From: "M. Gregory" <mbgrego@tycho.nsa.gov>
To: Doug Goldstein <cardoe@cardoe.com>, meta-virtualization@yoctoproject.org
Subject: Re: [V2 Patch 2/2] Enables XSM functionality in builds that contain "xsm" in the PACKAGECONFIG.
Date: Tue, 22 Dec 2015 07:25:23 -0500 [thread overview]
Message-ID: <56794133.5010805@tycho.nsa.gov> (raw)
In-Reply-To: <5678E38F.3030609@cardoe.com>
I believe this patch will still be needed. Your patch to Xen just
enables the flask utilities to be built. The XSM framework and policy
loading code will still need to be compiled.
-Machon
On 12/22/2015 12:45 AM, Doug Goldstein wrote:
> On 12/16/15 11:08 AM, Machon Gregory wrote:
>> * Correctly identifies xenpolicy by ${PV}
>> * Adds a check to identify if xsm is specified in PACKAGECONFIG and if so manually sets XSM_ENABLE in Xen's .config
>>
>> Signed-off-by: Machon Gregory <mbgrego@tycho.nsa.gov>
>> ---
>> recipes-extended/xen/xen.inc | 16 +++++++++++++++-
>> 1 file changed, 15 insertions(+), 1 deletion(-)
>>
>> diff --git a/recipes-extended/xen/xen.inc b/recipes-extended/xen/xen.inc
>> index 9e35459..03ec935 100644
>> --- a/recipes-extended/xen/xen.inc
>> +++ b/recipes-extended/xen/xen.inc
>> @@ -333,7 +333,7 @@ FILES_${PN}-flask = "\
>> ${sbindir}/flask-loadpolicy \
>> ${sbindir}/flask-set-bool \
>> ${sbindir}/flask-setenforce \
>> - /boot/xenpolicy.24 \
>> + /boot/xenpolicy-${PV} \
>> "
>>
>> FILES_${PN}-gdbsx = "\
>> @@ -715,6 +715,15 @@ EXTRA_OECONF += " \
>> --disable-ocamltools \
>> "
>>
>> +# check for XSM in package config to allow XSM_ENABLE to be set
>> +python () {
>> + pkgconfig = d.getVar('PACKAGECONFIG', True)
>> + if ('xsm') in pkgconfig.split():
>> + d.setVar('XSM_ENABLED', '1')
>> + else:
>> + d.setVar('XSM_ENABLED', '0')
>> +}
>> +
>> do_configure() {
>> # no stubs-32.h in our 64-bit sysroot - hack it into tools/include/gnu
>> if ! test -f ${STAGING_DIR_TARGET}/usr/include/gnu/stubs-32.h ; then
>> @@ -727,6 +736,11 @@ do_configure() {
>> fi
>> fi
>>
>> + #./configure --enable-xsm does not set XSM_ENABLE must be done manually
>> + if [ "${XSM_ENABLED}" = "1" ]; then
>> + echo "XSM_ENABLE := y" > ${S}/.config
>> + fi
>> +
>> # do configure
>> oe_runconf
>> }
>>
> This should do the trick for Xen 4.5 and Xen 4.6, however for 4.7 I've
> just submitted some changes to how FLASK and XSM are built and this will
> break there but we'll cross that bridge then.
>
> Reviewed-by: Doug Goldstein <cardoe@cardoe.com>
>
next prev parent reply other threads:[~2015-12-22 13:01 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-16 17:08 [V2 Patch 1/2] Disables OCaml tools Machon Gregory
2015-12-16 17:08 ` [V2 Patch 2/2] Enables XSM functionality in builds that contain "xsm" in the PACKAGECONFIG Machon Gregory
2015-12-22 5:45 ` Doug Goldstein
2015-12-22 12:25 ` M. Gregory [this message]
2015-12-22 14:40 ` Doug Goldstein
2015-12-21 20:11 ` [V2 Patch 1/2] Disables OCaml tools Doug Goldstein
2015-12-22 18:27 ` Chris Patterson
2015-12-26 3:53 ` Bruce Ashfield
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56794133.5010805@tycho.nsa.gov \
--to=mbgrego@tycho.nsa.gov \
--cc=cardoe@cardoe.com \
--cc=meta-virtualization@yoctoproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.