Add xenkernel418 version 20231116
Unlike previous Xen packages, the xentools418 and xenkernel418 will point to a specific commit of the stable branch (instead of release tags), the package version being the date of the commit. Hopefully this will make tracking security fixes easier. From DESCR: Xen is a hypervisor which supports running multiple guest operating systems on a single machine. Guest OSes (also called "domains") can be either paravirtualised (i.e. make hypercalls in order to access hardware), run in HVM (Hardware Virtualisation Mode) where they will be presented with virtual devices, or a combination where they use hypercalls to access hardware but manage memory themselves. At boot, the xen kernel is loaded along with the guest kernel for the first domain (called domain0). domain0 has privileges to access the physical hardware (PCI and ISA devices), administrate other domains and provide virtual devices (disks and network) to other domains. This package contains the 4.18 Xen kernel itself. PCI passthrough is not supported. PAE is mandatory; on i386 one must use XEN3PAE_DOM[0U].
This commit is contained in:
parent
be1e804dfc
commit
17810c077a
|
@ -0,0 +1,14 @@
|
|||
Xen is a hypervisor which supports running multiple guest operating
|
||||
systems on a single machine. Guest OSes (also called "domains")
|
||||
can be either paravirtualised (i.e. make hypercalls in order to
|
||||
access hardware), run in HVM (Hardware Virtualisation Mode) where
|
||||
they will be presented with virtual devices, or a combination where
|
||||
they use hypercalls to access hardware but manage memory themselves.
|
||||
At boot, the xen kernel is loaded along with the guest kernel for
|
||||
the first domain (called domain0). domain0 has privileges to access
|
||||
the physical hardware (PCI and ISA devices), administrate other
|
||||
domains and provide virtual devices (disks and network) to other
|
||||
domains.
|
||||
|
||||
This package contains the 4.18 Xen kernel itself. PCI passthrough is
|
||||
not supported. PAE is mandatory; on i386 one must use XEN3PAE_DOM[0U].
|
|
@ -0,0 +1,14 @@
|
|||
===========================================================================
|
||||
$NetBSD: MESSAGE,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
|
||||
The Xen hypervisor is installed under the following locations:
|
||||
${XENKERNELDIR}/xen.gz (standard hypervisor)
|
||||
${XENKERNELDIR}/xen-debug.gz (debug hypervisor)
|
||||
|
||||
Note that unlike upstream Xen, pv-linear-pt defaults to true.
|
||||
You can disable it using pv-linear-pt=false on the Xen command line,
|
||||
but then you can't boot NetBSD in PV mode.
|
||||
|
||||
32bits PV guests are not officially supported any more.
|
||||
Switch to pvshim (for netbsd-9 or older) or pvh (for netbsd-10 or newer).
|
||||
===========================================================================
|
|
@ -0,0 +1,84 @@
|
|||
# $NetBSD: Makefile,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
# VERSION is set in version.mk as it is shared with other packages
|
||||
#PKGREVISION= 1
|
||||
|
||||
XENKERNEL:=
|
||||
.include "../../sysutils/xentools418/version.mk"
|
||||
PKGNAME= xenkernel418-${VERSION:S/-//g}
|
||||
CATEGORIES= sysutils
|
||||
|
||||
MAINTAINER= bouyer@NetBSD.org
|
||||
HOMEPAGE= https://xenproject.org/
|
||||
COMMENT= Xen 4.18.x Kernel
|
||||
|
||||
LICENSE= gnu-gpl-v2
|
||||
|
||||
ONLY_FOR_PLATFORM= NetBSD-*.*-x86_64
|
||||
|
||||
SSP_SUPPORTED= no
|
||||
|
||||
NO_CONFIGURE= yes
|
||||
USE_TOOLS+= gmake bison ggrep
|
||||
#force use of pkgsrc's ggrep, NetBSD one is not enough
|
||||
TOOLS_PLATFORM.ggrep=
|
||||
|
||||
PYTHON_FOR_BUILD_ONLY= YES
|
||||
|
||||
MAKE_ENV+= OCAML_TOOLS=no
|
||||
.if defined(PKGREVISION) && !empty(PKGREVISION) && (${PKGREVISION} != "0")
|
||||
MAKE_ENV+= XEN_VENDORVERSION=_${VERSION}nb${PKGREVISION}
|
||||
.else
|
||||
MAKE_ENV+= XEN_VENDORVERSION=_${VERSION}nb0
|
||||
.endif
|
||||
|
||||
INSTALLATION_DIRS= xen418-kernel
|
||||
XENKERNELDIR= ${PREFIX}/${INSTALLATION_DIRS}
|
||||
|
||||
MESSAGE_SUBST+= XENKERNELDIR=${XENKERNELDIR}
|
||||
|
||||
.include "../../mk/compiler.mk"
|
||||
EXTRA_CFLAGS+= -Wno-error=char-subscripts
|
||||
.if !empty(PKGSRC_COMPILER:Mclang)
|
||||
EXTRA_CFLAGS+= -Qunused-arguments -no-integrated-as -Wno-error=format \
|
||||
-Wno-error=parentheses-equality -Wno-error=enum-conversion \
|
||||
-Wno-error=unused-function -Wno-error=unused-const-variable \
|
||||
-Wno-error=ignored-attributes -Wno-error=constant-conversion \
|
||||
-Wno-error=address-of-packed-member \
|
||||
-Wno-error=initializer-overrides \
|
||||
-Wno-error=tautological-compare -Wno-error=pragma-pack
|
||||
.elif !empty(PKGSRC_COMPILER:Mgcc)
|
||||
EXTRA_CFLAGS+= -falign-functions=16
|
||||
.endif
|
||||
|
||||
MAKE_ENV+= EXTRA_CFLAGS=${EXTRA_CFLAGS:Q}
|
||||
|
||||
do-build:
|
||||
cd ${WRKSRC} && ${BUILD_MAKE_CMD} build-xen
|
||||
${CP} ${WRKSRC}/xen/xen.gz ${WRKDIR}/xen.gz
|
||||
cd ${WRKSRC} && ${MAKE_PROGRAM} clean
|
||||
echo "CONFIG_DEBUG=y" >> ${WRKSRC}/xen/.config
|
||||
echo "CONFIG_DEBUG_INFO=y" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_DEBUG_LOCK_PROFILE is not set" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_DEBUG_LOCKS is not set" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_DEBUG_TRACE is not set" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_XMEM_POOL_POISON is not set" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_CRASH_DEBUG is not set" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_GDBSX is not set" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_FRAME_POINTER is not set" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_GCOV is not set" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_LOCK_PROFILE is not set" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_PERF_COUNTERS is not set" >> ${WRKSRC}/xen/.config
|
||||
echo "CONFIG_VERBOSE_DEBUG=y" >> ${WRKSRC}/xen/.config
|
||||
echo "CONFIG_SCRUB_DEBUG=y" >> ${WRKSRC}/xen/.config
|
||||
echo "# CONFIG_UBSAN is not set" >> ${WRKSRC}/xen/.config
|
||||
cd ${WRKSRC} && ${BUILD_MAKE_CMD} build-xen
|
||||
${CP} ${WRKSRC}/xen/xen.gz ${WRKDIR}/xen-debug.gz
|
||||
|
||||
do-install:
|
||||
${INSTALL_DATA} ${WRKDIR}/xen.gz \
|
||||
${DESTDIR}${XENKERNELDIR}/xen.gz
|
||||
${INSTALL_DATA} ${WRKDIR}/xen-debug.gz \
|
||||
${DESTDIR}${XENKERNELDIR}/xen-debug.gz
|
||||
|
||||
.include "../../lang/python/application.mk"
|
||||
.include "../../mk/bsd.pkg.mk"
|
|
@ -0,0 +1,3 @@
|
|||
@comment $NetBSD: PLIST,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
xen418-kernel/xen-debug.gz
|
||||
xen418-kernel/xen.gz
|
|
@ -0,0 +1,12 @@
|
|||
$NetBSD: distinfo,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
|
||||
BLAKE2s (xen418/xen-d75f1e9.tar.gz) = 378782f6af3fb609a0fce4c7e76a3fc22d3ad691b89aa2d328be3310431dfbcf
|
||||
SHA512 (xen418/xen-d75f1e9.tar.gz) = e928b980f6bff13b9754f705d6b01ed0d4c4083187d74105dc4fad5af5c6bae0dd97b36ebc21482750ddbc038538e38a1296d4a3cf782fdcd2dc2b8b97d6dbd5
|
||||
Size (xen418/xen-d75f1e9.tar.gz) = 6820424 bytes
|
||||
SHA1 (patch-Config.mk) = 9372a09efd05c9fbdbc06f8121e411fcb7c7ba65
|
||||
SHA1 (patch-xen_Makefile) = 0c400e8054e907ce44faf2be955e0c2d63b768ed
|
||||
SHA1 (patch-xen_arch_x86_Rules.mk) = b0bc391f2ca3e96ce2bcaec5e1fcd66139ff16f9
|
||||
SHA1 (patch-xen_arch_x86_boot_build32.lds) = 9157f22876085254844f720853761a2cd0f4876e
|
||||
SHA1 (patch-xen_arch_x86_extable.c) = f64b956be1167901a60bf9be1abd98dbfaffb100
|
||||
SHA1 (patch-xen_arch_x86_mm_p2m.c) = 6e9b84dc8448eca9677f184e720bbfcb3c6d314e
|
||||
SHA1 (patch-xen_tools_check-endbr.sh) = a7268ee5ff11f21fdc5b0bc213498a1923b693be
|
|
@ -0,0 +1,14 @@
|
|||
$NetBSD: patch-Config.mk,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
|
||||
--- Config.mk.orig 2018-04-17 19:21:31.000000000 +0200
|
||||
+++ Config.mk 2018-04-23 13:29:47.000000000 +0200
|
||||
@@ -32,6 +32,9 @@
|
||||
# Tools to run on system hosting the build
|
||||
HOSTCFLAGS = -Wall -Werror -Wstrict-prototypes -O2 -fomit-frame-pointer
|
||||
HOSTCFLAGS += -fno-strict-aliasing
|
||||
+HOSTCFLAGS += ${EXTRA_CFLAGS}
|
||||
+CFLAGS += ${EXTRA_CFLAGS}
|
||||
+
|
||||
|
||||
DISTDIR ?= $(XEN_ROOT)/dist
|
||||
DESTDIR ?= /
|
|
@ -0,0 +1,13 @@
|
|||
$NetBSD: patch-xen_Makefile,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
|
||||
--- xen/Makefile.orig 2023-10-06 19:17:42.000000000 +0200
|
||||
+++ xen/Makefile 2023-10-10 16:04:53.552602218 +0200
|
||||
@@ -260,7 +260,7 @@
|
||||
|
||||
# Copy CFLAGS generated by "Config.mk" so they can be reused later without
|
||||
# reparsing Config.mk by e.g. arch/x86/boot/.
|
||||
-export XEN_TREEWIDE_CFLAGS := $(CFLAGS)
|
||||
+export XEN_TREEWIDE_CFLAGS := $(EXTRA_CFLAGS) $(CFLAGS)
|
||||
|
||||
# CLANG_FLAGS needs to be calculated before calling Kconfig
|
||||
ifneq ($(shell $(CC) --version 2>&1 | head -n 1 | grep clang),)
|
|
@ -0,0 +1,10 @@
|
|||
$NetBSD: patch-xen_arch_x86_Rules.mk,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
|
||||
--- xen/arch/x86/Rules.mk.orig 2022-11-15 09:03:34.000000000 +0100
|
||||
+++ xen/arch/x86/Rules.mk 2022-12-14 21:22:01.302860156 +0100
|
||||
@@ -8,3 +8,5 @@
|
||||
endif
|
||||
c_flags += $(object_label_flags) $(CFLAGS_stack_boundary)
|
||||
a_flags += $(object_label_flags) $(CFLAGS_stack_boundary)
|
||||
+
|
||||
+c_flags += $(EXTRA_CFLAGS)
|
|
@ -0,0 +1,18 @@
|
|||
$NetBSD: patch-xen_arch_x86_boot_build32.lds,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
linux's toolchain doesn't generate a .eh_frame section but NetBSD does.
|
||||
remove it.
|
||||
|
||||
--- xen/arch/x86/boot/build32.lds.orig 2023-10-10 16:16:15.693245700 +0200
|
||||
+++ xen/arch/x86/boot/build32.lds 2023-10-10 16:18:43.427188663 +0200
|
||||
@@ -31,6 +31,11 @@
|
||||
*(.bss.*)
|
||||
}
|
||||
|
||||
+ /* discard .eh_frame section generated by NetBSD toolchain */
|
||||
+ /DISCARD/ : {
|
||||
+ *(.eh_frame)
|
||||
+ }
|
||||
+
|
||||
/* Dynamic linkage sections. Collected simply so we can check they're empty. */
|
||||
.got : {
|
||||
*(.got)
|
|
@ -0,0 +1,15 @@
|
|||
$NetBSD: patch-xen_arch_x86_extable.c,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
|
||||
silent nosy debug output
|
||||
|
||||
--- xen/arch/x86/extable.c.orig 2023-10-06 19:17:42.000000000 +0200
|
||||
+++ xen/arch/x86/extable.c 2023-10-10 16:20:56.285091628 +0200
|
||||
@@ -202,7 +202,7 @@
|
||||
__start___pre_ex_table, __stop___pre_ex_table, addr);
|
||||
if ( fixup )
|
||||
{
|
||||
- dprintk(XENLOG_INFO, "Pre-exception: %p -> %p\n", _p(addr), _p(fixup));
|
||||
+ // dprintk(XENLOG_INFO, "Pre-exception: %p -> %p\n", _p(addr), _p(fixup));
|
||||
perfc_incr(exception_fixed);
|
||||
}
|
||||
return fixup;
|
|
@ -0,0 +1,21 @@
|
|||
$NetBSD: patch-xen_arch_x86_mm_p2m.c,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
|
||||
silent a noisy warning
|
||||
|
||||
--- xen/arch/x86/mm/p2m.c.orig 2020-05-03 21:13:56.173269058 +0200
|
||||
+++ xen/arch/x86/mm/p2m.c 2020-05-03 21:15:38.477174874 +0200
|
||||
@@ -1367,10 +1367,13 @@
|
||||
ret = 0;
|
||||
else
|
||||
ret = -EBUSY;
|
||||
- printk(XENLOG_G_WARNING
|
||||
+
|
||||
+ if (gfn_l != mfn_x(mfn)) {
|
||||
+ printk(XENLOG_G_WARNING
|
||||
"Cannot setup identity map d%d:%lx,"
|
||||
" gfn already mapped to %lx.\n",
|
||||
d->domain_id, gfn_l, mfn_x(mfn));
|
||||
+ }
|
||||
}
|
||||
|
||||
gfn_unlock(p2m, gfn, 0);
|
|
@ -0,0 +1,26 @@
|
|||
$NetBSD: patch-xen_tools_check-endbr.sh,v 1.1 2023/11/21 11:38:26 bouyer Exp $
|
||||
|
||||
For for NetBSD's stat(1)
|
||||
|
||||
--- ./xen/tools/check-endbr.sh.orig 2023-10-10 16:35:16.089399100 +0200
|
||||
+++ ./xen/tools/check-endbr.sh 2023-10-10 16:41:12.764124684 +0200
|
||||
@@ -96,7 +96,7 @@
|
||||
|
||||
${OBJCOPY} -j .text $1 -O binary $TEXT_BIN
|
||||
|
||||
-bin_sz=$(stat -c '%s' $TEXT_BIN)
|
||||
+bin_sz=$(stat -f '%z' $TEXT_BIN)
|
||||
[ "$bin_sz" -ge $(((1 << 28) - $vma_lo)) ] &&
|
||||
{ echo "$MSG_PFX Error: .text offsets must not exceed 256M" >&2; exit 1; }
|
||||
|
||||
@@ -116,8 +116,8 @@
|
||||
wait
|
||||
|
||||
# Sanity check $VALID and $ALL, in case the string parsing bitrots
|
||||
-val_sz=$(stat -c '%s' $VALID)
|
||||
-all_sz=$(stat -c '%s' $ALL)
|
||||
+val_sz=$(stat -f '%z' $VALID)
|
||||
+all_sz=$(stat -f '%z' $ALL)
|
||||
[ "$val_sz" -eq 0 ] && { echo "$MSG_PFX Error: Empty valid-addrs" >&2; exit 1; }
|
||||
[ "$all_sz" -eq 0 ] && { echo "$MSG_PFX Error: Empty all-addrs" >&2; exit 1; }
|
||||
[ "$all_sz" -lt "$val_sz" ] && { echo "$MSG_PFX Error: More valid-addrs than all-addrs" >&2; exit 1; }
|
Loading…
Reference in New Issue