diff options
-rw-r--r-- | .SRCINFO | 181 | ||||
-rw-r--r-- | ChangeLog | 71 | ||||
-rw-r--r-- | PKGBUILD | 582 | ||||
-rw-r--r-- | add-stubdom-fixes.patch | 12 | ||||
-rw-r--r-- | efi-xen.cfg | 1 | ||||
-rw-r--r-- | grub-mkconfig-helper | 230 | ||||
-rw-r--r-- | grub.conf | 3 | ||||
-rw-r--r-- | vtpm-gcc12-fixes.patch | 14 | ||||
-rw-r--r-- | xen-amd-ucode.hook | 12 | ||||
-rw-r--r-- | xen-intel-ucode.hook | 12 | ||||
-rw-r--r-- | xen-ucode-extract.sh | 37 | ||||
-rw-r--r-- | xen.install | 47 |
12 files changed, 561 insertions, 641 deletions
@@ -1,106 +1,137 @@ pkgbase = xen - pkgver = 4.12.0 + pkgdesc = Open-source type-1 or baremetal hypervisor - stable branch + pkgver = 4.18.1pre pkgrel = 1 - url = http://www.xenproject.org/ - changelog = ChangeLog + url = https://xenproject.org/ arch = x86_64 license = GPL2 - makedepends = bin86 - makedepends = binutils>=2.30 - makedepends = bridge-utils - makedepends = brltty - makedepends = cmake - makedepends = curl - makedepends = dev86 - makedepends = fig2dev - makedepends = figlet - makedepends = ghostscript + makedepends = zlib + makedepends = python + makedepends = ncurses + makedepends = openssl + makedepends = libx11 + makedepends = libuuid.so + makedepends = yajl + makedepends = libaio + makedepends = glib2 + makedepends = pkgconf makedepends = git - makedepends = gnutls - makedepends = iasl + makedepends = bridge-utils makedepends = iproute2 + makedepends = inetutils + makedepends = acpica makedepends = lib32-glibc - makedepends = libaio - makedepends = libcap-ng - makedepends = libepoxy - makedepends = libiscsi - makedepends = libnl - makedepends = libpng + makedepends = gnutls + makedepends = vde2 makedepends = lzo - makedepends = markdown - makedepends = nasm - makedepends = ocaml-findlib - makedepends = pandoc makedepends = pciutils - makedepends = perl - makedepends = python2 - makedepends = sdl - makedepends = spice - makedepends = spice-glib - makedepends = spice-protocol - makedepends = usbredir - makedepends = vde2 + makedepends = sdl2 + makedepends = systemd-libs + makedepends = systemd makedepends = wget - makedepends = yajl - noextract = ipxe-git.tar.gz + makedepends = pandoc + makedepends = valgrind + makedepends = git + makedepends = bin86 + makedepends = dev86 + makedepends = bison + makedepends = gettext + makedepends = flex + makedepends = pixman + makedepends = fig2dev + makedepends = cmake + optdepends = xen-qemu: needed for PV and HVM domUs + optdepends = xen-pvhgrub: bootloader for PVH domains + noextract = vtpm-gcc12-fixes.patch + noextract = add-stubdom-fixes.patch + noextract = gmp-4.3.2.tar.bz2 + noextract = grub-0.97.tar.gz + noextract = lwip-1.3.0.tar.gz + noextract = newlib-1.16.0.tar.gz + noextract = pciutils-2.2.9.tar.bz2 + noextract = polarssl-1.1.4-gpl.tgz + noextract = tpm_emulator-0.7.4.tar.gz + noextract = zlib-1.2.3.tar.gz options = !buildflags - options = !strip - source = https://downloads.xenproject.org/release/xen/4.12.0/xen-4.12.0.tar.gz - source = https://downloads.xenproject.org/release/xen/4.12.0/xen-4.12.0.tar.gz.sig - source = ipxe-git.tar.gz::http://xenbits.xen.org/xen-extfiles/ipxe-git-d2063b7693e0e35db97b2264aa987eb6341ae779.tar.gz - source = grub-mkconfig-helper + source = git+https://xenbits.xen.org/git-http/xen.git#branch=stable-4.18 source = efi-xen.cfg - source = grub.conf source = xen.conf source = tmpfiles.conf - validpgpkeys = 23E3222C145F4475FA8060A783FE14C957E82BD9 - sha256sums = 6e5455e4a58dcb2339bfcd2a89842728068b530aa62501843793f7cf743c4d64 - sha256sums = SKIP - sha256sums = 38061598a5147ebcda8ae41c356396cce59f087cf27253b6bf8fb50ae0919ca1 - sha256sums = 23c3b0eab4cb06260bd07324d2060356560c9bc52270aaaf6130e1c130fc6e5e - sha256sums = ceaff798a92a7aef1465a0a0b27b1817aedd2c857332b456aaa6dd78dc72438f - sha256sums = 3f0af16958c3e057b9baa5afc47050d9adf7dd553274dd97ae4f35938fefb568 - sha256sums = 50a9b7fd19e8beb1dea09755f07318f36be0b7ec53d3c9e74f3266a63e682c0c - sha256sums = 40e0760810a49f925f2ae9f986940b40eba477dc6d3e83a78baaae096513b3cf + source = xen-ucode-extract.sh + source = xen-intel-ucode.hook + source = xen-amd-ucode.hook + source = vtpm-gcc12-fixes.patch + source = add-stubdom-fixes.patch + source = http://xenbits.xen.org/xen-extfiles/gmp-4.3.2.tar.bz2 + source = http://xenbits.xen.org/xen-extfiles/grub-0.97.tar.gz + source = http://xenbits.xen.org/xen-extfiles/lwip-1.3.0.tar.gz + source = http://xenbits.xen.org/xen-extfiles/newlib-1.16.0.tar.gz + source = http://xenbits.xen.org/xen-extfiles/pciutils-2.2.9.tar.bz2 + source = http://xenbits.xen.org/xen-extfiles/polarssl-1.1.4-gpl.tgz + source = http://xenbits.xen.org/xen-extfiles/tpm_emulator-0.7.4.tar.gz + source = http://xenbits.xen.org/xen-extfiles/zlib-1.2.3.tar.gz + sha512sums = SKIP + sha512sums = 1bbcbcd9fb8344a207409ec9f0064a45b726416f043f902ca587f5e4fa58497a759be4ffd584fa32318e960aa478864cc05ec026c444e8d27ca8e3248bd67420 + sha512sums = ccaa2ff82e4203b11e5dec9aeccac2e165721d8067e0094603ecaa7a70b78c9eb9e2287a32687883d26b6ceae6f8d2ad7636ddf949eb658637b3ceaa6999711b + sha512sums = 53ba61587cc2e84044e935531ed161e22c36d9e90b43cab7b8e63bcc531deeefacca301b5dff39ce89210f06f1d1e4f4f5cf49d658ed5d9038c707e3c95c66ef + sha512sums = a9230ec6ef9636ac3f3e4b72b1747ee8c4648a8bf4bd8dc3650365e34f1f67474429dbdd24996907d277b0ff5f235574643e781cb3ff37da954e899ddadbe0d6 + sha512sums = 7a832de9b35f4b77ee80d33310b23886f4d48d1d42c3d6ef6f8e2b428bec7332a285336864b61cfa01d9a14c2023674015beb7527bd5849b069f2be88e6500cd + sha512sums = 99921b94a29fa7988c7fb5c17da8e598e777c972d6cae8c8643c991e5ff911a25525345ea8913945313d5c49fecf9da8cc3b83d47ab03928341e917b304370a9 + sha512sums = 2397795a0a4999a6efee3d8291356673d1757bc1b34dd2015378ef6ea8800ee1317c7d9f902d82bd62ff8d451223ad51ced5e3a6d66e8e79930a7f513cc2b805 + sha512sums = d26dca4998807b9910b34e12633da8b347b154740fe9b11a2ee8da72d8e34daf9822f857a10a07effdc533e6d93e04eb95f4ff9a3b7a73ee6a62f2892eff4655 + sha512sums = 2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf + sha512sums = c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb + sha512sums = 1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d + sha512sums = 40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3 + sha512sums = 2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5 + sha512sums = 88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad + sha512sums = 4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35 + sha512sums = 021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e pkgname = xen - pkgdesc = Virtual Machine Hypervisor & Tools + pkgdesc = Open-source type-1 or baremetal hypervisor install = xen.install + depends = zlib + depends = python + depends = ncurses + depends = openssl + depends = libx11 + depends = libuuid.so + depends = yajl + depends = libaio + depends = glib2 + depends = pkgconf depends = bridge-utils - depends = brltty - depends = curl - depends = gnutls depends = iproute2 + depends = inetutils + depends = acpica depends = lib32-glibc - depends = libaio - depends = libcap-ng - depends = libepoxy - depends = libiscsi - depends = libnl - depends = libpng + depends = gnutls + depends = vde2 depends = lzo depends = pciutils - depends = python2 - depends = sdl - depends = spice - depends = usbredir - depends = vde2 - depends = yajl - optdepends = xen-docs: Official Xen Documentation - optdepends = openvswitch: Optional Networking support - optdepends = seabios: Boot VMs with BIOS - optdepends = ovmf: Boot VMs with UEFI - provides = xen-4.12.0 + depends = sdl2 + depends = pixman + depends = libseccomp + depends = libpng + depends = libjpeg-turbo + optdepends = xen-qemu: HVM and PV support + optdepends = edk2-ovmf: UEFI support + optdepends = seabios: SeaBIOS payload support + optdepends = xen-docs: HTML documentation and man pages + optdepends = grub-xen-git: GRUB and pvgrub2 bootloader support + optdepends = linux-headers: extract bootable non-zstd kernel for recent kernels backup = etc/conf.d/xencommons backup = etc/conf.d/xendomains backup = etc/xen/efi-xen.cfg backup = etc/xen/cpupool - backup = etc/xen/grub.conf - backup = etc/xen/oxenstored.conf backup = etc/xen/xl.conf pkgname = xen-docs - pkgdesc = Virtual Machine Hypervisor documentation + pkgdesc = Xen hypervisor documentation and man pages arch = any - provides = xen-docs-4.12.0 +pkgname = xen-stubdom + pkgdesc = Xen hypervisor stubdom files + arch = x86_64 + depends = xen diff --git a/ChangeLog b/ChangeLog index 3135cf2d5d0d..c37628042e0e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,74 @@ +2024-01-19 + * a delayed move to 4.18 + +2023-09-25 + * stubdom patch fix + +2023-07-11 Sam Mulvey + * Removed OCaml bindings + +2022-12-14 Sam Mulvey + * 4.17.0-1 + +2022-11-14 Sam Mulvey + * 4.16.3-pre + * moved to stable git repo + * qemu moved to separate package + +2022-05-16 Sam Mulvey + * 4.16.1-1 + * Version increment + * Numerous GCC12 hacks + +2022-02-15 Sam Mulvey + * 4.16.0-3 + * forgot to wrap qemu subpackage in an if + +2022-02-06 Sam Mulvey + * 4.16.0-2 + * security patches + * qemu and stubdom now generate split packages + +2021-12-28 Sam Mulvey + * 4.16.0-1 + * simple bump + +2021-09-28 Sam Mulvey + * 4.15.1-1 + * no patches at all, compiles cleanly + +2021-09-09 Sam Mulvey + * 4.15.0-4 + * adds a PVH security patch + +2021-08-28 Sam Mulvey + * 4.15.0-3 + * EFI fixes + * continued GCC11 changes + * XSA: 379 380 382 383 + +2021-04-15 Sam Mulvey + * 4.15.0-1 + * stubdom build now defaults false + +2021-01-12 Sam Mulvey + * 4.14.1-1 + +2020-11-10 Sam Mulvey + * 4.14.0-4 + re-added XSA patch file handling + +2020-08-10 Sam Mulvey + * 4.14.0-1 + option to build own QEMU is added, and default + +2020-08-20 Sam Mulvey + * 4.13.1-4 + +2019-08-15 Maik Broemme + * 4.12.1-1 + Xen 4.12.1 + 2019-04-29 Maik Broemme * 4.12.0-1 Xen 4.12.0 @@ -1,326 +1,314 @@ -# Maintainer: Maik Broemme <mbroemme@libmpq.org> -# Contributor: Janne Heß <jannehess@gmail.com> -# Contributor: Arthur Borsboom <arthurborsboom@gmail.com> -# Contributor: Shanmu Thiagaraja <sthiagaraja+AUR@prshanmu.com> -# Contributor: Limao Luo -# Contributor: Luceo -# Contributor: Revellion -# Contributor: John Thomson - -# Build variables to enable certain optional features. +# Maintainer: Sam Mulvey (Refutationalist) <archlinux@sammulvey.com> +# Contributor: Filipe Laíns (FFY00) <lains@archlinux.org> +# Contributor: Chris Chapman (cman) <chris.chapman@aggiemail.usu.edu> + +# Build Options _build_stubdom=${build_stubdom:-false} +_boot_dir=${boot_dir:-/boot} +_efi_dir=${efi_dir:-/boot} +_efi_mountpoint=${efi_mountpoint:-/boot} + +# External files used by Xen +# Check http://xenbits.xen.org/xen-extfiles/ for updates +_gmp=4.3.2 +_grub=0.97 +_lwip=1.3.0 +_newlib=1.16.0 +_pciutils=2.2.9 +_polarssl=1.1.4 +_tpm_emulator=0.7.4 +_zlib=1.2.3 + + +# Flags passed to make +_common_make_flags=( + "BOOT_DIR=${_boot_dir}" + "EFI_DIR=${_efi_dir}" + "EFI_MOUNTPOINT=${_efi_mountpoint}" + "XEN_VENDORVERSION=-${pkgrel}arch" +) -pkgbase="xen" +pkgbase=xen pkgname=("xen" "xen-docs") -pkgver="4.12.0" -pkgrel="1" -arch=("x86_64") # TODO What about ARM? -url="http://www.xenproject.org/" -license=("GPL2") -changelog="ChangeLog" -validpgpkeys=("23E3222C145F4475FA8060A783FE14C957E82BD9") -options=(!buildflags !strip) +pkgver=4.18.1pre +_branch="stable-4.18" +pkgrel=1 +pkgdesc='Open-source type-1 or baremetal hypervisor - stable branch' +arch=('x86_64') +url='https://xenproject.org/' +license=('GPL2') +options=(!buildflags) + makedepends=( - "bin86" - "binutils>=2.30" - "bridge-utils" - "brltty" - "cmake" - "curl" - "dev86" - "fig2dev" - "figlet" - "ghostscript" - "git" - "gnutls" - "iasl" - "iproute2" - "lib32-glibc" - "libaio" - "libcap-ng" - "libepoxy" - "libiscsi" - "libnl" - "libpng" - "lzo" - "markdown" - "nasm" - "ocaml-findlib" - "pandoc" - "pciutils" - "perl" - "python2" - "sdl" - "spice" - "spice-glib" - "spice-protocol" - "usbredir" - "vde2" - "wget" - "yajl" + 'zlib' 'python' 'ncurses' 'openssl' 'libx11' 'libuuid.so' 'yajl' 'libaio' 'glib2' 'pkgconf' 'git' + 'bridge-utils' 'iproute2' 'inetutils' 'acpica' 'lib32-glibc' 'gnutls' + 'vde2' 'lzo' 'pciutils' 'sdl2' 'systemd-libs' + 'systemd' 'wget' 'pandoc' 'valgrind' 'git' 'bin86' 'dev86' 'bison' 'gettext' 'flex' 'pixman' 'fig2dev' +) # last line from namcap, these depends are the xen depends +_stubdom_makedepends=('cmake') + +optdepends=( + 'xen-qemu: needed for PV and HVM domUs' + 'xen-pvhgrub: bootloader for PVH domains' +) + +_source=( + "git+https://xenbits.xen.org/git-http/xen.git#branch=${_branch}" + "efi-xen.cfg" + "xen.conf" + "tmpfiles.conf" + "xen-ucode-extract.sh" + "xen-intel-ucode.hook" + "xen-amd-ucode.hook" ) -source=( - "https://downloads.xenproject.org/release/xen/${pkgver}/${pkgbase}-${pkgver}.tar.gz" - "https://downloads.xenproject.org/release/xen/${pkgver}/${pkgbase}-${pkgver}.tar.gz.sig" - "ipxe-git.tar.gz::http://xenbits.xen.org/xen-extfiles/ipxe-git-d2063b7693e0e35db97b2264aa987eb6341ae779.tar.gz" - # Helper and config files. - "grub-mkconfig-helper" - "efi-xen.cfg" - "grub.conf" - "${pkgbase}.conf" - "tmpfiles.conf" +# Follow the Xen securite mailing lists, and if a patch is applicable to our package +# add the URL here. +# NOTE: Patch order is important. +_patches=( +) - # XSA patches. - # Compile fixes. +# Sources required for building stubdom +_stubdom_source=( + "vtpm-gcc12-fixes.patch" # based on above patch + "add-stubdom-fixes.patch" # add above patch to build + "http://xenbits.xen.org/xen-extfiles/gmp-$_gmp.tar.bz2" + "http://xenbits.xen.org/xen-extfiles/grub-$_grub.tar.gz" + "http://xenbits.xen.org/xen-extfiles/lwip-$_lwip.tar.gz" + "http://xenbits.xen.org/xen-extfiles/newlib-$_newlib.tar.gz" + "http://xenbits.xen.org/xen-extfiles/pciutils-$_pciutils.tar.bz2" + "http://xenbits.xen.org/xen-extfiles/polarssl-$_polarssl-gpl.tgz" + "http://xenbits.xen.org/xen-extfiles/tpm_emulator-$_tpm_emulator.tar.gz" + "http://xenbits.xen.org/xen-extfiles/zlib-$_zlib.tar.gz" ) -sha256sums=( - "6e5455e4a58dcb2339bfcd2a89842728068b530aa62501843793f7cf743c4d64" - "SKIP" - "38061598a5147ebcda8ae41c356396cce59f087cf27253b6bf8fb50ae0919ca1" - # Helper and config files. - "23c3b0eab4cb06260bd07324d2060356560c9bc52270aaaf6130e1c130fc6e5e" - "ceaff798a92a7aef1465a0a0b27b1817aedd2c857332b456aaa6dd78dc72438f" - "3f0af16958c3e057b9baa5afc47050d9adf7dd553274dd97ae4f35938fefb568" - "50a9b7fd19e8beb1dea09755f07318f36be0b7ec53d3c9e74f3266a63e682c0c" - "40e0760810a49f925f2ae9f986940b40eba477dc6d3e83a78baaae096513b3cf" - # XSA patches. +# from cheap hack known as break_out_sums.sh +_sha512sums=( + "SKIP" + "1bbcbcd9fb8344a207409ec9f0064a45b726416f043f902ca587f5e4fa58497a759be4ffd584fa32318e960aa478864cc05ec026c444e8d27ca8e3248bd67420" # efi-xen.cfg + "ccaa2ff82e4203b11e5dec9aeccac2e165721d8067e0094603ecaa7a70b78c9eb9e2287a32687883d26b6ceae6f8d2ad7636ddf949eb658637b3ceaa6999711b" # xen.conf + "53ba61587cc2e84044e935531ed161e22c36d9e90b43cab7b8e63bcc531deeefacca301b5dff39ce89210f06f1d1e4f4f5cf49d658ed5d9038c707e3c95c66ef" # tmpfiles.conf + "a9230ec6ef9636ac3f3e4b72b1747ee8c4648a8bf4bd8dc3650365e34f1f67474429dbdd24996907d277b0ff5f235574643e781cb3ff37da954e899ddadbe0d6" # xen-ucode-extract.sh + "7a832de9b35f4b77ee80d33310b23886f4d48d1d42c3d6ef6f8e2b428bec7332a285336864b61cfa01d9a14c2023674015beb7527bd5849b069f2be88e6500cd" # xen-intel-ucode.hook + "99921b94a29fa7988c7fb5c17da8e598e777c972d6cae8c8643c991e5ff911a25525345ea8913945313d5c49fecf9da8cc3b83d47ab03928341e917b304370a9" # xen-amd-ucode.hook +) + - # Compile fixes. +_patch_sums=( ) -noextract=( - "ipxe-git.tar.gz" + + +_stub_sums=( + "2397795a0a4999a6efee3d8291356673d1757bc1b34dd2015378ef6ea8800ee1317c7d9f902d82bd62ff8d451223ad51ced5e3a6d66e8e79930a7f513cc2b805" # vtpm-gcc12-fixes.patch + "d26dca4998807b9910b34e12633da8b347b154740fe9b11a2ee8da72d8e34daf9822f857a10a07effdc533e6d93e04eb95f4ff9a3b7a73ee6a62f2892eff4655" # add-stubdom-fixes.patch + "2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf" # gmp-4.3.2.tar.bz2 + "c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb" # grub-0.97.tar.gz + "1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d" # lwip-1.3.0.tar.gz + "40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3" # newlib-1.16.0.tar.gz + "2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5" # pciutils-2.2.9.tar.bz2 + "88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad" # polarssl-1.1.4-gpl.tgz + "4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35" # tpm_emulator-0.7.4.tar.gz + "021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e" # zlib-1.2.3.tar.gz ) -# Stub Domain files (grep '_VERSION=' stubdom/configure). -if [ "${_build_stubdom}" = true ] ; then - source+=( - "zlib.tar.gz::http://xenbits.xen.org/xen-extfiles/zlib-1.2.3.tar.gz" - "pciutils.tar.bz2::http://xenbits.xen.org/xen-extfiles/pciutils-2.2.9.tar.bz2" - "newlib.tar.gz::http://xenbits.xen.org/xen-extfiles/newlib-1.16.0.tar.gz" - "lwip.tar.gz::http://xenbits.xen.org/xen-extfiles/lwip-1.3.0.tar.gz" - "grub.tar.gz::http://xenbits.xen.org/xen-extfiles/grub-0.97.tar.gz" - "ocaml.tar.gz::http://caml.inria.fr/pub/distrib/ocaml-3.11/ocaml-3.11.0.tar.gz" - "gmp.tar.bz2::http://xenbits.xen.org/xen-extfiles/gmp-4.3.2.tar.bz2" - "polarssl-gpl.tgz::http://xenbits.xen.org/xen-extfiles/polarssl-1.1.4-gpl.tgz" - "tpm_emulator.tar.gz::http://xenbits.xen.org/xen-extfiles/tpm_emulator-0.7.4.tar.gz" - ) - sha256sums+=( - "1795c7d067a43174113fdf03447532f373e1c6c57c08d61d9e4e9be5e244b05e" - "f60ae61cfbd5da1d849d0beaa21f593c38dac9359f0b3ddc612f447408265b24" - "db426394965c48c1d29023e1cc6d965ea6b9a9035d8a849be2750ca4659a3d07" - "772e4d550e07826665ed0528c071dd5404ef7dbe1825a38c8adbc2a00bca948f" - "4e1d15d12dbd3e9208111d6b806ad5a9857ca8850c47877d36575b904559260b" - "ecdd4f8473ab0dee5d3acb5c0a31a4c1dd6aa12179895cf1903dd0f455c43a4f" - "936162c0312886c21581002b79932829aa048cfaf9937c6265aeaa14f1cd1775" - "2d29fd04a0d0ba29dae6bd29fb418944c08d3916665dcca74afb297ef37584b6" - "4e48ea0d83dd9441cc1af04ab18cd6c961b9fa54d5cbf2c2feee038988dea459" - ) - noextract+=( - "zlib.tar.gz" - "pciutils.tar.bz2" - "newlib.tar.gz" - "lwip.tar.gz" - "grub.tar.gz" - "ocaml.tar.gz" - "gmp.tar.bz2" - "polarssl-gpl.tgz" - "tpm_emulator.tar.gz" - ) + +# Simplify things for makepkg +source=( "${_source[@]}" "${_patches[@]}" ) +sha512sums=( "${_sha512sums[@]}" "${_patch_sums[@]}" ) + +for file in "${_patches[@]}"; do + noextract+=( $(basename ${file}) ) +done + + + +# stubdom handling +if [ "${_build_stubdom}" == "true" ]; then + source=("${source[@]}" "${_stubdom_source[@]}") + sha512sums=("${sha512sums[@]}" "${_stub_sums[@]}") + + # Add in automagic dependency in order to build vtpm and vtpmmgr stubdoms + makedepends=( "${makedepends[@]}" "${_stubdom_makedepends[@]}" ) + + for file in "${_stubdom_source[@]}"; do + noextract+=( $(basename ${file}) ) + done + + _config_stubdom='--enable-stubdom' + + # make sure to build the stubdom package + pkgname+=("xen-stubdom") + +else + _config_stubdom='--disable-stubdom' fi +# TODO: Setup users, dirs, etc. + prepare() { - cd "${srcdir}/${pkgbase}-${pkgver}" - - # Preparing downloads. - msg2 'Copying downloaded files...' - cp "${srcdir}/ipxe-git.tar.gz" tools/firmware/etherboot/ipxe.tar.gz - - # XSA patches. - msg2 'Applying XSA patches...' - - # Security patches and compile fixes (qemu-xen-traditional). - msg2 'Applying tools patches (qemu-xen-traditional)...' - cd tools/qemu-xen-traditional - cd ../.. - - # Security patches and compile fixes (qemu-xen). - msg2 'Applying tools patches (qemu-xen)...' - cd tools/qemu-xen - cd ../.. - - # Misc compile fixes (removed in future versions if not needed anymore). - msg2 'Applying misc compile fixes...' - - # Compile fixes. - - # Fix Install Paths. - msg2 'Fixing installation paths...' - sed 's,/var/run,/run,g' -i tools/hotplug/Linux/locking.sh - sed 's,/var/run,/run,g' -i tools/misc/xenpvnetboot - sed 's,/var/run,/run,g' -i tools/xenmon/xenbaked.c - sed 's,/var/run,/run,g' -i tools/xenmon/xenmon.py - sed 's,/var/run,/run,g' -i tools/pygrub/src/pygrub - - # Copy supporting tarballs into place. - if [ "${_build_stubdom}" = true ] ; then - msg2 'Copying stubdom files...' - cp "${srcdir}/zlib.tar.gz" stubdom/ - cp "${srcdir}/pciutils.tar.bz2" stubdom/ - cp "${srcdir}/newlib.tar.gz" stubdom/ - cp "${srcdir}/lwip.tar.gz" stubdom/ - cp "${srcdir}/grub.tar.gz" stubdom/ - cp "${srcdir}/ocaml.tar.gz" stubdom/ - cp "${srcdir}/gmp.tar.bz2" stubdom/ - cp "${srcdir}/polarssl-gpl.tgz" stubdom/ - cp "${srcdir}/tpm_emulator.tar.gz" stubdom/ - fi + + cd "${pkgbase}" + + if [ "${_build_stubdom}" == "true" ]; then + + for file in "${_stubdom_source[@]}"; do + cp ../$(basename ${file}) stubdom/ + done + + echo "==> Applying GCC 12.1 fixes for stubdom..." + cp ../vtpm-gcc12-fixes.patch stubdom/ + patch -p1 < ../add-stubdom-fixes.patch + + + fi + + for patchurl in "${_patches[@]}"; do + patch=$(basename $patchurl) + echo "==> Applying security patch '${patch}'..." + patch -p1 < "../${patch}" + done + + # Fix Install Paths. + sed 's,/var/run,/run,g' -i tools/hotplug/Linux/locking.sh + sed 's,/var/run,/run,g' -i tools/xenmon/xenbaked.c + sed 's,/var/run,/run,g' -i tools/xenmon/xenmon.py + sed 's,/var/run,/run,g' -i tools/pygrub/src/pygrub +} + +pkgver() { + cd "${srcdir}/${pkgbase}" + ./version.sh --full xen/Makefile | sed 's/-//' } build() { - cd "${srcdir}/${pkgbase}-${pkgver}" - if [ "${_build_stubdom}" = true ] ; then - _config_stubdom='--enable-stubdom' - else - _config_stubdom='--disable-stubdom' - fi - - # Configure Xen. - msg2 'Configuring...' - ./autogen.sh - PYTHON=/usr/bin/python2 ./configure \ - --prefix=/usr \ - --sbindir=/usr/bin \ - --with-sysconfig-leaf-dir=conf.d \ - --with-rundir=/run \ - --enable-systemd \ - --enable-ovmf \ - --with-system-ovmf=/usr/share/ovmf/x64/OVMF_CODE.fd \ - --with-system-seabios=/usr/share/qemu/bios-256k.bin \ - "${_config_stubdom}" \ - --with-extra-qemuu-configure-args=" \ - --disable-bluez \ - --disable-gtk \ - --disable-vte \ - --disable-werror \ - --disable-virglrenderer \ - --disable-libnfs \ - --disable-glusterfs \ - --disable-numa \ - --disable-smartcard \ - --disable-fdt \ - --enable-spice \ - --enable-usb-redir \ - --with-sdlabi=1.2" - - msg2 'Building Xen...' - make LANG=C PYTHON=python2 dist + cd "${pkgbase}" + + if [ "${_build_stubdom}" == "true" ]; then + echo "NOTE: Xen build with stubdom support." + fi + + ./configure \ + --prefix=/usr \ + --sbindir=/usr/bin \ + --libdir=/usr/lib \ + --with-rundir=/run \ + --enable-systemd \ + --disable-qemu-traditional \ + ${_config_stubdom} \ + --with-system-qemu=/usr/lib/xen/bin/qemu-system-i386 \ + --with-sysconfig-leaf-dir=conf.d \ + --with-system-ovmf=/usr/share/ovmf/x64/OVMF.fd \ + --with-system-seabios=/usr/share/qemu/bios-256k.bin \ + --disable-ocamltools + + make "${_common_make_flags[@]}" } package_xen() { - pkgdesc="Virtual Machine Hypervisor & Tools" - depends=( - "bridge-utils" - "brltty" - "curl" - "gnutls" - "iproute2" - "lib32-glibc" - "libaio" - "libcap-ng" - "libepoxy" - "libiscsi" - "libnl" - "libpng" - "lzo" - "pciutils" - "python2" - "sdl" - "spice" - "usbredir" - "vde2" - "yajl" - ) - optdepends=( - "xen-docs: Official Xen Documentation" - "openvswitch: Optional Networking support" - "seabios: Boot VMs with BIOS" - "ovmf: Boot VMs with UEFI" - ) - provides=("xen-${pkgver}") - install="${pkgbase}.install" - backup=( - "etc/conf.d/xencommons" - "etc/conf.d/xendomains" - "etc/${pkgbase}/efi-xen.cfg" - "etc/${pkgbase}/cpupool" - "etc/${pkgbase}/grub.conf" - "etc/${pkgbase}/oxenstored.conf" - "etc/${pkgbase}/xl.conf" - ) - - cd "${srcdir}/${pkgbase}-${pkgver}" - msg2 'Installing Xen...' - make DESTDIR="${pkgdir}" LANG=C PYTHON=python2 install - - # Install files for Arch Linux. - msg2 'Installing Arch-specific files...' - install -D -m 0644 "${srcdir}/grub.conf" "${pkgdir}/etc/xen/grub.conf" - install -D -m 0755 "${srcdir}/grub-mkconfig-helper" "${pkgdir}/etc/grub.d/09_xen" - install -D -m 0644 "${srcdir}/efi-xen.cfg" "${pkgdir}/etc/xen/efi-xen.cfg" - install -D -m 0644 "${srcdir}/xen.conf" "${pkgdir}/usr/lib/modules-load.d/xen.conf" - install -D -m 0644 "${srcdir}/tmpfiles.conf" "${pkgdir}/usr/lib/tmpfiles.d/${pkgbase}.conf" - - # Create missing directories. - msg2 'Create missing directories...' - mkdir -p "${pkgdir}/var/log/xen/console" - - # Move EFI binaries to right location. - msg2 'Moving efi binary...' - mv "${pkgdir}/usr/lib64/efi/xen"*.efi "${pkgdir}/boot" - rmdir "${pkgdir}/usr/lib64/efi" - rmdir "${pkgdir}/usr/lib64" - - # Clean up. - msg2 'Cleaning up...' - - # Remove hypervisor symlinks. - find "${pkgdir}/boot" -type l -delete - - # Remove syms. - find "${pkgdir}/usr/lib/debug" -type f \( -name '*-syms*' -or -name '*\.map' \) -delete - rmdir "${pkgdir}/usr/lib/debug/usr/lib/xen/boot" - rmdir "${pkgdir}/usr/lib/debug/usr/lib/xen" - rmdir "${pkgdir}/usr/lib/debug/usr/lib" - rmdir "${pkgdir}/usr/lib/debug/usr" - rmdir "${pkgdir}/usr/lib/debug" - - # Remove SysVinit files. - rm -r "${pkgdir}/etc/init.d" - - # Remove temporary directories. - rm -r "${pkgdir}/run" - - # Remove documentation (included in separate xen-docs package). - rm -r "${pkgdir}/usr/share/doc" - rm -r "${pkgdir}/usr/share/man" - - # Remove unnecessary qemu support files. - rm "${pkgdir}/usr/share/qemu-xen/qemu/palcode-clipper" - rm "${pkgdir}/usr/share/qemu-xen/qemu/openbios-ppc" - rm "${pkgdir}/usr/share/qemu-xen/qemu/openbios-sparc32" - rm "${pkgdir}/usr/share/qemu-xen/qemu/openbios-sparc64" + pkgdesc='Open-source type-1 or baremetal hypervisor' + + depends=( + 'zlib' 'python' 'ncurses' 'openssl' 'libx11' 'libuuid.so' 'yajl' 'libaio' 'glib2' 'pkgconf' + 'bridge-utils' 'iproute2' 'inetutils' 'acpica' 'lib32-glibc' 'gnutls' + 'vde2' 'lzo' 'pciutils' 'sdl2' + 'pixman' 'libseccomp' 'libpng' 'libjpeg-turbo' # inhereted depends because of build environment + ) + + optdepends=( + 'xen-qemu: HVM and PV support' + 'edk2-ovmf: UEFI support' + 'seabios: SeaBIOS payload support' + 'xen-docs: HTML documentation and man pages' + 'grub-xen-git: GRUB and pvgrub2 bootloader support' + 'linux-headers: extract bootable non-zstd kernel for recent kernels' + ) + + install="xen.install" + + backup=( + "etc/conf.d/xencommons" + "etc/conf.d/xendomains" + "etc/xen/efi-xen.cfg" + "etc/xen/cpupool" + "etc/xen/xl.conf" + ) + + + cd "${pkgbase}" + + make "${_common_make_flags[@]}" DESTDIR="$pkgdir" install + + rm -rf "$pkgdir"/var/run + + # Symlinks to prior installed versions are not The Arch Way, leave only the bare EFI binary + (cd "${pkgdir}/${_efi_dir}" && mv "$(realpath xen.efi)" xen.efi) + + [ -d "$pkgdir"/etc/xen/scripts ] && backup+=($(find "$pkgdir"/etc/xen/scripts/ -type f | sed "s|^$pkgdir/||g")) + + mkdir -p "${pkgdir}/var/log/xen/console" + + # Continued: Trim hypervisor symlinks. + (cd "${pkgdir}/${_boot_dir}" && mv "$(realpath xen.gz)" xen.gz) + + # Do all symlink removals after the directories have had the real + # binaries moved overtop any symlinks. Note that dependening on + # configuratation _efi_dir and _boot_dir may be the same directory, so + # don't clean any of them until they've all been processed. + find "${pkgdir}/${_efi_dir}" -type l -delete + find "${pkgdir}/${_boot_dir}" -type l -delete + + # Remove syms. + find "${pkgdir}/usr/lib/debug" -type f \( -name '*-syms*' -or -name '*\.map' \) -delete + rmdir "${pkgdir}/usr/lib/debug/usr/lib/xen/boot" + rmdir "${pkgdir}/usr/lib/debug/usr/lib/xen" + rmdir "${pkgdir}/usr/lib/debug/usr/lib" + rmdir "${pkgdir}/usr/lib/debug/usr" + rmdir "${pkgdir}/usr/lib/debug" + + # Remove SysVinit files. + rm -r "${pkgdir}/etc/init.d" + + # Install files for Arch Linux. + install -D -m 0644 "${srcdir}/efi-xen.cfg" "${pkgdir}/etc/xen/efi-xen.cfg" + install -D -m 0644 "${srcdir}/xen.conf" "${pkgdir}/usr/lib/modules-load.d/xen.conf" + install -D -m 0644 "${srcdir}/tmpfiles.conf" "${pkgdir}/usr/lib/tmpfiles.d/${pkgbase}.conf" + + # microcode hooks + mkdir -p "${pkgdir}/usr/share/libalpm/scripts" "${pkgdir}/usr/share/libalpm/hooks" + install -m755 "${srcdir}/xen-ucode-extract.sh" "${pkgdir}/usr/share/libalpm/scripts" + install -m644 "${srcdir}/xen-intel-ucode.hook" "${pkgdir}/usr/share/libalpm/hooks" + install -m644 "${srcdir}/xen-amd-ucode.hook" "${pkgdir}/usr/share/libalpm/hooks" + + # Remove documentation (included in separate xen-docs package). + rm -r "${pkgdir}/usr/share/doc" + rm -r "${pkgdir}/usr/share/man" + + # remove stubdom files + rm -f "${pkgdir}/usr/lib/xen/boot/vtpmmgr-stubdom.gz" \ + "${pkgdir}/usr/lib/xen/boot/vtpm-stubdom.gz" \ + "${pkgdir}/usr/lib/xen/boot/xenstorepvh-stubdom.gz" \ + "${pkgdir}/usr/lib/xen/boot/xenstore-stubdom.gz" + + } package_xen-docs() { - pkgdesc="Virtual Machine Hypervisor documentation" - arch=("any") - provides=("xen-docs-${pkgver}") + pkgdesc="Xen hypervisor documentation and man pages" + arch=("any") + cd "${pkgbase}" + make "${_common_make_flags[@]}" DESTDIR="$pkgdir" install-docs +} + - cd "${srcdir}/${pkgbase}-${pkgver}" - msg2 'Installing documentation...' - make DESTDIR="${pkgdir}" LANG=C PYTHON=python2 install-docs +package_xen-stubdom() { + pkgdesc="Xen hypervisor stubdom files" + arch=("x86_64") + depends=("xen") + + cd "${srcdir}/${pkgbase}/stubdom" + make DESTDIR="${pkgdir}" install } + + diff --git a/add-stubdom-fixes.patch b/add-stubdom-fixes.patch new file mode 100644 index 000000000000..e16d5fb692ab --- /dev/null +++ b/add-stubdom-fixes.patch @@ -0,0 +1,12 @@ +diff -Naur orig.xen-4.16.1/stubdom/Makefile xen-4.16.1/stubdom/Makefile +--- orig.xen-4.16.1/stubdom/Makefile 2022-05-16 09:41:38.409898784 -0700 ++++ xen-4.16.1/stubdom/Makefile 2022-05-16 09:43:31.891076356 -0700 +@@ -241,6 +241,7 @@ + patch -d $@ -p1 < vtpm_extern.patch + patch -d $@ -p1 < vtpm-microsecond-duration.patch + patch -d $@ -p1 < vtpm-command-duration.patch ++ patch -d $@ -p1 < vtpm-gcc12-fixes.patch + patch -d $@ -p1 < vtpm-tpm_bn_t-addr.patch + mkdir $@/build + cd $@/build; CC=${CC} $(CMAKE) .. -DCMAKE_C_FLAGS:STRING="-std=c99 -DTPM_NO_EXTERN $(TARGET_CPPFLAGS) $(TARGET_CFLAGS) -Wno-declaration-after-statement" + touch $@ diff --git a/efi-xen.cfg b/efi-xen.cfg index 359dbfa582a2..16b0b5bd5cc5 100644 --- a/efi-xen.cfg +++ b/efi-xen.cfg @@ -5,3 +5,4 @@ default=xen options=console=vga dom0_mem=1024M,max:1024M dom0_max_vcpus=4 loglvl=all noreboot kernel=vmlinuz-linux root=<Root Device> rw ramdisk=initramfs-linux.img +ucode=<extracted microcode file> diff --git a/grub-mkconfig-helper b/grub-mkconfig-helper deleted file mode 100644 index be298eee12ab..000000000000 --- a/grub-mkconfig-helper +++ /dev/null @@ -1,230 +0,0 @@ -#!/usr/bin/env bash - -## -## grub-mkconfig helper script specific to Arch Linux -## Contributed by "Keshav Amburay" <the ddoott ridikulus ddoott rat aatt geemmayil ddoott ccoomm> -## Updated on 08 February 2014 -## -## Script based on do_grub_config() function in Arch Linux Archboot ISO Installer/Setup script -## Some parts taken from /etc/grub.d/10_linux script shipped by GRUB(2) upstream -## -## This script can be freely distributed and/or modified -## under the terms of the GNU General Public License as published by -## the Free Software Foundation, either version 3 of the License, or -## (at your option) any later version. -## -## This script is distributed in the hope that it will be useful, -## but WITHOUT ANY WARRANTY; without even the implied warranty of -## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -## GNU General Public License for more details. -## - -## Adapted for use with the xen AUR package, to ensure feature comparity -## Modified by "David Sutton" <kantras - gmail com> - -_FUNC_GRUB_FILE_PRESENT() { - - [[ -z "${GRUB_PLATFORM}" ]] && GRUB_PLATFORM="x86" - - if [[ "${GRUB_PLATFORM}" == "x86" ]]; then - check="--is-x86-linux32" - elif [[ "${GRUB_PLATFORM}" == "i386-xen-pae" ]]; then - check="--is-i386-xen-pae-domu" - elif [[ "${GRUB_PLATFORM}" == "x86_64-xen" ]]; then - check="--is-x86_64-xen-domu" - else - check="--is-${GRUB_PLATFORM}-linux" - fi - - case "${GRUB_PLATFORM}" in - x86) - list="$(for i in "${GRUB_ROOT}"/boot/vmlinuz-linux* ; do - if grub_file_is_not_garbage "${i}" && "${grub_file}" ${check} "${i}" ; then echo -n "${i} " ; fi - done)" ;; - *) - list="$(for i in "${GRUB_ROOT}"/boot/vmlinuz-linux* ; do - if grub_file_is_not_garbage "${i}" && "${grub_file}" ${check} "${i}" ; then echo -n "${i} " ; fi - done)" ;; - esac -} - -set -e - -prefix="/usr" -exec_prefix="${prefix}" -datarootdir="/usr/share" -datadir="${datarootdir}" -sysconfdir="/etc" - -. "${datarootdir}/grub/grub-mkconfig_lib" - -. "${sysconfdir}/default/grub" - -export XEN_HYPERVISOR_CMDLINE="xsave=1" -export XEN_LINUX_CMDLINE="console=tty0" - -[[ -r "${sysconfdir}/xen/grub.conf" ]] && . "${sysconfdir}/xen/grub.conf" - -[[ -z "${XEN_LINUX_CMDLINE_OVERRIDE}" ]] && XEN_LINUX_CMDLINE_OVERRIDE="0" - -export TEXTDOMAIN="grub" -export TEXTDOMAINDIR="${datarootdir}/locale" - -CLASS="--class xen --class arch-linux --class arch --class gnu-linux --class gnu --class os" - -[[ "${grub_file}" != "" ]] && _FUNC_GRUB_FILE_PRESENT - -BOOT_PART_FS_UUID="$(${grub_probe} --target="fs_uuid" "/boot" 2>/dev/null)" -BOOT_PART_HINTS_STRING="$(${grub_probe} --target="hints_string" "/boot" 2>/dev/null || true)" -BOOT_PART_FS="$(${grub_probe} --target="fs" "/boot" 2>/dev/null)" - -ROOT_PART_GRUB_DEVICE="$(${grub_probe} --target=device / || true)" -ROOT_PART_FS="$(${grub_probe} --device ${ROOT_PART_GRUB_DEVICE} --target=fs 2> /dev/null || echo "unknown")" - -if [[ "${GRUB_LINUX_ROOT_DEVICE}" == "" ]]; then - - case "${ROOT_PART_FS}" in - btrfs) - rootsubvol="$(make_system_path_relative_to_its_root /)" - rootsubvol="${rootsubvol#/}" - if [[ "${rootsubvol}" != "" ]]; then - GRUB_LINUX_ROOT_DEVICE="subvol=${rootsubvol}" - fi - ;; - zfs) - rpool="$(${grub_probe} --device ${GRUB_DEVICE} --target=fs_label 2>/dev/null || true)" - bootfs="$(make_system_path_relative_to_its_root / | sed -e "s,@$,,")" - GRUB_LINUX_ROOT_DEVICE="ZFS=${rpool}${bootfs}" - ;; - esac - - if [[ "${GRUB_DEVICE_UUID}" == "" ]] || \ - [[ "${GRUB_DISABLE_LINUX_UUID}" == "true" ]] || \ - [[ ! -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" ]] || \ - uses_abstraction "${GRUB_DEVICE}" lvm ; then - GRUB_LINUX_ROOT_DEVICE="${GRUB_DEVICE}" - else - GRUB_LINUX_ROOT_DEVICE="UUID=${GRUB_DEVICE_UUID}" - fi -fi - -[[ "${GRUB_LINUX_PARAMS}" == "" ]] && GRUB_LINUX_PARAMS="${GRUB_CMDLINE_LINUX} ${GRUB_CMDLINE_LINUX_DEFAULT}" -if [[ "${XEN_LINUX_CMDLINE_OVERRIDE}" == "0" ]]; then - GRUB_LINUX_PARAMS="${GRUB_LINUX_PARAMS} ${XEN_LINUX_CMDLINE}" -else - GRUB_LINUX_PARAMS="${XEN_LINUX_CMDLINE}" -fi - -xen_list=`for i in /boot/xen-*.gz /xen-*.gz ; do - if grub_file_is_not_garbage "$i" ; then echo -n "$i "; fi -done` - -while [ "x$xen_list" != "x" ] ; do - xen=`version_find_latest $xen_list` - echo "Found Xen hypervisor image: $xen" >&2 - XEN_BASENAME=`basename $xen` - XEN_VERSION=`echo $XEN_BASENAME | sed -e "s,^[^0-9]*-,,g" | sed -e "s,.gz,,g"` - - for _KERNEL_ in ${list} ; do - - echo "Found linux image: ${_KERNEL_}" >&2 - - basename="$(basename "${_KERNEL_}")" - dirname="$(dirname "${_KERNEL_}")" - REAL_DIR="$(make_system_path_relative_to_its_root "${dirname}")" - - _KERNEL_FILE_="$(echo ${_KERNEL_} | sed 's,/boot/,,g')" - _KERNEL_PKG_="pkg-$(echo ${_KERNEL_FILE_} | sed 's,vmlinuz-,,g')" - - _INITRAMFS_="${_KERNEL_FILE_/vmlinuz-/initramfs-}.img" - - if [[ -e "/boot/${_INITRAMFS_}" ]]; then - - echo "Found initramfs image: /boot/${_INITRAMFS_}" >&2 - - cat << EOF - -menuentry "Xen ${XEN_VERSION} / Arch Linux ${_KERNEL_PKG_} kernel" ${CLASS} { - $(save_default_entry) - if [ x\$feature_all_video_module = xy ]; then - insmod all_video - fi - set gfxpayload=keep - insmod ${BOOT_PART_FS} - if [ x\$feature_platform_search_hint = xy ]; then - search --no-floppy --fs-uuid --set=root ${BOOT_PART_HINTS_STRING} ${BOOT_PART_FS_UUID} - else - search --no-floppy --fs-uuid --set=root ${BOOT_PART_FS_UUID} - fi - echo '$(printf "Loading Xen %s ..." ${XEN_VERSION})' - multiboot2 ${REAL_DIR}/${XEN_BASENAME} ${XEN_HYPERVISOR_CMDLINE} - echo 'Loading Arch Linux ${_KERNEL_PKG_} kernel ...' - module2 ${REAL_DIR}/${_KERNEL_FILE_} root=${GRUB_LINUX_ROOT_DEVICE} rw ${GRUB_LINUX_PARAMS} - echo 'Loading Arch Linux ${_KERNEL_PKG_} kernel initramfs ...' - module2 ${REAL_DIR}/${_INITRAMFS_} -} - -EOF - fi - - _INITRAMFS_FALLBACK_="${_KERNEL_FILE_/vmlinuz-/initramfs-}-fallback.img" - - if [[ -e "/boot/${_INITRAMFS_FALLBACK_}" ]]; then - - echo "Found fallback initramfs image: /boot/${_INITRAMFS_FALLBACK_}" >&2 - - cat << EOF - -menuentry "Xen ${XEN_VERSION} / Arch Linux ${_KERNEL_PKG_} kernel (fallback initramfs)" ${CLASS} { - $(save_default_entry) - if [ x\$feature_all_video_module = xy ]; then - insmod all_video - fi - set gfxpayload=keep - insmod ${BOOT_PART_FS} - if [ x\$feature_platform_search_hint = xy ]; then - search --no-floppy --fs-uuid --set=root ${BOOT_PART_HINTS_STRING} ${BOOT_PART_FS_UUID} - else - search --no-floppy --fs-uuid --set=root ${BOOT_PART_FS_UUID} - fi - echo '$(printf "Loading Xen %s ..." ${XEN_VERSION})' - multiboot2 ${REAL_DIR}/${XEN_BASENAME} ${XEN_HYPERVISOR_CMDLINE} - echo 'Loading Arch Linux ${_KERNEL_PKG_} kernel ...' - module2 ${REAL_DIR}/${_KERNEL_FILE_} root=${GRUB_LINUX_ROOT_DEVICE} rw ${GRUB_LINUX_PARAMS} - echo 'Loading Arch Linux ${_KERNEL_PKG_} kernel fallback initramfs ...' - module2 ${REAL_DIR}/${_INITRAMFS_FALLBACK_} -} - -EOF - fi - - if [[ ! -e "/boot/${_INITRAMFS_}" ]] && [[ ! -e "/boot/${_INITRAMFS_FALLBACK_}" ]]; then - cat << EOF - -menuentry "Xen ${XEN_VERSION} / Arch Linux ${_KERNEL_PKG_} kernel (no initramfs)" ${CLASS} { - $(save_default_entry) - if [ x\$feature_all_video_module = xy ]; then - insmod all_video - fi - set gfxpayload=keep - insmod ${BOOT_PART_FS} - if [ x\$feature_platform_search_hint = xy ]; then - search --no-floppy --fs-uuid --set=root ${BOOT_PART_HINTS_STRING} ${BOOT_PART_FS_UUID} - else - search --no-floppy --fs-uuid --set=root ${BOOT_PART_FS_UUID} - fi - echo '$(printf "Loading Xen %s ..." ${XEN_VERSION})' - multiboot2 ${REAL_DIR}/${XEN_BASENAME} ${XEN_HYPERVISOR_CMDLINE} - echo 'Loading Arch Linux ${_KERNEL_PKG_} kernel ...' - module2 ${REAL_DIR}/${_KERNEL_FILE_} root=${GRUB_LINUX_ROOT_DEVICE} rw ${GRUB_LINUX_PARAMS} -} - -EOF - fi - - done - - xen_list=`echo $xen_list | tr ' ' '\n' | grep -vx $xen | tr '\n' ' '` -done - - diff --git a/grub.conf b/grub.conf deleted file mode 100644 index e456973db062..000000000000 --- a/grub.conf +++ /dev/null @@ -1,3 +0,0 @@ -#XEN_HYPERVISOR_CMDLINE="xsave=1" -#XEN_LINUX_CMDLINE="console=tty0" -#XEN_LINUX_CMDLINE_OVERRIDE=0 diff --git a/vtpm-gcc12-fixes.patch b/vtpm-gcc12-fixes.patch new file mode 100644 index 000000000000..a86bf007a924 --- /dev/null +++ b/vtpm-gcc12-fixes.patch @@ -0,0 +1,14 @@ +diff -Naur orig.tpm_emulator-0.7.4/crypto/rsa.h tpm_emulator-0.7.4/crypto/rsa.h +--- orig.tpm_emulator-0.7.4/crypto/rsa.h 2022-05-16 09:33:22.000000000 -0700 ++++ tpm_emulator-0.7.4/crypto/rsa.h 2022-05-16 09:34:03.000000000 -0700 +@@ -17,6 +17,10 @@ + #ifndef _RSA_H_ + #define _RSA_H_ + ++#if __GNUC__ >= 12 ++#pragma GCC diagnostic ignored "-Waddress" ++#endif ++ + #include <stddef.h> + #include <stdint.h> + #include "bn.h" diff --git a/xen-amd-ucode.hook b/xen-amd-ucode.hook new file mode 100644 index 000000000000..8e56e98dc907 --- /dev/null +++ b/xen-amd-ucode.hook @@ -0,0 +1,12 @@ +[Trigger] +Type = Path +Operation = Install +Operation = Upgrade +Operation = Remove +Target = boot/amd-ucode.img + +[Action] +Description = Extracting AMD microcode for Xen EFI... +When = PostTransaction +Exec = /usr/share/libalpm/scripts/xen-ucode-extract.sh + diff --git a/xen-intel-ucode.hook b/xen-intel-ucode.hook new file mode 100644 index 000000000000..c7013ff5c871 --- /dev/null +++ b/xen-intel-ucode.hook @@ -0,0 +1,12 @@ +[Trigger] +Type = Path +Operation = Install +Operation = Upgrade +Operation = Remove +Target = boot/intel-ucode.img + +[Action] +Description = Extracting Intel microcode for Xen EFI... +When = PostTransaction +Exec = /usr/share/libalpm/scripts/xen-ucode-extract.sh + diff --git a/xen-ucode-extract.sh b/xen-ucode-extract.sh new file mode 100644 index 000000000000..7f8379d67150 --- /dev/null +++ b/xen-ucode-extract.sh @@ -0,0 +1,37 @@ +#!/bin/bash -e + + +do_firmware() { + + if [ "$1" == "intel" ]; then + UCODE_RD="/boot/intel-ucode.img" + XEN_EFI_UCODE="/boot/xen-efi-intel-ucode.bin" + UCODE_ORIG_BIN="kernel/x86/microcode/GenuineIntel.bin" + elif [ "$1" == "amd" ]; then + UCODE_RD="/boot/amd-ucode.img" + XEN_EFI_UCODE="/boot/xen-efi-amd-ucode.bin" + UCODE_ORIG_BIN="kernel/x86/microcode/AuthenticAMD.bin" + fi + + # remove old file + if [ -f $XEN_EFI_UCODE ]; then + rm $XEN_EFI_UCODE + fi + + # create new file + if [ -f $UCODE_RD ]; then + bsdtar -Oxf $UCODE_RD $UCODE_ORIG_BIN > $XEN_EFI_UCODE || exit 1 + fi + + +} + +if [ -f "/boot/intel-ucode.img" ]; then + do_firmware "intel" +fi + +if [ -f "/boot/amd-ucode.img" ]; then + do_firmware "amd" +fi + +exit 0 diff --git a/xen.install b/xen.install index 6e21a5230e6f..2a053c9f72a3 100644 --- a/xen.install +++ b/xen.install @@ -1,64 +1,38 @@ install_msg() { cat << __EOF__ -===> IMPORTANT NOTICES: + Bunch of Xen Notes: https://wiki.archlinux.org/index.php/Xen -In order to complete the installation, and enable Xen, -at the very least you must: -1. If using GRUB2, edit your GRUB2 config files as specified at - https://wiki.archlinux.org/index.php/Xen#Bootloader_Configuration - - Support for the grub-mkconfig command was added, and will auto-discover - the deployed xen hypervisor and linux kernel -2. If booting via efi, copy the example /etc/xen/efi-xen.cfg to /boot/xen.cfg + If booting via efi, copy the example /etc/xen/efi-xen.cfg to /boot/xen.cfg and edit the contents to match the settings you need. -3. Issue the following commands to allow you to create and start VMs: + + To make dom0 go: systemctl enable xen-qemu-dom0-disk-backend.service systemctl enable xen-init-dom0.service systemctl enable xenconsoled.service - Other optional services are: + Optional services are: systemctl enable xen-watchdog.service -4. If you want some domains to automatically start up/shutdown, run the following: + To start domains on boot: systemctl enable xendomains.service -For more information refer to the Wiki: - https://wiki.archlinux.org/index.php/Xen - -__EOF__ - -} -upgrade_msg() { - cat << __EOF__ -Xen 4.12 -Release notes -http://wiki.xen.org/wiki/Xen_Project_4.12_Release_Notes -Feature list -http://wiki.xen.org/wiki/Xen_Project_4.12_Feature_List __EOF__ - if [ "$(vercmp 4.8.0-4 "$1")" -lt 0 ]; then - cat << __EOF__ -!!!!! -This Xen version has split out SeaBIOS and OVMF. -If you need to use VMs with BIOS or UEFI, install seabios or ovmf respectively. -!!!!! -__EOF__ - fi } + post_install() { install_msg - upgrade_msg systemd-tmpfiles --create + /usr/share/libalpm/scripts/xen-ucode-extract.sh } post_upgrade() { - upgrade_msg $@ systemd-tmpfiles --create + /usr/share/libalpm/scripts/xen-ucode-extract.sh } pre_remove() { @@ -73,11 +47,12 @@ pre_remove() { systemctl disable xenconsoled.service systemctl disable xen-init-dom0.service systemctl disable xen-qemu-dom0-disk-backend.service + + echo "Be sure to check boot for auto-generated microcode files." } post_remove() { cat << __EOF__ -===> IMPORTANT NOTICE: In order to finish removing Xen, you will need to modify your bootloader configuration files to load your Linux |