Yocto 2.5
Move OpenBMC to Yocto 2.5(sumo)
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Change-Id: I5c5ad6904a16e14c1c397f0baf10c9d465594a78
diff --git a/import-layers/meta-virtualization/README b/import-layers/meta-virtualization/README
index 7d84232..f13de08 100644
--- a/import-layers/meta-virtualization/README
+++ b/import-layers/meta-virtualization/README
@@ -4,7 +4,7 @@
This layer provides support for building Xen, KVM, Libvirt, and associated
packages necessary for constructing OE-based virtualized solutions.
-The bbappend files for some recipe (e.g. linux-yocto) in this layer needs to
+The bbappend files for some recipes (e.g. linux-yocto) in this layer need to
have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add
in configuration file the following line.
@@ -23,8 +23,16 @@
SKIP_META_VIRT_SANITY_CHECK = 1
-Also note that there are kvm and xen specific distro flags/features that depending
-on your use case.
+Depending on your use case, there are other distro features in meta-virtualization
+that may also be enabled:
+
+ - xen: enables xen functionality in various packages (kernel, libvirt, etc)
+ - kvm: enables KVM configurations in the kernel and autoloads modules
+ - aufs: enables aufs support in docker and linux-yocto
+ - x11: enable xen and libvirt functionality related to x11
+ - selinux: enables functionality in libvirt and lxc
+ - systemd: enable systemd services and unit files (for recipes for support)
+ - sysvinit: enable sysvinit scripts (for recipes with support)
Dependencies
------------
@@ -39,14 +47,10 @@
branch: master
revision: HEAD
layers: meta-oe
- meta-networking
+ meta-networking
meta-filesystems
meta-python
-URI: git://github.com/errordeveloper/oe-meta-go.git
-branch: master
-revision: HEAD
-
BBFILE_PRIORITY_openembedded-layer = "4"
Required for Xen XSM policy:
@@ -64,7 +68,7 @@
Bruce Ashfield <bruce.ashfield@gmail.com>
When sending single patches, please using something like:
-$ git send-email -1 --to meta-virtualization@yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
+$ git send-email -1 -M --to meta-virtualization@yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
-------
diff --git a/import-layers/meta-virtualization/conf/distro/include/meta-virt-default-versions.inc b/import-layers/meta-virtualization/conf/distro/include/meta-virt-default-versions.inc
new file mode 100644
index 0000000..27e7b90
--- /dev/null
+++ b/import-layers/meta-virtualization/conf/distro/include/meta-virt-default-versions.inc
@@ -0,0 +1,9 @@
+# Meta-virtuailization PREFERED_VERSION
+
+PREFERRED_VERSION_python-blinker = "1.3"
+PREFERRED_VERSION_python-gevent = "1.0.1"
+PREFERRED_VERSION_python-m2crypto = "0.22.3"
+PREFERRED_VERSION_python-pyyaml = "3.11"
+PREFERRED_VERSION_python-redis = "2.10.3"
+PREFERRED_VERSION_python-sqlalchemy = "1.1.5"
+PREFERRED_VERSION_python-werkzeug = "0.10.4"
diff --git a/import-layers/meta-virtualization/conf/layer.conf b/import-layers/meta-virtualization/conf/layer.conf
index f71c117..fa2e015 100644
--- a/import-layers/meta-virtualization/conf/layer.conf
+++ b/import-layers/meta-virtualization/conf/layer.conf
@@ -14,15 +14,17 @@
# This should only be incremented on significant changes that will
# cause compatibility issues with other layers
LAYERVERSION_virtualization-layer = "1"
-
+LAYERSERIES_COMPAT_virtualization-layer = "sumo"
LAYERDEPENDS_virtualization-layer = "core networking-layer"
# Override security flags
require conf/distro/include/virt_security_flags.inc
PREFERRED_PROVIDER_virtual/runc ?= "runc-docker"
-PREFERRED_PROVIDER_virtual/containerd ?= "containerd-docker"
+PREFERRED_PROVIDER_virtual/containerd ?= "containerd-opencontainers"
# Sanity check for meta-virtualization layer.
# Setting SKIP_META_VIRT_SANITY_CHECK to "1" would skip the bbappend files check.
INHERIT += "sanity-meta-virt"
+
+require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', 'meta-virt-default-versions.inc', '', d)}
diff --git a/import-layers/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb b/import-layers/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb
index 37f8547..c6b4f5e 100644
--- a/import-layers/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/containerd/containerd-opencontainers_git.bb
@@ -1,9 +1,11 @@
+SRCREV = "cfd04396dc68220d1cecbe686a6cc3aa5ce3667c"
+SRC_URI = "git://github.com/containerd/containerd;nobranch=1 \
+ file://0001-build-use-oe-provided-GO-and-flags.patch \
+ "
+
include containerd.inc
-SRCREV = "0ac3cd1be170d180b2baed755e8f0da547ceb267"
-SRC_URI = "git://github.com/docker/containerd.git;nobranch=1 \
- "
-CONTAINERD_VERSION = "0.2.2"
+CONTAINERD_VERSION = "v1.0.2"
PROVIDES += "virtual/containerd"
RPROVIDES_${PN} = "virtual/containerd"
diff --git a/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc b/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc
index e7a3719..eb47cc9 100644
--- a/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc
+++ b/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc
@@ -6,7 +6,7 @@
# Apache-2.0 for containerd
LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE.code;md5=aadc30f9c14d876ded7bedc0afd2d3d7"
+LIC_FILES_CHKSUM = "file://src/import/LICENSE.code;md5=aadc30f9c14d876ded7bedc0afd2d3d7"
SRC_URI += "file://containerd.service"
@@ -17,6 +17,8 @@
inherit go
inherit goarch
+GO_IMPORT = "import"
+
RRECOMMENDS_${PN} = "lxc docker"
CONTAINERD_PKG="github.com/containerd/containerd"
@@ -25,30 +27,37 @@
do_configure[noexec] = "1"
do_compile() {
- # Set GOPATH. See 'PACKAGERS.md'. Don't rely on
- # docker to download its dependencies but rather
- # use dependencies packaged independently.
- cd ${S}
- rm -rf .gopath
- mkdir -p .gopath/src/"$(dirname "${CONTAINERD_PKG}")"
- ln -sf ../../../.. .gopath/src/"${CONTAINERD_PKG}"
+ export GOARCH="${TARGET_GOARCH}"
- export GOPATH="${WORKDIR}/git/"
- export GOROOT="${STAGING_LIBDIR_NATIVE}/${TARGET_SYS}/go"
+ # link fixups for compilation
+ rm -f ${S}/src/import/vendor/src
+ ln -sf ./ ${S}/src/import/vendor/src
- # Pass the needed cflags/ldflags so that cgo
- # can find the needed headers files and libraries
- export GOARCH="${TARGET_GOARCH}"
- export CGO_ENABLED="1"
- export CFLAGS=""
- export LDFLAGS=""
- export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
- export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
- export GO_GCFLAGS=""
- export CC_FOR_TARGET="${TARGET_PREFIX}gcc ${TARGET_CC_ARCH} --sysroot=${STAGING_DIR_TARGET}"
- export CXX_FOR_TARGET="${TARGET_PREFIX}g++ ${TARGET_CC_ARCH} --sysroot=${STAGING_DIR_TARGET}"
+ mkdir -p ${S}/src/import/vendor/src/github.com/containerd/containerd/
+ # without this, the stress test parts of the build fail
+ cp ${S}/src/import/*.go ${S}/src/import/vendor/src/github.com/containerd/containerd
- oe_runmake static
+ for c in content errdefs fs images mount snapshots linux api runtimes defaults progress \
+ protobuf reference diff platforms runtime remotes version archive dialer gc metadata \
+ metrics filters identifiers labels leases plugin server services \
+ cmd cio containers namespaces oci events log reaper sys rootfs; do
+ ln -sfn ${S}/src/import/${c} ${S}/src/import/vendor/github.com/containerd/containerd/${c}
+ done
+
+ export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
+ export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
+
+ # Pass the needed cflags/ldflags so that cgo
+ # can find the needed headers files and libraries
+ export CGO_ENABLED="1"
+ export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ export BUILDTAGS="no_btrfs static_build netgo"
+ export CFLAGS="${CFLAGS}"
+ export LDFLAGS="${LDFLAGS}"
+
+ cd ${S}/src/import
+ oe_runmake binaries
}
# Note: disabled for now, since docker is launching containerd
@@ -59,9 +68,9 @@
do_install() {
mkdir -p ${D}/${bindir}
- cp ${S}/bin/containerd ${D}/${bindir}/containerd
- cp ${S}/bin/containerd-shim ${D}/${bindir}/containerd-shim
- cp ${S}/bin/ctr ${D}/${bindir}/containerd-ctr
+ cp ${S}/src/import/bin/containerd ${D}/${bindir}/containerd
+ cp ${S}/src/import/bin/containerd-shim ${D}/${bindir}/containerd-shim
+ cp ${S}/src/import/bin/ctr ${D}/${bindir}/containerd-ctr
ln -sf containerd ${D}/${bindir}/docker-containerd
ln -sf containerd-shim ${D}/${bindir}/docker-containerd-shim
@@ -78,3 +87,4 @@
FILES_${PN} += "${systemd_system_unitdir}/*"
INHIBIT_PACKAGE_STRIP = "1"
+INSANE_SKIP_${PN} += "ldflags already-stripped"
diff --git a/import-layers/meta-virtualization/recipes-containers/containerd/files/0001-build-use-oe-provided-GO-and-flags.patch b/import-layers/meta-virtualization/recipes-containers/containerd/files/0001-build-use-oe-provided-GO-and-flags.patch
new file mode 100644
index 0000000..75a984b
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/containerd/files/0001-build-use-oe-provided-GO-and-flags.patch
@@ -0,0 +1,26 @@
+From e31acef290181434efaf47e70db7ad0d92dbe300 Mon Sep 17 00:00:00 2001
+From: Bruce Ashfield <bruce.ashfield@windriver.com>
+Date: Thu, 19 Apr 2018 17:09:51 -0400
+Subject: [PATCH] build: use oe provided GO and flags
+
+Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/import/Makefile b/src/import/Makefile
+index 9d8cf8a18fbc..492d033fe2a7 100644
+--- a/src/import/Makefile
++++ b/src/import/Makefile
+@@ -134,7 +134,7 @@ bin/%: cmd/% FORCE
+
+ bin/containerd-shim: cmd/containerd-shim FORCE # set !cgo and omit pie for a static shim build: https://github.com/golang/go/issues/17789#issuecomment-258542220
+ @echo "$(WHALE) bin/containerd-shim"
+- @CGO_ENABLED=0 go build -o bin/containerd-shim ${SHIM_GO_LDFLAGS} ${GO_TAGS} ./cmd/containerd-shim
++ @$(GO) build -o bin/containerd-shim ${SHIM_GO_LDFLAGS} $(GOBUILDFLAGS) ${GO_TAGS} ./cmd/containerd-shim
+
+ binaries: $(BINARIES) ## build binaries
+ @echo "$(WHALE) $@"
+--
+2.4.0.53.g8440f74
+
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb b/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb
index 3a02103..7d62f35 100644
--- a/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb
@@ -21,6 +21,7 @@
file://0002-criu-Skip-documentation-install.patch \
file://0001-criu-Change-libraries-install-directory.patch \
file://lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch \
+ file://fix-building-on-newest-glibc-and-kernel.patch \
"
COMPATIBLE_HOST = "(x86_64|arm|aarch64).*-linux"
@@ -57,6 +58,8 @@
PACKAGECONFIG ??= ""
PACKAGECONFIG[selinux] = ",,libselinux"
+CLEANBROKEN = "1"
+
do_compile_prepend() {
rm -rf ${S}/images/google/protobuf/descriptor.proto
ln -s ${PKG_CONFIG_SYSROOT_DIR}/usr/include/google/protobuf/descriptor.proto ${S}/images/google/protobuf/descriptor.proto
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch
index 4908e47..afb1332 100644
--- a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch
+++ b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch
@@ -1,4 +1,4 @@
-From 78390305829316633acee2ca5607331b0e37a104 Mon Sep 17 00:00:00 2001
+From f64fbca70e6049dad3c404d871f2383d97725d2d Mon Sep 17 00:00:00 2001
From: Mark Asselstine <mark.asselstine@windriver.com>
Date: Fri, 8 Sep 2017 15:11:31 -0400
Subject: [PATCH] criu: Change libraries install directory
@@ -7,12 +7,13 @@
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
+
---
Makefile.install | 13 -------------
1 file changed, 13 deletions(-)
diff --git a/Makefile.install b/Makefile.install
-index 3987bcc..73d98a4 100644
+index 1def3cf..d020eef 100644
--- a/Makefile.install
+++ b/Makefile.install
@@ -9,19 +9,6 @@ LIBEXECDIR ?= $(PREFIX)/libexec
@@ -35,6 +36,3 @@
# LIBDIR falls back to the standard path.
LIBDIR ?= $(PREFIX)/lib
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch
index dc5b897..d1f136c 100644
--- a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch
+++ b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch
@@ -1,4 +1,4 @@
-From af679853a45fe63f680c99e70416c8ac620d23b8 Mon Sep 17 00:00:00 2001
+From c005b7a4874f55df687ff22bc425551775581421 Mon Sep 17 00:00:00 2001
From: Mark Asselstine <mark.asselstine@windriver.com>
Date: Fri, 8 Sep 2017 15:02:14 -0400
Subject: [PATCH] criu: Fix toolchain hardcode
@@ -9,6 +9,7 @@
Signed-off-by: Yang Shi <yang.shi@windriver.com>
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
+
---
Makefile | 2 +-
scripts/nmk/scripts/include.mk | 2 +-
@@ -96,6 +97,3 @@
export RM HOSTLD LD HOSTCC CC CPP AS AR STRIP OBJCOPY OBJDUMP
export NM SH MAKE MKDIR AWK PERL PYTHON SH CSCOPE
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/0002-criu-Skip-documentation-install.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/0002-criu-Skip-documentation-install.patch
index ba414d9..af45db7 100644
--- a/import-layers/meta-virtualization/recipes-containers/criu/files/0002-criu-Skip-documentation-install.patch
+++ b/import-layers/meta-virtualization/recipes-containers/criu/files/0002-criu-Skip-documentation-install.patch
@@ -1,21 +1,22 @@
-From 07d9b3d0c372e45127dd51781d9564e8bee90dbe Mon Sep 17 00:00:00 2001
+From 45d74ae8a314c481398ba91a3697ffbd074cd98b Mon Sep 17 00:00:00 2001
From: Jianchuan Wang <jianchuan.wang@windriver.com>
Date: Tue, 16 Aug 2016 09:42:24 +0800
-Subject: [PATCH 2/2] criu: Skip documentation install
+Subject: [PATCH] criu: Skip documentation install
asciidoc is needed to generate CRIU documentation, so skip it in install.
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
+
---
Makefile.install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.install b/Makefile.install
-index a30dc96..33143fb 100644
+index 3987bcc..1def3cf 100644
--- a/Makefile.install
+++ b/Makefile.install
-@@ -22,7 +22,7 @@ install-tree:
- .PHONY: install-tree
+@@ -29,7 +29,7 @@ export PREFIX BINDIR SBINDIR MANDIR RUNDIR
+ export LIBDIR INCLUDEDIR LIBEXECDIR
install-man:
- $(Q) $(MAKE) -C Documentation install
@@ -23,6 +24,3 @@
.PHONY: install-man
install-lib: lib
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/fix-building-on-newest-glibc-and-kernel.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/fix-building-on-newest-glibc-and-kernel.patch
new file mode 100644
index 0000000..9361adc
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/criu/files/fix-building-on-newest-glibc-and-kernel.patch
@@ -0,0 +1,45 @@
+From b59947007362b53e9f41f1e5a33071dedf1c59ac Mon Sep 17 00:00:00 2001
+From: Adrian Reber <areber@redhat.com>
+Date: Thu, 28 Sep 2017 09:13:33 +0000
+Subject: [PATCH] fix building on newest glibc and kernel
+
+On Fedora rawhide with kernel-headers-4.14.0-0.rc2.git0.1.fc28.x86_64
+glibc-devel-2.26.90-15.fc28.x86_64 criu does not build any more:
+
+In file included from /usr/include/linux/aio_abi.h:31:0,
+ from criu/cr-check.c:24:
+/usr/include/sys/mount.h:35:3: error: expected identifier before numeric constant
+ MS_RDONLY = 1, /* Mount read-only. */
+ ^
+make[2]: *** [/builddir/build/BUILD/criu-3.5/scripts/nmk/scripts/build.mk:111: criu/cr-check.o] Error 1
+make[1]: *** [criu/Makefile:73: criu/built-in.o] Error 2
+make: *** [Makefile:233: criu] Error 2
+
+This simple re-ordering of includes fixes it for me.
+
+Signed-off-by: Adrian Reber <areber@redhat.com>
+Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
+
+Upstream-Status: Backport
+[https://github.com/checkpoint-restore/criu/commit/f41e386d4d40e3e26b0cfdc85a812b7edb337f1d#diff-cc847b1cc975358c6582595be92d48db]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+
+---
+ criu/cr-check.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/criu/cr-check.c b/criu/cr-check.c
+index 1dd887a..93df2ab 100644
+--- a/criu/cr-check.c
++++ b/criu/cr-check.c
+@@ -21,8 +21,8 @@
+ #include <netinet/in.h>
+ #include <sys/prctl.h>
+ #include <sched.h>
+-#include <linux/aio_abi.h>
+ #include <sys/mount.h>
++#include <linux/aio_abi.h>
+
+ #include "../soccr/soccr.h"
+
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch
index c2512a0..59e7bcb 100644
--- a/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch
+++ b/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch
@@ -1,4 +1,4 @@
-From 89f9b87904bd312b817ffaa7d83abfd5e84d723d Mon Sep 17 00:00:00 2001
+From 6caf90592d61c8c45b32cb7ff76709f9326030e2 Mon Sep 17 00:00:00 2001
From: Mark Asselstine <mark.asselstine@windriver.com>
Date: Fri, 8 Sep 2017 15:40:49 -0400
Subject: [PATCH] lib/Makefile: overwrite install-lib, to allow multiarch
@@ -8,6 +8,7 @@
INSTALL_LIB.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
+
---
lib/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
@@ -25,6 +26,3 @@
.PHONY: install
uninstall:
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb b/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb
index 4e761d0..851c251 100644
--- a/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb
+++ b/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb
@@ -19,7 +19,6 @@
${PYTHON_PN}-docker-pycreds \
${PYTHON_PN}-dockerpty \
${PYTHON_PN}-docopt \
- ${PYTHON_PN}-enum \
${PYTHON_PN}-idna \
${PYTHON_PN}-jsonschema \
${PYTHON_PN}-pyyaml \
diff --git a/import-layers/meta-virtualization/recipes-containers/docker/docker-ce_git.bb b/import-layers/meta-virtualization/recipes-containers/docker/docker-ce_git.bb
new file mode 100644
index 0000000..0dfda5f
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/docker/docker-ce_git.bb
@@ -0,0 +1,172 @@
+HOMEPAGE = "http://www.docker.com"
+SUMMARY = "Linux container runtime"
+DESCRIPTION = "Linux container runtime \
+ Docker complements kernel namespacing with a high-level API which \
+ operates at the process level. It runs unix processes with strong \
+ guarantees of isolation and repeatability across servers. \
+ . \
+ Docker is a great building block for automating distributed systems: \
+ large-scale web deployments, database clusters, continuous deployment \
+ systems, private PaaS, service-oriented architectures, etc. \
+ . \
+ This package contains the daemon and client. Using docker.io is \
+ officially supported on x86_64 and arm (32-bit) hosts. \
+ Other architectures are considered experimental. \
+ . \
+ Also, note that kernel version 3.10 or above is required for proper \
+ operation of the daemon process, and that any lower versions may have \
+ subtle and/or glaring issues. \
+ "
+
+SRCREV_docker = "0520e243029d1361649afb0706a1c5d9a1c012b8"
+SRCREV_libnetwork = "4cb38c2987c236dce03c868d99b57b1e28a4b81c"
+SRCREV_cli = "0f1bb353423e45e02315e985bd9ddebe6da18457"
+SRC_URI = "\
+ git://github.com/docker/docker-ce.git;nobranch=1;name=docker \
+ git://github.com/docker/libnetwork.git;branch=master;name=libnetwork;destsuffix=libnetwork \
+ git://github.com/docker/cli;branch=master;name=cli;destsuffix=cli \
+ file://docker.init \
+ file://hi.Dockerfile \
+ "
+
+# Apache-2.0 for docker
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://src/import/components/engine/LICENSE;md5=9740d093a080530b5c5c6573df9af45a"
+
+GO_IMPORT = "import"
+
+S = "${WORKDIR}/git"
+
+DOCKER_VERSION = "18.03.0-ce"
+PV = "${DOCKER_VERSION}+git${SRCREV_docker}"
+
+DEPENDS = " \
+ go-cli \
+ go-pty \
+ go-context \
+ go-mux \
+ go-patricia \
+ go-logrus \
+ go-fsnotify \
+ go-dbus \
+ go-capability \
+ go-systemd \
+ btrfs-tools \
+ sqlite3 \
+ go-distribution \
+ compose-file \
+ go-connections \
+ notary \
+ grpc-go \
+ libtool-native \
+ libtool \
+ "
+
+PACKAGES =+ "${PN}-contrib"
+
+DEPENDS_append_class-target = " lvm2"
+RDEPENDS_${PN} = "util-linux iptables \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'aufs', 'aufs-util', '', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'cgroup-lite', d)} \
+ "
+RDEPENDS_${PN} += "virtual/containerd virtual/runc"
+
+RRECOMMENDS_${PN} = "kernel-module-dm-thin-pool kernel-module-nf-nat"
+RSUGGESTS_${PN} = "lxc rt-tests"
+DOCKER_PKG="github.com/docker/docker"
+
+inherit systemd update-rc.d
+inherit go
+inherit goarch
+inherit pkgconfig
+
+do_configure[noexec] = "1"
+
+do_compile() {
+ # Set GOPATH. See 'PACKAGERS.md'. Don't rely on
+ # docker to download its dependencies but rather
+ # use dependencies packaged independently.
+ cd ${S}/src/import
+ rm -rf .gopath
+ mkdir -p .gopath/src/"$(dirname "${DOCKER_PKG}")"
+ ln -sf ../../../../components/engine/ .gopath/src/"${DOCKER_PKG}"
+
+ mkdir -p .gopath/src/github.com/docker
+ ln -sf ${WORKDIR}/libnetwork .gopath/src/github.com/docker/libnetwork
+ ln -sf ${WORKDIR}/cli .gopath/src/github.com/docker/cli
+
+ export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
+ export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
+
+ # Pass the needed cflags/ldflags so that cgo
+ # can find the needed headers files and libraries
+ export GOARCH=${TARGET_GOARCH}
+ export CGO_ENABLED="1"
+ export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ # in order to exclude devicemapper and btrfs - https://github.com/docker/docker/issues/14056
+ export DOCKER_BUILDTAGS='exclude_graphdriver_btrfs exclude_graphdriver_devicemapper'
+
+ export DISABLE_WARN_OUTSIDE_CONTAINER=1
+
+ cd ${S}/src/import/components/engine
+
+ # this is the unsupported built structure
+ # that doesn't rely on an existing docker
+ # to build this:
+ VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" ./hack/make.sh dynbinary
+
+ # build the proxy
+ go build -o ${S}/src/import/docker-proxy github.com/docker/libnetwork/cmd/proxy
+
+ # build the cli
+ ##go build -o ${S}/src/import/bundles/latest/dynbinary-client/docker github.com/docker/cli/cmd/docker
+ cd ${S}/src/import/.gopath/src/github.com/docker/cli
+ export CFLAGS=""
+ export LDFLAGS=""
+ export DOCKER_VERSION=${DOCKER_VERSION}
+ VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" make dynbinary
+}
+
+SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}"
+SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','docker.service','',d)}"
+
+SYSTEMD_AUTO_ENABLE_${PN} = "enable"
+
+INITSCRIPT_PACKAGES += "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','${PN}','',d)}"
+INITSCRIPT_NAME_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','docker.init','',d)}"
+INITSCRIPT_PARAMS_${PN} = "defaults"
+
+do_install() {
+ mkdir -p ${D}/${bindir}
+ cp ${WORKDIR}/cli/build/docker ${D}/${bindir}/docker
+ cp ${S}/src/import/components/engine/bundles/latest/dynbinary-daemon/dockerd ${D}/${bindir}/dockerd
+ cp ${S}/src/import/docker-proxy ${D}/${bindir}/docker-proxy
+
+ if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+ install -d ${D}${systemd_unitdir}/system
+ install -m 644 ${S}/src/import/components/engine/contrib/init/systemd/docker.* ${D}/${systemd_unitdir}/system
+ # replaces one copied from above with one that uses the local registry for a mirror
+ install -m 644 ${S}/src/import/components/engine/contrib/init/systemd/docker.service ${D}/${systemd_unitdir}/system
+ else
+ install -d ${D}${sysconfdir}/init.d
+ install -m 0755 ${WORKDIR}/docker.init ${D}${sysconfdir}/init.d/docker.init
+ fi
+
+ mkdir -p ${D}${datadir}/docker/
+ cp ${WORKDIR}/hi.Dockerfile ${D}${datadir}/docker/
+ install -m 0755 ${S}/src/import/components/engine/contrib/check-config.sh ${D}${datadir}/docker/
+}
+
+inherit useradd
+USERADD_PACKAGES = "${PN}"
+GROUPADD_PARAM_${PN} = "-r docker"
+
+FILES_${PN} += "${systemd_unitdir}/system/*"
+
+FILES_${PN}-contrib += "${datadir}/docker/check-config.sh"
+RDEPENDS_${PN}-contrib += "bash"
+
+# DO NOT STRIP docker
+INHIBIT_PACKAGE_STRIP = "1"
+INSANE_SKIP_${PN} += "ldflags"
diff --git a/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb b/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb
index 4ba5e81..e055a4f 100644
--- a/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb
@@ -18,16 +18,16 @@
subtle and/or glaring issues. \
"
-SRCREV_docker = "e639a70fbe999d96354a5bcf560231b7b8aa935c"
-SRCREV_libnetwork = "26addf43a5d925ff79d262dbbdb5344bc2b6e198"
-SRCREV_cli = "a765218f1988e85b68aa3977f34893ec7b059a60"
+SRCREV_docker = "708b068d3095c6a6be939eb2da78c921d2e945e2"
+SRCREV_libnetwork = "4cb38c2987c236dce03c868d99b57b1e28a4b81c"
+SRCREV_cli = "0f1bb353423e45e02315e985bd9ddebe6da18457"
SRC_URI = "\
git://github.com/moby/moby.git;nobranch=1;name=docker \
- git://github.com/docker/libnetwork.git;branch=master;name=libnetwork;destsuffix=libnetwork \
- git://github.com/docker/cli;branch=master;name=cli;destsuffix=cli \
+ git://github.com/docker/libnetwork.git;branch=master;name=libnetwork;destsuffix=git/libnetwork \
+ git://github.com/docker/cli;branch=master;name=cli;destsuffix=git/cli \
file://docker.init \
file://hi.Dockerfile \
- file://context-use-golang.org-x-net-pkg-until-we-move-to-go.patch \
+ file://0001-libnetwork-use-GO-instead-of-go.patch \
"
# Apache-2.0 for docker
@@ -38,7 +38,7 @@
S = "${WORKDIR}/git"
-DOCKER_VERSION = "17.06.0"
+DOCKER_VERSION = "18.03.0"
PV = "${DOCKER_VERSION}+git${SRCREV_docker}"
DEPENDS = " \
@@ -59,13 +59,15 @@
go-connections \
notary \
grpc-go \
+ libtool \
"
PACKAGES =+ "${PN}-contrib"
DEPENDS_append_class-target = " lvm2"
-RDEPENDS_${PN} = "curl aufs-util git util-linux iptables \
- ${@bb.utils.contains('DISTRO_FEATURES','systemd','','cgroup-lite',d)} \
+RDEPENDS_${PN} = "util-linux iptables \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'aufs', 'aufs-util', '', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'cgroup-lite', d)} \
"
RDEPENDS_${PN} += "virtual/containerd virtual/runc"
@@ -76,6 +78,7 @@
inherit systemd update-rc.d
inherit go
inherit goarch
+inherit pkgconfig
do_configure[noexec] = "1"
@@ -89,8 +92,8 @@
ln -sf ../../../.. .gopath/src/"${DOCKER_PKG}"
mkdir -p .gopath/src/github.com/docker
- ln -sf ${WORKDIR}/libnetwork .gopath/src/github.com/docker/libnetwork
- ln -sf ${WORKDIR}/cli .gopath/src/github.com/docker/cli
+ ln -sf ${WORKDIR}/git/libnetwork .gopath/src/github.com/docker/libnetwork
+ ln -sf ${WORKDIR}/git/cli .gopath/src/github.com/docker/cli
export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
@@ -104,17 +107,25 @@
# in order to exclude devicemapper and btrfs - https://github.com/docker/docker/issues/14056
export DOCKER_BUILDTAGS='exclude_graphdriver_btrfs exclude_graphdriver_devicemapper'
+ export DISABLE_WARN_OUTSIDE_CONTAINER=1
+
+ cd ${S}/src/import/
+
# this is the unsupported built structure
# that doesn't rely on an existing docker
# to build this:
- DOCKER_GITCOMMIT="${SRCREV}" \
- ./hack/make.sh dynbinary
-
- # build the proxy
- go build -o ${S}/src/import/docker-proxy github.com/docker/libnetwork/cmd/proxy
+ VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" ./hack/make.sh dynbinary
# build the cli
- go build -o ${S}/src/import/bundles/latest/dynbinary-client/docker github.com/docker/cli/cmd/docker
+ cd ${S}/src/import/.gopath/src/github.com/docker/cli
+ export CFLAGS=""
+ export LDFLAGS=""
+ export DOCKER_VERSION=${DOCKER_VERSION}
+ VERSION="${DOCKER_VERSION}" DOCKER_GITCOMMIT="${SRCREV_docker}" make dynbinary
+
+ # build the proxy
+ cd ${S}/src/import/.gopath/src/github.com/docker/libnetwork
+ oe_runmake cross-local
}
SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}"
@@ -128,9 +139,9 @@
do_install() {
mkdir -p ${D}/${bindir}
- cp ${S}/src/import/bundles/latest/dynbinary-client/docker ${D}/${bindir}/docker
+ cp ${WORKDIR}/git/cli/build/docker ${D}/${bindir}/docker
cp ${S}/src/import/bundles/latest/dynbinary-daemon/dockerd ${D}/${bindir}/dockerd
- cp ${S}/src/import/docker-proxy ${D}/${bindir}/docker-proxy
+ cp ${WORKDIR}/git/libnetwork/bin/docker-proxy* ${D}/${bindir}/docker-proxy
if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
install -d ${D}${systemd_unitdir}/system
diff --git a/import-layers/meta-virtualization/recipes-containers/docker/files/0001-libnetwork-use-GO-instead-of-go.patch b/import-layers/meta-virtualization/recipes-containers/docker/files/0001-libnetwork-use-GO-instead-of-go.patch
new file mode 100644
index 0000000..61ddd26
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/docker/files/0001-libnetwork-use-GO-instead-of-go.patch
@@ -0,0 +1,62 @@
+From 04c07804930faad708218a3134c81de06a9c742a Mon Sep 17 00:00:00 2001
+From: Bruce Ashfield <bruce.ashfield@windriver.com>
+Date: Fri, 6 Apr 2018 23:58:22 -0400
+Subject: [PATCH] libnetwork: use $(GO) instead of go
+
+Ensure that the libnetwork makefile uses the go cross flags and
+utilities.
+
+Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
+---
+ Makefile | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/libnetwork/Makefile b/libnetwork/Makefile
+index 17060bc212c7..90cc7a72ef45 100644
+--- a/libnetwork/Makefile
++++ b/libnetwork/Makefile
+@@ -26,9 +26,9 @@ build: ${build_image}.created
+ build-local:
+ @echo "🐳 $@"
+ @mkdir -p "bin"
+- go build -tags experimental -o "bin/dnet" ./cmd/dnet
+- go build -o "bin/docker-proxy" ./cmd/proxy
+- GOOS=linux go build -o "./cmd/diagnostic/diagnosticClient" ./cmd/diagnostic
++ $(GO) build -tags experimental -o "bin/dnet" ./cmd/dnet
++ $(GO) build -o "bin/proxy" ./cmd/proxy
++ GOOS=linux $(GO) build -o "./cmd/diagnostic/diagnosticClient" ./cmd/diagnostic
+
+ clean:
+ @echo "🐳 $@"
+@@ -51,8 +51,8 @@ cross: ${build_image}.created
+
+ cross-local:
+ @echo "🐳 $@"
+- go build -o "bin/dnet-$$GOOS-$$GOARCH" ./cmd/dnet
+- go build -o "bin/docker-proxy-$$GOOS-$$GOARCH" ./cmd/proxy
++ @$(GO) build -linkshared $(GOBUILDFLAGS) -o "bin/docker-proxy-$$GOOS-$$GOARCH" ./cmd/proxy
++ @$(GO) build -linkshared $(GOBUILDFLAGS) -o "bin/dnet-$$GOOS-$$GOARCH" ./cmd/dnet
+
+ check: ${build_image}.created
+ @${docker} ./wrapmake.sh check-local
+@@ -68,7 +68,7 @@ run-tests:
+ if ls $$dir/*.go &> /dev/null; then \
+ pushd . &> /dev/null ; \
+ cd $$dir ; \
+- go test ${INSIDECONTAINER} -test.parallel 5 -test.v -covermode=count -coverprofile=./profile.tmp ; \
++ $(GO) test ${INSIDECONTAINER} -test.parallel 5 -test.v -covermode=count -coverprofile=./profile.tmp ; \
+ ret=$$? ;\
+ if [ $$ret -ne 0 ]; then exit $$ret; fi ;\
+ popd &> /dev/null; \
+@@ -94,7 +94,7 @@ coveralls:
+ # Depends on binaries because vet will silently fail if it can not load compiled imports
+ vet: ## run go vet
+ @echo "🐳 $@"
+- @test -z "$$(go vet ${PACKAGES} 2>&1 | grep -v 'constant [0-9]* not a string in call to Errorf' | egrep -v '(timestamp_test.go|duration_test.go|exit status 1)' | tee /dev/stderr)"
++ @test -z "$$($(GO) vet ${PACKAGES} 2>&1 | grep -v 'constant [0-9]* not a string in call to Errorf' | egrep -v '(timestamp_test.go|duration_test.go|exit status 1)' | tee /dev/stderr)"
+
+ misspell:
+ @echo "🐳 $@"
+--
+2.4.0.53.g8440f74
+
diff --git a/import-layers/meta-virtualization/recipes-containers/docker/files/context-use-golang.org-x-net-pkg-until-we-move-to-go.patch b/import-layers/meta-virtualization/recipes-containers/docker/files/context-use-golang.org-x-net-pkg-until-we-move-to-go.patch
deleted file mode 100644
index 7ed606f..0000000
--- a/import-layers/meta-virtualization/recipes-containers/docker/files/context-use-golang.org-x-net-pkg-until-we-move-to-go.patch
+++ /dev/null
@@ -1,75 +0,0 @@
-From de69555afaf05efcdeea7b7c20c6f7b12f3e1bac Mon Sep 17 00:00:00 2001
-From: Mark Asselstine <mark.asselstine@windriver.com>
-Date: Fri, 20 Jan 2017 11:58:44 -0500
-Subject: [PATCH] context: use golang.org/x/net pkg until we move to go 1.7
-
-In go 1.6 the context.go is not yet integrated and as such we will get
-build errors like:
-
-walwrap.go:4:2: cannot find package "context" in any of:
-...
-
-Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
----
- client/README.md | 2 +-
- client/client.go | 2 +-
- daemon/info_unix.go | 2 +-
- integration-cli/docker_api_attach_test.go | 2 +-
- integration-cli/docker_cli_save_load_unix_test.go | 2 +-
- 5 files changed, 5 insertions(+), 5 deletions(-)
-
---- a/src/import/client/README.md
-+++ b/src/import/client/README.md
-@@ -8,7 +8,7 @@ For example, to list running containers
- package main
-
- import (
-- "context"
-+ "golang.org/x/net/context"
- "fmt"
-
- "github.com/docker/docker/api/types"
---- a/src/import/client/client.go
-+++ b/src/import/client/client.go
-@@ -19,7 +19,7 @@ For example, to list running containers
- package main
-
- import (
-- "context"
-+ "golang.org/x/net/context"
- "fmt"
-
- "github.com/docker/docker/api/types"
---- a/src/import/daemon/info_unix.go
-+++ b/src/import/daemon/info_unix.go
-@@ -3,7 +3,7 @@
- package daemon
-
- import (
-- "context"
-+ "golang.org/x/net/context"
- "os/exec"
- "strings"
-
---- a/src/import/integration-cli/docker_api_attach_test.go
-+++ b/src/import/integration-cli/docker_api_attach_test.go
-@@ -3,7 +3,7 @@ package main
- import (
- "bufio"
- "bytes"
-- "context"
-+ "golang.org/x/net/context"
- "io"
- "net"
- "net/http"
---- a/src/import/integration-cli/docker_cli_save_load_unix_test.go
-+++ b/src/import/integration-cli/docker_cli_save_load_unix_test.go
-@@ -3,7 +3,7 @@
- package main
-
- import (
-- "context"
-+ "golang.org/x/net/context"
- "fmt"
- "io/ioutil"
- "os"
diff --git a/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb b/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb
index 2c7161e..1677ff4 100644
--- a/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb
@@ -5,7 +5,7 @@
maintenance, and scaling of applications. \
"
-SRCREV_kubernetes = "4b839465f84e7faf876c51703aaf49b37fd10d9c"
+SRCREV_kubernetes = "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
SRC_URI = "git://github.com/kubernetes/kubernetes.git;nobranch=1;name=kubernetes \
"
@@ -16,6 +16,7 @@
PACKAGES =+ "kubeadm"
PACKAGES =+ "kubectl"
PACKAGES =+ "kubelet"
+PACKAGES =+ "kube-proxy"
ALLOW_EMPTY_${PN} = "1"
@@ -27,14 +28,14 @@
cni"
RDEPENDS_kubeadm = "kubelet kubectl"
-RDEPENDS_kubelet = "iptables socat util-linux ethtool iproute2 ebtables"
+RDEPENDS_kubelet = "iptables socat util-linux ethtool iproute2 ebtables iproute2-tc"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
GO_IMPORT = "import"
-PV = "1.9.0-alpha.1+git${SRCREV_kubernetes}"
+PV = "1.10.0+git${SRCREV_kubernetes}"
inherit systemd
inherit go
@@ -90,6 +91,7 @@
FILES_kubeadm = "${bindir}/kubeadm ${systemd_unitdir}/system/kubelet.service.d/*"
FILES_kubectl = "${bindir}/kubectl"
+FILES_kube-proxy = "${bindir}/kube-proxy"
FILES_kubelet = "${bindir}/kubelet ${systemd_unitdir}/system/kubelet.service ${sysconfdir}/kubernetes/manifests/"
INHIBIT_PACKAGE_STRIP = "1"
diff --git a/import-layers/meta-virtualization/recipes-containers/lxc/files/dnsmasq.conf b/import-layers/meta-virtualization/recipes-containers/lxc/files/dnsmasq.conf
new file mode 100644
index 0000000..124f7eb
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/lxc/files/dnsmasq.conf
@@ -0,0 +1,2 @@
+bind-interfaces
+except-interface=lxcbr0
diff --git a/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb b/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb
index 93d5a10..c87b875 100644
--- a/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb
+++ b/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb
@@ -6,6 +6,8 @@
RDEPENDS_${PN} = " \
rsync \
gzip \
+ xz \
+ tar \
libcap-bin \
bridge-utils \
dnsmasq \
@@ -22,6 +24,9 @@
gnutls \
nettle \
"
+
+RDEPENDS_${PN}_append_libc-glibc = " glibc-utils"
+
RDEPENDS_${PN}-ptest += "file make gmp nettle gnutls bash"
SRC_URI = "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \
@@ -33,6 +38,7 @@
file://lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch \
file://logs-optionally-use-base-filenames-to-report-src-fil.patch \
file://cgroups-work-around-issue-in-gcc-7.patch \
+ file://dnsmasq.conf \
"
SRC_URI[md5sum] = "7bfd95280522d7936c0979dfea92cdb5"
@@ -54,14 +60,16 @@
CFLAGS_append = " -Wno-error=deprecated-declarations"
PACKAGECONFIG ??= "templates \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)} \
"
PACKAGECONFIG[doc] = "--enable-doc --enable-api-docs,--disable-doc --disable-api-docs,,"
PACKAGECONFIG[rpath] = "--enable-rpath,--disable-rpath,,"
-PACKAGECONFIG[apparmour] = "--enable-apparmor,--disable-apparmor,apparmor,apparmor"
+PACKAGECONFIG[apparmor] = "--enable-apparmor,--disable-apparmor,apparmor,apparmor"
PACKAGECONFIG[templates] = ",,, ${PN}-templates"
PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux"
PACKAGECONFIG[seccomp] ="--enable-seccomp,--disable-seccomp,libseccomp,libseccomp"
+PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/,--without-systemdsystemunitdir,systemd,"
PACKAGECONFIG[python] = "--enable-python,--disable-python,python3,python3-core"
PACKAGECONFIG[lua] = "--enable-lua,--disable-lua,lua,lua"
@@ -131,6 +139,11 @@
if [ -d ${D}${exec_prefix}/lib/python* ]; then mv ${D}${exec_prefix}/lib/python* ${D}${libdir}/; fi
rmdir --ignore-fail-on-non-empty ${D}${exec_prefix}/lib
fi
+
+ # Force the main dnsmasq instance to bind only to specified interfaces and
+ # to not bind to virbr0. Libvirt will run its own instance on this interface.
+ install -d ${D}/${sysconfdir}/dnsmasq.d
+ install -m 644 ${WORKDIR}/dnsmasq.conf ${D}/${sysconfdir}/dnsmasq.d/lxc
}
EXTRA_OEMAKE += "TEST_DIR=${D}${PTEST_PATH}/src/tests"
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0001-config-make-Config.User-mapping-errors-a-warning.patch b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0001-config-make-Config.User-mapping-errors-a-warning.patch
new file mode 100644
index 0000000..78d2b9d
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0001-config-make-Config.User-mapping-errors-a-warning.patch
@@ -0,0 +1,30 @@
+From fbd62eff9ff2f447c2eb4634398110609fbf9d59 Mon Sep 17 00:00:00 2001
+From: Bruce Ashfield <bruce.ashfield@windriver.com>
+Date: Thu, 16 Nov 2017 23:40:17 -0500
+Subject: [PATCH] config: make Config.User mapping errors a warning
+
+Rather than throwing an error if we can't map a user to a uid,
+output a warning. We aren't actually running the code, but are
+just extracting it .. so the user not existing isn't an issue.
+
+Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
+---
+ image/config.go | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/import/image/config.go b/src/import/image/config.go
+index d28b1bc4fe5f..37dfd1f14ef7 100644
+--- a/src/import/image/config.go
++++ b/src/import/image/config.go
+@@ -106,7 +106,7 @@ func (c *config) runtimeSpec(rootfs string) (*specs.Spec, error) {
+ s.Process.User.UID = uint32(uid)
+ s.Process.User.GID = uint32(gid)
+ } else if c.Config.User != "" {
+- return nil, errors.New("config.User: unsupported format")
++ fmt.Println("Warning: could not map UID for user:", c.Config.User)
+ }
+
+ s.Linux = &specs.Linux{}
+--
+2.4.0.53.g8440f74
+
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb
index 68d73c3..807ee26 100644
--- a/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb
@@ -14,7 +14,8 @@
SRC_URI = "git://github.com/opencontainers/image-tools.git \
file://0001-image-manifest-Recursively-remove-pre-existing-entri.patch \
- file://0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch"
+ file://0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch \
+ file://0001-config-make-Config.User-mapping-errors-a-warning.patch"
SRCREV = "4abe1a166f9be97e8e71b1bb4d7599cc29323011"
PV = "0.2.0-dev+git${SRCPV}"
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch
new file mode 100644
index 0000000..753a77d
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch
@@ -0,0 +1,76 @@
+From f59cddcedd6535e0b809ec9b4e95672d34b41a16 Mon Sep 17 00:00:00 2001
+From: Jason Wessel <jason.wessel@windriver.com>
+Date: Tue, 14 Nov 2017 07:41:41 -0800
+Subject: [PATCH] Add additional cgroup mounts from root NS automatically
+
+Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
+---
+ src/systemdhook.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 45 insertions(+)
+
+diff --git a/src/systemdhook.c b/src/systemdhook.c
+index 78575ef..f735484 100644
+--- a/src/systemdhook.c
++++ b/src/systemdhook.c
+@@ -238,6 +238,11 @@ static char *get_process_cgroup_subsystem_path(int pid, const char *subsystem) {
+ static int mount_cgroup(const char *rootfs, const char *options, char *systemd_path)
+ {
+ _cleanup_free_ char *cgroup_path = NULL;
++ char *spath, *dpath;
++ DIR *dir;
++ struct dirent *d;
++ char link[80];
++ int got;
+
+ if (asprintf(&cgroup_path, "%s/%s", rootfs, CGROUP_ROOT) < 0) {
+ pr_perror("Failed to create path for %s", CGROUP_ROOT);
+@@ -256,6 +261,46 @@ static int mount_cgroup(const char *rootfs, const char *options, char *systemd_p
+ pr_perror("Failed to mkdir new dest: %s", systemd_path);
+ return -1;
+ }
++ /* Create all additional cgroup mounts which are in the root namespace */
++ dir = opendir(CGROUP_ROOT);
++ if (!dir) {
++ pr_perror("Failed to open %s", CGROUP_ROOT);
++ return -1;
++ }
++ /* Skip "." and ".." */
++ readdir(dir);
++ readdir(dir);
++ while ((d = readdir(dir))) {
++ /* Systemd is already handled above */
++ if (strcmp(d->d_name, "systemd") == 0) {
++ continue;
++ }
++ if (asprintf(&spath, "%s/%s", CGROUP_ROOT, d->d_name) < 0) {
++ pr_perror("Failed to create path for %s", d->d_name);
++ return -1;
++ }
++ if (asprintf(&dpath, "%s%s/%s", rootfs, CGROUP_ROOT, d->d_name) < 0) {
++ pr_perror("Failed to create path for %s", d->d_name);
++ return -1;
++ }
++ got = readlink(spath, link, sizeof(link) - 1);
++ if (got > 0) {
++ link[got] = '\0';
++ symlink(link, dpath);
++ } else {
++ if ((makepath(dpath, 0755) == -1) && (errno != EEXIST)) {
++ pr_perror("Failed to mkdir new dest: %s", dpath);
++ return -1;
++ }
++ if (bind_mount(spath, dpath, false)) {
++ pr_perror("Failed to bind mount %s on %s", spath, dpath);
++ return -1;
++ }
++ }
++ free(spath);
++ free(dpath);
++ }
++ closedir(dir);
+ if (mount(cgroup_path, cgroup_path, "bind", MS_REMOUNT|MS_BIND|MS_RDONLY, "") == -1) {
+ pr_perror("Failed to remount %s readonly", cgroup_path);
+ return -1;
+--
+2.11.0
+
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb
index fc88905..e07b741 100644
--- a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb
@@ -10,6 +10,7 @@
SRC_URI = "git://github.com/projectatomic/oci-systemd-hook \
file://0001-selinux-drop-selinux-support.patch \
file://0001-configure-drop-selinux-support.patch \
+ file://0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch \
"
PV = "0.0.1+git${SRCPV}"
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch
deleted file mode 100644
index fa1f695..0000000
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From aa2fc7b0eacba61175f083cc8d8adc233bcd0575 Mon Sep 17 00:00:00 2001
-From: Paul Barker <pbarker@toganlabs.com>
-Date: Thu, 12 Oct 2017 11:34:24 +0000
-Subject: [PATCH] Disable building recvtty
-
-Signed-off-by: Paul Barker <pbarker@toganlabs.com>
-Upstream-status: Inappropriate
----
- Makefile | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/Makefile b/Makefile
-index 0fcf508..24f47dc 100644
---- a/src/import/Makefile
-+++ b/src/import/Makefile
-@@ -38,7 +38,6 @@ contrib/cmd/recvtty/recvtty: $(SOURCES)
-
- static: $(SOURCES)
- CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
-- CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
-
- release:
- @flag_list=(seccomp selinux apparmor static); \
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch
deleted file mode 100644
index bcc76fc..0000000
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch
+++ /dev/null
@@ -1,89 +0,0 @@
-From e8ef6025a4f48620baf91737cd37eb5e6a40f48c Mon Sep 17 00:00:00 2001
-From: Justin Cormack <justin.cormack@docker.com>
-Date: Fri, 23 Jun 2017 17:14:59 -0700
-Subject: [PATCH 1/3] Update to runtime spec
- 198f23f827eea397d4331d7eb048d9d4c7ff7bee
-
-Updates memory limits to be int64, and removes Platform from spec.
-
-Signed-off-by: Justin Cormack <justin.cormack@docker.com>
----
- vendor.conf | 2 +-
- .../opencontainers/runtime-spec/specs-go/config.go | 23 ++++++----------------
- 2 files changed, 7 insertions(+), 18 deletions(-)
-
-diff --git a/vendor.conf b/vendor.conf
-index e23e7ea7..09a8a924 100644
---- a/src/import/vendor.conf
-+++ b/src/import/vendor.conf
-@@ -1,7 +1,7 @@
- # OCI runtime-spec. When updating this, make sure you use a version tag rather
- # than a commit ID so it's much more obvious what version of the spec we are
- # using.
--github.com/opencontainers/runtime-spec 239c4e44f2a612ed85f6db9c66247aa33f437e91
-+github.com/opencontainers/runtime-spec 198f23f827eea397d4331d7eb048d9d4c7ff7bee
- # Core libcontainer functionality.
- github.com/mrunalp/fileutils ed869b029674c0e9ce4c0dfa781405c2d9946d08
- github.com/opencontainers/selinux v1.0.0-rc1
-diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
-index 8bf8d924..68ab112e 100644
---- a/src/import/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
-+++ b/src/import/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
-@@ -6,8 +6,6 @@ import "os"
- type Spec struct {
- // Version of the Open Container Runtime Specification with which the bundle complies.
- Version string `json:"ociVersion"`
-- // Platform specifies the configuration's target platform.
-- Platform Platform `json:"platform"`
- // Process configures the container process.
- Process *Process `json:"process,omitempty"`
- // Root configures the container's root filesystem.
-@@ -101,15 +99,6 @@ type Root struct {
- Readonly bool `json:"readonly,omitempty"`
- }
-
--// Platform specifies OS and arch information for the host system that the container
--// is created for.
--type Platform struct {
-- // OS is the operating system.
-- OS string `json:"os"`
-- // Arch is the architecture
-- Arch string `json:"arch"`
--}
--
- // Mount specifies a mount for a container.
- type Mount struct {
- // Destination is the absolute path where the mount will be placed in the container.
-@@ -284,15 +273,15 @@ type LinuxBlockIO struct {
- // LinuxMemory for Linux cgroup 'memory' resource management
- type LinuxMemory struct {
- // Memory limit (in bytes).
-- Limit *uint64 `json:"limit,omitempty"`
-+ Limit *int64 `json:"limit,omitempty"`
- // Memory reservation or soft_limit (in bytes).
-- Reservation *uint64 `json:"reservation,omitempty"`
-+ Reservation *int64 `json:"reservation,omitempty"`
- // Total memory limit (memory + swap).
-- Swap *uint64 `json:"swap,omitempty"`
-+ Swap *int64 `json:"swap,omitempty"`
- // Kernel memory limit (in bytes).
-- Kernel *uint64 `json:"kernel,omitempty"`
-+ Kernel *int64 `json:"kernel,omitempty"`
- // Kernel memory limit for tcp (in bytes)
-- KernelTCP *uint64 `json:"kernelTCP,omitempty"`
-+ KernelTCP *int64 `json:"kernelTCP,omitempty"`
- // How aggressive the kernel will swap memory pages.
- Swappiness *uint64 `json:"swappiness,omitempty"`
- }
-@@ -486,7 +475,7 @@ type WindowsNetwork struct {
- EndpointList []string `json:"endpointList,omitempty"`
- // Specifies if unqualified DNS name resolution is allowed.
- AllowUnqualifiedDNSQuery bool `json:"allowUnqualifiedDNSQuery,omitempty"`
-- // Comma seperated list of DNS suffixes to use for name resolution.
-+ // Comma separated list of DNS suffixes to use for name resolution.
- DNSSearchList []string `json:"DNSSearchList,omitempty"`
- // Name (ID) of the container that we will share with the network stack.
- NetworkSharedContainerName string `json:"networkSharedContainerName,omitempty"`
---
-2.11.0
-
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch
deleted file mode 100644
index 8f5171a..0000000
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From 037c20b3b3ef5e9ead0282aa64f9b88c0c18934d Mon Sep 17 00:00:00 2001
-From: Paul Barker <pbarker@toganlabs.com>
-Date: Thu, 5 Oct 2017 13:14:40 +0000
-Subject: [PATCH] Use correct go cross-compiler
-
-We need to use '${GO}' as set by OpenEmbedded instead of just 'go'. Just using
-'go' will invoke go-native.
-
-Signed-off-by: Paul Barker <pbarker@toganlabs.com>
-Upstream-status: Inappropriate
----
- Makefile | 20 ++++++++++----------
- 1 file changed, 10 insertions(+), 10 deletions(-)
-
-diff --git a/Makefile b/Makefile
-index 8117892..0fcf508 100644
---- a/src/import/Makefile
-+++ b/src/import/Makefile
-@@ -27,18 +27,18 @@ SHELL := $(shell command -v bash 2>/dev/null)
- .DEFAULT: runc
-
- runc: $(SOURCES)
-- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc .
-+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc .
-
- all: runc recvtty
-
- recvtty: contrib/cmd/recvtty/recvtty
-
- contrib/cmd/recvtty/recvtty: $(SOURCES)
-- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
-+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
-
- static: $(SOURCES)
-- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
-- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
-+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
-+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
-
- release:
- @flag_list=(seccomp selinux apparmor static); \
-@@ -62,15 +62,15 @@ release:
- CGO_ENABLED=1; \
- }; \
- echo "Building target: $$output"; \
-- go build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \
-+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \
- done
-
- dbuild: runcimage
- docker run --rm -v $(CURDIR):/go/src/$(PROJECT) --privileged $(RUNC_IMAGE) make clean all
-
- lint:
-- go vet $(allpackages)
-- go fmt $(allpackages)
-+ $(GO) vet $(allpackages)
-+ $(GO) fmt $(allpackages)
-
- man:
- man/md2man-all.sh
-@@ -88,7 +88,7 @@ unittest: runcimage
- docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localunittest
-
- localunittest: all
-- go test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages)
-+ $(GO) test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages)
-
- integration: runcimage
- docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localintegration
-@@ -134,10 +134,10 @@ clean:
- validate:
- script/validate-gofmt
- script/validate-shfmt
-- go vet $(allpackages)
-+ $(GO) vet $(allpackages)
-
- ci: validate localtest
-
- # memoize allpackages, so that it's executed only once and only if used
--_allpackages = $(shell go list ./... | grep -v vendor)
-+_allpackages = $(shell $(GO) list ./... | grep -v vendor)
- allpackages = $(if $(__allpackages),,$(eval __allpackages := $$(_allpackages)))$(__allpackages)
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch
new file mode 100644
index 0000000..f885aaf
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch
@@ -0,0 +1,27 @@
+From a9a2b9e72027d0b2357f6dfe8b154762aaa8dd02 Mon Sep 17 00:00:00 2001
+From: Bruce Ashfield <bruce.ashfield@windriver.com>
+Date: Thu, 19 Apr 2018 16:39:41 -0400
+Subject: [PATCH] build: drop recvtty and use GOBUILDFLAGS
+
+Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
+---
+ Makefile | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/src/import/Makefile b/src/import/Makefile
+index c6de11d..0e9bddb 100644
+--- a/src/import/Makefile
++++ b/src/import/Makefile
+@@ -39,8 +39,7 @@ contrib/cmd/recvtty/recvtty: $(SOURCES)
+ $(GO) build -buildmode=pie $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
+
+ static: $(SOURCES)
+- CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo cgo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
+- CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo cgo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
++ CGO_ENABLED=1 $(GO) build -tags "$(BUILDTAGS) netgo cgo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" $(GOBUILDFLAGS) -o runc .
+
+ release:
+ script/release.sh -r release/$(VERSION) -v $(VERSION)
+--
+2.7.4
+
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch
new file mode 100644
index 0000000..9ccbccb
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch
@@ -0,0 +1,129 @@
+From cd7d76a6d1ecb1856f6ed666fb5c30dc105aa94e Mon Sep 17 00:00:00 2001
+From: Jason Wessel <jason.wessel@windriver.com>
+Date: Tue, 5 Dec 2017 18:28:28 -0800
+Subject: [PATCH] runc-docker: Allow "run start ..." to daemonize with $SIGUSR1_PARENT_PID
+
+The runc-docker has all the code in it to properly run a stop hook if
+you use it in the foreground. It doesn't work in the back ground
+because there is no way for a golang application to fork a child exit
+out of the parent process because all the golang threads stay with the
+parent.
+
+This patch has three parts that happen ONLY when $SIGUSR1_PARENT_PID
+is set.
+
+1) The code was copied which performs the normal the signal handling
+ block which is used for the foreground operation of runc.
+
+2) At the point where runc start would normally exit, it closes
+ stdin/stdout/stderr so it would be possible to daemonize "runc start ...".
+
+3) The code to send a SIGUSR1 to the parent process was added. The
+ idea being that a parent process would simply exit at that point
+ because it was blocking until runc performed everything it was
+ required to perform.
+
+Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
+---
+ signals.go | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++----
+ utils_linux.go | 2 +-
+ 2 files changed, 51 insertions(+), 5 deletions(-)
+
+Index: git/src/import/signals.go
+===================================================================
+--- git.orig/src/import/signals.go
++++ git/src/import/signals.go
+@@ -6,6 +6,7 @@
+ "os"
+ "os/signal"
+ "syscall" // only for Signal
++ "strconv"
+
+ "github.com/opencontainers/runc/libcontainer"
+ "github.com/opencontainers/runc/libcontainer/system"
+@@ -56,9 +57,6 @@
+ func (h *signalHandler) forward(process *libcontainer.Process, tty *tty, detach bool) (int, error) {
+ // make sure we know the pid of our main process so that we can return
+ // after it dies.
+- if detach && h.notifySocket == nil {
+- return 0, nil
+- }
+
+ pid1, err := process.Pid()
+ if err != nil {
+@@ -68,12 +66,61 @@
+ if h.notifySocket != nil {
+ if detach {
+ h.notifySocket.run(pid1)
+- return 0, nil
+ } else {
+ go h.notifySocket.run(0)
+ }
+ }
+
++ if (detach) {
++ // This allows the parent process to daemonize this process
++ // so long as stdin/stderr/stdout are closed
++ if envVal := os.Getenv("SIGUSR1_PARENT_PID"); envVal != "" {
++ // Close stdin/stdout/stderr
++ os.Stdin.Close()
++ os.Stdout.Close()
++ os.Stderr.Close()
++ // Notify parent to detach
++ i, err := strconv.Atoi(envVal)
++ if (err != nil) {
++ return 0, nil
++ }
++ unix.Kill(i, unix.SIGUSR1)
++ // Loop waiting on the child to signal or exit,
++ // after which all stop hooks will be run
++ for s := range h.signals {
++ switch s {
++ case unix.SIGCHLD:
++ exits, err := h.reap()
++ if err != nil {
++ logrus.Error(err)
++ }
++ for _, e := range exits {
++ logrus.WithFields(logrus.Fields{
++ "pid": e.pid,
++ "status": e.status,
++ }).Debug("process exited")
++ if e.pid == pid1 {
++ // call Wait() on the process even though we already have the exit
++ // status because we must ensure that any of the go specific process
++ // fun such as flushing pipes are complete before we return.
++ process.Wait()
++ if h.notifySocket != nil {
++ h.notifySocket.Close()
++ }
++ return e.status, nil
++ }
++ }
++ default:
++ logrus.Debugf("sending signal to process %s", s)
++ if err := unix.Kill(pid1, s.(syscall.Signal)); err != nil {
++ logrus.Error(err)
++ }
++ }
++ }
++ }
++ return 0, nil
++ }
++
+ // Perform the initial tty resize. Always ignore errors resizing because
+ // stdout might have disappeared (due to races with when SIGHUP is sent).
+ _ = tty.resize()
+Index: git/src/import/utils_linux.go
+===================================================================
+--- git.orig/src/import/utils_linux.go
++++ git/src/import/utils_linux.go
+@@ -338,7 +338,7 @@
+ if err != nil {
+ r.terminate(process)
+ }
+- if detach {
++ if (detach && os.Getenv("SIGUSR1_PARENT_PID") == "") {
+ return 0, nil
+ }
+ r.destroy()
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch
deleted file mode 100644
index 7970dec..0000000
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch
+++ /dev/null
@@ -1,75 +0,0 @@
-From e1146182a8cebb5a6133a9e298a5e4acf99652e9 Mon Sep 17 00:00:00 2001
-From: Justin Cormack <justin.cormack@docker.com>
-Date: Fri, 23 Jun 2017 17:16:08 -0700
-Subject: [PATCH 2/3] Remove Platform as no longer in OCI spec
-
-This was never used, just validated, so was removed from spec.
-
-Signed-off-by: Justin Cormack <justin.cormack@docker.com>
----
- libcontainer/specconv/example.go | 5 -----
- spec.go | 14 --------------
- 2 files changed, 19 deletions(-)
-
-diff --git a/libcontainer/specconv/example.go b/libcontainer/specconv/example.go
-index 33134116..d6621194 100644
---- a/src/import/libcontainer/specconv/example.go
-+++ b/src/import/libcontainer/specconv/example.go
-@@ -2,7 +2,6 @@ package specconv
-
- import (
- "os"
-- "runtime"
- "strings"
-
- "github.com/opencontainers/runtime-spec/specs-go"
-@@ -15,10 +14,6 @@ func sPtr(s string) *string { return &s }
- func Example() *specs.Spec {
- return &specs.Spec{
- Version: specs.Version,
-- Platform: specs.Platform{
-- OS: runtime.GOOS,
-- Arch: runtime.GOARCH,
-- },
- Root: specs.Root{
- Path: "rootfs",
- Readonly: true,
-diff --git a/spec.go b/spec.go
-index 92d38f57..876937d2 100644
---- a/src/import/spec.go
-+++ b/src/import/spec.go
-@@ -7,7 +7,6 @@ import (
- "fmt"
- "io/ioutil"
- "os"
-- "runtime"
-
- "github.com/opencontainers/runc/libcontainer/configs"
- "github.com/opencontainers/runc/libcontainer/specconv"
-@@ -131,9 +130,6 @@ func loadSpec(cPath string) (spec *specs.Spec, err error) {
- if err = json.NewDecoder(cf).Decode(&spec); err != nil {
- return nil, err
- }
-- if err = validatePlatform(&spec.Platform); err != nil {
-- return nil, err
-- }
- return spec, validateProcessSpec(spec.Process)
- }
-
-@@ -148,13 +144,3 @@ func createLibContainerRlimit(rlimit specs.LinuxRlimit) (configs.Rlimit, error)
- Soft: rlimit.Soft,
- }, nil
- }
--
--func validatePlatform(platform *specs.Platform) error {
-- if platform.OS != runtime.GOOS {
-- return fmt.Errorf("target os %s mismatch with current os %s", platform.OS, runtime.GOOS)
-- }
-- if platform.Arch != runtime.GOARCH {
-- return fmt.Errorf("target arch %s mismatch with current arch %s", platform.Arch, runtime.GOARCH)
-- }
-- return nil
--}
---
-2.11.0
-
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch
deleted file mode 100644
index 50a9b7f..0000000
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch
+++ /dev/null
@@ -1,194 +0,0 @@
-From 3d9074ead33a5c27dc20bb49457c69c6d2ae6b57 Mon Sep 17 00:00:00 2001
-From: Justin Cormack <justin.cormack@docker.com>
-Date: Fri, 23 Jun 2017 17:17:00 -0700
-Subject: [PATCH 3/3] Update memory specs to use int64 not uint64
-
-replace #1492 #1494
-fix #1422
-
-Since https://github.com/opencontainers/runtime-spec/pull/876 the memory
-specifications are now `int64`, as that better matches the visible interface where
-`-1` is a valid value. Otherwise finding the correct value was difficult as it
-was kernel dependent.
-
-Signed-off-by: Justin Cormack <justin.cormack@docker.com>
----
- libcontainer/cgroups/fs/memory.go | 36 +++++++++++++++++-------------------
- libcontainer/configs/cgroup_linux.go | 10 +++++-----
- update.go | 14 +++++++-------
- 3 files changed, 29 insertions(+), 31 deletions(-)
-
-diff --git a/libcontainer/cgroups/fs/memory.go b/libcontainer/cgroups/fs/memory.go
-index da2cc9f8..b739c631 100644
---- a/src/import/libcontainer/cgroups/fs/memory.go
-+++ b/src/import/libcontainer/cgroups/fs/memory.go
-@@ -73,14 +73,14 @@ func EnableKernelMemoryAccounting(path string) error {
- // until a limit is set on the cgroup and limit cannot be set once the
- // cgroup has children, or if there are already tasks in the cgroup.
- for _, i := range []int64{1, -1} {
-- if err := setKernelMemory(path, uint64(i)); err != nil {
-+ if err := setKernelMemory(path, i); err != nil {
- return err
- }
- }
- return nil
- }
-
--func setKernelMemory(path string, kernelMemoryLimit uint64) error {
-+func setKernelMemory(path string, kernelMemoryLimit int64) error {
- if path == "" {
- return fmt.Errorf("no such directory for %s", cgroupKernelMemoryLimit)
- }
-@@ -88,7 +88,7 @@ func setKernelMemory(path string, kernelMemoryLimit uint64) error {
- // kernel memory is not enabled on the system so we should do nothing
- return nil
- }
-- if err := ioutil.WriteFile(filepath.Join(path, cgroupKernelMemoryLimit), []byte(strconv.FormatUint(kernelMemoryLimit, 10)), 0700); err != nil {
-+ if err := ioutil.WriteFile(filepath.Join(path, cgroupKernelMemoryLimit), []byte(strconv.FormatInt(kernelMemoryLimit, 10)), 0700); err != nil {
- // Check if the error number returned by the syscall is "EBUSY"
- // The EBUSY signal is returned on attempts to write to the
- // memory.kmem.limit_in_bytes file if the cgroup has children or
-@@ -106,14 +106,12 @@ func setKernelMemory(path string, kernelMemoryLimit uint64) error {
- }
-
- func setMemoryAndSwap(path string, cgroup *configs.Cgroup) error {
-- ulimited := -1
--
-- // If the memory update is set to uint64(-1) we should also
-- // set swap to uint64(-1), it means unlimited memory.
-- if cgroup.Resources.Memory == uint64(ulimited) {
-- // Only set swap if it's enbled in kernel
-+ // If the memory update is set to -1 we should also
-+ // set swap to -1, it means unlimited memory.
-+ if cgroup.Resources.Memory == -1 {
-+ // Only set swap if it's enabled in kernel
- if cgroups.PathExists(filepath.Join(path, cgroupMemorySwapLimit)) {
-- cgroup.Resources.MemorySwap = uint64(ulimited)
-+ cgroup.Resources.MemorySwap = -1
- }
- }
-
-@@ -128,29 +126,29 @@ func setMemoryAndSwap(path string, cgroup *configs.Cgroup) error {
- // When update memory limit, we should adapt the write sequence
- // for memory and swap memory, so it won't fail because the new
- // value and the old value don't fit kernel's validation.
-- if cgroup.Resources.MemorySwap == uint64(ulimited) || memoryUsage.Limit < cgroup.Resources.MemorySwap {
-- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil {
-+ if cgroup.Resources.MemorySwap == -1 || memoryUsage.Limit < uint64(cgroup.Resources.MemorySwap) {
-+ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil {
- return err
- }
-- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil {
-+ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil {
- return err
- }
- } else {
-- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil {
-+ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil {
- return err
- }
-- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil {
-+ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil {
- return err
- }
- }
- } else {
- if cgroup.Resources.Memory != 0 {
-- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil {
-+ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil {
- return err
- }
- }
- if cgroup.Resources.MemorySwap != 0 {
-- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil {
-+ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil {
- return err
- }
- }
-@@ -171,13 +169,13 @@ func (s *MemoryGroup) Set(path string, cgroup *configs.Cgroup) error {
- }
-
- if cgroup.Resources.MemoryReservation != 0 {
-- if err := writeFile(path, "memory.soft_limit_in_bytes", strconv.FormatUint(cgroup.Resources.MemoryReservation, 10)); err != nil {
-+ if err := writeFile(path, "memory.soft_limit_in_bytes", strconv.FormatInt(cgroup.Resources.MemoryReservation, 10)); err != nil {
- return err
- }
- }
-
- if cgroup.Resources.KernelMemoryTCP != 0 {
-- if err := writeFile(path, "memory.kmem.tcp.limit_in_bytes", strconv.FormatUint(cgroup.Resources.KernelMemoryTCP, 10)); err != nil {
-+ if err := writeFile(path, "memory.kmem.tcp.limit_in_bytes", strconv.FormatInt(cgroup.Resources.KernelMemoryTCP, 10)); err != nil {
- return err
- }
- }
-diff --git a/libcontainer/configs/cgroup_linux.go b/libcontainer/configs/cgroup_linux.go
-index 3e0509de..e15a662f 100644
---- a/src/import/libcontainer/configs/cgroup_linux.go
-+++ b/src/import/libcontainer/configs/cgroup_linux.go
-@@ -43,19 +43,19 @@ type Resources struct {
- Devices []*Device `json:"devices"`
-
- // Memory limit (in bytes)
-- Memory uint64 `json:"memory"`
-+ Memory int64 `json:"memory"`
-
- // Memory reservation or soft_limit (in bytes)
-- MemoryReservation uint64 `json:"memory_reservation"`
-+ MemoryReservation int64 `json:"memory_reservation"`
-
- // Total memory usage (memory + swap); set `-1` to enable unlimited swap
-- MemorySwap uint64 `json:"memory_swap"`
-+ MemorySwap int64 `json:"memory_swap"`
-
- // Kernel memory limit (in bytes)
-- KernelMemory uint64 `json:"kernel_memory"`
-+ KernelMemory int64 `json:"kernel_memory"`
-
- // Kernel memory limit for TCP use (in bytes)
-- KernelMemoryTCP uint64 `json:"kernel_memory_tcp"`
-+ KernelMemoryTCP int64 `json:"kernel_memory_tcp"`
-
- // CPU shares (relative weight vs. other containers)
- CpuShares uint64 `json:"cpu_shares"`
-diff --git a/update.go b/update.go
-index 0ea90d60..133be999 100644
---- a/src/import/update.go
-+++ b/src/import/update.go
-@@ -124,11 +124,11 @@ other options are ignored.
-
- r := specs.LinuxResources{
- Memory: &specs.LinuxMemory{
-- Limit: u64Ptr(0),
-- Reservation: u64Ptr(0),
-- Swap: u64Ptr(0),
-- Kernel: u64Ptr(0),
-- KernelTCP: u64Ptr(0),
-+ Limit: i64Ptr(0),
-+ Reservation: i64Ptr(0),
-+ Swap: i64Ptr(0),
-+ Kernel: i64Ptr(0),
-+ KernelTCP: i64Ptr(0),
- },
- CPU: &specs.LinuxCPU{
- Shares: u64Ptr(0),
-@@ -213,7 +213,7 @@ other options are ignored.
- }
- for _, pair := range []struct {
- opt string
-- dest *uint64
-+ dest *int64
- }{
- {"memory", r.Memory.Limit},
- {"memory-swap", r.Memory.Swap},
-@@ -232,7 +232,7 @@ other options are ignored.
- } else {
- v = -1
- }
-- *pair.dest = uint64(v)
-+ *pair.dest = v
- }
- }
- r.Pids.Limit = int64(context.Int("pids-limit"))
---
-2.11.0
-
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb
index 9db48ee..81e5a5d 100644
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb
@@ -2,14 +2,11 @@
# Note: this rev is before the required protocol field, update when all components
# have been updated to match.
-SRCREV_runc-docker = "9d6821d1b53908e249487741eccd567249ca1d99"
-SRC_URI = "git://github.com/docker/runc.git;nobranch=1;name=runc-docker \
- file://0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch \
- file://0002-Remove-Platform-as-no-longer-in-OCI-spec.patch \
- file://0003-Update-memory-specs-to-use-int64-not-uint64.patch \
+SRCREV_runc-docker = "4fc53a81fb7c994640722ac585fa9ca548971871"
+SRC_URI = "git://github.com/opencontainers/runc;nobranch=1;name=runc-docker \
file://0001-runc-Add-console-socket-dev-null.patch \
- file://0001-Use-correct-go-cross-compiler.patch \
- file://0001-Disable-building-recvtty.patch \
+ file://0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch \
+ file://0001-runc-docker-SIGUSR1-daemonize.patch \
"
-RUNC_VERSION = "1.0.0-rc3"
+RUNC_VERSION = "1.0.0-rc5"
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers/0001-Use-correct-go-cross-compiler.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers/0001-Use-correct-go-cross-compiler.patch
deleted file mode 100644
index 67d7014..0000000
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers/0001-Use-correct-go-cross-compiler.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From 621e5e9a196daaaf5eb430a413fe51218cf42c89 Mon Sep 17 00:00:00 2001
-From: Paul Barker <pbarker@toganlabs.com>
-Date: Wed, 4 Oct 2017 15:45:27 +0000
-Subject: [PATCH] Use correct go cross-compiler
-
-We need to use '${GO}' as set by OpenEmbedded instead of just 'go'. Just using
-'go' will invoke go-native.
-
-Signed-off-by: Paul Barker <pbarker@toganlabs.com>
-Upstream-status: Inappropriate
----
- Makefile | 20 ++++++++++----------
- 1 file changed, 10 insertions(+), 10 deletions(-)
-
-diff --git a/Makefile b/Makefile
-index 6781ac7..74e551d 100644
---- a/src/import/Makefile
-+++ b/src/import/Makefile
-@@ -27,18 +27,18 @@ SHELL := $(shell command -v bash 2>/dev/null)
- .DEFAULT: runc
-
- runc: $(SOURCES)
-- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc .
-+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc .
-
- all: runc recvtty
-
- recvtty: contrib/cmd/recvtty/recvtty
-
- contrib/cmd/recvtty/recvtty: $(SOURCES)
-- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
-+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
-
- static: $(SOURCES)
-- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
-- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
-+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
-+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
-
- release:
- @flag_list=(seccomp selinux apparmor static); \
-@@ -62,15 +62,15 @@ release:
- CGO_ENABLED=1; \
- }; \
- echo "Building target: $$output"; \
-- go build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \
-+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \
- done
-
- dbuild: runcimage
- docker run --rm -v $(CURDIR):/go/src/$(PROJECT) --privileged $(RUNC_IMAGE) make clean all
-
- lint:
-- go vet $(allpackages)
-- go fmt $(allpackages)
-+ $(GO) vet $(allpackages)
-+ $(GO) fmt $(allpackages)
-
- man:
- man/md2man-all.sh
-@@ -88,7 +88,7 @@ unittest: runcimage
- docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localunittest
-
- localunittest: all
-- go test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages)
-+ $(GO) test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages)
-
- integration: runcimage
- docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localintegration
-@@ -133,10 +133,10 @@ clean:
-
- validate:
- script/validate-gofmt
-- go vet $(allpackages)
-+ $(GO) vet $(allpackages)
-
- ci: validate localtest
-
- # memoize allpackages, so that it's executed only once and only if used
--_allpackages = $(shell go list ./... | grep -v vendor)
-+_allpackages = $(shell $(GO) list ./... | grep -v vendor)
- allpackages = $(if $(__allpackages),,$(eval __allpackages := $$(_allpackages)))$(__allpackages)
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb b/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb
index a97676b..ed48abf 100644
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb
@@ -1,8 +1,7 @@
include runc.inc
-SRCREV = "2e7cfe036e2c6dc51ccca6eb7fa3ee6b63976dcd"
+SRCREV = "58415b4b12650291f435db8770cea48207b78afe"
SRC_URI = " \
git://github.com/opencontainers/runc;branch=master \
- file://0001-Use-correct-go-cross-compiler.patch \
"
-RUNC_VERSION = "1.0.0-rc4"
+RUNC_VERSION = "1.0.0-rc5"
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc.inc b/import-layers/meta-virtualization/recipes-containers/runc/runc.inc
index 0179103..9199cef 100644
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc.inc
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc.inc
@@ -11,6 +11,8 @@
PV = "${RUNC_VERSION}+git${SRCPV}"
inherit go
+inherit goarch
+
RRECOMMENDS_${PN} = "lxc docker"
PROVIDES += "virtual/runc"
RPROVIDES_${PN} = "virtual/runc"
@@ -20,7 +22,7 @@
LIBCONTAINER_PACKAGE="github.com/opencontainers/runc/libcontainer"
do_configure[noexec] = "1"
-EXTRA_OEMAKE="BUILDTAGS=''"
+EXTRA_OEMAKE="BUILDTAGS='' GO=${GO}"
do_compile() {
# Set GOPATH. See 'PACKAGERS.md'. Don't rely on
@@ -44,10 +46,12 @@
export CGO_ENABLED="1"
export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ export GO=${GO}
+
export CFLAGS=""
export LDFLAGS=""
- oe_runmake static
+ oe_runmake static
}
do_install() {
diff --git a/import-layers/meta-virtualization/recipes-core/busybox/busybox_%.bbappend b/import-layers/meta-virtualization/recipes-core/busybox/busybox_%.bbappend
index 8369a03..617cacc 100644
--- a/import-layers/meta-virtualization/recipes-core/busybox/busybox_%.bbappend
+++ b/import-layers/meta-virtualization/recipes-core/busybox/busybox_%.bbappend
@@ -1,10 +1 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-SRC_URI += " \
- file://lspci.cfg \
- file://lsusb.cfg \
- file://mdev.cfg \
- file://mount-cifs.cfg \
- file://ps-extras.cfg \
- file://getopt.cfg \
- "
+require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', '${BPN}_virtualization.inc', '', d)}
diff --git a/import-layers/meta-virtualization/recipes-core/busybox/busybox_virtualization.inc b/import-layers/meta-virtualization/recipes-core/busybox/busybox_virtualization.inc
new file mode 100644
index 0000000..d9c4e67
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-core/busybox/busybox_virtualization.inc
@@ -0,0 +1,10 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/busybox:"
+
+SRC_URI += " \
+ file://lspci.cfg \
+ file://lsusb.cfg \
+ file://mdev.cfg \
+ file://mount-cifs.cfg \
+ file://ps-extras.cfg \
+ file://getopt.cfg \
+ "
diff --git a/import-layers/meta-virtualization/recipes-core/runv/runv_git.bb b/import-layers/meta-virtualization/recipes-core/runv/runv_git.bb
index 5125d90..0301dd2 100644
--- a/import-layers/meta-virtualization/recipes-core/runv/runv_git.bb
+++ b/import-layers/meta-virtualization/recipes-core/runv/runv_git.bb
@@ -22,7 +22,7 @@
PACKAGECONFIG[xen] = "--with-xen,--without-xen,"
AUTOTOOLS_SCRIPT_PATH = "${S}/src/import/"
-RDEPENDS_${PN} += " qemu"
+RDEPENDS_${PN} += " qemu hyperstart"
do_compile() {
export GOARCH="${TARGET_GOARCH}"
diff --git a/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend b/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend
index 1b89aec..8c08832 100644
--- a/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend
+++ b/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_2.%.bbappend
@@ -1,6 +1 @@
-do_install_append() {
- if echo "${DISTRO_FEATURES}" | grep -q 'xen'; then
- echo "" >> ${D}${sysconfdir}/inittab
- echo "X0:12345:respawn:/sbin/getty 115200 hvc0" >> ${D}${sysconfdir}/inittab
- fi
-}
+require ${@bb.utils.contains('DISTRO_FEATURES', 'xen', 'sysvinit-inittab_xen.inc', '', d)}
diff --git a/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_xen.inc b/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_xen.inc
new file mode 100644
index 0000000..9d0589c
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-core/sysvinit/sysvinit-inittab_xen.inc
@@ -0,0 +1,4 @@
+do_install_append() {
+ echo "" >> ${D}${sysconfdir}/inittab
+ echo "X0:12345:respawn:/sbin/getty 115200 hvc0" >> ${D}${sysconfdir}/inittab
+}
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb
index 24e19b5..8abb9c0 100644
--- a/import-layers/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python-blinker_1.3.bb
@@ -18,5 +18,7 @@
S = "${WORKDIR}/${SRCNAME}-${PV}"
+DEFAULT_PREFERENCE = "-1"
+
inherit setuptools
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb
index 5a97c8c..8cd1388 100644
--- a/import-layers/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python-gevent_1.0.1.bb
@@ -26,3 +26,5 @@
do_configure_append() {
sed -i -e 's/^cross_compiling=no/cross_compiling=yes/' ${S}/libev/configure
}
+
+DEFAULT_PREFERENCE = "-1"
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb
index 2c2625d..e151dcc 100644
--- a/import-layers/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python-m2crypto_0.22.3.bb
@@ -22,6 +22,8 @@
SRC_URI[md5sum] = "573f21aaac7d5c9549798e72ffcefedd"
SRC_URI[sha256sum] = "6071bfc817d94723e9b458a010d565365104f84aa73f7fe11919871f7562ff72"
+DEFAULT_PREFERENCE = "-1"
+
inherit setuptools pypi
DEPENDS += "openssl swig-native"
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb
index cb1db8c..ecb1719 100644
--- a/import-layers/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python-pyyaml_3.11.bb
@@ -25,6 +25,8 @@
S = "${WORKDIR}/${SRCNAME}-${PV}"
+DEFAULT_PREFERENCE = "-1"
+
inherit setuptools
DEPENDS += "libyaml python-cython-native"
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb
index 9eda8a5..2ef2b6b 100644
--- a/import-layers/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python-redis_2.10.3.bb
@@ -15,6 +15,8 @@
S = "${WORKDIR}/${SRCNAME}-${PV}"
+DEFAULT_PREFERENCE = "-1"
+
inherit setuptools
RDEPENDS_${PN} = "redis"
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb
index 63caeb4..f22d272 100644
--- a/import-layers/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python-sqlalchemy_1.1.5.bb
@@ -13,4 +13,6 @@
S = "${WORKDIR}/${SRCNAME}-${PV}"
+DEFAULT_PREFERENCE = "-1"
+
inherit setuptools
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-twisted.inc b/import-layers/meta-virtualization/recipes-devtools/python/python-twisted.inc
deleted file mode 100644
index d734e03..0000000
--- a/import-layers/meta-virtualization/recipes-devtools/python/python-twisted.inc
+++ /dev/null
@@ -1,244 +0,0 @@
-DESCRIPTION = "Twisted is an event-driven networking framework written in Python and licensed under the LGPL. \
-Twisted supports TCP, UDP, SSL/TLS, multicast, Unix sockets, a large number of protocols \
-(including HTTP, NNTP, IMAP, SSH, IRC, FTP, and others), and much more."
-HOMEPAGE = "http://www.twistedmatrix.com"
-
-#twisted/topfiles/NEWS:655: - Relicensed: Now under the MIT license, rather than LGPL.
-LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=5602d7228daf59a16f0f1b2640c46bca"
-
-SRC_URI[md5sum] = "83fe6c0c911cc1602dbffb036be0ba79"
-SRC_URI[sha256sum] = "095175638c019ac7c0604f4c291724a16ff1acd062e181b01293bf4dcbc62cf3"
-
-PYPI_PACKAGE = "Twisted"
-PYPI_PACKAGE_EXT = "tar.bz2"
-
-do_install_append() {
- # remove some useless files before packaging
- find ${D} \( -name "*.bat" -o -name "*.c" -o -name "*.h" \) -exec rm -f {} \;
-}
-
-PACKAGES += "\
- ${PN}-zsh \
- ${PN}-test \
- ${PN}-protocols \
- ${PN}-conch \
- ${PN}-lore \
- ${PN}-mail \
- ${PN}-names \
- ${PN}-news \
- ${PN}-runner \
- ${PN}-web \
- ${PN}-words \
- ${PN}-flow \
- ${PN}-pair \
- ${PN}-core \
-"
-
-PACKAGES =+ "\
- ${PN}-src \
- ${PN}-bin \
-"
-
-RDEPENDS_${PN} = "\
- ${PN}-bin \
- ${PN}-conch \
- ${PN}-lore \
- ${PN}-mail \
- ${PN}-names \
- ${PN}-news \
- ${PN}-runner \
- ${PN}-web \
- ${PN}-words \
-"
-
-RDEPENDS_${PN}-core = "python-core python-zopeinterface python-contextlib"
-RDEPENDS_${PN}-test = "${PN}"
-RDEPENDS_${PN}-conch = "${PN}-core ${PN}-protocols"
-RDEPENDS_${PN}-lore = "${PN}-core"
-RDEPENDS_${PN}-mail = "${PN}-core ${PN}-protocols"
-RDEPENDS_${PN}-names = "${PN}-core"
-RDEPENDS_${PN}-news = "${PN}-core ${PN}-protocols"
-RDEPENDS_${PN}-runner = "${PN}-core ${PN}-protocols"
-RDEPENDS_${PN}-web += "${PN}-core ${PN}-protocols"
-RDEPENDS_${PN}-words += "${PN}-core"
-RDEPENDS_${PN}-flow += "${PN}-core"
-RDEPENDS_${PN}-pair += "${PN}-core"
-RDEPENDS_${PN}-dbg = "${PN}"
-
-ALLOW_EMPTY_${PN} = "1"
-FILES_${PN} = ""
-
-FILES_${PN}-test = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/test \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/*/test \
-"
-
-FILES_${PN}-protocols = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/protocols/*.py* \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/protocols/gps/ \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/protocols/mice/ \
-"
-
-FILES_${PN}-zsh = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/python/zsh \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/python/zshcomp.* \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/python/twisted-completion.zsh \
-"
-
-FILES_${PN}-conch = " \
- ${bindir}/ckeygen \
- ${bindir}/tkconch \
- ${bindir}/conch \
- ${bindir}/conchftp \
- ${bindir}/cftp \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_conch.py* \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/conch \
-"
-
-FILES_${PN}-core = " \
-${bindir}/manhole \
-${bindir}/mktap \
-${bindir}/twistd \
-${bindir}/tap2deb \
-${bindir}/tap2rpm \
-${bindir}/tapconvert \
-${bindir}/tkmktap \
-${bindir}/trial \
-${bindir}/easy_install* \
-${bindir}/pyhtmlizer \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/*.so \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/*.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__init__.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/notestplugin.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/testplugin.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_ftp.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_inet.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_manhole.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_portforward.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_socks.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_telnet.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_trial.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/dropin.cache \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/application \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/cred \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/enterprise \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/internet \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/manhole \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/manhole \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/persisted \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/protocols\
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python\
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/timeoutqueue.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/filepath.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/dxprofile.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/plugin.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/htmlizer.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/__init__.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/dispatch.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/hook.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/threadpool.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/otp.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/usage.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/roots.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/versions.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/urlpath.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/util.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/components.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/logfile.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/runtime.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/reflect.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/context.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/threadable.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/rebuild.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/failure.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/lockfile.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/formmethod.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/finalize.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/win32.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/dist.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/shortcut.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/zipstream.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/release.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/syslog.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/log.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/compat.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/zshcomp.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/procutils.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/text.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/_twisted_zsh_stub \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/scripts/ \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/spread/ \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/tap/ \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/trial/ \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/__init__.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/_version.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/copyright.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/im.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/*.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/python/*.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/*.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/topfiles \
-${libdir}/${PYTHON_DIR}/site-packages/Twisted*egg-info \
-"
-
-FILES_${PN}-lore = " \
-${bindir}/bookify \
-${bindir}/lore \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_lore.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/lore \
-"
-
-FILES_${PN}-mail = " \
-${bindir}/mailmail \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_mail.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/mail \
-"
-
-FILES_${PN}-names = " \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_names.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/names \
-"
-
-FILES_${PN}-news = " \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_news.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/news \
-"
-
-FILES_${PN}-runner = " \
-${libdir}/site-packages/twisted/runner/portmap.so \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/runner\
-"
-
-FILES_${PN}-web = " \
-${bindir}/websetroot \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_web.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/web\
-"
-
-FILES_${PN}-words = " \
-${bindir}/im \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_words.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/words\
-"
-
-FILES_${PN}-flow = " \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_flow.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/flow \"
-
-FILES_${PN}-pair = " \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/twisted_pair.py* \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/pair \
-"
-
-FILES_${PN}-dbg += " \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/*/.debug \
-${libdir}/${PYTHON_DIR}/site-packages/twisted/*/*/.debug \
-"
-
-RDEPENDS_{PN}-src = "${PN}"
-FILES_${PN}-src = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/*.py \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/*/*.py \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/*/*/*.py \
-"
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.6.0.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.6.0.bb
deleted file mode 100644
index 71c74ff..0000000
--- a/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.6.0.bb
+++ /dev/null
@@ -1,23 +0,0 @@
-DESCRIPTION = "WSGI request and response object"
-HOMEPAGE = "http://webob.org/"
-SECTION = "devel/python"
-LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://docs/license.txt;md5=8ed3584bcc78c16da363747ccabc5af5"
-
-PR = "r0"
-SRCNAME = "WebOb"
-
-SRC_URI = "http://pypi.python.org/packages/source/W/${SRCNAME}/${SRCNAME}-${PV}.tar.gz"
-
-SRC_URI[md5sum] = "089d7fc6745f175737800237c7287802"
-SRC_URI[sha256sum] = "63d262d8f61b516321f786879c9277fa2209f7f57eb47b537eeecfea383d55b7"
-
-S = "${WORKDIR}/${SRCNAME}-${PV}"
-
-inherit setuptools
-
-RDEPENDS_${PN} += " \
- python-sphinx \
- python-nose \
- "
-
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.7.3.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.7.3.bb
new file mode 100644
index 0000000..a2448be
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python-webob_1.7.3.bb
@@ -0,0 +1,18 @@
+DESCRIPTION = "WSGI request and response object"
+HOMEPAGE = "http://webob.org/"
+SECTION = "devel/python"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://docs/license.txt;md5=8ed3584bcc78c16da363747ccabc5af5"
+
+PYPI_PACKAGE = "WebOb"
+
+SRC_URI[md5sum] = "350028baffc508e3d23c078118e35316"
+SRC_URI[sha256sum] = "e65ca14b9f5ae5b031988ffc93f8b7f305ddfcf17a4c774ae0db47bcb3b87283"
+
+inherit setuptools pypi
+
+RDEPENDS_${PN} += " \
+ python-sphinx \
+ python-nose \
+ "
+
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client.inc b/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client.inc
new file mode 100644
index 0000000..31778c6
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client.inc
@@ -0,0 +1,11 @@
+SUMMARY = "WebSocket client for python. hybi13 is supported."
+HOMEPAGE = "https://github.com/websocket-client/websocket-client.git"
+LICENSE = "LGPL-3.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=18b09a20dd186af4fd60f1a08311628c"
+
+inherit pypi
+
+PYPI_PACKAGE = "websocket_client"
+
+SRC_URI[md5sum] = "73d87aa16a2212da448b30aca9c5bf3b"
+SRC_URI[sha256sum] = "15f585566e2ea7459136a632b9785aa081093064391878a448c382415e948d72"
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client_0.44.0.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client_0.44.0.bb
new file mode 100644
index 0000000..11eeb04
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python-websocket-client_0.44.0.bb
@@ -0,0 +1,2 @@
+require python-websocket-client.inc
+inherit setuptools
\ No newline at end of file
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb b/import-layers/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb
index 763e5b9..5f3e01f 100644
--- a/import-layers/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python-werkzeug_0.10.4.bb
@@ -14,6 +14,8 @@
S = "${WORKDIR}/${SRCNAME}-${PV}"
+DEFAULT_PREFERENCE = "-1"
+
inherit setuptools
RDEPENDS_${PN} += "python-io \
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python3-dockerpty_0.4.1.bb b/import-layers/meta-virtualization/recipes-devtools/python/python3-dockerpty_0.4.1.bb
index a40f2a3..31a864a 100644
--- a/import-layers/meta-virtualization/recipes-devtools/python/python3-dockerpty_0.4.1.bb
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python3-dockerpty_0.4.1.bb
@@ -1,7 +1,7 @@
SUMMARY = "Python library to use the pseudo-tty of a docker container"
HOMEPAGE = "https://github.com/d11wtq/dockerpty"
LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=afaf767baa20ac524dc12f1071ca493a"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57"
inherit pypi setuptools3
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python3-twisted_13.2.0.bb b/import-layers/meta-virtualization/recipes-devtools/python/python3-twisted_13.2.0.bb
deleted file mode 100644
index 98016cc..0000000
--- a/import-layers/meta-virtualization/recipes-devtools/python/python3-twisted_13.2.0.bb
+++ /dev/null
@@ -1,67 +0,0 @@
-inherit pypi setuptools3
-require python-twisted.inc
-
-RDEPENDS_${PN}-core = "python3-core python3-zopeinterface python3-lang"
-
-FILES_${PN}-core_append += " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/__pycache__ \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/python/__pycache__/*pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/__init__*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/notestplugin*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/testplugin*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_ftp*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_inet*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_manhole*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_portforward*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_socks*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_telnet*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_trial*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_core*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_qtstub*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_reactors*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/cred*.pyc \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/dropin*.cache \
-"
-
-FILES_${PN}-names_append = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_names*.pyc \
-"
-
-FILES_${PN}-news_append = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_news*.pyc \
-"
-
-FILES_${PN}-protocols_append += " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/protocols/__pycache__/*pyc \
-"
-
-FILES_${PN}-conch_append = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_conch*.pyc \
-"
-
-FILES_${PN}-lore_append = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_lore*.pyc \
-"
-FILES_${PN}-mail_append = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_mail*.pyc \
-"
-
-FILES_${PN}-web_append = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_web*.pyc \
-"
-
-FILES_${PN}-words_append = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_words*.pyc \
-"
-
-FILES_${PN}-flow_append = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_flow*.pyc \
-"
-
-FILES_${PN}-pair_append = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_pair*.pyc \
-"
-
-FILES_${PN}-runner_append = " \
- ${libdir}/${PYTHON_DIR}/site-packages/twisted/plugins/__pycache__/twisted_runner*.pyc \
-"
diff --git a/import-layers/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.44.0.bb b/import-layers/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.44.0.bb
index 8dfc95f..473e31f 100644
--- a/import-layers/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.44.0.bb
+++ b/import-layers/meta-virtualization/recipes-devtools/python/python3-websocket-client_0.44.0.bb
@@ -1,11 +1,2 @@
-SUMMARY = "WebSocket client for python. hybi13 is supported."
-HOMEPAGE = "https://github.com/websocket-client/websocket-client.git"
-LICENSE = "LGPL-3.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=18b09a20dd186af4fd60f1a08311628c"
-
-inherit pypi setuptools3
-
-PYPI_PACKAGE = "websocket_client"
-
-SRC_URI[md5sum] = "73d87aa16a2212da448b30aca9c5bf3b"
-SRC_URI[sha256sum] = "15f585566e2ea7459136a632b9785aa081093064391878a448c382415e948d72"
+require python-websocket-client.inc
+inherit setuptools3
\ No newline at end of file
diff --git a/import-layers/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb b/import-layers/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb
new file mode 100644
index 0000000..0297477
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/hyperstart/hyperstart_git.bb
@@ -0,0 +1,25 @@
+SUMMARY = "The tiny Init service for HyperContainer"
+DESCRIPTION = "The init Task for HyperContainer"
+
+LICENSE = "Apache-2"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=fa818a259cbed7ce8bc2a22d35a464fc"
+
+inherit autotools-brokensep
+
+SRC_URI = "git://github.com/hyperhq/hyperstart.git"
+
+SRCREV = "ad48a3230836f59ada163659cde151a37522068b"
+PV = "v0.2+git${SRCREV}"
+
+S = "${WORKDIR}/git"
+
+CACHED_CONFIGUREVARS = "ac_cv_file__usr_include_linux_vm_sockets_h=true"
+
+do_install() {
+ install -d ${D}/var/lib/hyper/
+
+ install -m644 ${S}/build/hyper-initrd.img ${D}/var/lib/hyper/
+ install -m644 ${S}/build/arch/x86_64/kernel ${D}/var/lib/hyper/
+}
+
+FILES_${PN} += "/var/lib/hyper"
diff --git a/import-layers/meta-virtualization/recipes-extended/images/kvm-image-minimal.bb b/import-layers/meta-virtualization/recipes-extended/images/kvm-image-minimal.bb
index c96edca..b28cc30 100644
--- a/import-layers/meta-virtualization/recipes-extended/images/kvm-image-minimal.bb
+++ b/import-layers/meta-virtualization/recipes-extended/images/kvm-image-minimal.bb
@@ -2,7 +2,6 @@
IMAGE_INSTALL = " \
packagegroup-core-boot \
- ${ROOTFS_PKGMANAGE_BOOTSTRAP} \
qemu \
libvirt \
libvirt-libvirtd \
diff --git a/import-layers/meta-virtualization/recipes-extended/iptables/iptables-meta-virtualization.inc b/import-layers/meta-virtualization/recipes-extended/iptables/iptables-meta-virtualization.inc
new file mode 100644
index 0000000..8fd521c
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/iptables/iptables-meta-virtualization.inc
@@ -0,0 +1,19 @@
+RRECOMMENDS_${PN} += "kernel-module-ip6-tables \
+ kernel-module-ip-tables \
+ kernel-module-ip6table-filter \
+ kernel-module-iptable-filter \
+ kernel-module-ip6table-raw \
+ kernel-module-iptable-raw \
+ kernel-module-ip6table-nat \
+ kernel-module-iptable-nat \
+ kernel-module-ip6table-mangle \
+ kernel-module-iptable-magle \
+ kernel-module-ip6table-security \
+ kernel-module-iptable-security \
+ kernel-module-ipt-reject \
+ kernel-module-iptable-mangle \
+ kernel-module-xt-checksum \
+ kernel-module-xt-conntrack \
+ kernel-module-xt-state \
+ kernel-module-xt-tcpudp \
+ "
diff --git a/import-layers/meta-virtualization/recipes-extended/iptables/iptables_1.%.bbappend b/import-layers/meta-virtualization/recipes-extended/iptables/iptables_1.%.bbappend
index 52a4c4f..9a15e60 100644
--- a/import-layers/meta-virtualization/recipes-extended/iptables/iptables_1.%.bbappend
+++ b/import-layers/meta-virtualization/recipes-extended/iptables/iptables_1.%.bbappend
@@ -1,8 +1 @@
-RRECOMMENDS_${PN} += "kernel-module-ip6-tables \
- kernel-module-ip6table-filter \
- kernel-module-xt-tcpudp \
- kernel-module-ipt-reject \
- kernel-module-iptable-mangle \
- kernel-module-xt-checksum \
- kernel-module-xt-state \
- "
+require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', '${BPN}-meta-virtualization.inc', '', d)}
diff --git a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/add-initscript.patch b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/add-initscript.patch
index 46a75a8..b0e608e 100644
--- a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/add-initscript.patch
+++ b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/add-initscript.patch
@@ -1,14 +1,23 @@
-irqbalance: add basic init script
+From 80c45eecc193c6c13430ddeb40b9b0fd1841ceee Mon Sep 17 00:00:00 2001
+From: Mark Asselstine <mark.asselstine@windriver.com>
+Date: Thu, 14 Mar 2013 23:31:38 -0700
+Subject: [PATCH] irqbalance: add basic init script
The upstream irqbalance release package does not contain an
init script so we create a basic one here.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
+
---
-Index: irqbalance-0.56/irqbalance.init
-===================================================================
+ irqbalance.init | 35 +++++++++++++++++++++++++++++++++++
+ 1 file changed, 35 insertions(+)
+ create mode 100644 irqbalance.init
+
+diff --git a/irqbalance.init b/irqbalance.init
+new file mode 100644
+index 0000000..d12d62c
--- /dev/null
-+++ irqbalance-0.56/irqbalance.init
++++ b/irqbalance.init
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
diff --git a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch
index 5be5243..fb22d7a 100644
--- a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch
+++ b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/fix-configure-libcap-ng.patch
@@ -1,17 +1,22 @@
+From 20a1b2ff2e6d80924824983c363c80f66e05c0d0 Mon Sep 17 00:00:00 2001
+From: Ming Liu <ming.liu@windriver.com>
+Date: Sun, 6 Sep 2015 14:43:24 +0800
Subject: [PATCH] grasp withval for libcap-ng
Upstream-Status: Pending
Signed-off-by: Ming Liu <ming.liu@windriver.com>
+
---
- configure.ac | 5 ++++-
+ configure.ac | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
-diff -urpN a/configure.ac b/configure.ac
+diff --git a/configure.ac b/configure.ac
+index 38a1bee..95f1488 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -61,7 +61,10 @@ AS_IF(
- AM_CONDITIONAL([LOCAL_GLIB], [test "x$local_glib2" = "xyes"])
+@@ -62,7 +62,10 @@ AS_IF(
+ ])
AC_ARG_WITH([libcap-ng],
- AS_HELP_STRING([libcap-ng], [Add libcap-ng-support @<:@default=auto@:>@]))
diff --git a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/irqbalance-Add-status-and-reload-commands.patch b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/irqbalance-Add-status-and-reload-commands.patch
index d853d0b..ec01448 100644
--- a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/irqbalance-Add-status-and-reload-commands.patch
+++ b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance/irqbalance-Add-status-and-reload-commands.patch
@@ -1,4 +1,4 @@
-From dc7366896dd5a5bae82be4b11530bc9fdb7cbcdd Mon Sep 17 00:00:00 2001
+From 9a16da2628cc4fddf37fe0368b4f6424270f0b2d Mon Sep 17 00:00:00 2001
From: Yang Shi <yang.shi@windriver.com>
Date: Mon, 26 Aug 2013 10:58:02 -0700
Subject: [PATCH] irqbalance: Add status and reload commands
@@ -6,9 +6,10 @@
Add status and reload commands for irqbalanced init script
Signed-off-by: Yang Shi <yang.shi@windriver.com>
+
---
- irqbalance.init | 12 +++++++++---
- 1 files changed, 9 insertions(+), 3 deletions(-)
+ irqbalance.init | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/irqbalance.init b/irqbalance.init
index d12d62c..f58bf55 100644
@@ -50,6 +51,3 @@
exit 1
;;
esac
---
-1.7.5.4
-
diff --git a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.1.0.bb b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.3.0.bb
similarity index 74%
rename from import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.1.0.bb
rename to import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.3.0.bb
index 16efa95..5581a8b 100644
--- a/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.1.0.bb
+++ b/import-layers/meta-virtualization/recipes-extended/irqbalance/irqbalance_1.3.0.bb
@@ -4,8 +4,8 @@
require irqbalance.inc
-SRC_URI[md5sum] = "b15d975336080bcac4be0c1752d43cf3"
-SRC_URI[sha256sum] = "91506e638b03bf27cf5da7dc250d58a753ce8a0288a20265fc7ff0266040706b"
+SRC_URI[md5sum] = "53ee393adcfbc8e5ab23cbbd920df687"
+SRC_URI[sha256sum] = "41c2c0842d8fb24240d8069b389cd8d1669625a40009a17ad886967845dc6e43"
SRC_URI = "https://github.com/Irqbalance/irqbalance/archive/v${PV}.tar.gz;downloadfilename=irqbalance-${PV}.tar.gz \
file://add-initscript.patch \
diff --git a/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/Makefiles-Add-more-XDR_CFLAGS-as-needed.patch b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/Makefiles-Add-more-XDR_CFLAGS-as-needed.patch
new file mode 100644
index 0000000..826cdd0
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/Makefiles-Add-more-XDR_CFLAGS-as-needed.patch
@@ -0,0 +1,62 @@
+From dcfc263db9e69e5381cb511c51836271dec577a3 Mon Sep 17 00:00:00 2001
+From: Mark Asselstine <mark.asselstine@windriver.com>
+Date: Thu, 10 May 2018 13:27:47 -0400
+Subject: [PATCH] Makefiles: Add more $XDR_CFLAGS as needed
+
+When building with libtirpc instead of libc-xdr the include search
+path needs to be used. In several places this was missing and it was
+only looking in /usr/include and failing.
+
+Upstream-Status: Inappropriate [old release]
+
+Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
+---
+ src/Makefile.am | 5 +++--
+ tests/Makefile.am | 1 +
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/Makefile.am b/src/Makefile.am
+index e9ce941..38114b7 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -1157,7 +1157,7 @@ libvirt_la_BUILT_LIBADD += libvirt_driver.la
+ libvirt_driver_la_SOURCES = $(DRIVER_SOURCES)
+
+ libvirt_driver_la_CFLAGS = \
+- $(GNUTLS_CFLAGS) $(CURL_CFLAGS) \
++ $(GNUTLS_CFLAGS) $(CURL_CFLAGS) $(XDR_CFLAGS) \
+ -I$(srcdir)/conf $(AM_CFLAGS)
+ libvirt_driver_la_LIBADD = \
+ $(GNUTLS_LIBS) $(CURL_LIBS) $(DLOPEN_LIBS)
+@@ -1348,6 +1348,7 @@ endif ! WITH_DRIVER_MODULES
+
+ libvirt_driver_qemu_impl_la_CFLAGS = \
+ $(GNUTLS_CFLAGS) \
++ $(XDR_CFLAGS) \
+ $(LIBNL_CFLAGS) \
+ -I$(srcdir)/access \
+ -I$(srcdir)/conf \
+@@ -2306,7 +2307,7 @@ libvirt_lxc_la_LDFLAGS = \
+ $(CYGWIN_EXTRA_LDFLAGS) \
+ $(MINGW_EXTRA_LDFLAGS) \
+ $(NULL)
+-libvirt_lxc_la_CFLAGS = $(AM_CFLAGS)
++libvirt_lxc_la_CFLAGS = $(AM_CFLAGS) $(XDR_CFLAGS)
+ libvirt_lxc_la_LIBADD = libvirt.la $(CYGWIN_EXTRA_LIBADD)
+
+ # Since virt-login-shell will be setuid, we must do everything
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index 2f8b9eb..aec9a3e 100644
+--- a/tests/Makefile.am
++++ b/tests/Makefile.am
+@@ -48,6 +48,7 @@ AM_CFLAGS = \
+ $(APPARMOR_CFLAGS) \
+ $(YAJL_CFLAGS) \
+ $(COVERAGE_CFLAGS) \
++ $(XDR_CFLAGS) \
+ $(WARN_CFLAGS)
+
+ AM_LDFLAGS = \
+--
+2.7.4
+
diff --git a/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch
new file mode 100644
index 0000000..edbadb6
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch
@@ -0,0 +1,36 @@
+From f10477f0fe5e4b7487a4a41faa216d10cd2bc7c3 Mon Sep 17 00:00:00 2001
+From: Mark Asselstine <mark.asselstine@windriver.com>
+Date: Thu, 10 May 2018 12:05:04 -0400
+Subject: [PATCH] configure.ac: search for rpc/rpc.h in the sysroot
+
+We want to avoid host contamination and use the sysroot as the base
+directory for our search so add the '=' the the '-I' when searching
+for libtirpc's rpc.h header.
+
+Upstream-Status: Inappropriate [old release]
+
+Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
+---
+ configure.ac | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5a6408c..6c19f6d 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -705,10 +705,10 @@ if test x"$with_remote" = x"yes" || test x"$with_libvirtd" = x"yes"; then
+ dnl check for cygwin's variation in xdr function names
+ AC_CHECK_FUNCS([xdr_u_int64_t],[],[],[#include <rpc/xdr.h>])
+
+- dnl Cygwin/recent glibc requires -I/usr/include/tirpc for <rpc/rpc.h>
++ dnl Cygwin/recent glibc requires -I=/usr/include/tirpc for <rpc/rpc.h>
+ old_CFLAGS=$CFLAGS
+ AC_CACHE_CHECK([where to find <rpc/rpc.h>], [lv_cv_xdr_cflags], [
+- for add_CFLAGS in '' '-I/usr/include/tirpc' 'missing'; do
++ for add_CFLAGS in '' '-I=/usr/include/tirpc' 'missing'; do
+ if test x"$add_CFLAGS" = xmissing; then
+ lv_cv_xdr_cflags=missing; break
+ fi
+--
+2.7.4
+
diff --git a/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt/dnsmasq.conf b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt/dnsmasq.conf
new file mode 100644
index 0000000..a7c3059
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt/dnsmasq.conf
@@ -0,0 +1,2 @@
+bind-interfaces
+except-interface=virbr0
diff --git a/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt_1.3.5.bb b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt_1.3.5.bb
index 8ed2505..35fd577 100644
--- a/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt_1.3.5.bb
+++ b/import-layers/meta-virtualization/recipes-extended/libvirt/libvirt_1.3.5.bb
@@ -7,7 +7,7 @@
SECTION = "console/tools"
DEPENDS = "bridge-utils gnutls libxml2 lvm2 avahi parted curl libpcap util-linux e2fsprogs pm-utils \
- iptables dnsmasq readline libtasn1 libxslt-native acl libdevmapper \
+ iptables dnsmasq readline libtasn1 libxslt-native acl libdevmapper libtirpc \
${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'shadow-native', '', d)}"
# libvirt-guests.sh needs gettext.sh
@@ -27,6 +27,7 @@
file://tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch \
file://libvirtd.sh \
file://libvirtd.conf \
+ file://dnsmasq.conf \
file://runptest.patch \
file://run-ptest \
file://tests-allow-separated-src-and-build-dirs.patch \
@@ -39,6 +40,8 @@
file://0001-ptest-add-missing-test_helper-files.patch \
file://0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch \
file://0001-Added-configure-variable-for-placing-systemd-untis-l.patch \
+ file://configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch \
+ file://Makefiles-Add-more-XDR_CFLAGS-as-needed.patch \
"
SRC_URI[libvirt.md5sum] = "f9dc1e63d559eca50ae0ee798a4c6c6d"
@@ -219,6 +222,7 @@
do_install_append() {
install -d ${D}/etc/init.d
install -d ${D}/etc/libvirt
+ install -d ${D}/etc/dnsmasq.d
install -m 0755 ${WORKDIR}/libvirtd.sh ${D}/etc/init.d/libvirtd
install -m 0644 ${WORKDIR}/libvirtd.conf ${D}/etc/libvirt/libvirtd.conf
@@ -266,6 +270,10 @@
# Add hook support for libvirt
mkdir -p ${D}/etc/libvirt/hooks
+ # Force the main dnsmasq instance to bind only to specified interfaces and
+ # to not bind to virbr0. Libvirt will run its own instance on this interface.
+ install -m 644 ${WORKDIR}/dnsmasq.conf ${D}/${sysconfdir}/dnsmasq.d/libvirt-daemon
+
# remove .la references to our working diretory
for i in `find ${D}${libdir} -type f -name *.la`; do
sed -i -e 's#-L${B}/src/.libs##g' $i
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch
new file mode 100644
index 0000000..ad9524a
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch
@@ -0,0 +1,176 @@
+From ad208b8b7e45fb2b7c572b86c61c26412609e82d Mon Sep 17 00:00:00 2001
+From: George Dunlap <george.dunlap@citrix.com>
+Date: Fri, 10 Nov 2017 16:53:54 +0000
+Subject: [PATCH 1/2] p2m: Always check to see if removing a p2m entry actually
+ worked
+
+The PoD zero-check functions speculatively remove memory from the p2m,
+then check to see if it's completely zeroed, before putting it in the
+cache.
+
+Unfortunately, the p2m_set_entry() calls may fail if the underlying
+pagetable structure needs to change and the domain has exhausted its
+p2m memory pool: for instance, if we're removing a 2MiB region out of
+a 1GiB entry (in the p2m_pod_zero_check_superpage() case), or a 4k
+region out of a 2MiB or larger entry (in the p2m_pod_zero_check()
+case); and the return value is not checked.
+
+The underlying mfn will then be added into the PoD cache, and at some
+point mapped into another location in the p2m. If the guest
+afterwards ballons out this memory, it will be freed to the hypervisor
+and potentially reused by another domain, in spite of the fact that
+the original domain still has writable mappings to it.
+
+There are several places where p2m_set_entry() shouldn't be able to
+fail, as it is guaranteed to write an entry of the same order that
+succeeded before. Add a backstop of crashing the domain just in case,
+and an ASSERT_UNREACHABLE() to flag up the broken assumption on debug
+builds.
+
+While we're here, use PAGE_ORDER_2M rather than a magic constant.
+
+This is part of XSA-247.
+
+Reported-by: George Dunlap <george.dunlap.com>
+Signed-off-by: George Dunlap <george.dunlap@citrix.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+---
+v4:
+- Removed some training whitespace
+v3:
+- Reformat reset clause to be more compact
+- Make sure to set map[i] = NULL when unmapping in case we need to bail
+v2:
+- Crash a domain if a p2m_set_entry we think cannot fail fails anyway.
+---
+ xen/arch/x86/mm/p2m-pod.c | 77 +++++++++++++++++++++++++++++++++++++----------
+ 1 file changed, 61 insertions(+), 16 deletions(-)
+
+diff --git a/xen/arch/x86/mm/p2m-pod.c b/xen/arch/x86/mm/p2m-pod.c
+index 730a48f928..f2ed751892 100644
+--- a/xen/arch/x86/mm/p2m-pod.c
++++ b/xen/arch/x86/mm/p2m-pod.c
+@@ -752,8 +752,10 @@ p2m_pod_zero_check_superpage(struct p2m_domain *p2m, unsigned long gfn)
+ }
+
+ /* Try to remove the page, restoring old mapping if it fails. */
+- p2m_set_entry(p2m, gfn, INVALID_MFN, PAGE_ORDER_2M,
+- p2m_populate_on_demand, p2m->default_access);
++ if ( p2m_set_entry(p2m, gfn, INVALID_MFN, PAGE_ORDER_2M,
++ p2m_populate_on_demand, p2m->default_access) )
++ goto out;
++
+ p2m_tlb_flush_sync(p2m);
+
+ /* Make none of the MFNs are used elsewhere... for example, mapped
+@@ -810,9 +812,18 @@ p2m_pod_zero_check_superpage(struct p2m_domain *p2m, unsigned long gfn)
+ ret = SUPERPAGE_PAGES;
+
+ out_reset:
+- if ( reset )
+- p2m_set_entry(p2m, gfn, mfn0, 9, type0, p2m->default_access);
+-
++ /*
++ * This p2m_set_entry() call shouldn't be able to fail, since the same order
++ * on the same gfn succeeded above. If that turns out to be false, crashing
++ * the domain should be the safest way of making sure we don't leak memory.
++ */
++ if ( reset && p2m_set_entry(p2m, gfn, mfn0, PAGE_ORDER_2M,
++ type0, p2m->default_access) )
++ {
++ ASSERT_UNREACHABLE();
++ domain_crash(d);
++ }
++
+ out:
+ gfn_unlock(p2m, gfn, SUPERPAGE_ORDER);
+ return ret;
+@@ -869,19 +880,30 @@ p2m_pod_zero_check(struct p2m_domain *p2m, unsigned long *gfns, int count)
+ }
+
+ /* Try to remove the page, restoring old mapping if it fails. */
+- p2m_set_entry(p2m, gfns[i], INVALID_MFN, PAGE_ORDER_4K,
+- p2m_populate_on_demand, p2m->default_access);
++ if ( p2m_set_entry(p2m, gfns[i], INVALID_MFN, PAGE_ORDER_4K,
++ p2m_populate_on_demand, p2m->default_access) )
++ goto skip;
+
+ /* See if the page was successfully unmapped. (Allow one refcount
+ * for being allocated to a domain.) */
+ if ( (mfn_to_page(mfns[i])->count_info & PGC_count_mask) > 1 )
+ {
++ /*
++ * If the previous p2m_set_entry call succeeded, this one shouldn't
++ * be able to fail. If it does, crashing the domain should be safe.
++ */
++ if ( p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K,
++ types[i], p2m->default_access) )
++ {
++ ASSERT_UNREACHABLE();
++ domain_crash(d);
++ goto out_unmap;
++ }
++
++ skip:
+ unmap_domain_page(map[i]);
+ map[i] = NULL;
+
+- p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K,
+- types[i], p2m->default_access);
+-
+ continue;
+ }
+ }
+@@ -900,12 +922,25 @@ p2m_pod_zero_check(struct p2m_domain *p2m, unsigned long *gfns, int count)
+
+ unmap_domain_page(map[i]);
+
+- /* See comment in p2m_pod_zero_check_superpage() re gnttab
+- * check timing. */
+- if ( j < PAGE_SIZE/sizeof(*map[i]) )
++ map[i] = NULL;
++
++ /*
++ * See comment in p2m_pod_zero_check_superpage() re gnttab
++ * check timing.
++ */
++ if ( j < (PAGE_SIZE / sizeof(*map[i])) )
+ {
+- p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K,
+- types[i], p2m->default_access);
++ /*
++ * If the previous p2m_set_entry call succeeded, this one shouldn't
++ * be able to fail. If it does, crashing the domain should be safe.
++ */
++ if ( p2m_set_entry(p2m, gfns[i], mfns[i], PAGE_ORDER_4K,
++ types[i], p2m->default_access) )
++ {
++ ASSERT_UNREACHABLE();
++ domain_crash(d);
++ goto out_unmap;
++ }
+ }
+ else
+ {
+@@ -929,7 +964,17 @@ p2m_pod_zero_check(struct p2m_domain *p2m, unsigned long *gfns, int count)
+ p2m->pod.entry_count++;
+ }
+ }
+-
++
++ return;
++
++out_unmap:
++ /*
++ * Something went wrong, probably crashing the domain. Unmap
++ * everything and return.
++ */
++ for ( i = 0; i < count; i++ )
++ if ( map[i] )
++ unmap_domain_page(map[i]);
+ }
+
+ #define POD_SWEEP_LIMIT 1024
+--
+2.15.0
+
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch
new file mode 100644
index 0000000..8c850bd
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch
@@ -0,0 +1,109 @@
+From d4bc7833707351a5341a6bdf04c752a028d9560d Mon Sep 17 00:00:00 2001
+From: George Dunlap <george.dunlap@citrix.com>
+Date: Fri, 10 Nov 2017 16:53:55 +0000
+Subject: [PATCH 2/2] p2m: Check return value of p2m_set_entry() when
+ decreasing reservation
+
+If the entire range specified to p2m_pod_decrease_reservation() is marked
+populate-on-demand, then it will make a single p2m_set_entry() call,
+reducing its PoD entry count.
+
+Unfortunately, in the right circumstances, this p2m_set_entry() call
+may fail. It that case, repeated calls to decrease_reservation() may
+cause p2m->pod.entry_count to fall below zero, potentially tripping
+over BUG_ON()s to the contrary.
+
+Instead, check to see if the entry succeeded, and return false if not.
+The caller will then call guest_remove_page() on the gfns, which will
+return -EINVAL upon finding no valid memory there to return.
+
+Unfortunately if the order > 0, the entry may have partially changed.
+A domain_crash() is probably the safest thing in that case.
+
+Other p2m_set_entry() calls in the same function should be fine,
+because they are writing the entry at its current order. Nonetheless,
+check the return value and crash if our assumption turns otu to be
+wrong.
+
+This is part of XSA-247.
+
+Reported-by: George Dunlap <george.dunlap.com>
+Signed-off-by: George Dunlap <george.dunlap@citrix.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+---
+v2: Crash the domain if we're not sure it's safe (or if we think it
+can't happen)
+---
+ xen/arch/x86/mm/p2m-pod.c | 42 +++++++++++++++++++++++++++++++++---------
+ 1 file changed, 33 insertions(+), 9 deletions(-)
+
+diff --git a/xen/arch/x86/mm/p2m-pod.c b/xen/arch/x86/mm/p2m-pod.c
+index f2ed751892..473d6a6dbf 100644
+--- a/xen/arch/x86/mm/p2m-pod.c
++++ b/xen/arch/x86/mm/p2m-pod.c
+@@ -555,11 +555,23 @@ p2m_pod_decrease_reservation(struct domain *d,
+
+ if ( !nonpod )
+ {
+- /* All PoD: Mark the whole region invalid and tell caller
+- * we're done. */
+- p2m_set_entry(p2m, gpfn, INVALID_MFN, order, p2m_invalid,
+- p2m->default_access);
+- p2m->pod.entry_count-=(1<<order);
++ /*
++ * All PoD: Mark the whole region invalid and tell caller
++ * we're done.
++ */
++ if ( p2m_set_entry(p2m, gpfn, INVALID_MFN, order, p2m_invalid,
++ p2m->default_access) )
++ {
++ /*
++ * If this fails, we can't tell how much of the range was changed.
++ * Best to crash the domain unless we're sure a partial change is
++ * impossible.
++ */
++ if ( order != 0 )
++ domain_crash(d);
++ goto out_unlock;
++ }
++ p2m->pod.entry_count -= 1UL << order;
+ BUG_ON(p2m->pod.entry_count < 0);
+ ret = 1;
+ goto out_entry_check;
+@@ -600,8 +612,14 @@ p2m_pod_decrease_reservation(struct domain *d,
+ n = 1UL << cur_order;
+ if ( t == p2m_populate_on_demand )
+ {
+- p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order,
+- p2m_invalid, p2m->default_access);
++ /* This shouldn't be able to fail */
++ if ( p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order,
++ p2m_invalid, p2m->default_access) )
++ {
++ ASSERT_UNREACHABLE();
++ domain_crash(d);
++ goto out_unlock;
++ }
+ p2m->pod.entry_count -= n;
+ BUG_ON(p2m->pod.entry_count < 0);
+ pod -= n;
+@@ -622,8 +640,14 @@ p2m_pod_decrease_reservation(struct domain *d,
+
+ page = mfn_to_page(mfn);
+
+- p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order,
+- p2m_invalid, p2m->default_access);
++ /* This shouldn't be able to fail */
++ if ( p2m_set_entry(p2m, gpfn + i, INVALID_MFN, cur_order,
++ p2m_invalid, p2m->default_access) )
++ {
++ ASSERT_UNREACHABLE();
++ domain_crash(d);
++ goto out_unlock;
++ }
+ p2m_tlb_flush_sync(p2m);
+ for ( j = 0; j < n; ++j )
+ set_gpfn_from_mfn(mfn_x(mfn), INVALID_M2P_ENTRY);
+--
+2.15.0
+
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/fix-libxc-xc_dom_arm-missing-initialization.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/fix-libxc-xc_dom_arm-missing-initialization.patch
deleted file mode 100644
index 05016a7..0000000
--- a/import-layers/meta-virtualization/recipes-extended/xen/files/fix-libxc-xc_dom_arm-missing-initialization.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-commit 88bfbf90e35f1213f9967a97dee0b2039f9998a4
-Author: Bernd Kuhls <bernd.kuhls@t-online.de>
-Date: Sat Aug 19 16:21:42 2017 +0200
-
- tools/libxc/xc_dom_arm: add missing variable initialization
-
- The variable domctl.u.address_size.size may remain uninitialized if
- guest_type is not one of xen-3.0-aarch64 or xen-3.0-armv7l. And the
- code precisely checks if this variable is still 0 to decide if the
- guest type is supported or not.
-
- This fixes the following build failure with gcc 7.x:
-
- xc_dom_arm.c:229:31: error: 'domctl.u.address_size.size' may be used uninitialized in this function [-Werror=maybe-uninitialized]
- if ( domctl.u.address_size.size == 0 )
-
- Patch originally taken from
- https://www.mail-archive.com/xen-devel@lists.xen.org/msg109313.html.
-
- Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
- Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- Acked-by: Wei Liu <wei.liu2@citrix.com>
-
-diff --git a/tools/libxc/xc_dom_arm.c b/tools/libxc/xc_dom_arm.c
-index e7d4bd0..e669fb0 100644
---- a/tools/libxc/xc_dom_arm.c
-+++ b/tools/libxc/xc_dom_arm.c
-@@ -223,6 +223,8 @@ static int set_mode(xc_interface *xch, domid_t domid, char *guest_type)
-
- domctl.domain = domid;
- domctl.cmd = XEN_DOMCTL_set_address_size;
-+ domctl.u.address_size.size = 0;
-+
- for ( i = 0; i < ARRAY_SIZE(types); i++ )
- if ( !strcmp(types[i].guest, guest_type) )
- domctl.u.address_size.size = types[i].size;
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch
new file mode 100644
index 0000000..4bbf21a
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.dhcp_create_request-hwaddr_len.patch
@@ -0,0 +1,13 @@
+Index: src/core/dhcp.c
+===================================================================
+--- a/src/core/dhcp.c
++++ b/src/core/dhcp.c
+@@ -1356,7 +1358,7 @@ dhcp_create_request(struct netif *netif)
+ dhcp->msg_out->giaddr.addr = 0;
+ for (i = 0; i < DHCP_CHADDR_LEN; i++) {
+ /* copy netif hardware address, pad with zeroes */
+- dhcp->msg_out->chaddr[i] = (i < netif->hwaddr_len) ? netif->hwaddr[i] : 0/* pad byte*/;
++ dhcp->msg_out->chaddr[i] = (i < (netif->hwaddr_len > NETIF_MAX_HWADDR_LEN ? NETIF_MAX_HWADDR_LEN : netif->hwaddr_len)) ? netif->hwaddr[i] : 0/* pad byte*/;
+ }
+ for (i = 0; i < DHCP_SNAME_LEN; i++) {
+ dhcp->msg_out->sname[i] = 0;
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs b/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs
new file mode 100644
index 0000000..b271877
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/lwip.patch-cvs
@@ -0,0 +1,2398 @@
+? .ChangeLog.swp
+? ChangeLog
+Index: CHANGELOG
+===================================================================
+RCS file: /sources/lwip/lwip/CHANGELOG,v
+retrieving revision 1.300
+retrieving revision 1.318
+diff -u -p -r1.300 -r1.318
+--- a/CHANGELOG 23 Mar 2008 13:49:39 -0000 1.300
++++ b/CHANGELOG 14 Jul 2008 20:12:36 -0000 1.318
+@@ -19,9 +19,77 @@ HISTORY
+
+ ++ New features:
+
++ 2008-06-30 Simon Goldschmidt
++ * mem.c, opt.h, stats.h: fixed bug #21433: Calling mem_free/pbuf_free from
++ interrupt context isn't safe: LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT allows
++ mem_free to run between mem_malloc iterations. Added illegal counter for
++ mem stats.
++
++ 2008-06-27 Simon Goldschmidt
++ * stats.h/.c, some other files: patch #6483: stats module improvement:
++ Added defines to display each module's statistic individually, added stats
++ defines for MEM, MEMP and SYS modules, removed (unused) rexmit counter.
++
++ 2008-06-17 Simon Goldschmidt
++ * err.h: patch #6459: Made err_t overridable to use a more efficient type
++ (define LWIP_ERR_T in cc.h)
++
++ 2008-06-17 Simon Goldschmidt
++ * slipif.c: patch #6480: Added a configuration option for slipif for symmetry
++ to loopif
++
++ 2008-06-17 Simon Goldschmidt (patch by Luca Ceresoli)
++ * netif.c, loopif.c, ip.c, netif.h, loopif.h, opt.h: Checked in slightly
++ modified version of patch # 6370: Moved loopif code to netif.c so that
++ loopback traffic is supported on all netifs (all local IPs).
++ Added option to limit loopback packets for each netifs.
++
+
+ ++ Bugfixes:
+
++ 2008-08-14 Simon Goldschmidt
++ * api_msg.c: fixed bug #23847: do_close_internal references freed memory (when
++ tcp_close returns != ERR_OK)
++
++ 2008-07-08 Frédéric Bernon
++ * stats.h: Fix some build bugs introduced with patch #6483 (missing some parameters
++ in macros, mainly if MEM_STATS=0 and MEMP_STATS=0).
++
++ 2008-06-24 Jonathan Larmour
++ * tcp_in.c: Fix for bug #23693 as suggested by Art R. Ensure cseg is unused
++ if tcp_seg_copy fails.
++
++ 2008-06-17 Simon Goldschmidt
++ * inet_chksum.c: Checked in some ideas of patch #6460 (loop optimizations)
++ and created defines for swapping bytes and folding u32 to u16.
++
++ 2008-05-30 Kieran Mansley
++ * tcp_in.c Remove redundant "if" statement, and use real rcv_wnd
++ rather than rcv_ann_wnd when deciding if packets are in-window.
++ Contributed by <arasmussen@consultant.datasys.swri.edu>
++
++ 2008-05-30 Kieran Mansley
++ * mem.h: Fix BUG#23254. Change macro definition of mem_* to allow
++ passing as function pointers when MEM_LIBC_MALLOC is defined.
++
++ 2008-05-09 Jonathan Larmour
++ * err.h, err.c, sockets.c: Fix bug #23119: Reorder timeout error code to
++ stop it being treated as a fatal error.
++
++ 2008-04-15 Simon Goldschmidt
++ * dhcp.c: fixed bug #22804: dhcp_stop doesn't clear NETIF_FLAG_DHCP
++ (flag now cleared)
++
++ 2008-03-27 Simon Goldschmidt
++ * mem.c, tcpip.c, tcpip.h, opt.h: fixed bug #21433 (Calling mem_free/pbuf_free
++ from interrupt context isn't safe): set LWIP_USE_HEAP_FROM_INTERRUPT to 1
++ in lwipopts.h or use pbuf_free_callback(p)/mem_free_callback(m) to free pbufs
++ or heap memory from interrupt context
++
++ 2008-03-26 Simon Goldschmidt
++ * tcp_in.c, tcp.c: fixed bug #22249: division by zero could occur if a remote
++ host sent a zero mss as TCP option.
++
+
+ (STABLE-1.3.0)
+
+Index: src/api/api_msg.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/api/api_msg.c,v
+retrieving revision 1.102
+retrieving revision 1.104
+diff -u -p -r1.102 -r1.104
+--- a/src/api/api_msg.c 21 Mar 2008 16:23:14 -0000 1.102
++++ b/src/api/api_msg.c 15 Jul 2008 11:18:58 -0000 1.104
+@@ -598,11 +598,16 @@ do_close_internal(struct netconn *conn)
+ LWIP_ASSERT("pcb already closed", (conn->pcb.tcp != NULL));
+
+ /* Set back some callback pointers */
++ tcp_arg(conn->pcb.tcp, NULL);
+ if (conn->pcb.tcp->state == LISTEN) {
+- tcp_arg(conn->pcb.tcp, NULL);
+ tcp_accept(conn->pcb.tcp, NULL);
+ } else {
+ tcp_recv(conn->pcb.tcp, NULL);
++ tcp_accept(conn->pcb.tcp, NULL);
++ /* some callbacks have to be reset if tcp_close is not successful */
++ tcp_sent(conn->pcb.tcp, NULL);
++ tcp_poll(conn->pcb.tcp, NULL, 4);
++ tcp_err(conn->pcb.tcp, NULL);
+ }
+ /* Try to close the connection */
+ err = tcp_close(conn->pcb.tcp);
+@@ -610,11 +615,6 @@ do_close_internal(struct netconn *conn)
+ /* Closing succeeded */
+ conn->state = NETCONN_NONE;
+ /* Set back some callback pointers as conn is going away */
+- tcp_err(conn->pcb.tcp, NULL);
+- tcp_poll(conn->pcb.tcp, NULL, 4);
+- tcp_sent(conn->pcb.tcp, NULL);
+- tcp_recv(conn->pcb.tcp, NULL);
+- tcp_arg(conn->pcb.tcp, NULL);
+ conn->pcb.tcp = NULL;
+ conn->err = ERR_OK;
+ /* Trigger select() in socket layer. This send should something else so the
+@@ -623,6 +623,14 @@ do_close_internal(struct netconn *conn)
+ API_EVENT(conn, NETCONN_EVT_SENDPLUS, 0);
+ /* wake up the application task */
+ sys_sem_signal(conn->op_completed);
++ } else {
++ /* Closing failed, restore some of the callbacks */
++ /* Closing of listen pcb will never fail! */
++ LWIP_ASSERT("Closing a listen pcb may not fail!", (conn->pcb.tcp->state != LISTEN));
++ tcp_sent(conn->pcb.tcp, sent_tcp);
++ tcp_poll(conn->pcb.tcp, poll_tcp, 4);
++ tcp_err(conn->pcb.tcp, err_tcp);
++ tcp_arg(conn->pcb.tcp, conn);
+ }
+ /* If closing didn't succeed, we get called again either
+ from poll_tcp or from sent_tcp */
+Index: src/api/err.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/api/err.c,v
+retrieving revision 1.11
+retrieving revision 1.12
+diff -u -p -r1.11 -r1.12
+--- a/src/api/err.c 13 Dec 2007 23:06:50 -0000 1.11
++++ b/src/api/err.c 9 May 2008 12:14:23 -0000 1.12
+@@ -44,17 +44,17 @@ static const char *err_strerr[] = {
+ "Ok.", /* ERR_OK 0 */
+ "Out of memory error.", /* ERR_MEM -1 */
+ "Buffer error.", /* ERR_BUF -2 */
+- "Routing problem.", /* ERR_RTE -3 */
+- "Connection aborted.", /* ERR_ABRT -4 */
+- "Connection reset.", /* ERR_RST -5 */
+- "Connection closed.", /* ERR_CLSD -6 */
+- "Not connected.", /* ERR_CONN -7 */
+- "Illegal value.", /* ERR_VAL -8 */
+- "Illegal argument.", /* ERR_ARG -9 */
+- "Address in use.", /* ERR_USE -10 */
+- "Low-level netif error.", /* ERR_IF -11 */
+- "Already connected.", /* ERR_ISCONN -12 */
+- "Timeout.", /* ERR_TIMEOUT -13 */
++ "Timeout.", /* ERR_TIMEOUT -3 */
++ "Routing problem.", /* ERR_RTE -4 */
++ "Connection aborted.", /* ERR_ABRT -5 */
++ "Connection reset.", /* ERR_RST -6 */
++ "Connection closed.", /* ERR_CLSD -7 */
++ "Not connected.", /* ERR_CONN -8 */
++ "Illegal value.", /* ERR_VAL -9 */
++ "Illegal argument.", /* ERR_ARG -10 */
++ "Address in use.", /* ERR_USE -11 */
++ "Low-level netif error.", /* ERR_IF -12 */
++ "Already connected.", /* ERR_ISCONN -13 */
+ "Operation in progress." /* ERR_INPROGRESS -14 */
+ };
+
+Index: src/api/netdb.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/api/netdb.c,v
+retrieving revision 1.4
+retrieving revision 1.5
+diff -u -p -r1.4 -r1.5
+--- a/src/api/netdb.c 26 Jan 2008 16:11:39 -0000 1.4
++++ b/src/api/netdb.c 16 Jul 2008 20:36:12 -0000 1.5
+@@ -326,7 +326,8 @@ lwip_getaddrinfo(const char *nodename, c
+ if (nodename != NULL) {
+ /* copy nodename to canonname if specified */
+ size_t namelen = strlen(nodename);
+- ai->ai_canonname = mem_malloc(namelen + 1);
++ LWIP_ASSERT("namelen is too long", (namelen + 1) <= (mem_size_t)-1);
++ ai->ai_canonname = mem_malloc((mem_size_t)(namelen + 1));
+ if (ai->ai_canonname == NULL) {
+ goto memerr;
+ }
+Index: src/api/sockets.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/api/sockets.c,v
+retrieving revision 1.116
+retrieving revision 1.117
+diff -u -p -r1.116 -r1.117
+--- a/src/api/sockets.c 13 Mar 2008 20:03:57 -0000 1.116
++++ b/src/api/sockets.c 9 May 2008 12:14:24 -0000 1.117
+@@ -128,17 +128,17 @@ static const int err_to_errno_table[] =
+ 0, /* ERR_OK 0 No error, everything OK. */
+ ENOMEM, /* ERR_MEM -1 Out of memory error. */
+ ENOBUFS, /* ERR_BUF -2 Buffer error. */
+- EHOSTUNREACH, /* ERR_RTE -3 Routing problem. */
+- ECONNABORTED, /* ERR_ABRT -4 Connection aborted. */
+- ECONNRESET, /* ERR_RST -5 Connection reset. */
+- ESHUTDOWN, /* ERR_CLSD -6 Connection closed. */
+- ENOTCONN, /* ERR_CONN -7 Not connected. */
+- EINVAL, /* ERR_VAL -8 Illegal value. */
+- EIO, /* ERR_ARG -9 Illegal argument. */
+- EADDRINUSE, /* ERR_USE -10 Address in use. */
+- -1, /* ERR_IF -11 Low-level netif error */
+- -1, /* ERR_ISCONN -12 Already connected. */
+- ETIMEDOUT, /* ERR_TIMEOUT -13 Timeout */
++ ETIMEDOUT, /* ERR_TIMEOUT -3 Timeout */
++ EHOSTUNREACH, /* ERR_RTE -4 Routing problem. */
++ ECONNABORTED, /* ERR_ABRT -5 Connection aborted. */
++ ECONNRESET, /* ERR_RST -6 Connection reset. */
++ ESHUTDOWN, /* ERR_CLSD -7 Connection closed. */
++ ENOTCONN, /* ERR_CONN -8 Not connected. */
++ EINVAL, /* ERR_VAL -9 Illegal value. */
++ EIO, /* ERR_ARG -10 Illegal argument. */
++ EADDRINUSE, /* ERR_USE -11 Address in use. */
++ -1, /* ERR_IF -12 Low-level netif error */
++ -1, /* ERR_ISCONN -13 Already connected. */
+ EINPROGRESS /* ERR_INPROGRESS -14 Operation in progress */
+ };
+
+Index: src/api/tcpip.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/api/tcpip.c,v
+retrieving revision 1.70
+retrieving revision 1.73
+diff -u -p -r1.70 -r1.73
+--- a/src/api/tcpip.c 12 Jan 2008 11:52:22 -0000 1.70
++++ b/src/api/tcpip.c 27 Jun 2008 20:34:51 -0000 1.73
+@@ -518,4 +518,42 @@ tcpip_init(void (* initfunc)(void *), vo
+ sys_thread_new(TCPIP_THREAD_NAME, tcpip_thread, NULL, TCPIP_THREAD_STACKSIZE, TCPIP_THREAD_PRIO);
+ }
+
++/**
++ * Simple callback function used with tcpip_callback to free a pbuf
++ * (pbuf_free has a wrong signature for tcpip_callback)
++ *
++ * @param p The pbuf (chain) to be dereferenced.
++ */
++static void
++pbuf_free_int(void *p)
++{
++ struct pbuf *q = p;
++ pbuf_free(q);
++}
++
++/**
++ * A simple wrapper function that allows you to free a pbuf from interrupt context.
++ *
++ * @param p The pbuf (chain) to be dereferenced.
++ * @return ERR_OK if callback could be enqueued, an err_t if not
++ */
++err_t
++pbuf_free_callback(struct pbuf *p)
++{
++ return tcpip_callback_with_block(pbuf_free_int, p, 0);
++}
++
++/**
++ * A simple wrapper function that allows you to free heap memory from
++ * interrupt context.
++ *
++ * @param m the heap memory to free
++ * @return ERR_OK if callback could be enqueued, an err_t if not
++ */
++err_t
++mem_free_callback(void *m)
++{
++ return tcpip_callback_with_block(mem_free, m, 0);
++}
++
+ #endif /* !NO_SYS */
+Index: src/core/dhcp.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/dhcp.c,v
+retrieving revision 1.86
+retrieving revision 1.87
+diff -u -p -r1.86 -r1.87
+--- a/src/core/dhcp.c 4 Mar 2008 14:25:58 -0000 1.86
++++ b/src/core/dhcp.c 15 Apr 2008 17:24:55 -0000 1.87
+@@ -568,6 +568,8 @@ dhcp_start(struct netif *netif)
+ LWIP_ERROR("netif != NULL", (netif != NULL), return ERR_ARG;);
+ dhcp = netif->dhcp;
+ LWIP_DEBUGF(DHCP_DEBUG | LWIP_DBG_TRACE | LWIP_DBG_STATE, ("dhcp_start(netif=%p) %c%c%"U16_F"\n", (void*)netif, netif->name[0], netif->name[1], (u16_t)netif->num));
++ /* Remove the flag that says this netif is handled by DHCP,
++ it is set when we succeeded starting. */
+ netif->flags &= ~NETIF_FLAG_DHCP;
+
+ /* no DHCP client attached yet? */
+@@ -609,6 +611,7 @@ dhcp_start(struct netif *netif)
+ dhcp_stop(netif);
+ return ERR_MEM;
+ }
++ /* Set the flag that says this netif is handled by DHCP. */
+ netif->flags |= NETIF_FLAG_DHCP;
+ return result;
+ }
+@@ -1063,6 +1066,8 @@ dhcp_stop(struct netif *netif)
+ {
+ struct dhcp *dhcp = netif->dhcp;
+ LWIP_ERROR("dhcp_stop: netif != NULL", (netif != NULL), return;);
++ /* Remove the flag that says this netif is handled by DHCP. */
++ netif->flags &= ~NETIF_FLAG_DHCP;
+
+ LWIP_DEBUGF(DHCP_DEBUG | LWIP_DBG_TRACE | 3, ("dhcp_stop()\n"));
+ /* netif is DHCP configured? */
+Index: src/core/mem.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/mem.c,v
+retrieving revision 1.59
+retrieving revision 1.62
+diff -u -p -r1.59 -r1.62
+--- a/src/core/mem.c 4 Mar 2008 16:31:32 -0000 1.59
++++ b/src/core/mem.c 30 Jun 2008 18:16:51 -0000 1.62
+@@ -177,9 +177,36 @@ static u8_t *ram;
+ static struct mem *ram_end;
+ /** pointer to the lowest free block, this is used for faster search */
+ static struct mem *lfree;
++
+ /** concurrent access protection */
+ static sys_sem_t mem_sem;
+
++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
++
++static volatile u8_t mem_free_count;
++
++/* Allow mem_free from other (e.g. interrupt) context */
++#define LWIP_MEM_FREE_DECL_PROTECT() SYS_ARCH_DECL_PROTECT(lev_free)
++#define LWIP_MEM_FREE_PROTECT() SYS_ARCH_PROTECT(lev_free)
++#define LWIP_MEM_FREE_UNPROTECT() SYS_ARCH_UNPROTECT(lev_free)
++#define LWIP_MEM_ALLOC_DECL_PROTECT() SYS_ARCH_DECL_PROTECT(lev_alloc)
++#define LWIP_MEM_ALLOC_PROTECT() SYS_ARCH_PROTECT(lev_alloc)
++#define LWIP_MEM_ALLOC_UNPROTECT() SYS_ARCH_UNPROTECT(lev_alloc)
++
++#else /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
++
++/* Protect the heap only by using a semaphore */
++#define LWIP_MEM_FREE_DECL_PROTECT()
++#define LWIP_MEM_FREE_PROTECT() sys_arch_sem_wait(mem_sem, 0)
++#define LWIP_MEM_FREE_UNPROTECT() sys_sem_signal(mem_sem)
++/* mem_malloc is protected using semaphore AND LWIP_MEM_ALLOC_PROTECT */
++#define LWIP_MEM_ALLOC_DECL_PROTECT()
++#define LWIP_MEM_ALLOC_PROTECT()
++#define LWIP_MEM_ALLOC_UNPROTECT()
++
++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
++
++
+ /**
+ * "Plug holes" by combining adjacent empty struct mems.
+ * After this function is through, there should not exist
+@@ -255,9 +282,7 @@ mem_init(void)
+ /* initialize the lowest-free pointer to the start of the heap */
+ lfree = (struct mem *)ram;
+
+-#if MEM_STATS
+- lwip_stats.mem.avail = MEM_SIZE_ALIGNED;
+-#endif /* MEM_STATS */
++ MEM_STATS_AVAIL(avail, MEM_SIZE_ALIGNED);
+ }
+
+ /**
+@@ -270,6 +295,7 @@ void
+ mem_free(void *rmem)
+ {
+ struct mem *mem;
++ LWIP_MEM_FREE_DECL_PROTECT();
+
+ if (rmem == NULL) {
+ LWIP_DEBUGF(MEM_DEBUG | LWIP_DBG_TRACE | 2, ("mem_free(p == NULL) was called.\n"));
+@@ -277,20 +303,20 @@ mem_free(void *rmem)
+ }
+ LWIP_ASSERT("mem_free: sanity check alignment", (((mem_ptr_t)rmem) & (MEM_ALIGNMENT-1)) == 0);
+
+- /* protect the heap from concurrent access */
+- sys_arch_sem_wait(mem_sem, 0);
+-
+ LWIP_ASSERT("mem_free: legal memory", (u8_t *)rmem >= (u8_t *)ram &&
+ (u8_t *)rmem < (u8_t *)ram_end);
+
+ if ((u8_t *)rmem < (u8_t *)ram || (u8_t *)rmem >= (u8_t *)ram_end) {
++ SYS_ARCH_DECL_PROTECT(lev);
+ LWIP_DEBUGF(MEM_DEBUG | 3, ("mem_free: illegal memory\n"));
+-#if MEM_STATS
+- ++lwip_stats.mem.err;
+-#endif /* MEM_STATS */
+- sys_sem_signal(mem_sem);
++ /* protect mem stats from concurrent access */
++ SYS_ARCH_PROTECT(lev);
++ MEM_STATS_INC(illegal);
++ SYS_ARCH_UNPROTECT(lev);
+ return;
+ }
++ /* protect the heap from concurrent access */
++ LWIP_MEM_FREE_PROTECT();
+ /* Get the corresponding struct mem ... */
+ mem = (struct mem *)((u8_t *)rmem - SIZEOF_STRUCT_MEM);
+ /* ... which has to be in a used state ... */
+@@ -303,13 +329,14 @@ mem_free(void *rmem)
+ lfree = mem;
+ }
+
+-#if MEM_STATS
+- lwip_stats.mem.used -= mem->next - ((u8_t *)mem - ram);
+-#endif /* MEM_STATS */
++ MEM_STATS_DEC_USED(used, mem->next - ((u8_t *)mem - ram));
+
+ /* finally, see if prev or next are free also */
+ plug_holes(mem);
+- sys_sem_signal(mem_sem);
++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
++ mem_free_count = 1;
++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
++ LWIP_MEM_FREE_UNPROTECT();
+ }
+
+ /**
+@@ -321,6 +348,8 @@ mem_free(void *rmem)
+ * @param newsize required size after shrinking (needs to be smaller than or
+ * equal to the previous size)
+ * @return for compatibility reasons: is always == rmem, at the moment
++ * or NULL if newsize is > old size, in which case rmem is NOT touched
++ * or freed!
+ */
+ void *
+ mem_realloc(void *rmem, mem_size_t newsize)
+@@ -328,6 +357,8 @@ mem_realloc(void *rmem, mem_size_t newsi
+ mem_size_t size;
+ mem_size_t ptr, ptr2;
+ struct mem *mem, *mem2;
++ /* use the FREE_PROTECT here: it protects with sem OR SYS_ARCH_PROTECT */
++ LWIP_MEM_FREE_DECL_PROTECT();
+
+ /* Expand the size of the allocated memory region so that we can
+ adjust for alignment. */
+@@ -346,7 +377,12 @@ mem_realloc(void *rmem, mem_size_t newsi
+ (u8_t *)rmem < (u8_t *)ram_end);
+
+ if ((u8_t *)rmem < (u8_t *)ram || (u8_t *)rmem >= (u8_t *)ram_end) {
++ SYS_ARCH_DECL_PROTECT(lev);
+ LWIP_DEBUGF(MEM_DEBUG | 3, ("mem_realloc: illegal memory\n"));
++ /* protect mem stats from concurrent access */
++ SYS_ARCH_PROTECT(lev);
++ MEM_STATS_INC(illegal);
++ SYS_ARCH_UNPROTECT(lev);
+ return rmem;
+ }
+ /* Get the corresponding struct mem ... */
+@@ -366,11 +402,9 @@ mem_realloc(void *rmem, mem_size_t newsi
+ }
+
+ /* protect the heap from concurrent access */
+- sys_arch_sem_wait(mem_sem, 0);
++ LWIP_MEM_FREE_PROTECT();
+
+-#if MEM_STATS
+- lwip_stats.mem.used -= (size - newsize);
+-#endif /* MEM_STATS */
++ MEM_STATS_DEC_USED(used, (size - newsize));
+
+ mem2 = (struct mem *)&ram[mem->next];
+ if(mem2->used == 0) {
+@@ -426,7 +460,10 @@ mem_realloc(void *rmem, mem_size_t newsi
+ -> don't do anyhting.
+ -> the remaining space stays unused since it is too small
+ } */
+- sys_sem_signal(mem_sem);
++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
++ mem_free_count = 1;
++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
++ LWIP_MEM_FREE_UNPROTECT();
+ return rmem;
+ }
+
+@@ -444,6 +481,10 @@ mem_malloc(mem_size_t size)
+ {
+ mem_size_t ptr, ptr2;
+ struct mem *mem, *mem2;
++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
++ u8_t local_mem_free_count = 0;
++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
++ LWIP_MEM_ALLOC_DECL_PROTECT();
+
+ if (size == 0) {
+ return NULL;
+@@ -464,88 +505,101 @@ mem_malloc(mem_size_t size)
+
+ /* protect the heap from concurrent access */
+ sys_arch_sem_wait(mem_sem, 0);
++ LWIP_MEM_ALLOC_PROTECT();
++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
++ /* run as long as a mem_free disturbed mem_malloc */
++ do {
++ local_mem_free_count = 0;
++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
++
++ /* Scan through the heap searching for a free block that is big enough,
++ * beginning with the lowest free block.
++ */
++ for (ptr = (u8_t *)lfree - ram; ptr < MEM_SIZE_ALIGNED - size;
++ ptr = ((struct mem *)&ram[ptr])->next) {
++ mem = (struct mem *)&ram[ptr];
++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
++ mem_free_count = 0;
++ LWIP_MEM_ALLOC_UNPROTECT();
++ /* allow mem_free to run */
++ LWIP_MEM_ALLOC_PROTECT();
++ if (mem_free_count != 0) {
++ local_mem_free_count = mem_free_count;
++ }
++ mem_free_count = 0;
++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
+
+- /* Scan through the heap searching for a free block that is big enough,
+- * beginning with the lowest free block.
+- */
+- for (ptr = (u8_t *)lfree - ram; ptr < MEM_SIZE_ALIGNED - size;
+- ptr = ((struct mem *)&ram[ptr])->next) {
+- mem = (struct mem *)&ram[ptr];
+-
+- if ((!mem->used) &&
+- (mem->next - (ptr + SIZEOF_STRUCT_MEM)) >= size) {
+- /* mem is not used and at least perfect fit is possible:
+- * mem->next - (ptr + SIZEOF_STRUCT_MEM) gives us the 'user data size' of mem */
+-
+- if (mem->next - (ptr + SIZEOF_STRUCT_MEM) >= (size + SIZEOF_STRUCT_MEM + MIN_SIZE_ALIGNED)) {
+- /* (in addition to the above, we test if another struct mem (SIZEOF_STRUCT_MEM) containing
+- * at least MIN_SIZE_ALIGNED of data also fits in the 'user data space' of 'mem')
+- * -> split large block, create empty remainder,
+- * remainder must be large enough to contain MIN_SIZE_ALIGNED data: if
+- * mem->next - (ptr + (2*SIZEOF_STRUCT_MEM)) == size,
+- * struct mem would fit in but no data between mem2 and mem2->next
+- * @todo we could leave out MIN_SIZE_ALIGNED. We would create an empty
+- * region that couldn't hold data, but when mem->next gets freed,
+- * the 2 regions would be combined, resulting in more free memory
+- */
+- ptr2 = ptr + SIZEOF_STRUCT_MEM + size;
+- /* create mem2 struct */
+- mem2 = (struct mem *)&ram[ptr2];
+- mem2->used = 0;
+- mem2->next = mem->next;
+- mem2->prev = ptr;
+- /* and insert it between mem and mem->next */
+- mem->next = ptr2;
+- mem->used = 1;
+-
+- if (mem2->next != MEM_SIZE_ALIGNED) {
+- ((struct mem *)&ram[mem2->next])->prev = ptr2;
+- }
+-#if MEM_STATS
+- lwip_stats.mem.used += (size + SIZEOF_STRUCT_MEM);
+- if (lwip_stats.mem.max < lwip_stats.mem.used) {
+- lwip_stats.mem.max = lwip_stats.mem.used;
++ if ((!mem->used) &&
++ (mem->next - (ptr + SIZEOF_STRUCT_MEM)) >= size) {
++ /* mem is not used and at least perfect fit is possible:
++ * mem->next - (ptr + SIZEOF_STRUCT_MEM) gives us the 'user data size' of mem */
++
++ if (mem->next - (ptr + SIZEOF_STRUCT_MEM) >= (size + SIZEOF_STRUCT_MEM + MIN_SIZE_ALIGNED)) {
++ /* (in addition to the above, we test if another struct mem (SIZEOF_STRUCT_MEM) containing
++ * at least MIN_SIZE_ALIGNED of data also fits in the 'user data space' of 'mem')
++ * -> split large block, create empty remainder,
++ * remainder must be large enough to contain MIN_SIZE_ALIGNED data: if
++ * mem->next - (ptr + (2*SIZEOF_STRUCT_MEM)) == size,
++ * struct mem would fit in but no data between mem2 and mem2->next
++ * @todo we could leave out MIN_SIZE_ALIGNED. We would create an empty
++ * region that couldn't hold data, but when mem->next gets freed,
++ * the 2 regions would be combined, resulting in more free memory
++ */
++ ptr2 = ptr + SIZEOF_STRUCT_MEM + size;
++ /* create mem2 struct */
++ mem2 = (struct mem *)&ram[ptr2];
++ mem2->used = 0;
++ mem2->next = mem->next;
++ mem2->prev = ptr;
++ /* and insert it between mem and mem->next */
++ mem->next = ptr2;
++ mem->used = 1;
++
++ if (mem2->next != MEM_SIZE_ALIGNED) {
++ ((struct mem *)&ram[mem2->next])->prev = ptr2;
++ }
++ MEM_STATS_INC_USED(used, (size + SIZEOF_STRUCT_MEM));
++ } else {
++ /* (a mem2 struct does no fit into the user data space of mem and mem->next will always
++ * be used at this point: if not we have 2 unused structs in a row, plug_holes should have
++ * take care of this).
++ * -> near fit or excact fit: do not split, no mem2 creation
++ * also can't move mem->next directly behind mem, since mem->next
++ * will always be used at this point!
++ */
++ mem->used = 1;
++ MEM_STATS_INC_USED(used, mem->next - ((u8_t *)mem - ram));
+ }
+-#endif /* MEM_STATS */
+- } else {
+- /* (a mem2 struct does no fit into the user data space of mem and mem->next will always
+- * be used at this point: if not we have 2 unused structs in a row, plug_holes should have
+- * take care of this).
+- * -> near fit or excact fit: do not split, no mem2 creation
+- * also can't move mem->next directly behind mem, since mem->next
+- * will always be used at this point!
+- */
+- mem->used = 1;
+-#if MEM_STATS
+- lwip_stats.mem.used += mem->next - ((u8_t *)mem - ram);
+- if (lwip_stats.mem.max < lwip_stats.mem.used) {
+- lwip_stats.mem.max = lwip_stats.mem.used;
+- }
+-#endif /* MEM_STATS */
+- }
+
+- if (mem == lfree) {
+- /* Find next free block after mem and update lowest free pointer */
+- while (lfree->used && lfree != ram_end) {
+- lfree = (struct mem *)&ram[lfree->next];
++ if (mem == lfree) {
++ /* Find next free block after mem and update lowest free pointer */
++ while (lfree->used && lfree != ram_end) {
++ LWIP_MEM_ALLOC_UNPROTECT();
++ /* prevent high interrupt latency... */
++ LWIP_MEM_ALLOC_PROTECT();
++ lfree = (struct mem *)&ram[lfree->next];
++ }
++ LWIP_ASSERT("mem_malloc: !lfree->used", ((lfree == ram_end) || (!lfree->used)));
+ }
+- LWIP_ASSERT("mem_malloc: !lfree->used", ((lfree == ram_end) || (!lfree->used)));
+- }
+- sys_sem_signal(mem_sem);
+- LWIP_ASSERT("mem_malloc: allocated memory not above ram_end.",
+- (mem_ptr_t)mem + SIZEOF_STRUCT_MEM + size <= (mem_ptr_t)ram_end);
+- LWIP_ASSERT("mem_malloc: allocated memory properly aligned.",
+- (unsigned long)((u8_t *)mem + SIZEOF_STRUCT_MEM) % MEM_ALIGNMENT == 0);
+- LWIP_ASSERT("mem_malloc: sanity check alignment",
+- (((mem_ptr_t)mem) & (MEM_ALIGNMENT-1)) == 0);
++ LWIP_MEM_ALLOC_UNPROTECT();
++ sys_sem_signal(mem_sem);
++ LWIP_ASSERT("mem_malloc: allocated memory not above ram_end.",
++ (mem_ptr_t)mem + SIZEOF_STRUCT_MEM + size <= (mem_ptr_t)ram_end);
++ LWIP_ASSERT("mem_malloc: allocated memory properly aligned.",
++ (unsigned long)((u8_t *)mem + SIZEOF_STRUCT_MEM) % MEM_ALIGNMENT == 0);
++ LWIP_ASSERT("mem_malloc: sanity check alignment",
++ (((mem_ptr_t)mem) & (MEM_ALIGNMENT-1)) == 0);
+
+- return (u8_t *)mem + SIZEOF_STRUCT_MEM;
++ return (u8_t *)mem + SIZEOF_STRUCT_MEM;
++ }
+ }
+- }
++#if LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
++ /* if we got interrupted by a mem_free, try again */
++ } while(local_mem_free_count != 0);
++#endif /* LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT */
+ LWIP_DEBUGF(MEM_DEBUG | 2, ("mem_malloc: could not allocate %"S16_F" bytes\n", (s16_t)size));
+-#if MEM_STATS
+- ++lwip_stats.mem.err;
+-#endif /* MEM_STATS */
++ MEM_STATS_INC(err);
++ LWIP_MEM_ALLOC_UNPROTECT();
+ sys_sem_signal(mem_sem);
+ return NULL;
+ }
+Index: src/core/memp.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/memp.c,v
+retrieving revision 1.55
+retrieving revision 1.56
+diff -u -p -r1.55 -r1.56
+--- a/src/core/memp.c 25 Nov 2007 10:43:28 -0000 1.55
++++ b/src/core/memp.c 27 Jun 2008 18:37:54 -0000 1.56
+@@ -252,13 +252,12 @@ memp_init(void)
+ struct memp *memp;
+ u16_t i, j;
+
+-#if MEMP_STATS
+ for (i = 0; i < MEMP_MAX; ++i) {
+- lwip_stats.memp[i].used = lwip_stats.memp[i].max =
+- lwip_stats.memp[i].err = 0;
+- lwip_stats.memp[i].avail = memp_num[i];
++ MEMP_STATS_AVAIL(used, i, 0);
++ MEMP_STATS_AVAIL(max, i, 0);
++ MEMP_STATS_AVAIL(err, i, 0);
++ MEMP_STATS_AVAIL(avail, i, memp_num[i]);
+ }
+-#endif /* MEMP_STATS */
+
+ memp = LWIP_MEM_ALIGN(memp_memory);
+ /* for every pool: */
+@@ -315,20 +314,13 @@ memp_malloc_fn(memp_t type, const char*
+ memp->file = file;
+ memp->line = line;
+ #endif /* MEMP_OVERFLOW_CHECK */
+-#if MEMP_STATS
+- ++lwip_stats.memp[type].used;
+- if (lwip_stats.memp[type].used > lwip_stats.memp[type].max) {
+- lwip_stats.memp[type].max = lwip_stats.memp[type].used;
+- }
+-#endif /* MEMP_STATS */
++ MEMP_STATS_INC_USED(used, type);
+ LWIP_ASSERT("memp_malloc: memp properly aligned",
+ ((mem_ptr_t)memp % MEM_ALIGNMENT) == 0);
+ memp = (struct memp*)((u8_t*)memp + MEMP_SIZE);
+ } else {
+ LWIP_DEBUGF(MEMP_DEBUG | 2, ("memp_malloc: out of memory in pool %s\n", memp_desc[type]));
+-#if MEMP_STATS
+- ++lwip_stats.memp[type].err;
+-#endif /* MEMP_STATS */
++ MEMP_STATS_INC(err, type);
+ }
+
+ SYS_ARCH_UNPROTECT(old_level);
+@@ -365,9 +357,7 @@ memp_free(memp_t type, void *mem)
+ #endif /* MEMP_OVERFLOW_CHECK >= 2 */
+ #endif /* MEMP_OVERFLOW_CHECK */
+
+-#if MEMP_STATS
+- lwip_stats.memp[type].used--;
+-#endif /* MEMP_STATS */
++ MEMP_STATS_DEC(used, type);
+
+ memp->next = memp_tab[type];
+ memp_tab[type] = memp;
+Index: src/core/netif.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/netif.c,v
+retrieving revision 1.65
+retrieving revision 1.68
+diff -u -p -r1.65 -r1.68
+--- a/src/core/netif.c 9 Oct 2007 20:00:55 -0000 1.65
++++ b/src/core/netif.c 19 Jun 2008 16:27:18 -0000 1.68
+@@ -45,6 +45,12 @@
+ #include "lwip/snmp.h"
+ #include "lwip/igmp.h"
+ #include "netif/etharp.h"
++#if ENABLE_LOOPBACK
++#include "lwip/sys.h"
++#if LWIP_NETIF_LOOPBACK_MULTITHREADING
++#include "lwip/tcpip.h"
++#endif /* LWIP_NETIF_LOOPBACK_MULTITHREADING */
++#endif /* ENABLE_LOOPBACK */
+
+ #if LWIP_NETIF_STATUS_CALLBACK
+ #define NETIF_STATUS_CALLBACK(n) { if (n->status_callback) (n->status_callback)(n); }
+@@ -106,6 +112,10 @@ netif_add(struct netif *netif, struct ip
+ #if LWIP_IGMP
+ netif->igmp_mac_filter = NULL;
+ #endif /* LWIP_IGMP */
++#if ENABLE_LOOPBACK
++ netif->loop_first = NULL;
++ netif->loop_last = NULL;
++#endif /* ENABLE_LOOPBACK */
+
+ /* remember netif specific state information data */
+ netif->state = state;
+@@ -114,6 +124,9 @@ netif_add(struct netif *netif, struct ip
+ #if LWIP_NETIF_HWADDRHINT
+ netif->addr_hint = NULL;
+ #endif /* LWIP_NETIF_HWADDRHINT*/
++#if ENABLE_LOOPBACK && LWIP_LOOPBACK_MAX_PBUFS
++ netif->loop_cnt_current = 0;
++#endif /* ENABLE_LOOPBACK && LWIP_LOOPBACK_MAX_PBUFS */
+
+ netif_set_addr(netif, ipaddr, netmask, gw);
+
+@@ -493,7 +506,158 @@ u8_t netif_is_link_up(struct netif *neti
+ */
+ void netif_set_link_callback(struct netif *netif, void (* link_callback)(struct netif *netif ))
+ {
+- if ( netif )
+- netif->link_callback = link_callback;
++ if (netif) {
++ netif->link_callback = link_callback;
++ }
+ }
+ #endif /* LWIP_NETIF_LINK_CALLBACK */
++
++#if ENABLE_LOOPBACK
++/**
++ * Send an IP packet to be received on the same netif (loopif-like).
++ * The pbuf is simply copied and handed back to netif->input.
++ * In multithreaded mode, this is done directly since netif->input must put
++ * the packet on a queue.
++ * In callback mode, the packet is put on an internal queue and is fed to
++ * netif->input by netif_poll().
++ *
++ * @param netif the lwip network interface structure
++ * @param p the (IP) packet to 'send'
++ * @param ipaddr the ip address to send the packet to (not used)
++ * @return ERR_OK if the packet has been sent
++ * ERR_MEM if the pbuf used to copy the packet couldn't be allocated
++ */
++err_t
++netif_loop_output(struct netif *netif, struct pbuf *p,
++ struct ip_addr *ipaddr)
++{
++ struct pbuf *r;
++ err_t err;
++ struct pbuf *last;
++#if LWIP_LOOPBACK_MAX_PBUFS
++ u8_t clen = 0;
++#endif /* LWIP_LOOPBACK_MAX_PBUFS */
++ SYS_ARCH_DECL_PROTECT(lev);
++ LWIP_UNUSED_ARG(ipaddr);
++
++ /* Allocate a new pbuf */
++ r = pbuf_alloc(PBUF_LINK, p->tot_len, PBUF_RAM);
++ if (r == NULL) {
++ return ERR_MEM;
++ }
++#if LWIP_LOOPBACK_MAX_PBUFS
++ clen = pbuf_clen(r);
++ /* check for overflow or too many pbuf on queue */
++ if(((netif->loop_cnt_current + clen) < netif->loop_cnt_current) ||
++ ((netif->loop_cnt_current + clen) > LWIP_LOOPBACK_MAX_PBUFS)) {
++ pbuf_free(r);
++ r = NULL;
++ return ERR_MEM;
++ }
++ netif->loop_cnt_current += clen;
++#endif /* LWIP_LOOPBACK_MAX_PBUFS */
++
++ /* Copy the whole pbuf queue p into the single pbuf r */
++ if ((err = pbuf_copy(r, p)) != ERR_OK) {
++ pbuf_free(r);
++ r = NULL;
++ return err;
++ }
++
++ /* Put the packet on a linked list which gets emptied through calling
++ netif_poll(). */
++
++ /* let last point to the last pbuf in chain r */
++ for (last = r; last->next != NULL; last = last->next);
++
++ SYS_ARCH_PROTECT(lev);
++ if(netif->loop_first != NULL) {
++ LWIP_ASSERT("if first != NULL, last must also be != NULL", netif->loop_last != NULL);
++ netif->loop_last->next = r;
++ netif->loop_last = last;
++ } else {
++ netif->loop_first = r;
++ netif->loop_last = last;
++ }
++ SYS_ARCH_UNPROTECT(lev);
++
++#if LWIP_NETIF_LOOPBACK_MULTITHREADING
++ /* For multithreading environment, schedule a call to netif_poll */
++ tcpip_callback(netif_poll, netif);
++#endif /* LWIP_NETIF_LOOPBACK_MULTITHREADING */
++
++ return ERR_OK;
++}
++
++/**
++ * Call netif_poll() in the main loop of your application. This is to prevent
++ * reentering non-reentrant functions like tcp_input(). Packets passed to
++ * netif_loop_output() are put on a list that is passed to netif->input() by
++ * netif_poll().
++ */
++void
++netif_poll(struct netif *netif)
++{
++ struct pbuf *in;
++ SYS_ARCH_DECL_PROTECT(lev);
++
++ do {
++ /* Get a packet from the list. With SYS_LIGHTWEIGHT_PROT=1, this is protected */
++ SYS_ARCH_PROTECT(lev);
++ in = netif->loop_first;
++ if(in != NULL) {
++ struct pbuf *in_end = in;
++#if LWIP_LOOPBACK_MAX_PBUFS
++ u8_t clen = pbuf_clen(in);
++ /* adjust the number of pbufs on queue */
++ LWIP_ASSERT("netif->loop_cnt_current underflow",
++ ((netif->loop_cnt_current - clen) < netif->loop_cnt_current));
++ netif->loop_cnt_current -= clen;
++#endif /* LWIP_LOOPBACK_MAX_PBUFS */
++ while(in_end->len != in_end->tot_len) {
++ LWIP_ASSERT("bogus pbuf: len != tot_len but next == NULL!", in_end->next != NULL);
++ in_end = in_end->next;
++ }
++ /* 'in_end' now points to the last pbuf from 'in' */
++ if(in_end == netif->loop_last) {
++ /* this was the last pbuf in the list */
++ netif->loop_first = netif->loop_last = NULL;
++ } else {
++ /* pop the pbuf off the list */
++ netif->loop_first = in_end->next;
++ LWIP_ASSERT("should not be null since first != last!", netif->loop_first != NULL);
++ }
++ /* De-queue the pbuf from its successors on the 'loop_' list. */
++ in_end->next = NULL;
++ }
++ SYS_ARCH_UNPROTECT(lev);
++
++ if(in != NULL) {
++ /* loopback packets are always IP packets! */
++ if(ip_input(in, netif) != ERR_OK) {
++ pbuf_free(in);
++ }
++ /* Don't reference the packet any more! */
++ in = NULL;
++ }
++ /* go on while there is a packet on the list */
++ } while(netif->loop_first != NULL);
++}
++
++#if !LWIP_NETIF_LOOPBACK_MULTITHREADING
++/**
++ * Calls netif_poll() for every netif on the netif_list.
++ */
++void
++netif_poll_all(void)
++{
++ struct netif *netif = netif_list;
++ /* loop through netifs */
++ while (netif != NULL) {
++ netif_poll(netif);
++ /* proceed to next network interface */
++ netif = netif->next;
++ }
++}
++#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */
++#endif /* ENABLE_LOOPBACK */
+Index: src/core/pbuf.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/pbuf.c,v
+retrieving revision 1.127
+retrieving revision 1.128
+diff -u -p -r1.127 -r1.128
+--- a/src/core/pbuf.c 4 Mar 2008 16:37:46 -0000 1.127
++++ b/src/core/pbuf.c 1 Apr 2008 19:05:40 -0000 1.128
+@@ -667,8 +667,8 @@ pbuf_dechain(struct pbuf *p)
+ *
+ * @note Only one packet is copied, no packet queue!
+ *
+- * @param p_to pbuf source of the copy
+- * @param p_from pbuf destination of the copy
++ * @param p_to pbuf destination of the copy
++ * @param p_from pbuf source of the copy
+ *
+ * @return ERR_OK if pbuf was copied
+ * ERR_ARG if one of the pbufs is NULL or p_to is not big
+Index: src/core/stats.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/stats.c,v
+retrieving revision 1.27
+retrieving revision 1.28
+diff -u -p -r1.27 -r1.28
+--- a/src/core/stats.c 4 Mar 2008 16:31:32 -0000 1.27
++++ b/src/core/stats.c 27 Jun 2008 18:37:54 -0000 1.28
+@@ -54,7 +54,6 @@ stats_display_proto(struct stats_proto *
+ {
+ LWIP_PLATFORM_DIAG(("\n%s\n\t", name));
+ LWIP_PLATFORM_DIAG(("xmit: %"STAT_COUNTER_F"\n\t", proto->xmit));
+- LWIP_PLATFORM_DIAG(("rexmit: %"STAT_COUNTER_F"\n\t", proto->rexmit));
+ LWIP_PLATFORM_DIAG(("recv: %"STAT_COUNTER_F"\n\t", proto->recv));
+ LWIP_PLATFORM_DIAG(("fw: %"STAT_COUNTER_F"\n\t", proto->fw));
+ LWIP_PLATFORM_DIAG(("drop: %"STAT_COUNTER_F"\n\t", proto->drop));
+@@ -68,6 +67,7 @@ stats_display_proto(struct stats_proto *
+ LWIP_PLATFORM_DIAG(("cachehit: %"STAT_COUNTER_F"\n", proto->cachehit));
+ }
+
++#if IGMP_STATS
+ void
+ stats_display_igmp(struct stats_igmp *igmp)
+ {
+@@ -82,7 +82,9 @@ stats_display_igmp(struct stats_igmp *ig
+ LWIP_PLATFORM_DIAG(("report_rxed: %"STAT_COUNTER_F"\n\t", igmp->report_rxed));
+ LWIP_PLATFORM_DIAG(("group_query_rxed: %"STAT_COUNTER_F"\n", igmp->group_query_rxed));
+ }
++#endif /* IGMP_STATS */
+
++#if MEM_STATS || MEMP_STATS
+ void
+ stats_display_mem(struct stats_mem *mem, char *name)
+ {
+@@ -93,48 +95,53 @@ stats_display_mem(struct stats_mem *mem,
+ LWIP_PLATFORM_DIAG(("err: %"U32_F"\n", (u32_t)mem->err));
+ }
+
++#if MEMP_STATS
+ void
+-stats_display(void)
++stats_display_memp(struct stats_mem *mem, int index)
+ {
+-#if MEMP_STATS
+- s16_t i;
+ char * memp_names[] = {
+ #define LWIP_MEMPOOL(name,num,size,desc) desc,
+ #include "lwip/memp_std.h"
+ };
+-#endif
+-#if LINK_STATS
+- stats_display_proto(&lwip_stats.link, "LINK");
+-#endif
+-#if ETHARP_STATS
+- stats_display_proto(&lwip_stats.etharp, "ETHARP");
+-#endif
+-#if IPFRAG_STATS
+- stats_display_proto(&lwip_stats.ip_frag, "IP_FRAG");
+-#endif
+-#if IP_STATS
+- stats_display_proto(&lwip_stats.ip, "IP");
+-#endif
+-#if ICMP_STATS
+- stats_display_proto(&lwip_stats.icmp, "ICMP");
+-#endif
+-#if IGMP_STATS
+- stats_display_igmp(&lwip_stats.igmp);
+-#endif
+-#if UDP_STATS
+- stats_display_proto(&lwip_stats.udp, "UDP");
+-#endif
+-#if TCP_STATS
+- stats_display_proto(&lwip_stats.tcp, "TCP");
+-#endif
+-#if MEM_STATS
+- stats_display_mem(&lwip_stats.mem, "HEAP");
+-#endif
+-#if MEMP_STATS
++ if(index < MEMP_MAX) {
++ stats_display_mem(mem, memp_names[index]);
++ }
++}
++#endif /* MEMP_STATS */
++#endif /* MEM_STATS || MEMP_STATS */
++
++#if SYS_STATS
++void
++stats_display_sys(struct stats_sys *sys)
++{
++ LWIP_PLATFORM_DIAG(("\nSYS\n\t"));
++ LWIP_PLATFORM_DIAG(("sem.used: %"U32_F"\n\t", (u32_t)sys->sem.used));
++ LWIP_PLATFORM_DIAG(("sem.max: %"U32_F"\n\t", (u32_t)sys->sem.max));
++ LWIP_PLATFORM_DIAG(("sem.err: %"U32_F"\n\t", (u32_t)sys->sem.err));
++ LWIP_PLATFORM_DIAG(("mbox.used: %"U32_F"\n\t", (u32_t)sys->mbox.used));
++ LWIP_PLATFORM_DIAG(("mbox.max: %"U32_F"\n\t", (u32_t)sys->mbox.max));
++ LWIP_PLATFORM_DIAG(("mbox.err: %"U32_F"\n\t", (u32_t)sys->mbox.err));
++}
++#endif /* SYS_STATS */
++
++void
++stats_display(void)
++{
++ s16_t i;
++
++ LINK_STATS_DISPLAY();
++ ETHARP_STATS_DISPLAY();
++ IPFRAG_STATS_DISPLAY();
++ IP_STATS_DISPLAY();
++ IGMP_STATS_DISPLAY();
++ ICMP_STATS_DISPLAY();
++ UDP_STATS_DISPLAY();
++ TCP_STATS_DISPLAY();
++ MEM_STATS_DISPLAY();
+ for (i = 0; i < MEMP_MAX; i++) {
+- stats_display_mem(&lwip_stats.memp[i], memp_names[i]);
++ MEMP_STATS_DISPLAY(i);
+ }
+-#endif
++ SYS_STATS_DISPLAY();
+ }
+ #endif /* LWIP_STATS_DISPLAY */
+
+Index: src/core/sys.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/sys.c,v
+retrieving revision 1.32
+retrieving revision 1.33
+diff -u -p -r1.32 -r1.33
+--- a/src/core/sys.c 25 Nov 2007 13:57:05 -0000 1.32
++++ b/src/core/sys.c 16 Jul 2008 20:36:12 -0000 1.33
+@@ -65,7 +65,7 @@ struct sswt_cb
+ void
+ sys_mbox_fetch(sys_mbox_t mbox, void **msg)
+ {
+- u32_t time;
++ u32_t time_needed;
+ struct sys_timeouts *timeouts;
+ struct sys_timeo *tmptimeout;
+ sys_timeout_handler h;
+@@ -76,18 +76,18 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m
+
+ if (!timeouts || !timeouts->next) {
+ UNLOCK_TCPIP_CORE();
+- time = sys_arch_mbox_fetch(mbox, msg, 0);
++ time_needed = sys_arch_mbox_fetch(mbox, msg, 0);
+ LOCK_TCPIP_CORE();
+ } else {
+ if (timeouts->next->time > 0) {
+ UNLOCK_TCPIP_CORE();
+- time = sys_arch_mbox_fetch(mbox, msg, timeouts->next->time);
++ time_needed = sys_arch_mbox_fetch(mbox, msg, timeouts->next->time);
+ LOCK_TCPIP_CORE();
+ } else {
+- time = SYS_ARCH_TIMEOUT;
++ time_needed = SYS_ARCH_TIMEOUT;
+ }
+
+- if (time == SYS_ARCH_TIMEOUT) {
++ if (time_needed == SYS_ARCH_TIMEOUT) {
+ /* If time == SYS_ARCH_TIMEOUT, a timeout occured before a message
+ could be fetched. We should now call the timeout handler and
+ deallocate the memory allocated for the timeout. */
+@@ -107,8 +107,8 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m
+ /* If time != SYS_ARCH_TIMEOUT, a message was received before the timeout
+ occured. The time variable is set to the number of
+ milliseconds we waited for the message. */
+- if (time < timeouts->next->time) {
+- timeouts->next->time -= time;
++ if (time_needed < timeouts->next->time) {
++ timeouts->next->time -= time_needed;
+ } else {
+ timeouts->next->time = 0;
+ }
+@@ -125,7 +125,7 @@ sys_mbox_fetch(sys_mbox_t mbox, void **m
+ void
+ sys_sem_wait(sys_sem_t sem)
+ {
+- u32_t time;
++ u32_t time_needed;
+ struct sys_timeouts *timeouts;
+ struct sys_timeo *tmptimeout;
+ sys_timeout_handler h;
+@@ -139,12 +139,12 @@ sys_sem_wait(sys_sem_t sem)
+ sys_arch_sem_wait(sem, 0);
+ } else {
+ if (timeouts->next->time > 0) {
+- time = sys_arch_sem_wait(sem, timeouts->next->time);
++ time_needed = sys_arch_sem_wait(sem, timeouts->next->time);
+ } else {
+- time = SYS_ARCH_TIMEOUT;
++ time_needed = SYS_ARCH_TIMEOUT;
+ }
+
+- if (time == SYS_ARCH_TIMEOUT) {
++ if (time_needed == SYS_ARCH_TIMEOUT) {
+ /* If time == SYS_ARCH_TIMEOUT, a timeout occured before a message
+ could be fetched. We should now call the timeout handler and
+ deallocate the memory allocated for the timeout. */
+@@ -164,8 +164,8 @@ sys_sem_wait(sys_sem_t sem)
+ /* If time != SYS_ARCH_TIMEOUT, a message was received before the timeout
+ occured. The time variable is set to the number of
+ milliseconds we waited for the message. */
+- if (time < timeouts->next->time) {
+- timeouts->next->time -= time;
++ if (time_needed < timeouts->next->time) {
++ timeouts->next->time -= time_needed;
+ } else {
+ timeouts->next->time = 0;
+ }
+Index: src/core/tcp.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/tcp.c,v
+retrieving revision 1.85
+retrieving revision 1.86
+diff -u -p -r1.85 -r1.86
+--- a/src/core/tcp.c 22 Jan 2008 21:15:15 -0000 1.85
++++ b/src/core/tcp.c 26 Mar 2008 11:57:13 -0000 1.86
+@@ -509,7 +509,8 @@ tcp_connect(struct tcp_pcb *pcb, struct
+ pcb->rcv_wnd = TCP_WND;
+ pcb->rcv_ann_wnd = TCP_WND;
+ pcb->snd_wnd = TCP_WND;
+- /* The send MSS is updated when an MSS option is received. */
++ /* As initial send MSS, we use TCP_MSS but limit it to 536.
++ The send MSS is updated when an MSS option is received. */
+ pcb->mss = (TCP_MSS > 536) ? 536 : TCP_MSS;
+ #if TCP_CALCULATE_EFF_SEND_MSS
+ pcb->mss = tcp_eff_send_mss(pcb->mss, ipaddr);
+@@ -991,7 +992,8 @@ tcp_alloc(u8_t prio)
+ pcb->rcv_ann_wnd = TCP_WND;
+ pcb->tos = 0;
+ pcb->ttl = TCP_TTL;
+- /* The send MSS is updated when an MSS option is received. */
++ /* As initial send MSS, we use TCP_MSS but limit it to 536.
++ The send MSS is updated when an MSS option is received. */
+ pcb->mss = (TCP_MSS > 536) ? 536 : TCP_MSS;
+ pcb->rto = 3000 / TCP_SLOW_INTERVAL;
+ pcb->sa = 0;
+Index: src/core/tcp_in.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/tcp_in.c,v
+retrieving revision 1.97
+retrieving revision 1.100
+diff -u -p -r1.97 -r1.100
+--- a/src/core/tcp_in.c 22 Jan 2008 21:15:15 -0000 1.97
++++ b/src/core/tcp_in.c 24 Jun 2008 15:46:39 -0000 1.100
+@@ -511,7 +511,7 @@ tcp_process(struct tcp_pcb *pcb)
+ }
+ } else {
+ if (TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt,
+- pcb->rcv_nxt+pcb->rcv_ann_wnd)) {
++ pcb->rcv_nxt+pcb->rcv_wnd)) {
+ acceptable = 1;
+ }
+ }
+@@ -1038,7 +1038,7 @@ tcp_receive(struct tcp_pcb *pcb)
+ and below rcv_nxt + rcv_wnd) in order to be further
+ processed. */
+ if (TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt,
+- pcb->rcv_nxt + pcb->rcv_ann_wnd - 1)){
++ pcb->rcv_nxt + pcb->rcv_wnd - 1)){
+ if (pcb->rcv_nxt == seqno) {
+ accepted_inseq = 1;
+ /* The incoming segment is the next in sequence. We check if
+@@ -1195,14 +1195,14 @@ tcp_receive(struct tcp_pcb *pcb)
+ } else {
+ pcb->ooseq = cseg;
+ }
+- }
+- tcp_seg_free(next);
+- if (cseg->next != NULL) {
+- next = cseg->next;
+- if (TCP_SEQ_GT(seqno + cseg->len, next->tcphdr->seqno)) {
+- /* We need to trim the incoming segment. */
+- cseg->len = (u16_t)(next->tcphdr->seqno - seqno);
+- pbuf_realloc(cseg->p, cseg->len);
++ tcp_seg_free(next);
++ if (cseg->next != NULL) {
++ next = cseg->next;
++ if (TCP_SEQ_GT(seqno + cseg->len, next->tcphdr->seqno)) {
++ /* We need to trim the incoming segment. */
++ cseg->len = (u16_t)(next->tcphdr->seqno - seqno);
++ pbuf_realloc(cseg->p, cseg->len);
++ }
+ }
+ }
+ break;
+@@ -1282,10 +1282,7 @@ tcp_receive(struct tcp_pcb *pcb)
+
+ }
+ } else {
+- if(!TCP_SEQ_BETWEEN(seqno, pcb->rcv_nxt,
+- pcb->rcv_nxt + pcb->rcv_ann_wnd-1)){
+- tcp_ack_now(pcb);
+- }
++ tcp_ack_now(pcb);
+ }
+ } else {
+ /* Segments with length 0 is taken care of here. Segments that
+@@ -1331,7 +1328,8 @@ tcp_parseopt(struct tcp_pcb *pcb)
+ opts[c + 1] == 0x04) {
+ /* An MSS option with the right option length. */
+ mss = (opts[c + 2] << 8) | opts[c + 3];
+- pcb->mss = mss > TCP_MSS? TCP_MSS: mss;
++ /* Limit the mss to the configured TCP_MSS and prevent division by zero */
++ pcb->mss = ((mss > TCP_MSS) || (mss == 0)) ? TCP_MSS : mss;
+
+ /* And we are done processing options. */
+ break;
+Index: src/core/ipv4/autoip.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/ipv4/autoip.c,v
+retrieving revision 1.16
+retrieving revision 1.17
+diff -u -p -r1.16 -r1.17
+--- a/src/core/ipv4/autoip.c 26 Jan 2008 16:11:40 -0000 1.16
++++ b/src/core/ipv4/autoip.c 17 Jun 2008 20:16:23 -0000 1.17
+@@ -395,8 +395,8 @@ autoip_arp_reply(struct netif *netif, st
+ /* Copy struct ip_addr2 to aligned ip_addr, to support compilers without
+ * structure packing (not using structure copy which breaks strict-aliasing rules).
+ */
+- MEMCPY(&sipaddr, &hdr->sipaddr, sizeof(sipaddr));
+- MEMCPY(&dipaddr, &hdr->dipaddr, sizeof(dipaddr));
++ SMEMCPY(&sipaddr, &hdr->sipaddr, sizeof(sipaddr));
++ SMEMCPY(&dipaddr, &hdr->dipaddr, sizeof(dipaddr));
+
+ if ((netif->autoip->state == AUTOIP_STATE_PROBING) ||
+ ((netif->autoip->state == AUTOIP_STATE_ANNOUNCING) &&
+Index: src/core/ipv4/inet_chksum.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/ipv4/inet_chksum.c,v
+retrieving revision 1.4
+retrieving revision 1.5
+diff -u -p -r1.4 -r1.5
+--- a/src/core/ipv4/inet_chksum.c 10 Mar 2008 16:12:31 -0000 1.4
++++ b/src/core/ipv4/inet_chksum.c 17 Jun 2008 20:06:25 -0000 1.5
+@@ -41,8 +41,6 @@
+ #include "lwip/inet_chksum.h"
+ #include "lwip/inet.h"
+
+-#include <string.h>
+-
+ /* These are some reference implementations of the checksum algorithm, with the
+ * aim of being simple, correct and fully portable. Checksumming is the
+ * first thing you would want to optimize for your platform. If you create
+@@ -65,6 +63,11 @@
+ # define LWIP_CHKSUM_ALGORITHM 0
+ #endif
+
++/** Like the name says... */
++#define SWAP_BYTES_IN_WORD(w) ((w & 0xff) << 8) | ((w & 0xff00) >> 8)
++/** Split an u32_t in two u16_ts and add them up */
++#define FOLD_U32T(u) ((u >> 16) + (u & 0x0000ffffUL))
++
+ #if (LWIP_CHKSUM_ALGORITHM == 1) /* Version #1 */
+ /**
+ * lwip checksum
+@@ -86,8 +89,7 @@ lwip_standard_chksum(void *dataptr, u16_
+ acc = 0;
+ /* dataptr may be at odd or even addresses */
+ octetptr = (u8_t*)dataptr;
+- while (len > 1)
+- {
++ while (len > 1) {
+ /* declare first octet as most significant
+ thus assume network order, ignoring host order */
+ src = (*octetptr) << 8;
+@@ -98,8 +100,7 @@ lwip_standard_chksum(void *dataptr, u16_
+ acc += src;
+ len -= 2;
+ }
+- if (len > 0)
+- {
++ if (len > 0) {
+ /* accumulate remaining octet */
+ src = (*octetptr) << 8;
+ acc += src;
+@@ -154,19 +155,22 @@ lwip_standard_chksum(void *dataptr, int
+ }
+
+ /* Consume left-over byte, if any */
+- if (len > 0)
++ if (len > 0) {
+ ((u8_t *)&t)[0] = *(u8_t *)ps;;
++ }
+
+ /* Add end bytes */
+ sum += t;
+
+- /* Fold 32-bit sum to 16 bits */
+- while ((sum >> 16) != 0)
+- sum = (sum & 0xffff) + (sum >> 16);
++ /* Fold 32-bit sum to 16 bits
++ calling this twice is propably faster than if statements... */
++ sum = FOLD_U32T(sum);
++ sum = FOLD_U32T(sum);
+
+ /* Swap if alignment was odd */
+- if (odd)
+- sum = ((sum & 0xff) << 8) | ((sum & 0xff00) >> 8);
++ if (odd) {
++ sum = SWAP_BYTES_IN_WORD(sum);
++ }
+
+ return sum;
+ }
+@@ -211,18 +215,20 @@ lwip_standard_chksum(void *dataptr, int
+
+ while (len > 7) {
+ tmp = sum + *pl++; /* ping */
+- if (tmp < sum)
++ if (tmp < sum) {
+ tmp++; /* add back carry */
++ }
+
+ sum = tmp + *pl++; /* pong */
+- if (sum < tmp)
++ if (sum < tmp) {
+ sum++; /* add back carry */
++ }
+
+ len -= 8;
+ }
+
+ /* make room in upper bits */
+- sum = (sum >> 16) + (sum & 0xffff);
++ sum = FOLD_U32T(sum);
+
+ ps = (u16_t *)pl;
+
+@@ -233,16 +239,20 @@ lwip_standard_chksum(void *dataptr, int
+ }
+
+ /* dangling tail byte remaining? */
+- if (len > 0) /* include odd byte */
++ if (len > 0) { /* include odd byte */
+ ((u8_t *)&t)[0] = *(u8_t *)ps;
++ }
+
+ sum += t; /* add end bytes */
+
+- while ((sum >> 16) != 0) /* combine halves */
+- sum = (sum >> 16) + (sum & 0xffff);
++ /* Fold 32-bit sum to 16 bits
++ calling this twice is propably faster than if statements... */
++ sum = FOLD_U32T(sum);
++ sum = FOLD_U32T(sum);
+
+- if (odd)
+- sum = ((sum & 0xff) << 8) | ((sum & 0xff00) >> 8);
++ if (odd) {
++ sum = SWAP_BYTES_IN_WORD(sum);
++ }
+
+ return sum;
+ }
+@@ -277,18 +287,18 @@ inet_chksum_pseudo(struct pbuf *p,
+ (void *)q, (void *)q->next));
+ acc += LWIP_CHKSUM(q->payload, q->len);
+ /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): unwrapped lwip_chksum()=%"X32_F" \n", acc));*/
+- while ((acc >> 16) != 0) {
+- acc = (acc & 0xffffUL) + (acc >> 16);
+- }
++ /* just executing this next line is probably faster that the if statement needed
++ to check whether we really need to execute it, and does no harm */
++ acc = FOLD_U32T(acc);
+ if (q->len % 2 != 0) {
+ swapped = 1 - swapped;
+- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8);
++ acc = SWAP_BYTES_IN_WORD(acc);
+ }
+ /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): wrapped lwip_chksum()=%"X32_F" \n", acc));*/
+ }
+
+ if (swapped) {
+- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8);
++ acc = SWAP_BYTES_IN_WORD(acc);
+ }
+ acc += (src->addr & 0xffffUL);
+ acc += ((src->addr >> 16) & 0xffffUL);
+@@ -297,9 +307,10 @@ inet_chksum_pseudo(struct pbuf *p,
+ acc += (u32_t)htons((u16_t)proto);
+ acc += (u32_t)htons(proto_len);
+
+- while ((acc >> 16) != 0) {
+- acc = (acc & 0xffffUL) + (acc >> 16);
+- }
++ /* Fold 32-bit sum to 16 bits
++ calling this twice is propably faster than if statements... */
++ acc = FOLD_U32T(acc);
++ acc = FOLD_U32T(acc);
+ LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): pbuf chain lwip_chksum()=%"X32_F"\n", acc));
+ return (u16_t)~(acc & 0xffffUL);
+ }
+@@ -340,18 +351,17 @@ inet_chksum_pseudo_partial(struct pbuf *
+ chksum_len -= chklen;
+ LWIP_ASSERT("delete me", chksum_len < 0x7fff);
+ /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): unwrapped lwip_chksum()=%"X32_F" \n", acc));*/
+- while ((acc >> 16) != 0) {
+- acc = (acc & 0xffffUL) + (acc >> 16);
+- }
++ /* fold the upper bit down */
++ acc = FOLD_U32T(acc);
+ if (q->len % 2 != 0) {
+ swapped = 1 - swapped;
+- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8);
++ acc = SWAP_BYTES_IN_WORD(acc);
+ }
+ /*LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): wrapped lwip_chksum()=%"X32_F" \n", acc));*/
+ }
+
+ if (swapped) {
+- acc = ((acc & 0xff) << 8) | ((acc & 0xff00UL) >> 8);
++ acc = SWAP_BYTES_IN_WORD(acc);
+ }
+ acc += (src->addr & 0xffffUL);
+ acc += ((src->addr >> 16) & 0xffffUL);
+@@ -360,9 +370,10 @@ inet_chksum_pseudo_partial(struct pbuf *
+ acc += (u32_t)htons((u16_t)proto);
+ acc += (u32_t)htons(proto_len);
+
+- while ((acc >> 16) != 0) {
+- acc = (acc & 0xffffUL) + (acc >> 16);
+- }
++ /* Fold 32-bit sum to 16 bits
++ calling this twice is propably faster than if statements... */
++ acc = FOLD_U32T(acc);
++ acc = FOLD_U32T(acc);
+ LWIP_DEBUGF(INET_DEBUG, ("inet_chksum_pseudo(): pbuf chain lwip_chksum()=%"X32_F"\n", acc));
+ return (u16_t)~(acc & 0xffffUL);
+ }
+@@ -380,13 +391,7 @@ inet_chksum_pseudo_partial(struct pbuf *
+ u16_t
+ inet_chksum(void *dataptr, u16_t len)
+ {
+- u32_t acc;
+-
+- acc = LWIP_CHKSUM(dataptr, len);
+- while ((acc >> 16) != 0) {
+- acc = (acc & 0xffff) + (acc >> 16);
+- }
+- return (u16_t)~(acc & 0xffff);
++ return ~LWIP_CHKSUM(dataptr, len);
+ }
+
+ /**
+@@ -407,17 +412,15 @@ inet_chksum_pbuf(struct pbuf *p)
+ swapped = 0;
+ for(q = p; q != NULL; q = q->next) {
+ acc += LWIP_CHKSUM(q->payload, q->len);
+- while ((acc >> 16) != 0) {
+- acc = (acc & 0xffffUL) + (acc >> 16);
+- }
++ acc = FOLD_U32T(acc);
+ if (q->len % 2 != 0) {
+ swapped = 1 - swapped;
+- acc = (acc & 0x00ffUL << 8) | (acc & 0xff00UL >> 8);
++ acc = SWAP_BYTES_IN_WORD(acc);
+ }
+ }
+
+ if (swapped) {
+- acc = ((acc & 0x00ffUL) << 8) | ((acc & 0xff00UL) >> 8);
++ acc = SWAP_BYTES_IN_WORD(acc);
+ }
+ return (u16_t)~(acc & 0xffffUL);
+ }
+Index: src/core/ipv4/ip.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/core/ipv4/ip.c,v
+retrieving revision 1.66
+retrieving revision 1.68
+diff -u -p -r1.66 -r1.68
+--- a/src/core/ipv4/ip.c 14 Jan 2008 20:53:23 -0000 1.66
++++ b/src/core/ipv4/ip.c 17 Jun 2008 19:39:22 -0000 1.68
+@@ -531,9 +531,19 @@ ip_output_if(struct pbuf *p, struct ip_a
+ LWIP_DEBUGF(IP_DEBUG, ("ip_output_if: %c%c%"U16_F"\n", netif->name[0], netif->name[1], netif->num));
+ ip_debug_print(p);
+
+- LWIP_DEBUGF(IP_DEBUG, ("netif->output()"));
++#if (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF)
++ if (ip_addr_cmp(dest, &netif->ip_addr)) {
++ /* Packet to self, enqueue it for loopback */
++ LWIP_DEBUGF(IP_DEBUG, ("netif_loop_output()"));
++
++ return netif_loop_output(netif, p, dest);
++ } else
++#endif /* (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF) */
++ {
++ LWIP_DEBUGF(IP_DEBUG, ("netif->output()"));
+
+- return netif->output(netif, p, dest);
++ return netif->output(netif, p, dest);
++ }
+ }
+
+ /**
+Index: src/include/lwip/debug.h
+===================================================================
+RCS file: /sources/lwip/lwip/src/include/lwip/debug.h,v
+retrieving revision 1.37
+retrieving revision 1.39
+diff -u -p -r1.37 -r1.39
+--- a/src/include/lwip/debug.h 22 Sep 2007 11:16:07 -0000 1.37
++++ b/src/include/lwip/debug.h 16 Jul 2008 20:36:22 -0000 1.39
+@@ -61,26 +61,28 @@
+ #define LWIP_DBG_HALT 0x08U
+
+ #ifndef LWIP_NOASSERT
+-#define LWIP_ASSERT(x,y) do { if(!(y)) LWIP_PLATFORM_ASSERT(x); } while(0)
++#define LWIP_ASSERT(message, assertion) do { if(!(assertion)) \
++ LWIP_PLATFORM_ASSERT(message); } while(0)
+ #else /* LWIP_NOASSERT */
+-#define LWIP_ASSERT(x,y)
++#define LWIP_ASSERT(message, assertion)
+ #endif /* LWIP_NOASSERT */
+
+-/** print "m" message only if "e" is true, and execute "h" expression */
++/** if "expression" isn't true, then print "message" and execute "handler" expression */
+ #ifndef LWIP_ERROR
+-#define LWIP_ERROR(m,e,h) do { if (!(e)) { LWIP_PLATFORM_ASSERT(m); h;}} while(0)
++#define LWIP_ERROR(message, expression, handler) do { if (!(expression)) { \
++ LWIP_PLATFORM_ASSERT(message); handler;}} while(0)
+ #endif /* LWIP_ERROR */
+
+ #ifdef LWIP_DEBUG
+ /** print debug message only if debug message type is enabled...
+ * AND is of correct type AND is at least LWIP_DBG_LEVEL
+ */
+-#define LWIP_DEBUGF(debug,x) do { \
++#define LWIP_DEBUGF(debug, message) do { \
+ if ( \
+ ((debug) & LWIP_DBG_ON) && \
+ ((debug) & LWIP_DBG_TYPES_ON) && \
+ ((s16_t)((debug) & LWIP_DBG_MASK_LEVEL) >= LWIP_DBG_MIN_LEVEL)) { \
+- LWIP_PLATFORM_DIAG(x); \
++ LWIP_PLATFORM_DIAG(message); \
+ if ((debug) & LWIP_DBG_HALT) { \
+ while(1); \
+ } \
+@@ -88,7 +90,7 @@
+ } while(0)
+
+ #else /* LWIP_DEBUG */
+-#define LWIP_DEBUGF(debug,x)
++#define LWIP_DEBUGF(debug, message)
+ #endif /* LWIP_DEBUG */
+
+ #endif /* __LWIP_DEBUG_H__ */
+Index: src/include/lwip/err.h
+===================================================================
+RCS file: /sources/lwip/lwip/src/include/lwip/err.h,v
+retrieving revision 1.13
+retrieving revision 1.15
+diff -u -p -r1.13 -r1.15
+--- a/src/include/lwip/err.h 13 Dec 2007 23:06:50 -0000 1.13
++++ b/src/include/lwip/err.h 17 Jun 2008 20:27:32 -0000 1.15
+@@ -33,37 +33,43 @@
+ #define __LWIP_ERR_H__
+
+ #include "lwip/opt.h"
++#include "lwip/arch.h"
+
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+
+-typedef s8_t err_t;
++/** Define LWIP_ERR_T in cc.h if you want to use
++ * a different type for your platform (must be signed). */
++#ifdef LWIP_ERR_T
++typedef LWIP_ERR_T err_t;
++#else /* LWIP_ERR_T */
++ typedef s8_t err_t;
++#endif /* LWIP_ERR_T*/
+
+ /* Definitions for error constants. */
+
+ #define ERR_OK 0 /* No error, everything OK. */
+ #define ERR_MEM -1 /* Out of memory error. */
+ #define ERR_BUF -2 /* Buffer error. */
+-#define ERR_RTE -3 /* Routing problem. */
++#define ERR_TIMEOUT -3 /* Timeout. */
++#define ERR_RTE -4 /* Routing problem. */
+
+ #define ERR_IS_FATAL(e) ((e) < ERR_RTE)
+
+-#define ERR_ABRT -4 /* Connection aborted. */
+-#define ERR_RST -5 /* Connection reset. */
+-#define ERR_CLSD -6 /* Connection closed. */
+-#define ERR_CONN -7 /* Not connected. */
++#define ERR_ABRT -5 /* Connection aborted. */
++#define ERR_RST -6 /* Connection reset. */
++#define ERR_CLSD -7 /* Connection closed. */
++#define ERR_CONN -8 /* Not connected. */
+
+-#define ERR_VAL -8 /* Illegal value. */
++#define ERR_VAL -9 /* Illegal value. */
+
+-#define ERR_ARG -9 /* Illegal argument. */
++#define ERR_ARG -10 /* Illegal argument. */
+
+-#define ERR_USE -10 /* Address in use. */
++#define ERR_USE -11 /* Address in use. */
+
+-#define ERR_IF -11 /* Low-level netif error */
+-#define ERR_ISCONN -12 /* Already connected. */
+-
+-#define ERR_TIMEOUT -13 /* Timeout. */
++#define ERR_IF -12 /* Low-level netif error */
++#define ERR_ISCONN -13 /* Already connected. */
+
+ #define ERR_INPROGRESS -14 /* Operation in progress */
+
+Index: src/include/lwip/mem.h
+===================================================================
+RCS file: /sources/lwip/lwip/src/include/lwip/mem.h,v
+retrieving revision 1.21
+retrieving revision 1.22
+diff -u -p -r1.21 -r1.22
+--- a/src/include/lwip/mem.h 4 Mar 2008 16:31:32 -0000 1.21
++++ b/src/include/lwip/mem.h 30 May 2008 11:37:15 -0000 1.22
+@@ -50,16 +50,16 @@ typedef size_t mem_size_t;
+ * allow these defines to be overridden.
+ */
+ #ifndef mem_free
+-#define mem_free(x) free(x)
++#define mem_free free
+ #endif
+ #ifndef mem_malloc
+-#define mem_malloc(x) malloc(x)
++#define mem_malloc malloc
+ #endif
+ #ifndef mem_calloc
+-#define mem_calloc(x, y) calloc(x, y)
++#define mem_calloc calloc
+ #endif
+ #ifndef mem_realloc
+-#define mem_realloc(x, size) (x)
++#define mem_realloc realloc
+ #endif
+ #else /* MEM_LIBC_MALLOC */
+
+Index: src/include/lwip/netif.h
+===================================================================
+RCS file: /sources/lwip/lwip/src/include/lwip/netif.h,v
+retrieving revision 1.43
+retrieving revision 1.46
+diff -u -p -r1.43 -r1.46
+--- a/src/include/lwip/netif.h 9 Oct 2007 19:59:59 -0000 1.43
++++ b/src/include/lwip/netif.h 19 Jun 2008 16:27:23 -0000 1.46
+@@ -34,6 +34,8 @@
+
+ #include "lwip/opt.h"
+
++#define ENABLE_LOOPBACK (LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF)
++
+ #include "lwip/err.h"
+
+ #include "lwip/ip_addr.h"
+@@ -165,6 +167,14 @@ struct netif {
+ #if LWIP_NETIF_HWADDRHINT
+ u8_t *addr_hint;
+ #endif /* LWIP_NETIF_HWADDRHINT */
++#if ENABLE_LOOPBACK
++ /* List of packets to be queued for ourselves. */
++ struct pbuf *loop_first;
++ struct pbuf *loop_last;
++#if LWIP_LOOPBACK_MAX_PBUFS
++ u16_t loop_cnt_current;
++#endif /* LWIP_LOOPBACK_MAX_PBUFS */
++#endif /* ENABLE_LOOPBACK */
+ };
+
+ #if LWIP_SNMP
+@@ -242,4 +252,12 @@ void netif_set_link_callback(struct neti
+ }
+ #endif
+
++#if ENABLE_LOOPBACK
++err_t netif_loop_output(struct netif *netif, struct pbuf *p, struct ip_addr *dest_ip);
++void netif_poll(struct netif *netif);
++#if !LWIP_NETIF_LOOPBACK_MULTITHREADING
++void netif_poll_all(void);
++#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */
++#endif /* ENABLE_LOOPBACK */
++
+ #endif /* __LWIP_NETIF_H__ */
+Index: src/include/lwip/opt.h
+===================================================================
+RCS file: /sources/lwip/lwip/src/include/lwip/opt.h,v
+retrieving revision 1.116
+retrieving revision 1.122
+diff -u -p -r1.116 -r1.122
+--- a/src/include/lwip/opt.h 31 Jan 2008 18:19:29 -0000 1.116
++++ b/src/include/lwip/opt.h 30 Jun 2008 18:16:52 -0000 1.122
+@@ -155,6 +155,27 @@
+ #define MEMP_USE_CUSTOM_POOLS 0
+ #endif
+
++/**
++ * Set this to 1 if you want to free PBUF_RAM pbufs (or call mem_free()) from
++ * interrupt context (or another context that doesn't allow waiting for a
++ * semaphore).
++ * If set to 1, mem_malloc will be protected by a semaphore and SYS_ARCH_PROTECT,
++ * while mem_free will only use SYS_ARCH_PROTECT. mem_malloc SYS_ARCH_UNPROTECTs
++ * with each loop so that mem_free can run.
++ *
++ * ATTENTION: As you can see from the above description, this leads to dis-/
++ * enabling interrupts often, which can be slow! Also, on low memory, mem_malloc
++ * can need longer.
++ *
++ * If you don't want that, at least for NO_SYS=0, you can still use the following
++ * functions to enqueue a deallocation call which then runs in the tcpip_thread
++ * context:
++ * - pbuf_free_callback(p);
++ * - mem_free_callback(m);
++ */
++#ifndef LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT
++#define LWIP_ALLOW_MEM_FREE_FROM_OTHER_CONTEXT 0
++#endif
+
+ /*
+ ------------------------------------------------
+@@ -815,6 +836,39 @@
+ #define LWIP_NETIF_HWADDRHINT 0
+ #endif
+
++/**
++ * LWIP_NETIF_LOOPBACK==1: Support sending packets with a destination IP
++ * address equal to the netif IP address, looping them back up the stack.
++ */
++#ifndef LWIP_NETIF_LOOPBACK
++#define LWIP_NETIF_LOOPBACK 0
++#endif
++
++/**
++ * LWIP_LOOPBACK_MAX_PBUFS: Maximum number of pbufs on queue for loopback
++ * sending for each netif (0 = disabled)
++ */
++#ifndef LWIP_LOOPBACK_MAX_PBUFS
++#define LWIP_LOOPBACK_MAX_PBUFS 0
++#endif
++
++/**
++ * LWIP_NETIF_LOOPBACK_MULTITHREADING: Indicates whether threading is enabled in
++ * the system, as netifs must change how they behave depending on this setting
++ * for the LWIP_NETIF_LOOPBACK option to work.
++ * Setting this is needed to avoid reentering non-reentrant functions like
++ * tcp_input().
++ * LWIP_NETIF_LOOPBACK_MULTITHREADING==1: Indicates that the user is using a
++ * multithreaded environment like tcpip.c. In this case, netif->input()
++ * is called directly.
++ * LWIP_NETIF_LOOPBACK_MULTITHREADING==0: Indicates a polling (or NO_SYS) setup.
++ * The packets are put on a list and netif_poll() must be called in
++ * the main application loop.
++ */
++#ifndef LWIP_NETIF_LOOPBACK_MULTITHREADING
++#define LWIP_NETIF_LOOPBACK_MULTITHREADING (!NO_SYS)
++#endif
++
+ /*
+ ------------------------------------
+ ---------- LOOPIF options ----------
+@@ -827,20 +881,16 @@
+ #define LWIP_HAVE_LOOPIF 0
+ #endif
+
++/*
++ ------------------------------------
++ ---------- SLIPIF options ----------
++ ------------------------------------
++*/
+ /**
+- * LWIP_LOOPIF_MULTITHREADING: Indicates whether threading is enabled in
+- * the system, as LOOPIF must change how it behaves depending on this setting.
+- * Setting this is needed to avoid reentering non-reentrant functions like
+- * tcp_input().
+- * LWIP_LOOPIF_MULTITHREADING==1: Indicates that the user is using a
+- * multithreaded environment like tcpip.c. In this case, netif->input()
+- * is called directly.
+- * LWIP_LOOPIF_MULTITHREADING==0: Indicates a polling (or NO_SYS) setup.
+- * The packets are put on a list and loopif_poll() must be called in
+- * the main application loop.
++ * LWIP_HAVE_SLIPIF==1: Support slip interface and slipif.c
+ */
+-#ifndef LWIP_LOOPIF_MULTITHREADING
+-#define LWIP_LOOPIF_MULTITHREADING 1
++#ifndef LWIP_HAVE_SLIPIF
++#define LWIP_HAVE_SLIPIF 0
+ #endif
+
+ /*
+Index: src/include/lwip/sio.h
+===================================================================
+RCS file: /sources/lwip/lwip/src/include/lwip/sio.h,v
+retrieving revision 1.7
+retrieving revision 1.8
+diff -u -p -r1.7 -r1.8
+--- a/src/include/lwip/sio.h 6 Sep 2007 16:43:44 -0000 1.7
++++ b/src/include/lwip/sio.h 27 Mar 2008 18:06:02 -0000 1.8
+@@ -32,16 +32,24 @@
+ * It needs to be implemented by those platforms which need SLIP or PPP
+ */
+
++#ifndef __SIO_H__
++#define __SIO_H__
++
+ #include "lwip/arch.h"
+
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+
++/* If you want to define sio_fd_t elsewhere or differently,
++ define this in your cc.h file. */
+ #ifndef __sio_fd_t_defined
+ typedef void * sio_fd_t;
+ #endif
+
++/* The following functions can be defined to something else in your cc.h file
++ or be implemented in your custom sio.c file. */
++
+ #ifndef sio_open
+ sio_fd_t sio_open(u8_t);
+ #endif
+@@ -69,3 +77,5 @@ void sio_read_abort(sio_fd_t);
+ #ifdef __cplusplus
+ }
+ #endif
++
++#endif /* __SIO_H__ */
+Index: src/include/lwip/sockets.h
+===================================================================
+RCS file: /sources/lwip/lwip/src/include/lwip/sockets.h,v
+retrieving revision 1.38
+retrieving revision 1.39
+diff -u -p -r1.38 -r1.39
+--- a/src/include/lwip/sockets.h 2 Dec 2007 15:24:02 -0000 1.38
++++ b/src/include/lwip/sockets.h 26 Apr 2008 10:46:23 -0000 1.39
+@@ -177,7 +177,22 @@ typedef struct ip_mreq {
+ } ip_mreq;
+ #endif /* LWIP_IGMP */
+
+-/* Unimplemented for now... */
++/*
++ * The Type of Service provides an indication of the abstract
++ * parameters of the quality of service desired. These parameters are
++ * to be used to guide the selection of the actual service parameters
++ * when transmitting a datagram through a particular network. Several
++ * networks offer service precedence, which somehow treats high
++ * precedence traffic as more important than other traffic (generally
++ * by accepting only traffic above a certain precedence at time of high
++ * load). The major choice is a three way tradeoff between low-delay,
++ * high-reliability, and high-throughput.
++ * The use of the Delay, Throughput, and Reliability indications may
++ * increase the cost (in some sense) of the service. In many networks
++ * better performance for one of these parameters is coupled with worse
++ * performance on another. Except for very unusual cases at most two
++ * of these three indications should be set.
++ */
+ #define IPTOS_TOS_MASK 0x1E
+ #define IPTOS_TOS(tos) ((tos) & IPTOS_TOS_MASK)
+ #define IPTOS_LOWDELAY 0x10
+@@ -187,7 +202,13 @@ typedef struct ip_mreq {
+ #define IPTOS_MINCOST IPTOS_LOWCOST
+
+ /*
+- * Definitions for IP precedence (also in ip_tos) (Unimplemented)
++ * The Network Control precedence designation is intended to be used
++ * within a network only. The actual use and control of that
++ * designation is up to each network. The Internetwork Control
++ * designation is intended for use by gateway control originators only.
++ * If the actual use of these precedence designations is of concern to
++ * a particular network, it is the responsibility of that network to
++ * control the access to, and use of, those precedence designations.
+ */
+ #define IPTOS_PREC_MASK 0xe0
+ #define IPTOS_PREC(tos) ((tos) & IPTOS_PREC_MASK)
+Index: src/include/lwip/stats.h
+===================================================================
+RCS file: /sources/lwip/lwip/src/include/lwip/stats.h,v
+retrieving revision 1.19
+retrieving revision 1.23
+diff -u -p -r1.19 -r1.23
+--- a/src/include/lwip/stats.h 28 Nov 2007 21:25:07 -0000 1.19
++++ b/src/include/lwip/stats.h 8 Jul 2008 09:15:57 -0000 1.23
+@@ -57,7 +57,6 @@ extern "C" {
+
+ struct stats_proto {
+ STAT_COUNTER xmit; /* Transmitted packets. */
+- STAT_COUNTER rexmit; /* Retransmitted packets. */
+ STAT_COUNTER recv; /* Received packets. */
+ STAT_COUNTER fw; /* Forwarded packets. */
+ STAT_COUNTER drop; /* Dropped packets. */
+@@ -87,7 +86,8 @@ struct stats_mem {
+ mem_size_t avail;
+ mem_size_t used;
+ mem_size_t max;
+- mem_size_t err;
++ STAT_COUNTER err;
++ STAT_COUNTER illegal;
+ };
+
+ struct stats_syselem {
+@@ -142,64 +142,138 @@ extern struct stats_ lwip_stats;
+ #define stats_init() /* Compatibility define, not init needed. */
+
+ #define STATS_INC(x) ++lwip_stats.x
++#define STATS_DEC(x) --lwip_stats.x
+ #else
+ #define stats_init()
+ #define STATS_INC(x)
++#define STATS_DEC(x)
+ #endif /* LWIP_STATS */
+
+ #if TCP_STATS
+ #define TCP_STATS_INC(x) STATS_INC(x)
++#define TCP_STATS_DISPLAY() stats_display_proto(&lwip_stats.tcp, "TCP")
+ #else
+ #define TCP_STATS_INC(x)
++#define TCP_STATS_DISPLAY()
+ #endif
+
+ #if UDP_STATS
+ #define UDP_STATS_INC(x) STATS_INC(x)
++#define UDP_STATS_DISPLAY() stats_display_proto(&lwip_stats.udp, "UDP")
+ #else
+ #define UDP_STATS_INC(x)
++#define UDP_STATS_DISPLAY()
+ #endif
+
+ #if ICMP_STATS
+ #define ICMP_STATS_INC(x) STATS_INC(x)
++#define ICMP_STATS_DISPLAY() stats_display_proto(&lwip_stats.icmp, "ICMP")
+ #else
+ #define ICMP_STATS_INC(x)
++#define ICMP_STATS_DISPLAY()
+ #endif
+
+ #if IGMP_STATS
+ #define IGMP_STATS_INC(x) STATS_INC(x)
++#define IGMP_STATS_DISPLAY() stats_display_igmp(&lwip_stats.igmp)
+ #else
+ #define IGMP_STATS_INC(x)
++#define IGMP_STATS_DISPLAY()
+ #endif
+
+ #if IP_STATS
+ #define IP_STATS_INC(x) STATS_INC(x)
++#define IP_STATS_DISPLAY() stats_display_proto(&lwip_stats.ip, "IP")
+ #else
+ #define IP_STATS_INC(x)
++#define IP_STATS_DISPLAY()
+ #endif
+
+ #if IPFRAG_STATS
+ #define IPFRAG_STATS_INC(x) STATS_INC(x)
++#define IPFRAG_STATS_DISPLAY() stats_display_proto(&lwip_stats.ip_frag, "IP_FRAG")
+ #else
+ #define IPFRAG_STATS_INC(x)
++#define IPFRAG_STATS_DISPLAY()
+ #endif
+
+ #if ETHARP_STATS
+ #define ETHARP_STATS_INC(x) STATS_INC(x)
++#define ETHARP_STATS_DISPLAY() stats_display_proto(&lwip_stats.etharp, "ETHARP")
+ #else
+ #define ETHARP_STATS_INC(x)
++#define ETHARP_STATS_DISPLAY()
+ #endif
+
+ #if LINK_STATS
+ #define LINK_STATS_INC(x) STATS_INC(x)
++#define LINK_STATS_DISPLAY() stats_display_proto(&lwip_stats.link, "LINK")
+ #else
+ #define LINK_STATS_INC(x)
++#define LINK_STATS_DISPLAY()
++#endif
++
++#if MEM_STATS
++#define MEM_STATS_AVAIL(x, y) lwip_stats.mem.x = y
++#define MEM_STATS_INC(x) STATS_INC(mem.x)
++#define MEM_STATS_INC_USED(x, y) do { lwip_stats.mem.used += y; \
++ if (lwip_stats.mem.max < lwip_stats.mem.used) { \
++ lwip_stats.mem.max = lwip_stats.mem.used; \
++ } \
++ } while(0)
++#define MEM_STATS_DEC_USED(x, y) lwip_stats.mem.x -= y
++#define MEM_STATS_DISPLAY() stats_display_mem(&lwip_stats.mem, "HEAP")
++#else
++#define MEM_STATS_AVAIL(x, y)
++#define MEM_STATS_INC(x)
++#define MEM_STATS_INC_USED(x, y)
++#define MEM_STATS_DEC_USED(x, y)
++#define MEM_STATS_DISPLAY()
++#endif
++
++#if MEMP_STATS
++#define MEMP_STATS_AVAIL(x, i, y) lwip_stats.memp[i].x = y
++#define MEMP_STATS_INC(x, i) STATS_INC(memp[i].x)
++#define MEMP_STATS_DEC(x, i) STATS_DEC(memp[i].x)
++#define MEMP_STATS_INC_USED(x, i) do { ++lwip_stats.memp[i].used; \
++ if (lwip_stats.memp[i].max < lwip_stats.memp[i].used) { \
++ lwip_stats.memp[i].max = lwip_stats.memp[i].used; \
++ } \
++ } while(0)
++#define MEMP_STATS_DISPLAY(i) stats_display_memp(&lwip_stats.memp[i], i)
++#else
++#define MEMP_STATS_AVAIL(x, i, y)
++#define MEMP_STATS_INC(x, i)
++#define MEMP_STATS_DEC(x, i)
++#define MEMP_STATS_INC_USED(x, i)
++#define MEMP_STATS_DISPLAY(i)
++#endif
++
++#if SYS_STATS
++#define SYS_STATS_INC(x) STATS_INC(sys.x)
++#define SYS_STATS_DEC(x) STATS_DEC(sys.x)
++#define SYS_STATS_DISPLAY() stats_display_sys(&lwip_stats.sys)
++#else
++#define SYS_STATS_INC(x)
++#define SYS_STATS_DEC(x)
++#define SYS_STATS_DISPLAY()
+ #endif
+
+ /* Display of statistics */
+ #if LWIP_STATS_DISPLAY
+ void stats_display(void);
++void stats_display_proto(struct stats_proto *proto, char *name);
++void stats_display_igmp(struct stats_igmp *igmp);
++void stats_display_mem(struct stats_mem *mem, char *name);
++void stats_display_memp(struct stats_mem *mem, int index);
++void stats_display_sys(struct stats_sys *sys);
+ #else
+ #define stats_display()
++#define stats_display_proto(proto, name)
++#define stats_display_igmp(igmp)
++#define stats_display_mem(mem, name)
++#define stats_display_memp(mem, index)
++#define stats_display_sys(sys)
+ #endif /* LWIP_STATS_DISPLAY */
+
+ #ifdef __cplusplus
+Index: src/include/lwip/tcpip.h
+===================================================================
+RCS file: /sources/lwip/lwip/src/include/lwip/tcpip.h,v
+retrieving revision 1.24
+retrieving revision 1.27
+diff -u -p -r1.24 -r1.27
+--- a/src/include/lwip/tcpip.h 12 Jan 2008 11:52:22 -0000 1.24
++++ b/src/include/lwip/tcpip.h 27 Jun 2008 20:34:55 -0000 1.27
+@@ -83,7 +83,11 @@ err_t tcpip_netifapi_lock(struct netifap
+ #endif /* LWIP_NETIF_API */
+
+ err_t tcpip_callback_with_block(void (*f)(void *ctx), void *ctx, u8_t block);
+-#define tcpip_callback(f,ctx) tcpip_callback_with_block(f,ctx,1)
++#define tcpip_callback(f, ctx) tcpip_callback_with_block(f, ctx, 1)
++
++/* free pbufs or heap memory from another context without blocking */
++err_t pbuf_free_callback(struct pbuf *p);
++err_t mem_free_callback(void *m);
+
+ err_t tcpip_timeout(u32_t msecs, sys_timeout_handler h, void *arg);
+ #define tcpip_untimeout(h, arg) tcpip_timeout(0xffffffff, h, arg)
+Index: src/include/netif/loopif.h
+===================================================================
+RCS file: /sources/lwip/lwip/src/include/netif/loopif.h,v
+retrieving revision 1.7
+retrieving revision 1.9
+diff -u -p -r1.7 -r1.9
+--- a/src/include/netif/loopif.h 10 May 2007 10:59:20 -0000 1.7
++++ b/src/include/netif/loopif.h 17 Jun 2008 20:12:22 -0000 1.9
+@@ -32,6 +32,7 @@
+ #ifndef __NETIF_LOOPIF_H__
+ #define __NETIF_LOOPIF_H__
+
++#include "lwip/opt.h"
+ #include "lwip/netif.h"
+ #include "lwip/err.h"
+
+@@ -39,9 +40,9 @@
+ extern "C" {
+ #endif
+
+-#if !LWIP_LOOPIF_MULTITHREADING
+-void loopif_poll(struct netif *netif);
+-#endif
++#if !LWIP_NETIF_LOOPBACK_MULTITHREADING
++#define loopif_poll netif_poll
++#endif /* !LWIP_NETIF_LOOPBACK_MULTITHREADING */
+
+ err_t loopif_init(struct netif *netif);
+
+Index: src/netif/etharp.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/netif/etharp.c,v
+retrieving revision 1.145
+retrieving revision 1.148
+diff -u -p -r1.145 -r1.148
+--- a/src/netif/etharp.c 4 Mar 2008 13:41:24 -0000 1.145
++++ b/src/netif/etharp.c 19 Jun 2008 16:40:59 -0000 1.148
+@@ -353,7 +353,7 @@ find_entry(struct ip_addr *ipaddr, u8_t
+ * 1) empty entry
+ * 2) oldest stable entry
+ * 3) oldest pending entry without queued packets
+- * 4) oldest pending entry without queued packets
++ * 4) oldest pending entry with queued packets
+ *
+ * { ETHARP_TRY_HARD is set at this point }
+ */
+@@ -1130,7 +1130,14 @@ ethernet_input(struct pbuf *p, struct ne
+
+ /* points to packet payload, which starts with an Ethernet header */
+ ethhdr = p->payload;
+-
++ LWIP_DEBUGF(ETHARP_DEBUG | LWIP_DBG_TRACE,
++ ("ethernet_input: dest:%02x:%02x:%02x:%02x:%02x:%02x, src:%02x:%02x:%02x:%02x:%02x:%02x, type:%2hx\n",
++ (unsigned)ethhdr->dest.addr[0], (unsigned)ethhdr->dest.addr[1], (unsigned)ethhdr->dest.addr[2],
++ (unsigned)ethhdr->dest.addr[3], (unsigned)ethhdr->dest.addr[4], (unsigned)ethhdr->dest.addr[5],
++ (unsigned)ethhdr->src.addr[0], (unsigned)ethhdr->src.addr[1], (unsigned)ethhdr->src.addr[2],
++ (unsigned)ethhdr->src.addr[3], (unsigned)ethhdr->src.addr[4], (unsigned)ethhdr->src.addr[5],
++ (unsigned)htons(ethhdr->type)));
++
+ switch (htons(ethhdr->type)) {
+ /* IP packet? */
+ case ETHTYPE_IP:
+@@ -1165,6 +1172,8 @@ ethernet_input(struct pbuf *p, struct ne
+ #endif /* PPPOE_SUPPORT */
+
+ default:
++ ETHARP_STATS_INC(etharp.proterr);
++ ETHARP_STATS_INC(etharp.drop);
+ pbuf_free(p);
+ p = NULL;
+ break;
+Index: src/netif/loopif.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/netif/loopif.c,v
+retrieving revision 1.26
+retrieving revision 1.27
+diff -u -p -r1.26 -r1.27
+--- a/src/netif/loopif.c 31 Aug 2007 10:14:09 -0000 1.26
++++ b/src/netif/loopif.c 12 Jun 2008 20:10:10 -0000 1.27
+@@ -40,149 +40,8 @@
+ #if LWIP_HAVE_LOOPIF
+
+ #include "netif/loopif.h"
+-#include "lwip/pbuf.h"
+ #include "lwip/snmp.h"
+
+-#include <string.h>
+-
+-#if !LWIP_LOOPIF_MULTITHREADING
+-
+-#include "lwip/sys.h"
+-#include "lwip/mem.h"
+-
+-/* helper struct for the linked list of pbufs */
+-struct loopif_private {
+- struct pbuf *first;
+- struct pbuf *last;
+-};
+-
+-/**
+- * Call loopif_poll() in the main loop of your application. This is to prevent
+- * reentering non-reentrant functions like tcp_input(). Packets passed to
+- * loopif_output() are put on a list that is passed to netif->input() by
+- * loopif_poll().
+- *
+- * @param netif the lwip network interface structure for this loopif
+- */
+-void
+-loopif_poll(struct netif *netif)
+-{
+- SYS_ARCH_DECL_PROTECT(lev);
+- struct pbuf *in, *in_end;
+- struct loopif_private *priv = (struct loopif_private*)netif->state;
+-
+- LWIP_ERROR("priv != NULL", (priv != NULL), return;);
+-
+- do {
+- /* Get a packet from the list. With SYS_LIGHTWEIGHT_PROT=1, this is protected */
+- SYS_ARCH_PROTECT(lev);
+- in = priv->first;
+- if(in) {
+- in_end = in;
+- while(in_end->len != in_end->tot_len) {
+- LWIP_ASSERT("bogus pbuf: len != tot_len but next == NULL!", in_end->next != NULL);
+- in_end = in_end->next;
+- }
+- /* 'in_end' now points to the last pbuf from 'in' */
+- if(in_end == priv->last) {
+- /* this was the last pbuf in the list */
+- priv->first = priv->last = NULL;
+- } else {
+- /* pop the pbuf off the list */
+- priv->first = in_end->next;
+- LWIP_ASSERT("should not be null since first != last!", priv->first != NULL);
+- }
+- }
+- SYS_ARCH_UNPROTECT(lev);
+-
+- if(in != NULL) {
+- if(in_end->next != NULL) {
+- /* De-queue the pbuf from its successors on the 'priv' list. */
+- in_end->next = NULL;
+- }
+- if(netif->input(in, netif) != ERR_OK) {
+- pbuf_free(in);
+- }
+- /* Don't reference the packet any more! */
+- in = NULL;
+- in_end = NULL;
+- }
+- /* go on while there is a packet on the list */
+- } while(priv->first != NULL);
+-}
+-#endif /* LWIP_LOOPIF_MULTITHREADING */
+-
+-/**
+- * Send an IP packet over the loopback interface.
+- * The pbuf is simply copied and handed back to netif->input.
+- * In multithreaded mode, this is done directly since netif->input must put
+- * the packet on a queue.
+- * In callback mode, the packet is put on an internal queue and is fed to
+- * netif->input by loopif_poll().
+- *
+- * @param netif the lwip network interface structure for this loopif
+- * @param p the (IP) packet to 'send'
+- * @param ipaddr the ip address to send the packet to (not used for loopif)
+- * @return ERR_OK if the packet has been sent
+- * ERR_MEM if the pbuf used to copy the packet couldn't be allocated
+- */
+-static err_t
+-loopif_output(struct netif *netif, struct pbuf *p,
+- struct ip_addr *ipaddr)
+-{
+-#if !LWIP_LOOPIF_MULTITHREADING
+- SYS_ARCH_DECL_PROTECT(lev);
+- struct loopif_private *priv;
+- struct pbuf *last;
+-#endif /* LWIP_LOOPIF_MULTITHREADING */
+- struct pbuf *r;
+- err_t err;
+-
+- LWIP_UNUSED_ARG(ipaddr);
+-
+- /* Allocate a new pbuf */
+- r = pbuf_alloc(PBUF_RAW, p->tot_len, PBUF_RAM);
+- if (r == NULL) {
+- return ERR_MEM;
+- }
+-
+- /* Copy the whole pbuf queue p into the single pbuf r */
+- if ((err = pbuf_copy(r, p)) != ERR_OK) {
+- pbuf_free(r);
+- r = NULL;
+- return err;
+- }
+-
+-#if LWIP_LOOPIF_MULTITHREADING
+- /* Multithreading environment, netif->input() is supposed to put the packet
+- into a mailbox, so we can safely call it here without risking to re-enter
+- functions that are not reentrant (TCP!!!) */
+- if(netif->input(r, netif) != ERR_OK) {
+- pbuf_free(r);
+- r = NULL;
+- }
+-#else /* LWIP_LOOPIF_MULTITHREADING */
+- /* Raw API without threads: put the packet on a linked list which gets emptied
+- through calling loopif_poll(). */
+- priv = (struct loopif_private*)netif->state;
+-
+- /* let last point to the last pbuf in chain r */
+- for (last = r; last->next != NULL; last = last->next);
+- SYS_ARCH_PROTECT(lev);
+- if(priv->first != NULL) {
+- LWIP_ASSERT("if first != NULL, last must also be != NULL", priv->last != NULL);
+- priv->last->next = r;
+- priv->last = last;
+- } else {
+- priv->first = r;
+- priv->last = last;
+- }
+- SYS_ARCH_UNPROTECT(lev);
+-#endif /* LWIP_LOOPIF_MULTITHREADING */
+-
+- return ERR_OK;
+-}
+-
+ /**
+ * Initialize a lwip network interface structure for a loopback interface
+ *
+@@ -193,16 +52,6 @@ loopif_output(struct netif *netif, struc
+ err_t
+ loopif_init(struct netif *netif)
+ {
+-#if !LWIP_LOOPIF_MULTITHREADING
+- struct loopif_private *priv;
+-
+- priv = (struct loopif_private*)mem_malloc(sizeof(struct loopif_private));
+- if(priv == NULL)
+- return ERR_MEM;
+- priv->first = priv->last = NULL;
+- netif->state = priv;
+-#endif /* LWIP_LOOPIF_MULTITHREADING */
+-
+ /* initialize the snmp variables and counters inside the struct netif
+ * ifSpeed: no assumption can be made!
+ */
+@@ -210,7 +59,7 @@ loopif_init(struct netif *netif)
+
+ netif->name[0] = 'l';
+ netif->name[1] = 'o';
+- netif->output = loopif_output;
++ netif->output = netif_loop_output;
+ return ERR_OK;
+ }
+
+Index: src/netif/slipif.c
+===================================================================
+RCS file: /sources/lwip/lwip/src/netif/slipif.c,v
+retrieving revision 1.29
+retrieving revision 1.30
+diff -u -p -r1.29 -r1.30
+--- a/src/netif/slipif.c 30 Nov 2007 17:22:21 -0000 1.29
++++ b/src/netif/slipif.c 17 Jun 2008 20:14:05 -0000 1.30
+@@ -44,6 +44,9 @@
+
+ #include "netif/slipif.h"
+ #include "lwip/opt.h"
++
++#if LWIP_HAVE_SLIPIF
++
+ #include "lwip/def.h"
+ #include "lwip/pbuf.h"
+ #include "lwip/sys.h"
+@@ -273,3 +276,4 @@ slipif_init(struct netif *netif)
+ sys_thread_new(SLIPIF_THREAD_NAME, slipif_loop, netif, SLIPIF_THREAD_STACKSIZE, SLIPIF_THREAD_PRIO);
+ return ERR_OK;
+ }
++#endif /* LWIP_HAVE_SLIPIF */
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch
new file mode 100644
index 0000000..a3745bd
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/mini-os_udivmoddi4-gcc7.patch
@@ -0,0 +1,43 @@
+From d991bdbc062248221511ecb795617c36b37e1d2e Mon Sep 17 00:00:00 2001
+From: Wei Liu <wei.liu2@citrix.com>
+Date: Wed, 9 Aug 2017 13:15:48 +0100
+Subject: [PATCH] lib/math.c: implement __udivmoddi4
+
+Some code compiled by gcc 7 requires this.
+
+Signed-off-by: Wei Liu <wei.liu2@citrix.com>
+Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
+---
+ lib/math.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/lib/math.c b/lib/math.c
+index 561393e..b98cc1d 100644
+--- a/lib/math.c
++++ b/lib/math.c
+@@ -6,6 +6,7 @@
+ * File: math.c
+ * Author: Rolf Neugebauer (neugebar@dcs.gla.ac.uk)
+ * Changes:
++ * Implement __udivmoddi4 (Wei Liu <wei.liu2@citrix.com>)
+ *
+ * Date: Aug 2003
+ *
+@@ -397,6 +398,15 @@ __umoddi3(u_quad_t a, u_quad_t b)
+ }
+
+ /*
++ * Returns the quotient and places remainder in r
++ */
++u_quad_t
++__udivmoddi4(u_quad_t a, u_quad_t b, u_quad_t *r)
++{
++ return __qdivrem(a, b, r);
++}
++
++/*
+ * From
+ * moddi3.c
+ */
+--
+2.11.0
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch
new file mode 100644
index 0000000..a5d0149
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-chk.patch
@@ -0,0 +1,155 @@
+--- a/newlib/libc/stdio/fprintf_chk.c 1969-12-31 19:00:00.000000000 -0500
++++ b/newlib/libc/stdio/fprintf_chk.c 2009-02-26 19:02:53.000000000 -0500
+@@ -0,0 +1,21 @@
++#include <stdarg.h>
++#include <stdio.h>
++
++/*
++ * Stub implementation of __fprintf_chk adapted from glibc 2.7. This
++ * doesn't actually implement any buffer overflow protection. It just makes
++ * the linker happy :)
++*/
++int
++__fprintf_chk (FILE *fp, int flag, const char *format, ...)
++{
++ va_list ap;
++ int done;
++
++ va_start (ap, format);
++ done = vfprintf (fp, format, ap);
++ va_end (ap);
++
++ return done;
++}
++
+--- a/newlib/libc/stdio/Makefile.am 2007-08-02 16:23:06.000000000 -0400
++++ b/newlib/libc/stdio/Makefile.am 2009-02-26 18:14:53.000000000 -0500
+@@ -20,6 +20,7 @@
+ flags.c \
+ fopen.c \
+ fprintf.c \
++ fprintf_chk.c \
+ fputc.c \
+ fputs.c \
+ fread.c \
+@@ -65,6 +66,7 @@
+ sniprintf.c \
+ snprintf.c \
+ sprintf.c \
++ sprintf_chk.c \
+ sscanf.c \
+ stdio.c \
+ tmpfile.c \
+--- a/newlib/libc/stdio/Makefile.in 2007-12-19 17:36:38.000000000 -0500
++++ b/newlib/libc/stdio/Makefile.in 2009-02-26 18:43:52.000000000 -0500
+@@ -63,7 +63,8 @@
+ lib_a-fgets.$(OBJEXT) lib_a-fileno.$(OBJEXT) \
+ lib_a-findfp.$(OBJEXT) lib_a-fiprintf.$(OBJEXT) \
+ lib_a-flags.$(OBJEXT) lib_a-fopen.$(OBJEXT) \
+- lib_a-fprintf.$(OBJEXT) lib_a-fputc.$(OBJEXT) \
++ lib_a-fprintf.$(OBJEXT) lib_a-fprintf_chk.$(OBJEXT) \
++ lib_a-fputc.$(OBJEXT) \
+ lib_a-fputs.$(OBJEXT) lib_a-fread.$(OBJEXT) \
+ lib_a-freopen.$(OBJEXT) lib_a-fscanf.$(OBJEXT) \
+ lib_a-fiscanf.$(OBJEXT) lib_a-fseek.$(OBJEXT) \
+@@ -86,6 +87,7 @@
+ lib_a-setvbuf.$(OBJEXT) lib_a-siprintf.$(OBJEXT) \
+ lib_a-siscanf.$(OBJEXT) lib_a-sniprintf.$(OBJEXT) \
+ lib_a-snprintf.$(OBJEXT) lib_a-sprintf.$(OBJEXT) \
++ lib_a-sprintf_chk.$(OBJEXT) \
+ lib_a-sscanf.$(OBJEXT) lib_a-stdio.$(OBJEXT) \
+ lib_a-tmpfile.$(OBJEXT) lib_a-tmpnam.$(OBJEXT) \
+ lib_a-ungetc.$(OBJEXT) lib_a-vdiprintf.$(OBJEXT) \
+@@ -122,15 +124,15 @@
+ LTLIBRARIES = $(noinst_LTLIBRARIES)
+ am__objects_4 = clearerr.lo fclose.lo fdopen.lo feof.lo ferror.lo \
+ fflush.lo fgetc.lo fgetpos.lo fgets.lo fileno.lo findfp.lo \
+- fiprintf.lo flags.lo fopen.lo fprintf.lo fputc.lo fputs.lo \
+- fread.lo freopen.lo fscanf.lo fiscanf.lo fseek.lo fsetpos.lo \
++ fiprintf.lo flags.lo fopen.lo fprintf.lo fprintf_chk.lo fputc.lo \
++ fputs.lo fread.lo freopen.lo fscanf.lo fiscanf.lo fseek.lo fsetpos.lo \
+ ftell.lo fvwrite.lo fwalk.lo fwrite.lo getc.lo getchar.lo \
+ getc_u.lo getchar_u.lo getdelim.lo getline.lo gets.lo \
+ iprintf.lo iscanf.lo makebuf.lo perror.lo printf.lo putc.lo \
+ putchar.lo putc_u.lo putchar_u.lo puts.lo refill.lo remove.lo \
+ rename.lo rewind.lo rget.lo scanf.lo sccl.lo setbuf.lo \
+ setbuffer.lo setlinebuf.lo setvbuf.lo siprintf.lo siscanf.lo \
+- sniprintf.lo snprintf.lo sprintf.lo sscanf.lo stdio.lo \
++ sniprintf.lo snprintf.lo sprintf.lo sprintf_chk.lo sscanf.lo stdio.lo \
+ tmpfile.lo tmpnam.lo ungetc.lo vdiprintf.lo vdprintf.lo \
+ viprintf.lo viscanf.lo vprintf.lo vscanf.lo vsiprintf.lo \
+ vsiscanf.lo vsnprintf.lo vsniprintf.lo vsprintf.lo vsscanf.lo \
+@@ -344,6 +346,7 @@
+ flags.c \
+ fopen.c \
+ fprintf.c \
++ fprintf_chk.c \
+ fputc.c \
+ fputs.c \
+ fread.c \
+@@ -389,6 +392,7 @@
+ sniprintf.c \
+ snprintf.c \
+ sprintf.c \
++ sprintf_chk.c \
+ sscanf.c \
+ stdio.c \
+ tmpfile.c \
+@@ -508,6 +512,7 @@
+ siprintf.def \
+ siscanf.def \
+ sprintf.def \
++ sprintf_chk.def \
+ sscanf.def \
+ tmpfile.def \
+ tmpnam.def \
+@@ -678,6 +683,12 @@
+ lib_a-fprintf.obj: fprintf.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf.obj `if test -f 'fprintf.c'; then $(CYGPATH_W) 'fprintf.c'; else $(CYGPATH_W) '$(srcdir)/fprintf.c'; fi`
+
++lib_a-fprintf_chk.o: fprintf_chk.c
++ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf_chk.o `test -f 'fprintf_chk.c' || echo '$(srcdir)/'`fprintf_chk.c
++
++lib_a-fprintf_chk.obj: fprintf_chk.c
++ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fprintf_chk.obj `if test -f 'fprintf_chk.c'; then $(CYGPATH_W) 'fprintf_chk.c'; else $(CYGPATH_W) '$(srcdir)/fprintf_chk.c'; fi`
++
+ lib_a-fputc.o: fputc.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-fputc.o `test -f 'fputc.c' || echo '$(srcdir)/'`fputc.c
+
+@@ -948,6 +959,12 @@
+ lib_a-sprintf.obj: sprintf.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf.obj `if test -f 'sprintf.c'; then $(CYGPATH_W) 'sprintf.c'; else $(CYGPATH_W) '$(srcdir)/sprintf.c'; fi`
+
++lib_a-sprintf_chk.o: sprintf_chk.c
++ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf_chk.o `test -f 'sprintf_chk.c' || echo '$(srcdir)/'`sprintf_chk.c
++
++lib_a-sprintf_chk.obj: sprintf_chk.c
++ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sprintf_chk.obj `if test -f 'sprintf_chk.c'; then $(CYGPATH_W) 'sprintf_chk.c'; else $(CYGPATH_W) '$(srcdir)/sprintf_chk.c'; fi`
++
+ lib_a-sscanf.o: sscanf.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(lib_a_CFLAGS) $(CFLAGS) -c -o lib_a-sscanf.o `test -f 'sscanf.c' || echo '$(srcdir)/'`sscanf.c
+
+--- a/newlib/libc/stdio/sprintf_chk.c 1969-12-31 19:00:00.000000000 -0500
++++ b/newlib/libc/stdio/sprintf_chk.c 2009-02-26 19:02:26.000000000 -0500
+@@ -0,0 +1,21 @@
++#include <stdarg.h>
++#include <stdio.h>
++
++/*
++ * Stub implementation of __sprintf_chk adapted from glibc 2.7. This
++ * doesn't actually implement any buffer overflow protection. It just makes
++ * the linker happy :)
++*/
++int
++__sprintf_chk (char *s, int flags, size_t slen, const char *format, ...)
++{
++ va_list arg;
++ int done;
++
++ va_start (arg, format);
++ done = vsprintf (s, format, arg);
++ va_end (arg);
++
++ return done;
++}
++
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch
new file mode 100644
index 0000000..3610d64
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib-stdint-size_max-fix-from-1.17.0.patch
@@ -0,0 +1,16 @@
+--- a/newlib/libc/include/stdint.h.orig 2006-08-17 00:39:43.000000000 +0300
++++ b/newlib/libc/include/stdint.h 2009-08-25 17:33:23.000000000 +0300
+@@ -348,8 +348,11 @@
+ #endif
+
+ /* This must match size_t in stddef.h, currently long unsigned int */
+-#define SIZE_MIN (-__STDINT_EXP(LONG_MAX) - 1L)
+-#define SIZE_MAX __STDINT_EXP(LONG_MAX)
++#ifdef __SIZE_MAX__
++#define SIZE_MAX __SIZE_MAX__
++#else
++#define SIZE_MAX (__STDINT_EXP(LONG_MAX) * 2UL + 1)
++#endif
+
+ /* This must match sig_atomic_t in <signal.h> (currently int) */
+ #define SIG_ATOMIC_MIN (-__STDINT_EXP(INT_MAX) - 1)
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/newlib.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib.patch
new file mode 100644
index 0000000..dbf409a
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/newlib.patch
@@ -0,0 +1,727 @@
+There is a mix between longs and long longs.
+
+Index: newlib/libc/include/inttypes.h
+===================================================================
+RCS file: /cvs/src/src/newlib/libc/include/inttypes.h,v
+retrieving revision 1.3
+diff -u -p -r1.3 inttypes.h
+--- a/newlib/libc/include/inttypes.h 16 Dec 2005 19:03:12 -0000 1.3
++++ b/newlib/libc/include/inttypes.h 8 Nov 2007 16:32:44 -0000
+@@ -163,12 +163,12 @@
+
+
+ /* 64-bit types */
+-#if __have_longlong64
+-#define __PRI64(x) __STRINGIFY(ll##x)
+-#define __SCN64(x) __STRINGIFY(ll##x)
+-#elif __have_long64
++#if __have_long64
+ #define __PRI64(x) __STRINGIFY(l##x)
+ #define __SCN64(x) __STRINGIFY(l##x)
++#elif __have_longlong64
++#define __PRI64(x) __STRINGIFY(ll##x)
++#define __SCN64(x) __STRINGIFY(ll##x)
+ #else
+ #define __PRI64(x) __STRINGIFY(x)
+ #define __SCN64(x) __STRINGIFY(x)
+@@ -217,12 +217,12 @@
+ #endif
+
+ /* max-bit types */
+-#if __have_longlong64
+-#define __PRIMAX(x) __STRINGIFY(ll##x)
+-#define __SCNMAX(x) __STRINGIFY(ll##x)
+-#elif __have_long64
++#if __have_long64
+ #define __PRIMAX(x) __STRINGIFY(l##x)
+ #define __SCNMAX(x) __STRINGIFY(l##x)
++#elif __have_longlong64
++#define __PRIMAX(x) __STRINGIFY(ll##x)
++#define __SCNMAX(x) __STRINGIFY(ll##x)
+ #else
+ #define __PRIMAX(x) __STRINGIFY(x)
+ #define __SCNMAX(x) __STRINGIFY(x)
+@@ -242,12 +242,12 @@
+ #define SCNxMAX __SCNMAX(x)
+
+ /* ptr types */
+-#if __have_longlong64
+-#define __PRIPTR(x) __STRINGIFY(ll##x)
+-#define __SCNPTR(x) __STRINGIFY(ll##x)
+-#elif __have_long64
++#if __have_long64
+ #define __PRIPTR(x) __STRINGIFY(l##x)
+ #define __SCNPTR(x) __STRINGIFY(l##x)
++#elif __have_longlong64
++#define __PRIPTR(x) __STRINGIFY(ll##x)
++#define __SCNPTR(x) __STRINGIFY(ll##x)
+ #else
+ #define __PRIPTR(x) __STRINGIFY(x)
+ #define __SCNPTR(x) __STRINGIFY(x)
+
+We don't want u?int32_t to be long as our code assume in a lot of places to be
+int.
+
+Index: newlib/libc/include/stdint.h
+===================================================================
+RCS file: /cvs/src/src/newlib/libc/include/stdint.h,v
+retrieving revision 1.10
+diff -u -p -r1.10 stdint.h
+--- a/newlib/libc/include/stdint.h 16 Aug 2006 21:39:43 -0000 1.10
++++ b/newlib/libc/include/stdint.h 12 Feb 2008 13:07:52 -0000
+@@ -38,7 +38,7 @@ extern "C" {
+ #if __STDINT_EXP(LONG_MAX) > 0x7fffffff
+ #define __have_long64 1
+ #elif __STDINT_EXP(LONG_MAX) == 0x7fffffff && !defined(__SPU__)
+-#define __have_long32 1
++/* #define __have_long32 1 */
+ #endif
+
+ #if __STDINT_EXP(SCHAR_MAX) == 0x7f
+
+Define the basic ia64 jump buffer
+
+Index: newlib/libc/include/sys/config.h
+===================================================================
+RCS file: /cvs/src/src/newlib/libc/include/sys/config.h,v
+retrieving revision 1.47
+diff -u -p -r1.47 config.h
+--- a/newlib/libc/include/sys/config.h 15 Mar 2007 21:32:12 -0000 1.47
++++ b/newlib/libc/include/sys/config.h 8 Nov 2007 16:32:44 -0000
+@@ -71,6 +71,10 @@
+ #endif
+ #endif
+
++#ifndef __DYNAMIC_REENT__
++#define __DYNAMIC_REENT__
++#endif
++
+ #ifdef __mn10200__
+ #define __SMALL_BITFIELDS
+ #endif
+
+Dynamic pointer to our reentrancy zone
+
+Index: newlib/libc/reent/getreent.c
+===================================================================
+RCS file: /cvs/src/src/newlib/libc/reent/getreent.c,v
+retrieving revision 1.2
+diff -u -p -r1.2 getreent.c
+--- a/newlib/libc/reent/getreent.c 7 Sep 2007 00:45:55 -0000 1.2
++++ b/newlib/libc/reent/getreent.c 8 Nov 2007 16:32:44 -0000
+@@ -3,12 +3,20 @@
+ #include <_ansi.h>
+ #include <reent.h>
+
++#define weak_alias(name, aliasname) \
++ extern __typeof (name) aliasname __attribute__ ((weak, alias (#name)));
++
+ #ifdef __getreent
+ #undef __getreent
+ #endif
++#ifdef __libc_getreent
++#undef __libc_getreent
++#endif
+
+ struct _reent *
+-_DEFUN_VOID(__getreent)
++__libc_getreent (void)
+ {
+ return _impure_ptr;
+ }
++weak_alias(__libc_getreent,__getreent)
++
+
+We can't provide a red zone in mini-os.
+
+Index: newlib/libc/machine/x86_64/memcpy.S
+===================================================================
+RCS file: /cvs/src/src/newlib/libc/machine/x86_64/memcpy.S,v
+retrieving revision 1.1
+diff -u -p -r1.1 memcpy.S
+--- a/newlib/libc/machine/x86_64/memcpy.S 28 Aug 2007 21:56:49 -0000 1.1
++++ b/newlib/libc/machine/x86_64/memcpy.S 8 Nov 2007 16:32:44 -0000
+@@ -30,10 +30,18 @@ quadword_aligned:
+ cmpq $256, rdx
+ jb quadword_copy
+
++#if 1
++ subq $32, rsp
++ movq rax, 24 (rsp)
++ movq r12, 16 (rsp)
++ movq r13, 8 (rsp)
++ movq r14, 0 (rsp)
++#else
+ movq rax, -8 (rsp)
+ movq r12, -16 (rsp)
+ movq r13, -24 (rsp)
+ movq r14, -32 (rsp)
++#endif
+
+ movq rdx, rcx /* Copy 128 bytes at a time with minimum cache polution */
+ shrq $7, rcx
+@@ -89,10 +97,18 @@ loop:
+ movq rdx, rcx
+ andq $127, rcx
+ rep movsb
++#if 1
++ movq 24 (rsp), rax
++ movq 16 (rsp), r12
++ movq 8 (rsp), r13
++ movq 0 (rsp), r14
++ addq $32, rsp
++#else
+ movq -8 (rsp), rax
+ movq -16 (rsp), r12
+ movq -24 (rsp), r13
+ movq -32 (rsp), r14
++#endif
+ ret
+
+
+--- a/newlib/libc/machine/x86_64/x86_64mach.h.orig 2008-07-11 14:57:23.062269000 +0100
++++ b/newlib/libc/machine/x86_64/x86_64mach.h 2008-07-11 14:58:01.262503000 +0100
+@@ -22,81 +22,81 @@
+
+ #define REG(x) CONCAT1(__REG_PREFIX__, x)
+
+-#define rax REG(rax)
+-#define rbx REG(rbx)
+-#define rcx REG(rcx)
+-#define rdx REG(rdx)
+-#define rsi REG(rsi)
+-#define rdi REG(rdi)
+-#define rbp REG(rbp)
+-#define rsp REG(rsp)
+-
+-#define r8 REG(r8)
+-#define r9 REG(r9)
+-#define r10 REG(r10)
+-#define r11 REG(r11)
+-#define r12 REG(r12)
+-#define r13 REG(r13)
+-#define r14 REG(r14)
+-#define r15 REG(r15)
+-
+-#define eax REG(eax)
+-#define ebx REG(ebx)
+-#define ecx REG(ecx)
+-#define edx REG(edx)
+-#define esi REG(esi)
+-#define edi REG(edi)
+-#define ebp REG(ebp)
+-#define esp REG(esp)
+-
+-#define st0 REG(st)
+-#define st1 REG(st(1))
+-#define st2 REG(st(2))
+-#define st3 REG(st(3))
+-#define st4 REG(st(4))
+-#define st5 REG(st(5))
+-#define st6 REG(st(6))
+-#define st7 REG(st(7))
+-
+-#define ax REG(ax)
+-#define bx REG(bx)
+-#define cx REG(cx)
+-#define dx REG(dx)
+-
+-#define ah REG(ah)
+-#define bh REG(bh)
+-#define ch REG(ch)
+-#define dh REG(dh)
+-
+-#define al REG(al)
+-#define bl REG(bl)
+-#define cl REG(cl)
+-#define dl REG(dl)
+-
+-#define sil REG(sil)
+-
+-#define mm1 REG(mm1)
+-#define mm2 REG(mm2)
+-#define mm3 REG(mm3)
+-#define mm4 REG(mm4)
+-#define mm5 REG(mm5)
+-#define mm6 REG(mm6)
+-#define mm7 REG(mm7)
+-
+-#define xmm0 REG(xmm0)
+-#define xmm1 REG(xmm1)
+-#define xmm2 REG(xmm2)
+-#define xmm3 REG(xmm3)
+-#define xmm4 REG(xmm4)
+-#define xmm5 REG(xmm5)
+-#define xmm6 REG(xmm6)
+-#define xmm7 REG(xmm7)
+-
+-#define cr0 REG(cr0)
+-#define cr1 REG(cr1)
+-#define cr2 REG(cr2)
+-#define cr3 REG(cr3)
+-#define cr4 REG(cr4)
++#define rax %rax
++#define rbx %rbx
++#define rcx %rcx
++#define rdx %rdx
++#define rsi %rsi
++#define rdi %rdi
++#define rbp %rbp
++#define rsp %rsp
++
++#define r8 %r8
++#define r9 %r9
++#define r10 %r10
++#define r11 %r11
++#define r12 %r12
++#define r13 %r13
++#define r14 %r14
++#define r15 %r15
++
++#define eax %eax
++#define ebx %ebx
++#define ecx %ecx
++#define edx %edx
++#define esi %esi
++#define edi %edi
++#define ebp %ebp
++#define esp %esp
++
++#define st0 %st
++#define st1 %st(1)
++#define st2 %st(2)
++#define st3 %st(3)
++#define st4 %st(4)
++#define st5 %st(5)
++#define st6 %st(6)
++#define st7 %st(7)
++
++#define ax %ax
++#define bx %bx
++#define cx %cx
++#define dx %dx
++
++#define ah %ah
++#define bh %bh
++#define ch %ch
++#define dh %dh
++
++#define al %al
++#define bl %bl
++#define cl %cl
++#define dl %dl
++
++#define sil %sil
++
++#define mm1 %mm1
++#define mm2 %mm2
++#define mm3 %mm3
++#define mm4 %mm4
++#define mm5 %mm5
++#define mm6 %mm6
++#define mm7 %mm7
++
++#define xmm0 %xmm0
++#define xmm1 %xmm1
++#define xmm2 %xmm2
++#define xmm3 %xmm3
++#define xmm4 %xmm4
++#define xmm5 %xmm5
++#define xmm6 %xmm6
++#define xmm7 %xmm7
++
++#define cr0 %cr0
++#define cr1 %cr1
++#define cr2 %cr2
++#define cr3 %cr3
++#define cr4 %cr4
+
+ #ifdef _I386MACH_NEED_SOTYPE_FUNCTION
+ #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function
+--- a/newlib/libc/machine/x86_64/memcpy.S.orig 2008-07-11 15:12:27.494693000 +0100
++++ b/newlib/libc/machine/x86_64/memcpy.S 2008-07-11 15:12:29.448706000 +0100
+@@ -60,14 +60,14 @@
+ movq 48 (rsi), r13
+ movq 56 (rsi), r14
+
+- movntiq rax, (rdi)
+- movntiq r8 , 8 (rdi)
+- movntiq r9 , 16 (rdi)
+- movntiq r10, 24 (rdi)
+- movntiq r11, 32 (rdi)
+- movntiq r12, 40 (rdi)
+- movntiq r13, 48 (rdi)
+- movntiq r14, 56 (rdi)
++ movnti rax, (rdi)
++ movnti r8 , 8 (rdi)
++ movnti r9 , 16 (rdi)
++ movnti r10, 24 (rdi)
++ movnti r11, 32 (rdi)
++ movnti r12, 40 (rdi)
++ movnti r13, 48 (rdi)
++ movnti r14, 56 (rdi)
+
+ movq 64 (rsi), rax
+ movq 72 (rsi), r8
+@@ -78,14 +78,14 @@
+ movq 112 (rsi), r13
+ movq 120 (rsi), r14
+
+- movntiq rax, 64 (rdi)
+- movntiq r8 , 72 (rdi)
+- movntiq r9 , 80 (rdi)
+- movntiq r10, 88 (rdi)
+- movntiq r11, 96 (rdi)
+- movntiq r12, 104 (rdi)
+- movntiq r13, 112 (rdi)
+- movntiq r14, 120 (rdi)
++ movnti rax, 64 (rdi)
++ movnti r8 , 72 (rdi)
++ movnti r9 , 80 (rdi)
++ movnti r10, 88 (rdi)
++ movnti r11, 96 (rdi)
++ movnti r12, 104 (rdi)
++ movnti r13, 112 (rdi)
++ movnti r14, 120 (rdi)
+
+ leaq 128 (rsi), rsi
+ leaq 128 (rdi), rdi
+--- a/newlib/libc/machine/i386/i386mach.h 2000-08-28 18:50:06.000000000 +0100
++++ b/newlib/libc/machine/i386/i386mach.h 2008-07-11 15:17:13.874409000 +0100
+@@ -27,46 +27,46 @@
+
+ #define REG(x) CONCAT1(__REG_PREFIX__, x)
+
+-#define eax REG(eax)
+-#define ebx REG(ebx)
+-#define ecx REG(ecx)
+-#define edx REG(edx)
+-#define esi REG(esi)
+-#define edi REG(edi)
+-#define ebp REG(ebp)
+-#define esp REG(esp)
+-
+-#define st0 REG(st)
+-#define st1 REG(st(1))
+-#define st2 REG(st(2))
+-#define st3 REG(st(3))
+-#define st4 REG(st(4))
+-#define st5 REG(st(5))
+-#define st6 REG(st(6))
+-#define st7 REG(st(7))
+-
+-#define ax REG(ax)
+-#define bx REG(bx)
+-#define cx REG(cx)
+-#define dx REG(dx)
+-
+-#define ah REG(ah)
+-#define bh REG(bh)
+-#define ch REG(ch)
+-#define dh REG(dh)
+-
+-#define al REG(al)
+-#define bl REG(bl)
+-#define cl REG(cl)
+-#define dl REG(dl)
+-
+-#define mm1 REG(mm1)
+-#define mm2 REG(mm2)
+-#define mm3 REG(mm3)
+-#define mm4 REG(mm4)
+-#define mm5 REG(mm5)
+-#define mm6 REG(mm6)
+-#define mm7 REG(mm7)
++#define eax %eax
++#define ebx %ebx
++#define ecx %ecx
++#define edx %edx
++#define esi %esi
++#define edi %edi
++#define ebp %ebp
++#define esp %esp
++
++#define st0 %st
++#define st1 %st(1)
++#define st2 %st(2)
++#define st3 %st(3)
++#define st4 %st(4)
++#define st5 %st(5)
++#define st6 %st(6)
++#define st7 %st(7)
++
++#define ax %ax
++#define bx %bx
++#define cx %cx
++#define dx %dx
++
++#define ah %ah
++#define bh %bh
++#define ch %ch
++#define dh %dh
++
++#define al %al
++#define bl %bl
++#define cl %cl
++#define dl %dl
++
++#define mm1 %mm1
++#define mm2 %mm2
++#define mm3 %mm3
++#define mm4 %mm4
++#define mm5 %mm5
++#define mm6 %mm6
++#define mm7 %mm7
+
+ #ifdef _I386MACH_NEED_SOTYPE_FUNCTION
+ #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function
+--- a/newlib/libc/machine/x86_64/memset.S 2007-08-28 22:56:49.000000000 +0100
++++ b/newlib/libc/machine/x86_64/memset.S 2008-07-11 15:16:59.098320000 +0100
+@@ -40,22 +40,22 @@
+
+ .p2align 4
+ loop:
+- movntiq rax, (rdi)
+- movntiq rax, 8 (rdi)
+- movntiq rax, 16 (rdi)
+- movntiq rax, 24 (rdi)
+- movntiq rax, 32 (rdi)
+- movntiq rax, 40 (rdi)
+- movntiq rax, 48 (rdi)
+- movntiq rax, 56 (rdi)
+- movntiq rax, 64 (rdi)
+- movntiq rax, 72 (rdi)
+- movntiq rax, 80 (rdi)
+- movntiq rax, 88 (rdi)
+- movntiq rax, 96 (rdi)
+- movntiq rax, 104 (rdi)
+- movntiq rax, 112 (rdi)
+- movntiq rax, 120 (rdi)
++ movnti rax, (rdi)
++ movnti rax, 8 (rdi)
++ movnti rax, 16 (rdi)
++ movnti rax, 24 (rdi)
++ movnti rax, 32 (rdi)
++ movnti rax, 40 (rdi)
++ movnti rax, 48 (rdi)
++ movnti rax, 56 (rdi)
++ movnti rax, 64 (rdi)
++ movnti rax, 72 (rdi)
++ movnti rax, 80 (rdi)
++ movnti rax, 88 (rdi)
++ movnti rax, 96 (rdi)
++ movnti rax, 104 (rdi)
++ movnti rax, 112 (rdi)
++ movnti rax, 120 (rdi)
+
+ leaq 128 (rdi), rdi
+
+--- a/newlib/libm/machine/i386/i386mach.h.orig 2008-07-11 15:30:37.367227000 +0100
++++ b/newlib/libm/machine/i386/i386mach.h 2008-07-11 15:30:55.232337000 +0100
+@@ -27,46 +27,46 @@
+
+ #define REG(x) CONCAT1(__REG_PREFIX__, x)
+
+-#define eax REG(eax)
+-#define ebx REG(ebx)
+-#define ecx REG(ecx)
+-#define edx REG(edx)
+-#define esi REG(esi)
+-#define edi REG(edi)
+-#define ebp REG(ebp)
+-#define esp REG(esp)
+-
+-#define st0 REG(st)
+-#define st1 REG(st(1))
+-#define st2 REG(st(2))
+-#define st3 REG(st(3))
+-#define st4 REG(st(4))
+-#define st5 REG(st(5))
+-#define st6 REG(st(6))
+-#define st7 REG(st(7))
+-
+-#define ax REG(ax)
+-#define bx REG(bx)
+-#define cx REG(cx)
+-#define dx REG(dx)
+-
+-#define ah REG(ah)
+-#define bh REG(bh)
+-#define ch REG(ch)
+-#define dh REG(dh)
+-
+-#define al REG(al)
+-#define bl REG(bl)
+-#define cl REG(cl)
+-#define dl REG(dl)
+-
+-#define mm1 REG(mm1)
+-#define mm2 REG(mm2)
+-#define mm3 REG(mm3)
+-#define mm4 REG(mm4)
+-#define mm5 REG(mm5)
+-#define mm6 REG(mm6)
+-#define mm7 REG(mm7)
++#define eax %eax
++#define ebx %ebx
++#define ecx %ecx
++#define edx %edx
++#define esi %esi
++#define edi %edi
++#define ebp %ebp
++#define esp %esp
++
++#define st0 %st
++#define st1 %st(1)
++#define st2 %st(2)
++#define st3 %st(3)
++#define st4 %st(4)
++#define st5 %st(5)
++#define st6 %st(6)
++#define st7 %st(7)
++
++#define ax %ax
++#define bx %bx
++#define cx %cx
++#define dx %dx
++
++#define ah %ah
++#define bh %bh
++#define ch %ch
++#define dh %dh
++
++#define al %al
++#define bl %bl
++#define cl %cl
++#define dl %dl
++
++#define mm1 %mm1
++#define mm2 %mm2
++#define mm3 %mm3
++#define mm4 %mm4
++#define mm5 %mm5
++#define mm6 %mm6
++#define mm7 %mm7
+
+ #ifdef _I386MACH_NEED_SOTYPE_FUNCTION
+ #define SOTYPE_FUNCTION(sym) .type SYM(sym),@function
+
+
+We want to have a 64bit offsets libc even on 32bit platforms.
+
+--- ./newlib/configure.host.orig 2008-08-07 16:01:17.801946000 +0100
++++ ./newlib/configure.host 2008-08-07 16:01:34.181064000 +0100
+@@ -317,6 +317,8 @@
+ oext=lo
+ lpfx=
+ aext=la ;;
++ i[34567]86-xen-elf)
++ stdio64_dir=stdio64 ;;
+ *) ;; #shared library not supported for ${host}
+ esac
+
+--- a/newlib/libc/include/sys/_types.h.orig 2008-08-07 15:22:44.925008000 +0100
++++ b/newlib/libc/include/sys/_types.h 2008-08-07 15:22:50.824044000 +0100
+@@ -13,8 +13,12 @@
+ #include <sys/lock.h>
+
+ #ifndef __off_t_defined
++#ifdef __MINIOS__
++typedef long long _off_t;
++#else
+ typedef long _off_t;
+ #endif
++#endif
+
+ #if defined(__rtems__)
+ /* device numbers are 32-bit major and and 32-bit minor */
+--- ./newlib/libc/include/sys/config.h.orig 2008-08-07 14:43:25.915866000 +0100
++++ ./newlib/libc/include/sys/config.h 2008-08-07 14:44:13.508154000 +0100
+@@ -69,6 +69,10 @@
+ /* we use some glibc header files so turn on glibc large file feature */
+ #define _LARGEFILE64_SOURCE 1
+ #endif
++#ifdef __MINIOS__
++#define __LARGE64_FILES 1
++#define _LARGEFILE64_SOURCE 1
++#endif
+ #endif
+
+ #ifndef __DYNAMIC_REENT__
+--- ./newlib/libc/include/sys/_default_fcntl.h.orig 2008-08-07 15:08:22.377836000 +0100
++++ ./newlib/libc/include/sys/_default_fcntl.h 2008-08-07 15:08:31.651890000 +0100
+@@ -170,7 +170,11 @@
+ /* Provide _<systemcall> prototypes for functions provided by some versions
+ of newlib. */
+ #ifdef _COMPILING_NEWLIB
+-extern int _open _PARAMS ((const char *, int, ...));
++extern int _open _PARAMS ((const char *, int, ...))
++#ifdef __MINIOS__
++ asm("open64")
++#endif
++ ;
+ extern int _fcntl _PARAMS ((int, int, ...));
+ #ifdef __LARGE64_FILES
+ extern int _open64 _PARAMS ((const char *, int, ...));
+--- ./newlib/libc/include/sys/unistd.h.orig 2008-08-07 15:09:36.449280000 +0100
++++ ./newlib/libc/include/sys/unistd.h 2008-08-07 15:09:51.210370000 +0100
+@@ -101,7 +101,11 @@
+ int _EXFUN(link, (const char *__path1, const char *__path2 ));
+ int _EXFUN(nice, (int __nice_value ));
+ #if !defined(__INSIDE_CYGWIN__)
+-off_t _EXFUN(lseek, (int __fildes, off_t __offset, int __whence ));
++off_t _EXFUN(lseek, (int __fildes, off_t __offset, int __whence ))
++#ifdef __MINIOS__
++ asm("lseek64")
++#endif
++ ;
+ #endif
+ #if defined(__SPU__)
+ #define F_ULOCK 0
+--- ./newlib/libc/include/sys/stat.h.orig 2008-08-07 16:08:50.495116000 +0100
++++ ./newlib/libc/include/sys/stat.h 2008-08-07 16:10:21.799753000 +0100
+@@ -49,6 +49,9 @@
+ long st_spare4[2];
+ #endif
+ };
++#ifdef __MINIOS__
++#define stat64 stat
++#endif
+ #endif
+
+ #define _IFMT 0170000 /* type of file */
+@@ -132,7 +135,11 @@
+ /* Provide prototypes for most of the _<systemcall> names that are
+ provided in newlib for some compilers. */
+ #ifdef _COMPILING_NEWLIB
+-int _EXFUN(_fstat,( int __fd, struct stat *__sbuf ));
++int _EXFUN(_fstat,( int __fd, struct stat *__sbuf ))
++#ifdef __MINIOS__
++ asm("fstat64")
++#endif
++ ;
+ int _EXFUN(_stat,( const char *__path, struct stat *__sbuf ));
+ #ifdef __LARGE64_FILES
+ struct stat64;
+--- ./newlib/libc/include/_syslist.h.orig 2008-08-07 16:24:19.122605000 +0100
++++ ./newlib/libc/include/_syslist.h 2008-08-07 16:24:21.548628000 +0100
+@@ -14,6 +14,7 @@
+ #define _kill kill
+ #define _link link
+ #define _lseek lseek
++#define _lseek64 lseek64
+ #define _open open
+ #define _read read
+ #define _sbrk sbrk
+--- a/newlib/libc/include/reent.h.orig 2008-08-07 16:28:49.846502000 +0100
++++ b/newlib/libc/include/reent.h 2008-08-07 16:29:02.096586000 +0100
+@@ -87,6 +87,9 @@
+ #if defined(__CYGWIN__) && defined(_COMPILING_NEWLIB)
+ #define stat64 __stat64
+ #endif
++#if defined(__MINIOS__)
++#define stat64 stat
++#endif
+
+ struct stat64;
+
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/polarssl.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/polarssl.patch
new file mode 100644
index 0000000..9548730
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/polarssl.patch
@@ -0,0 +1,64 @@
+diff -Naur polarssl-1.1.4/include/polarssl/config.h polarssl-x86_64/include/polarssl/config.h
+--- a/include/polarssl/config.h 2011-12-22 05:06:27.000000000 -0500
++++ b/include/polarssl/config.h 2012-10-30 17:18:07.567001000 -0400
+@@ -164,8 +164,8 @@
+ * application.
+ *
+ * Uncomment this macro to prevent loading of default entropy functions.
+-#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
+ */
++#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
+
+ /**
+ * \def POLARSSL_NO_PLATFORM_ENTROPY
+@@ -175,8 +175,8 @@
+ * standards like the /dev/urandom or Windows CryptoAPI.
+ *
+ * Uncomment this macro to disable the built-in platform entropy functions.
+-#define POLARSSL_NO_PLATFORM_ENTROPY
+ */
++#define POLARSSL_NO_PLATFORM_ENTROPY
+
+ /**
+ * \def POLARSSL_PKCS1_V21
+@@ -426,8 +426,8 @@
+ * Requires: POLARSSL_TIMING_C
+ *
+ * This module enables the HAVEGE random number generator.
+- */
+ #define POLARSSL_HAVEGE_C
++ */
+
+ /**
+ * \def POLARSSL_MD_C
+@@ -490,7 +490,7 @@
+ *
+ * This module provides TCP/IP networking routines.
+ */
+-#define POLARSSL_NET_C
++//#define POLARSSL_NET_C
+
+ /**
+ * \def POLARSSL_PADLOCK_C
+@@ -644,8 +644,8 @@
+ * Caller: library/havege.c
+ *
+ * This module is used by the HAVEGE random number generator.
+- */
+ #define POLARSSL_TIMING_C
++ */
+
+ /**
+ * \def POLARSSL_VERSION_C
+diff -Naur polarssl-1.1.4/library/bignum.c polarssl-x86_64/library/bignum.c
+--- a/library/bignum.c 2012-04-29 16:15:55.000000000 -0400
++++ b/library/bignum.c 2012-10-30 17:21:52.135000999 -0400
+@@ -1101,7 +1101,7 @@
+ Z.p[i - t - 1] = ~0;
+ else
+ {
+-#if defined(POLARSSL_HAVE_LONGLONG)
++#if 0 //defined(POLARSSL_HAVE_LONGLONG)
+ t_udbl r;
+
+ r = (t_udbl) X.p[i] << biL;
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch
new file mode 100644
index 0000000..622b34f
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/tpmemu-0.7.4.patch
@@ -0,0 +1,12 @@
+diff -Naur tpm_emulator-x86_64-back/tpm/tpm_emulator_extern.c tpm_emulator-x86_64/tpm/tpm_emulator_extern.c
+--- a/tpm/tpm_emulator_extern.c 2012-04-27 10:55:46.581963398 -0400
++++ b/tpm/tpm_emulator_extern.c 2012-04-27 10:56:02.193034152 -0400
+@@ -249,7 +249,7 @@
+ #else /* TPM_NO_EXTERN */
+
+ int (*tpm_extern_init)(void) = NULL;
+-int (*tpm_extern_release)(void) = NULL;
++void (*tpm_extern_release)(void) = NULL;
+ void* (*tpm_malloc)(size_t size) = NULL;
+ void (*tpm_free)(/*const*/ void *ptr) = NULL;
+ void (*tpm_log)(int priority, const char *fmt, ...) = NULL;
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch
new file mode 100644
index 0000000..9c9304c
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-bufsize.patch
@@ -0,0 +1,13 @@
+diff --git a/config.h.in b/config.h.in
+index d16a997..8088a2a 100644
+--- a/config.h.in
++++ b/config.h.in
+@@ -27,7 +27,7 @@
+ #define TPM_STORAGE_NAME "${TPM_STORAGE_NAME}"
+ #define TPM_DEVICE_NAME "${TPM_DEVICE_NAME}"
+ #define TPM_LOG_FILE "${TPM_LOG_FILE}"
+-#define TPM_CMD_BUF_SIZE 4096
++#define TPM_CMD_BUF_SIZE 4088
+
+ #endif /* _CONFIG_H_ */
+
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch
new file mode 100644
index 0000000..5fee4e9
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-cmake-Wextra.patch
@@ -0,0 +1,21 @@
+---
+ CMakeLists.txt | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+Index: tpm_emulator-x86_64/CMakeLists.txt
+===================================================================
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -40,10 +40,11 @@ set(TPM_STORAGE_NAME "/var/lib/tpm/tpm_e
+ set(TPM_DEVICE_NAME "/dev/tpm")
+ endif()
+ configure_file(${CMAKE_CURRENT_SOURCE_DIR}/config.h.in ${CMAKE_CURRENT_BINARY_DIR}/config.h)
+-add_definitions(-Wall -Werror -Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings)
++add_definitions(-Wall -Werror)
+ if("${CMAKE_SYSTEM}" MATCHES "Linux")
+ add_definitions(-Wextra)
+ endif()
++add_definitions(-Wno-unused-parameter -Wpointer-arith -Wcast-align -Wwrite-strings)
+ if(USE_OPENSSL)
+ add_definitions(-DUSE_OPENSSL)
+ endif()
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch
new file mode 100644
index 0000000..7b37d51
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote-anyloc.patch
@@ -0,0 +1,127 @@
+diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c
+index 69511d1..7545d51 100644
+--- a/tpm/tpm_cmd_handler.c
++++ b/tpm/tpm_cmd_handler.c
+@@ -3347,12 +3347,13 @@ static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp)
+ {
+ TPM_NONCE nonce;
+ TPM_RESULT res;
+- UINT32 sigSize;
+- BYTE *sig;
++ UINT32 quote_blob_size;
++ BYTE *quote_blob;
+ BYTE *ptr;
+ UINT32 len;
+ TPM_PCR_SELECTION myPCR;
+ TPM_PCR_SELECTION ptPCR;
++ UINT32 extraInfoFlags = 0;
+
+ tpm_compute_in_param_digest(req);
+
+@@ -3361,17 +3362,19 @@ static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp)
+ if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce)
+ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &myPCR)
+ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &ptPCR)
++ || tpm_unmarshal_TPM_DEEP_QUOTE_INFO(&ptr, &len, &extraInfoFlags)
+ || len != 0) return TPM_BAD_PARAMETER;
+
+- res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, &sigSize, &sig);
++ res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, extraInfoFlags,
++ "e_blob_size, "e_blob);
+ if (res != TPM_SUCCESS) return res;
+- rsp->paramSize = len = sigSize;
++ rsp->paramSize = len = quote_blob_size;
+ rsp->param = ptr = tpm_malloc(len);
+- if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) {
++ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, quote_blob, quote_blob_size)) {
+ tpm_free(rsp->param);
+ res = TPM_FAIL;
+ }
+- tpm_free(sig);
++ tpm_free(quote_blob);
+
+ return res;
+ }
+diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h
+index 328d1be..a56dd5f 100644
+--- a/tpm/tpm_commands.h
++++ b/tpm/tpm_commands.h
+@@ -3077,6 +3077,7 @@ TPM_RESULT TPM_ParentSignEK(
+ * @myPCR: [in] PCR selection for the virtual TPM
+ * @ptPCR: [in] PCR selection for the hardware TPM
+ * @auth1: [in, out] Authorization protocol parameters
++ * @extraInfoFlags [in] Flags for including, kernel hash, group info, etc
+ * @sigSize: [out] The length of the returned digital signature
+ * @sig: [out] The resulting digital signature and PCR values
+ * Returns: TPM_SUCCESS on success, a TPM error code otherwise.
+@@ -3086,6 +3087,7 @@ TPM_RESULT TPM_DeepQuote(
+ TPM_PCR_SELECTION *myPCR,
+ TPM_PCR_SELECTION *ptPCR,
+ TPM_AUTH *auth1,
++ UINT32 extraInfoFlags,
+ UINT32 *sigSize,
+ BYTE **sig
+ );
+diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c
+index c0d62e7..6586c22 100644
+--- a/tpm/tpm_credentials.c
++++ b/tpm/tpm_credentials.c
+@@ -183,7 +183,8 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_KEY_HANDLE keyHandle, TPM_AUTH *auth1,
+
+ int endorsementKeyFresh = 0;
+
+-TPM_RESULT VTPM_GetParentQuote(TPM_DIGEST* data, TPM_PCR_SELECTION *sel, UINT32 *sigSize, BYTE **sig);
++TPM_RESULT VTPM_GetParentQuote(TPM_NONCE *data, TPM_PCR_SELECTION *sel,
++ UINT32 extraInfoFlags, UINT32 *sigSize, BYTE **sig);
+
+ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel,
+ TPM_AUTH *auth1, UINT32 *sigSize, BYTE **sig)
+@@ -191,7 +192,7 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel,
+ TPM_PUBKEY pubKey;
+ TPM_RESULT res;
+ TPM_DIGEST hres;
+-
++ UINT32 extraInfoFlags = 0;
+ info("TPM_ParentSignEK()");
+
+ res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER);
+@@ -206,7 +207,7 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel,
+ res = TPM_FAIL;
+
+ if (res == TPM_SUCCESS)
+- res = VTPM_GetParentQuote(&hres, sel, sigSize, sig);
++ res = VTPM_GetParentQuote((TPM_NONCE*)&hres, sel, extraInfoFlags, sigSize, sig);
+
+ free_TPM_PUBKEY(pubKey);
+ return res;
+@@ -218,7 +219,7 @@ static const BYTE dquot_hdr[] = {
+
+ TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR,
+ TPM_PCR_SELECTION *ptPCR, TPM_AUTH *auth1,
+- UINT32 *sigSize, BYTE **sig)
++ UINT32 extraInfoFlags, UINT32 *quote_blob_size, BYTE **quote_blob)
+ {
+ TPM_RESULT res;
+ TPM_DIGEST hres;
+@@ -253,7 +254,7 @@ TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR,
+
+ tpm_free(buf);
+
+- res = VTPM_GetParentQuote(&hres, ptPCR, sigSize, sig);
++ res = VTPM_GetParentQuote((TPM_NONCE*)&hres, ptPCR, extraInfoFlags, quote_blob_size, quote_blob);
+
+ return res;
+ }
+diff --git a/tpm/tpm_marshalling.h b/tpm/tpm_marshalling.h
+index d510ebe..2e0c008 100644
+--- a/tpm/tpm_marshalling.h
++++ b/tpm/tpm_marshalling.h
+@@ -268,6 +268,8 @@ static inline int tpm_unmarshal_BOOL(BYTE **ptr, UINT32 *length, BOOL *v)
+ #define tpm_unmarshal_TPM_REDIR_COMMAND tpm_unmarshal_UINT32
+ #define tpm_marshal_DAAHANDLE tpm_marshal_UINT32
+ #define tpm_unmarshal_DAAHANDLE tpm_unmarshal_UINT32
++#define tpm_marshal_TPM_DEEP_QUOTE_INFO tpm_marshal_UINT32
++#define tpm_unmarshal_TPM_DEEP_QUOTE_INFO tpm_unmarshal_UINT32
+
+ int tpm_marshal_UINT32_ARRAY(BYTE **ptr, UINT32 *length, UINT32 *v, UINT32 n);
+ int tpm_unmarshal_UINT32_ARRAY(BYTE **ptr, UINT32 *length, UINT32 *v, UINT32 n);
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch
new file mode 100644
index 0000000..6344f38
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-deepquote.patch
@@ -0,0 +1,187 @@
+diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c
+index 0fabf98..69511d1 100644
+--- a/tpm/tpm_cmd_handler.c
++++ b/tpm/tpm_cmd_handler.c
+@@ -3343,6 +3343,39 @@ static TPM_RESULT execute_TPM_ParentSignEK(TPM_REQUEST *req, TPM_RESPONSE *rsp)
+ return res;
+ }
+
++static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp)
++{
++ TPM_NONCE nonce;
++ TPM_RESULT res;
++ UINT32 sigSize;
++ BYTE *sig;
++ BYTE *ptr;
++ UINT32 len;
++ TPM_PCR_SELECTION myPCR;
++ TPM_PCR_SELECTION ptPCR;
++
++ tpm_compute_in_param_digest(req);
++
++ ptr = req->param;
++ len = req->paramSize;
++ if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce)
++ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &myPCR)
++ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &ptPCR)
++ || len != 0) return TPM_BAD_PARAMETER;
++
++ res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, &sigSize, &sig);
++ if (res != TPM_SUCCESS) return res;
++ rsp->paramSize = len = sigSize;
++ rsp->param = ptr = tpm_malloc(len);
++ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) {
++ tpm_free(rsp->param);
++ res = TPM_FAIL;
++ }
++ tpm_free(sig);
++
++ return res;
++}
++
+ static void tpm_setup_rsp_auth(TPM_COMMAND_CODE ordinal, TPM_RESPONSE *rsp)
+ {
+ tpm_hmac_ctx_t hmac;
+@@ -4098,6 +4131,11 @@ void tpm_execute_command(TPM_REQUEST *req, TPM_RESPONSE *rsp)
+ res = execute_TPM_ParentSignEK(req, rsp);
+ break;
+
++ case TPM_ORD_DeepQuote:
++ debug("[TPM_ORD_DeepQuote]");
++ res = execute_TPM_DeepQuote(req, rsp);
++ break;
++
+ default:
+ #ifdef MTM_EMULATOR
+ res = mtm_execute_command(req, rsp);
+diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h
+index 7fef934..328d1be 100644
+--- a/tpm/tpm_commands.h
++++ b/tpm/tpm_commands.h
+@@ -3071,6 +3071,25 @@ TPM_RESULT TPM_ParentSignEK(
+ BYTE **sig
+ );
+
++/**
++ * TPM_DeepQuote - gets a hardware TPM quote of a vTPM's PCRs
++ * @externalData: [in] AntiReplay nonce to prevent replay of messages
++ * @myPCR: [in] PCR selection for the virtual TPM
++ * @ptPCR: [in] PCR selection for the hardware TPM
++ * @auth1: [in, out] Authorization protocol parameters
++ * @sigSize: [out] The length of the returned digital signature
++ * @sig: [out] The resulting digital signature and PCR values
++ * Returns: TPM_SUCCESS on success, a TPM error code otherwise.
++ */
++TPM_RESULT TPM_DeepQuote(
++ TPM_NONCE *externalData,
++ TPM_PCR_SELECTION *myPCR,
++ TPM_PCR_SELECTION *ptPCR,
++ TPM_AUTH *auth1,
++ UINT32 *sigSize,
++ BYTE **sig
++);
++
+ /*
+ * Error handling
+ * [tpm_error.c]
+diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c
+index 01f29e6..c0d62e7 100644
+--- a/tpm/tpm_credentials.c
++++ b/tpm/tpm_credentials.c
+@@ -211,3 +211,49 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel,
+ free_TPM_PUBKEY(pubKey);
+ return res;
+ }
++
++static const BYTE dquot_hdr[] = {
++ 0, 0, 0, 0, 'D', 'Q', 'U', 'T'
++};
++
++TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR,
++ TPM_PCR_SELECTION *ptPCR, TPM_AUTH *auth1,
++ UINT32 *sigSize, BYTE **sig)
++{
++ TPM_RESULT res;
++ TPM_DIGEST hres;
++ TPM_PCR_INFO_SHORT pcrData;
++ tpm_sha1_ctx_t ctx;
++ BYTE *buf, *ptr;
++ UINT32 size, len;
++
++ info("TPM_DeepQuote()");
++
++ res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER);
++ if (res != TPM_SUCCESS) return res;
++
++ res = tpm_compute_pcr_digest(myPCR, &pcrData.digestAtRelease, NULL);
++ if (res != TPM_SUCCESS) return res;
++
++ pcrData.pcrSelection.sizeOfSelect = myPCR->sizeOfSelect;
++ memcpy(pcrData.pcrSelection.pcrSelect, myPCR->pcrSelect, myPCR->sizeOfSelect);
++ pcrData.localityAtRelease = 1 << tpmData.stany.flags.localityModifier;
++
++ size = len = sizeof_TPM_PCR_INFO_SHORT(pcrData);
++ buf = ptr = tpm_malloc(size);
++ if (buf == NULL) return TPM_NOSPACE;
++ if (tpm_marshal_TPM_PCR_INFO_SHORT(&ptr, &len, &pcrData))
++ return TPM_FAIL;
++
++ tpm_sha1_init(&ctx);
++ tpm_sha1_update(&ctx, dquot_hdr, 8);
++ tpm_sha1_update(&ctx, externalData->nonce, 20);
++ tpm_sha1_update(&ctx, buf, size);
++ tpm_sha1_final(&ctx, hres.digest);
++
++ tpm_free(buf);
++
++ res = VTPM_GetParentQuote(&hres, ptPCR, sigSize, sig);
++
++ return res;
++}
+diff --git a/tpm/tpm_structures.h b/tpm/tpm_structures.h
+index b0f4625..dfb1894 100644
+--- a/tpm/tpm_structures.h
++++ b/tpm/tpm_structures.h
+@@ -660,6 +660,42 @@ typedef struct tdTPM_CMK_MA_APPROVAL {
+
+ /* VTPM-only commands: */
+ /*
++ * Deep Quote - Create quote of PCRs
++ * Input:
++ * TPM_TAG tag TPM_TAG_RQU_AUTH1_COMMAND
++ * UINT32 paramSize Total size of request
++ * TPM_COMMAND_CODE ordinal TPM_ORD_DeepQuote
++ * TPM_NONCE externData 20 bytes of external data
++ * TPM_PCR_SELECTION vtSel PCR selection for virtual TPM
++ * TPM_PCR_SELECTION ptSel PCR selection for physical TPM
++ * ---
++ * UINT32 authHandle Owner authorization session (OIAP)
++ * TPM_NONCE nonceOdd Nonce for authHandle
++ * BOOL continueAuth Continue flag for authHandle
++ * TPM_AUTHDATA privAuth Authorization digest for command
++ *
++ * Output:
++ * TPM_TAG tag TPM_TAG_RSP_AUTH1_COMMAND
++ * UINT32 paramSize Total size of response
++ * TPM_RESULT returnCode Return code of the operation
++ * BYTE[] sig Signature provided by physical TPM
++ * TPM_PCRVALUE[] pcrValue Values of hardware PCRs used in the quote
++ * ---
++ * TPM_NONCE nonceEven Nonce for authHandle
++ * BOOL continueAuth Continue flag for authHandle
++ * TPM_AUTHDATA resAuth Authorization digest for response
++ *
++ * The values of the virutal TPM's PCRs are not included in the response.
++ * The signature is a standard TPM_Quote response from the physical TPM; its
++ * externalData is the SHA1 hash of the following structure:
++ * TPM_STRUCT_VER version MUST be 0.0.0.0
++ * BYTE[4] fixed MUST be the string "DQUT"
++ * TPM_NONCE externData From input to the deep quote
++ * TPM_PCR_INFO_SHORT pcrData Virtual TPM's PCRs
++ */
++#define TPM_ORD_DeepQuote (TPM_VENDOR_COMMAND | TPM_ORD_Quote)
++
++/*
+ * ParentSignEK - Proof of fresh provisioning and EK value
+ *
+ * Input:
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch
new file mode 100644
index 0000000..e95d41f
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-implicit-fallthrough.patch
@@ -0,0 +1,10 @@
+--- a/tpm/tpm_cmd_handler.c.orig 2017-04-27 13:37:14.408000000 +0200
++++ b/tpm/tpm_cmd_handler.c 2017-04-27 13:39:53.585000000 +0200
+@@ -3397,6 +3397,7 @@
+ sizeof(rsp->auth2->nonceOdd.nonce));
+ tpm_hmac_update(&hmac, (BYTE*)&rsp->auth2->continueAuthSession, 1);
+ tpm_hmac_final(&hmac, rsp->auth2->auth);
++ /* fall-thru */
+ case TPM_TAG_RSP_AUTH1_COMMAND:
+ tpm_hmac_init(&hmac, rsp->auth1->secret, sizeof(rsp->auth1->secret));
+ tpm_hmac_update(&hmac, rsp->auth1->digest, sizeof(rsp->auth1->digest));
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch
new file mode 100644
index 0000000..8ab7dea
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-locality.patch
@@ -0,0 +1,50 @@
+diff --git a/tpm/tpm_capability.c b/tpm/tpm_capability.c
+index 60bbb90..f8f7f0f 100644
+--- a/tpm/tpm_capability.c
++++ b/tpm/tpm_capability.c
+@@ -949,6 +949,8 @@ static TPM_RESULT set_vendor(UINT32 subCap, BYTE *setValue,
+ UINT32 setValueSize, BOOL ownerAuth,
+ BOOL deactivated, BOOL disabled)
+ {
++ if (tpmData.stany.flags.localityModifier != 8)
++ return TPM_BAD_PARAMETER;
+ /* set the capability area with the specified data, on failure
+ deactivate the TPM */
+ switch (subCap) {
+diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c
+index 288d1ce..9e1cfb4 100644
+--- a/tpm/tpm_cmd_handler.c
++++ b/tpm/tpm_cmd_handler.c
+@@ -4132,7 +4132,7 @@ void tpm_emulator_shutdown()
+ tpm_extern_release();
+ }
+
+-int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size)
++int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size, int locality)
+ {
+ TPM_REQUEST req;
+ TPM_RESPONSE rsp;
+@@ -4140,7 +4140,9 @@ int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint3
+ UINT32 len;
+ BOOL free_out;
+
+- debug("tpm_handle_command()");
++ debug("tpm_handle_command(%d)", locality);
++ if (locality != -1)
++ tpmData.stany.flags.localityModifier = locality;
+
+ /* we need the whole packet at once, otherwise unmarshalling will fail */
+ if (tpm_unmarshal_TPM_REQUEST((uint8_t**)&in, &in_size, &req) != 0) {
+diff --git a/tpm/tpm_emulator.h b/tpm/tpm_emulator.h
+index eed749e..4c228bd 100644
+--- a/tpm/tpm_emulator.h
++++ b/tpm/tpm_emulator.h
+@@ -59,7 +59,7 @@ void tpm_emulator_shutdown(void);
+ * its usage. In case of an error, all internally allocated memory
+ * is released and the the state of out and out_size is unspecified.
+ */
+-int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size);
++int tpm_handle_command(const uint8_t *in, uint32_t in_size, uint8_t **out, uint32_t *out_size, int locality);
+
+ #endif /* _TPM_EMULATOR_H_ */
+
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch
new file mode 100644
index 0000000..14e66ee
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/vtpm-parent-sign-ek.patch
@@ -0,0 +1,196 @@
+diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c
+index 9e1cfb4..0fabf98 100644
+--- a/tpm/tpm_cmd_handler.c
++++ b/tpm/tpm_cmd_handler.c
+@@ -3312,6 +3312,37 @@ static TPM_RESULT execute_TPM_OwnerReadPubek(TPM_REQUEST *req, TPM_RESPONSE *rsp
+ return res;
+ }
+
++static TPM_RESULT execute_TPM_ParentSignEK(TPM_REQUEST *req, TPM_RESPONSE *rsp)
++{
++ TPM_NONCE nonce;
++ TPM_RESULT res;
++ UINT32 sigSize;
++ BYTE *sig;
++ BYTE *ptr;
++ UINT32 len;
++ TPM_PCR_SELECTION targetPCR;
++
++ tpm_compute_in_param_digest(req);
++
++ ptr = req->param;
++ len = req->paramSize;
++ if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce)
++ || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &targetPCR)
++ || len != 0) return TPM_BAD_PARAMETER;
++
++ res = TPM_ParentSignEK(&nonce, &targetPCR, &req->auth1, &sigSize, &sig);
++ if (res != TPM_SUCCESS) return res;
++ rsp->paramSize = len = sigSize;
++ rsp->param = ptr = tpm_malloc(len);
++ if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) {
++ tpm_free(rsp->param);
++ res = TPM_FAIL;
++ }
++ tpm_free(sig);
++
++ return res;
++}
++
+ static void tpm_setup_rsp_auth(TPM_COMMAND_CODE ordinal, TPM_RESPONSE *rsp)
+ {
+ tpm_hmac_ctx_t hmac;
+@@ -4062,6 +4093,11 @@ void tpm_execute_command(TPM_REQUEST *req, TPM_RESPONSE *rsp)
+ res = execute_TPM_OwnerReadPubek(req, rsp);
+ break;
+
++ case TPM_ORD_ParentSignEK:
++ debug("[TPM_ORD_ParentSignEK]");
++ res = execute_TPM_ParentSignEK(req, rsp);
++ break;
++
+ default:
+ #ifdef MTM_EMULATOR
+ res = mtm_execute_command(req, rsp);
+diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h
+index a7666f6..7fef934 100644
+--- a/tpm/tpm_commands.h
++++ b/tpm/tpm_commands.h
+@@ -3054,6 +3054,23 @@ TPM_RESULT TPM_OwnerReadPubek(
+ TPM_PUBKEY *pubEndorsementKey
+ );
+
++/**
++ * TPM_ParentSignEK - gets a hardware TPM quote of a vTPM's EK
++ * @externalData: [in] AntiReplay nonce to prevent replay of messages
++ * @sel: [in] PCR selection for the hardware TPM's quote
++ * @auth1: [in, out] Authorization protocol parameters
++ * @sigSize: [out] The length of the returned digital signature
++ * @sig: [out] The resulting digital signature and PCR values
++ * Returns: TPM_SUCCESS on success, a TPM error code otherwise.
++ */
++TPM_RESULT TPM_ParentSignEK(
++ TPM_NONCE *externalData,
++ TPM_PCR_SELECTION *sel,
++ TPM_AUTH *auth1,
++ UINT32 *sigSize,
++ BYTE **sig
++);
++
+ /*
+ * Error handling
+ * [tpm_error.c]
+diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c
+index 9cd64af..01f29e6 100644
+--- a/tpm/tpm_credentials.c
++++ b/tpm/tpm_credentials.c
+@@ -180,3 +180,34 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_KEY_HANDLE keyHandle, TPM_AUTH *auth1,
+ return TPM_BAD_PARAMETER;
+ }
+ }
++
++int endorsementKeyFresh = 0;
++
++TPM_RESULT VTPM_GetParentQuote(TPM_DIGEST* data, TPM_PCR_SELECTION *sel, UINT32 *sigSize, BYTE **sig);
++
++TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel,
++ TPM_AUTH *auth1, UINT32 *sigSize, BYTE **sig)
++{
++ TPM_PUBKEY pubKey;
++ TPM_RESULT res;
++ TPM_DIGEST hres;
++
++ info("TPM_ParentSignEK()");
++
++ res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER);
++ if (res != TPM_SUCCESS) return res;
++
++ if (!endorsementKeyFresh) return TPM_DISABLED_CMD;
++
++ res = tpm_get_pubek(&pubKey);
++ if (res != TPM_SUCCESS) return res;
++
++ if (tpm_compute_pubkey_checksum(externalData, &pubKey, &hres))
++ res = TPM_FAIL;
++
++ if (res == TPM_SUCCESS)
++ res = VTPM_GetParentQuote(&hres, sel, sigSize, sig);
++
++ free_TPM_PUBKEY(pubKey);
++ return res;
++}
+diff --git a/tpm/tpm_data.c b/tpm/tpm_data.c
+index 50c9697..6a0c499 100644
+--- a/tpm/tpm_data.c
++++ b/tpm/tpm_data.c
+@@ -76,6 +76,8 @@ static void init_timeouts(void)
+ tpmData.permanent.data.cmd_durations[2] = 1000;
+ }
+
++extern int endorsementKeyFresh;
++
+ void tpm_init_data(void)
+ {
+ /* endorsement key */
+@@ -157,6 +159,7 @@ void tpm_init_data(void)
+ if (tpmConf & TPM_CONF_GENERATE_EK) {
+ /* generate a new endorsement key */
+ tpm_rsa_generate_key(&tpmData.permanent.data.endorsementKey, 2048);
++ endorsementKeyFresh = 1;
+ } else {
+ /* setup endorsement key */
+ tpm_rsa_import_key(&tpmData.permanent.data.endorsementKey,
+diff --git a/tpm/tpm_structures.h b/tpm/tpm_structures.h
+index f746c05..b0f4625 100644
+--- a/tpm/tpm_structures.h
++++ b/tpm/tpm_structures.h
+@@ -658,6 +658,49 @@ typedef struct tdTPM_CMK_MA_APPROVAL {
+ #define TPM_ORD_TickStampBlob 242
+ #define TPM_ORD_MAX 256
+
++/* VTPM-only commands: */
++/*
++ * ParentSignEK - Proof of fresh provisioning and EK value
++ *
++ * Input:
++ * TPM_TAG tag TPM_TAG_RQU_AUTH1_COMMAND
++ * UINT32 paramSize Total size of request
++ * TPM_COMMAND_CODE ordinal TPM_ORD_ParentSignEK
++ * TPM_NONCE externData 20 bytes of external data
++ * TPM_PCR_SELECTION ptSel PCR selection for physical TPM
++ * ---
++ * UINT32 authHandle Owner authorization session (OIAP)
++ * TPM_NONCE nonceOdd Nonce for authHandle
++ * BOOL continueAuth Continue flag for authHandle
++ * TPM_AUTHDATA privAuth Authorization digest for command
++ *
++ * Output:
++ * TPM_TAG tag TPM_TAG_RSP_AUTH1_COMMAND
++ * UINT32 paramSize Total size of response
++ * TPM_RESULT returnCode Return code of the operation
++ * BYTE[] sig Signature provided by physical TPM
++ * TPM_PCRVALUE[] pcrValue Values of hardware PCRs used in the quote
++ * ---
++ * TPM_NONCE nonceEven Nonce for authHandle
++ * BOOL continueAuth Continue flag for authHandle
++ * TPM_AUTHDATA resAuth Authorization digest for response
++ *
++ * This command is only valid on the first boot of a vTPM; on any subsequent
++ * boot, the command returns TPM_DISABLED_CMD. It is intended to be used to
++ * provide evidence of proper platform configuration to the verifier/CA which is
++ * responsible for the creation of the vTPM's endorsement credential, which will
++ * be used on subsequent boots to certify AIKs via the usual Privacy CA protocol.
++ *
++ * The values of the virtual TPM's PCRs are not included in the response.
++ * The signature is a standard TPM_Quote response from the physical TPM; its
++ * externalData is the SHA1 hash of the following structure:
++ * TPM_PUBKEY pubEK The vTPM's public EK
++ * TPM_NONCE externData From input to the deep quote
++ *
++ * This structure was chosen to match the return of TPM_ReadPubek
++ */
++#define TPM_ORD_ParentSignEK (TPM_VENDOR_COMMAND | TPM_ORD_ReadPubek)
++
+ /*
+ * TCS Ordinals ([TPM_Part2], Section 17.1)
+ *
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa246-4.9.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa246-4.9.patch
new file mode 100644
index 0000000..6370a10
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa246-4.9.patch
@@ -0,0 +1,74 @@
+From: Julien Grall <julien.grall@linaro.org>
+Subject: x86/pod: prevent infinite loop when shattering large pages
+
+When populating pages, the PoD may need to split large ones using
+p2m_set_entry and request the caller to retry (see ept_get_entry for
+instance).
+
+p2m_set_entry may fail to shatter if it is not possible to allocate
+memory for the new page table. However, the error is not propagated
+resulting to the callers to retry infinitely the PoD.
+
+Prevent the infinite loop by return false when it is not possible to
+shatter the large mapping.
+
+This is XSA-246.
+
+Signed-off-by: Julien Grall <julien.grall@linaro.org>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: George Dunlap <george.dunlap@citrix.com>
+
+--- a/xen/arch/x86/mm/p2m-pod.c
++++ b/xen/arch/x86/mm/p2m-pod.c
+@@ -1071,9 +1071,8 @@ p2m_pod_demand_populate(struct p2m_domai
+ * NOTE: In a fine-grained p2m locking scenario this operation
+ * may need to promote its locking from gfn->1g superpage
+ */
+- p2m_set_entry(p2m, gfn_aligned, INVALID_MFN, PAGE_ORDER_2M,
+- p2m_populate_on_demand, p2m->default_access);
+- return 0;
++ return p2m_set_entry(p2m, gfn_aligned, INVALID_MFN, PAGE_ORDER_2M,
++ p2m_populate_on_demand, p2m->default_access);
+ }
+
+ /* Only reclaim if we're in actual need of more cache. */
+@@ -1104,8 +1103,12 @@ p2m_pod_demand_populate(struct p2m_domai
+
+ gfn_aligned = (gfn >> order) << order;
+
+- p2m_set_entry(p2m, gfn_aligned, mfn, order, p2m_ram_rw,
+- p2m->default_access);
++ if ( p2m_set_entry(p2m, gfn_aligned, mfn, order, p2m_ram_rw,
++ p2m->default_access) )
++ {
++ p2m_pod_cache_add(p2m, p, order);
++ goto out_fail;
++ }
+
+ for( i = 0; i < (1UL << order); i++ )
+ {
+@@ -1150,13 +1153,18 @@ remap_and_retry:
+ BUG_ON(order != PAGE_ORDER_2M);
+ pod_unlock(p2m);
+
+- /* Remap this 2-meg region in singleton chunks */
+- /* NOTE: In a p2m fine-grained lock scenario this might
+- * need promoting the gfn lock from gfn->2M superpage */
++ /*
++ * Remap this 2-meg region in singleton chunks. See the comment on the
++ * 1G page splitting path above for why a single call suffices.
++ *
++ * NOTE: In a p2m fine-grained lock scenario this might
++ * need promoting the gfn lock from gfn->2M superpage.
++ */
+ gfn_aligned = (gfn>>order)<<order;
+- for(i=0; i<(1<<order); i++)
+- p2m_set_entry(p2m, gfn_aligned + i, INVALID_MFN, PAGE_ORDER_4K,
+- p2m_populate_on_demand, p2m->default_access);
++ if ( p2m_set_entry(p2m, gfn_aligned, INVALID_MFN, PAGE_ORDER_4K,
++ p2m_populate_on_demand, p2m->default_access) )
++ return -1;
++
+ if ( tb_init_done )
+ {
+ struct {
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa248.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa248.patch
new file mode 100644
index 0000000..966c16e
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa248.patch
@@ -0,0 +1,164 @@
+From: Jan Beulich <jbeulich@suse.com>
+Subject: x86/mm: don't wrongly set page ownership
+
+PV domains can obtain mappings of any pages owned by the correct domain,
+including ones that aren't actually assigned as "normal" RAM, but used
+by Xen internally. At the moment such "internal" pages marked as owned
+by a guest include pages used to track logdirty bits, as well as p2m
+pages and the "unpaged pagetable" for HVM guests. Since the PV memory
+management and shadow code conflict in their use of struct page_info
+fields, and since shadow code is being used for log-dirty handling for
+PV domains, pages coming from the shadow pool must, for PV domains, not
+have the domain set as their owner.
+
+While the change could be done conditionally for just the PV case in
+shadow code, do it unconditionally (and for consistency also for HAP),
+just to be on the safe side.
+
+There's one special case though for shadow code: The page table used for
+running a HVM guest in unpaged mode is subject to get_page() (in
+set_shadow_status()) and hence must have its owner set.
+
+This is XSA-248.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Tim Deegan <tim@xen.org>
+Reviewed-by: George Dunlap <george.dunlap@citrix.com>
+---
+v2: Drop PGC_page_table related pieces.
+
+--- a/xen/arch/x86/mm/hap/hap.c
++++ b/xen/arch/x86/mm/hap/hap.c
+@@ -286,8 +286,7 @@ static struct page_info *hap_alloc_p2m_p
+ {
+ d->arch.paging.hap.total_pages--;
+ d->arch.paging.hap.p2m_pages++;
+- page_set_owner(pg, d);
+- pg->count_info |= 1;
++ ASSERT(!page_get_owner(pg) && !(pg->count_info & PGC_count_mask));
+ }
+ else if ( !d->arch.paging.p2m_alloc_failed )
+ {
+@@ -302,21 +301,23 @@ static struct page_info *hap_alloc_p2m_p
+
+ static void hap_free_p2m_page(struct domain *d, struct page_info *pg)
+ {
++ struct domain *owner = page_get_owner(pg);
++
+ /* This is called both from the p2m code (which never holds the
+ * paging lock) and the log-dirty code (which always does). */
+ paging_lock_recursive(d);
+
+- ASSERT(page_get_owner(pg) == d);
+- /* Should have just the one ref we gave it in alloc_p2m_page() */
+- if ( (pg->count_info & PGC_count_mask) != 1 ) {
+- HAP_ERROR("Odd p2m page %p count c=%#lx t=%"PRtype_info"\n",
+- pg, pg->count_info, pg->u.inuse.type_info);
++ /* Should still have no owner and count zero. */
++ if ( owner || (pg->count_info & PGC_count_mask) )
++ {
++ HAP_ERROR("d%d: Odd p2m page %"PRI_mfn" d=%d c=%lx t=%"PRtype_info"\n",
++ d->domain_id, mfn_x(page_to_mfn(pg)),
++ owner ? owner->domain_id : DOMID_INVALID,
++ pg->count_info, pg->u.inuse.type_info);
+ WARN();
++ pg->count_info &= ~PGC_count_mask;
++ page_set_owner(pg, NULL);
+ }
+- pg->count_info &= ~PGC_count_mask;
+- /* Free should not decrement domain's total allocation, since
+- * these pages were allocated without an owner. */
+- page_set_owner(pg, NULL);
+ d->arch.paging.hap.p2m_pages--;
+ d->arch.paging.hap.total_pages++;
+ hap_free(d, page_to_mfn(pg));
+--- a/xen/arch/x86/mm/shadow/common.c
++++ b/xen/arch/x86/mm/shadow/common.c
+@@ -1503,32 +1503,29 @@ shadow_alloc_p2m_page(struct domain *d)
+ pg = mfn_to_page(shadow_alloc(d, SH_type_p2m_table, 0));
+ d->arch.paging.shadow.p2m_pages++;
+ d->arch.paging.shadow.total_pages--;
++ ASSERT(!page_get_owner(pg) && !(pg->count_info & PGC_count_mask));
+
+ paging_unlock(d);
+
+- /* Unlike shadow pages, mark p2m pages as owned by the domain.
+- * Marking the domain as the owner would normally allow the guest to
+- * create mappings of these pages, but these p2m pages will never be
+- * in the domain's guest-physical address space, and so that is not
+- * believed to be a concern. */
+- page_set_owner(pg, d);
+- pg->count_info |= 1;
+ return pg;
+ }
+
+ static void
+ shadow_free_p2m_page(struct domain *d, struct page_info *pg)
+ {
+- ASSERT(page_get_owner(pg) == d);
+- /* Should have just the one ref we gave it in alloc_p2m_page() */
+- if ( (pg->count_info & PGC_count_mask) != 1 )
++ struct domain *owner = page_get_owner(pg);
++
++ /* Should still have no owner and count zero. */
++ if ( owner || (pg->count_info & PGC_count_mask) )
+ {
+- SHADOW_ERROR("Odd p2m page count c=%#lx t=%"PRtype_info"\n",
++ SHADOW_ERROR("d%d: Odd p2m page %"PRI_mfn" d=%d c=%lx t=%"PRtype_info"\n",
++ d->domain_id, mfn_x(page_to_mfn(pg)),
++ owner ? owner->domain_id : DOMID_INVALID,
+ pg->count_info, pg->u.inuse.type_info);
++ pg->count_info &= ~PGC_count_mask;
++ page_set_owner(pg, NULL);
+ }
+- pg->count_info &= ~PGC_count_mask;
+ pg->u.sh.type = SH_type_p2m_table; /* p2m code reuses type-info */
+- page_set_owner(pg, NULL);
+
+ /* This is called both from the p2m code (which never holds the
+ * paging lock) and the log-dirty code (which always does). */
+@@ -3132,7 +3129,9 @@ int shadow_enable(struct domain *d, u32
+ e = __map_domain_page(pg);
+ write_32bit_pse_identmap(e);
+ unmap_domain_page(e);
++ pg->count_info = 1;
+ pg->u.inuse.type_info = PGT_l2_page_table | 1 | PGT_validated;
++ page_set_owner(pg, d);
+ }
+
+ paging_lock(d);
+@@ -3170,7 +3169,11 @@ int shadow_enable(struct domain *d, u32
+ if ( rv != 0 && !pagetable_is_null(p2m_get_pagetable(p2m)) )
+ p2m_teardown(p2m);
+ if ( rv != 0 && pg != NULL )
++ {
++ pg->count_info &= ~PGC_count_mask;
++ page_set_owner(pg, NULL);
+ shadow_free_p2m_page(d, pg);
++ }
+ domain_unpause(d);
+ return rv;
+ }
+@@ -3279,7 +3282,22 @@ out:
+
+ /* Must be called outside the lock */
+ if ( unpaged_pagetable )
++ {
++ if ( page_get_owner(unpaged_pagetable) == d &&
++ (unpaged_pagetable->count_info & PGC_count_mask) == 1 )
++ {
++ unpaged_pagetable->count_info &= ~PGC_count_mask;
++ page_set_owner(unpaged_pagetable, NULL);
++ }
++ /* Complain here in cases where shadow_free_p2m_page() won't. */
++ else if ( !page_get_owner(unpaged_pagetable) &&
++ !(unpaged_pagetable->count_info & PGC_count_mask) )
++ SHADOW_ERROR("d%d: Odd unpaged pt %"PRI_mfn" c=%lx t=%"PRtype_info"\n",
++ d->domain_id, mfn_x(page_to_mfn(unpaged_pagetable)),
++ unpaged_pagetable->count_info,
++ unpaged_pagetable->u.inuse.type_info);
+ shadow_free_p2m_page(d, unpaged_pagetable);
++ }
+ }
+
+ void shadow_final_teardown(struct domain *d)
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa249.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa249.patch
new file mode 100644
index 0000000..ecfa430
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa249.patch
@@ -0,0 +1,42 @@
+From: Jan Beulich <jbeulich@suse.com>
+Subject: x86/shadow: fix refcount overflow check
+
+Commit c385d27079 ("x86 shadow: for multi-page shadows, explicitly track
+the first page") reduced the refcount width to 25, without adjusting the
+overflow check. Eliminate the disconnect by using a manifest constant.
+
+Interestingly, up to commit 047782fa01 ("Out-of-sync L1 shadows: OOS
+snapshot") the refcount was 27 bits wide, yet the check was already
+using 26.
+
+This is XSA-249.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: George Dunlap <george.dunlap@citrix.com>
+Reviewed-by: Tim Deegan <tim@xen.org>
+---
+v2: Simplify expression back to the style it was.
+
+--- a/xen/arch/x86/mm/shadow/private.h
++++ b/xen/arch/x86/mm/shadow/private.h
+@@ -529,7 +529,7 @@ static inline int sh_get_ref(struct doma
+ x = sp->u.sh.count;
+ nx = x + 1;
+
+- if ( unlikely(nx >= 1U<<26) )
++ if ( unlikely(nx >= (1U << PAGE_SH_REFCOUNT_WIDTH)) )
+ {
+ SHADOW_PRINTK("shadow ref overflow, gmfn=%lx smfn=%lx\n",
+ __backpointer(sp), mfn_x(smfn));
+--- a/xen/include/asm-x86/mm.h
++++ b/xen/include/asm-x86/mm.h
+@@ -82,7 +82,8 @@ struct page_info
+ unsigned long type:5; /* What kind of shadow is this? */
+ unsigned long pinned:1; /* Is the shadow pinned? */
+ unsigned long head:1; /* Is this the first page of the shadow? */
+- unsigned long count:25; /* Reference count */
++#define PAGE_SH_REFCOUNT_WIDTH 25
++ unsigned long count:PAGE_SH_REFCOUNT_WIDTH; /* Reference count */
+ } sh;
+
+ /* Page is on a free list: ((count_info & PGC_count_mask) == 0). */
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa250.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa250.patch
new file mode 100644
index 0000000..26aeb33
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa250.patch
@@ -0,0 +1,67 @@
+From: Jan Beulich <jbeulich@suse.com>
+Subject: x86/shadow: fix ref-counting error handling
+
+The old-Linux handling in shadow_set_l4e() mistakenly ORed together the
+results of sh_get_ref() and sh_pin(). As the latter failing is not a
+correctness problem, simply ignore its return value.
+
+In sh_set_toplevel_shadow() a failing sh_get_ref() must not be
+accompanied by installing the entry, despite the domain being crashed.
+
+This is XSA-250.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Tim Deegan <tim@xen.org>
+
+--- a/xen/arch/x86/mm/shadow/multi.c
++++ b/xen/arch/x86/mm/shadow/multi.c
+@@ -923,7 +923,7 @@ static int shadow_set_l4e(struct domain
+ shadow_l4e_t new_sl4e,
+ mfn_t sl4mfn)
+ {
+- int flags = 0, ok;
++ int flags = 0;
+ shadow_l4e_t old_sl4e;
+ paddr_t paddr;
+ ASSERT(sl4e != NULL);
+@@ -938,15 +938,16 @@ static int shadow_set_l4e(struct domain
+ {
+ /* About to install a new reference */
+ mfn_t sl3mfn = shadow_l4e_get_mfn(new_sl4e);
+- ok = sh_get_ref(d, sl3mfn, paddr);
+- /* Are we pinning l3 shadows to handle wierd linux behaviour? */
+- if ( sh_type_is_pinnable(d, SH_type_l3_64_shadow) )
+- ok |= sh_pin(d, sl3mfn);
+- if ( !ok )
++
++ if ( !sh_get_ref(d, sl3mfn, paddr) )
+ {
+ domain_crash(d);
+ return SHADOW_SET_ERROR;
+ }
++
++ /* Are we pinning l3 shadows to handle weird Linux behaviour? */
++ if ( sh_type_is_pinnable(d, SH_type_l3_64_shadow) )
++ sh_pin(d, sl3mfn);
+ }
+
+ /* Write the new entry */
+@@ -3965,14 +3966,15 @@ sh_set_toplevel_shadow(struct vcpu *v,
+
+ /* Take a ref to this page: it will be released in sh_detach_old_tables()
+ * or the next call to set_toplevel_shadow() */
+- if ( !sh_get_ref(d, smfn, 0) )
++ if ( sh_get_ref(d, smfn, 0) )
++ new_entry = pagetable_from_mfn(smfn);
++ else
+ {
+ SHADOW_ERROR("can't install %#lx as toplevel shadow\n", mfn_x(smfn));
+ domain_crash(d);
++ new_entry = pagetable_null();
+ }
+
+- new_entry = pagetable_from_mfn(smfn);
+-
+ install_new_entry:
+ /* Done. Install it */
+ SHADOW_PRINTK("%u/%u [%u] gmfn %#"PRI_mfn" smfn %#"PRI_mfn"\n",
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa251.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa251.patch
new file mode 100644
index 0000000..582ef62
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa251.patch
@@ -0,0 +1,21 @@
+From: Jan Beulich <jbeulich@suse.com>
+Subject: x86/paging: don't unconditionally BUG() on finding SHARED_M2P_ENTRY
+
+PV guests can fully control the values written into the P2M.
+
+This is XSA-251.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
+
+--- a/xen/arch/x86/mm/paging.c
++++ b/xen/arch/x86/mm/paging.c
+@@ -274,7 +274,7 @@ void paging_mark_pfn_dirty(struct domain
+ return;
+
+ /* Shared MFNs should NEVER be marked dirty */
+- BUG_ON(SHARED_M2P(pfn_x(pfn)));
++ BUG_ON(paging_mode_translate(d) && SHARED_M2P(pfn_x(pfn)));
+
+ /*
+ * Values with the MSB set denote MFNs that aren't really part of the
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/files/xsa253.patch b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa253.patch
new file mode 100644
index 0000000..19e4269
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/files/xsa253.patch
@@ -0,0 +1,26 @@
+From: Andrew Cooper <andrew.cooper3@citrix.com>
+Subject: x86/msr: Free msr_vcpu_policy during vcpu destruction
+
+c/s 4187f79dc7 "x86/msr: introduce struct msr_vcpu_policy" introduced a
+per-vcpu memory allocation, but failed to free it in the clean vcpu
+destruction case.
+
+This is XSA-253
+
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+
+diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
+index b17468c..0ae715d 100644
+--- a/xen/arch/x86/domain.c
++++ b/xen/arch/x86/domain.c
+@@ -382,6 +382,9 @@ void vcpu_destroy(struct vcpu *v)
+
+ vcpu_destroy_fpu(v);
+
++ xfree(v->arch.msr);
++ v->arch.msr = NULL;
++
+ if ( !is_idle_domain(v->domain) )
+ vpmu_destroy(v);
+
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/lwip.inc b/import-layers/meta-virtualization/recipes-extended/xen/lwip.inc
new file mode 100644
index 0000000..e083633
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/lwip.inc
@@ -0,0 +1,24 @@
+# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+require stubdom.inc
+
+# clear this out to break dependency circle
+DEPENDS = ""
+
+# Nothing to configure or compile
+# For stubdoms, lwip is basically a source package with a couple of patches applied.
+do_configure[noexec] = "1"
+do_compile[noexec] = "1"
+
+# needed because this directory isn't typically part of a sysroot
+SYSROOT_DIRS += "${prefix}/lwip"
+
+FILES_${PN} = "\
+ ${prefix} \
+"
+
+do_install() {
+ install -d ${D}${prefix}/lwip
+ cp -r -t ${D}${prefix}/lwip ${S}/src/*
+}
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb
new file mode 100644
index 0000000..b7d8e95
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/lwip_1.3.0.bb
@@ -0,0 +1,19 @@
+# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+DESCRIPTION = "LWIP"
+HOMEPAGE = "https://savannah.nongnu.org/projects/lwip"
+LICENSE = "BSD"
+LIC_FILES_CHKSUM = "file://COPYING;md5=59a383b05013356e0c9899b06dc5da3f"
+
+SRCREV_lwip = "bcb4afa886408bf0a1dde9c2a4a00323c8b07eb1"
+SRC_URI = "\
+ git://git.savannah.gnu.org/lwip.git;protocol=git;nobranch=1;destsuffix=lwip;name=lwip \
+ file://lwip.patch-cvs \
+ file://lwip.dhcp_create_request-hwaddr_len.patch \
+"
+
+S="${WORKDIR}/${PN}"
+B="${S}"
+
+require lwip.inc
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/mini-os.inc b/import-layers/meta-virtualization/recipes-extended/xen/mini-os.inc
new file mode 100644
index 0000000..61c2704
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/mini-os.inc
@@ -0,0 +1,28 @@
+# Copyright (C) 2018 kebodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+require stubdom.inc
+
+# clear this out to break dependency circle
+DEPENDS = ""
+
+do_configure() {
+ ${MAKE} -C ${WORKDIR}/mini-os links
+}
+
+# Nothing to configure or compile
+do_compile[noexec] = "1"
+
+# needed because this directory isn't typically part of a sysroot
+SYSROOT_DIRS += "${prefix}/mini-os"
+RDEPENDS_${PN}-dev = "perl"
+
+FILES_${PN}-dev = "\
+ ${prefix} \
+"
+
+do_install() {
+ install -d ${D}${prefix}/mini-os
+ cp -r -t ${D}${prefix}/mini-os ${S}/*
+ rm -rf ${D}${prefix}/mini-os/scripts
+}
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/mini-os_4.9.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/mini-os_4.9.0.bb
new file mode 100644
index 0000000..298bc8d
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/mini-os_4.9.0.bb
@@ -0,0 +1,18 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+DESCRIPTION = "Mini-OS is a tiny OS kernel distributed with the Xen Project"
+HOMEPAGE = "https://wiki.xenproject.org/wiki/Mini-OS"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=8a437231894440a8f7629caa372243d0"
+
+# git commit hash for tags: xen-RELEASE-4.9.0, xen-RELEASE-4.9.1, xen-RELEASE-4.9.2
+SRCREV_minios = "ca013fa9baf92f47469ba1f2e1aaa31c41d8a0bb"
+SRC_URI = "\
+ git://xenbits.xen.org/mini-os.git;protocol=git;nobranch=1;destsuffix=mini-os;name=minios \
+ file://mini-os_udivmoddi4-gcc7.patch \
+"
+S="${WORKDIR}/mini-os"
+B="${S}"
+
+require mini-os.inc
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/newlib.inc b/import-layers/meta-virtualization/recipes-extended/xen/newlib.inc
new file mode 100644
index 0000000..1fdbd0a
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/newlib.inc
@@ -0,0 +1,64 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+require stubdom.inc
+
+CPPFLAGS_INCLUDE_DIR = "-isystem `${HOST_PREFIX}gcc -print-file-name=include`"
+STUBDOM_CFLAGS += "-D_I386MACH_ALLOW_HW_INTERRUPTS"
+
+export ac_cv_path_CC_FOR_TARGET="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}"
+export CC_FOR_TARGET="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}"
+
+export ac_cv_path_CXX_FOR_TARGET="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}"
+export CXX_FOR_TARGET="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}"
+
+export ac_cv_path_CPP_FOR_TARGET="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}"
+export CPP_FOR_TARGET="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}"
+
+export ac_cv_path_LD_FOR_TARGET="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}"
+export LD_FOR_TARGET="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}"
+
+export ac_cv_path_AS_FOR_TARGET="${HOST_PREFIX}as"
+export AS_FOR_TARGET="${HOST_PREFIX}as"
+
+export ac_cv_path_AR_FOR_TARGET="${HOST_PREFIX}ar"
+export AR_FOR_TARGET="${HOST_PREFIX}ar"
+
+export ac_cv_path_NM_FOR_TARGET="${HOST_PREFIX}nm"
+export NM_FOR_TARGET="${HOST_PREFIX}nm"
+
+export ac_cv_path_RANLIB_FOR_TARGET="${HOST_PREFIX}ranlib"
+export RANLIB_FOR_TARGET="${HOST_PREFIX}ranlib"
+
+export ac_cv_path_OBJDUMP_FOR_TARGET="${HOST_PREFIX}objdump"
+export OBJDUMP_FOR_TARGET="${HOST_PREFIX}objdump"
+
+export ac_cv_path_OBJCOPY_FOR_TARGET="${HOST_PREFIX}objcopy"
+export OBJCOPY_FOR_TARGET="${HOST_PREFIX}objcopy"
+
+export ac_cv_path_STRIP_FOR_TARGET="${HOST_PREFIX}strip"
+export STRIP_FOR_TARGET="${HOST_PREFIX}strip"
+
+export ac_cv_path_STRINGS_FOR_TARGET="${HOST_PREFIX}strings"
+export STRINGS_FOR_TARGET="${HOST_PREFIX}strings"
+
+export ac_cv_path_READELF_FOR_TARGET="${HOST_PREFIX}readelf"
+export READELF_FOR_TARGET="${HOST_PREFIX}readelf"
+
+do_configure() {
+ ${S}/configure --verbose --prefix=${prefix} --target=${GNU_TARGET_ARCH}-xen-elf --enable-newlib-io-long-long --disable-multilib
+ find ${S} -type f | xargs perl -i.bak -pe 's/\b_(tzname|daylight|timezone)\b/$1/g'
+}
+
+do_compile() {
+ ${MAKE}
+}
+
+do_install() {
+ ${MAKE} DESTDIR=${D} install
+ rm -rf ${D}/cross-root-${GNU_TARGET_ARCH}/share
+ rm -rf ${D}/cross-root-${GNU_TARGET_ARCH}/info
+ install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stdarg.h -t ${D}/${includedir}
+ install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stddef.h -t ${D}/${includedir}
+ install -m 644 `${HOST_PREFIX}gcc -print-file-name=include`/stdbool.h -t ${D}/${includedir}
+}
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb
new file mode 100644
index 0000000..60672be
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/newlib_1.16.0.bb
@@ -0,0 +1,21 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+DESCRIPTION = "Newlib is a C library intended for use on embedded systems."
+HOMEPAGE = "http://sourceware.org/newlib"
+LICENSE = "GPLv2 & LGPLv3 & GPLv3 & LGPLv2"
+LIC_FILES_CHKSUM = "file://COPYING.NEWLIB;md5=950f50b290e8fcf7a2d3fff61775de9b"
+
+# this is the hash of version tag 1_16_0
+SRCREV_newlib = "07b4b67a88f386ce4716a14e0ff2c2bce992b985"
+SRC_URI = "\
+ git://sourceware.org/git/newlib-cygwin.git;protocol=git;nobranch=1;destsuffix=newlib;name=newlib \
+ file://newlib.patch \
+ file://newlib-chk.patch \
+ file://newlib-stdint-size_max-fix-from-1.17.0.patch \
+"
+
+S="${WORKDIR}/newlib"
+B="${WORKDIR}/build"
+
+require newlib.inc
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/polarssl.inc b/import-layers/meta-virtualization/recipes-extended/xen/polarssl.inc
new file mode 100644
index 0000000..eae95f4
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/polarssl.inc
@@ -0,0 +1,27 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+require stubdom.inc
+
+DEPENDS += "\
+ newlib \
+"
+STUBDOM_CFLAGS += "\
+ -Wno-memset-elt-size \
+ -Wno-implicit-fallthrough \
+"
+
+# nothing to configure
+do_configure[noexec] = "1"
+
+do_compile() {
+ ${MAKE} CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT} ${STUBDOM_CPPFLAGS} ${STUBDOM_CFLAGS}"
+}
+
+do_install() {
+ install -d ${D}${includedir}
+ cp -r -t ${D}${includedir} ${S}/include/polarssl
+
+ install -d ${D}/${libdir}
+ install -m 644 -t ${D}/${libdir} ${S}/library/libpolarssl.a
+}
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb b/import-layers/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb
new file mode 100644
index 0000000..80ea45a
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/polarssl_1.1.4.bb
@@ -0,0 +1,19 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+DESCRIPTION = "PolarSSL (now 'mbed TLS') is an open source, portable, easy to use, readable and flexible SSL library."
+HOMEPAGE = "https://tls.mbed.org"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe"
+
+# git hash for release tag polarssl-1.1.4
+SRCREV_polarssl = "d36da11125a9c85c572a4fdf63e0a25e76d7bb18"
+SRC_URI = "\
+ git://github.com/ARMmbed/mbedtls.git;protocol=https;nobranch=1;destsuffix=polarssl;name=polarssl \
+ file://polarssl.patch; \
+"
+
+S="${WORKDIR}/${PN}"
+B="${S}/library"
+
+require polarssl.inc
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc b/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc
new file mode 100644
index 0000000..ef6473d
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp.inc
@@ -0,0 +1,37 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+require stubdom.inc
+
+DEPENDS += "\
+ newlib \
+"
+
+do_configure() {
+ # need to modify prefix here during configure otherwise OE-level variables
+ # (prefix, libdir, includedir, etc...) defined in stubdom.inc get messed up
+ CPPFLAGS="-isystem ${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include ${STUBDOM_CPPFLAGS}" \
+ CFLAGS="${STUBDOM_CFLAGS}" \
+ CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" \
+ ${S}/configure \
+ --disable-shared \
+ --enable-static \
+ --disable-fft \
+ --without-readline \
+ --with-gnu-ld \
+ --prefix=${prefix}/${GNU_TARGET_ARCH}-xen-elf \
+ --libdir=${libdir} \
+ --build=`${HOST_PREFIX}gcc -dumpmachine` \
+ --host=${GNU_TARGET_ARCH}-xen-elf
+
+ sed -i 's/#define HAVE_OBSTACK_VPRINTF 1/\/\/#define HAVE_OBSTACK_VPRINTF 1/' ${S}/config.h
+}
+
+do_compile() {
+ ${MAKE}
+}
+
+do_install() {
+ ${MAKE} DESTDIR=${D} install
+ rm -rf ${D}${prefix}/${GNU_TARGET_ARCH}-xen-elf/share
+}
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb b/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb
new file mode 100644
index 0000000..d9a2adb
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/stubdom-gmp_4.3.2.bb
@@ -0,0 +1,20 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+DESCRIPTION = "GMP library for Xen vTPM's."
+HOMEPAGE = "http://gmp"
+LICENSE = "GPLv3"
+LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \
+ file://COPYING.LIB;md5=6a6a8e020838b23406c81b19c1d46df6 \
+"
+
+SRC_URI = "\
+ https://gmplib.org/download/gmp/archive/gmp-${PV}.tar.bz2 \
+"
+SRC_URI[md5sum] = "dd60683d7057917e34630b4a787932e8"
+SRC_URI[sha256sum] = "936162c0312886c21581002b79932829aa048cfaf9937c6265aeaa14f1cd1775"
+
+S="${WORKDIR}/gmp-${PV}"
+B="${S}"
+
+require stubdom-gmp.inc
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/stubdom.inc b/import-layers/meta-virtualization/recipes-extended/xen/stubdom.inc
new file mode 100644
index 0000000..bfc6752
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/stubdom.inc
@@ -0,0 +1,152 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+COMPATIBLE_HOST = '(x86_64.*).*-linux'
+
+require xen-arch.inc
+
+# many of the xen stubdom related recipes build and package static instead of shared libraries
+EXCLUDE_FROM_SHLIBS = "1"
+
+# base set of dependencies to be used for xen stubdom recipes
+DEPENDS += "\
+ lwip \
+ mini-os \
+"
+
+# unset EVERYTHING from the OE environment.
+# Weird things happen when these are exported into the environment.
+unset CFLAGS
+unset BUILD_CFLAGS
+unset TARGET_CFLAGS
+unset CFLAGS_FOR_BUILD
+
+unset CPPFLAGS
+unset BUILD_CPPFLAGS
+unset TARGET_CPPFLAGS
+unset CPPFLAGS_FOR_BUILD
+
+unset LDFLAGS
+unset BUILD_LDFLAGS
+unset TARGET_LDFLAGS
+unset LDFLAGS_FOR_BUILD
+
+unset CXXFLAGS
+unset TARGET_CXXFLAGS
+unset BUILD_CXXFLAGS
+unset CXXFLAGS_FOR_BUILD
+
+unset BUILD_CC
+unset BUILD_CPP
+unset BUILD_CXX
+unset BUILD_LD
+unset BUILD_AR
+unset BUILD_AS
+unset BUILD_CCLD
+unset BUILD_FC
+unset BUILD_RANLIB
+unset BUILD_NM
+unset BUILD_STRIP
+unset BUILD_READELF
+unset BUILD_OBJCOPY
+unset BUILD_OBJDUMP
+unset CC
+unset CPP
+unset CXX
+unset LD
+unset AR
+unset AS
+unset NM
+unset RANLIB
+unset STRIP
+unset STRINGS
+unset READELF
+unset OBJCOPY
+unset OBJDUMP
+unset READELF
+unset CCLD
+unset FC
+
+# Provide support to build both 32-bit and 64-bit stubdoms
+python () {
+ gnu_dict = {
+ 'x86_32': 'i686',
+ 'x86_64': 'x86_64',
+ }
+
+ if d.expand('${XEN_TARGET_ARCH}') == 'x86_32':
+ d.setVar("GNU_TARGET_ARCH",gnu_dict[d.expand('${XEN_TARGET_ARCH}')])
+ d.setVar("PACKAGE_ARCH","core2-32")
+ elif d.expand('${XEN_TARGET_ARCH}') == 'x86_64':
+ d.setVar("GNU_TARGET_ARCH",gnu_dict[d.expand('${XEN_TARGET_ARCH}')])
+}
+
+export GNU_TARGET_ARCH
+export XEN_TARGET_ARCH="${@map_xen_arch(d.getVar('TARGET_ARCH'), d)}"
+export XEN_COMPILE_ARCH="${@map_xen_arch(d.getVar('BUILD_ARCH'), d)}"
+
+LWIP_SRCDIR = "${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/lwip"
+MINIOS_SRCDIR = "${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/mini-os"
+
+# Base set of CPPFLAGS, CFLAGS needed for each component used to build MiniOS-based stubdoms
+# LDFLAGS are only used when building stubdoms, so only used in stubdom recipes
+# Generic name given because each library uses DEF_, BUILD_, TARGET_, and xxxFLAGS differently
+CPPFLAGS_INCLUDE_DIR = "-isystem ${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include"
+
+STUBDOM_CPPFLAGS += "\
+ -isystem ${MINIOS_SRCDIR}/include \
+ -D__MINIOS__ \
+ -DHAVE_LIBC \
+ -isystem ${MINIOS_SRCDIR}/include/posix \
+ -isystem ${MINIOS_SRCDIR}/include/xen \
+ -isystem ${MINIOS_SRCDIR}/include/x86 \
+ -isystem ${MINIOS_SRCDIR}/include/x86/${XEN_TARGET_ARCH} \
+ -U __linux__ \
+ -U __FreeBSD__ \
+ -U __sun__ \
+ -nostdinc \
+ ${CPPFLAGS_INCLUDE_DIR} \
+ -isystem ${LWIP_SRCDIR}/include \
+ -isystem ${LWIP_SRCDIR}/include/ipv4 \
+"
+
+STUBDOM_CFLAGS += "\
+ -mno-red-zone \
+ -O1 \
+ -fno-omit-frame-pointer \
+ -m64 \
+ -fno-reorder-blocks \
+ -fno-asynchronous-unwind-tables \
+ -DBUILD_ID \
+ -fno-strict-aliasing \
+ -std=gnu99 \
+ -Wall \
+ -Wstrict-prototypes \
+ -Wdeclaration-after-statement \
+ -Wno-unused-but-set-variable \
+ -Wno-unused-local-typedefs \
+ -fno-stack-protector \
+ -fno-exceptions \
+"
+
+STUBDOM_LDFLAGS = "\
+ -nostdlib \
+ -L${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/lib \
+"
+
+# Need to redefine these for stubdom-related builds. It all starts because of
+# the prefix used in newlib and then continues because we don't want to
+# cross-contaminate stubdom-related recipes with headers and libraries found in
+# the OE-defined locations
+export prefix="/cross-root-${GNU_TARGET_ARCH}"
+export includedir="${prefix}/${GNU_TARGET_ARCH}-xen-elf/include"
+export libdir="${prefix}/${GNU_TARGET_ARCH}-xen-elf/lib"
+export libexecdir="${libdir}"
+export STAGING_INCDIR
+export STAGING_LIBDIR
+
+# Typically defined in Xen and Minios .mk files that aren't sourced/read,
+# defined to trigger some values and paths in Makefiles
+export debug="y"
+export stubdom="y"
+export XEN_OS="MiniOS"
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator.inc b/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator.inc
new file mode 100644
index 0000000..f58a276
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator.inc
@@ -0,0 +1,37 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+require stubdom.inc
+
+DEPENDS += "\
+ cmake-native \
+ newlib \
+ stubdom-gmp \
+"
+
+# nothing to configure
+do_configure[noexec] = "1"
+
+export CMAKE_C_FLAGS = "\
+ -std=c99 \
+ -DTPM_NO_EXTERN \
+ ${STUBDOM_CPPFLAGS} \
+ ${STUBDOM_CFLAGS} \
+ -Wno-declaration-after-statement \
+ -Wno-implicit-fallthrough \
+"
+
+do_compile() {
+ CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}" cmake .. -DCMAKE_C_FLAGS:STRING="${CMAKE_C_FLAGS}"
+ ${MAKE} VERBOSE=1 tpm_crypto tpm
+}
+
+do_install() {
+ install -d ${D}/${libdir}
+ install -m 644 -t ${D}/${libdir} ${B}/crypto/libtpm_crypto.a
+ install -m 644 -t ${D}/${libdir} ${B}/tpm/libtpm.a
+
+ install -D -m 644 -t ${D}/${includedir}/tpm-emulator/build ${S}/build/config.h
+ install -D -m 644 -t ${D}/${includedir}/tpm-emulator/crypto ${S}/crypto/*.h
+ install -D -m 644 -t ${D}/${includedir}/tpm-emulator/tpm ${S}/tpm/*.h
+}
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb b/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb
new file mode 100644
index 0000000..f626929
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/tpm-emulator_0.7.4.bb
@@ -0,0 +1,26 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+DESCRIPTION = "TPM Emulator"
+HOMEPAGE = "http://xenbits.xen.org/xen-extfiles"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://README;md5=eeabd77cf8fd8a8bc42983884cb09863"
+
+SRC_URI = "\
+ http://xenbits.xen.org/xen-extfiles/tpm_emulator-${PV}.tar.gz;name=tpm-emulator \
+ file://tpmemu-0.7.4.patch \
+ file://vtpm-bufsize.patch \
+ file://vtpm-locality.patch \
+ file://vtpm-parent-sign-ek.patch \
+ file://vtpm-deepquote.patch \
+ file://vtpm-deepquote-anyloc.patch \
+ file://vtpm-cmake-Wextra.patch \
+ file://vtpm-implicit-fallthrough.patch \
+"
+SRC_URI[tpm-emulator.md5sum] = "e26becb8a6a2b6695f6b3e8097593db8"
+SRC_URI[tpm-emulator.sha256sum] = "4e48ea0d83dd9441cc1af04ab18cd6c961b9fa54d5cbf2c2feee038988dea459"
+
+S="${WORKDIR}/tpm_emulator-${PV}"
+B="${S}/build"
+
+require tpm-emulator.inc
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm.inc b/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm.inc
new file mode 100644
index 0000000..a94c750
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm.inc
@@ -0,0 +1,111 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+require stubdom.inc
+
+DEPENDS = "\
+ newlib \
+ lwip \
+ mini-os \
+ polarssl \
+ stubdom-gmp \
+ tpm-emulator \
+"
+# These were unset by stubdom.inc to allow us to scope them per recipe
+export CC="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}"
+export CCLD="${HOST_PREFIX}gcc --sysroot=${RECIPE_SYSROOT}"
+export CXX="${HOST_PREFIX}g++ --sysroot=${RECIPE_SYSROOT}"
+export CPP="${HOST_PREFIX}gcc -E --sysroot=${RECIPE_SYSROOT}"
+export LD="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}"
+export LD_LTO="${HOST_PREFIX}ld --sysroot=${RECIPE_SYSROOT}"
+export AS="${HOST_PREFIX}as"
+export AR="${HOST_PREFIX}ar"
+export NM="${HOST_PREFIX}nm"
+export RANLIB="${HOST_PREFIX}ranlib"
+export OBJDUMP="${HOST_PREFIX}objdump"
+export OBJCOPY="${HOST_PREFIX}objcopy"
+export STRIP="${HOST_PREFIX}strip"
+export STRINGS="${HOST_PREFIX}strings"
+export READELF="${HOST_PREFIX}readelf"
+
+
+# Required for some of the config stuff
+export STUBDOM_TARGETS="vtpm vtpmmgr"
+
+VTPM_CPPFLAGS = "\
+ -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/build \
+ -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/crypto \
+ -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator/tpm \
+ -I${RECIPE_SYSROOT}/cross-root-${GNU_TARGET_ARCH}/${GNU_TARGET_ARCH}-xen-elf/include/tpm-emulator \
+"
+
+# The includes from this Xen directory are not in the MiniOS repo, although they probably should be.
+STUBDOM_CPPFLAGS += "-isystem ${B}/include/"
+
+do_configure() {
+
+ # GCC 7 fails linking header defined inlines if not declared 'static' or 'extern'
+ # This appears to be fixed in Xen 4.10.0+, so let's look at version of Xen source
+ # to determine if we need to modify inline declarations.
+ #
+ # 'echo -e' to enable interpretation of backslashes
+ # 'sort -V' to natural sort version numbers
+ # 'head -n1' to capture the first line of output from sort command
+
+ if [ "${PV}" = "$(echo "${PV};4.9.999" | sed 's/;/\n/' | sort -V | head -n1)" ]; then
+ sed -i "s/^inline/static inline/g" ${B}/vtpmmgr/*.h
+ fi
+
+ for i in AR AS NM RANLIB OBJDUMP OBJCOPY STRIP STRINGS READELF CXX LD LD_LTO CC CPP; do
+ sed -i "s/^\($i\s\s*\).*=/\1?=/" ${MINIOS_SRCDIR}/Config.mk
+ done
+
+ # replicate the TARGETS_MINIOS target in xen/stubdom/Makefile
+ for i in ${STUBDOM_TARGETS}; do
+ [ -d ${B}/mini-os-${XEN_TARGET_ARCH}-$i ] ||
+ for j in $(cd ${MINIOS_SRCDIR} ; find . -type d) ; do \
+ mkdir -p ${B}/mini-os-${XEN_TARGET_ARCH}-$i/$j; \
+ done
+ done
+}
+
+do_compile() {
+ ${MAKE} MINIOS_CONFIG="${B}/vtpm/minios.cfg" CONFIG_FILE="${B}/vtpm-minios-config.mk" DESTDIR= -C ${MINIOS_SRCDIR} config
+ CPPFLAGS="`cat ${B}/vtpm-minios-config.mk` ${STUBDOM_CPPFLAGS} ${VTPM_CPPFLAGS}" CFLAGS="${STUBDOM_CFLAGS}" ${MAKE} -C ${B}/vtpm
+ DEF_CPPFLAGS="${STUBDOM_CPPFLAGS}" \
+ DEF_CFLAGS="${STUBDOM_CFLAGS}" \
+ DEF_LDFLAGS="${STUBDOM_LDFLAGS}" \
+ MINIOS_CONFIG="${B}/vtpm/minios.cfg" \
+ ${MAKE} -C ${MINIOS_SRCDIR} \
+ OBJ_DIR=${B}/mini-os-${XEN_TARGET_ARCH}-vtpm \
+ APP_OBJS="${B}/vtpm/vtpm.a" \
+ APP_LDLIBS="-ltpm -ltpm_crypto -lgmp -lpolarssl"
+
+ ${MAKE} MINIOS_CONFIG="${B}/vtpmmgr/minios.cfg" CONFIG_FILE="${B}/vtpmmgr-minios-config.mk" DESTDIR= -C ${MINIOS_SRCDIR} config
+ CPPFLAGS="`cat ${B}/vtpmmgr-minios-config.mk` ${STUBDOM_CPPFLAGS}" CFLAGS="${STUBDOM_CFLAGS}" ${MAKE} -C ${B}/vtpmmgr
+ DEF_CPPFLAGS="${STUBDOM_CPPFLAGS}" \
+ DEF_CFLAGS="${STUBDOM_CFLAGS}" \
+ DEF_LDFLAGS="${STUBDOM_LDFLAGS}" \
+ MINIOS_CONFIG="${B}/vtpmmgr/minios.cfg" \
+ ${MAKE} -C ${MINIOS_SRCDIR} \
+ OBJ_DIR=${B}/mini-os-${XEN_TARGET_ARCH}-vtpmmgr \
+ APP_OBJS="${B}/vtpmmgr/vtpmmgr.a" \
+ APP_LDLIBS="-lm -lpolarssl"
+}
+
+PACKAGES = "\
+ ${PN}-vtpm-stubdom \
+ ${PN}-vtpmmgr-stubdom \
+"
+FILES_${PN}-vtpm-stubdom="\
+ ${libdir}/xen/boot/vtpm-stubdom.gz \
+"
+
+FILES_${PN}-vtpmmgr-stubdom="\
+ ${libdir}/xen/boot/vtpmmgr-stubdom.gz \
+"
+
+do_install() {
+ install -m 644 -D ${B}/mini-os-${XEN_TARGET_ARCH}-vtpm/mini-os.gz ${D}${libdir}/xen/boot/vtpm-stubdom.gz
+ install -m 644 -D ${B}/mini-os-${XEN_TARGET_ARCH}-vtpmmgr/mini-os.gz ${D}${libdir}/xen/boot/vtpmmgr-stubdom.gz
+}
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm_4.9.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm_4.9.0.bb
new file mode 100644
index 0000000..c58a02d
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/xen-vtpm_4.9.0.bb
@@ -0,0 +1,21 @@
+# Copyright (C) 2017 Kurt Bodiker <kurt.bodiker@braintrust-us.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+DESCRIPTION = "MiniOS-based vTPMs for Xen"
+HOMEPAGE = "https://www.xenproject.org"
+LICENSE = "GPLv2 & BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b1ceb1b03a49b202ee6f41ffd1ed0155 \
+ file://vtpm/COPYING;md5=75a98062ab0322ded060d9026a1bda61 \
+"
+
+# git commit hash for Xen's RELEASE-4.9.0 tag
+SRCREV_xen = "c30bf55594a53fae8aae08aabf16fc192faad7da"
+SRC_URI = "\
+ git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;subpath=stubdom \
+ git://xenbits.xen.org/xen.git;protocol=git;nobranch=1;name=xen;destsuffix=stubdom/include;subpath=tools/xenstore/include \
+"
+
+S="${WORKDIR}/stubdom"
+B="${S}"
+
+require xen-vtpm.inc
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen.inc b/import-layers/meta-virtualization/recipes-extended/xen/xen.inc
index cb314f8..8dfe589 100644
--- a/import-layers/meta-virtualization/recipes-extended/xen/xen.inc
+++ b/import-layers/meta-virtualization/recipes-extended/xen/xen.inc
@@ -62,15 +62,12 @@
RDEPENDS_${PN}-base = "\
bash perl xz \
- ${PN}-blktap \
${PN}-console \
- ${PN}-libblktapctl \
${PN}-libxenguest \
${PN}-libxenlight \
${PN}-libxenvchan \
${PN}-libxenctrl \
${PN}-libxlutil \
- ${PN}-libvhd \
${PN}-libxenstat \
${PN}-libxenstore \
${PN}-libfsimage \
@@ -88,7 +85,10 @@
RDEPENDS_${PN}-dev = ""
RRECOMMENDS_${PN}-base = " \
+ ${PN}-blktap \
${PN}-libblktap \
+ ${PN}-libblktapctl \
+ ${PN}-libvhd \
${PN}-flask \
${PN}-hvmloader \
${PN}-xenpaging \
@@ -196,6 +196,8 @@
${PN}-libxenstat-dev \
${PN}-libxenstore \
${PN}-libxenstore-dev \
+ ${PN}-libxentoolcore \
+ ${PN}-libxentoolcore-dev \
${PN}-libxentoollog \
${PN}-libxentoollog-dev \
${PN}-libxenvchan \
@@ -344,6 +346,12 @@
${datadir}/pkgconfig/xenstore.pc \
"
+FILES_${PN}-libxentoolcore = "${libdir}/libxentoolcore.so.*"
+FILES_${PN}-libxentoolcore-dev = " \
+ ${libdir}/libxentoolcore.so \
+ ${datadir}/pkgconfig/xentoolcore.pc \
+ "
+
FILES_${PN}-libxentoollog = "${libdir}/libxentoollog.so.*"
FILES_${PN}-libxentoollog-dev = " \
${libdir}/libxentoollog.so \
@@ -474,6 +482,7 @@
${sbindir}/xenperf \
${sbindir}/xenpm \
${sbindir}/xsview \
+ ${sbindir}/xen-diag \
${sbindir}/xen-tmem-list-parse \
${sbindir}/xen-python-path \
${sbindir}/xen-ringwatch \
@@ -739,8 +748,6 @@
${systemd_unitdir}/system/xenconsoled.service \
${systemd_unitdir}/system/xen-init-dom0.service \
${systemd_unitdir}/system/xenstored.service \
- ${systemd_unitdir}/system/xenstored.socket \
- ${systemd_unitdir}/system/xenstored_ro.socket \
${systemd_unitdir}/system/var-lib-xenstored.mount \
"
@@ -780,8 +787,6 @@
xenconsoled.service \
xen-init-dom0.service \
xenstored.service \
- xenstored.socket \
- xenstored_ro.socket \
"
SYSTEMD_SERVICE_${PN}-xendomains = "xendomains.service"
@@ -825,7 +830,7 @@
# Yocto injects -mfpmath=sse for some machine types into the CFLAGS which
# conflicts with -mno-sse so instead we strip -mfpmath=sse instead of
# patching the build to be ok with this
-TUNE_CCARGS := "${@oe_filter_out('-mfpmath=sse', '${TUNE_CCARGS}', d)}"
+TUNE_CCARGS := "${@oe.utils.str_filter_out('-mfpmath=sse', '${TUNE_CCARGS}', d)}"
EXTRA_OECONF += " \
--exec-prefix=/usr \
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen_4.10.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/xen_4.10.0.bb
new file mode 100644
index 0000000..d314b9b
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/xen_4.10.0.bb
@@ -0,0 +1,12 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+require xen.inc
+
+SRC_URI = " \
+ https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \
+ file://xsa253.patch \
+ "
+
+SRC_URI[md5sum] = "ab9d320d02cb40f6b40506aed1a38d58"
+SRC_URI[sha256sum] = "0262a7023f8b12bcacfb0b25e69b2a63291f944f7683d54d8f33d4b2ca556844"
+
+S = "${WORKDIR}/xen-${PV}"
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.0.bb b/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.0.bb
deleted file mode 100644
index 8e9c802..0000000
--- a/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.0.bb
+++ /dev/null
@@ -1,12 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
-require xen.inc
-
-SRC_URI = " \
- https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \
- file://fix-libxc-xc_dom_arm-missing-initialization.patch \
- "
-
-SRC_URI[md5sum] = "f0a753637630f982dfbdb64121fd71e1"
-SRC_URI[sha256sum] = "cade643fe3310d4d6f97d0c215c6fa323bc1130d7e64d7e2043ffaa73a96f33b"
-
-S = "${WORKDIR}/xen-${PV}"
diff --git a/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.1.bb b/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.1.bb
new file mode 100644
index 0000000..5c18bb0
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-extended/xen/xen_4.9.1.bb
@@ -0,0 +1,18 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+require xen.inc
+
+SRC_URI = " \
+ https://downloads.xenproject.org/release/xen/${PV}/xen-${PV}.tar.gz \
+ file://xsa246-4.9.patch \
+ file://0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu.patch \
+ file://0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas.patch \
+ file://xsa248.patch \
+ file://xsa249.patch \
+ file://xsa250.patch \
+ file://xsa251.patch \
+ "
+
+SRC_URI[md5sum] = "8b9d6104694b164d54334194135f7217"
+SRC_URI[sha256sum] = "ecf88b01f44cd8f4ef208af3f999dceb69bdd2a316d88dd9a9535ea7b49ed356"
+
+S = "${WORKDIR}/xen-${PV}"
diff --git a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto/vswitch.cfg b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto/vswitch.cfg
index 0067504..b1fefc0 100644
--- a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto/vswitch.cfg
+++ b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto/vswitch.cfg
@@ -1,2 +1,3 @@
CONFIG_OPENVSWITCH=m
CONFIG_NET_SCH_INGRESS=m
+CONFIG_NET_ACT_POLICE=m
diff --git a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.4.bbappend b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.14.bbappend
similarity index 100%
rename from import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.4.bbappend
rename to import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.14.bbappend
diff --git a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.10.bbappend b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.15.bbappend
similarity index 100%
rename from import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.10.bbappend
rename to import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.15.bbappend
diff --git a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.9.bbappend b/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.9.bbappend
deleted file mode 100644
index 617cacc..0000000
--- a/import-layers/meta-virtualization/recipes-kernel/linux/linux-yocto_4.9.bbappend
+++ /dev/null
@@ -1 +0,0 @@
-require ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', '${BPN}_virtualization.inc', '', d)}
diff --git a/import-layers/meta-virtualization/recipes-networking/netns/files/0001-Allow-selection-of-go-compiler.patch b/import-layers/meta-virtualization/recipes-networking/netns/files/0001-Allow-selection-of-go-compiler.patch
new file mode 100644
index 0000000..84fb9a4
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-networking/netns/files/0001-Allow-selection-of-go-compiler.patch
@@ -0,0 +1,107 @@
+From 6576f228339b7931e05a8e861f085f483817806b Mon Sep 17 00:00:00 2001
+From: Paul Barker <pbarker@toganlabs.com>
+Date: Tue, 8 May 2018 11:01:14 +0000
+Subject: [PATCH] Allow selection of go compiler
+
+By running `make GO=/path/to/go` we can now select the appropriate go compiler
+to use. This also makes it possible to cross compile netns more easily.
+
+Signed-off-by: Paul Barker <pbarker@toganlabs.com>
+Upstream-status: Pending
+---
+ Makefile | 25 ++++++++++++++-----------
+ 1 file changed, 14 insertions(+), 11 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 3a22f3e..476cb9b 100644
+--- a/src/import/Makefile
++++ b/src/import/Makefile
+@@ -23,6 +23,9 @@ CTIMEVAR=-X $(PKG)/version.GITCOMMIT=$(GITCOMMIT) -X $(PKG)/version.VERSION=$(VE
+ GO_LDFLAGS=-ldflags "-w $(CTIMEVAR)"
+ GO_LDFLAGS_STATIC=-ldflags "-w $(CTIMEVAR) -extldflags -static"
+
++# Set our default go compiler
++GO := go
++
+ # List the GOOS and GOARCH to build
+ GOOSARCHES = linux/arm linux/arm64 linux/amd64 linux/386
+
+@@ -33,12 +36,12 @@ build: $(NAME) ## Builds a dynamic executable or package
+
+ $(NAME): *.go VERSION.txt
+ @echo "+ $@"
+- go build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) .
++ $(GO) build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) .
+
+ .PHONY: static
+ static: ## Builds a static executable
+ @echo "+ $@"
+- CGO_ENABLED=0 go build \
++ CGO_ENABLED=0 $(GO) build \
+ -tags "$(BUILDTAGS) static_build" \
+ ${GO_LDFLAGS_STATIC} -o $(NAME) .
+
+@@ -55,23 +58,23 @@ lint: ## Verifies `golint` passes
+ .PHONY: test
+ test: ## Runs the go tests
+ @echo "+ $@"
+- @go test -v -tags "$(BUILDTAGS) cgo" $(shell go list ./... | grep -v vendor)
++ @$(GO) test -v -tags "$(BUILDTAGS) cgo" $(shell $(GO) list ./... | grep -v vendor)
+
+ .PHONY: vet
+ vet: ## Verifies `go vet` passes
+ @echo "+ $@"
+- @go vet $(shell go list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr
++ @$(GO) vet $(shell $(GO) list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr
+
+ .PHONY: staticcheck
+ staticcheck: ## Verifies `staticcheck` passes
+ @echo "+ $@"
+- @staticcheck $(shell go list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr
++ @staticcheck $(shell $(GO) list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr
+
+ .PHONY: cover
+ cover: ## Runs go test with coverage
+ @echo "" > coverage.txt
+- @for d in $(shell go list ./... | grep -v vendor); do \
+- go test -race -coverprofile=profile.out -covermode=atomic "$$d"; \
++ @for d in $(shell $(GO) list ./... | grep -v vendor); do \
++ $(GO) test -race -coverprofile=profile.out -covermode=atomic "$$d"; \
+ if [ -f profile.out ]; then \
+ cat profile.out >> coverage.txt; \
+ rm profile.out; \
+@@ -81,11 +84,11 @@ cover: ## Runs go test with coverage
+ .PHONY: install
+ install: ## Installs the executable or package
+ @echo "+ $@"
+- go install -a -tags "$(BUILDTAGS)" ${GO_LDFLAGS} .
++ $(GO) install -a -tags "$(BUILDTAGS)" ${GO_LDFLAGS} .
+
+ define buildpretty
+ mkdir -p $(BUILDDIR)/$(1)/$(2);
+-GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \
++GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 $(GO) build \
+ -o $(BUILDDIR)/$(1)/$(2)/$(NAME) \
+ -a -tags "$(BUILDTAGS) static_build netgo" \
+ -installsuffix netgo ${GO_LDFLAGS_STATIC} .;
+@@ -99,7 +102,7 @@ cross: *.go VERSION.txt ## Builds the cross-compiled binaries, creating a clean
+ $(foreach GOOSARCH,$(GOOSARCHES), $(call buildpretty,$(subst /,,$(dir $(GOOSARCH))),$(notdir $(GOOSARCH))))
+
+ define buildrelease
+-GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \
++GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 $(GO) build \
+ -o $(BUILDDIR)/$(NAME)-$(1)-$(2) \
+ -a -tags "$(BUILDTAGS) static_build netgo" \
+ -installsuffix netgo ${GO_LDFLAGS_STATIC} .;
+@@ -115,7 +118,7 @@ release: *.go VERSION.txt ## Builds the cross-compiled binaries, naming them in
+ .PHONY: bump-version
+ BUMP := patch
+ bump-version: ## Bump the version in the version file. Set BUMP to [ patch | major | minor ]
+- @go get -u github.com/jessfraz/junk/sembump # update sembump tool
++ @$(GO) get -u github.com/jessfraz/junk/sembump # update sembump tool
+ $(eval NEW_VERSION = $(shell sembump --kind $(BUMP) $(VERSION)))
+ @echo "Bumping VERSION.txt from $(VERSION) to $(NEW_VERSION)"
+ echo $(NEW_VERSION) > VERSION.txt
+--
+2.7.4
+
diff --git a/import-layers/meta-virtualization/recipes-networking/netns/netns_git.bb b/import-layers/meta-virtualization/recipes-networking/netns/netns_git.bb
index d35836e..82a961b 100644
--- a/import-layers/meta-virtualization/recipes-networking/netns/netns_git.bb
+++ b/import-layers/meta-virtualization/recipes-networking/netns/netns_git.bb
@@ -1,13 +1,13 @@
HOMEPAGE = "https://github.com/jfrazelle/netns"
SUMMARY = "Runc hook for setting up default bridge networking."
LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=20ce4c6a4f32d6ee4a68e3a7506db3f1"
+LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=48ef0979a2bcc3fae14ff30b8a7f5dbf"
-SRC_URI = "git://github.com/jessfraz/netns;branch=master \
- file://0001-Use-correct-go-cross-compiler.patch \
+SRC_URI = "git://github.com/genuinetools/netns;branch=master \
+ file://0001-Allow-selection-of-go-compiler.patch \
"
-SRCREV = "74e23a0e5c4e7ac011aafcc4623586c196f1b3ef"
-PV = "0.2.1"
+SRCREV = "0da6ab0997707024debe68c91e940c9168041bf8"
+PV = "0.4.0"
GO_IMPORT = "import"
S = "${WORKDIR}/git"
@@ -26,9 +26,9 @@
# We also need to link in the ipallocator and version directories as
# they are not under the src directory.
ln -sfn . "${S}/src/import/vendor/src"
- mkdir -p "${S}/src/import/vendor/src/github.com/jessfraz/netns"
- ln -sfn "${S}/src/import/ipallocator" "${S}/src/import/vendor/src/github.com/jessfraz/netns/ipallocator"
- ln -sfn "${S}/src/import/version" "${S}/src/import/vendor/src/github.com/jessfraz/netns/version"
+ mkdir -p "${S}/src/import/vendor/src/github.com/genuinetools/netns"
+ ln -sfn "${S}/src/import/ipallocator" "${S}/src/import/vendor/src/github.com/genuinetools/netns/ipallocator"
+ ln -sfn "${S}/src/import/version" "${S}/src/import/vendor/src/github.com/genuinetools/netns/version"
export GOPATH="${S}/src/import/vendor"
# Pass the needed cflags/ldflags so that cgo
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch
index 4441c1e..deff10b 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-make-remaining-scripts-use-usr-bin-env.patch
@@ -1,4 +1,4 @@
-From 04ad1c3d9f47cfdf4ad9b5d685e953ec094326ff Mon Sep 17 00:00:00 2001
+From f21a0490555d5fe8f5a9ce982defa666a64151c0 Mon Sep 17 00:00:00 2001
From: Mark Asselstine <mark.asselstine@windriver.com>
Date: Fri, 13 Jan 2017 16:12:55 -0500
Subject: [PATCH] python: make remaining scripts use /usr/bin/env
@@ -12,6 +12,7 @@
make use of /usr/bin/env to increase the chances of finding python.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
+
---
build-aux/check-structs | 2 +-
build-aux/extract-ofp-actions | 2 +-
@@ -28,7 +29,7 @@
12 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/build-aux/check-structs b/build-aux/check-structs
-index f79f235..c7b8730 100755
+index f79f235..5129b72 100755
--- a/build-aux/check-structs
+++ b/build-aux/check-structs
@@ -1,4 +1,4 @@
@@ -38,7 +39,7 @@
import os.path
import sys
diff --git a/build-aux/extract-ofp-actions b/build-aux/extract-ofp-actions
-index 184447b..92ea18d 100755
+index 0062ab8..ee8c4ff 100755
--- a/build-aux/extract-ofp-actions
+++ b/build-aux/extract-ofp-actions
@@ -1,4 +1,4 @@
@@ -48,7 +49,7 @@
import sys
import os.path
diff --git a/build-aux/extract-ofp-errors b/build-aux/extract-ofp-errors
-index 9642593..11e6de7 100755
+index 2312b76..e36444e 100755
--- a/build-aux/extract-ofp-errors
+++ b/build-aux/extract-ofp-errors
@@ -1,4 +1,4 @@
@@ -58,7 +59,7 @@
import sys
import os.path
diff --git a/build-aux/extract-ofp-fields b/build-aux/extract-ofp-fields
-index 498b887..5d6bcec 100755
+index 498b887..c248e76 100755
--- a/build-aux/extract-ofp-fields
+++ b/build-aux/extract-ofp-fields
@@ -1,4 +1,4 @@
@@ -68,7 +69,7 @@
import getopt
import sys
diff --git a/build-aux/extract-ofp-msgs b/build-aux/extract-ofp-msgs
-index 1813638..e9e3c25 100755
+index 1813638..c2a91f9 100755
--- a/build-aux/extract-ofp-msgs
+++ b/build-aux/extract-ofp-msgs
@@ -1,4 +1,4 @@
@@ -78,7 +79,7 @@
import sys
import os.path
diff --git a/build-aux/xml2nroff b/build-aux/xml2nroff
-index bd4e879..9d81503 100755
+index bd4e879..db45c56 100755
--- a/build-aux/xml2nroff
+++ b/build-aux/xml2nroff
@@ -1,4 +1,4 @@
@@ -88,7 +89,7 @@
# Copyright (c) 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
#
diff --git a/ovn/utilities/ovn-docker-overlay-driver b/ovn/utilities/ovn-docker-overlay-driver
-index 52de3db..c90f02b 100755
+index 52de3db..3b1fa45 100755
--- a/ovn/utilities/ovn-docker-overlay-driver
+++ b/ovn/utilities/ovn-docker-overlay-driver
@@ -1,4 +1,4 @@
@@ -98,7 +99,7 @@
#
# Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/ovn/utilities/ovn-docker-underlay-driver b/ovn/utilities/ovn-docker-underlay-driver
-index 2c9c4b6..89b804c 100755
+index 2c9c4b6..551e7a1 100755
--- a/ovn/utilities/ovn-docker-underlay-driver
+++ b/ovn/utilities/ovn-docker-underlay-driver
@@ -1,4 +1,4 @@
@@ -108,7 +109,7 @@
#
# Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/ovsdb/ovsdb-doc b/ovsdb/ovsdb-doc
-index 5cf26ee..f76f4bd 100755
+index 5cf26ee..bdf2dcc 100755
--- a/ovsdb/ovsdb-doc
+++ b/ovsdb/ovsdb-doc
@@ -1,4 +1,4 @@
@@ -147,6 +148,3 @@
# This library is free software; you can redistribute it and/or
# modify it under the terms of version 2.1 of the GNU Lesser General Public
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch
index a02b2a4..6a1b832 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/files/python-switch-remaining-scripts-to-use-python3.patch
@@ -1,4 +1,4 @@
-From 176528ca3a8b76c9d0bb71b1e56eeebccc655c71 Mon Sep 17 00:00:00 2001
+From 39d1af836d844c89e625cfc908545e93977af8be Mon Sep 17 00:00:00 2001
From: Mark Asselstine <mark.asselstine@windriver.com>
Date: Wed, 3 May 2017 10:39:12 -0400
Subject: [PATCH] python: switch remaining scripts to use python3
@@ -6,6 +6,7 @@
Work to remove the main openvswitch package's dependency on python 2.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
+
---
ofproto/ipfix-gen-entities | 2 +-
tests/test-l7.py | 2 +-
@@ -108,6 +109,3 @@
# Copyright (c) 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-Python3-compatibility-Convert-print-statements.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-Python3-compatibility-Convert-print-statements.patch
index d619758..7bdcc00 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-Python3-compatibility-Convert-print-statements.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-Python3-compatibility-Convert-print-statements.patch
@@ -1,7 +1,7 @@
-From c5c18f9c5f1b7217d43af43be9736c1762c7ebba Mon Sep 17 00:00:00 2001
+From 3658d861c3c83caab9040bec04b195be3f86d4ce Mon Sep 17 00:00:00 2001
From: Jason Wessel <jason.wessel@windriver.com>
Date: Thu, 29 Jun 2017 20:33:23 -0700
-Subject: [PATCH 1/8] Python3 compatibility: Convert print statements
+Subject: [PATCH] Python3 compatibility: Convert print statements
Commit d34a1cc02536f9a812517a71accec3fbd3c6c98b from
https://github.com/openvswitch/ovs.git
@@ -11,6 +11,7 @@
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
+
---
build-aux/check-structs | 4 +-
build-aux/extract-ofp-actions | 68 +++---
@@ -22,7 +23,7 @@
7 files changed, 306 insertions(+), 305 deletions(-)
diff --git a/build-aux/check-structs b/build-aux/check-structs
-index f79f235..bae511f 100755
+index 5129b72..cbb19b6 100755
--- a/build-aux/check-structs
+++ b/build-aux/check-structs
@@ -211,7 +211,7 @@ def checkStructs():
@@ -44,7 +45,7 @@
global fileName
diff --git a/build-aux/extract-ofp-actions b/build-aux/extract-ofp-actions
-index 0062ab8..874e6b4 100755
+index ee8c4ff..67e3848 100755
--- a/build-aux/extract-ofp-actions
+++ b/build-aux/extract-ofp-actions
@@ -67,7 +67,7 @@ def fatal(msg):
@@ -187,7 +188,7 @@
if __name__ == '__main__':
if '--help' in sys.argv:
diff --git a/build-aux/extract-ofp-errors b/build-aux/extract-ofp-errors
-index 2312b76..336a240 100755
+index e36444e..97d62d2 100755
--- a/build-aux/extract-ofp-errors
+++ b/build-aux/extract-ofp-errors
@@ -426,7 +426,7 @@ static const struct ofperr_domain %s = {
@@ -200,7 +201,7 @@
print (" { -1, -1, -1 }, /* %s */" % enum)
print ("""\
diff --git a/build-aux/extract-ofp-fields b/build-aux/extract-ofp-fields
-index 498b887..425a85f 100755
+index c248e76..80c7d35 100755
--- a/build-aux/extract-ofp-fields
+++ b/build-aux/extract-ofp-fields
@@ -728,7 +728,7 @@ def make_ovs_fields(meta_flow_h, meta_flow_xml):
@@ -213,7 +214,7 @@
recursively_replace(doc, 'oxm_classes', make_oxm_classes_xml(document))
diff --git a/build-aux/extract-ofp-msgs b/build-aux/extract-ofp-msgs
-index 1813638..a67e870 100755
+index c2a91f9..92c4bda 100755
--- a/build-aux/extract-ofp-msgs
+++ b/build-aux/extract-ofp-msgs
@@ -56,14 +56,14 @@ def fatal(msg):
@@ -241,7 +242,7 @@
+ print(line)
diff --git a/ovsdb/ovsdb-doc b/ovsdb/ovsdb-doc
-index 5cf26ee..b34fb11 100755
+index bdf2dcc..e82ad59 100755
--- a/ovsdb/ovsdb-doc
+++ b/ovsdb/ovsdb-doc
@@ -258,7 +258,7 @@ represent strong references; thin lines represent weak references.
@@ -272,11 +273,11 @@
except error.Error, e:
sys.stderr.write("%s: %s\n" % (argv0, e.msg))
diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in
-index 721ab50..1064448 100755
+index bfbcf23..62442ee 100755
--- a/ovsdb/ovsdb-idlc.in
+++ b/ovsdb/ovsdb-idlc.in
@@ -1,5 +1,6 @@
- #! @PYTHON@
+ #! /usr/bin/env @PYTHON@
+from __future__ import print_function
import getopt
@@ -1259,6 +1260,3 @@
elif key in ['-C', '--directory']:
os.chdir(value)
else:
---
-2.5.0
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-use-the-linux-if_packet.h-Interface-directly.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-use-the-linux-if_packet.h-Interface-directly.patch
index 3571245..f1f9bef 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-use-the-linux-if_packet.h-Interface-directly.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0001-use-the-linux-if_packet.h-Interface-directly.patch
@@ -1,17 +1,18 @@
-From 1cec65e45f011c3f52eed5e27d3d816502e36610 Mon Sep 17 00:00:00 2001
+From 28b2d17de9414161d5edd67766bd4b452cd809ef Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 20 Mar 2017 12:12:51 -0700
-Subject: [PATCH 1/2] use the linux if_packet.h Interface directly
+Subject: [PATCH] use the linux if_packet.h Interface directly
Helps compiling with musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
---
lib/netdev-linux.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lib/netdev-linux.c b/lib/netdev-linux.c
-index a5a9ec1ab..9dd40acdd 100644
+index fccf88f..b703156 100644
--- a/lib/netdev-linux.c
+++ b/lib/netdev-linux.c
@@ -33,14 +33,13 @@
@@ -30,6 +31,3 @@
#include <net/route.h>
#include <netinet/in.h>
#include <poll.h>
---
-2.12.0
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch
index e44ffda..f997bbf 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Define-WAIT_ANY-if-not-provided-by-system.patch
@@ -1,21 +1,22 @@
-From 803bde12d32d16eefeae03422a0ac682e0601c43 Mon Sep 17 00:00:00 2001
+From 801023e72b31e7c49cbccedd76ade33a17fcbe45 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 20 Mar 2017 12:13:30 -0700
-Subject: [PATCH 2/2] Define WAIT_ANY if not provided by system
+Subject: [PATCH] Define WAIT_ANY if not provided by system
POSIX does not define it and uses -1 directly
some libc do not have this definitions
Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
---
tests/test-ovn.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tests/test-ovn.c b/tests/test-ovn.c
-index 2e82a6f0d..76e7db9fb 100644
+index 84adf81..2bc6bdf 100644
--- a/tests/test-ovn.c
+++ b/tests/test-ovn.c
-@@ -37,6 +37,10 @@
+@@ -38,6 +38,10 @@
#include "simap.h"
#include "util.h"
@@ -26,6 +27,3 @@
/* --relops: Bitmap of the relational operators to test, in exhaustive test. */
static unsigned int test_relops;
---
-2.12.0
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Python3-compatibility-exception-cleanup.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Python3-compatibility-exception-cleanup.patch
index 59c0f3e..70abd26 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Python3-compatibility-exception-cleanup.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0002-Python3-compatibility-exception-cleanup.patch
@@ -1,7 +1,7 @@
-From c98fee41d130cb946aa4e60fefaa6cbf203f6790 Mon Sep 17 00:00:00 2001
+From c0ba116eab401431b4f11b66bd7d1b42741b03c3 Mon Sep 17 00:00:00 2001
From: Jason Wessel <jason.wessel@windriver.com>
Date: Thu, 29 Jun 2017 20:33:23 -0700
-Subject: [PATCH 2/8] Python3 compatibility: exception cleanup
+Subject: [PATCH] Python3 compatibility: exception cleanup
Commit 52e4a477f0b3c0a0ece7adeede6e06e07814f8b9 from
https://github.com/openvswitch/ovs.git
@@ -11,6 +11,7 @@
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
+
---
build-aux/extract-ofp-fields | 2 +-
ovsdb/ovsdb-doc | 4 ++--
@@ -18,7 +19,7 @@
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/build-aux/extract-ofp-fields b/build-aux/extract-ofp-fields
-index 425a85f..61e752b 100755
+index 80c7d35..6286c9c 100755
--- a/build-aux/extract-ofp-fields
+++ b/build-aux/extract-ofp-fields
@@ -784,7 +784,7 @@ if __name__ == "__main__":
@@ -31,7 +32,7 @@
sys.exit(1)
diff --git a/ovsdb/ovsdb-doc b/ovsdb/ovsdb-doc
-index b34fb11..918e88a 100755
+index e82ad59..9448713 100755
--- a/ovsdb/ovsdb-doc
+++ b/ovsdb/ovsdb-doc
@@ -278,7 +278,7 @@ if __name__ == "__main__":
@@ -53,7 +54,7 @@
sys.exit(1)
diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in
-index 1064448..8b85f0d 100755
+index 62442ee..e7e1c6b 100755
--- a/ovsdb/ovsdb-idlc.in
+++ b/ovsdb/ovsdb-idlc.in
@@ -1098,7 +1098,7 @@ if __name__ == "__main__":
@@ -74,6 +75,3 @@
sys.stderr.write("%s: %s\n" % (argv0, e))
sys.exit(1)
---
-2.5.0
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0003-Python3-compatibility-execfile-to-exec.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0003-Python3-compatibility-execfile-to-exec.patch
index a85980e..98d77c8 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0003-Python3-compatibility-execfile-to-exec.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0003-Python3-compatibility-execfile-to-exec.patch
@@ -1,7 +1,7 @@
-From 9cbae86be03756df76560c15720756f9ac088144 Mon Sep 17 00:00:00 2001
+From 8557d51e8c7325a17219911e9a65eeb3946e869f Mon Sep 17 00:00:00 2001
From: Jason Wessel <jason.wessel@windriver.com>
Date: Thu, 29 Jun 2017 20:33:23 -0700
-Subject: [PATCH 3/8] Python3 compatibility: execfile to exec
+Subject: [PATCH] Python3 compatibility: execfile to exec
Commit a4d10a7ca937d73873f6f98619d88682e69f5dbe from
https://github.com/openvswitch/ovs.git
@@ -11,12 +11,13 @@
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
+
---
ovsdb/ovsdb-idlc.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in
-index 8b85f0d..3fa1a0f 100755
+index e7e1c6b..e1551f9 100755
--- a/ovsdb/ovsdb-idlc.in
+++ b/ovsdb/ovsdb-idlc.in
@@ -17,7 +17,7 @@ def parseSchema(filename):
@@ -28,6 +29,3 @@
ovs.json.to_stream(schemaJson, sys.stdout)
sys.stdout.write('\n')
---
-2.5.0
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0004-Python3-compatibility-iteritems-to-items.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0004-Python3-compatibility-iteritems-to-items.patch
index ddc86db..092c42d 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0004-Python3-compatibility-iteritems-to-items.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0004-Python3-compatibility-iteritems-to-items.patch
@@ -1,7 +1,7 @@
-From 0f318e472d9897d99395adcfb17cbeaff05677ba Mon Sep 17 00:00:00 2001
+From 7e4bd5c2af85b1293be0a92b18f7930bda2ab41a Mon Sep 17 00:00:00 2001
From: Jason Wessel <jason.wessel@windriver.com>
Date: Thu, 29 Jun 2017 20:33:23 -0700
-Subject: [PATCH 4/8] Python3 compatibility: iteritems to items
+Subject: [PATCH] Python3 compatibility: iteritems to items
Commit 4ab665623cbb4c6506e48b82e0c9fe8585f42e13 from
https://github.com/openvswitch/ovs.git
@@ -11,6 +11,7 @@
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
+
---
build-aux/extract-ofp-actions | 2 +-
build-aux/extract-ofp-errors | 2 +-
@@ -19,7 +20,7 @@
4 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/build-aux/extract-ofp-actions b/build-aux/extract-ofp-actions
-index 874e6b4..c11297c 100755
+index 67e3848..c7858bd 100755
--- a/build-aux/extract-ofp-actions
+++ b/build-aux/extract-ofp-actions
@@ -13,7 +13,7 @@ version_map = {"1.0": 0x01,
@@ -32,7 +33,7 @@
# Map from vendor name to the length of the action header.
vendor_map = {"OF": (0x00000000, 4),
diff --git a/build-aux/extract-ofp-errors b/build-aux/extract-ofp-errors
-index 336a240..71ae0bd 100755
+index 97d62d2..58ba006 100755
--- a/build-aux/extract-ofp-errors
+++ b/build-aux/extract-ofp-errors
@@ -14,7 +14,7 @@ version_map = {"1.0": 0x01,
@@ -45,7 +46,7 @@
token = None
line = ""
diff --git a/build-aux/extract-ofp-fields b/build-aux/extract-ofp-fields
-index 61e752b..ef997dd 100755
+index 6286c9c..f624728 100755
--- a/build-aux/extract-ofp-fields
+++ b/build-aux/extract-ofp-fields
@@ -16,7 +16,7 @@ VERSION = {"1.0": 0x01,
@@ -58,7 +59,7 @@
TYPES = {"u8": (1, False),
"be16": (2, False),
diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in
-index 3fa1a0f..615548f 100755
+index e1551f9..b70a599 100755
--- a/ovsdb/ovsdb-idlc.in
+++ b/ovsdb/ovsdb-idlc.in
@@ -138,7 +138,7 @@ def printCIDLHeader(schemaFile):
@@ -97,6 +98,3 @@
structName = "%s%s" % (prefix, tableName.lower())
if table.is_root:
is_root = "true"
---
-2.5.0
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0005-Python3-compatibility-fix-integer-problems.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0005-Python3-compatibility-fix-integer-problems.patch
index 717a97d..d6f9364 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0005-Python3-compatibility-fix-integer-problems.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0005-Python3-compatibility-fix-integer-problems.patch
@@ -1,7 +1,7 @@
-From bc29f98f0137fa1083a4cacf832d52f740d150a8 Mon Sep 17 00:00:00 2001
+From d22c7f1c6ade82a0cd646cfcd8df9adda6cd1ad6 Mon Sep 17 00:00:00 2001
From: Jason Wessel <jason.wessel@windriver.com>
Date: Thu, 29 Jun 2017 20:33:23 -0700
-Subject: [PATCH 5/8] Python3 compatibility: fix integer problems
+Subject: [PATCH] Python3 compatibility: fix integer problems
Commit fa145f1a53943243f94a32ce98525db8494b0052 from
https://github.com/openvswitch/ovs.git
@@ -15,13 +15,14 @@
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
+
---
ovsdb/ovsdb-idlc.in | 2 +-
python/build/nroff.py | 2 ++
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in
-index 615548f..7cbcbf5 100755
+index b70a599..3645275 100755
--- a/ovsdb/ovsdb-idlc.in
+++ b/ovsdb/ovsdb-idlc.in
@@ -358,7 +358,7 @@ static void
@@ -46,6 +47,3 @@
extend = x + len(s) - len(text[y])
if extend > 0:
text[y] += ' ' * extend
---
-2.5.0
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0006-Python3-compatibility-math-error-compatibility.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0006-Python3-compatibility-math-error-compatibility.patch
index 54905cd..c53502b 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0006-Python3-compatibility-math-error-compatibility.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0006-Python3-compatibility-math-error-compatibility.patch
@@ -1,7 +1,7 @@
-From 3a9fcf1c8f60c160c282c9755ee1c7f9f7e113c3 Mon Sep 17 00:00:00 2001
+From 7f542122d62b20d11198bfdb0f2c6a460261b5e7 Mon Sep 17 00:00:00 2001
From: Jason Wessel <jason.wessel@windriver.com>
Date: Thu, 29 Jun 2017 20:33:23 -0700
-Subject: [PATCH 6/8] Python3 compatibility: math error compatibility
+Subject: [PATCH] Python3 compatibility: math error compatibility
Commit 3fa5aa4294377e0f35267936d0c5caea3e61db48 from
https://github.com/openvswitch/ovs.git
@@ -34,12 +34,13 @@
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
+
---
build-aux/extract-ofp-actions | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/build-aux/extract-ofp-actions b/build-aux/extract-ofp-actions
-index c11297c..bd7131f 100755
+index c7858bd..4d05ef9 100755
--- a/build-aux/extract-ofp-actions
+++ b/build-aux/extract-ofp-actions
@@ -35,7 +35,7 @@ line = ""
@@ -51,6 +52,3 @@
def open_file(fn):
global file_name
---
-2.5.0
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0007-Python3-compatibility-unicode-to-str.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0007-Python3-compatibility-unicode-to-str.patch
index faa32b7..753490f 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0007-Python3-compatibility-unicode-to-str.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0007-Python3-compatibility-unicode-to-str.patch
@@ -1,7 +1,7 @@
-From 2fe58f87b00d0ec24d6997930d0bcdb130c84396 Mon Sep 17 00:00:00 2001
+From c78b39ae9ba6337210d6a9e4ccc4753cb1c3b48f Mon Sep 17 00:00:00 2001
From: Jason Wessel <jason.wessel@windriver.com>
Date: Thu, 29 Jun 2017 20:33:23 -0700
-Subject: [PATCH 7/8] Python3 compatibility: unicode to str
+Subject: [PATCH] Python3 compatibility: unicode to str
Commit 7430959d4ad17db89b8387c3aef58c8b230cad10 from
https://github.com/openvswitch/ovs.git
@@ -19,12 +19,13 @@
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
+
---
ovsdb/ovsdb-doc | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/ovsdb/ovsdb-doc b/ovsdb/ovsdb-doc
-index 918e88a..406c293 100755
+index 9448713..d55c6e6 100755
--- a/ovsdb/ovsdb-doc
+++ b/ovsdb/ovsdb-doc
@@ -65,9 +65,15 @@ def columnGroupToNroff(table, groupXml, documented_columns):
@@ -46,6 +47,3 @@
type_ = ovs.db.types.BaseType.from_json(type_json)
else:
type_ = column.type.value
---
-2.5.0
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0008-AUTHORS-Add-Jason-Wessel.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0008-AUTHORS-Add-Jason-Wessel.patch
index d2c2be7..f55a5ca 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0008-AUTHORS-Add-Jason-Wessel.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/0008-AUTHORS-Add-Jason-Wessel.patch
@@ -1,12 +1,13 @@
-From a3289add8368e0c970ae1c1c84f5df1f817ed43c Mon Sep 17 00:00:00 2001
+From f8491645416952b31000f42777ff79486a7b0511 Mon Sep 17 00:00:00 2001
From: Ben Pfaff <blp@ovn.org>
Date: Thu, 6 Jul 2017 14:01:27 -0700
-Subject: [PATCH 8/8] AUTHORS: Add Jason Wessel.
+Subject: [PATCH] AUTHORS: Add Jason Wessel.
Commit a91c4cfaf863718bc94fb9c88939bd0b0385a6fe from
https://github.com/openvswitch/ovs.git
Signed-off-by: Ben Pfaff <blp@ovn.org>
+
---
AUTHORS.rst | 1 +
1 file changed, 1 insertion(+)
@@ -23,6 +24,3 @@
Jasper Capel jasper@capel.tv
Jean Tourrilhes jt@hpl.hp.com
Jeremy Stribling strib@nicira.com
---
-2.5.0
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch
deleted file mode 100644
index 0fc3aa1..0000000
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-A buggy or malicious switch could send a role status message with a bad
-reason code, which if printed by OVS would cause it to abort. This fixes
-the problem.
-
-CVE: CVE-2017-9263
-Upstream-Status: Submitted
-
-Reported-by: Bhargava Shastry <bshastry at sec.t-labs.tu-berlin.de>
-Signed-off-by: Ben Pfaff <blp at ovn.org>
----
- lib/ofp-print.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/lib/ofp-print.c b/lib/ofp-print.c
-index 7ca953100539..1932baf4871f 100644
---- a/lib/ofp-print.c
-+++ b/lib/ofp-print.c
-@@ -2147,7 +2147,8 @@ ofp_print_role_status_message(struct ds *string, const struct ofp_header *oh)
- break;
- case OFPCRR_N_REASONS:
- default:
-- OVS_NOT_REACHED();
-+ ds_put_cstr(string, "(unknown)");
-+ break;
- }
- }
-
---
-2.10.2
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/disable_m4_check.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/disable_m4_check.patch
index 1ad5d6f..5c86aac 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/disable_m4_check.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/disable_m4_check.patch
@@ -1,13 +1,19 @@
-Disable m4 file test where sources are built from git.
+From f675d7209f999ce80cb4249c4ebb216697387b71 Mon Sep 17 00:00:00 2001
+From: Amy Fong <amy.fong@windriver.com>
+Date: Thu, 29 Jan 2015 09:56:03 -0500
+Subject: [PATCH] Disable m4 file test where sources are built from git.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
+
---
- Makefile.am | 2 +-
+ Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/Makefile.am b/Makefile.am
+index ff7d70a..2fc1f13 100644
--- a/Makefile.am
+++ b/Makefile.am
-@@ -185,7 +185,7 @@
+@@ -189,7 +189,7 @@ CLEAN_LOCAL += clean-pycov
# Makefile in datapath/linux, needed to get the list of files to
# distribute, requires GNU make extensions.
if GNU_MAKE
@@ -15,4 +21,4 @@
+# ALL_LOCAL += dist-hook-git
dist-hook-git: distfiles
@if test -e $(srcdir)/.git && (git --version) >/dev/null 2>&1; then \
- (cd datapath && $(MAKE) distfiles); \
+ (cd datapath && $(MAKE) distfiles); \
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch
index 033cfb8..c177202 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/kernel_module.patch
@@ -1,13 +1,19 @@
-Specify install path for kernel module
+From adfd2380d71dff1a31efaf63cf7ac97470466ec9 Mon Sep 17 00:00:00 2001
+From: Amy Fong <amy.fong@windriver.com>
+Date: Thu, 29 Jan 2015 09:56:03 -0500
+Subject: [PATCH] Specify install path for kernel module
Signed-off-by: Amy Fong <amy.fong@windriver.com>
----
- datapath/linux/Makefile.main.in | 4 ++--
- 1 files changed, 2 insertions(+), 2 deletions(-)
+---
+ datapath/linux/Makefile.main.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/datapath/linux/Makefile.main.in b/datapath/linux/Makefile.main.in
+index 7d18253..63c520f 100644
--- a/datapath/linux/Makefile.main.in
+++ b/datapath/linux/Makefile.main.in
-@@ -71,8 +71,8 @@
+@@ -71,8 +71,8 @@ default:
$(MAKE) -C $(KSRC) M=$(builddir) modules
modules_install:
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-b29cb89e9e9fe3119b2e5dd5d4fb79141635b7cc.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-b8dcfbebee9e7dbc74ec5eecc9b45d335d6150c1.patch
similarity index 97%
rename from import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-b29cb89e9e9fe3119b2e5dd5d4fb79141635b7cc.patch
rename to import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-b8dcfbebee9e7dbc74ec5eecc9b45d335d6150c1.patch
index 47c81dd..4ae86c3 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-b29cb89e9e9fe3119b2e5dd5d4fb79141635b7cc.patch
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/openvswitch-add-ptest-b8dcfbebee9e7dbc74ec5eecc9b45d335d6150c1.patch
@@ -1,4 +1,4 @@
-From a2a656e6976a60e5df3ade0d17a40b4ebdc2b41a Mon Sep 17 00:00:00 2001
+From fb68120ef8aed625b04b2fbd2cb78fc59a7b7432 Mon Sep 17 00:00:00 2001
From: He Zhe <zhe.he@windriver.com>
Date: Wed, 30 Mar 2016 06:23:45 -0400
Subject: [PATCH] openvswitch: Add test-install rule to support ptest execution
@@ -12,6 +12,7 @@
- Modify config files for running on target.
Signed-off-by: He Zhe <zhe.he@windriver.com>
+
---
Makefile.am | 1 +
test.mk | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
@@ -19,7 +20,7 @@
create mode 100644 test.mk
diff --git a/Makefile.am b/Makefile.am
-index a4dd7b8..0bd32c7 100644
+index ea63acb..ff7d70a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -429,3 +429,4 @@ include windows/automake.mk
@@ -105,6 +106,3 @@
+ sed -i 's|$$srcdir|$$abs_srcdir|g' $(TEST_DEST)/tests/testsuite
+ sed -i 's|ovs-appctl-bashcomp\.bash|/etc/bash_completion.d/ovs-appctl-bashcomp\.bash|g' $(TEST_DEST)/tests/testsuite
+ sed -i 's|ovs-vsctl-bashcomp\.bash|/etc/bash_completion.d/ovs-vsctl-bashcomp\.bash|g' $(TEST_DEST)/tests/testsuite
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb
index b4aab35..c3a8301 100644
--- a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb
+++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch_git.bb
@@ -3,20 +3,20 @@
DEPENDS += "virtual/kernel"
RDEPENDS_${PN}-ptest += "\
- python3-logging python3-syslog python3-argparse python3-io \
- python3-fcntl python3-shell python3-lang python3-xml python3-math \
+ python3-logging python3-syslog python3-io \
+ python3-fcntl python3-shell python3-xml python3-math \
python3-datetime python3-netclient python3 sed \
ldd perl-module-socket perl-module-carp perl-module-exporter \
perl-module-xsloader python3-netserver python3-threading \
- python3-resource python3-subprocess findutils which \
+ python3-resource findutils which \
"
S = "${WORKDIR}/git"
-PV = "2.7.1+${SRCREV}"
+PV = "2.7.3+${SRCREV}"
FILESEXTRAPATHS_append := "${THISDIR}/${PN}-git:"
-SRCREV = "b29cb89e9e9fe3119b2e5dd5d4fb79141635b7cc"
+SRCREV = "b8dcfbebee9e7dbc74ec5eecc9b45d335d6150c1"
SRC_URI = "file://openvswitch-switch \
file://openvswitch-switch-setup \
file://openvswitch-testcontroller \
@@ -29,7 +29,6 @@
file://python-make-remaining-scripts-use-usr-bin-env.patch \
file://0001-use-the-linux-if_packet.h-Interface-directly.patch \
file://0002-Define-WAIT_ANY-if-not-provided-by-system.patch \
- file://CVE-2017-9263.patch \
file://python-switch-remaining-scripts-to-use-python3.patch \
"
diff --git a/import-layers/meta-virtualization/recipes-support/dnsmasq/dnsmasq_2.%.bbappend b/import-layers/meta-virtualization/recipes-support/dnsmasq/dnsmasq_2.%.bbappend
deleted file mode 100644
index 8d66ca6..0000000
--- a/import-layers/meta-virtualization/recipes-support/dnsmasq/dnsmasq_2.%.bbappend
+++ /dev/null
@@ -1,5 +0,0 @@
-# dnsmasq is greedy with interfaces by default using bind-dynamic will
-# make it less greedy but still function as it did by default.
-do_install_append() {
- sed -i '/#bind-interfaces/a # Play nice with libvirt\nbind-dynamic' ${D}${sysconfdir}/dnsmasq.conf
-}