_ARCH_TIMEOUT) { + /* If time == SYS_ARCH_TIMEOUT, a timeout occured before a message + could be fetched. We should now call the timeout handler and + deallocate the memory allocated for the timeout. */ +@@ -107,8 +107,8 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m + /* If time != SYS_ARCH_TIMEOUT, a message was received before the timeout + occured. The time variable is set to the number of + milliseconds we waited for the message. */ +- if (time < timeouts->next->time) { +- timeouts->next->time -= time; ++ if (time_needed < timeouts->next->time) { ++ timeouts->next->time -= time_needed; + } else { + timeouts->next->time = 0; + } +@@ -125,7 +125,7 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m + void + sys_sem_wait(sys_sem_t sem) + { +- u32_t time; ++ u32_t time_needed; + struct sys_timeouts *timeouts; + struct sys_timeo *tmptimeout; + sys_timeout_handler h; +@@ -139,12 +139,12 @@ sys_sem_wait(sys_sem_t sem) + sys_arch_sem_wait(sem, 0); + } else { + if (timeouts->next->time > 0) { +- time = sys_arch_sem_wait(sem, timeouts->next->time); ++ time_needed = sys_arch_sem_wait(sem, timeouts->next->time); + } else { +- time = SYS_ARCH_TIMEOUT; ++ time_needed = SYS_ARCH_TIMEOUT; + } + +- if (time == SYS_ARCH_TIMEOUT) { ++ if (time_needed == SYS_ARCH_TIMEOUT) { + /* If time == SYS_ARCH_TIMEOUT, a timeout occured before a message + could be fetched. We should now call the timeout handler and + deallocate the memory allocated for the timeout. */ +@@ -164,8 +164,8 @@ sys_sem_wait(sys_sem_t sem) + /* If time != SYS_ARCH_TIMEOUT, a message was received before the timeout + occured. The time variable is set to the number of + milliseconds we waited for the message. */ +- if (time < timeouts->next->time) { +- timeouts->next->time -= time; ++ if (time_needed < timeouts->next->time) { ++ timeouts->next->time -= time_needed; + } else { + timeouts->next->time = 0; + } +Index: src/core/tcp.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/tcp.c,v +retrieving revision 1.85 +retrieving revision 1.86 +diff -u -p -r1.85 -r1.86 +--- a/src/core/tcp.c 22 Jan 2008 21:15:15 -0000 1.85 ++++ b/src/core/tcp.c 26 Mar 2008 11:57:13 -0000 1.86 +@@ -509,7 +509,8 @@ tcp_connect(struct tcp_pcb *pcb, struct + pcb->rcv_wnd = TCP_WND; + pcb->rcv_ann_wnd = TCP_WND; + pcb->snd_wnd = TCP_WND; +- /* The send MSS is updated when an MSS option is received. */ ++ /* As initial send MSS, we use TCP_MSS but limit it to 536. ++ The send MSS is updated when an MSS option is received. */ + pcb->mss = (TCP_MSS > 536) ? 536 : TCP_MSS; + #if TCP_CALCULATE_EFF_SEND_MSS + pcb->mss = tcp_eff_send_mss(pcb->mss, ipaddr); +@@ -991,7 +992,8 @@ tcp_alloc(u8_t prio) + pcb->rcv_ann_wnd = TCP_WND; + pcb->tos = 0; + pcb->ttl = TCP_TTL; +- /* The send MSS is updated when an MSS option is received. */ ++ /* As initial send MSS, we use TCP_MSS but limit it to 536. ++ The send MSS is updated when an MSS option is received. */ + pcb->mss = (TCP_MSS > 536) ? 536 : TCP_MSS; + pcb->rto = 3000 / TCP_SLOW_INTERVAL; + pcb->sa = 0; +Index: src/core/tcp_in.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/tcp_in.c,v +retrieving revision 1.97 +retrieving revision 1.100 +diff -u -p -r1.97 -r1.100 +--- a/src/core/tcp_in.c 22 Jan 2008 21:15:15 -0000 1.97 ++++ b/src/core/tcp_in.c 24 Jun 2008 15:46:39 -0000 1.100 +@@ -511,7 +511,7 @@ tcp_process(struct tcp_pcb *pcb) + } + } else { + if (TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt, +- pcb->rcv_nxt+pcb->rcv_ann_wnd)) { ++ pcb->rcv_nxt+pcb->rcv_wnd)) { + acceptable = 1; + } + } +@@ -1038,7 +1038,7 @@ tcp_receive(struct tcp_pcb *pcb) + and below rcv_nxt + rcv_wnd) in order to be further + processed. */ + if (TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt, +- pcb->rcv_nxt + pcb->rcv_ann_wnd - 1)){ ++ pcb->rcv_nxt + pcb->rcv_wnd - 1)){ + if (pcb->rcv_nxt == seqno) { + accepted_inseq = 1; + /* The incoming segment is the next in sequence. We check if +@@ -1195,14 +1195,14 @@ tcp_receive(struct tcp_pcb *pcb) + } else { + pcb->ooseq = cseg; + } +- } +- tcp_seg_free(next); +- if (cseg->next != NULL) { +- next = cseg->next; +- if (TCP_SEQ_GT(seqno + cseg->len, next->tcphdr->seqno)) { +- /* We need to trim the incoming segment. */ +- cseg->len = (u16_t)(next->tcphdr->seqno - seqno); +- pbuf_realloc(cseg->p, cseg->len); ++ tcp_seg_free(next); ++ if (cseg->next != NULL) { ++ next = cseg->next; ++ if (TCP_SEQ_GT(seqno + cseg->len, next->tcphdr->seqno)) { ++ /* We need to trim the incoming segment. */ ++ cseg->len = (u16_t)(next->tcphdr->seqno - seqno); ++ pbuf_realloc(cseg->p, cseg->len); ++ } + } + } + break; +@@ -1282,10 +1282,7 @@ tcp_receive(struct tcp_pcb *pcb) + + } + } else { +- if(!TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt, +- pcb->rcv_nxt + pcb->rcv_ann_wnd-1)){ +- tcp_ack_now(pcb); +- } ++ tcp_ack_now(pcb); + } + } else { + /* Segments with length 0 is taken care of here. Segments that +@@ -1331,7 +1328,8 @@ tcp_parseopt(struct tcp_pcb *pcb) + opts[c + 1] == 0x04) { + /* An MSS option with the right option length. */ + mss = (opts[c + 2] << 8) | opts[c + 3]; +- pcb->mss = mss > TCP_MSS? TCP_MSS: mss; ++ /* Limit the mss to the configured TCP_MSS and prevent division by zero */ ++ pcb->mss = ((mss > TCP_MSS) || (mss == 0)) ? TCP_MSS : mss; + + /* And we are done processing options. */ + break; +Index: src/core/ipv4/autoip.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/ipv4/autoip.c,v +retrieving revision 1.16 +retrieving revision 1.17 +diff -u -p -r1.16 -r1.17 +--- a/src/core/ipv4/autoip.c 26 Jan 2008 16:11:40 -0000 1.16 ++++ b/src/core/ipv4/autoip.c 17 Jun 2008 20:16:23 -0000 1.17 +@@ -395,8 +395,8 @@ autoip_arp_reply(struct netif *netif, st + /* Copy struct ip_addr2 to aligned ip_addr, to support compilers without + * structure packing (not using structure copy which breaks strict-aliasing rules). + */ +- MEMCPY(&sipaddr, &hdr->sipaddr, sizeof(sipaddr)); +- MEMCPY(&dipaddr, &hdr->dipaddr, sizeof(dipaddr)); ++ SMEMCPY(&sipaddr, &hdr->sipaddr, sizeof(sipaddr)); ++ SMEMCPY(&dipaddr, &hdr->dipaddr, sizeof(dipaddr)); + + if ((netif->autoip->state == AUTOIP_STATE_PROBING) || + ((netif->autoip->state == AUTOIP_STATE_ANNOUNCING) && +Index: src/core/ipv4/inet_chksum.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/ipv4/inet_chksum.c,v +retrieving revision 1.4 +retrieving revision 1.5 +diff -u -p -r1.4 -r1.5 +--- a/src/core/ipv4/inet_chksum.c 10 Mar 2008 16:12:31 -0000 1.4 ++++ b/src/core/ipv4/inet_chksum.c 17 Jun 2008 20:06:25 -0000 1.5 +@@ -41,8 +41,6 @@ + #include "lwip/inet_chksum.h" + #include "lwip/inet.h" + +-#include <string.h> +- + /* These are some reference implementations of the checksum algorithm, with the + * aim of being simple, correct and fully portable. Checksumming is the + * first thing you would want to optimize for your platform. If you create +@@ -65,6 +63,11 @@ + # define LWIP_CHKSUM_ALGORITHM 0 + #endif + ++/** Like the name says... */ ++#define SWAP_BYTES_IN_WORD(w) ((w & 0xff) << 8) | ((w & 0xff00) >> 8) ++/** Split an u32_t in two u16_ts and add them up */ ++#define FOLD_U32T(u) ((u >> 16) + (u & 0x0000ffffUL)) ++ + #if (LWIP_CHKSUM_ALGORITHM == 1) /* Version #1 */ + /** + * lwip checksum +@@ -86,8 +89,7 @@ lwip_standard_chksum(void *dataptr, u16_ + acc = 0; + /* dataptr may be at odd or even addresses */ + octetptr = (u8_t*)dataptr; +- while (len > 1) +- { ++ while (len > 1) { + /* declare first octet as most significant + thus assume network order, ignoring host order */ + src = (*octetptr) << 8; +@@ -98,8 +100,7 @@ lwip_standard_chksum(void *dataptr, u16_ + acc += src; + len -= 2; + } +- if (len > 0) +- { ++ if (len > 0) { + /* accumulate remaining octet */ + src = (*octetptr) << 8; + acc += src; +@@ -154,19 +155,22 @@ lwip_standard_chksum(void *dataptr, int + } + + /* Consume left-over byte, if any */ +- if (len > 0) ++ if (len > 0) { + ((u8_t *)&t)[0] = *(u8_t *)ps;; ++ } + + /* Add end bytes */ + sum += t; + +- /* Fold 32-bit sum to 16 bits */ +- while ((sum >> 16) != 0) +- sum = (sum & 0xffff) + (sum >> 16); ++ /* Fold 32-bit sum to 16 bits ++ calling this twice is propably faster than if statements... */ ++ sum = FOLD_U32T(sum); ++ sum = FOLD_U32T(sum); + + /* Swap if alignment was odd */ +- if (odd) +- sum = ((sum & 0xff) << 8) | ((sum & 0xff00) >> 8); ++ if (odd) { ++ sum = SWAP_BYTES_IN_WORD(sum); ++ } + + return sum; + } +@@ -211,18 +215,20 @@ lwip_standard_chksum(void *dataptr, int + + while (len > 7) { + tmp = sum + *pl++; /* ping */ +- if (tmp < sum) ++ if (tmp < sum) { + tmp++; /* add back carry */ ++ } + + sum = tmp + *pl++; /* pong */ +- if (sum < tmp) ++ if (sum < tmp) { + sum++; /* add back carry */ ++ } + + len -= 8; + } + + /* make room in upper bits */ +- sum = (sum >> 16) + (sum & 0xffff); ++ sum = FOLD_U32T(sum); + + ps = (u16_t *)pl; + +@@ -233,16 +239,20 @@ lwip_standard_chksum(void *dataptr, int + } + + /* dangling tail byte remaining? */ +- if (len > 0) /* include odd byte */ ++ if (len > 0) { /* include odd byte */ + ((u8_t *)&t)[0] = *(u8_t *)ps; ++ } + + sum += t; /* add end bytes */ + +- while ((sum >> 16) != 0) /* combine halves */ +- sum = (sum >> 16) + (sum & 0xffff); ++ /* Fold 32-bit sum to 16 bits ++ calling this twice is propably faster than if statements... */ ++ sum = FOLD_U32T(sum); ++ sum = FOLD_U32T(sum); + +- if (odd) +- sum = ((sum & 0xff) << 8) | ((sum & 0xff00) >> 8); ++ if (odd) { ++ sum = SWAP_BYTES_IN_WORD(sum); ++ } + + return sum; + } +@@ -277,18 +287,18 @@ inet_chksum_pseudo(struct pbuf *p, + (void *)q, (void *)q->next)); + acc += LWIP_CHKSUM(q->payload, q->len); + /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): unwrapped lwip_chksum()=%"X32_F" \n", acc));*/ +- while ((acc >> 16) != 0) { +- acc = (acc & 0xffffUL) + (acc >> 16); +- } ++ /* just executing this next line is probably faster that the if statement needed ++ to check whether we really need to execute it, and does no harm */ ++ acc = FOLD_U32T(acc); + if (q->len % 2 != 0) { + swapped = 1 - swapped; +- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); ++ acc = SWAP_BYTES_IN_WORD(acc); + } + /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): wrapped lwip_chksum()=%"X32_F" \n", acc));*/ + } + + if (swapped) { +- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); ++ acc = SWAP_BYTES_IN_WORD(acc); + } + acc += (src->addr & 0xffffUL); + acc += ((src->addr >> 16) & 0xffffUL); +@@ -297,9 +307,10 @@ inet_chksum_pseudo(struct pbuf *p, + acc += (u32_t)htons((u16_t)proto); + acc += (u32_t)htons(proto_len); + +- while ((acc >> 16) != 0) { +- acc = (acc & 0xffffUL) + (acc >> 16); +- } ++ /* Fold 32-bit sum to 16 bits ++ calling this twice is propably faster than if statements... */ ++ acc = FOLD_U32T(acc); ++ acc = FOLD_U32T(acc); + LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): pbuf chain lwip_chksum()=%"X32_F"\n", acc)); + return (u16_t)~(acc & 0xffffUL); + } +@@ -340,18 +351,17 @@ inet_chksum_pseudo_partial(struct pbuf * + chksum_len -= chklen; + LWIP_ASSERT("delete me", chksum_len < 0x7fff); + /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): unwrapped lwip_chksum()=%"X32_F" \n", acc));*/ +- while ((acc >> 16) != 0) { +- acc = (acc & 0xffffUL) + (acc >> 16); +- } ++ /* fold the upper bit down */ ++ acc = FOLD_U32T(acc); + if (q->len % 2 != 0) { + swapped = 1 - swapped; +- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); ++ acc = SWAP_BYTES_IN_WORD(acc); + } + /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): wrapped lwip_chksum()=%"X32_F" \n", acc));*/ + } + + if (swapped) { +- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8); ++ acc = SWAP_BYTES_IN_WORD(acc); + } + acc += (src->addr & 0xffffUL); + acc += ((src->addr >> 16) & 0xffffUL); +@@ -360,9 +370,10 @@ inet_chksum_pseudo_partial(struct pbuf * + acc += (u32_t)htons((u16_t)proto); + acc += (u32_t)htons(proto_len); + +- while ((acc >> 16) != 0) { +- acc = (acc & 0xffffUL) + (acc >> 16); +- } ++ /* Fold 32-bit sum to 16 bits ++ calling this twice is propably faster than if statements... */ ++ acc = FOLD_U32T(acc); ++ acc = FOLD_U32T(acc); + LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): pbuf chain lwip_chksum()=%"X32_F"\n", acc)); + return (u16_t)~(acc & 0xffffUL); + } +@@ -380,13 +391,7 @@ inet_chksum_pseudo_partial(struct pbuf * + u16_t + inet_chksum(void *dataptr, u16_t len) + { +- u32_t acc; +- +- acc = LWIP_CHKSUM(dataptr, len); +- while ((acc >> 16) != 0) { +- acc = (acc & 0xffff) + (acc >> 16); +- } +- return (u16_t)~(acc & 0xffff); ++ return ~LWIP_CHKSUM(dataptr, len); + } + + /** +@@ -407,17 +412,15 @@ inet_chksum_pbuf(struct pbuf *p) + swapped = 0; + for(q = p; q != NULL; q = q->next) { + acc += LWIP_CHKSUM(q->payload, q->len); +- while ((acc >> 16) != 0) { +- acc = (acc & 0xffffUL) + (acc >> 16); +- } ++ acc = FOLD_U32T(acc); + if (q->len % 2 != 0) { + swapped = 1 - swapped; +- acc = (acc & 0x00ffUL << 8) | (acc & 0xff00UL >> 8); ++ acc = SWAP_BYTES_IN_WORD(acc); + } + } + + if (swapped) { +- acc = ((acc & 0x00ffUL) << 8) | ((acc & 0xff00UL) >> 8); ++ acc = SWAP_BYTES_IN_WORD(acc); + } + return (u16_t)~(acc & 0xffffUL); + } +Index: src/core/ipv4/ip.c +=================================================================== +RCS file: /sources/lwip/lwip/src/core/ipv4/ip.c,v +retrieving revision 1.66 +retrieving revision 1.68 +diff -u -p -r1.66 -r1.68 +--- a/src/core/ipv4/ip.c 14 Jan 2008 20:53:23 -0000 1.66 ++++ b/src/core/ipv4/ip.c 17 Jun 2008 19:39:22 -0000 1.68 +@@ -531,9 +531,19 @@ ip_output_if(struct pbuf *p, struct ip_a + LWIP_DEBUGF(IP_DEBUG, ("ip_output_if: %c%c%"U16_F"\n", netif->name[0], netif->name[1], netif->num)); + ip_debug_print(p); + +- LWIP_DEBUGF(IP_DEBUG, ("netif->output()")); ++#if (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF) ++ if (ip_addr_cmp(dest, &netif->ip_addr)) { ++ /* Packet to self, enqueue it for loopback */ ++ LWIP_DEBUGF(IP_DEBUG, ("netif_loop_output()")); ++ ++ return netif_loop_output(netif, p, dest); ++ } else ++#endif /* (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF) */ ++ { ++ LWIP_DEBUGF(IP_DEBUG, ("netif->output()")); + +- return netif->output(netif, p, dest); ++ return netif->output(netif, p, dest); ++ } + } + + /** +Index: src/include/lwip/debug.h +=================================================================== +RCS file: /sources/lwip/lwip/src/include/lwip/debug.h,v +retrieving revision 1.37 +retrieving revision 1.39 +diff -u -p -r1.37 -r1.39 +--- a/src/include/lwip/debug.h 22 Sep 2007 11:16:07 -0000 1.37 ++++ b/src/include/lwip/debug.h 16 Jul 2008 20:36:22 -0000 1.39 +@@ -61,26 +61,28 @@ + #define LWIP_DBG_HALT 0x08U + + #ifndef LWIP_NOASSERT +-#define LWIP_ASSERT(x,y) do { if(!(y)) LWIP_PLATFORM_ASSERT(x); } while(0) ++#define LWIP_ASSERT(message, assertion) do { if(!(assertion)) \ ++ LWIP_PLATFORM_ASSERT(message); } while(0) + #else /* LWIP_NOASSERT */ +-#define LWIP_ASSERT(x,y) ++#define LWIP_ASSERT(message, assertion) + #endif /* LWIP_NOASSERT */ + +-/** print "m" message only if "e" is true, and execute "h" expression */ ++/** if "expression" isn't true, then print "message" and execute "handler" expression */ + #ifndef LWIP_ERROR +-#define LWIP_ERROR(m,e,h) do { if (!(e)) { LWIP_PLATFORM_ASSERT(m); h;}} while(0) ++#define LWIP_ERROR(message, expression, handler) do { if (!(expression)) { \ ++ LWIP_PLATFORM_ASSERT(message); handler;}} while(0) + #endif /* LWIP_ERROR */ + + #ifdef LWIP_DEBUG + /** print debug message only if debug message type is enabled... + * AND is of correct type AND is at least LWIP_DBG_LEVEL + */ +-#define LWIP_DEBUGF(debug,x) do { \ ++#define LWIP_DEBUGF(debug, message) do { \ + if ( \ + ((debug) & LWIP_DBG_ON) && \ + ((debug) & LWIP_DBG_TYPES_ON) && \ + ((s16_t)((debug) & LWIP_DBG_MASK_LEVEL) >= LWIP_DBG_MIN_LEVEL)) { \ +- LWIP_PLATFORM_DIAG(x); \ ++ LWIP_PLATFORM_DIAG(message); \ + if ((debug) & LWIP_DBG_HALT) { \ + while(1); \ + } \ +@@ -88,7 +90,7 @@ + } while(0) + + #else /* LWIP_DEBUG */ +-#define LWIP_DEBUGF(debug,x) ++#define LWIP_DEBUGF(debug, message) + #endif /* LWIP_DEBUG */ + + #endif /* __LWIP_DEBUG_H__ */ +Index: src/include/lwip/err.h +=================================================================== +RCS file: /sources/lwip/lwip/src/include/lwip/err.h,v +retrieving revision 1.13 +retrieving revision 1.15 +diff -u -p -r1.13 -r1.15 +--- a/src/include/lwip/err.h 13 Dec 2007 23:06:50 -0000 1.13 ++++ b/src/include/lwip/err.h 17 Jun 2008 20:27:32 -0000 1.15 +@@ -33,37 +33,43 @@ + #define __LWIP_ERR_H__ + + #include "lwip/opt.h" ++#include "lwip/arch.h" + + #ifdef __cplusplus + extern "C" { + #endif + +-typedef s8_t err_t; ++/** Define LWIP_ERR_T in cc.h if you want to use ++ * a different type for your platform (must be signed). */ ++#ifdef LWIP_ERR_T ++typedef LWIP_ERR_T err_t; ++#else /* LWIP_ERR_T */ ++ typedef s8_t err_t; ++#endif /* LWIP_ERR_T*/ + + /* Definitions for error constants. */ + + #define ERR_OK 0 /* No error, everything OK. */ + #define ERR_MEM -1 /* Out of memory error. */ + #define ERR_BUF -2 /* Buffer error. */ +-#define ERR_RTE -3 /* Routing problem. */ ++#define ERR_TIMEOUT -3 /* Timeout. */ ++#define ERR_RTE -4 /* Routing problem. */ + + #define ERR_IS_FATAL(e) ((e) < ERR_RTE) + +-#define ERR_ABRT -4 /* Connection aborted. */ +-#define ERR_RST -5 /* Connection reset. */ +-#define ERR_CLSD -6 /* Connection closed. */ +-#define ERR_CONN -7 /* Not connected. */ ++#define ERR_ABRT -5 /* Connection aborted. */ ++#define ERR_RST -6 /* Connection reset. */ ++#define ERR_CLSD -7 /* Connection closed. */ ++#define ERR_CONN -8 /* Not connected. */ + +-#define ERR_VAL -8 /* Illegal value. */ ++#define ERR_VAL -9 /* Illegal value. */ + +-#define ERR_ARG -9 /* Illegal argument. */ ++#define ERR_ARG -10 /* Illegal argument. */ + +-#define ERR_USE -10 /* Address in use. */ ++#define ERR_USE -11 /* Address in use. */ + +-#define ERR_IF -11 /* Low-level netif error */ +-#define ERR_ISCONN -12 /* Already connected. */ +- +-#define ERR_TIMEOUT -13 /* Timeout. */ ++#define ERR_IF -12 /* Low-level netif error */ ++#define ERR_ISCONN -13 /* Already connected. */ + + #define ERR_INPROGRESS -14 /* Operation in progress */ + +Index: src/include/lwip/mem.h +=================================================================== +RCS file: /sources/lwip/lwip/src/include/lwip/mem.h,v +retrieving revision 1.21 +retrieving revision 1.22 +diff -u -p -r1.21 -r1.22 +--- a/src/include/lwip/mem.h 4 Mar 2008 16:31:32 -0000 1.21 ++++ b/src/include/lwip/mem.h 30 May 2008 11:37:15 -0000 1.22 +@@ -50,16 +50,16 @@ typedef size_t mem_size_t; + * allow these defines to be overridden. + */ + #ifndef mem_free +-#define mem_free(x) free(x) ++#define mem_free free + #endif + #ifndef mem_malloc +-#define mem_malloc(x) malloc(x) ++#define mem_malloc malloc + #endif + #ifndef mem_calloc +-#define mem_calloc(x, y) calloc(x, y) ++#define mem_calloc calloc + #endif + #ifndef mem_realloc +-#define mem_realloc(x, size) (x) ++#define mem_realloc realloc + #endif + #else /* MEM_LIBC_MALLOC */ + +Index: src/include/lwip/netif.h +=================================================================== +RCS file: /sources/lwip/lwip/src/include/lwip/netif.h,v +retrieving revision 1.43 +retrieving revision 1.46 +diff -u -p -r1.43 -r1.46 +--- a/src/include/lwip/netif.h 9 Oct 2007 19:59:59 -0000 1.43 ++++ b/src/include/lwip/netif.h 19 Jun 2008 16:27:23 -0000 1.46 +@@ -34,6 +34,8 @@ + + #include "lwip/opt.h" + ++#define ENABLE_LOOPBACK (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF) ++ + #include "lwip/err.h" + + #include "lwip/ip_addr.h" +@@ -165,6 +167,14 @@ struct netif { + #if LWIP_NETIF_HWADDRHINT + u8_t *addr_hint; + #endif /* LWIP_NETIF_HWADDRHINT */ ++#if ENABLE_LOOPBACK ++ /* List of packets to be queued for ourselves. */ ++ struct pbuf *loop_first; ++ struct pbuf *loop_last; ++#if LWIP_LOOPBACK_MAX_PBUFS ++ u16_t loop_cnt_current; ++#endif /* LWIP_LOOPBACK_MAX_PBUFS */ ++#endif /* ENABLE_LOOPBACK */ + }; + + #if LWIP_SNMP +@@ -242,4 +252,12 @@ void netif_set_link_callback(struct neti + } + #endif + ++#if ENABLE_LOOPBACK ++err_t netif_loop_output(struct netif *netif, struct pbuf *p, struct ip_addr *dest_ip); ++void netif_poll(struct netif *netif); ++#if !LWIP_NETIF_LOOPBACK_MULTITHREADING ++void netif_poll_all(void); ++#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */ ++#endif /* ENABLE_LOOPBACK */ ++ + #endif /* __LWIP_NETIF_H__ */ +Index: src/include/lwip/opt.h +=================================================================== +RCS file: /sources/lwip/lwip/src/include/lwip/opt.h,v +retrieving revision 1.116 +retrieving revision 1.122 +diff -u -p -r1.116 -r1.122 +--- a/src/include/lwip/opt.h 31 Jan 2008 18:19:29 -0000 1.116 ++++ b/src/include/lwip/opt.h 30 Jun 2008 18:16:52 -0000 1.122 +@@ -155,6 +155,27 @@ + #define MEMP_USE_CUSTOM_POOLS 0 + #endif + ++/** ++ * Set this to 1 if you want to free PBUF_RAM pbufs (or call mem_free()) from ++ * interrupt context (or another context that doesn't allow waiting for a ++ * semaphore). ++ * If set to 1, mem_malloc will be protected by a semaphore and SYS_ARCH_PROTECT, ++ * while mem_free will only use SYS_ARCH_PROTECT. mem_malloc SYS_ARCH_UNPROTECTs ++ * with each loop so that mem_free can run. ++ * ++ * ATTENTION: As you can see from the above description, this leads to dis-/ ++ * enabling interrupts often, which can be slow! Also, on low memory, mem_malloc ++ * can need longer. ++ * ++ * If you don't want that, at least for NO_SYS=0, you can still use the following ++ * functions to enqueue a deallocation call which then runs in the tcpip_thread ++ * context: ++ * - pbuf_free_callback(p); ++ * - mem_free_callback(m); ++ */ ++#ifndef LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT ++#define LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT 0 ++#endif + + /* + ------------------------------------------------ +@@ -815,6 +836,39 @@ + #define LWIP_NETIF_HWADDRHINT 0 + #endif + ++/** ++ * LWIP_NETIF_LOOPBACK==1: Support sending packets with a destination IP ++ * address equal to the netif IP address, looping them back up the stack. ++ */ ++#ifndef LWIP_NETIF_LOOPBACK ++#define LWIP_NETIF_LOOPBACK 0 ++#endif ++ ++/** ++ * LWIP_LOOPBACK_MAX_PBUFS: Maximum number of pbufs on queue for loopback ++ * sending for each netif (0 = disabled) ++ */ ++#ifndef LWIP_LOOPBACK_MAX_PBUFS ++#define LWIP_LOOPBACK_MAX_PBUFS 0 ++#endif ++ ++/** ++ * LWIP_NETIF_LOOPBACK_MULTITHREADING: Indicates whether threading is enabled in ++ * the system, as netifs must change how they behave depending on this setting ++ * for the LWIP_NETIF_LOOPBACK option to work. ++ * Setting this is needed to avoid reentering non-reentrant functions like ++ * tcp_input(). ++ * LWIP_NETIF_LOOPBACK_MULTITHREADING==1: Indicates that the user is using a ++ * multithreaded environment like tcpip.c. In this case, netif->input() ++ * is called directly. ++ * LWIP_NETIF_LOOPBACK_MULTITHREADING==0: Indicates a polling (or NO_SYS) setup. ++ * The packets are put on a list and netif_poll() must be called in ++ * the main application loop. ++ */ ++#ifndef LWIP_NETIF_LOOPBACK_MULTITHREADING ++#define LWIP_NETIF_LOOPBACK_MULTITHREADING (!NO_SYS) ++#endif ++ + /* + ------------------------------------ + ---------- LOOPIF options ---------- +@@ -827,20 +881,16 @@ + #define LWIP_HAVE_LOOPIF 0 + #endif + ++/* ++ ------------------------------------ ++ ---------- SLIPIF options ---------- ++ ------------------------------------ ++*/ + /** +- * LWIP_LOOPIF_MULTITHREADING: Indicates whether threading is enabled in +- * the system, as LOOPIF must change how it behaves depending on this setting. +- * Setting this is needed to avoid reentering non-reentrant functions like +- * tcp_input(). +- * LWIP_LOOPIF_MULTITHREADING==1: Indicates that the user is using a +- * multithreaded environment like tcpip.c. In this case, netif->input() +- * is called directly. +- * LWIP_LOOPIF_MULTITHREADING==0: Indicates a polling (or NO_SYS) setup. +- * The packets are put on a list and loopif_poll() must be called in +- * the main application loop. ++ * LWIP_HAVE_SLIPIF==1: Support slip interface and slipif.c + */ +-#ifndef LWIP_LOOPIF_MULTITHREADING +-#define LWIP_LOOPIF_MULTITHREADING 1 ++#ifndef LWIP_HAVE_SLIPIF ++#define LWIP_HAVE_SLIPIF 0 + #endif + + /* +Index: src/include/lwip/sio.h +=================================================================== +RCS file: /sources/lwip/lwip/src/include/lwip/sio.h,v +retrieving revision 1.7 +retrieving revision 1.8 +diff -u -p -r1.7 -r1.8 +--- a/src/include/lwip/sio.h 6 Sep 2007 16:43:44 -0000 1.7 ++++ b/src/include/lwip/sio.h 27 Mar 2008 18:06:02 -0000 1.8 +@@ -32,16 +32,24 @@ + * It needs to be implemented by those platforms which need SLIP or PPP + */ + ++#ifndef __SIO_H__ ++#define __SIO_H__ ++ + #include "lwip/arch.h" + + #ifdef __cplusplus + extern "C" { + #endif + ++/* If you want to define sio_fd_t elsewhere or differently, ++ define this in your cc.h file. */ + #ifndef __sio_fd_t_defined + typedef void * sio_fd_t; + #endif + ++/* The following functions can be defined to something else in your cc.h file ++ or be implemented in your custom sio.c file. */ ++ + #ifndef sio_open + sio_fd_t sio_open(u8_t); + #endif +@@ -69,3 +77,5 @@ void sio_read_abort(sio_fd_t); + #ifdef __cplusplus + } + #endif ++ ++#endif /* __SIO_H__ */ +Index: src/include/lwip/sockets.h +=================================================================== +RCS file: /sources/lwip/lwip/src/include/lwip/sockets.h,v +retrieving revision 1.38 +retrieving revision 1.39 +diff -u -p -r1.38 -r1.39 +--- a/src/include/lwip/sockets.h 2 Dec 2007 15:24:02 -0000 1.38 ++++ b/src/include/lwip/sockets.h 26 Apr 2008 10:46:23 -0000 1.39 +@@ -177,7 +177,22 @@ typedef struct ip_mreq { + } ip_mreq; + #endif /* LWIP_IGMP */ + +-/* Unimplemented for now... */ ++/* ++ * The Type of Service provides an indication of the abstract ++ * parameters of the quality of service desired. These parameters are ++ * to be used to guide the selection of the actual service parameters ++ * when transmitting a datagram through a particular network. Several ++ * networks offer service precedence, which somehow treats high ++ * precedence traffic as more important than other traffic (generally ++ * by accepting only traffic above a certain precedence at time of high ++ * load). The major choice is a three way tradeoff between low-delay, ++ * high-reliability, and high-throughput. ++ * The use of the Delay, Throughput, and Reliability indications may ++ * increase the cost (in some sense) of the service. In many networks ++ * better performance for one of these parameters is coupled with worse ++ * performance on another. Except for very unusual cases at most two ++ * of these three indications should be set. ++ */ + #define IPTOS_TOS_MASK 0x1E + #define IPTOS_TOS(tos) ((tos) & IPTOS_TOS_MASK) + #define IPTOS_LOWDELAY 0x10 +@@ -187,7 +202,13 @@ typedef struct ip_mreq { + #define IPTOS_MINCOST IPTOS_LOWCOST + + /* +- * Definitions for IP precedence (also in ip_tos) (Unimplemented) ++ * The Network Control precedence designation is intended to be used ++ * within a network only. The actual use and control of that ++ * designation is up to each network. The Internetwork Control ++ * designation is intended for use by gateway control originators only. ++ * If the actual use of these precedence designations is of concern to ++ * a particular network, it is the responsibility of that network to ++ * control the access to, and use of, those precedence designations. + */ + #define IPTOS_PREC_MASK 0xe0 + #define IPTOS_PREC(tos) ((tos) & IPTOS_PREC_MASK) +Index: src/include/lwip/stats.h +=================================================================== +RCS file: /sources/lwip/lwip/src/include/lwip/stats.h,v +retrieving revision 1.19 +retrieving revision 1.23 +diff -u -p -r1.19 -r1.23 +--- a/src/include/lwip/stats.h 28 Nov 2007 21:25:07 -0000 1.19 ++++ b/src/include/lwip/stats.h 8 Jul 2008 09:15:57 -0000 1.23 +@@ -57,7 +57,6 @@ extern "C" { + + struct stats_proto { + STAT_COUNTER xmit; /* Transmitted packets. */ +- STAT_COUNTER rexmit; /* Retransmitted packets. */ + STAT_COUNTER recv; /* Received packets. */ + STAT_COUNTER fw; /* Forwarded packets. */ + STAT_COUNTER drop; /* Dropped packets. */ +@@ -87,7 +86,8 @@ struct stats_mem { + mem_size_t avail; + mem_size_t used; + mem_size_t max; +- mem_size_t err; ++ STAT_COUNTER err; ++ STAT_COUNTER illegal; + }; + + struct stats_syselem { +@@ -142,64 +142,138 @@ extern struct stats_ lwip_stats; + #define stats_init() /* Compatibility define, not init needed. */ + + #define STATS_INC(x) ++lwip_stats.x ++#define STATS_DEC(x) --lwip_stats.x + #else + #define stats_init() + #define STATS_INC(x) ++#define STATS_DEC(x) + #endif /* LWIP_STATS */ + + #if TCP_STATS + #define TCP_STATS_INC(x) STATS_INC(x) ++#define TCP_STATS_DISPLAY() stats_display_proto(&lwip_stats.tcp, "TCP") + #else + #define TCP_STATS_INC(x) ++#define TCP_STATS_DISPLAY() + #endif + + #if UDP_STATS + #define UDP_STATS_INC(x) STATS_INC(x) ++#define UDP_STATS_DISPLAY() stats_display_proto(&lwip_stats.udp, "UDP") + #else + #define UDP_STATS_INC(x) ++#define UDP_STATS_DISPLAY() + #endif + + #if ICMP_STATS + #define ICMP_STATS_INC(x) STATS_INC(x) ++#define ICMP_STATS_DISPLAY() stats_display_proto(&lwip_stats.icmp, "ICMP") + #else + #define ICMP_STATS_INC(x) ++#define ICMP_STATS_DISPLAY() + #endif + + #if IGMP_STATS + #define IGMP_STATS_INC(x) STATS_INC(x) ++#define IGMP_STATS_DISPLAY() stats_display_igmp(&lwip_stats.igmp) + #else + #define IGMP_STATS_INC(x) ++#define IGMP_STATS_DISPLAY() + #endif + + #if IP_STATS + #define IP_STATS_INC(x) STATS_INC(x) ++#define IP_STATS_DISPLAY() stats_display_proto(&lwip_stats.ip, "IP") + #else + #define IP_STATS_INC(x) ++#define IP_STATS_DISPLAY() + #endif + + #if IPFRAG_STATS + #define IPFRAG_STATS_INC(x) STATS_INC(x) ++#define IPFRAG_STATS_DISPLAY() stats_display_proto(&lwip_stats.ip_frag, "IP_FRAG") + #else + #define IPFRAG_STATS_INC(x) ++#define IPFRAG_STATS_DISPLAY() + #endif + + #if ETHARP_STATS + #define ETHARP_STATS_INC(x) STATS_INC(x) ++#define ETHARP_STATS_DISPLAY() stats_display_proto(&lwip_stats.etharp, "ETHARP") + #else + #define ETHARP_STATS_INC(x) ++#define ETHARP_STATS_DISPLAY() + #endif + + #if LINK_STATS + #define LINK_STATS_INC(x) STATS_INC(x) ++#define LINK_STATS_DISPLAY() stats_display_proto(&lwip_stats.link, "LINK") + #else + #define LINK_STATS_INC(x) ++#define LINK_STATS_DISPLAY() ++#endif ++ ++#if MEM_STATS ++#define MEM_STATS_AVAIL(x, y) lwip_stats.mem.x = y ++#define MEM_STATS_INC(x) STATS_INC(mem.x) ++#define MEM_STATS_INC_USED(x, y) do { lwip_stats.mem.used += y; \ ++ if (lwip_stats.mem.max < lwip_stats.mem.used) { \ ++ lwip_stats.mem.max = lwip_stats.mem.used; \ ++ } \ ++ } while(0) ++#define MEM_STATS_DEC_USED(x, y) lwip_stats.mem.x -= y ++#define MEM_STATS_DISPLAY() stats_display_mem(&lwip_stats.mem, "HEAP") ++#else ++#define MEM_STATS_AVAIL(x, y) ++#define MEM_STATS_INC(x) ++#define MEM_STATS_INC_USED(x, y) ++#define MEM_STATS_DEC_USED(x, y) ++#define MEM_STATS_DISPLAY() ++#endif ++ ++#if MEMP_STATS ++#define MEMP_STATS_AVAIL(x, i, y) lwip_stats.memp[i].x = y ++#define MEMP_STATS_INC(x, i) STATS_INC(memp[i].x) ++#define MEMP_STATS_DEC(x, i) STATS_DEC(memp[i].x) ++#define MEMP_STATS_INC_USED(x, i) do { ++lwip_stats.memp[i].used; \ ++ if (lwip_stats.memp[i].max < lwip_stats.memp[i].used) { \ ++ lwip_stats.memp[i].max = lwip_stats.memp[i].used; \ ++ } \ ++ } while(0) ++#define MEMP_STATS_DISPLAY(i) stats_display_memp(&lwip_stats.memp[i], i) ++#else ++#define MEMP_STATS_AVAIL(x, i, y) ++#define MEMP_STATS_INC(x, i) ++#define MEMP_STATS_DEC(x, i) ++#define MEMP_STATS_INC_USED(x, i) ++#define MEMP_STATS_DISPLAY(i) ++#endif ++ ++#if SYS_STATS ++#define SYS_STATS_INC(x) STATS_INC(sys.x) ++#define SYS_STATS_DEC(x) STATS_DEC(sys.x) ++#define SYS_STATS_DISPLAY() stats_display_sys(&lwip_stats.sys) ++#else ++#define SYS_STATS_INC(x) ++#define SYS_STATS_DEC(x) ++#define SYS_STATS_DISPLAY() + #endif + + /* Display of statistics */ + #if LWIP_STATS_DISPLAY + void stats_display(void); ++void stats_display_proto(struct stats_proto *proto, char *name); ++void stats_display_igmp(struct stats_igmp *igmp); ++void stats_display_mem(struct stats_mem *mem, char *name); ++void stats_display_memp(struct stats_mem *mem, int index); ++void stats_display_sys(struct stats_sys *sys); + #else + #define stats_display() ++#define stats_display_proto(proto, name) ++#define stats_display_igmp(igmp) ++#define stats_display_mem(mem, name) ++#define stats_display_memp(mem, index) ++#define stats_display_sys(sys) + #endif /* LWIP_STATS_DISPLAY */ + + #ifdef __cplusplus +Index: src/include/lwip/tcpip.h +=================================================================== +RCS file: /sources/lwip/lwip/src/include/lwip/tcpip.h,v +retrieving revision 1.24 +retrieving revision 1.27 +diff -u -p -r1.24 -r1.27 +--- a/src/include/lwip/tcpip.h 12 Jan 2008 11:52:22 -0000 1.24 ++++ b/src/include/lwip/tcpip.h 27 Jun 2008 20:34:55 -0000 1.27 +@@ -83,7 +83,11 @@ err_t tcpip_netifapi_lock(struct netifap + #endif /* LWIP_NETIF_API */ + + err_t tcpip_callback_with_block(void (*f)(void *ctx), void *ctx, u8_t block); +-#define tcpip_callback(f,ctx) tcpip_callback_with_block(f,ctx,1) ++#define tcpip_callback(f, ctx) tcpip_callback_with_block(f, ctx, 1) ++ ++/* free pbufs or heap memory from another context without blocking */ ++err_t pbuf_free_callback(struct pbuf *p); ++err_t mem_free_callback(void *m); + + err_t tcpip_timeout(u32_t msecs, sys_timeout_handler h, void *arg); + #define tcpip_untimeout(h, arg) tcpip_timeout(0xffffffff, h, arg) +Index: src/include/netif/loopif.h +=================================================================== +RCS file: /sources/lwip/lwip/src/include/netif/loopif.h,v +retrieving revision 1.7 +retrieving revision 1.9 +diff -u -p -r1.7 -r1.9 +--- a/src/include/netif/loopif.h 10 May 2007 10:59:20 -0000 1.7 ++++ b/src/include/netif/loopif.h 17 Jun 2008 20:12:22 -0000 1.9 +@@ -32,6 +32,7 @@ + #ifndef __NETIF_LOOPIF_H__ + #define __NETIF_LOOPIF_H__ + ++#include "lwip/opt.h" + #include "lwip/netif.h" + #include "lwip/err.h" + +@@ -39,9 +40,9 @@ + extern "C" { + #endif + +-#if !LWIP_LOOPIF_MULTITHREADING +-void loopif_poll(struct netif *netif); +-#endif ++#if !LWIP_NETIF_LOOPBACK_MULTITHREADING ++#define loopif_poll netif_poll ++#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */ + + err_t loopif_init(struct netif *netif); + +Index: src/netif/etharp.c +=================================================================== +RCS file: /sources/lwip/lwip/src/netif/etharp.c,v +retrieving revision 1.145 +retrieving revision 1.148 +diff -u -p -r1.145 -r1.148 +--- a/src/netif/etharp.c 4 Mar 2008 13:41:24 -0000 1.145 ++++ b/src/netif/etharp.c 19 Jun 2008 16:40:59 -0000 1.148 +@@ -353,7 +353,7 @@ find_entry(struct ip_addr *ipaddr, u8_t + * 1) empty entry + * 2) oldest stable entry + * 3) oldest pending entry without queued packets +- * 4) oldest pending entry without queued packets ++ * 4) oldest pending entry with queued packets + * + * { ETHARP_TRY_HARD is set at this point } + */ +@@ -1130,7 +1130,14 @@ ethernet_input(struct pbuf *p, struct ne + + /* points to packet payload, which starts with an Ethernet header */ + ethhdr = p->payload; +- ++ LWIP_DEBUGF(ETHARP_DEBUG | LWIP_DBG_TRACE, ++ ("ethernet_input: dest:%02x:%02x:%02x:%02x:%02x:%02x, src:%02x:%02x:%02x:%02x:%02x:%02x, type:%2hx\n", ++ (unsigned)ethhdr->dest.addr[0], (unsigned)ethhdr->dest.addr[1], (unsigned)ethhdr->dest.addr[2], ++ (unsigned)ethhdr->dest.addr[3], (unsigned)ethhdr->dest.addr[4], (unsigned)ethhdr->dest.addr[5], ++ (unsigned)ethhdr->src.addr[0], (unsigned)ethhdr->src.addr[1], (unsigned)ethhdr->src.addr[2], ++ (unsigned)ethhdr->src.addr[3], (unsigned)ethhdr->src.addr[4], (unsigned)ethhdr->src.addr[5], ++ (unsigned)htons(ethhdr->type))); ++ + switch (htons(ethhdr->type)) { + /* IP packet? */ + case ETHTYPE_IP: +@@ -1165,6 +1172,8 @@ ethernet_input(struct pbuf *p, struct ne + #endif /* PPPOE_SUPPORT */ + + default: ++ ETHARP_STATS_INC(etharp.proterr); ++ ETHARP_STATS_INC(etharp.drop); + pbuf_free(p); + p = NULL; + break; +Index: src/netif/loopif.c +=================================================================== +RCS file: /sources/lwip/lwip/src/netif/loopif.c,v +retrieving revision 1.26 +retrieving revision 1.27 +diff -u -p -r1.26 -r1.27 +--- a/src/netif/loopif.c 31 Aug 2007 10:14:09 -0000 1.26 ++++ b/src/netif/loopif.c 12 Jun 2008 20:10:10 -0000 1.27 +@@ -40,149 +40,8 @@ + #if LWIP_HAVE_LOOPIF + + #include "netif/loopif.h" +-#include "lwip/pbuf.h" + #include "lwip/snmp.h" + +-#include <string.h> +- +-#if !LWIP_LOOPIF_MULTITHREADING +- +-#include "lwip/sys.h" +-#include "lwip/mem.h" +- +-/* helper struct for the linked list of pbufs */ +-struct loopif_private { +- struct pbuf *first; +- struct pbuf *last; +-}; +- +-/** +- * Call loopif_poll() in the main loop of your application. This is to prevent +- * reentering non-reentrant functions like tcp_input(). Packets passed to +- * loopif_output() are put on a list that is passed to netif->input() by +- * loopif_poll(). +- * +- * @param netif the lwip network interface structure for this loopif +- */ +-void +-loopif_poll(struct netif *netif) +-{ +- SYS_ARCH_DECL_PROTECT(lev); +- struct pbuf *in, *in_end; +- struct loopif_private *priv = (struct loopif_private*)netif->state; +- +- LWIP_ERROR("priv != NULL", (priv != NULL), return;); +- +- do { +- /* Get a packet from the list. With SYS_LIGHTWEIGHT_PROT=1, this is protected */ +- SYS_ARCH_PROTECT(lev); +- in = priv->first; +- if(in) { +- in_end = in; +- while(in_end->len != in_end->tot_len) { +- LWIP_ASSERT("bogus pbuf: len != tot_len but next == NULL!", in_end->next != NULL); +- in_end = in_end->next; +- } +- /* 'in_end' now points to the last pbuf from 'in' */ +- if(in_end == priv->last) { +- /* this was the last pbuf in the list */ +- priv->first = priv->last = NULL; +- } else { +- /* pop the pbuf off the list */ +- priv->first = in_end->next; +- LWIP_ASSERT("should not be null since first != last!", priv->first != NULL); +- } +- } +- SYS_ARCH_UNPROTECT(lev); +- +- if(in != NULL) { +- if(in_end->next != NULL) { +- /* De-queue the pbuf from its successors on the 'priv' list. */ +- in_end->next = NULL; +- } +- if(netif->input(in, netif) != ERR_OK) { +- pbuf_free(in); +- } +- /* Don't reference the packet any more! */ +- in = NULL; +- in_end = NULL; +- } +- /* go on while there is a packet on the list */ +- } while(priv->first != NULL); +-} +-#endif /* LWIP_LOOPIF_MULTITHREADING */ +- +-/** +- * Send an IP packet over the loopback interface. +- * The pbuf is simply copied and handed back to netif->input. +- * In multithreaded mode, this is done directly since netif->input must put +- * the packet on a queue. +- * In callback mode, the packet is put on an internal queue and is fed to +- * netif->input by loopif_poll(). +- * +- * @param netif the lwip network interface structure for this loopif +- * @param p the (IP) packet to 'send' +- * @param ipaddr the ip address to send the packet to (not used for loopif) +- * @return ERR_OK if the packet has been sent +- * ERR_MEM if the pbuf used to copy the packet couldn't be allocated +- */ +-static err_t +-loopif_output(struct netif *netif, struct pbuf *p, +- struct ip_addr *ipaddr) +-{ +-#if !LWIP_LOOPIF_MULTITHREADING +- SYS_ARCH_DECL_PROTECT(lev); +- struct loopif_private *priv; +- struct pbuf *last; +-#endif /* LWIP_LOOPIF_MULTITHREADING */ +- struct pbuf *r; +- err_t err; +- +- LWIP_UNUSED_ARG(ipaddr); +- +- /* Allocate a new pbuf */ +- r = pbuf_alloc(PBUF_RAW, p->tot_len, PBUF_RAM); +- if (r == NULL) { +- return ERR_MEM; +- } +- +- /* Copy the whole pbuf queue p into the single pbuf r */ +- if ((err = pbuf_copy(r, p)) != ERR_OK) { +- pbuf_free(r); +- r = NULL; +- return err; +- } +- +-#if LWIP_LOOPIF_MULTITHREADING +- /* Multithreading environment, netif->input() is supposed to put the packet +- into a mailbox, so we can safely call it here without risking to re-enter +- functions that are not reentrant (TCP!!!) */ +- if(netif->input(r, netif) != ERR_OK) { +- pbuf_free(r); +- r = NULL; +- } +-#else /* LWIP_LOOPIF_MULTITHREADING */ +- /* Raw API without threads: put the packet on a linked list which gets emptied +- through calling loopif_poll(). */ +- priv = (struct loopif_private*)netif->state; +- +- /* let last point to the last pbuf in chain r */ +- for (last = r; last->next != NULL; last = last->next); +- SYS_ARCH_PROTECT(lev); +- if(priv->first != NULL) { +- LWIP_ASSERT("if first != NULL, last must also be != NULL", priv->last != NULL); +- priv->last->next = r; +- priv->last = last; +- } else { +- priv->first = r; +- priv->last = last; +- } +- SYS_ARCH_UNPROTECT(lev); +-#endif /* LWIP_LOOPIF_MULTITHREADING */ +- +- return ERR_OK; +-} +- + /** + * Initialize a lwip network interface structure for a loopback interface + * +@@ -193,16 +52,6 @@ loopif_output(struct netif *netif, struc + err_t + loopif_init(struct netif *netif) + { +-#if !LWIP_LOOPIF_MULTITHREADING +- struct loopif_private *priv; +- +- priv = (struct loopif_private*)mem_malloc(sizeof(struct loopif_private)); +- if(priv == NULL) +- return ERR_MEM; +- priv->first = priv->last = NULL; +- netif->state = priv; +-#endif /* LWIP_LOOPIF_MULTITHREADING */ +- + /* initialize the snmp variables and counters inside the struct netif + * ifSpeed: no assumption can be made! + */ +@@ -210,7 +59,7 @@ loopif_init(struct netif *netif) + + netif->name[0] = 'l'; + netif->name[1] = 'o'; +- netif->output = loopif_output; ++ netif->output = netif_loop_output; + return ERR_OK; + } + +Index: src/netif/slipif.c +=================================================================== +RCS file: /sources/lwip/lwip/src/netif/slipif.c,v +retrieving revision 1.29 +retrieving revision 1.30 +diff -u -p -r1.29 -r1.30 +--- a/src/netif/slipif.c 30 Nov 2007 17:22:21 -0000 1.29 ++++ b/src/netif/slipif.c 17 Jun 2008 20:14:05 -0000 1.30 +@@ -44,6 +44,9 @@ + + #include "netif/slipif.h" + #include "lwip/opt.h" ++ ++#if LWIP_HAVE_SLIPIF ++ + #include "lwip/def.h" + #include "lwip/pbuf.h" + #include "lwip/sys.h" +@@ -273,3 +276,4 @@ slipif_init(struct netif *netif) + sys_thread_new(SLIPIF_THREAD_NAME, slipif_loop, netif, SLIPIF_THREAD_STACKSIZE, SLIPIF_THREAD_PRIO); + return ERR_OK; + } ++#endif /* LWIP_HAVE_SLIPIF */ diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch new file mode 100644 index 0000000000..a3745bda6d --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch @@ -0,0 +1,43 @@ +From d991bdbc062248221511ecb795617c36b37e1d2e Mon Sep 17 00:00:00 2001 +From: Wei Liu <wei.liu2@citrix.com> +Date: Wed, 9 Aug 2017 13:15:48 +0100 +Subject: [PATCH] lib/math.c: implement __udivmoddi4 + +Some code compiled by gcc 7 requires this. + +Signed-off-by: Wei Liu <wei.liu2@citrix.com> +Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> +--- + lib/math.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/lib/math.c b/lib/math.c +index 561393e..b98cc1d 100644 +--- a/lib/math.c ++++ b/lib/math.c +@@ -6,6 +6,7 @@ + * File: math.c + * Author: Rolf Neugebauer (neugebar@dcs.gla.ac.uk) + * Changes: ++ * Implement __udivmoddi4 (Wei Liu <wei.liu2@citrix.com>) + * + * Date: Aug 2003 + * +@@ -397,6 +398,15 @@ __umoddi3(u_quad_t a, u_quad_t b) + } + + /* ++ * Returns the quotient and places remainder in r ++ */ ++u_quad_t ++__udivmoddi4(u_quad_t a, u_quad_t b, u_quad_t *r) ++{ ++ return __qdivrem(a, b, r); ++} ++ ++/* + * From + * moddi3.c + */ +-- +2.11.0 diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch new file mode 100644 index 0000000000..a5d014958e --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch @@ -0,0 +1,155 @@ +--- a/newlib/libc/stdio/fprintf_chk.c 1969-12-31 19:00:00.000000000 -0500 ++++ b/newlib/libc/stdio/fprintf_chk.c 2009-02-26 19:02:53.000000000 -0500 +@@ -0,0 +1,21 @@ ++#include <stdarg.h> ++#include <stdio.h> ++ ++/* ++ * Stub implementation of __fprintf_chk adapted from glibc 2.7. This ++ * doesn't actually implement any buffer overflow protection. It just makes ++ * the linker happy :) ++*/ ++int ++__fprintf_chk (FILE *fp, int flag, const char *format, ...) ++{ ++ va_list ap; ++ int done; ++ ++ va_start (ap, format); ++ done = vfprintf (fp, format, ap); ++ va_end (ap); ++ ++ return done; ++} ++ +--- a/newlib/libc/stdio/Makefile.am 2007-08-02 16:23:06.000000000 -0400 ++++ b/newlib/libc/stdio/Makefile.am 2009-02-26 18:14:53.000000000 -0500 +@@ -20,6 +20,7 @@ + flags.c \ + fopen.c \ + fprintf.c \ ++ fprintf_chk.c \ + fputc.c \ + fputs.c \ + fread.c \ +@@ -65,6 +66,7 @@ + sniprintf.c \ + snprintf.c \ + sprintf.c \ ++ sprintf_chk.c \ + sscanf.c \ + stdio.c \ + tmpfile.c \ +--- a/newlib/libc/stdio/Makefile.in 2007-12-19 17:36:38.000000000 -0500 ++++ b/newlib/libc/stdio/Makefile.in 2009-02-26 18:43:52.000000000 -0500 +@@ -63,7 +63,8 @@ + lib_a-fgets.$(OBJEXT) lib_a-fileno.$(OBJEXT) \ + lib_a-findfp.$(OBJEXT) lib_a-fiprintf.$(OBJEXT) \ + lib_a-flags.$(OBJEXT) lib_a-fopen.$(OBJEXT) \ +- lib_a-fprintf.$(OBJEXT) lib_a-fputc.$(OBJEXT) \ ++ lib_a-fprintf.$(OBJEXT) lib_a-fprintf_chk.$(OBJEXT) \ ++ lib_a-fputc.$(OBJEXT) \ + lib_a-fputs.$(OBJEXT) lib_a-fread.$(OBJEXT) \ + lib_a-freopen.$(OBJEXT) lib_a-fscanf.$(OBJEXT) \ + lib_a-fiscanf.$(OBJEXT) lib_a-fseek.$(OBJEXT) \ +@@ -86,6 +87,7 @@ + lib_a-setvbuf.$(OBJEXT) lib_a-siprintf.$(OBJEXT) \ + lib_a-siscanf.$(OBJEXT) lib_a-sniprintf.$(OBJEXT) \ + lib_a-snprintf.$(OBJEXT) lib_a-sprintf.$(OBJEXT) \ ++ lib_a-sprintf_chk.$(OBJEXT) \ + lib_a-sscanf.$(OBJEXT) lib_a-stdio.$(OBJEXT) \ + lib_a-tmpfile.$(OBJEXT) lib_a-tmpnam.$(OBJEXT) \ + lib_a-ungetc.$(OBJEXT) lib_a-vdiprintf.$(OBJEXT) \ +@@ -122,15 +124,15 @@ + LTLIBRARIES = $(noinst_LTLIBRARIES) + am__objects_4 = clearerr.lo fclose.lo fdopen.lo feof.lo ferror.lo \ + fflush.lo fgetc.lo fgetpos.lo fgets.lo fileno.lo findfp.lo \ +- fiprintf.lo flags.lo fopen.lo fprintf.lo fputc.lo fputs.lo \ +- fread.lo freopen.lo fscanf.lo fiscanf.lo fseek.lo fsetpos.lo \ ++ fiprintf.lo flags.lo fopen.lo fprintf.lo fprintf_chk.lo fputc.lo \ ++ fputs.lo fread.lo freopen.lo fscanf.lo fiscanf.lo fseek.lo fsetpos.lo \ + ftell.lo fvwrite.lo fwalk.lo fwrite.lo getc.lo getchar.lo \ + getc_u.lo getchar_u.lo getdelim.lo getline.lo gets.lo \ + iprintf.lo iscanf.lo makebuf.lo perror.lo printf.lo putc.lo \ + putchar.lo putc_u.lo putchar_u.lo puts.lo refill.lo remove.lo \ + rename.lo rewind.lo rget.lo scanf.lo sccl.lo setbuf.lo \ + setbuffer.lo setlinebuf.lo setvbuf.lo siprintf.lo siscanf.lo \ +- sniprintf.lo snprintf.lo sprintf.lo sscanf.lo stdio.lo \ ++ sniprintf.lo snprintf.lo sprintf.lo sprintf_chk.lo sscanf.lo stdio.lo \ + tmpfile.lo tmpnam.lo ungetc.lo vdiprintf.lo vdprintf.lo \ + viprintf.lo viscanf.lo vprintf.lo vscanf.lo vsiprintf.lo \ + vsiscanf.lo vsnprintf.lo vsniprintf.lo vsprintf.lo vsscanf.lo \ +@@ -344,6 +346,7 @@ + flags.c \ + fopen.c \ + fprintf.c \ ++ fprintf_chk.c \ + fputc.c \ + fputs.c \ + fread.c \ +@@ -389,6 +392,7 @@ + sniprintf.c \ + snprintf.c \ + sprintf.c \ ++ sprintf_chk.c \ + sscanf.c \ + stdio.c \ + tmpfile.c \ +@@ -508,6 +512,7 @@ + siprintf.def \ + siscanf.def \ + sprintf.def \ ++ sprintf_chk.def \ + sscanf.def \ + tmpfile.def \ + tmpnam.def \ +@@ -678,6 +683,12 @@ + lib_a-fprintf.obj: fprintf.c + $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf.obj `if test -f 'fprintf.c'; then $(CYGPATH_W) 'fprintf.c'; else $(CYGPATH_W) '$(srcdir)/fprintf.c'; fi` + ++lib_a-fprintf_chk.o: fprintf_chk.c ++ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf_chk.o `test -f 'fprintf_chk.c' || echo '$(srcdir)/'`fprintf_chk.c ++ ++lib_a-fprintf_chk.obj: fprintf_chk.c ++ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf_chk.obj `if test -f 'fprintf_chk.c'; then $(CYGPATH_W) 'fprintf_chk.c'; else $(CYGPATH_W) '$(srcdir)/fprintf_chk.c'; fi` ++ + lib_a-fputc.o: fputc.c + $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fputc.o `test -f 'fputc.c' || echo '$(srcdir)/'`fputc.c + +@@ -948,6 +959,12 @@ + lib_a-sprintf.obj: sprintf.c + $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf.obj `if test -f 'sprintf.c'; then $(CYGPATH_W) 'sprintf.c'; else $(CYGPATH_W) '$(srcdir)/sprintf.c'; fi` + ++lib_a-sprintf_chk.o: sprintf_chk.c ++ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf_chk.o `test -f 'sprintf_chk.c' || echo '$(srcdir)/'`sprintf_chk.c ++ ++lib_a-sprintf_chk.obj: sprintf_chk.c ++ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf_chk.obj `if test -f 'sprintf_chk.c'; then $(CYGPATH_W) 'sprintf_chk.c'; else $(CYGPATH_W) '$(srcdir)/sprintf_chk.c'; fi` ++ + lib_a-sscanf.o: sscanf.c + $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sscanf.o `test -f 'sscanf.c' || echo '$(srcdir)/'`sscanf.c + +--- a/newlib/libc/stdio/sprintf_chk.c 1969-12-31 19:00:00.000000000 -0500 ++++ b/newlib/libc/stdio/sprintf_chk.c 2009-02-26 19:02:26.000000000 -0500 +@@ -0,0 +1,21 @@ ++#include <stdarg.h> ++#include <stdio.h> ++ ++/* ++ * Stub implementation of __sprintf_chk adapted from glibc 2.7. This ++ * doesn't actually implement any buffer overflow protection. It just makes ++ * the linker happy :) ++*/ ++int ++__sprintf_chk (char *s, int flags, size_t slen, const char *format, ...) ++{ ++ va_list arg; ++ int done; ++ ++ va_start (arg, format); ++ done = vsprintf (s, format, arg); ++ va_end (arg); ++ ++ return done; ++} ++ diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch new file mode 100644 index 0000000000..3610d646d2 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch @@ -0,0 +1,16 @@ +--- a/newlib/libc/include/stdint.h.orig 2006-08-17 00:39:43.000000000 +0300 ++++ b/newlib/libc/include/stdint.h 2009-08-25 17:33:23.000000000 +0300 +@@ -348,8 +348,11 @@ + #endif + + /* This must match size_t in stddef.h, currently long unsigned int */ +-#define SIZE_MIN (-__STDINT_EXP(LONG_MAX) - 1L) +-#define SIZE_MAX __STDINT_EXP(LONG_MAX) ++#ifdef __SIZE_MAX__ ++#define SIZE_MAX __SIZE_MAX__ ++#else ++#define SIZE_MAX (__STDINT_EXP(LONG_MAX) * 2UL + 1) ++#endif + + /* This must match sig_atomic_t in <signal.h> (currently int) */ + #define SIG_ATOMIC_MIN (-__STDINT_EXP(INT_MAX) - 1) diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/newlib.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib.patch new file mode 100644 index 0000000000..dbf409a2df --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib.patch @@ -0,0 +1,727 @@ +There is a mix between longs and long longs. + +Index: newlib/libc/include/inttypes.h +=================================================================== +RCS file: /cvs/src/src/newlib/libc/include/inttypes.h,v +retrieving revision 1.3 +diff -u -p -r1.3 inttypes.h +--- a/newlib/libc/include/inttypes.h 16 Dec 2005 19:03:12 -0000 1.3 ++++ b/newlib/libc/include/inttypes.h 8 Nov 2007 16:32:44 -0000 +@@ -163,12 +163,12 @@ + + + /* 64-bit types */ +-#if __have_longlong64 +-#define __PRI64(x) __STRINGIFY(ll##x) +-#define __SCN64(x) __STRINGIFY(ll##x) +-#elif __have_long64 ++#if __have_long64 + #define __PRI64(x) __STRINGIFY(l##x) + #define __SCN64(x) __STRINGIFY(l##x) ++#elif __have_longlong64 ++#define __PRI64(x) __STRINGIFY(ll##x) ++#define __SCN64(x) __STRINGIFY(ll##x) + #else + #define __PRI64(x) __STRINGIFY(x) + #define __SCN64(x) __STRINGIFY(x) +@@ -217,12 +217,12 @@ + #endif + + /* max-bit types */ +-#if __have_longlong64 +-#define __PRIMAX(x) __STRINGIFY(ll##x) +-#define __SCNMAX(x) __STRINGIFY(ll##x) +-#elif __have_long64 ++#if __have_long64 + #define __PRIMAX(x) __STRINGIFY(l##x) + #define __SCNMAX(x) __STRINGIFY(l##x) ++#elif __have_longlong64 ++#define __PRIMAX(x) __STRINGIFY(ll##x) ++#define __SCNMAX(x) __STRINGIFY(ll##x) + #else + #define __PRIMAX(x) __STRINGIFY(x) + #define __SCNMAX(x) __STRINGIFY(x) +@@ -242,12 +242,12 @@ + #define SCNxMAX __SCNMAX(x) + + /* ptr types */ +-#if __have_longlong64 +-#define __PRIPTR(x) __STRINGIFY(ll##x) +-#define __SCNPTR(x) __STRINGIFY(ll##x) +-#elif __have_long64 ++#if __have_long64 + #define __PRIPTR(x) __STRINGIFY(l##x) + #define __SCNPTR(x) __STRINGIFY(l##x) ++#elif __have_longlong64 ++#define __PRIPTR(x) __STRINGIFY(ll##x) ++#define __SCNPTR(x) __STRINGIFY(ll##x) + #else + #define __PRIPTR(x) __STRINGIFY(x) + #define __SCNPTR(x) __STRINGIFY(x) + +We don't want u?int32_t to be long as our code assume in a lot of places to be +int. + +Index: newlib/libc/include/stdint.h +=================================================================== +RCS file: /cvs/src/src/newlib/libc/include/stdint.h,v +retrieving revision 1.10 +diff -u -p -r1.10 stdint.h +--- a/newlib/libc/include/stdint.h 16 Aug 2006 21:39:43 -0000 1.10 ++++ b/newlib/libc/include/stdint.h 12 Feb 2008 13:07:52 -0000 +@@ -38,7 +38,7 @@ extern "C" { + #if __STDINT_EXP(LONG_MAX) > 0x7fffffff + #define __have_long64 1 + #elif __STDINT_EXP(LONG_MAX) == 0x7fffffff && !defined(__SPU__) +-#define __have_long32 1 ++/* #define __have_long32 1 */ + #endif + + #if __STDINT_EXP(SCHAR_MAX) == 0x7f + +Define the basic ia64 jump buffer + +Index: newlib/libc/include/sys/config.h +=================================================================== +RCS file: /cvs/src/src/newlib/libc/include/sys/config.h,v +retrieving revision 1.47 +diff -u -p -r1.47 config.h +--- a/newlib/libc/include/sys/config.h 15 Mar 2007 21:32:12 -0000 1.47 ++++ b/newlib/libc/include/sys/config.h 8 Nov 2007 16:32:44 -0000 +@@ -71,6 +71,10 @@ + #endif + #endif + ++#ifndef __DYNAMIC_REENT__ ++#define __DYNAMIC_REENT__ ++#endif ++ + #ifdef __mn10200__ + #define __SMALL_BITFIELDS + #endif + +Dynamic pointer to our reentrancy zone + +Index: newlib/libc/reent/getreent.c +=================================================================== +RCS file: /cvs/src/src/newlib/libc/reent/getreent.c,v +retrieving revision 1.2 +diff -u -p -r1.2 getreent.c +--- a/newlib/libc/reent/getreent.c 7 Sep 2007 00:45:55 -0000 1.2 ++++ b/newlib/libc/reent/getreent.c 8 Nov 2007 16:32:44 -0000 +@@ -3,12 +3,20 @@ + #include <_ansi.h> + #include <reent.h> + ++#define weak_alias(name, aliasname) \ ++ extern __typeof (name) aliasname __attribute__ ((weak, alias (#name))); ++ + #ifdef __getreent + #undef __getreent + #endif ++#ifdef __libc_getreent ++#undef __libc_getreent ++#endif + + struct _reent * +-_DEFUN_VOID(__getreent) ++__libc_getreent (void) + { + return _impure_ptr; + } ++weak_alias(__libc_getreent,__getreent) ++ + +We can't provide a red zone in mini-os. + +Index: newlib/libc/machine/x86_64/memcpy.S +=================================================================== +RCS file: /cvs/src/src/newlib/libc/machine/x86_64/memcpy.S,v +retrieving revision 1.1 +diff -u -p -r1.1 memcpy.S +--- a/newlib/libc/machine/x86_64/memcpy.S 28 Aug 2007 21:56:49 -0000 1.1 ++++ b/newlib/libc/machine/x86_64/memcpy.S 8 Nov 2007 16:32:44 -0000 +@@ -30,10 +30,18 @@ quadword_aligned: + cmpq $256, rdx + jb quadword_copy + ++#if 1 ++ subq $32, rsp ++ movq rax, 24 (rsp) ++ movq r12, 16 (rsp) ++ movq r13, 8 (rsp) ++ movq r14, 0 (rsp) ++#else + movq rax, -8 (rsp) + movq r12, -16 (rsp) + movq r13, -24 (rsp) + movq r14, -32 (rsp) ++#endif + + movq rdx, rcx /* Copy 128 bytes at a time with minimum cache polution */ + shrq $7, rcx +@@ -89,10 +97,18 @@ loop: + movq rdx, rcx + andq $127, rcx + rep movsb ++#if 1 ++ movq 24 (rsp), rax ++ movq 16 (rsp), r12 ++ movq 8 (rsp), r13 ++ movq 0 (rsp), r14 ++ addq $32, rsp ++#else + movq -8 (rsp), rax + movq -16 (rsp), r12 + movq -24 (rsp), r13 + movq -32 (rsp), r14 ++#endif + ret + + +--- a/newlib/libc/machine/x86_64/x86_64mach.h.orig 2008-07-11 14:57:23.062269000 +0100 ++++ b/newlib/libc/machine/x86_64/x86_64mach.h 2008-07-11 14:58:01.262503000 +0100 +@@ -22,81 +22,81 @@ + + #define REG(x) CONCAT1(__REG_PREFIX__, x) + +-#define rax REG(rax) +-#define rbx REG(rbx) +-#define rcx REG(rcx) +-#define rdx REG(rdx) +-#define rsi REG(rsi) +-#define rdi REG(rdi) +-#define rbp REG(rbp) +-#define rsp REG(rsp) +- +-#define r8 REG(r8) +-#define r9 REG(r9) +-#define r10 REG(r10) +-#define r11 REG(r11) +-#define r12 REG(r12) +-#define r13 REG(r13) +-#define r14 REG(r14) +-#define r15 REG(r15) +- +-#define eax REG(eax) +-#define ebx REG(ebx) +-#define ecx REG(ecx) +-#define edx REG(edx) +-#define esi REG(esi) +-#define edi REG(edi) +-#define ebp REG(ebp) +-#define esp REG(esp) +- +-#define st0 REG(st) +-#define st1 REG(st(1)) +-#define st2 REG(st(2)) +-#define st3 REG(st(3)) +-#define st4 REG(st(4)) +-#define st5 REG(st(5)) +-#define st6 REG(st(6)) +-#define st7 REG(st(7)) +- +-#define ax REG(ax) +-#define bx REG(bx) +-#define cx REG(cx) +-#define dx REG(dx) +- +-#define ah REG(ah) +-#define bh REG(bh) +-#define ch REG(ch) +-#define dh REG(dh) +- +-#define al REG(al) +-#define bl REG(bl) +-#define cl REG(cl) +-#define dl REG(dl) +- +-#define sil REG(sil) +- +-#define mm1 REG(mm1) +-#define mm2 REG(mm2) +-#define mm3 REG(mm3) +-#define mm4 REG(mm4) +-#define mm5 REG(mm5) +-#define mm6 REG(mm6) +-#define mm7 REG(mm7) +- +-#define xmm0 REG(xmm0) +-#define xmm1 REG(xmm1) +-#define xmm2 REG(xmm2) +-#define xmm3 REG(xmm3) +-#define xmm4 REG(xmm4) +-#define xmm5 REG(xmm5) +-#define xmm6 REG(xmm6) +-#define xmm7 REG(xmm7) +- +-#define cr0 REG(cr0) +-#define cr1 REG(cr1) +-#define cr2 REG(cr2) +-#define cr3 REG(cr3) +-#define cr4 REG(cr4) ++#define rax %rax ++#define rbx %rbx ++#define rcx %rcx ++#define rdx %rdx ++#define rsi %rsi ++#define rdi %rdi ++#define rbp %rbp ++#define rsp %rsp ++ ++#define r8 %r8 ++#define r9 %r9 ++#define r10 %r10 ++#define r11 %r11 ++#define r12 %r12 ++#define r13 %r13 ++#define r14 %r14 ++#define r15 %r15 ++ ++#define eax %eax ++#define ebx %ebx ++#define ecx %ecx ++#define edx %edx ++#define esi %esi ++#define edi %edi ++#define ebp %ebp ++#define esp %esp ++ ++#define st0 %st ++#define st1 %st(1) ++#define st2 %st(2) ++#define st3 %st(3) ++#define st4 %st(4) ++#define st5 %st(5) ++#define st6 %st(6) ++#define st7 %st(7) ++ ++#define ax %ax ++#define bx %bx ++#define cx %cx ++#define dx %dx ++ ++#define ah %ah ++#define bh %bh ++#define ch %ch ++#define dh %dh ++ ++#define al %al ++#define bl %bl ++#define cl %cl ++#define dl %dl ++ ++#define sil %sil ++ ++#define mm1 %mm1 ++#define mm2 %mm2 ++#define mm3 %mm3 ++#define mm4 %mm4 ++#define mm5 %mm5 ++#define mm6 %mm6 ++#define mm7 %mm7 ++ ++#define xmm0 %xmm0 ++#define xmm1 %xmm1 ++#define xmm2 %xmm2 ++#define xmm3 %xmm3 ++#define xmm4 %xmm4 ++#define xmm5 %xmm5 ++#define xmm6 %xmm6 ++#define xmm7 %xmm7 ++ ++#define cr0 %cr0 ++#define cr1 %cr1 ++#define cr2 %cr2 ++#define cr3 %cr3 ++#define cr4 %cr4 + + #ifdef _I386MACH_NEED_SOTYPE_FUNCTION + #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function +--- a/newlib/libc/machine/x86_64/memcpy.S.orig 2008-07-11 15:12:27.494693000 +0100 ++++ b/newlib/libc/machine/x86_64/memcpy.S 2008-07-11 15:12:29.448706000 +0100 +@@ -60,14 +60,14 @@ + movq 48 (rsi), r13 + movq 56 (rsi), r14 + +- movntiq rax, (rdi) +- movntiq r8 , 8 (rdi) +- movntiq r9 , 16 (rdi) +- movntiq r10, 24 (rdi) +- movntiq r11, 32 (rdi) +- movntiq r12, 40 (rdi) +- movntiq r13, 48 (rdi) +- movntiq r14, 56 (rdi) ++ movnti rax, (rdi) ++ movnti r8 , 8 (rdi) ++ movnti r9 , 16 (rdi) ++ movnti r10, 24 (rdi) ++ movnti r11, 32 (rdi) ++ movnti r12, 40 (rdi) ++ movnti r13, 48 (rdi) ++ movnti r14, 56 (rdi) + + movq 64 (rsi), rax + movq 72 (rsi), r8 +@@ -78,14 +78,14 @@ + movq 112 (rsi), r13 + movq 120 (rsi), r14 + +- movntiq rax, 64 (rdi) +- movntiq r8 , 72 (rdi) +- movntiq r9 , 80 (rdi) +- movntiq r10, 88 (rdi) +- movntiq r11, 96 (rdi) +- movntiq r12, 104 (rdi) +- movntiq r13, 112 (rdi) +- movntiq r14, 120 (rdi) ++ movnti rax, 64 (rdi) ++ movnti r8 , 72 (rdi) ++ movnti r9 , 80 (rdi) ++ movnti r10, 88 (rdi) ++ movnti r11, 96 (rdi) ++ movnti r12, 104 (rdi) ++ movnti r13, 112 (rdi) ++ movnti r14, 120 (rdi) + + leaq 128 (rsi), rsi + leaq 128 (rdi), rdi +--- a/newlib/libc/machine/i386/i386mach.h 2000-08-28 18:50:06.000000000 +0100 ++++ b/newlib/libc/machine/i386/i386mach.h 2008-07-11 15:17:13.874409000 +0100 +@@ -27,46 +27,46 @@ + + #define REG(x) CONCAT1(__REG_PREFIX__, x) + +-#define eax REG(eax) +-#define ebx REG(ebx) +-#define ecx REG(ecx) +-#define edx REG(edx) +-#define esi REG(esi) +-#define edi REG(edi) +-#define ebp REG(ebp) +-#define esp REG(esp) +- +-#define st0 REG(st) +-#define st1 REG(st(1)) +-#define st2 REG(st(2)) +-#define st3 REG(st(3)) +-#define st4 REG(st(4)) +-#define st5 REG(st(5)) +-#define st6 REG(st(6)) +-#define st7 REG(st(7)) +- +-#define ax REG(ax) +-#define bx REG(bx) +-#define cx REG(cx) +-#define dx REG(dx) +- +-#define ah REG(ah) +-#define bh REG(bh) +-#define ch REG(ch) +-#define dh REG(dh) +- +-#define al REG(al) +-#define bl REG(bl) +-#define cl REG(cl) +-#define dl REG(dl) +- +-#define mm1 REG(mm1) +-#define mm2 REG(mm2) +-#define mm3 REG(mm3) +-#define mm4 REG(mm4) +-#define mm5 REG(mm5) +-#define mm6 REG(mm6) +-#define mm7 REG(mm7) ++#define eax %eax ++#define ebx %ebx ++#define ecx %ecx ++#define edx %edx ++#define esi %esi ++#define edi %edi ++#define ebp %ebp ++#define esp %esp ++ ++#define st0 %st ++#define st1 %st(1) ++#define st2 %st(2) ++#define st3 %st(3) ++#define st4 %st(4) ++#define st5 %st(5) ++#define st6 %st(6) ++#define st7 %st(7) ++ ++#define ax %ax ++#define bx %bx ++#define cx %cx ++#define dx %dx ++ ++#define ah %ah ++#define bh %bh ++#define ch %ch ++#define dh %dh ++ ++#define al %al ++#define bl %bl ++#define cl %cl ++#define dl %dl ++ ++#define mm1 %mm1 ++#define mm2 %mm2 ++#define mm3 %mm3 ++#define mm4 %mm4 ++#define mm5 %mm5 ++#define mm6 %mm6 ++#define mm7 %mm7 + + #ifdef _I386MACH_NEED_SOTYPE_FUNCTION + #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function +--- a/newlib/libc/machine/x86_64/memset.S 2007-08-28 22:56:49.000000000 +0100 ++++ b/newlib/libc/machine/x86_64/memset.S 2008-07-11 15:16:59.098320000 +0100 +@@ -40,22 +40,22 @@ + + .p2align 4 + loop: +- movntiq rax, (rdi) +- movntiq rax, 8 (rdi) +- movntiq rax, 16 (rdi) +- movntiq rax, 24 (rdi) +- movntiq rax, 32 (rdi) +- movntiq rax, 40 (rdi) +- movntiq rax, 48 (rdi) +- movntiq rax, 56 (rdi) +- movntiq rax, 64 (rdi) +- movntiq rax, 72 (rdi) +- movntiq rax, 80 (rdi) +- movntiq rax, 88 (rdi) +- movntiq rax, 96 (rdi) +- movntiq rax, 104 (rdi) +- movntiq rax, 112 (rdi) +- movntiq rax, 120 (rdi) ++ movnti rax, (rdi) ++ movnti rax, 8 (rdi) ++ movnti rax, 16 (rdi) ++ movnti rax, 24 (rdi) ++ movnti rax, 32 (rdi) ++ movnti rax, 40 (rdi) ++ movnti rax, 48 (rdi) ++ movnti rax, 56 (rdi) ++ movnti rax, 64 (rdi) ++ movnti rax, 72 (rdi) ++ movnti rax, 80 (rdi) ++ movnti rax, 88 (rdi) ++ movnti rax, 96 (rdi) ++ movnti rax, 104 (rdi) ++ movnti rax, 112 (rdi) ++ movnti rax, 120 (rdi) + + leaq 128 (rdi), rdi + +--- a/newlib/libm/machine/i386/i386mach.h.orig 2008-07-11 15:30:37.367227000 +0100 ++++ b/newlib/libm/machine/i386/i386mach.h 2008-07-11 15:30:55.232337000 +0100 +@@ -27,46 +27,46 @@ + + #define REG(x) CONCAT1(__REG_PREFIX__, x) + +-#define eax REG(eax) +-#define ebx REG(ebx) +-#define ecx REG(ecx) +-#define edx REG(edx) +-#define esi REG(esi) +-#define edi REG(edi) +-#define ebp REG(ebp) +-#define esp REG(esp) +- +-#define st0 REG(st) +-#define st1 REG(st(1)) +-#define st2 REG(st(2)) +-#define st3 REG(st(3)) +-#define st4 REG(st(4)) +-#define st5 REG(st(5)) +-#define st6 REG(st(6)) +-#define st7 REG(st(7)) +- +-#define ax REG(ax) +-#define bx REG(bx) +-#define cx REG(cx) +-#define dx REG(dx) +- +-#define ah REG(ah) +-#define bh REG(bh) +-#define ch REG(ch) +-#define dh REG(dh) +- +-#define al REG(al) +-#define bl REG(bl) +-#define cl REG(cl) +-#define dl REG(dl) +- +-#define mm1 REG(mm1) +-#define mm2 REG(mm2) +-#define mm3 REG(mm3) +-#define mm4 REG(mm4) +-#define mm5 REG(mm5) +-#define mm6 REG(mm6) +-#define mm7 REG(mm7) ++#define eax %eax ++#define ebx %ebx ++#define ecx %ecx ++#define edx %edx ++#define esi %esi ++#define edi %edi ++#define ebp %ebp ++#define esp %esp ++ ++#define st0 %st ++#define st1 %st(1) ++#define st2 %st(2) ++#define st3 %st(3) ++#define st4 %st(4) ++#define st5 %st(5) ++#define st6 %st(6) ++#define st7 %st(7) ++ ++#define ax %ax ++#define bx %bx ++#define cx %cx ++#define dx %dx ++ ++#define ah %ah ++#define bh %bh ++#define ch %ch ++#define dh %dh ++ ++#define al %al ++#define bl %bl ++#define cl %cl ++#define dl %dl ++ ++#define mm1 %mm1 ++#define mm2 %mm2 ++#define mm3 %mm3 ++#define mm4 %mm4 ++#define mm5 %mm5 ++#define mm6 %mm6 ++#define mm7 %mm7 + + #ifdef _I386MACH_NEED_SOTYPE_FUNCTION + #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function + + +We want to have a 64bit offsets libc even on 32bit platforms. + +--- ./newlib/configure.host.orig 2008-08-07 16:01:17.801946000 +0100 ++++ ./newlib/configure.host 2008-08-07 16:01:34.181064000 +0100 +@@ -317,6 +317,8 @@ + oext=lo + lpfx= + aext=la ;; ++ i[34567]86-xen-elf) ++ stdio64_dir=stdio64 ;; + *) ;; #shared library not supported for ${host} + esac + +--- a/newlib/libc/include/sys/_types.h.orig 2008-08-07 15:22:44.925008000 +0100 ++++ b/newlib/libc/include/sys/_types.h 2008-08-07 15:22:50.824044000 +0100 +@@ -13,8 +13,12 @@ + #include <sys/lock.h> + + #ifndef __off_t_defined ++#ifdef __MINIOS__ ++typedef long long _off_t; ++#else + typedef long _off_t; + #endif ++#endif + + #if defined(__rtems__) + /* device numbers are 32-bit major and and 32-bit minor */ +--- ./newlib/libc/include/sys/config.h.orig 2008-08-07 14:43:25.915866000 +0100 ++++ ./newlib/libc/include/sys/config.h 2008-08-07 14:44:13.508154000 +0100 +@@ -69,6 +69,10 @@ + /* we use some glibc header files so turn on glibc large file feature */ + #define _LARGEFILE64_SOURCE 1 + #endif ++#ifdef __MINIOS__ ++#define __LARGE64_FILES 1 ++#define _LARGEFILE64_SOURCE 1 ++#endif + #endif + + #ifndef __DYNAMIC_REENT__ +--- ./newlib/libc/include/sys/_default_fcntl.h.orig 2008-08-07 15:08:22.377836000 +0100 ++++ ./newlib/libc/include/sys/_default_fcntl.h 2008-08-07 15:08:31.651890000 +0100 +@@ -170,7 +170,11 @@ + /* Provide _<systemcall> prototypes for functions provided by some versions + of newlib. */ + #ifdef _COMPILING_NEWLIB +-extern int _open _PARAMS ((const char *, int, ...)); ++extern int _open _PARAMS ((const char *, int, ...)) ++#ifdef __MINIOS__ ++ asm("open64") ++#endif ++ ; + extern int _fcntl _PARAMS ((int, int, ...)); + #ifdef __LARGE64_FILES + extern int _open64 _PARAMS ((const char *, int, ...)); +--- ./newlib/libc/include/sys/unistd.h.orig 2008-08-07 15:09:36.449280000 +0100 ++++ ./newlib/libc/include/sys/unistd.h 2008-08-07 15:09:51.210370000 +0100 +@@ -101,7 +101,11 @@ + int _EXFUN(link, (const char *__path1, const char *__path2 )); + int _EXFUN(nice, (int __nice_value )); + #if !defined(__INSIDE_CYGWIN__) +-off_t _EXFUN(lseek, (int __fildes, off_t __offset, int __whence )); ++off_t _EXFUN(lseek, (int __fildes, off_t __offset, int __whence )) ++#ifdef __MINIOS__ ++ asm("lseek64") ++#endif ++ ; + #endif + #if defined(__SPU__) + #define F_ULOCK 0 +--- ./newlib/libc/include/sys/stat.h.orig 2008-08-07 16:08:50.495116000 +0100 ++++ ./newlib/libc/include/sys/stat.h 2008-08-07 16:10:21.799753000 +0100 +@@ -49,6 +49,9 @@ + long st_spare4[2]; + #endif + }; ++#ifdef __MINIOS__ ++#define stat64 stat ++#endif + #endif + + #define _IFMT 0170000 /* type of file */ +@@ -132,7 +135,11 @@ + /* Provide prototypes for most of the _<systemcall> names that are + provided in newlib for some compilers. */ + #ifdef _COMPILING_NEWLIB +-int _EXFUN(_fstat,( int __fd, struct stat *__sbuf )); ++int _EXFUN(_fstat,( int __fd, struct stat *__sbuf )) ++#ifdef __MINIOS__ ++ asm("fstat64") ++#endif ++ ; + int _EXFUN(_stat,( const char *__path, struct stat *__sbuf )); + #ifdef __LARGE64_FILES + struct stat64; +--- ./newlib/libc/include/_syslist.h.orig 2008-08-07 16:24:19.122605000 +0100 ++++ ./newlib/libc/include/_syslist.h 2008-08-07 16:24:21.548628000 +0100 +@@ -14,6 +14,7 @@ + #define _kill kill + #define _link link + #define _lseek lseek ++#define _lseek64 lseek64 + #define _open open + #define _read read + #define _sbrk sbrk +--- a/newlib/libc/include/reent.h.orig 2008-08-07 16:28:49.846502000 +0100 ++++ b/newlib/libc/include/reent.h 2008-08-07 16:29:02.096586000 +0100 +@@ -87,6 +87,9 @@ + #if defined(__CYGWIN__) && defined(_COMPILING_NEWLIB) + #define stat64 __stat64 + #endif ++#if defined(__MINIOS__) ++#define stat64 stat ++#endif + + struct stat64; + diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/polarssl.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/polarssl.patch new file mode 100644 index 0000000000..95487308cc --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/polarssl.patch @@ -0,0 +1,64 @@ +diff -Naur polarssl-1.1.4/include/polarssl/config.h polarssl-x86_64/include/polarssl/config.h +--- a/include/polarssl/config.h 2011-12-22 05:06:27.000000000 -0500 ++++ b/include/polarssl/config.h 2012-10-30 17:18:07.567001000 -0400 +@@ -164,8 +164,8 @@ + * application. + * + * Uncomment this macro to prevent loading of default entropy functions. +-#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES + */ ++#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES + + /** + * \def POLARSSL_NO_PLATFORM_ENTROPY +@@ -175,8 +175,8 @@ + * standards like the /dev/urandom or Windows CryptoAPI. + * + * Uncomment this macro to disable the built-in platform entropy functions. +-#define POLARSSL_NO_PLATFORM_ENTROPY + */ ++#define POLARSSL_NO_PLATFORM_ENTROPY + + /** + * \def POLARSSL_PKCS1_V21 +@@ -426,8 +426,8 @@ + * Requires: POLARSSL_TIMING_C + * + * This module enables the HAVEGE random number generator. +- */ + #define POLARSSL_HAVEGE_C ++ */ + + /** + * \def POLARSSL_MD_C +@@ -490,7 +490,7 @@ + * + * This module provides TCP/IP networking routines. + */ +-#define POLARSSL_NET_C ++//#define POLARSSL_NET_C + + /** + * \def POLARSSL_PADLOCK_C +@@ -644,8 +644,8 @@ + * Caller: library/havege.c + * + * This module is used by the HAVEGE random number generator. +- */ + #define POLARSSL_TIMING_C ++ */ + + /** + * \def POLARSSL_VERSION_C +diff -Naur polarssl-1.1.4/library/bignum.c polarssl-x86_64/library/bignum.c +--- a/library/bignum.c 2012-04-29 16:15:55.000000000 -0400 ++++ b/library/bignum.c 2012-10-30 17:21:52.135000999 -0400 +@@ -1101,7 +1101,7 @@ + Z.p[i - t - 1] = ~0; + else + { +-#if defined(POLARSSL_HAVE_LONGLONG) ++#if 0 //defined(POLARSSL_HAVE_LONGLONG) + t_udbl r; + + r = (t_udbl) X.p[i] << biL; diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch new file mode 100644 index 0000000000..622b34f593 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch @@ -0,0 +1,12 @@ +diff -Naur tpm_emulator-x86_64-back/tpm/tpm_emulator_extern.c tpm_emulator-x86_64/tpm/tpm_emulator_extern.c +--- a/tpm/tpm_emulator_extern.c 2012-04-27 10:55:46.581963398 -0400 ++++ b/tpm/tpm_emulator_extern.c 2012-04-27 10:56:02.193034152 -0400 +@@ -249,7 +249,7 @@ + #else /* TPM_NO_EXTERN */ + + int (*tpm_extern_init)(void) = NULL; +-int (*tpm_extern_release)(void) = NULL; ++void (*tpm_extern_release)(void) = NULL; + void* (*tpm_malloc)(size_t size) = NULL; + void (*tpm_free)(/*const*/ void *ptr) = NULL; + void (*tpm_log)(int priority, const char *fmt, ...) = NULL; diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch new file mode 100644 index 0000000000..9c9304cfff --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch @@ -0,0 +1,13 @@ +diff --git a/config.h.in b/config.h.in +index d16a997..8088a2a 100644 +--- a/config.h.in ++++ b/config.h.in +@@ -27,7 +27,7 @@ + #define TPM_STORAGE_NAME "${TPM_STORAGE_NAME}" + #define TPM_DEVICE_NAME "${TPM_DEVICE_NAME}" + #define TPM_LOG_FILE "${TPM_LOG_FILE}" +-#define TPM_CMD_BUF_SIZE 4096 ++#define TPM_CMD_BUF_SIZE 4088 + + #endif /* _CONFIG_H_ */ + diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch new file mode 100644 index 0000000000..5fee4e9a08 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch @@ -0,0 +1,21 @@ +--- + CMakeLists.txt | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +Index: tpm_emulator-x86_64/CMakeLists.txt +=================================================================== +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -40,10 +40,11 @@ set(TPM_STORAGE_NAME "/var/lib/tpm/tpm_e + set(TPM_DEVICE_NAME "/dev/tpm") + endif() + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/config.h.in ${CMAKE_CURRENT_BINARY_DIR}/config.h) +-add_definitions(-Wall -Werror -Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings) ++add_definitions(-Wall -Werror) + if("${CMAKE_SYSTEM}" MATCHES "Linux") + add_definitions(-Wextra) + endif() ++add_definitions(-Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings) + if(USE_OPENSSL) + add_definitions(-DUSE_OPENSSL) + endif() diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch new file mode 100644 index 0000000000..7b37d5120f --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch @@ -0,0 +1,127 @@ +diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c +index 69511d1..7545d51 100644 +--- a/tpm/tpm_cmd_handler.c ++++ b/tpm/tpm_cmd_handler.c +@@ -3347,12 +3347,13 @@ static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) + { + TPM_NONCE nonce; + TPM_RESULT res; +- UINT32 sigSize; +- BYTE *sig; ++ UINT32 quote_blob_size; ++ BYTE *quote_blob; + BYTE *ptr; + UINT32 len; + TPM_PCR_SELECTION myPCR; + TPM_PCR_SELECTION ptPCR; ++ UINT32 extraInfoFlags = 0; + + tpm_compute_in_param_digest(req); + +@@ -3361,17 +3362,19 @@ static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) + if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce) + || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &myPCR) + || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &ptPCR) ++ || tpm_unmarshal_TPM_DEEP_QUOTE_INFO(&ptr, &len, &extraInfoFlags) + || len != 0) return TPM_BAD_PARAMETER; + +- res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, &sigSize, &sig); ++ res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, extraInfoFlags, ++ "e_blob_size, "e_blob); + if (res != TPM_SUCCESS) return res; +- rsp->paramSize = len = sigSize; ++ rsp->paramSize = len = quote_blob_size; + rsp->param = ptr = tpm_malloc(len); +- if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) { ++ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, quote_blob, quote_blob_size)) { + tpm_free(rsp->param); + res = TPM_FAIL; + } +- tpm_free(sig); ++ tpm_free(quote_blob); + + return res; + } +diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h +index 328d1be..a56dd5f 100644 +--- a/tpm/tpm_commands.h ++++ b/tpm/tpm_commands.h +@@ -3077,6 +3077,7 @@ TPM_RESULT TPM_ParentSignEK( + * @myPCR: [in] PCR selection for the virtual TPM + * @ptPCR: [in] PCR selection for the hardware TPM + * @auth1: [in, out] Authorization protocol parameters ++ * @extraInfoFlags [in] Flags for including, kernel hash, group info, etc + * @sigSize: [out] The length of the returned digital signature + * @sig: [out] The resulting digital signature and PCR values + * Returns: TPM_SUCCESS on success, a TPM error code otherwise. +@@ -3086,6 +3087,7 @@ TPM_RESULT TPM_DeepQuote( + TPM_PCR_SELECTION *myPCR, + TPM_PCR_SELECTION *ptPCR, + TPM_AUTH *auth1, ++ UINT32 extraInfoFlags, + UINT32 *sigSize, + BYTE **sig + ); +diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c +index c0d62e7..6586c22 100644 +--- a/tpm/tpm_credentials.c ++++ b/tpm/tpm_credentials.c +@@ -183,7 +183,8 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_KEY_HANDLE keyHandle, TPM_AUTH *auth1, + + int endorsementKeyFresh = 0; + +-TPM_RESULT VTPM_GetParentQuote(TPM_DIGEST* data, TPM_PCR_SELECTION *sel, UINT32 *sigSize, BYTE **sig); ++TPM_RESULT VTPM_GetParentQuote(TPM_NONCE *data, TPM_PCR_SELECTION *sel, ++ UINT32 extraInfoFlags, UINT32 *sigSize, BYTE **sig); + + TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, + TPM_AUTH *auth1, UINT32 *sigSize, BYTE **sig) +@@ -191,7 +192,7 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, + TPM_PUBKEY pubKey; + TPM_RESULT res; + TPM_DIGEST hres; +- ++ UINT32 extraInfoFlags = 0; + info("TPM_ParentSignEK()"); + + res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); +@@ -206,7 +207,7 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, + res = TPM_FAIL; + + if (res == TPM_SUCCESS) +- res = VTPM_GetParentQuote(&hres, sel, sigSize, sig); ++ res = VTPM_GetParentQuote((TPM_NONCE*)&hres, sel, extraInfoFlags, sigSize, sig); + + free_TPM_PUBKEY(pubKey); + return res; +@@ -218,7 +219,7 @@ static const BYTE dquot_hdr[] = { + + TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, + TPM_PCR_SELECTION *ptPCR, TPM_AUTH *auth1, +- UINT32 *sigSize, BYTE **sig) ++ UINT32 extraInfoFlags, UINT32 *quote_blob_size, BYTE **quote_blob) + { + TPM_RESULT res; + TPM_DIGEST hres; +@@ -253,7 +254,7 @@ TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, + + tpm_free(buf); + +- res = VTPM_GetParentQuote(&hres, ptPCR, sigSize, sig); ++ res = VTPM_GetParentQuote((TPM_NONCE*)&hres, ptPCR, extraInfoFlags, quote_blob_size, quote_blob); + + return res; + } +diff --git a/tpm/tpm_marshalling.h b/tpm/tpm_marshalling.h +index d510ebe..2e0c008 100644 +--- a/tpm/tpm_marshalling.h ++++ b/tpm/tpm_marshalling.h +@@ -268,6 +268,8 @@ static inline int tpm_unmarshal_BOOL(BYTE **ptr, UINT32 *length, BOOL *v) + #define tpm_unmarshal_TPM_REDIR_COMMAND tpm_unmarshal_UINT32 + #define tpm_marshal_DAAHANDLE tpm_marshal_UINT32 + #define tpm_unmarshal_DAAHANDLE tpm_unmarshal_UINT32 ++#define tpm_marshal_TPM_DEEP_QUOTE_INFO tpm_marshal_UINT32 ++#define tpm_unmarshal_TPM_DEEP_QUOTE_INFO tpm_unmarshal_UINT32 + + int tpm_marshal_UINT32_ARRAY(BYTE **ptr, UINT32 *length, UINT32 *v, UINT32 n); + int tpm_unmarshal_UINT32_ARRAY(BYTE **ptr, UINT32 *length, UINT32 *v, UINT32 n); diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch new file mode 100644 index 0000000000..6344f38727 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch @@ -0,0 +1,187 @@ +diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c +index 0fabf98..69511d1 100644 +--- a/tpm/tpm_cmd_handler.c ++++ b/tpm/tpm_cmd_handler.c +@@ -3343,6 +3343,39 @@ static TPM_RESULT execute_TPM_ParentSignEK(TPM_REQUEST *req, TPM_RESPONSE *rsp) + return res; + } + ++static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) ++{ ++ TPM_NONCE nonce; ++ TPM_RESULT res; ++ UINT32 sigSize; ++ BYTE *sig; ++ BYTE *ptr; ++ UINT32 len; ++ TPM_PCR_SELECTION myPCR; ++ TPM_PCR_SELECTION ptPCR; ++ ++ tpm_compute_in_param_digest(req); ++ ++ ptr = req->param; ++ len = req->paramSize; ++ if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce) ++ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &myPCR) ++ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &ptPCR) ++ || len != 0) return TPM_BAD_PARAMETER; ++ ++ res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, &sigSize, &sig); ++ if (res != TPM_SUCCESS) return res; ++ rsp->paramSize = len = sigSize; ++ rsp->param = ptr = tpm_malloc(len); ++ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) { ++ tpm_free(rsp->param); ++ res = TPM_FAIL; ++ } ++ tpm_free(sig); ++ ++ return res; ++} ++ + static void tpm_setup_rsp_auth(TPM_COMMAND_CODE ordinal, TPM_RESPONSE *rsp) + { + tpm_hmac_ctx_t hmac; +@@ -4098,6 +4131,11 @@ void tpm_execute_command(TPM_REQUEST *req, TPM_RESPONSE *rsp) + res = execute_TPM_ParentSignEK(req, rsp); + break; + ++ case TPM_ORD_DeepQuote: ++ debug("[TPM_ORD_DeepQuote]"); ++ res = execute_TPM_DeepQuote(req, rsp); ++ break; ++ + default: + #ifdef MTM_EMULATOR + res = mtm_execute_command(req, rsp); +diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h +index 7fef934..328d1be 100644 +--- a/tpm/tpm_commands.h ++++ b/tpm/tpm_commands.h +@@ -3071,6 +3071,25 @@ TPM_RESULT TPM_ParentSignEK( + BYTE **sig + ); + ++/** ++ * TPM_DeepQuote - gets a hardware TPM quote of a vTPM's PCRs ++ * @externalData: [in] AntiReplay nonce to prevent replay of messages ++ * @myPCR: [in] PCR selection for the virtual TPM ++ * @ptPCR: [in] PCR selection for the hardware TPM ++ * @auth1: [in, out] Authorization protocol parameters ++ * @sigSize: [out] The length of the returned digital signature ++ * @sig: [out] The resulting digital signature and PCR values ++ * Returns: TPM_SUCCESS on success, a TPM error code otherwise. ++ */ ++TPM_RESULT TPM_DeepQuote( ++ TPM_NONCE *externalData, ++ TPM_PCR_SELECTION *myPCR, ++ TPM_PCR_SELECTION *ptPCR, ++ TPM_AUTH *auth1, ++ UINT32 *sigSize, ++ BYTE **sig ++); ++ + /* + * Error handling + * [tpm_error.c] +diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c +index 01f29e6..c0d62e7 100644 +--- a/tpm/tpm_credentials.c ++++ b/tpm/tpm_credentials.c +@@ -211,3 +211,49 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, + free_TPM_PUBKEY(pubKey); + return res; + } ++ ++static const BYTE dquot_hdr[] = { ++ 0, 0, 0, 0, 'D', 'Q', 'U', 'T' ++}; ++ ++TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, ++ TPM_PCR_SELECTION *ptPCR, TPM_AUTH *auth1, ++ UINT32 *sigSize, BYTE **sig) ++{ ++ TPM_RESULT res; ++ TPM_DIGEST hres; ++ TPM_PCR_INFO_SHORT pcrData; ++ tpm_sha1_ctx_t ctx; ++ BYTE *buf, *ptr; ++ UINT32 size, len; ++ ++ info("TPM_DeepQuote()"); ++ ++ res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); ++ if (res != TPM_SUCCESS) return res; ++ ++ res = tpm_compute_pcr_digest(myPCR, &pcrData.digestAtRelease, NULL); ++ if (res != TPM_SUCCESS) return res; ++ ++ pcrData.pcrSelection.sizeOfSelect = myPCR->sizeOfSelect; ++ memcpy(pcrData.pcrSelection.pcrSelect, myPCR->pcrSelect, myPCR->sizeOfSelect); ++ pcrData.localityAtRelease = 1 << tpmData.stany.flags.localityModifier; ++ ++ size = len = sizeof_TPM_PCR_INFO_SHORT(pcrData); ++ buf = ptr = tpm_malloc(size); ++ if (buf == NULL) return TPM_NOSPACE; ++ if (tpm_marshal_TPM_PCR_INFO_SHORT(&ptr, &len, &pcrData)) ++ return TPM_FAIL; ++ ++ tpm_sha1_init(&ctx); ++ tpm_sha1_update(&ctx, dquot_hdr, 8); ++ tpm_sha1_update(&ctx, externalData->nonce, 20); ++ tpm_sha1_update(&ctx, buf, size); ++ tpm_sha1_final(&ctx, hres.digest); ++ ++ tpm_free(buf); ++ ++ res = VTPM_GetParentQuote(&hres, ptPCR, sigSize, sig); ++ ++ return res; ++} +diff --git a/tpm/tpm_structures.h b/tpm/tpm_structures.h +index b0f4625..dfb1894 100644 +--- a/tpm/tpm_structures.h ++++ b/tpm/tpm_structures.h +@@ -660,6 +660,42 @@ typedef struct tdTPM_CMK_MA_APPROVAL { + + /* VTPM-only commands: */ + /* ++ * Deep Quote - Create quote of PCRs ++ * Input: ++ * TPM_TAG tag TPM_TAG_RQU_AUTH1_COMMAND ++ * UINT32 paramSize Total size of request ++ * TPM_COMMAND_CODE ordinal TPM_ORD_DeepQuote ++ * TPM_NONCE externData 20 bytes of external data ++ * TPM_PCR_SELECTION vtSel PCR selection for virtual TPM ++ * TPM_PCR_SELECTION ptSel PCR selection for physical TPM ++ * --- ++ * UINT32 authHandle Owner authorization session (OIAP) ++ * TPM_NONCE nonceOdd Nonce for authHandle ++ * BOOL continueAuth Continue flag for authHandle ++ * TPM_AUTHDATA privAuth Authorization digest for command ++ * ++ * Output: ++ * TPM_TAG tag TPM_TAG_RSP_AUTH1_COMMAND ++ * UINT32 paramSize Total size of response ++ * TPM_RESULT returnCode Return code of the operation ++ * BYTE[] sig Signature provided by physical TPM ++ * TPM_PCRVALUE[] pcrValue Values of hardware PCRs used in the quote ++ * --- ++ * TPM_NONCE nonceEven Nonce for authHandle ++ * BOOL continueAuth Continue flag for authHandle ++ * TPM_AUTHDATA resAuth Authorization digest for response ++ * ++ * The values of the virutal TPM's PCRs are not included in the response. ++ * The signature is a standard TPM_Quote response from the physical TPM; its ++ * externalData is the SHA1 hash of the following structure: ++ * TPM_STRUCT_VER version MUST be 0.0.0.0 ++ * BYTE[4] fixed MUST be the string "DQUT" ++ * TPM_NONCE externData From input to the deep quote ++ * TPM_PCR_INFO_SHORT pcrData Virtual TPM's PCRs ++ */ ++#define TPM_ORD_DeepQuote (TPM_VENDOR_COMMAND | TPM_ORD_Quote) ++ ++/* + * ParentSignEK - Proof of fresh provisioning and EK value + * + * Input: diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch new file mode 100644 index 0000000000..e95d41fc7e --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch @@ -0,0 +1,10 @@ +--- a/tpm/tpm_cmd_handler.c.orig 2017-04-27 13:37:14.408000000 +0200 ++++ b/tpm/tpm_cmd_handler.c 2017-04-27 13:39:53.585000000 +0200 +@@ -3397,6 +3397,7 @@ + sizeof(rsp->auth2->nonceOdd.nonce)); + tpm_hmac_update(&hmac, (BYTE*)&rsp->auth2->continueAuthSession, 1); + tpm_hmac_final(&hmac, rsp->auth2->auth); ++ /* fall-thru */ + case TPM_TAG_RSP_AUTH1_COMMAND: + tpm_hmac_init(&hmac, rsp->auth1->secret, sizeof(rsp->auth1->secret)); + tpm_hmac_update(&hmac, rsp->auth1->digest, sizeof(rsp->auth1->digest)); diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch new file mode 100644 index 0000000000..8ab7dea67e --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch @@ -0,0 +1,50 @@ +diff --git a/tpm/tpm_capability.c b/tpm/tpm_capability.c +index 60bbb90..f8f7f0f 100644 +--- a/tpm/tpm_capability.c ++++ b/tpm/tpm_capability.c +@@ -949,6 +949,8 @@ static TPM_RESULT set_vendor(UINT32 subCap, BYTE *setValue, + UINT32 setValueSize, BOOL ownerAuth, + BOOL deactivated, BOOL disabled) + { ++ if (tpmData.stany.flags.localityModifier != 8) ++ return TPM_BAD_PARAMETER; + /* set the capability area with the specified data, on failure + deactivate the TPM */ + switch (subCap) { +diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c +index 288d1ce..9e1cfb4 100644 +--- a/tpm/tpm_cmd_handler.c ++++ b/tpm/tpm_cmd_handler.c +@@ -4132,7 +4132,7 @@ void tpm_emulator_shutdown() + tpm_extern_release(); + } + +-int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size) ++int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size, int locality) + { + TPM_REQUEST req; + TPM_RESPONSE rsp; +@@ -4140,7 +4140,9 @@ int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint3 + UINT32 len; + BOOL free_out; + +- debug("tpm_handle_command()"); ++ debug("tpm_handle_command(%d)", locality); ++ if (locality != -1) ++ tpmData.stany.flags.localityModifier = locality; + + /* we need the whole packet at once, otherwise unmarshalling will fail */ + if (tpm_unmarshal_TPM_REQUEST((uint8_t**)&in, &in_size, &req) != 0) { +diff --git a/tpm/tpm_emulator.h b/tpm/tpm_emulator.h +index eed749e..4c228bd 100644 +--- a/tpm/tpm_emulator.h ++++ b/tpm/tpm_emulator.h +@@ -59,7 +59,7 @@ void tpm_emulator_shutdown(void); + * its usage. In case of an error, all internally allocated memory + * is released and the the state of out and out_size is unspecified. + */ +-int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size); ++int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size, int locality); + + #endif /* _TPM_EMULATOR_H_ */ + diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch new file mode 100644 index 0000000000..14e66eee43 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch @@ -0,0 +1,196 @@ +diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c +index 9e1cfb4..0fabf98 100644 +--- a/tpm/tpm_cmd_handler.c ++++ b/tpm/tpm_cmd_handler.c +@@ -3312,6 +3312,37 @@ static TPM_RESULT execute_TPM_OwnerReadPubek(TPM_REQUEST *req, TPM_RESPONSE *rsp + return res; + } + ++static TPM_RESULT execute_TPM_ParentSignEK(TPM_REQUEST *req, TPM_RESPONSE *rsp) ++{ ++ TPM_NONCE nonce; ++ TPM_RESULT res; ++ UINT32 sigSize; ++ BYTE *sig; ++ BYTE *ptr; ++ UINT32 len; ++ TPM_PCR_SELECTION targetPCR; ++ ++ tpm_compute_in_param_digest(req); ++ ++ ptr = req->param; ++ len = req->paramSize; ++ if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce) ++ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &targetPCR) ++ || len != 0) return TPM_BAD_PARAMETER; ++ ++ res = TPM_ParentSignEK(&nonce, &targetPCR, &req->auth1, &sigSize, &sig); ++ if (res != TPM_SUCCESS) return res; ++ rsp->paramSize = len = sigSize; ++ rsp->param = ptr = tpm_malloc(len); ++ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) { ++ tpm_free(rsp->param); ++ res = TPM_FAIL; ++ } ++ tpm_free(sig); ++ ++ return res; ++} ++ + static void tpm_setup_rsp_auth(TPM_COMMAND_CODE ordinal, TPM_RESPONSE *rsp) + { + tpm_hmac_ctx_t hmac; +@@ -4062,6 +4093,11 @@ void tpm_execute_command(TPM_REQUEST *req, TPM_RESPONSE *rsp) + res = execute_TPM_OwnerReadPubek(req, rsp); + break; + ++ case TPM_ORD_ParentSignEK: ++ debug("[TPM_ORD_ParentSignEK]"); ++ res = execute_TPM_ParentSignEK(req, rsp); ++ break; ++ + default: + #ifdef MTM_EMULATOR + res = mtm_execute_command(req, rsp); +diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h +index a7666f6..7fef934 100644 +--- a/tpm/tpm_commands.h ++++ b/tpm/tpm_commands.h +@@ -3054,6 +3054,23 @@ TPM_RESULT TPM_OwnerReadPubek( + TPM_PUBKEY *pubEndorsementKey + ); + ++/** ++ * TPM_ParentSignEK - gets a hardware TPM quote of a vTPM's EK ++ * @externalData: [in] AntiReplay nonce to prevent replay of messages ++ * @sel: [in] PCR selection for the hardware TPM's quote ++ * @auth1: [in, out] Authorization protocol parameters ++ * @sigSize: [out] The length of the returned digital signature ++ * @sig: [out] The resulting digital signature and PCR values ++ * Returns: TPM_SUCCESS on success, a TPM error code otherwise. ++ */ ++TPM_RESULT TPM_ParentSignEK( ++ TPM_NONCE *externalData, ++ TPM_PCR_SELECTION *sel, ++ TPM_AUTH *auth1, ++ UINT32 *sigSize, ++ BYTE **sig ++); ++ + /* + * Error handling + * [tpm_error.c] +diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c +index 9cd64af..01f29e6 100644 +--- a/tpm/tpm_credentials.c ++++ b/tpm/tpm_credentials.c +@@ -180,3 +180,34 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_KEY_HANDLE keyHandle, TPM_AUTH *auth1, + return TPM_BAD_PARAMETER; + } + } ++ ++int endorsementKeyFresh = 0; ++ ++TPM_RESULT VTPM_GetParentQuote(TPM_DIGEST* data, TPM_PCR_SELECTION *sel, UINT32 *sigSize, BYTE **sig); ++ ++TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, ++ TPM_AUTH *auth1, UINT32 *sigSize, BYTE **sig) ++{ ++ TPM_PUBKEY pubKey; ++ TPM_RESULT res; ++ TPM_DIGEST hres; ++ ++ info("TPM_ParentSignEK()"); ++ ++ res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); ++ if (res != TPM_SUCCESS) return res; ++ ++ if (!endorsementKeyFresh) return TPM_DISABLED_CMD; ++ ++ res = tpm_get_pubek(&pubKey); ++ if (res != TPM_SUCCESS) return res; ++ ++ if (tpm_compute_pubkey_checksum(externalData, &pubKey, &hres)) ++ res = TPM_FAIL; ++ ++ if (res == TPM_SUCCESS) ++ res = VTPM_GetParentQuote(&hres, sel, sigSize, sig); ++ ++ free_TPM_PUBKEY(pubKey); ++ return res; ++} +diff --git a/tpm/tpm_data.c b/tpm/tpm_data.c +index 50c9697..6a0c499 100644 +--- a/tpm/tpm_data.c ++++ b/tpm/tpm_data.c +@@ -76,6 +76,8 @@ static void init_timeouts(void) + tpmData.permanent.data.cmd_durations[2] = 1000; + } + ++extern int endorsementKeyFresh; ++ + void tpm_init_data(void) + { + /* endorsement key */ +@@ -157,6 +159,7 @@ void tpm_init_data(void) + if (tpmConf & TPM_CONF_GENERATE_EK) { + /* generate a new endorsement key */ + tpm_rsa_generate_key(&tpmData.permanent.data.endorsementKey, 2048); ++ endorsementKeyFresh = 1; + } else { + /* setup endorsement key */ + tpm_rsa_import_key(&tpmData.permanent.data.endorsementKey, +diff --git a/tpm/tpm_structures.h b/tpm/tpm_structures.h +index f746c05..b0f4625 100644 +--- a/tpm/tpm_structures.h ++++ b/tpm/tpm_structures.h +@@ -658,6 +658,49 @@ typedef struct tdTPM_CMK_MA_APPROVAL { + #define TPM_ORD_TickStampBlob 242 + #define TPM_ORD_MAX 256 + ++/* VTPM-only commands: */ ++/* ++ * ParentSignEK - Proof of fresh provisioning and EK value ++ * ++ * Input: ++ * TPM_TAG tag TPM_TAG_RQU_AUTH1_COMMAND ++ * UINT32 paramSize Total size of request ++ * TPM_COMMAND_CODE ordinal TPM_ORD_ParentSignEK ++ * TPM_NONCE externData 20 bytes of external data ++ * TPM_PCR_SELECTION ptSel PCR selection for physical TPM ++ * --- ++ * UINT32 authHandle Owner authorization session (OIAP) ++ * TPM_NONCE nonceOdd Nonce for authHandle ++ * BOOL continueAuth Continue flag for authHandle ++ * TPM_AUTHDATA privAuth Authorization digest for command ++ * ++ * Output: ++ * TPM_TAG tag TPM_TAG_RSP_AUTH1_COMMAND ++ * UINT32 paramSize Total size of response ++ * TPM_RESULT returnCode Return code of the operation ++ * BYTE[] sig Signature provided by physical TPM ++ * TPM_PCRVALUE[] pcrValue Values of hardware PCRs used in the quote ++ * --- ++ * TPM_NONCE nonceEven Nonce for authHandle ++ * BOOL continueAuth Continue flag for authHandle ++ * TPM_AUTHDATA resAuth Authorization digest for response ++ * ++ * This command is only valid on the first boot of a vTPM; on any subsequent ++ * boot, the command returns TPM_DISABLED_CMD. It is intended to be used to ++ * provide evidence of proper platform configuration to the verifier/CA which is ++ * responsible for the creation of the vTPM's endorsement credential, which will ++ * be used on subsequent boots to certify AIKs via the usual Privacy CA protocol. ++ * ++ * The values of the virtual TPM's PCRs are not included in the response. ++ * The signature is a standard TPM_Quote response from the physical TPM; its ++ * externalData is the SHA1 hash of the following structure: ++ * TPM_PUBKEY pubEK The vTPM's public EK ++ * TPM_NONCE externData From input to the deep quote ++ * ++ * This structure was chosen to match the return of TPM_ReadPubek ++ */ ++#define TPM_ORD_ParentSignEK (TPM_VENDOR_COMMAND | TPM_ORD_ReadPubek) ++ + /* + * TCS Ordinals ([TPM_Part2], Section 17.1) + * diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa246-4.9.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa246-4.9.patch new file mode 100644 index 0000000000..6370a10625 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa246-4.9.patch @@ -0,0 +1,74 @@ +From: Julien Grall <julien.grall@linaro.org> +Subject: x86/pod: prevent infinite loop when shattering large pages + +When populating pages, the PoD may need to split large ones using +p2m_set_entry and request the caller to retry (see ept_get_entry for +instance). + +p2m_set_entry may fail to shatter if it is not possible to allocate +memory for the new page table. However, the error is not propagated +resulting to the callers to retry infinitely the PoD. + +Prevent the infinite loop by return false when it is not possible to +shatter the large mapping. + +This is XSA-246. + +Signed-off-by: Julien Grall <julien.grall@linaro.org> +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: George Dunlap <george.dunlap@citrix.com> + +--- a/xen/arch/x86/mm/p2m-pod.c ++++ b/xen/arch/x86/mm/p2m-pod.c +@@ -1071,9 +1071,8 @@ p2m_pod_demand_populate(struct p2m_domai + * NOTE: In a fine-grained p2m locking scenario this operation + * may need to promote its locking from gfn->1g superpage + */ +- p2m_set_entry(p2m, gfn_aligned, INVALID_MFN, PAGE_ORDER_2M, +- p2m_populate_on_demand, p2m->default_access); +- return 0; ++ return p2m_set_entry(p2m, gfn_aligned, INVALID_MFN, PAGE_ORDER_2M, ++ p2m_populate_on_demand, p2m->default_access); + } + + /* Only reclaim if we're in actual need of more cache. */ +@@ -1104,8 +1103,12 @@ p2m_pod_demand_populate(struct p2m_domai + + gfn_aligned = (gfn >> order) << order; + +- p2m_set_entry(p2m, gfn_aligned, mfn, order, p2m_ram_rw, +- p2m->default_access); ++ if ( p2m_set_entry(p2m, gfn_aligned, mfn, order, p2m_ram_rw, ++ p2m->default_access) ) ++ { ++ p2m_pod_cache_add(p2m, p, order); ++ goto out_fail; ++ } + + for( i = 0; i < (1UL << order); i++ ) + { +@@ -1150,13 +1153,18 @@ remap_and_retry: + BUG_ON(order != PAGE_ORDER_2M); + pod_unlock(p2m); + +- /* Remap this 2-meg region in singleton chunks */ +- /* NOTE: In a p2m fine-grained lock scenario this might +- * need promoting the gfn lock from gfn->2M superpage */ ++ /* ++ * Remap this 2-meg region in singleton chunks. See the comment on the ++ * 1G page splitting path above for why a single call suffices. ++ * ++ * NOTE: In a p2m fine-grained lock scenario this might ++ * need promoting the gfn lock from gfn->2M superpage. ++ */ + gfn_aligned = (gfn>>order)<<order; +- for(i=0; i<(1<<order); i++) +- p2m_set_entry(p2m, gfn_aligned + i, INVALID_MFN, PAGE_ORDER_4K, +- p2m_populate_on_demand, p2m->default_access); ++ if ( p2m_set_entry(p2m, gfn_aligned, INVALID_MFN, PAGE_ORDER_4K, ++ p2m_populate_on_demand, p2m->default_access) ) ++ return -1; ++ + if ( tb_init_done ) + { + struct { diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa248.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa248.patch new file mode 100644 index 0000000000..966c16e043 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa248.patch @@ -0,0 +1,164 @@ +From: Jan Beulich <jbeulich@suse.com> +Subject: x86/mm: don't wrongly set page ownership + +PV domains can obtain mappings of any pages owned by the correct domain, +including ones that aren't actually assigned as "normal" RAM, but used +by Xen internally. At the moment such "internal" pages marked as owned +by a guest include pages used to track logdirty bits, as well as p2m +pages and the "unpaged pagetable" for HVM guests. Since the PV memory +management and shadow code conflict in their use of struct page_info +fields, and since shadow code is being used for log-dirty handling for +PV domains, pages coming from the shadow pool must, for PV domains, not +have the domain set as their owner. + +While the change could be done conditionally for just the PV case in +shadow code, do it unconditionally (and for consistency also for HAP), +just to be on the safe side. + +There's one special case though for shadow code: The page table used for +running a HVM guest in unpaged mode is subject to get_page() (in +set_shadow_status()) and hence must have its owner set. + +This is XSA-248. + +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: Tim Deegan <tim@xen.org> +Reviewed-by: George Dunlap <george.dunlap@citrix.com> +--- +v2: Drop PGC_page_table related pieces. + +--- a/xen/arch/x86/mm/hap/hap.c ++++ b/xen/arch/x86/mm/hap/hap.c +@@ -286,8 +286,7 @@ static struct page_info *hap_alloc_p2m_p + { + d->arch.paging.hap.total_pages--; + d->arch.paging.hap.p2m_pages++; +- page_set_owner(pg, d); +- pg->count_info |= 1; ++ ASSERT(!page_get_owner(pg) && !(pg->count_info & PGC_count_mask)); + } + else if ( !d->arch.paging.p2m_alloc_failed ) + { +@@ -302,21 +301,23 @@ static struct page_info *hap_alloc_p2m_p + + static void hap_free_p2m_page(struct domain *d, struct page_info *pg) + { ++ struct domain *owner = page_get_owner(pg); ++ + /* This is called both from the p2m code (which never holds the + * paging lock) and the log-dirty code (which always does). */ + paging_lock_recursive(d); + +- ASSERT(page_get_owner(pg) == d); +- /* Should have just the one ref we gave it in alloc_p2m_page() */ +- if ( (pg->count_info & PGC_count_mask) != 1 ) { +- HAP_ERROR("Odd p2m page %p count c=%#lx t=%"PRtype_info"\n", +- pg, pg->count_info, pg->u.inuse.type_info); ++ /* Should still have no owner and count zero. */ ++ if ( owner || (pg->count_info & PGC_count_mask) ) ++ { ++ HAP_ERROR("d%d: Odd p2m page %"PRI_mfn" d=%d c=%lx t=%"PRtype_info"\n", ++ d->domain_id, mfn_x(page_to_mfn(pg)), ++ owner ? owner->domain_id : DOMID_INVALID, ++ pg->count_info, pg->u.inuse.type_info); + WARN(); ++ pg->count_info &= ~PGC_count_mask; ++ page_set_owner(pg, NULL); + } +- pg->count_info &= ~PGC_count_mask; +- /* Free should not decrement domain's total allocation, since +- * these pages were allocated without an owner. */ +- page_set_owner(pg, NULL); + d->arch.paging.hap.p2m_pages--; + d->arch.paging.hap.total_pages++; + hap_free(d, page_to_mfn(pg)); +--- a/xen/arch/x86/mm/shadow/common.c ++++ b/xen/arch/x86/mm/shadow/common.c +@@ -1503,32 +1503,29 @@ shadow_alloc_p2m_page(struct domain *d) + pg = mfn_to_page(shadow_alloc(d, SH_type_p2m_table, 0)); + d->arch.paging.shadow.p2m_pages++; + d->arch.paging.shadow.total_pages--; ++ ASSERT(!page_get_owner(pg) && !(pg->count_info & PGC_count_mask)); + + paging_unlock(d); + +- /* Unlike shadow pages, mark p2m pages as owned by the domain. +- * Marking the domain as the owner would normally allow the guest to +- * create mappings of these pages, but these p2m pages will never be +- * in the domain's guest-physical address space, and so that is not +- * believed to be a concern. */ +- page_set_owner(pg, d); +- pg->count_info |= 1; + return pg; + } + + static void + shadow_free_p2m_page(struct domain *d, struct page_info *pg) + { +- ASSERT(page_get_owner(pg) == d); +- /* Should have just the one ref we gave it in alloc_p2m_page() */ +- if ( (pg->count_info & PGC_count_mask) != 1 ) ++ struct domain *owner = page_get_owner(pg); ++ ++ /* Should still have no owner and count zero. */ ++ if ( owner || (pg->count_info & PGC_count_mask) ) + { +- SHADOW_ERROR("Odd p2m page count c=%#lx t=%"PRtype_info"\n", ++ SHADOW_ERROR("d%d: Odd p2m page %"PRI_mfn" d=%d c=%lx t=%"PRtype_info"\n", ++ d->domain_id, mfn_x(page_to_mfn(pg)), ++ owner ? owner->domain_id : DOMID_INVALID, + pg->count_info, pg->u.inuse.type_info); ++ pg->count_info &= ~PGC_count_mask; ++ page_set_owner(pg, NULL); + } +- pg->count_info &= ~PGC_count_mask; + pg->u.sh.type = SH_type_p2m_table; /* p2m code reuses type-info */ +- page_set_owner(pg, NULL); + + /* This is called both from the p2m code (which never holds the + * paging lock) and the log-dirty code (which always does). */ +@@ -3132,7 +3129,9 @@ int shadow_enable(struct domain *d, u32 + e = __map_domain_page(pg); + write_32bit_pse_identmap(e); + unmap_domain_page(e); ++ pg->count_info = 1; + pg->u.inuse.type_info = PGT_l2_page_table | 1 | PGT_validated; ++ page_set_owner(pg, d); + } + + paging_lock(d); +@@ -3170,7 +3169,11 @@ int shadow_enable(struct domain *d, u32 + if ( rv != 0 && !pagetable_is_null(p2m_get_pagetable(p2m)) ) + p2m_teardown(p2m); + if ( rv != 0 && pg != NULL ) ++ { ++ pg->count_info &= ~PGC_count_mask; ++ page_set_owner(pg, NULL); + shadow_free_p2m_page(d, pg); ++ } + domain_unpause(d); + return rv; + } +@@ -3279,7 +3282,22 @@ out: + + /* Must be called outside the lock */ + if ( unpaged_pagetable ) ++ { ++ if ( page_get_owner(unpaged_pagetable) == d && ++ (unpaged_pagetable->count_info & PGC_count_mask) == 1 ) ++ { ++ unpaged_pagetable->count_info &= ~PGC_count_mask; ++ page_set_owner(unpaged_pagetable, NULL); ++ } ++ /* Complain here in cases where shadow_free_p2m_page() won't. */ ++ else if ( !page_get_owner(unpaged_pagetable) && ++ !(unpaged_pagetable->count_info & PGC_count_mask) ) ++ SHADOW_ERROR("d%d: Odd unpaged pt %"PRI_mfn" c=%lx t=%"PRtype_info"\n", ++ d->domain_id, mfn_x(page_to_mfn(unpaged_pagetable)), ++ unpaged_pagetable->count_info, ++ unpaged_pagetable->u.inuse.type_info); + shadow_free_p2m_page(d, unpaged_pagetable); ++ } + } + + void shadow_final_teardown(struct domain *d) diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa249.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa249.patch new file mode 100644 index 0000000000..ecfa4305e5 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa249.patch @@ -0,0 +1,42 @@ +From: Jan Beulich <jbeulich@suse.com> +Subject: x86/shadow: fix refcount overflow check + +Commit c385d27079 ("x86 shadow: for multi-page shadows, explicitly track +the first page") reduced the refcount width to 25, without adjusting the +overflow check. Eliminate the disconnect by using a manifest constant. + +Interestingly, up to commit 047782fa01 ("Out-of-sync L1 shadows: OOS +snapshot") the refcount was 27 bits wide, yet the check was already +using 26. + +This is XSA-249. + +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: George Dunlap <george.dunlap@citrix.com> +Reviewed-by: Tim Deegan <tim@xen.org> +--- +v2: Simplify expression back to the style it was. + +--- a/xen/arch/x86/mm/shadow/private.h ++++ b/xen/arch/x86/mm/shadow/private.h +@@ -529,7 +529,7 @@ static inline int sh_get_ref(struct doma + x = sp->u.sh.count; + nx = x + 1; + +- if ( unlikely(nx >= 1U<<26) ) ++ if ( unlikely(nx >= (1U << PAGE_SH_REFCOUNT_WIDTH)) ) + { + SHADOW_PRINTK("shadow ref overflow, gmfn=%lx smfn=%lx\n", + __backpointer(sp), mfn_x(smfn)); +--- a/xen/include/asm-x86/mm.h ++++ b/xen/include/asm-x86/mm.h +@@ -82,7 +82,8 @@ struct page_info + unsigned long type:5; /* What kind of shadow is this? */ + unsigned long pinned:1; /* Is the shadow pinned? */ + unsigned long head:1; /* Is this the first page of the shadow? */ +- unsigned long count:25; /* Reference count */ ++#define PAGE_SH_REFCOUNT_WIDTH 25 ++ unsigned long count:PAGE_SH_REFCOUNT_WIDTH; /* Reference count */ + } sh; + + /* Page is on a free list: ((count_info & PGC_count_mask) == 0). */ diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa250.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa250.patch new file mode 100644 index 0000000000..26aeb33fed --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa250.patch @@ -0,0 +1,67 @@ +From: Jan Beulich <jbeulich@suse.com> +Subject: x86/shadow: fix ref-counting error handling + +The old-Linux handling in shadow_set_l4e() mistakenly ORed together the +results of sh_get_ref() and sh_pin(). As the latter failing is not a +correctness problem, simply ignore its return value. + +In sh_set_toplevel_shadow() a failing sh_get_ref() must not be +accompanied by installing the entry, despite the domain being crashed. + +This is XSA-250. + +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: Tim Deegan <tim@xen.org> + +--- a/xen/arch/x86/mm/shadow/multi.c ++++ b/xen/arch/x86/mm/shadow/multi.c +@@ -923,7 +923,7 @@ static int shadow_set_l4e(struct domain + shadow_l4e_t new_sl4e, + mfn_t sl4mfn) + { +- int flags = 0, ok; ++ int flags = 0; + shadow_l4e_t old_sl4e; + paddr_t paddr; + ASSERT(sl4e != NULL); +@@ -938,15 +938,16 @@ static int shadow_set_l4e(struct domain + { + /* About to install a new reference */ + mfn_t sl3mfn = shadow_l4e_get_mfn(new_sl4e); +- ok = sh_get_ref(d, sl3mfn, paddr); +- /* Are we pinning l3 shadows to handle wierd linux behaviour? */ +- if ( sh_type_is_pinnable(d, SH_type_l3_64_shadow) ) +- ok |= sh_pin(d, sl3mfn); +- if ( !ok ) ++ ++ if ( !sh_get_ref(d, sl3mfn, paddr) ) + { + domain_crash(d); + return SHADOW_SET_ERROR; + } ++ ++ /* Are we pinning l3 shadows to handle weird Linux behaviour? */ ++ if ( sh_type_is_pinnable(d, SH_type_l3_64_shadow) ) ++ sh_pin(d, sl3mfn); + } + + /* Write the new entry */ +@@ -3965,14 +3966,15 @@ sh_set_toplevel_shadow(struct vcpu *v, + + /* Take a ref to this page: it will be released in sh_detach_old_tables() + * or the next call to set_toplevel_shadow() */ +- if ( !sh_get_ref(d, smfn, 0) ) ++ if ( sh_get_ref(d, smfn, 0) ) ++ new_entry = pagetable_from_mfn(smfn); ++ else + { + SHADOW_ERROR("can't install %#lx as toplevel shadow\n", mfn_x(smfn)); + domain_crash(d); ++ new_entry = pagetable_null(); + } + +- new_entry = pagetable_from_mfn(smfn); +- + install_new_entry: + /* Done. Install it */ + SHADOW_PRINTK("%u/%u [%u] gmfn %#"PRI_mfn" smfn %#"PRI_mfn"\n", diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa251.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa251.patch new file mode 100644 index 0000000000..582ef622eb --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa251.patch @@ -0,0 +1,21 @@ +From: Jan Beulich <jbeulich@suse.com> +Subject: x86/paging: don't unconditionally BUG() on finding SHARED_M2P_ENTRY + +PV guests can fully control the values written into the P2M. + +This is XSA-251. + +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> + +--- a/xen/arch/x86/mm/paging.c ++++ b/xen/arch/x86/mm/paging.c +@@ -274,7 +274,7 @@ void paging_mark_pfn_dirty(struct domain + return; + + /* Shared MFNs should NEVER be marked dirty */ +- BUG_ON(SHARED_M2P(pfn_x(pfn))); ++ BUG_ON(paging_mode_translate(d) && SHARED_M2P(pfn_x(pfn))); + + /* + * Values with the MSB set denote MFNs that aren't really part of the diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa253.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa253.patch new file mode 100644 index 0000000000..19e4269358 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa253.patch @@ -0,0 +1,26 @@ +From: Andrew Cooper <andrew.cooper3@citrix.com> +Subject: x86/msr: Free msr_vcpu_policy during vcpu destruction + +c/s 4187f79dc7 "x86/msr: introduce struct msr_vcpu_policy" introduced a +per-vcpu memory allocation, but failed to free it in the clean vcpu +destruction case. + +This is XSA-253 + +Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> +Reviewed-by: Jan Beulich <jbeulich@suse.com> + +diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c +index b17468c..0ae715d 100644 +--- a/xen/arch/x86/domain.c ++++ b/xen/arch/x86/domain.c +@@ -382,6 +382,9 @@ void vcpu_destroy(struct vcpu *v) + + vcpu_destroy_fpu(v); + ++ xfree(v->arch.msr); ++ v->arch.msr = NULL; ++ + if ( !is_idle_domain(v->domain) ) + vpmu_destroy(v); + diff --git a/import-layers/meta-virtualization/recipes-extended/xen/lwip.inc b/import-layers/meta-virtualization/recipes-extended/xen/lwip.inc new file mode 100644 index 0000000000..e083633261 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/lwip.inc @@ -0,0 +1,24 @@ +# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +require stubdom.inc + +# clear this out to break dependency circle +DEPENDS = "" + +# Nothing to configure or compile +# For stubdoms, lwip is basically a source package with a couple of patches applied. +do_configure[noexec] = "1" +do_compile[noexec] = "1" + +# needed because this directory isn't typically part of a sysroot +SYSROOT_DIRS += "${prefix}/lwip" + +FILES_${PN} = "\ + ${prefix} \ +" + +do_install() { + install -d ${D}${prefix}/lwip + cp -r -t ${D}${prefix}/lwip ${S}/src/* +} diff --git a/import-layers/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb new file mode 100644 index 0000000000..b7d8e95dca --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb @@ -0,0 +1,19 @@ +# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +DESCRIPTION = "LWIP" +HOMEPAGE = "https://savannah.nongnu.org/projects/lwip" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=59a383b05013356e0c9899b06dc5da3f" + +SRCREV_lwip = "bcb4afa886408bf0a1dde9c2a4a00323c8b07eb1" +SRC_URI = "\ + git://git.savannah.gnu.org/lwip.git;protocol=git;nobranch=1;destsuffix=lwip;name=lwip \ + file://lwip.patch-cvs \ + file://lwip.dhcp_create_request-hwaddr_len.patch \ +" + +S="${WORKDIR}/${PN}" +B="${S}" + +require lwip.inc diff --git a/import-layers/meta-virtualization/recipes-extended/xen/mini-os.inc b/import-layers/meta-virtualization/recipes-extended/xen/mini-os.inc new file mode 100644 index 0000000000..61c2704176 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/mini-os.inc @@ -0,0 +1,28 @@ +# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +require stubdom.inc + +# clear this out to break dependency circle +DEPENDS = "" + +do_configure() { + ${MAKE} -C ${WORKDIR}/mini-os links +} + +# Nothing to configure or compile +do_compile[noexec] = "1" + +# needed because this directory isn't typically part of a sysroot +SYSROOT_DIRS += "${prefix}/mini-os" +RDEPENDS_${PN}-dev = "perl" + +FILES_${PN}-dev = "\ + ${prefix} \ +" + +do_install() { + install -d ${D}${prefix}/mini-os + cp -r -t ${D}${prefix}/mini-os ${S}/* + rm -rf ${D}${prefix}/mini-os/scripts +} diff --git a/import-layers/meta-virtualization/recipes-extended/xen/mini-os_4.9.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/mini-os_4.9.0.bb new file mode 100644 index 0000000000..298bc8df6e --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/mini-os_4.9.0.bb @@ -0,0 +1,18 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +DESCRIPTION = "Mini-OS is a tiny OS kernel distributed with the Xen Project" +HOMEPAGE = "https://wiki.xenproject.org/wiki/Mini-OS" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=8a437231894440a8f7629caa372243d0" + +# git commit hash for tags: xen-RELEASE-4.9.0, xen-RELEASE-4.9.1, xen-RELEASE-4.9.2 +SRCREV_minios = "ca013fa9baf92f47469ba1f2e1aaa31c41d8a0bb" +SRC_URI = "\ + git://xenbits.xen.org/mini-os.git;protocol=git;nobranch=1;destsuffix=mini-os;name=minios \ + file://mini-os_udivmoddi4-gcc7.patch \ +" +S="${WORKDIR}/mini-os" +B="${S}" + +require mini-os.inc diff --git a/import-layers/meta-virtualization/recipes-extended/xen/newlib.inc b/import-layers/meta-virtualization/recipes-extended/xen/newlib.inc new file mode 100644 index 0000000000..1fdbd0aa44 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/newlib.inc @@ -0,0 +1,64 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +require stubdom.inc + +CPPFLAGS_INCLUDE_DIR = "-isystem `${HOST_PREFIX}gcc -print-file-name=include`" +STUBDOM_CFLAGS += "-D_I386MACH_ALLOW_HW_INTERRUPTS" + +export ac_cv_path_CC_FOR_TARGET="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}" +export CC_FOR_TARGET="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}" + +export ac_cv_path_CXX_FOR_TARGET="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}" +export CXX_FOR_TARGET="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}" + +export ac_cv_path_CPP_FOR_TARGET="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}" +export CPP_FOR_TARGET="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}" + +export ac_cv_path_LD_FOR_TARGET="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" +export LD_FOR_TARGET="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" + +export ac_cv_path_AS_FOR_TARGET="${HOST_PREFIX}as" +export AS_FOR_TARGET="${HOST_PREFIX}as" + +export ac_cv_path_AR_FOR_TARGET="${HOST_PREFIX}ar" +export AR_FOR_TARGET="${HOST_PREFIX}ar" + +export ac_cv_path_NM_FOR_TARGET="${HOST_PREFIX}nm" +export NM_FOR_TARGET="${HOST_PREFIX}nm" + +export ac_cv_path_RANLIB_FOR_TARGET="${HOST_PREFIX}ranlib" +export RANLIB_FOR_TARGET="${HOST_PREFIX}ranlib" + +export ac_cv_path_OBJDUMP_FOR_TARGET="${HOST_PREFIX}objdump" +export OBJDUMP_FOR_TARGET="${HOST_PREFIX}objdump" + +export ac_cv_path_OBJCOPY_FOR_TARGET="${HOST_PREFIX}objcopy" +export OBJCOPY_FOR_TARGET="${HOST_PREFIX}objcopy" + +export ac_cv_path_STRIP_FOR_TARGET="${HOST_PREFIX}strip" +export STRIP_FOR_TARGET="${HOST_PREFIX}strip" + +export ac_cv_path_STRINGS_FOR_TARGET="${HOST_PREFIX}strings" +export STRINGS_FOR_TARGET="${HOST_PREFIX}strings" + +export ac_cv_path_READELF_FOR_TARGET="${HOST_PREFIX}readelf" +export READELF_FOR_TARGET="${HOST_PREFIX}readelf" + +do_configure() { + ${S}/configure --verbose --prefix=${prefix} --target=${GNU_TARGET_ARCH}-xen-elf --enable-newlib-io-long-long --disable-multilib + find ${S} -type f | xargs perl -i.bak -pe 's/\b_(tzname|daylight|timezone)\b/$1/g' +} + +do_compile() { + ${MAKE} +} + +do_install() { + ${MAKE} DESTDIR=${D} install + rm -rf ${D}/cross-root-${GNU_TARGET_ARCH}/share + rm -rf ${D}/cross-root-${GNU_TARGET_ARCH}/info + install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stdarg.h -t ${D}/${includedir} + install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stddef.h -t ${D}/${includedir} + install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stdbool.h -t ${D}/${includedir} +} diff --git a/import-layers/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb new file mode 100644 index 0000000000..60672bea06 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb @@ -0,0 +1,21 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +DESCRIPTION = "Newlib is a C library intended for use on embedded systems." +HOMEPAGE = "http://sourceware.org/newlib" +LICENSE = "GPLv2 & LGPLv3 & GPLv3 & LGPLv2" +LIC_FILES_CHKSUM = "file://COPYING.NEWLIB;md5=950f50b290e8fcf7a2d3fff61775de9b" + +# this is the hash of version tag 1_16_0 +SRCREV_newlib = "07b4b67a88f386ce4716a14e0ff2c2bce992b985" +SRC_URI = "\ + git://sourceware.org/git/newlib-cygwin.git;protocol=git;nobranch=1;destsuffix=newlib;name=newlib \ + file://newlib.patch \ + file://newlib-chk.patch \ + file://newlib-stdint-size_max-fix-from-1.17.0.patch \ +" + +S="${WORKDIR}/newlib" +B="${WORKDIR}/build" + +require newlib.inc diff --git a/import-layers/meta-virtualization/recipes-extended/xen/polarssl.inc b/import-layers/meta-virtualization/recipes-extended/xen/polarssl.inc new file mode 100644 index 0000000000..eae95f406f --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/polarssl.inc @@ -0,0 +1,27 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +require stubdom.inc + +DEPENDS += "\ + newlib \ +" +STUBDOM_CFLAGS += "\ + -Wno-memset-elt-size \ + -Wno-implicit-fallthrough \ +" + +# nothing to configure +do_configure[noexec] = "1" + +do_compile() { + ${MAKE} CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}" +} + +do_install() { + install -d ${D}${includedir} + cp -r -t ${D}${includedir} ${S}/include/polarssl + + install -d ${D}/${libdir} + install -m 644 -t ${D}/${libdir} ${S}/library/libpolarssl.a +} diff --git a/import-layers/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb b/import-layers/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb new file mode 100644 index 0000000000..80ea45a762 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb @@ -0,0 +1,19 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +DESCRIPTION = "PolarSSL (now 'mbed TLS') is an open source, portable, easy to use, readable and flexible SSL library." +HOMEPAGE = "https://tls.mbed.org" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" + +# git hash for release tag polarssl-1.1.4 +SRCREV_polarssl = "d36da11125a9c85c572a4fdf63e0a25e76d7bb18" +SRC_URI = "\ + git://github.com/ARMmbed/mbedtls.git;protocol=https;nobranch=1;destsuffix=polarssl;name=polarssl \ + file://polarssl.patch; \ +" + +S="${WORKDIR}/${PN}" +B="${S}/library" + +require polarssl.inc diff --git a/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc b/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc new file mode 100644 index 0000000000..ef6473d4bd --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc @@ -0,0 +1,37 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +require stubdom.inc + +DEPENDS += "\ + newlib \ +" + +do_configure() { + # need to modify prefix here during configure otherwise OE-level variables + # (prefix, libdir, includedir, etc...) defined in stubdom.inc get messed up + CPPFLAGS="-isystem ${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include ${STUBDOM_CPPFLAGS}" \ + CFLAGS="${STUBDOM_CFLAGS}" \ + CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" \ + ${S}/configure \ + --disable-shared \ + --enable-static \ + --disable-fft \ + --without-readline \ + --with-gnu-ld \ + --prefix=${prefix}/${GNU_TARGET_ARCH}-xen-elf \ + --libdir=${libdir} \ + --build=`${HOST_PREFIX}gcc -dumpmachine` \ + --host=${GNU_TARGET_ARCH}-xen-elf + + sed -i 's/#define HAVE_OBSTACK_VPRINTF 1/\/\/#define HAVE_OBSTACK_VPRINTF 1/' ${S}/config.h +} + +do_compile() { + ${MAKE} +} + +do_install() { + ${MAKE} DESTDIR=${D} install + rm -rf ${D}${prefix}/${GNU_TARGET_ARCH}-xen-elf/share +} diff --git a/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb b/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb new file mode 100644 index 0000000000..d9a2adbd39 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb @@ -0,0 +1,20 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +DESCRIPTION = "GMP library for Xen vTPM's." +HOMEPAGE = "http://gmp" +LICENSE = "GPLv3" +LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ + file://COPYING.LIB;md5=6a6a8e020838b23406c81b19c1d46df6 \ +" + +SRC_URI = "\ + https://gmplib.org/download/gmp/archive/gmp-${PV}.tar.bz2 \ +" +SRC_URI[md5sum] = "dd60683d7057917e34630b4a787932e8" +SRC_URI[sha256sum] = "936162c0312886c21581002b79932829aa048cfaf9937c6265aeaa14f1cd1775" + +S="${WORKDIR}/gmp-${PV}" +B="${S}" + +require stubdom-gmp.inc diff --git a/import-layers/meta-virtualization/recipes-extended/xen/stubdom.inc b/import-layers/meta-virtualization/recipes-extended/xen/stubdom.inc new file mode 100644 index 0000000000..bfc675276d --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/stubdom.inc @@ -0,0 +1,152 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +COMPATIBLE_HOST = '(x86_64.*).*-linux' + +require xen-arch.inc + +# many of the xen stubdom related recipes build and package static instead of shared libraries +EXCLUDE_FROM_SHLIBS = "1" + +# base set of dependencies to be used for xen stubdom recipes +DEPENDS += "\ + lwip \ + mini-os \ +" + +# unset EVERYTHING from the OE environment. +# Weird things happen when these are exported into the environment. +unset CFLAGS +unset BUILD_CFLAGS +unset TARGET_CFLAGS +unset CFLAGS_FOR_BUILD + +unset CPPFLAGS +unset BUILD_CPPFLAGS +unset TARGET_CPPFLAGS +unset CPPFLAGS_FOR_BUILD + +unset LDFLAGS +unset BUILD_LDFLAGS +unset TARGET_LDFLAGS +unset LDFLAGS_FOR_BUILD + +unset CXXFLAGS +unset TARGET_CXXFLAGS +unset BUILD_CXXFLAGS +unset CXXFLAGS_FOR_BUILD + +unset BUILD_CC +unset BUILD_CPP +unset BUILD_CXX +unset BUILD_LD +unset BUILD_AR +unset BUILD_AS +unset BUILD_CCLD +unset BUILD_FC +unset BUILD_RANLIB +unset BUILD_NM +unset BUILD_STRIP +unset BUILD_READELF +unset BUILD_OBJCOPY +unset BUILD_OBJDUMP +unset CC +unset CPP +unset CXX +unset LD +unset AR +unset AS +unset NM +unset RANLIB +unset STRIP +unset STRINGS +unset READELF +unset OBJCOPY +unset OBJDUMP +unset READELF +unset CCLD +unset FC + +# Provide support to build both 32-bit and 64-bit stubdoms +python () { + gnu_dict = { + 'x86_32': 'i686', + 'x86_64': 'x86_64', + } + + if d.expand('${XEN_TARGET_ARCH}') == 'x86_32': + d.setVar("GNU_TARGET_ARCH",gnu_dict[d.expand('${XEN_TARGET_ARCH}')]) + d.setVar("PACKAGE_ARCH","core2-32") + elif d.expand('${XEN_TARGET_ARCH}') == 'x86_64': + d.setVar("GNU_TARGET_ARCH",gnu_dict[d.expand('${XEN_TARGET_ARCH}')]) +} + +export GNU_TARGET_ARCH +export XEN_TARGET_ARCH="${@map_xen_arch(d.getVar('TARGET_ARCH'), d)}" +export XEN_COMPILE_ARCH="${@map_xen_arch(d.getVar('BUILD_ARCH'), d)}" + +LWIP_SRCDIR = "${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/lwip" +MINIOS_SRCDIR = "${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/mini-os" + +# Base set of CPPFLAGS, CFLAGS needed for each component used to build MiniOS-based stubdoms +# LDFLAGS are only used when building stubdoms, so only used in stubdom recipes +# Generic name given because each library uses DEF_, BUILD_, TARGET_, and xxxFLAGS differently +CPPFLAGS_INCLUDE_DIR = "-isystem ${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include" + +STUBDOM_CPPFLAGS += "\ + -isystem ${MINIOS_SRCDIR}/include \ + -D__MINIOS__ \ + -DHAVE_LIBC \ + -isystem ${MINIOS_SRCDIR}/include/posix \ + -isystem ${MINIOS_SRCDIR}/include/xen \ + -isystem ${MINIOS_SRCDIR}/include/x86 \ + -isystem ${MINIOS_SRCDIR}/include/x86/${XEN_TARGET_ARCH} \ + -U __linux__ \ + -U __FreeBSD__ \ + -U __sun__ \ + -nostdinc \ + ${CPPFLAGS_INCLUDE_DIR} \ + -isystem ${LWIP_SRCDIR}/include \ + -isystem ${LWIP_SRCDIR}/include/ipv4 \ +" + +STUBDOM_CFLAGS += "\ + -mno-red-zone \ + -O1 \ + -fno-omit-frame-pointer \ + -m64 \ + -fno-reorder-blocks \ + -fno-asynchronous-unwind-tables \ + -DBUILD_ID \ + -fno-strict-aliasing \ + -std=gnu99 \ + -Wall \ + -Wstrict-prototypes \ + -Wdeclaration-after-statement \ + -Wno-unused-but-set-variable \ + -Wno-unused-local-typedefs \ + -fno-stack-protector \ + -fno-exceptions \ +" + +STUBDOM_LDFLAGS = "\ + -nostdlib \ + -L${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/lib \ +" + +# Need to redefine these for stubdom-related builds. It all starts because of +# the prefix used in newlib and then continues because we don't want to +# cross-contaminate stubdom-related recipes with headers and libraries found in +# the OE-defined locations +export prefix="/cross-root-${GNU_TARGET_ARCH}" +export includedir="${prefix}/${GNU_TARGET_ARCH}-xen-elf/include" +export libdir="${prefix}/${GNU_TARGET_ARCH}-xen-elf/lib" +export libexecdir="${libdir}" +export STAGING_INCDIR +export STAGING_LIBDIR + +# Typically defined in Xen and Minios .mk files that aren't sourced/read, +# defined to trigger some values and paths in Makefiles +export debug="y" +export stubdom="y" +export XEN_OS="MiniOS" diff --git a/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator.inc b/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator.inc new file mode 100644 index 0000000000..f58a276392 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator.inc @@ -0,0 +1,37 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +require stubdom.inc + +DEPENDS += "\ + cmake-native \ + newlib \ + stubdom-gmp \ +" + +# nothing to configure +do_configure[noexec] = "1" + +export CMAKE_C_FLAGS = "\ + -std=c99 \ + -DTPM_NO_EXTERN \ + ${STUBDOM_CPPFLAGS} \ + ${STUBDOM_CFLAGS} \ + -Wno-declaration-after-statement \ + -Wno-implicit-fallthrough \ +" + +do_compile() { + CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" cmake .. -DCMAKE_C_FLAGS:STRING="${CMAKE_C_FLAGS}" + ${MAKE} VERBOSE=1 tpm_crypto tpm +} + +do_install() { + install -d ${D}/${libdir} + install -m 644 -t ${D}/${libdir} ${B}/crypto/libtpm_crypto.a + install -m 644 -t ${D}/${libdir} ${B}/tpm/libtpm.a + + install -D -m 644 -t ${D}/${includedir}/tpm-emulator/build ${S}/build/config.h + install -D -m 644 -t ${D}/${includedir}/tpm-emulator/crypto ${S}/crypto/*.h + install -D -m 644 -t ${D}/${includedir}/tpm-emulator/tpm ${S}/tpm/*.h +} diff --git a/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb b/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb new file mode 100644 index 0000000000..f6269297a7 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb @@ -0,0 +1,26 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +DESCRIPTION = "TPM Emulator" +HOMEPAGE = "http://xenbits.xen.org/xen-extfiles" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://README;md5=eeabd77cf8fd8a8bc42983884cb09863" + +SRC_URI = "\ + http://xenbits.xen.org/xen-extfiles/tpm_emulator-${PV}.tar.gz;name=tpm-emulator \ + file://tpmemu-0.7.4.patch \ + file://vtpm-bufsize.patch \ + file://vtpm-locality.patch \ + file://vtpm-parent-sign-ek.patch \ + file://vtpm-deepquote.patch \ + file://vtpm-deepquote-anyloc.patch \ + file://vtpm-cmake-Wextra.patch \ + file://vtpm-implicit-fallthrough.patch \ +" +SRC_URI[tpm-emulator.md5sum] = "e26becb8a6a2b6695f6b3e8097593db8" +SRC_URI[tpm-emulator.sha256sum] = "4e48ea0d83dd9441cc1af04ab18cd6c961b9fa54d5cbf2c2feee038988dea459" + +S="${WORKDIR}/tpm_emulator-${PV}" +B="${S}/build" + +require tpm-emulator.inc diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm.inc b/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm.inc new file mode 100644 index 0000000000..a94c7503dd --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm.inc @@ -0,0 +1,111 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +require stubdom.inc + +DEPENDS = "\ + newlib \ + lwip \ + mini-os \ + polarssl \ + stubdom-gmp \ + tpm-emulator \ +" +# These were unset by stubdom.inc to allow us to scope them per recipe +export CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" +export CCLD="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" +export CXX="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}" +export CPP="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}" +export LD="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" +export LD_LTO="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}" +export AS="${HOST_PREFIX}as" +export AR="${HOST_PREFIX}ar" +export NM="${HOST_PREFIX}nm" +export RANLIB="${HOST_PREFIX}ranlib" +export OBJDUMP="${HOST_PREFIX}objdump" +export OBJCOPY="${HOST_PREFIX}objcopy" +export STRIP="${HOST_PREFIX}strip" +export STRINGS="${HOST_PREFIX}strings" +export READELF="${HOST_PREFIX}readelf" + + +# Required for some of the config stuff +export STUBDOM_TARGETS="vtpm vtpmmgr" + +VTPM_CPPFLAGS = "\ + -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/build \ + -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/crypto \ + -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/tpm \ + -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator \ +" + +# The includes from this Xen directory are not in the MiniOS repo, although they probably should be. +STUBDOM_CPPFLAGS += "-isystem ${B}/include/" + +do_configure() { + + # GCC 7 fails linking header defined inlines if not declared 'static' or 'extern' + # This appears to be fixed in Xen 4.10.0+, so let's look at version of Xen source + # to determine if we need to modify inline declarations. + # + # 'echo -e' to enable interpretation of backslashes + # 'sort -V' to natural sort version numbers + # 'head -n1' to capture the first line of output from sort command + + if [ "${PV}" = "$(echo "${PV};4.9.999" | sed 's/;/\n/' | sort -V | head -n1)" ]; then + sed -i "s/^inline/static inline/g" ${B}/vtpmmgr/*.h + fi + + for i in AR AS NM RANLIB OBJDUMP OBJCOPY STRIP STRINGS READELF CXX LD LD_LTO CC CPP; do + sed -i "s/^\($i\s\s*\).*=/\1?=/" ${MINIOS_SRCDIR}/Config.mk + done + + # replicate the TARGETS_MINIOS target in xen/stubdom/Makefile + for i in ${STUBDOM_TARGETS}; do + [ -d ${B}/mini-os-${XEN_TARGET_ARCH}-$i ] || + for j in $(cd ${MINIOS_SRCDIR} ; find . -type d) ; do \ + mkdir -p ${B}/mini-os-${XEN_TARGET_ARCH}-$i/$j; \ + done + done +} + +do_compile() { + ${MAKE} MINIOS_CONFIG="${B}/vtpm/minios.cfg" CONFIG_FILE="${B}/vtpm-minios-config.mk" DESTDIR= -C ${MINIOS_SRCDIR} config + CPPFLAGS="`cat ${B}/vtpm-minios-config.mk` ${STUBDOM_CPPFLAGS} ${VTPM_CPPFLAGS}" CFLAGS="${STUBDOM_CFLAGS}" ${MAKE} -C ${B}/vtpm + DEF_CPPFLAGS="${STUBDOM_CPPFLAGS}" \ + DEF_CFLAGS="${STUBDOM_CFLAGS}" \ + DEF_LDFLAGS="${STUBDOM_LDFLAGS}" \ + MINIOS_CONFIG="${B}/vtpm/minios.cfg" \ + ${MAKE} -C ${MINIOS_SRCDIR} \ + OBJ_DIR=${B}/mini-os-${XEN_TARGET_ARCH}-vtpm \ + APP_OBJS="${B}/vtpm/vtpm.a" \ + APP_LDLIBS="-ltpm -ltpm_crypto -lgmp -lpolarssl" + + ${MAKE} MINIOS_CONFIG="${B}/vtpmmgr/minios.cfg" CONFIG_FILE="${B}/vtpmmgr-minios-config.mk" DESTDIR= -C ${MINIOS_SRCDIR} config + CPPFLAGS="`cat ${B}/vtpmmgr-minios-config.mk` ${STUBDOM_CPPFLAGS}" CFLAGS="${STUBDOM_CFLAGS}" ${MAKE} -C ${B}/vtpmmgr + DEF_CPPFLAGS="${STUBDOM_CPPFLAGS}" \ + DEF_CFLAGS="${STUBDOM_CFLAGS}" \ + DEF_LDFLAGS="${STUBDOM_LDFLAGS}" \ + MINIOS_CONFIG="${B}/vtpmmgr/minios.cfg" \ + ${MAKE} -C ${MINIOS_SRCDIR} \ + OBJ_DIR=${B}/mini-os-${XEN_TARGET_ARCH}-vtpmmgr \ + APP_OBJS="${B}/vtpmmgr/vtpmmgr.a" \ + APP_LDLIBS="-lm -lpolarssl" +} + +PACKAGES = "\ + ${PN}-vtpm-stubdom \ + ${PN}-vtpmmgr-stubdom \ +" +FILES_${PN}-vtpm-stubdom="\ + ${libdir}/xen/boot/vtpm-stubdom.gz \ +" + +FILES_${PN}-vtpmmgr-stubdom="\ + ${libdir}/xen/boot/vtpmmgr-stubdom.gz \ +" + +do_install() { + install -m 644 -D ${B}/mini-os-${XEN_TARGET_ARCH}-vtpm/mini-os.gz ${D}${libdir}/xen/boot/vtpm-stubdom.gz + install -m 644 -D ${B}/mini-os-${XEN_TARGET_ARCH}-vtpmmgr/mini-os.gz ${D}${libdir}/xen/boot/vtpmmgr-stubdom.gz +} diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm_4.9.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm_4.9.0.bb new file mode 100644 index 0000000000..c58a02d8ed --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm_4.9.0.bb @@ -0,0 +1,21 @@ +# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com> +# Released under the MIT license (see COPYING.MIT for the terms) + +DESCRIPTION = "MiniOS-based vTPMs for Xen" +HOMEPAGE = "https://www.xenproject.org" +LICENSE = "GPLv2 & BSD-3-Clause" +LIC_FILES_CHKSUM = "file://COPYING;md5=b1ceb1b03a49b202ee6f41ffd1ed0155 \ + file://vtpm/COPYING;md5=75a98062ab0322ded060d9026a1bda61 \ +" + +# git commit hash for Xen's RELEASE-4.9.0 tag +SRCREV_xen = "c30bf55594a53fae8aae08aabf16fc192faad7da" +SRC_URI = "\ + git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;subpath=stubdom \ + git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;destsuffix=stubdom/include;subpath=tools/xenstore/include \ +" + +S="${WORKDIR}/stubdom" +B="${S}" + +require xen-vtpm.inc diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen.inc b/import-layers/meta-virtualization/recipes-extended/xen/xen.inc index cb314f88b8..8dfe589af6 100644 --- a/import-layers/meta-virtualization/recipes-extended/xen/xen.inc +++ b/import-layers/meta-virtualization/recipes-extended/xen/xen.inc @@ -62,15 +62,12 @@ RDEPENDS_${PN} = "" RDEPENDS_${PN}-base = "\ bash perl xz \ - ${PN}-blktap \ ${PN}-console \ - ${PN}-libblktapctl \ ${PN}-libxenguest \ ${PN}-libxenlight \ ${PN}-libxenvchan \ ${PN}-libxenctrl \ ${PN}-libxlutil \ - ${PN}-libvhd \ ${PN}-libxenstat \ ${PN}-libxenstore \ ${PN}-libfsimage \ @@ -88,7 +85,10 @@ RDEPENDS_${PN}-base = "\ RDEPENDS_${PN}-dev = "" RRECOMMENDS_${PN}-base = " \ + ${PN}-blktap \ ${PN}-libblktap \ + ${PN}-libblktapctl \ + ${PN}-libvhd \ ${PN}-flask \ ${PN}-hvmloader \ ${PN}-xenpaging \ @@ -196,6 +196,8 @@ PACKAGES = "\ ${PN}-libxenstat-dev \ ${PN}-libxenstore \ ${PN}-libxenstore-dev \ + ${PN}-libxentoolcore \ + ${PN}-libxentoolcore-dev \ ${PN}-libxentoollog \ ${PN}-libxentoollog-dev \ ${PN}-libxenvchan \ @@ -344,6 +346,12 @@ FILES_${PN}-libxenstore-dev = " \ ${datadir}/pkgconfig/xenstore.pc \ " +FILES_${PN}-libxentoolcore = "${libdir}/libxentoolcore.so.*" +FILES_${PN}-libxentoolcore-dev = " \ + ${libdir}/libxentoolcore.so \ + ${datadir}/pkgconfig/xentoolcore.pc \ + " + FILES_${PN}-libxentoollog = "${libdir}/libxentoollog.so.*" FILES_${PN}-libxentoollog-dev = " \ ${libdir}/libxentoollog.so \ @@ -474,6 +482,7 @@ FILES_${PN}-misc = "\ ${sbindir}/xenperf \ ${sbindir}/xenpm \ ${sbindir}/xsview \ + ${sbindir}/xen-diag \ ${sbindir}/xen-tmem-list-parse \ ${sbindir}/xen-python-path \ ${sbindir}/xen-ringwatch \ @@ -739,8 +748,6 @@ FILES_${PN}-xencommons += "\ ${systemd_unitdir}/system/xenconsoled.service \ ${systemd_unitdir}/system/xen-init-dom0.service \ ${systemd_unitdir}/system/xenstored.service \ - ${systemd_unitdir}/system/xenstored.socket \ - ${systemd_unitdir}/system/xenstored_ro.socket \ ${systemd_unitdir}/system/var-lib-xenstored.mount \ " @@ -780,8 +787,6 @@ SYSTEMD_SERVICE_${PN}-xencommons = " \ xenconsoled.service \ xen-init-dom0.service \ xenstored.service \ - xenstored.socket \ - xenstored_ro.socket \ " SYSTEMD_SERVICE_${PN}-xendomains = "xendomains.service" @@ -825,7 +830,7 @@ export LDFLAGS="" # Yocto injects -mfpmath=sse for some machine types into the CFLAGS which # conflicts with -mno-sse so instead we strip -mfpmath=sse instead of # patching the build to be ok with this -TUNE_CCARGS := "${@oe_filter_out('-mfpmath=sse', '${TUNE_CCARGS}', d)}" +TUNE_CCARGS := "${@oe.utils.str_filter_out('-mfpmath=sse', '${TUNE_CCARGS}', d)}" EXTRA_OECONF += " \ --exec-prefix=/usr \ diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen_4.10.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/xen_4.10.0.bb new file mode 100644 index 0000000000..d314b9b6a5 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/xen_4.10.0.bb @@ -0,0 +1,12 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" +require xen.inc + +SRC_URI = " \ + https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \ + file://xsa253.patch \ + " + +SRC_URI[md5sum] = "ab9d320d02cb40f6b40506aed1a38d58" +SRC_URI[sha256sum] = "0262a7023f8b12bcacfb0b25e69b2a63291f944f7683d54d8f33d4b2ca556844" + +S = "${WORKDIR}/xen-${PV}" diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.0.bb deleted file mode 100644 index 8e9c8024bc..0000000000 --- a/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.0.bb +++ /dev/null @@ -1,12 +0,0 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/files:" -require xen.inc - -SRC_URI = " \ - https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \ - file://fix-libxc-xc_dom_arm-missing-initialization.patch \ - " - -SRC_URI[md5sum] = "f0a753637630f982dfbdb64121fd71e1" -SRC_URI[sha256sum] = "cade643fe3310d4d6f97d0c215c6fa323bc1130d7e64d7e2043ffaa73a96f33b" - -S = "${WORKDIR}/xen-${PV}" diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.1.bb b/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.1.bb new file mode 100644 index 0000000000..5c18bb00af --- /dev/null +++ b/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.1.bb @@ -0,0 +1,18 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" +require xen.inc + +SRC_URI = " \ + https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \ + file://xsa246-4.9.patch \ + file://0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch \ + file://0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch \ + file://xsa248.patch \ + file://xsa249.patch \ + file://xsa250.patch \ + file://xsa251.patch \ + " + +SRC_URI[md5sum] = "8b9d6104694b164d54334194135f7217" +SRC_URI[sha256sum] = "ecf88b01f44cd8f4ef208af3f999dceb69bdd2a316d88dd9a9535ea7b49ed356" + +S = "${WORKDIR}/xen-${PV}" diff --git a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto/vswitch.cfg b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto/vswitch.cfg index 00675042ca..b1fefc0c6a 100644 --- a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto/vswitch.cfg +++ b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto/vswitch.cfg @@ -1,2 +1,3 @@ CONFIG_OPENVSWITCH=m CONFIG_NET_SCH_INGRESS=m +CONFIG_NET_ACT_POLICE=m diff --git a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.10.bbappend b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.14.bbappend index 617caccbd8..617caccbd8 100644 --- a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.10.bbappend +++ b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.14.bbappend diff --git a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.4.bbappend b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.15.bbappend index 617caccbd8..617caccbd8 100644 --- a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.4.bbappend +++ b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.15.bbappend diff --git a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.9.bbappend b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.9.bbappend deleted file mode 100644 index 617caccbd8..0000000000 --- a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.9.bbappend +++ /dev/null @@ -1 +0,0 @@ -require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', '${BPN}_virtualization.inc', '', d)} diff --git a/import-layers/meta-virtualization/recipes-networking/netns/files/0001-Allow-selection-of-go-compiler.patch b/import-layers/meta-virtualization/recipes-networking/netns/files/0001-Allow-selection-of-go-compiler.patch new file mode 100644 index 0000000000..84fb9a437c --- /dev/null +++ b/import-layers/meta-virtualization/recipes-networking/netns/files/0001-Allow-selection-of-go-compiler.patch @@ -0,0 +1,107 @@ +From 6576f228339b7931e05a8e861f085f483817806b Mon Sep 17 00:00:00 2001 +From: Paul Barker <pbarker@toganlabs.com> +Date: Tue, 8 May 2018 11:01:14 +0000 +Subject: [PATCH] Allow selection of go compiler + +By running `make GO=/path/to/go` we can now select the appropriate go compiler +to use. This also makes it possible to cross compile netns more easily. + +Signed-off-by: Paul Barker <pbarker@toganlabs.com> +Upstream-status: Pending +--- + Makefile | 25 ++++++++++++++----------- + 1 file changed, 14 insertions(+), 11 deletions(-) + +diff --git a/Makefile b/Makefile +index 3a22f3e..476cb9b 100644 +--- a/src/import/Makefile ++++ b/src/import/Makefile +@@ -23,6 +23,9 @@ CTIMEVAR=-X $(PKG)/version.GITCOMMIT=$(GITCOMMIT) -X $(PKG)/version.VERSION=$(VE + GO_LDFLAGS=-ldflags "-w $(CTIMEVAR)" + GO_LDFLAGS_STATIC=-ldflags "-w $(CTIMEVAR) -extldflags -static" + ++# Set our default go compiler ++GO := go ++ + # List the GOOS and GOARCH to build + GOOSARCHES = linux/arm linux/arm64 linux/amd64 linux/386 + +@@ -33,12 +36,12 @@ build: $(NAME) ## Builds a dynamic executable or package + + $(NAME): *.go VERSION.txt + @echo "+ $@" +- go build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) . ++ $(GO) build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) . + + .PHONY: static + static: ## Builds a static executable + @echo "+ $@" +- CGO_ENABLED=0 go build \ ++ CGO_ENABLED=0 $(GO) build \ + -tags "$(BUILDTAGS) static_build" \ + ${GO_LDFLAGS_STATIC} -o $(NAME) . + +@@ -55,23 +58,23 @@ lint: ## Verifies `golint` passes + .PHONY: test + test: ## Runs the go tests + @echo "+ $@" +- @go test -v -tags "$(BUILDTAGS) cgo" $(shell go list ./... | grep -v vendor) ++ @$(GO) test -v -tags "$(BUILDTAGS) cgo" $(shell $(GO) list ./... | grep -v vendor) + + .PHONY: vet + vet: ## Verifies `go vet` passes + @echo "+ $@" +- @go vet $(shell go list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr ++ @$(GO) vet $(shell $(GO) list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr + + .PHONY: staticcheck + staticcheck: ## Verifies `staticcheck` passes + @echo "+ $@" +- @staticcheck $(shell go list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr ++ @staticcheck $(shell $(GO) list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr + + .PHONY: cover + cover: ## Runs go test with coverage + @echo "" > coverage.txt +- @for d in $(shell go list ./... | grep -v vendor); do \ +- go test -race -coverprofile=profile.out -covermode=atomic "$$d"; \ ++ @for d in $(shell $(GO) list ./... | grep -v vendor); do \ ++ $(GO) test -race -coverprofile=profile.out -covermode=atomic "$$d"; \ + if [ -f profile.out ]; then \ + cat profile.out >> coverage.txt; \ + rm profile.out; \ +@@ -81,11 +84,11 @@ cover: ## Runs go test with coverage + .PHONY: install + install: ## Installs the executable or package + @echo "+ $@" +- go install -a -tags "$(BUILDTAGS)" ${GO_LDFLAGS} . ++ $(GO) install -a -tags "$(BUILDTAGS)" ${GO_LDFLAGS} . + + define buildpretty + mkdir -p $(BUILDDIR)/$(1)/$(2); +-GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \ ++GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 $(GO) build \ + -o $(BUILDDIR)/$(1)/$(2)/$(NAME) \ + -a -tags "$(BUILDTAGS) static_build netgo" \ + -installsuffix netgo ${GO_LDFLAGS_STATIC} .; +@@ -99,7 +102,7 @@ cross: *.go VERSION.txt ## Builds the cross-compiled binaries, creating a clean + $(foreach GOOSARCH,$(GOOSARCHES), $(call buildpretty,$(subst /,,$(dir $(GOOSARCH))),$(notdir $(GOOSARCH)))) + + define buildrelease +-GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \ ++GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 $(GO) build \ + -o $(BUILDDIR)/$(NAME)-$(1)-$(2) \ + -a -tags "$(BUILDTAGS) static_build netgo" \ + -installsuffix netgo ${GO_LDFLAGS_STATIC} .; +@@ -115,7 +118,7 @@ release: *.go VERSION.txt ## Builds the cross-compiled binaries, naming them in + .PHONY: bump-version + BUMP := patch + bump-version: ## Bump the version in the version file. Set BUMP to [ patch | major | minor ] +- @go get -u github.com/jessfraz/junk/sembump # update sembump tool ++ @$(GO) get -u github.com/jessfraz/junk/sembump # update sembump tool + $(eval NEW_VERSION = $(shell sembump --kind $(BUMP) $(VERSION))) + @echo "Bumping VERSION.txt from $(VERSION) to $(NEW_VERSION)" + echo $(NEW_VERSION) > VERSION.txt +-- +2.7.4 + diff --git a/import-layers/meta-virtualization/recipes-networking/netns/netns_git.bb b/import-layers/meta-virtualization/recipes-networking/netns/netns_git.bb index d35836ef01..82a961bf57 100644 --- a/import-layers/meta-virtualization/recipes-networking/netns/netns_git.bb +++ b/import-layers/meta-virtualization/recipes-networking/netns/netns_git.bb @@ -1,13 +1,13 @@ HOMEPAGE = "https://github.com/jfrazelle/netns" SUMMARY = "Runc hook for setting up default bridge networking." LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=20ce4c6a4f32d6ee4a68e3a7506db3f1" +LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=48ef0979a2bcc3fae14ff30b8a7f5dbf" -SRC_URI = "git://github.com/jessfraz/netns;branch=master \ - file://0001-Use-correct-go-cross-compiler.patch \ +SRC_URI = "git://github.com/genuinetools/netns;branch=master \ + file://0001-Allow-selection-of-go-compiler.patch \ " -SRCREV = "74e23a0e5c4e7ac011aafcc4623586c196f1b3ef" -PV = "0.2.1" +SRCREV = "0da6ab0997707024debe68c91e940c9168041bf8" +PV = "0.4.0" GO_IMPORT = "import" S = "${WORKDIR}/git" @@ -26,9 +26,9 @@ do_compile() { # We also need to link in the ipallocator and version directories as # they are not under the src directory. ln -sfn . "${S}/src/import/vendor/src" - mkdir -p "${S}/src/import/vendor/src/github.com/jessfraz/netns" - ln -sfn "${S}/src/import/ipallocator" "${S}/src/import/vendor/src/github.com/jessfraz/netns/ipallocator" - ln -sfn "${S}/src/import/version" "${S}/src/import/vendor/src/github.com/jessfraz/netns/version" + mkdir -p "${S}/src/import/vendor/src/github.com/genuinetools/netns" + ln -sfn "${S}/src/import/ipallocator" "${S}/src/import/vendor/src/github.com/genuinetools/netns/ipallocator" + ln -sfn "${S}/src/import/version" "${S}/src/import/vendor/src/github.com/genuinetools/netns/version" export GOPATH="${S}/src/import/vendor" # Pass the needed cflags/ldflags so that cgo diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch index 4441c1ea70..deff10b063 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch @@ -1,4 +1,4 @@ -From 04ad1c3d9f47cfdf4ad9b5d685e953ec094326ff Mon Sep 17 00:00:00 2001 +From f21a0490555d5fe8f5a9ce982defa666a64151c0 Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Fri, 13 Jan 2017 16:12:55 -0500 Subject: [PATCH] python: make remaining scripts use /usr/bin/env @@ -12,6 +12,7 @@ PYTHON. To make this function smoothly all installed scripts should make use of /usr/bin/env to increase the chances of finding python. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- build-aux/check-structs | 2 +- build-aux/extract-ofp-actions | 2 +- @@ -28,7 +29,7 @@ Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/build-aux/check-structs b/build-aux/check-structs -index f79f235..c7b8730 100755 +index f79f235..5129b72 100755 --- a/build-aux/check-structs +++ b/build-aux/check-structs @@ -1,4 +1,4 @@ @@ -38,7 +39,7 @@ index f79f235..c7b8730 100755 import os.path import sys diff --git a/build-aux/extract-ofp-actions b/build-aux/extract-ofp-actions -index 184447b..92ea18d 100755 +index 0062ab8..ee8c4ff 100755 --- a/build-aux/extract-ofp-actions +++ b/build-aux/extract-ofp-actions @@ -1,4 +1,4 @@ @@ -48,7 +49,7 @@ index 184447b..92ea18d 100755 import sys import os.path diff --git a/build-aux/extract-ofp-errors b/build-aux/extract-ofp-errors -index 9642593..11e6de7 100755 +index 2312b76..e36444e 100755 --- a/build-aux/extract-ofp-errors +++ b/build-aux/extract-ofp-errors @@ -1,4 +1,4 @@ @@ -58,7 +59,7 @@ index 9642593..11e6de7 100755 import sys import os.path diff --git a/build-aux/extract-ofp-fields b/build-aux/extract-ofp-fields -index 498b887..5d6bcec 100755 +index 498b887..c248e76 100755 --- a/build-aux/extract-ofp-fields +++ b/build-aux/extract-ofp-fields @@ -1,4 +1,4 @@ @@ -68,7 +69,7 @@ index 498b887..5d6bcec 100755 import getopt import sys diff --git a/build-aux/extract-ofp-msgs b/build-aux/extract-ofp-msgs -index 1813638..e9e3c25 100755 +index 1813638..c2a91f9 100755 --- a/build-aux/extract-ofp-msgs +++ b/build-aux/extract-ofp-msgs @@ -1,4 +1,4 @@ @@ -78,7 +79,7 @@ index 1813638..e9e3c25 100755 import sys import os.path diff --git a/build-aux/xml2nroff b/build-aux/xml2nroff -index bd4e879..9d81503 100755 +index bd4e879..db45c56 100755 --- a/build-aux/xml2nroff +++ b/build-aux/xml2nroff @@ -1,4 +1,4 @@ @@ -88,7 +89,7 @@ index bd4e879..9d81503 100755 # Copyright (c) 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc. # diff --git a/ovn/utilities/ovn-docker-overlay-driver b/ovn/utilities/ovn-docker-overlay-driver -index 52de3db..c90f02b 100755 +index 52de3db..3b1fa45 100755 --- a/ovn/utilities/ovn-docker-overlay-driver +++ b/ovn/utilities/ovn-docker-overlay-driver @@ -1,4 +1,4 @@ @@ -98,7 +99,7 @@ index 52de3db..c90f02b 100755 # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/ovn/utilities/ovn-docker-underlay-driver b/ovn/utilities/ovn-docker-underlay-driver -index 2c9c4b6..89b804c 100755 +index 2c9c4b6..551e7a1 100755 --- a/ovn/utilities/ovn-docker-underlay-driver +++ b/ovn/utilities/ovn-docker-underlay-driver @@ -1,4 +1,4 @@ @@ -108,7 +109,7 @@ index 2c9c4b6..89b804c 100755 # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/ovsdb/ovsdb-doc b/ovsdb/ovsdb-doc -index 5cf26ee..f76f4bd 100755 +index 5cf26ee..bdf2dcc 100755 --- a/ovsdb/ovsdb-doc +++ b/ovsdb/ovsdb-doc @@ -1,4 +1,4 @@ @@ -147,6 +148,3 @@ index 963c50c..c84d7c2 100755 # This library is free software; you can redistribute it and/or # modify it under the terms of version 2.1 of the GNU Lesser General Public --- -2.7.4 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch index a02b2a403a..6a1b83201c 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch @@ -1,4 +1,4 @@ -From 176528ca3a8b76c9d0bb71b1e56eeebccc655c71 Mon Sep 17 00:00:00 2001 +From 39d1af836d844c89e625cfc908545e93977af8be Mon Sep 17 00:00:00 2001 From: Mark Asselstine <mark.asselstine@windriver.com> Date: Wed, 3 May 2017 10:39:12 -0400 Subject: [PATCH] python: switch remaining scripts to use python3 @@ -6,6 +6,7 @@ Subject: [PATCH] python: switch remaining scripts to use python3 Work to remove the main openvswitch package's dependency on python 2. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> + --- ofproto/ipfix-gen-entities | 2 +- tests/test-l7.py | 2 +- @@ -108,6 +109,3 @@ index a776c00..d5ff8af 100755 # Copyright (c) 2009, 2010, 2011, 2012, 2013 Nicira, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); --- -2.7.4 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-Python3-compatibility-Convert-print-statements.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-Python3-compatibility-Convert-print-statements.patch index d6197588d6..7bdcc00340 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-Python3-compatibility-Convert-print-statements.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-Python3-compatibility-Convert-print-statements.patch @@ -1,7 +1,7 @@ -From c5c18f9c5f1b7217d43af43be9736c1762c7ebba Mon Sep 17 00:00:00 2001 +From 3658d861c3c83caab9040bec04b195be3f86d4ce Mon Sep 17 00:00:00 2001 From: Jason Wessel <jason.wessel@windriver.com> Date: Thu, 29 Jun 2017 20:33:23 -0700 -Subject: [PATCH 1/8] Python3 compatibility: Convert print statements +Subject: [PATCH] Python3 compatibility: Convert print statements Commit d34a1cc02536f9a812517a71accec3fbd3c6c98b from https://github.com/openvswitch/ovs.git @@ -11,6 +11,7 @@ python2. Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Ben Pfaff <blp@ovn.org> + --- build-aux/check-structs | 4 +- build-aux/extract-ofp-actions | 68 +++--- @@ -22,7 +23,7 @@ Signed-off-by: Ben Pfaff <blp@ovn.org> 7 files changed, 306 insertions(+), 305 deletions(-) diff --git a/build-aux/check-structs b/build-aux/check-structs -index f79f235..bae511f 100755 +index 5129b72..cbb19b6 100755 --- a/build-aux/check-structs +++ b/build-aux/check-structs @@ -211,7 +211,7 @@ def checkStructs(): @@ -44,7 +45,7 @@ index f79f235..bae511f 100755 global fileName diff --git a/build-aux/extract-ofp-actions b/build-aux/extract-ofp-actions -index 0062ab8..874e6b4 100755 +index ee8c4ff..67e3848 100755 --- a/build-aux/extract-ofp-actions +++ b/build-aux/extract-ofp-actions @@ -67,7 +67,7 @@ def fatal(msg): @@ -187,7 +188,7 @@ index 0062ab8..874e6b4 100755 if __name__ == '__main__': if '--help' in sys.argv: diff --git a/build-aux/extract-ofp-errors b/build-aux/extract-ofp-errors -index 2312b76..336a240 100755 +index e36444e..97d62d2 100755 --- a/build-aux/extract-ofp-errors +++ b/build-aux/extract-ofp-errors @@ -426,7 +426,7 @@ static const struct ofperr_domain %s = { @@ -200,7 +201,7 @@ index 2312b76..336a240 100755 print (" { -1, -1, -1 }, /* %s */" % enum) print ("""\ diff --git a/build-aux/extract-ofp-fields b/build-aux/extract-ofp-fields -index 498b887..425a85f 100755 +index c248e76..80c7d35 100755 --- a/build-aux/extract-ofp-fields +++ b/build-aux/extract-ofp-fields @@ -728,7 +728,7 @@ def make_ovs_fields(meta_flow_h, meta_flow_xml): @@ -213,7 +214,7 @@ index 498b887..425a85f 100755 recursively_replace(doc, 'oxm_classes', make_oxm_classes_xml(document)) diff --git a/build-aux/extract-ofp-msgs b/build-aux/extract-ofp-msgs -index 1813638..a67e870 100755 +index c2a91f9..92c4bda 100755 --- a/build-aux/extract-ofp-msgs +++ b/build-aux/extract-ofp-msgs @@ -56,14 +56,14 @@ def fatal(msg): @@ -241,7 +242,7 @@ index 1813638..a67e870 100755 + print(line) diff --git a/ovsdb/ovsdb-doc b/ovsdb/ovsdb-doc -index 5cf26ee..b34fb11 100755 +index bdf2dcc..e82ad59 100755 --- a/ovsdb/ovsdb-doc +++ b/ovsdb/ovsdb-doc @@ -258,7 +258,7 @@ represent strong references; thin lines represent weak references. @@ -272,11 +273,11 @@ index 5cf26ee..b34fb11 100755 except error.Error, e: sys.stderr.write("%s: %s\n" % (argv0, e.msg)) diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in -index 721ab50..1064448 100755 +index bfbcf23..62442ee 100755 --- a/ovsdb/ovsdb-idlc.in +++ b/ovsdb/ovsdb-idlc.in @@ -1,5 +1,6 @@ - #! @PYTHON@ + #! /usr/bin/env @PYTHON@ +from __future__ import print_function import getopt @@ -1259,6 +1260,3 @@ index 721ab50..1064448 100755 elif key in ['-C', '--directory']: os.chdir(value) else: --- -2.5.0 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-use-the-linux-if_packet.h-Interface-directly.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-use-the-linux-if_packet.h-Interface-directly.patch index 357124527c..f1f9befe82 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-use-the-linux-if_packet.h-Interface-directly.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-use-the-linux-if_packet.h-Interface-directly.patch @@ -1,17 +1,18 @@ -From 1cec65e45f011c3f52eed5e27d3d816502e36610 Mon Sep 17 00:00:00 2001 +From 28b2d17de9414161d5edd67766bd4b452cd809ef Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Mon, 20 Mar 2017 12:12:51 -0700 -Subject: [PATCH 1/2] use the linux if_packet.h Interface directly +Subject: [PATCH] use the linux if_packet.h Interface directly Helps compiling with musl Signed-off-by: Khem Raj <raj.khem@gmail.com> + --- lib/netdev-linux.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/netdev-linux.c b/lib/netdev-linux.c -index a5a9ec1ab..9dd40acdd 100644 +index fccf88f..b703156 100644 --- a/lib/netdev-linux.c +++ b/lib/netdev-linux.c @@ -33,14 +33,13 @@ @@ -30,6 +31,3 @@ index a5a9ec1ab..9dd40acdd 100644 #include <net/route.h> #include <netinet/in.h> #include <poll.h> --- -2.12.0 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch index e44ffdaf5a..f997bbff70 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch @@ -1,21 +1,22 @@ -From 803bde12d32d16eefeae03422a0ac682e0601c43 Mon Sep 17 00:00:00 2001 +From 801023e72b31e7c49cbccedd76ade33a17fcbe45 Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Mon, 20 Mar 2017 12:13:30 -0700 -Subject: [PATCH 2/2] Define WAIT_ANY if not provided by system +Subject: [PATCH] Define WAIT_ANY if not provided by system POSIX does not define it and uses -1 directly some libc do not have this definitions Signed-off-by: Khem Raj <raj.khem@gmail.com> + --- tests/test-ovn.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/test-ovn.c b/tests/test-ovn.c -index 2e82a6f0d..76e7db9fb 100644 +index 84adf81..2bc6bdf 100644 --- a/tests/test-ovn.c +++ b/tests/test-ovn.c -@@ -37,6 +37,10 @@ +@@ -38,6 +38,10 @@ #include "simap.h" #include "util.h" @@ -26,6 +27,3 @@ index 2e82a6f0d..76e7db9fb 100644 /* --relops: Bitmap of the relational operators to test, in exhaustive test. */ static unsigned int test_relops; --- -2.12.0 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Python3-compatibility-exception-cleanup.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Python3-compatibility-exception-cleanup.patch index 59c0f3e4d4..70abd263da 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Python3-compatibility-exception-cleanup.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Python3-compatibility-exception-cleanup.patch @@ -1,7 +1,7 @@ -From c98fee41d130cb946aa4e60fefaa6cbf203f6790 Mon Sep 17 00:00:00 2001 +From c0ba116eab401431b4f11b66bd7d1b42741b03c3 Mon Sep 17 00:00:00 2001 From: Jason Wessel <jason.wessel@windriver.com> Date: Thu, 29 Jun 2017 20:33:23 -0700 -Subject: [PATCH 2/8] Python3 compatibility: exception cleanup +Subject: [PATCH] Python3 compatibility: exception cleanup Commit 52e4a477f0b3c0a0ece7adeede6e06e07814f8b9 from https://github.com/openvswitch/ovs.git @@ -11,6 +11,7 @@ to use the "as" form for "except:". Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Ben Pfaff <blp@ovn.org> + --- build-aux/extract-ofp-fields | 2 +- ovsdb/ovsdb-doc | 4 ++-- @@ -18,7 +19,7 @@ Signed-off-by: Ben Pfaff <blp@ovn.org> 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/build-aux/extract-ofp-fields b/build-aux/extract-ofp-fields -index 425a85f..61e752b 100755 +index 80c7d35..6286c9c 100755 --- a/build-aux/extract-ofp-fields +++ b/build-aux/extract-ofp-fields @@ -784,7 +784,7 @@ if __name__ == "__main__": @@ -31,7 +32,7 @@ index 425a85f..61e752b 100755 sys.exit(1) diff --git a/ovsdb/ovsdb-doc b/ovsdb/ovsdb-doc -index b34fb11..918e88a 100755 +index e82ad59..9448713 100755 --- a/ovsdb/ovsdb-doc +++ b/ovsdb/ovsdb-doc @@ -278,7 +278,7 @@ if __name__ == "__main__": @@ -53,7 +54,7 @@ index b34fb11..918e88a 100755 sys.exit(1) diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in -index 1064448..8b85f0d 100755 +index 62442ee..e7e1c6b 100755 --- a/ovsdb/ovsdb-idlc.in +++ b/ovsdb/ovsdb-idlc.in @@ -1098,7 +1098,7 @@ if __name__ == "__main__": @@ -74,6 +75,3 @@ index 1064448..8b85f0d 100755 sys.stderr.write("%s: %s\n" % (argv0, e)) sys.exit(1) --- -2.5.0 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0003-Python3-compatibility-execfile-to-exec.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0003-Python3-compatibility-execfile-to-exec.patch index a85980ed32..98d77c8a77 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0003-Python3-compatibility-execfile-to-exec.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0003-Python3-compatibility-execfile-to-exec.patch @@ -1,7 +1,7 @@ -From 9cbae86be03756df76560c15720756f9ac088144 Mon Sep 17 00:00:00 2001 +From 8557d51e8c7325a17219911e9a65eeb3946e869f Mon Sep 17 00:00:00 2001 From: Jason Wessel <jason.wessel@windriver.com> Date: Thu, 29 Jun 2017 20:33:23 -0700 -Subject: [PATCH 3/8] Python3 compatibility: execfile to exec +Subject: [PATCH] Python3 compatibility: execfile to exec Commit a4d10a7ca937d73873f6f98619d88682e69f5dbe from https://github.com/openvswitch/ovs.git @@ -11,12 +11,13 @@ exec(). Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Ben Pfaff <blp@ovn.org> + --- ovsdb/ovsdb-idlc.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in -index 8b85f0d..3fa1a0f 100755 +index e7e1c6b..e1551f9 100755 --- a/ovsdb/ovsdb-idlc.in +++ b/ovsdb/ovsdb-idlc.in @@ -17,7 +17,7 @@ def parseSchema(filename): @@ -28,6 +29,3 @@ index 8b85f0d..3fa1a0f 100755 ovs.json.to_stream(schemaJson, sys.stdout) sys.stdout.write('\n') --- -2.5.0 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0004-Python3-compatibility-iteritems-to-items.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0004-Python3-compatibility-iteritems-to-items.patch index ddc86db2a1..092c42d69a 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0004-Python3-compatibility-iteritems-to-items.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0004-Python3-compatibility-iteritems-to-items.patch @@ -1,7 +1,7 @@ -From 0f318e472d9897d99395adcfb17cbeaff05677ba Mon Sep 17 00:00:00 2001 +From 7e4bd5c2af85b1293be0a92b18f7930bda2ab41a Mon Sep 17 00:00:00 2001 From: Jason Wessel <jason.wessel@windriver.com> Date: Thu, 29 Jun 2017 20:33:23 -0700 -Subject: [PATCH 4/8] Python3 compatibility: iteritems to items +Subject: [PATCH] Python3 compatibility: iteritems to items Commit 4ab665623cbb4c6506e48b82e0c9fe8585f42e13 from https://github.com/openvswitch/ovs.git @@ -11,6 +11,7 @@ items(). Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Ben Pfaff <blp@ovn.org> + --- build-aux/extract-ofp-actions | 2 +- build-aux/extract-ofp-errors | 2 +- @@ -19,7 +20,7 @@ Signed-off-by: Ben Pfaff <blp@ovn.org> 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/build-aux/extract-ofp-actions b/build-aux/extract-ofp-actions -index 874e6b4..c11297c 100755 +index 67e3848..c7858bd 100755 --- a/build-aux/extract-ofp-actions +++ b/build-aux/extract-ofp-actions @@ -13,7 +13,7 @@ version_map = {"1.0": 0x01, @@ -32,7 +33,7 @@ index 874e6b4..c11297c 100755 # Map from vendor name to the length of the action header. vendor_map = {"OF": (0x00000000, 4), diff --git a/build-aux/extract-ofp-errors b/build-aux/extract-ofp-errors -index 336a240..71ae0bd 100755 +index 97d62d2..58ba006 100755 --- a/build-aux/extract-ofp-errors +++ b/build-aux/extract-ofp-errors @@ -14,7 +14,7 @@ version_map = {"1.0": 0x01, @@ -45,7 +46,7 @@ index 336a240..71ae0bd 100755 token = None line = "" diff --git a/build-aux/extract-ofp-fields b/build-aux/extract-ofp-fields -index 61e752b..ef997dd 100755 +index 6286c9c..f624728 100755 --- a/build-aux/extract-ofp-fields +++ b/build-aux/extract-ofp-fields @@ -16,7 +16,7 @@ VERSION = {"1.0": 0x01, @@ -58,7 +59,7 @@ index 61e752b..ef997dd 100755 TYPES = {"u8": (1, False), "be16": (2, False), diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in -index 3fa1a0f..615548f 100755 +index e1551f9..b70a599 100755 --- a/ovsdb/ovsdb-idlc.in +++ b/ovsdb/ovsdb-idlc.in @@ -138,7 +138,7 @@ def printCIDLHeader(schemaFile): @@ -97,6 +98,3 @@ index 3fa1a0f..615548f 100755 structName = "%s%s" % (prefix, tableName.lower()) if table.is_root: is_root = "true" --- -2.5.0 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0005-Python3-compatibility-fix-integer-problems.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0005-Python3-compatibility-fix-integer-problems.patch index 717a97dbee..d6f93646f9 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0005-Python3-compatibility-fix-integer-problems.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0005-Python3-compatibility-fix-integer-problems.patch @@ -1,7 +1,7 @@ -From bc29f98f0137fa1083a4cacf832d52f740d150a8 Mon Sep 17 00:00:00 2001 +From d22c7f1c6ade82a0cd646cfcd8df9adda6cd1ad6 Mon Sep 17 00:00:00 2001 From: Jason Wessel <jason.wessel@windriver.com> Date: Thu, 29 Jun 2017 20:33:23 -0700 -Subject: [PATCH 5/8] Python3 compatibility: fix integer problems +Subject: [PATCH] Python3 compatibility: fix integer problems Commit fa145f1a53943243f94a32ce98525db8494b0052 from https://github.com/openvswitch/ovs.git @@ -15,13 +15,14 @@ The simple answer is to convert it with int() and move on. Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Ben Pfaff <blp@ovn.org> + --- ovsdb/ovsdb-idlc.in | 2 +- python/build/nroff.py | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in -index 615548f..7cbcbf5 100755 +index b70a599..3645275 100755 --- a/ovsdb/ovsdb-idlc.in +++ b/ovsdb/ovsdb-idlc.in @@ -358,7 +358,7 @@ static void @@ -46,6 +47,3 @@ index c23837f..401f699 100644 extend = x + len(s) - len(text[y]) if extend > 0: text[y] += ' ' * extend --- -2.5.0 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0006-Python3-compatibility-math-error-compatibility.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0006-Python3-compatibility-math-error-compatibility.patch index 54905cd0a7..c53502b5d5 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0006-Python3-compatibility-math-error-compatibility.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0006-Python3-compatibility-math-error-compatibility.patch @@ -1,7 +1,7 @@ -From 3a9fcf1c8f60c160c282c9755ee1c7f9f7e113c3 Mon Sep 17 00:00:00 2001 +From 7f542122d62b20d11198bfdb0f2c6a460261b5e7 Mon Sep 17 00:00:00 2001 From: Jason Wessel <jason.wessel@windriver.com> Date: Thu, 29 Jun 2017 20:33:23 -0700 -Subject: [PATCH 6/8] Python3 compatibility: math error compatibility +Subject: [PATCH] Python3 compatibility: math error compatibility Commit 3fa5aa4294377e0f35267936d0c5caea3e61db48 from https://github.com/openvswitch/ovs.git @@ -34,12 +34,13 @@ EOF Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Ben Pfaff <blp@ovn.org> + --- build-aux/extract-ofp-actions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-aux/extract-ofp-actions b/build-aux/extract-ofp-actions -index c11297c..bd7131f 100755 +index c7858bd..4d05ef9 100755 --- a/build-aux/extract-ofp-actions +++ b/build-aux/extract-ofp-actions @@ -35,7 +35,7 @@ line = "" @@ -51,6 +52,3 @@ index c11297c..bd7131f 100755 def open_file(fn): global file_name --- -2.5.0 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0007-Python3-compatibility-unicode-to-str.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0007-Python3-compatibility-unicode-to-str.patch index faa32b73b7..753490f819 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0007-Python3-compatibility-unicode-to-str.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0007-Python3-compatibility-unicode-to-str.patch @@ -1,7 +1,7 @@ -From 2fe58f87b00d0ec24d6997930d0bcdb130c84396 Mon Sep 17 00:00:00 2001 +From c78b39ae9ba6337210d6a9e4ccc4753cb1c3b48f Mon Sep 17 00:00:00 2001 From: Jason Wessel <jason.wessel@windriver.com> Date: Thu, 29 Jun 2017 20:33:23 -0700 -Subject: [PATCH 7/8] Python3 compatibility: unicode to str +Subject: [PATCH] Python3 compatibility: unicode to str Commit 7430959d4ad17db89b8387c3aef58c8b230cad10 from https://github.com/openvswitch/ovs.git @@ -19,12 +19,13 @@ type because it doesn't exist. Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Ben Pfaff <blp@ovn.org> + --- ovsdb/ovsdb-doc | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/ovsdb/ovsdb-doc b/ovsdb/ovsdb-doc -index 918e88a..406c293 100755 +index 9448713..d55c6e6 100755 --- a/ovsdb/ovsdb-doc +++ b/ovsdb/ovsdb-doc @@ -65,9 +65,15 @@ def columnGroupToNroff(table, groupXml, documented_columns): @@ -46,6 +47,3 @@ index 918e88a..406c293 100755 type_ = ovs.db.types.BaseType.from_json(type_json) else: type_ = column.type.value --- -2.5.0 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0008-AUTHORS-Add-Jason-Wessel.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0008-AUTHORS-Add-Jason-Wessel.patch index d2c2be7cf3..f55a5caf5a 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0008-AUTHORS-Add-Jason-Wessel.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0008-AUTHORS-Add-Jason-Wessel.patch @@ -1,12 +1,13 @@ -From a3289add8368e0c970ae1c1c84f5df1f817ed43c Mon Sep 17 00:00:00 2001 +From f8491645416952b31000f42777ff79486a7b0511 Mon Sep 17 00:00:00 2001 From: Ben Pfaff <blp@ovn.org> Date: Thu, 6 Jul 2017 14:01:27 -0700 -Subject: [PATCH 8/8] AUTHORS: Add Jason Wessel. +Subject: [PATCH] AUTHORS: Add Jason Wessel. Commit a91c4cfaf863718bc94fb9c88939bd0b0385a6fe from https://github.com/openvswitch/ovs.git Signed-off-by: Ben Pfaff <blp@ovn.org> + --- AUTHORS.rst | 1 + 1 file changed, 1 insertion(+) @@ -23,6 +24,3 @@ index 63e6a8d..d0dc70d 100644 Jasper Capel jasper@capel.tv Jean Tourrilhes jt@hpl.hp.com Jeremy Stribling strib@nicira.com --- -2.5.0 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch deleted file mode 100644 index 0fc3aa1ab8..0000000000 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch +++ /dev/null @@ -1,29 +0,0 @@ -A buggy or malicious switch could send a role status message with a bad -reason code, which if printed by OVS would cause it to abort. This fixes -the problem. - -CVE: CVE-2017-9263 -Upstream-Status: Submitted - -Reported-by: Bhargava Shastry <bshastry at sec.t-labs.tu-berlin.de> -Signed-off-by: Ben Pfaff <blp at ovn.org> ---- - lib/ofp-print.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/lib/ofp-print.c b/lib/ofp-print.c -index 7ca953100539..1932baf4871f 100644 ---- a/lib/ofp-print.c -+++ b/lib/ofp-print.c -@@ -2147,7 +2147,8 @@ ofp_print_role_status_message(struct ds *string, const struct ofp_header *oh) - break; - case OFPCRR_N_REASONS: - default: -- OVS_NOT_REACHED(); -+ ds_put_cstr(string, "(unknown)"); -+ break; - } - } - --- -2.10.2 diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/disable_m4_check.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/disable_m4_check.patch index 1ad5d6f4c9..5c86aacc50 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/disable_m4_check.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/disable_m4_check.patch @@ -1,13 +1,19 @@ -Disable m4 file test where sources are built from git. +From f675d7209f999ce80cb4249c4ebb216697387b71 Mon Sep 17 00:00:00 2001 +From: Amy Fong <amy.fong@windriver.com> +Date: Thu, 29 Jan 2015 09:56:03 -0500 +Subject: [PATCH] Disable m4 file test where sources are built from git. Signed-off-by: Amy Fong <amy.fong@windriver.com> + --- - Makefile.am | 2 +- + Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) +diff --git a/Makefile.am b/Makefile.am +index ff7d70a..2fc1f13 100644 --- a/Makefile.am +++ b/Makefile.am -@@ -185,7 +185,7 @@ +@@ -189,7 +189,7 @@ CLEAN_LOCAL += clean-pycov # Makefile in datapath/linux, needed to get the list of files to # distribute, requires GNU make extensions. if GNU_MAKE @@ -15,4 +21,4 @@ Signed-off-by: Amy Fong <amy.fong@windriver.com> +# ALL_LOCAL += dist-hook-git dist-hook-git: distfiles @if test -e $(srcdir)/.git && (git --version) >/dev/null 2>&1; then \ - (cd datapath && $(MAKE) distfiles); \ + (cd datapath && $(MAKE) distfiles); \ diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch index 033cfb8a0f..c177202fa7 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch @@ -1,13 +1,19 @@ -Specify install path for kernel module +From adfd2380d71dff1a31efaf63cf7ac97470466ec9 Mon Sep 17 00:00:00 2001 +From: Amy Fong <amy.fong@windriver.com> +Date: Thu, 29 Jan 2015 09:56:03 -0500 +Subject: [PATCH] Specify install path for kernel module Signed-off-by: Amy Fong <amy.fong@windriver.com> + --- - datapath/linux/Makefile.main.in | 4 ++-- - 1 files changed, 2 insertions(+), 2 deletions(-) + datapath/linux/Makefile.main.in | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) +diff --git a/datapath/linux/Makefile.main.in b/datapath/linux/Makefile.main.in +index 7d18253..63c520f 100644 --- a/datapath/linux/Makefile.main.in +++ b/datapath/linux/Makefile.main.in -@@ -71,8 +71,8 @@ +@@ -71,8 +71,8 @@ default: $(MAKE) -C $(KSRC) M=$(builddir) modules modules_install: diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-b29cb89e9e9fe3119b2e5dd5d4fb79141635b7cc.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-b8dcfbebee9e7dbc74ec5eecc9b45d335d6150c1.patch index 47c81dd98c..4ae86c381e 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-b29cb89e9e9fe3119b2e5dd5d4fb79141635b7cc.patch +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-b8dcfbebee9e7dbc74ec5eecc9b45d335d6150c1.patch @@ -1,4 +1,4 @@ -From a2a656e6976a60e5df3ade0d17a40b4ebdc2b41a Mon Sep 17 00:00:00 2001 +From fb68120ef8aed625b04b2fbd2cb78fc59a7b7432 Mon Sep 17 00:00:00 2001 From: He Zhe <zhe.he@windriver.com> Date: Wed, 30 Mar 2016 06:23:45 -0400 Subject: [PATCH] openvswitch: Add test-install rule to support ptest execution @@ -12,6 +12,7 @@ Fix ptest for v2.5 - Modify config files for running on target. Signed-off-by: He Zhe <zhe.he@windriver.com> + --- Makefile.am | 1 + test.mk | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ @@ -19,7 +20,7 @@ Signed-off-by: He Zhe <zhe.he@windriver.com> create mode 100644 test.mk diff --git a/Makefile.am b/Makefile.am -index a4dd7b8..0bd32c7 100644 +index ea63acb..ff7d70a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -429,3 +429,4 @@ include windows/automake.mk @@ -105,6 +106,3 @@ index 0000000..b10a581 + sed -i 's|$$srcdir|$$abs_srcdir|g' $(TEST_DEST)/tests/testsuite + sed -i 's|ovs-appctl-bashcomp\.bash|/etc/bash_completion.d/ovs-appctl-bashcomp\.bash|g' $(TEST_DEST)/tests/testsuite + sed -i 's|ovs-vsctl-bashcomp\.bash|/etc/bash_completion.d/ovs-vsctl-bashcomp\.bash|g' $(TEST_DEST)/tests/testsuite --- -2.7.4 - diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb index b4aab35503..c3a8301914 100644 --- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb @@ -3,20 +3,20 @@ require openvswitch.inc DEPENDS += "virtual/kernel" RDEPENDS_${PN}-ptest += "\ - python3-logging python3-syslog python3-argparse python3-io \ - python3-fcntl python3-shell python3-lang python3-xml python3-math \ + python3-logging python3-syslog python3-io \ + python3-fcntl python3-shell python3-xml python3-math \ python3-datetime python3-netclient python3 sed \ ldd perl-module-socket perl-module-carp perl-module-exporter \ perl-module-xsloader python3-netserver python3-threading \ - python3-resource python3-subprocess findutils which \ + python3-resource findutils which \ " S = "${WORKDIR}/git" -PV = "2.7.1+${SRCREV}" +PV = "2.7.3+${SRCREV}" FILESEXTRAPATHS_append := "${THISDIR}/${PN}-git:" -SRCREV = "b29cb89e9e9fe3119b2e5dd5d4fb79141635b7cc" +SRCREV = "b8dcfbebee9e7dbc74ec5eecc9b45d335d6150c1" SRC_URI = "file://openvswitch-switch \ file://openvswitch-switch-setup \ file://openvswitch-testcontroller \ @@ -29,7 +29,6 @@ SRC_URI = "file://openvswitch-switch \ file://python-make-remaining-scripts-use-usr-bin-env.patch \ file://0001-use-the-linux-if_packet.h-Interface-directly.patch \ file://0002-Define-WAIT_ANY-if-not-provided-by-system.patch \ - file://CVE-2017-9263.patch \ file://python-switch-remaining-scripts-to-use-python3.patch \ " diff --git a/import-layers/meta-virtualization/recipes-support/dnsmasq/dnsmasq_2.%.bbappend b/import-layers/meta-virtualization/recipes-support/dnsmasq/dnsmasq_2.%.bbappend deleted file mode 100644 index 8d66ca6a7b..0000000000 --- a/import-layers/meta-virtualization/recipes-support/dnsmasq/dnsmasq_2.%.bbappend +++ /dev/null @@ -1,5 +0,0 @@ -# dnsmasq is greedy with interfaces by default using bind-dynamic will -# make it less greedy but still function as it did by default. -do_install_append() { - sed -i '/#bind-interfaces/a # Play nice with libvirt\nbind-dynamic' ${D}${sysconfdir}/dnsmasq.conf -} |