* [PATCH 1/4] xen: split the flask package into a policy and tools package
@ 2016-03-24 15:31 Derek Straka
2016-03-24 15:31 ` [PATCH 2/4] xen: add the ability to configure the name of the policy Derek Straka
` (3 more replies)
0 siblings, 4 replies; 12+ messages in thread
From: Derek Straka @ 2016-03-24 15:31 UTC (permalink / raw)
To: meta-virtualization; +Cc: Derek Straka
Signed-off-by: Derek Straka <derek@asterius.io>
---
recipes-extended/xen/xen.inc | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/recipes-extended/xen/xen.inc b/recipes-extended/xen/xen.inc
index 2eba012..bc5ff85 100644
--- a/recipes-extended/xen/xen.inc
+++ b/recipes-extended/xen/xen.inc
@@ -153,6 +153,7 @@ PACKAGES = "\
${PN}-doc \
${PN}-efi \
${PN}-flask \
+ ${PN}-flask-tools \
${PN}-fsimage \
${PN}-gdbsx \
${PN}-hvmloader \
@@ -342,13 +343,16 @@ FILES_${PN}-devd = "\
"
FILES_${PN}-flask = "\
+ /boot/xenpolicy-${PV} \
+ "
+
+FILES_${PN}-flask-tools = "\
${sbindir}/flask-get-bool \
${sbindir}/flask-getenforce \
${sbindir}/flask-label-pci \
${sbindir}/flask-loadpolicy \
${sbindir}/flask-set-bool \
${sbindir}/flask-setenforce \
- /boot/xenpolicy-${PV} \
"
FILES_${PN}-gdbsx = "\
--
1.9.1
^ permalink raw reply related [flat|nested] 12+ messages in thread* [PATCH 2/4] xen: add the ability to configure the name of the policy 2016-03-24 15:31 [PATCH 1/4] xen: split the flask package into a policy and tools package Derek Straka @ 2016-03-24 15:31 ` Derek Straka 2016-03-24 17:55 ` Doug Goldstein 2016-03-26 1:26 ` Chris Patterson 2016-03-24 15:31 ` [PATCH 3/4] xen: add the flask policy to the set of files installed to the deploy directory Derek Straka ` (2 subsequent siblings) 3 siblings, 2 replies; 12+ messages in thread From: Derek Straka @ 2016-03-24 15:31 UTC (permalink / raw) To: meta-virtualization; +Cc: Derek Straka When using non-release versions, the policy files may have a different name (xenpolicy-${PV}-unstable). Allow the policy file name to be configured by the xen recipe. Signed-off-by: Derek Straka <derek@asterius.io> --- recipes-extended/xen/xen.inc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/recipes-extended/xen/xen.inc b/recipes-extended/xen/xen.inc index bc5ff85..77740cf 100644 --- a/recipes-extended/xen/xen.inc +++ b/recipes-extended/xen/xen.inc @@ -17,6 +17,8 @@ PACKAGECONFIG ??= " \ ${@bb.utils.contains('XEN_TARGET_ARCH', 'x86_64', 'hvm', '', d)} \ " +FLASK_POLICY_FILE ?= "xenpolicy-${PV}" + PACKAGECONFIG[sdl] = "--enable-sdl,--disable-sdl,virtual/libsdl," PACKAGECONFIG[xsm] = "--enable-xsmpolicy,--disable-xsmpolicy,checkpolicy-native," PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd," @@ -343,7 +345,7 @@ FILES_${PN}-devd = "\ " FILES_${PN}-flask = "\ - /boot/xenpolicy-${PV} \ + /boot/${FLASK_POLICY_FILE} \ " FILES_${PN}-flask-tools = "\ -- 1.9.1 ^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH 2/4] xen: add the ability to configure the name of the policy 2016-03-24 15:31 ` [PATCH 2/4] xen: add the ability to configure the name of the policy Derek Straka @ 2016-03-24 17:55 ` Doug Goldstein 2016-03-26 1:26 ` Chris Patterson 1 sibling, 0 replies; 12+ messages in thread From: Doug Goldstein @ 2016-03-24 17:55 UTC (permalink / raw) To: Derek Straka, meta-virtualization [-- Attachment #1.1: Type: text/plain, Size: 351 bytes --] On 3/24/16 10:31 AM, Derek Straka wrote: > When using non-release versions, the policy files may have a different name (xenpolicy-${PV}-unstable). Allow the policy file name to be configured by the xen recipe. > > Signed-off-by: Derek Straka <derek@asterius.io> > --- Reviewed-by: Doug Goldstein <cardoe@cardoe.com> -- Doug Goldstein [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 978 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 2/4] xen: add the ability to configure the name of the policy 2016-03-24 15:31 ` [PATCH 2/4] xen: add the ability to configure the name of the policy Derek Straka 2016-03-24 17:55 ` Doug Goldstein @ 2016-03-26 1:26 ` Chris Patterson 2016-03-28 13:06 ` Derek Straka 1 sibling, 1 reply; 12+ messages in thread From: Chris Patterson @ 2016-03-26 1:26 UTC (permalink / raw) To: Derek Straka; +Cc: meta-virtualization@yoctoproject.org On Thu, Mar 24, 2016 at 11:31 AM, Derek Straka <derek@asterius.io> wrote: > When using non-release versions, the policy files may have a different name (xenpolicy-${PV}-unstable). Allow the policy file name to be configured by the xen recipe. > > Signed-off-by: Derek Straka <derek@asterius.io> > --- > recipes-extended/xen/xen.inc | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/recipes-extended/xen/xen.inc b/recipes-extended/xen/xen.inc > index bc5ff85..77740cf 100644 > --- a/recipes-extended/xen/xen.inc > +++ b/recipes-extended/xen/xen.inc > @@ -17,6 +17,8 @@ PACKAGECONFIG ??= " \ > ${@bb.utils.contains('XEN_TARGET_ARCH', 'x86_64', 'hvm', '', d)} \ > " > > +FLASK_POLICY_FILE ?= "xenpolicy-${PV}" > + > PACKAGECONFIG[sdl] = "--enable-sdl,--disable-sdl,virtual/libsdl," > PACKAGECONFIG[xsm] = "--enable-xsmpolicy,--disable-xsmpolicy,checkpolicy-native," > PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd," > @@ -343,7 +345,7 @@ FILES_${PN}-devd = "\ > " > > FILES_${PN}-flask = "\ > - /boot/xenpolicy-${PV} \ > + /boot/${FLASK_POLICY_FILE} \ Looks fine to me, but could this just simply be a wildcard (i.e. /boot/xenpolicy-*)? Is there a case where it would generate multiple images and you would want to key off just one? ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 2/4] xen: add the ability to configure the name of the policy 2016-03-26 1:26 ` Chris Patterson @ 2016-03-28 13:06 ` Derek Straka 2016-03-28 14:23 ` Chris Patterson 0 siblings, 1 reply; 12+ messages in thread From: Derek Straka @ 2016-03-28 13:06 UTC (permalink / raw) To: Chris Patterson; +Cc: meta-virtualization@yoctoproject.org [-- Attachment #1: Type: text/plain, Size: 1769 bytes --] I had the specific file called out for symlinking during do_deploy. I can wildcard the policy file here and symlink to the first one if more than one policy file exists. Right now I don't know of a case where more than one policy is created, so it may never be an issue. On Fri, Mar 25, 2016 at 9:26 PM, Chris Patterson <cjp256@gmail.com> wrote: > On Thu, Mar 24, 2016 at 11:31 AM, Derek Straka <derek@asterius.io> wrote: > > When using non-release versions, the policy files may have a different > name (xenpolicy-${PV}-unstable). Allow the policy file name to be > configured by the xen recipe. > > > > Signed-off-by: Derek Straka <derek@asterius.io> > > --- > > recipes-extended/xen/xen.inc | 4 +++- > > 1 file changed, 3 insertions(+), 1 deletion(-) > > > > diff --git a/recipes-extended/xen/xen.inc b/recipes-extended/xen/xen.inc > > index bc5ff85..77740cf 100644 > > --- a/recipes-extended/xen/xen.inc > > +++ b/recipes-extended/xen/xen.inc > > @@ -17,6 +17,8 @@ PACKAGECONFIG ??= " \ > > ${@bb.utils.contains('XEN_TARGET_ARCH', 'x86_64', 'hvm', '', d)} \ > > " > > > > +FLASK_POLICY_FILE ?= "xenpolicy-${PV}" > > + > > PACKAGECONFIG[sdl] = "--enable-sdl,--disable-sdl,virtual/libsdl," > > PACKAGECONFIG[xsm] = > "--enable-xsmpolicy,--disable-xsmpolicy,checkpolicy-native," > > PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd," > > @@ -343,7 +345,7 @@ FILES_${PN}-devd = "\ > > " > > > > FILES_${PN}-flask = "\ > > - /boot/xenpolicy-${PV} \ > > + /boot/${FLASK_POLICY_FILE} \ > > Looks fine to me, but could this just simply be a wildcard (i.e. > /boot/xenpolicy-*)? Is there a case where it would generate multiple > images and you would want to key off just one? > [-- Attachment #2: Type: text/html, Size: 2418 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 2/4] xen: add the ability to configure the name of the policy 2016-03-28 13:06 ` Derek Straka @ 2016-03-28 14:23 ` Chris Patterson 0 siblings, 0 replies; 12+ messages in thread From: Chris Patterson @ 2016-03-28 14:23 UTC (permalink / raw) To: Derek Straka; +Cc: meta-virtualization@yoctoproject.org On Mon, Mar 28, 2016 at 9:06 AM, Derek Straka <derek@asterius.io> wrote: > I had the specific file called out for symlinking during do_deploy. I can > wildcard the policy file here and symlink to the first one if more than one > policy file exists. Right now I don't know of a case where more than one > policy is created, so it may never be an issue. > Thank you, I missed the other patch and this makes more sense now. +1 ^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH 3/4] xen: add the flask policy to the set of files installed to the deploy directory 2016-03-24 15:31 [PATCH 1/4] xen: split the flask package into a policy and tools package Derek Straka 2016-03-24 15:31 ` [PATCH 2/4] xen: add the ability to configure the name of the policy Derek Straka @ 2016-03-24 15:31 ` Derek Straka 2016-03-24 17:55 ` Doug Goldstein 2016-03-24 15:31 ` [PATCH 4/4] xen: add the extra packages released with xen 4.7 Derek Straka 2016-03-24 17:55 ` [PATCH 1/4] xen: split the flask package into a policy and tools package Doug Goldstein 3 siblings, 1 reply; 12+ messages in thread From: Derek Straka @ 2016-03-24 15:31 UTC (permalink / raw) To: meta-virtualization; +Cc: Derek Straka Signed-off-by: Derek Straka <derek@asterius.io> --- recipes-extended/xen/xen.inc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/recipes-extended/xen/xen.inc b/recipes-extended/xen/xen.inc index 77740cf..bddab6b 100644 --- a/recipes-extended/xen/xen.inc +++ b/recipes-extended/xen/xen.inc @@ -878,6 +878,12 @@ do_deploy() { if [ -f ${D}/boot/xen.gz ]; then install -m 0644 ${D}/boot/xen.gz ${DEPLOYDIR}/xen-${MACHINE}.gz fi + # Install the flask policy in the deploy directory if it exists + if [ -f ${D}/boot/${FLASK_POLICY_FILE} ]; then + install -m 0644 ${D}/boot/${FLASK_POLICY_FILE} ${DEPLOYDIR} + ln -sf ${FLASK_POLICY_FILE} xenpolicy-${MACHINE} + mv xenpolicy-${MACHINE} ${DEPLOYDIR} + fi } addtask deploy after do_populate_sysroot -- 1.9.1 ^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH 3/4] xen: add the flask policy to the set of files installed to the deploy directory 2016-03-24 15:31 ` [PATCH 3/4] xen: add the flask policy to the set of files installed to the deploy directory Derek Straka @ 2016-03-24 17:55 ` Doug Goldstein 0 siblings, 0 replies; 12+ messages in thread From: Doug Goldstein @ 2016-03-24 17:55 UTC (permalink / raw) To: Derek Straka, meta-virtualization [-- Attachment #1.1: Type: text/plain, Size: 176 bytes --] On 3/24/16 10:31 AM, Derek Straka wrote: > Signed-off-by: Derek Straka <derek@asterius.io> > --- Reviewed-by: Doug Goldstein <cardoe@cardoe.com> -- Doug Goldstein [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 978 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH 4/4] xen: add the extra packages released with xen 4.7 2016-03-24 15:31 [PATCH 1/4] xen: split the flask package into a policy and tools package Derek Straka 2016-03-24 15:31 ` [PATCH 2/4] xen: add the ability to configure the name of the policy Derek Straka 2016-03-24 15:31 ` [PATCH 3/4] xen: add the flask policy to the set of files installed to the deploy directory Derek Straka @ 2016-03-24 15:31 ` Derek Straka 2016-03-24 17:56 ` Doug Goldstein 2016-03-24 17:55 ` [PATCH 1/4] xen: split the flask package into a policy and tools package Doug Goldstein 3 siblings, 1 reply; 12+ messages in thread From: Derek Straka @ 2016-03-24 15:31 UTC (permalink / raw) To: meta-virtualization; +Cc: Derek Straka Signed-off-by: Derek Straka <derek@asterius.io> --- recipes-extended/xen/xen.inc | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/recipes-extended/xen/xen.inc b/recipes-extended/xen/xen.inc index bddab6b..96255ec 100644 --- a/recipes-extended/xen/xen.inc +++ b/recipes-extended/xen/xen.inc @@ -165,8 +165,16 @@ PACKAGES = "\ ${PN}-libblktapctl \ ${PN}-libblktapctl-dev \ ${PN}-libblktap-dev \ + ${PN}-libxencall \ + ${PN}-libxencall-dev \ + ${PN}-libxenevtchn \ + ${PN}-libxenevtchn-dev \ + ${PN}-libxenforeignmemory \ + ${PN}-libxenforeignmemory-dev \ ${PN}-libfsimage \ ${PN}-libfsimage-dev \ + ${PN}-libxengnttab \ + ${PN}-libxengnttab-dev \ ${PN}-libvhd \ ${PN}-libvhd-dev \ ${PN}-libxenctrl \ @@ -179,6 +187,8 @@ PACKAGES = "\ ${PN}-libxenstat-dev \ ${PN}-libxenstore \ ${PN}-libxenstore-dev \ + ${PN}-libxentoollog \ + ${PN}-libxentoollog-dev \ ${PN}-libxenvchan \ ${PN}-libxenvchan-dev \ ${PN}-libxlutil \ @@ -204,6 +214,7 @@ PACKAGES = "\ ${PN}-xenstat \ ${PN}-xenstore \ ${PN}-xenstored \ + ${PN}-init-xenstore-dom \ ${PN}-xentrace \ ${PN}-xen-watchdog \ ${PN}-xl \ @@ -291,12 +302,29 @@ FILES_${PN}-libxenstat-dev = "${libdir}/libxenstat.so" FILES_${PN}-libxenstore = "${libdir}/libxenstore.so.*" FILES_${PN}-libxenstore-dev = "${libdir}/libxenstore.so" +FILES_${PN}-init-xenstore-dom = "${libdir}/xen/bin/init-xenstore-domain" + FILES_${PN}-libblktap = "${libdir}/libblktap.so.*" FILES_${PN}-libblktap-dev = "${libdir}/libblktap.so" +FILES_${PN}-libxencall = "${libdir}/libxencall.so.*" +FILES_${PN}-libxencall-dev = "${libdir}/libxencall.so" + +FILES_${PN}-libxenevtchn = "${libdir}/libxenevtchn.so.*" +FILES_${PN}-libxenevtchn-dev = "${libdir}/libxenevtchn.so" + +FILES_${PN}-libxenforeignmemory = "${libdir}/libxenforeignmemory.so.*" +FILES_${PN}-libxenforeignmemory-dev = "${libdir}/libxenforeignmemory.so" + FILES_${PN}-libfsimage = "${libdir}/libfsimage.so.*" FILES_${PN}-libfsimage-dev = "${libdir}/libfsimage.so" +FILES_${PN}-libxengnttab = "${libdir}/libxengnttab.so.*" +FILES_${PN}-libxengnttab-dev = "${libdir}/libxengnttab.so" + +FILES_${PN}-libxentoollog = "${libdir}/libxentoollog.so.*" +FILES_${PN}-libxentoollog-dev = "${libdir}/libxentoollog.so" + FILES_${PN}-fsimage = "${libdir}/fs/*/*fsimage.so" FILES_${PN}-hypervisor = "\ -- 1.9.1 ^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH 4/4] xen: add the extra packages released with xen 4.7 2016-03-24 15:31 ` [PATCH 4/4] xen: add the extra packages released with xen 4.7 Derek Straka @ 2016-03-24 17:56 ` Doug Goldstein 0 siblings, 0 replies; 12+ messages in thread From: Doug Goldstein @ 2016-03-24 17:56 UTC (permalink / raw) To: Derek Straka, meta-virtualization [-- Attachment #1.1: Type: text/plain, Size: 176 bytes --] On 3/24/16 10:31 AM, Derek Straka wrote: > Signed-off-by: Derek Straka <derek@asterius.io> > --- Reviewed-by: Doug Goldstein <cardoe@cardoe.com> -- Doug Goldstein [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 978 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 1/4] xen: split the flask package into a policy and tools package 2016-03-24 15:31 [PATCH 1/4] xen: split the flask package into a policy and tools package Derek Straka ` (2 preceding siblings ...) 2016-03-24 15:31 ` [PATCH 4/4] xen: add the extra packages released with xen 4.7 Derek Straka @ 2016-03-24 17:55 ` Doug Goldstein 2016-03-25 17:59 ` Chris Patterson 3 siblings, 1 reply; 12+ messages in thread From: Doug Goldstein @ 2016-03-24 17:55 UTC (permalink / raw) To: Derek Straka, meta-virtualization [-- Attachment #1.1: Type: text/plain, Size: 169 bytes --] On 3/24/16 10:31 AM, Derek Straka wrote: > Signed-off-by: Derek Straka <derek@asterius.io> Reviewed-by: Doug Goldstein <cardoe@cardoe.com> -- Doug Goldstein [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 978 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 1/4] xen: split the flask package into a policy and tools package 2016-03-24 17:55 ` [PATCH 1/4] xen: split the flask package into a policy and tools package Doug Goldstein @ 2016-03-25 17:59 ` Chris Patterson 0 siblings, 0 replies; 12+ messages in thread From: Chris Patterson @ 2016-03-25 17:59 UTC (permalink / raw) To: Doug Goldstein; +Cc: Derek Straka, meta-virtualization@yoctoproject.org LGTM +1, tested. On Thu, Mar 24, 2016 at 1:55 PM, Doug Goldstein <cardoe@cardoe.com> wrote: > On 3/24/16 10:31 AM, Derek Straka wrote: >> Signed-off-by: Derek Straka <derek@asterius.io> > > Reviewed-by: Doug Goldstein <cardoe@cardoe.com> > > -- > Doug Goldstein > > > -- > _______________________________________________ > meta-virtualization mailing list > meta-virtualization@yoctoproject.org > https://lists.yoctoproject.org/listinfo/meta-virtualization > ^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2016-03-28 14:24 UTC | newest] Thread overview: 12+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2016-03-24 15:31 [PATCH 1/4] xen: split the flask package into a policy and tools package Derek Straka 2016-03-24 15:31 ` [PATCH 2/4] xen: add the ability to configure the name of the policy Derek Straka 2016-03-24 17:55 ` Doug Goldstein 2016-03-26 1:26 ` Chris Patterson 2016-03-28 13:06 ` Derek Straka 2016-03-28 14:23 ` Chris Patterson 2016-03-24 15:31 ` [PATCH 3/4] xen: add the flask policy to the set of files installed to the deploy directory Derek Straka 2016-03-24 17:55 ` Doug Goldstein 2016-03-24 15:31 ` [PATCH 4/4] xen: add the extra packages released with xen 4.7 Derek Straka 2016-03-24 17:56 ` Doug Goldstein 2016-03-24 17:55 ` [PATCH 1/4] xen: split the flask package into a policy and tools package Doug Goldstein 2016-03-25 17:59 ` Chris Patterson
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.