# Contributor: William Pitcock <nenolod@dereferenced.org>
# Contributor: Roger Pau Monne <roger.pau@entel.upc.edu>
# Maintainer: William Pitcock <nenolod@dereferenced.org>
setvar pkgname = 'xen'
setvar pkgver = '4.9.0'
setvar pkgrel = '4'
setvar pkgdesc = ""Xen hypervisor""
setvar url = ""http://www.xen.org/""
setvar arch = ""x86_64 armhf aarch64""
setvar license = ""GPL""
setvar depends = ""bash iproute2 logrotate""
setvar depends_dev = ""libressl-dev python2-dev e2fsprogs-dev gettext zlib-dev ncurses-dev
	dev86 texinfo perl pciutils-dev glib-dev yajl-dev libnl3-dev
	spice-dev gnutls-dev curl-dev libaio-dev lzo-dev xz-dev util-linux-dev
	e2fsprogs-dev linux-headers argp-standalone perl-dev""
setvar makedepends = ""$depends_dev autoconf automake libtool dnsmasq""
setvar options = ""!strip""

# secfixes:
#   4.7.0-r0:
#     - CVE-2016-6258 XSA-182
#     - CVE-2016-6259 XSA-183
#     - CVE-2016-5403 XSA-184
#   4.7.0-r1:
#     - CVE-2016-7092 XSA-185
#     - CVE-2016-7093 XSA-186
#     - CVE-2016-7094 XSA-187
#   4.7.0-r5:
#     - CVE-2016-7777 XSA-190
#   4.7.1-r1:
#     - CVE-2016-9386 XSA-191
#     - CVE-2016-9382 XSA-192
#     - CVE-2016-9385 XSA-193
#     - CVE-2016-9384 XSA-194
#     - CVE-2016-9383 XSA-195
#     - CVE-2016-9377 XSA-196
#     - CVE-2016-9378 XSA-196
#     - CVE-2016-9381 XSA-197
#     - CVE-2016-9379 XSA-198
#     - CVE-2016-9380 XSA-198
#   4.7.1-r3:
#     - CVE-2016-9932 XSA-200
#     - CVE-2016-9815 XSA-201
#     - CVE-2016-9816 XSA-201
#     - CVE-2016-9817 XSA-201
#     - CVE-2016-9818 XSA-201
#   4.7.1-r4:
#     - CVE-2016-10024 XSA-202
#     - CVE-2016-10025 XSA-203
#     - CVE-2016-10013 XSA-204
#   4.7.1-r5:
#     - XSA-207
#     - CVE-2017-2615 XSA-208
#     - CVE-2017-2620 XSA-209
#     - XSA-210
#   4.7.2-r0:
#     - CVE-2016-9603 XSA-211
#     - CVE-2017-7228 XSA-212
#   4.8.1-r2:
#     - CVE-2017-8903 XSA-213
#     - CVE-2017-8904 XSA-214
#   4.9.0-r0:
#     - CVE-2017-10911 XSA-216
#     - CVE-2017-10912 XSA-217
#     - CVE-2017-10913 XSA-218
#     - CVE-2017-10914 XSA-218
#     - CVE-2017-10915 XSA-219
#     - CVE-2017-10916 XSA-220
#     - CVE-2017-10917 XSA-221
#     - CVE-2017-10918 XSA-222
#     - CVE-2017-10919 XSA-223
#     - CVE-2017-10920 XSA-224
#     - CVE-2017-10921 XSA-224
#     - CVE-2017-10922 XSA-224
#     - CVE-2017-10923 XSA-225
#   4.9.0-r1:
#     - CVE-2017-12135 XSA-226
#     - CVE-2017-12137 XSA-227
#     - CVE-2017-12136 XSA-228
#     - CVE-2017-12855 XSA-230
#   4.9.0-r2:
#     - XSA-235
#   4.9.0-r4:
#     - CVE-2017-14316 XSA-231
#     - CVE-2017-14318 XSA-232
#     - CVE-2017-14317 XSA-233
#     - CVE-2017-14319 XSA-234

case (CARCH) {
x86* {
	setvar depends = ""$depends syslinux""
	setvar makedepends = ""$makedepends iasl seabios-bin""
	}
arm* {
	setvar makedepends = ""$makedepends dtc-dev""
	}
aarch64 {
	setvar makedepends = ""$makedepends dtc-dev iasl""
	}
}

setvar install = """"

#if [ "$CARCH" != "armhf" ]; then
#	subpackages="$pkgname-dbg"
#fi
setvar subpackages = ""$subpackages $pkgname-doc $pkgname-dev $pkgname-libs
	$pkgname-hypervisor $pkgname-bridge""

# grep _VERSION= stubdom/configure
setvar _ZLIB_VERSION = ""1.2.3""
setvar _LIBPCI_VERSION = ""2.2.9""
setvar _NEWLIB_VERSION = ""1.16.0""
setvar _LWIP_VERSION = ""1.3.0""
setvar _GRUB_VERSION = ""0.97""
setvar _OCAML_VERSION = ""3.11.0""
setvar _GMP_VERSION = ""4.3.2""
setvar _POLARSSL_VERSION = ""1.1.4""
setvar _TPMEMU_VERSION = ""0.7.4""

# grep ^IPXE_GIT_TAG tools/firmware/etherboot/Makefile
setvar _IPXE_GIT_TAG = '827dd1bfee67daa683935ce65316f7e0f057fe1c'

setvar source = ""https://downloads.xenproject.org/release/$pkgname/$pkgver/$pkgname-$pkgver.tar.gz
	http://xenbits.xen.org/xen-extfiles/gmp-$_GMP_VERSION.tar.bz2
	http://xenbits.xen.org/xen-extfiles/grub-$_GRUB_VERSION.tar.gz
	http://xenbits.xen.org/xen-extfiles/lwip-$_LWIP_VERSION.tar.gz
	http://xenbits.xen.org/xen-extfiles/newlib-$_NEWLIB_VERSION.tar.gz
	http://xenbits.xen.org/xen-extfiles/pciutils-$_LIBPCI_VERSION.tar.bz2
	http://xenbits.xen.org/xen-extfiles/polarssl-$_POLARSSL_VERSION-gpl.tgz
	http://xenbits.xen.org/xen-extfiles/tpm_emulator-$_TPMEMU_VERSION.tar.gz
	http://xenbits.xen.org/xen-extfiles/zlib-$_ZLIB_VERSION.tar.gz
	http://xenbits.xen.org/xen-extfiles/ipxe-git-$_IPXE_GIT_TAG.tar.gz

	xsa226-1.patch
	xsa226-2.patch
	xsa227.patch
	xsa228.patch
	xsa230.patch
	xsa231-4.9.patch
	xsa232.patch
	xsa233.patch
	xsa234-4.9.patch
	xsa235-4.9.patch

	qemu-coroutine-gthread.patch
	qemu-xen_paths.patch

	hotplug-vif-vtrill.patch
	rombios-no-pie.patch

	musl-support.patch
	musl-hvmloader-fix-stdint.patch
	stdint_local.h
	elf_local.h

	xen-hotplug-lockfd.patch
	xen-fd-is-file.c

	xenstore_client_transaction_fix.patch

	xenqemu-xattr-size-max.patch

	xenstored.initd
	xenstored.confd
	xenconsoled.initd
	xenconsoled.confd
	xendomains.initd
	xendomains.confd
	xen-consoles.logrotate
	xenqemu.confd
	xenqemu.initd
	""

setvar builddir = ""$srcdir"/$pkgname-$pkgver"
setvar _seabios = "/usr/share/seabios/bios-256k.bin"

# Override wrong arch detection from xen-$pkgver/Config.mk.
case (CARCH) {
armhf { export XEN_TARGET_ARCH="arm32"}
aarch64 { export XEN_TARGET_ARCH="arm64"}
}

proc prepare {
	local i _failed= _series=
	cd $builddir

	for i in $source {
		case (i) {
		*-etherboot-* {
			setvar p = ${i%%::*}
			setvar p = ${p##*/}
			msg "adding to ipxe: $p"
			cp "$srcdir"/$p tools/firmware/etherboot/patches/
			echo $p >> tools/firmware/etherboot/patches/series
			}
		*.patch { msg $i; patch -s -N -p1 -i "$srcdir"/$i \
				|| setvar _failed = ""$_failed $i""
			}
		*/ipxe-git-* {
			ln -s "$srcdir"/${i##*/} \
				tools/firmware/etherboot/ipxe.tar.gz || return 1
			}
		*/xen-extfiles/* {
			ln -s "$srcdir"/${i##*/} stubdom/ || return 1
			}
		}
	}
	if test -n $_failed {
		error "Patches failed:"
		for i in $_failed {
			echo $i
		}
		return 1
	}

	# install our stdint_local.h and elf_local.h
	install "$srcdir"/stdint_local.h "$srcdir"/elf_local.h \
		"$builddir"/tools/firmware/ || return 1
	ln -s ../firmware/stdint_local.h "$builddir"/tools/libxl/

	# remove all -Werror
	msg "Eradicating -Werror..."
	find . -name '*.mk' -o -name 'Make*' | xargs sed -i -e 's/-Werror//g' \
		|| return 1

	msg "Updating config.sub..."
	update_config_sub || return 1

	msg "Autoreconf..."
	autoreconf || return 1

	unset CFLAGS
	unset LDFLAGS
}

# Unset CFLAGS and LDFLAGS because the xen build system
# doesn't support them. Instead use .config in xen root
# folder if necessary.
proc munge_cflags {
	msg "Munging CFLAGS..."

	unset CFLAGS
	unset LDFLAGS
	unset LANG
	unset LC_ALL

	case (CARCH) {
	armhf { export CFLAGS="-mcpu=cortex-a15"}
	aarch64 { export CFLAGS="-mcpu=cortex-a53"}
	}
}

# These tasks are added as separate tasks to enable a packager
# to invoke specific tasks like building the hypervisor.  i.e.
#    $ abuild configure build_tools
proc configure {
	cd $builddir

	msg "Running configure..."
	./configure --prefix=/usr \
		--build=$CBUILD \
		--host=$CHOST \
		--with-system-seabios=$_seabios \
		|| return 1
}

proc build_hypervisor {
	munge_cflags

	msg "Building hypervisor..."
	make xen || return 1
}

proc build_tools {
	munge_cflags

	msg "Building tools..."
	make tools || return 1
}

proc build_docs {
	munge_cflags

	msg "Building documentation..."
	make docs
}

proc build_stubdom {
	munge_cflags

	msg "Building stub domains..."
	make stubdom || return 1
}

proc build {
	cd $builddir
	configure || return 1
	build_hypervisor || return 1
	build_tools || return 1
	build_docs || return 1
	case (CARCH) {
	x86* { build_stubdom || return 1}
	}

	${CC:-gcc} -o xen-fd-is-file "$srcdir"/xen-fd-is-file.c
}

proc package {
	cd $builddir

	unset CFLAGS
	unset LDFLAGS

	make -j1 DESTDIR="$pkgdir" install-xen install-tools install-docs \
		|| return 1
	case (CARCH) {
	x86* { make -j1 DESTDIR="$pkgdir" install-stubdom || return 1}
	}

	# remove default xencommons
	rm -rf "$pkgdir"/etc/init.d/xencommons

	for i in $source {
		case (i) {
		*.initd { install -Dm755 "$srcdir"/$i \
				"$pkgdir"/etc/init.d/${i%.*}}
		*.confd { install -Dm644 "$srcdir"/$i \
				"$pkgdir"/etc/conf.d/${i%.*}}
		}
	}
	install -Dm644 "$srcdir"/xen-consoles.logrotate \
		"$pkgdir"/etc/xen/xen-consoles.logrotate

	install -m755 xen-fd-is-file "$pkgdir"/usr/lib/xen/bin/xen-fd-is-file

	# we need to exclude /usr/share when stripping
        msg "Stripping binaries"
	scanelf --recursive --nobanner --etype "ET_DYN,ET_EXEC" "$pkgdir"/usr/lib \
		"$pkgdir"/usr/bin \
		"$pkgdir"/usr/sbin \
                | sed -e 's:^ET_DYN ::' -e 's:^ET_EXEC ::' \
                | xargs strip
}

proc libs {
	setvar pkgdesc = ""Libraries for Xen tools""
	setvar replaces = ""xen""
	setvar depends = ''
	mkdir -p "$subpkgdir"/usr/lib
	mv "$pkgdir"/usr/lib/*.so.* \
		"$pkgdir"/usr/lib/fs \
		"$subpkgdir"/usr/lib/
}

proc hypervisor {
	setvar pkgdesc = ""Xen hypervisor""
	setvar depends = ''
	mkdir -p $subpkgdir
	mv "$pkgdir"/boot "$subpkgdir"/
}

proc bridge {
	setvar depends = ""dnsmasq""
	setvar pkgdesc = ""Bridge interface for XEN with dhcp""
	mkdir -p "$subpkgdir"/etc/conf.d \
		"$subpkgdir"/etc/init.d \
		"$subpkgdir"/etc/xen

	ln -s dnsmasq "$subpkgdir"/etc/init.d/dnsmasq.xenbr0
	cat ->>"$subpkgdir"/etc/conf.d/dnsmasq.xenbr0 <<< """
		BRIDGE_ADDR="10.0.4.1"
		BRIDGE_NETMASK="255.255.255.0"
		BRIDGE_NETWORK="10.0.4.0/24"
		BRIDGE_DHCP_RANGE="10.0.4.2,10.0.4.254"
		BRIDGE_DHCP_MAX="253"
		BRIDGE_MAC="00:16:3f:00:00:00"
		DNSMASQ_CONFFILE="/etc/xen/dnsmasq.conf"
"""
	cat ->>"$subpkgdir"/etc/xen/dnsmasq.conf <<< """
		#dhcp-host=somehost,10.0.4.3
		#dhcp-host=otherhost,10.0.4.4
"""

}

setvar sha512sums = ""97f8075c49ef9ec0adbe95106c0cff4f9379578fd568777697565476c3fd948335d72ddcacf8be65fd9db219c0a35dcdc007f355f7e5874dd950fd4c0a0f966f  xen-4.9.0.tar.gz
2e0b0fd23e6f10742a5517981e5171c6e88b0a93c83da701b296f5c0861d72c19782daab589a7eac3f9032152a0fc7eff7f5362db8fccc4859564a9aa82329cf  gmp-4.3.2.tar.bz2
c2bc9ffc8583aeae71cee9ddcc4418969768d4e3764d47307da54f93981c0109fb07d84b061b3a3628bd00ba4d14a54742bc04848110eb3ae8ca25dbfbaabadb  grub-0.97.tar.gz
1465b58279af1647f909450e394fe002ca165f0ff4a0254bfa9fe0e64316f50facdde2729d79a4e632565b4500cf4d6c74192ac0dd3bc9fe09129bbd67ba089d  lwip-1.3.0.tar.gz
40eb96bbc6736a16b6399e0cdb73e853d0d90b685c967e77899183446664d64570277a633fdafdefc351b46ce210a99115769a1d9f47ac749d7e82837d4d1ac3  newlib-1.16.0.tar.gz
2b3d98d027e46d8c08037366dde6f0781ca03c610ef2b380984639e4ef39899ed8d8b8e4cd9c9dc54df101279b95879bd66bfd4d04ad07fef41e847ea7ae32b5  pciutils-2.2.9.tar.bz2
88da614e4d3f4409c4fd3bb3e44c7587ba051e3fed4e33d526069a67e8180212e1ea22da984656f50e290049f60ddca65383e5983c0f8884f648d71f698303ad  polarssl-1.1.4-gpl.tgz
4928b5b82f57645be9408362706ff2c4d9baa635b21b0d41b1c82930e8c60a759b1ea4fa74d7e6c7cae1b7692d006aa5cb72df0c3b88bf049779aa2b566f9d35  tpm_emulator-0.7.4.tar.gz
021b958fcd0d346c4ba761bcf0cc40f3522de6186cf5a0a6ea34a70504ce9622b1c2626fce40675bc8282cf5f5ade18473656abc38050f72f5d6480507a2106e  zlib-1.2.3.tar.gz
82ba65e1c676d32b29c71e6395c9506cab952c8f8b03f692e2b50133be8f0c0146d0f22c223262d81a4df579986fde5abc6507869f4965be4846297ef7b4b890  ipxe-git-827dd1bfee67daa683935ce65316f7e0f057fe1c.tar.gz
45fed43bbdcf63fc3ded0a2629e27a5d58306a244dba2e005cf8814aa50cde962c41e5e72075a1d678eb9c18af17e1cbf078884214fd29df0ad551977c9880c2  xsa226-1.patch
4d1e729c592efefd705233b49484991801606b2122a64ff14abbf994bb3e77ec75c4989d43753ce2043cc4fe13d34fb1cef7ee1adb291ff16625bb3b125e5508  xsa226-2.patch
7d66494e833d46f8a213af0f2b107a12617d5e8b45c3b07daee229c75bd6aad98284bc0e19f15706d044b58273cc7f0c193ef8553faa22fadeae349689e763c8  xsa227.patch
d406f14531af707325790909d08ce299ac2f2cb4b87f9a8ddb0fba10bd83bed84cc1633e07632cc2f841c50bc1a9af6240c89539a2e6ba6028cb127e218f86fc  xsa228.patch
df174a1675f74b73e78bc3cb1c9f16536199dfd1922c0cc545a807e92bc24941a816891838258e118f477109548487251a7eaccb2d1dd9b6994c8c76fc5b058f  xsa230.patch
7ef6637112c3d24a3541d40ca79b8d5ed8a152401c8b7bfa4cde3e2e264544ba22d27c199d58f24616af2228f5e4075c2af2744d21a70b8cb4d4b1f1a7feedde  xsa231-4.9.patch
fb742225a4f3dbf2a574c4a6e3ef61a5da0c91aaeed77a2247023bdefcd4e0b6c08f1c9ffb42eaac3d38739c401443c3cf7aebb507b1d779c415b6cbffabbc10  xsa232.patch
a322ac6c5ac2f858a59096108032fd42974eaaeeebd8f4966119149665f32bed281e333e743136e79add2e6f3844d88b6a3e4d5a685c2808702fd3a9e6396cd4  xsa233.patch
cafeef137cd82cefc3e974b42b974c6562e822c9b359efb654ac374e663d9fc123be210eec17b278f40eabb77c93d3bf0ff03e445607159ad0712808a609a906  xsa234-4.9.patch
8bab6e59577b51f0c6b8a547c9a37a257bd0460e7219512e899d25f80a74084745d2a4c54e55ad12526663d40f218cb8f833b71350220d36e3750d002ff43d29  xsa235-4.9.patch
c3c46f232f0bd9f767b232af7e8ce910a6166b126bd5427bb8dc325aeb2c634b956de3fc225cab5af72649070c8205cc8e1cab7689fc266c204f525086f1a562  qemu-coroutine-gthread.patch
1936ab39a1867957fa640eb81c4070214ca4856a2743ba7e49c0cd017917071a9680d015f002c57fa7b9600dbadd29dcea5887f50e6c133305df2669a7a933f3  qemu-xen_paths.patch
f095ea373f36381491ad36f0662fb4f53665031973721256b23166e596318581da7cbb0146d0beb2446729adfdb321e01468e377793f6563a67d68b8b0f7ffe3  hotplug-vif-vtrill.patch
5514d7697c87f7d54d64723d44446b9bd84f6c984e763bd21d4eeaf502bf0c5b765f7b2180f8ca496b3baf97e7efd600b1cc1fdd1284b6ecbffe9846190ca069  rombios-no-pie.patch
e635cf27ca022ca5bc829e089b5e9a3ce9e566d4701d06bc38a22e356de45a71bc33e170d6db333d4efe8389144419cc27834a2eee0bcae9118d4ca9aff64306  musl-support.patch
77b08e9655e091b0352e4630d520b54c6ca6d659d1d38fbb4b3bfc9ff3e66db433a2e194ead32bb10ff962c382d800a670e82b7a62835b238e294b22808290ea  musl-hvmloader-fix-stdint.patch
8c3b57eab8641bcee3dbdc1937ea7874f77b9722a5a0aa3ddb8dff8cc0ced7e19703ef5d998621b3809bea7c16f3346cfa47610ec9ab014ad0de12651c94e5ff  stdint_local.h
853467a2d055c5bfbdc7bdca175a334241be44a7c5ac3c0a84a4bc5463b5c070b66d37e2a557429ef860727a6b7350683af758cc2494d85b6be4d883143a2c0d  elf_local.h
79cb1b6b81b17cb87a064dfe3548949dfb80f64f203cac11ef327102b7a25794549ce2d9c019ebf05f752214da8e05065e9219d069e679c0ae5bee3d090c685e  xen-hotplug-lockfd.patch
e76816c6ad0e91dc5f81947f266da3429b20e6d976c3e8c41202c6179532eec878a3f0913921ef3ac853c5dbad8082da3c9cd53b65081910516feb492577b7fc  xen-fd-is-file.c
69dfa60628ca838678862383528654ecbdf4269cbb5c9cfb6b84d976202a8dea85d711aa65a52fa1b477fb0b30604ca70cf1337192d6fb9388a08bbe7fe56077  xenstore_client_transaction_fix.patch
2094ea964fa610b2bf72fd2c7ede7e954899a75c0f5b08030cf1d74460fb759ade84866176e32f8fe29c921dfdc6dafd2b31e23ab9b0a3874d3dceeabdd1913b  xenqemu-xattr-size-max.patch
52c43beb2596d645934d0f909f2d21f7587b6898ed5e5e7046799a8ed6d58f7a09c5809e1634fa26152f3fd4f3e7cfa07da7076f01b4a20cc8f5df8b9cb77e50  xenstored.initd
093f7fbd43faf0a16a226486a0776bade5dc1681d281c5946a3191c32d74f9699c6bf5d0ab8de9d1195a2461165d1660788e92a3156c9b3c7054d7b2d52d7ff0  xenstored.confd
3c86ed48fbee0af4051c65c4a3893f131fa66e47bf083caf20c9b6aa4b63fdead8832f84a58d0e27964bc49ec8397251b34e5be5c212c139f556916dc8da9523  xenconsoled.initd
30df69cc38d0bed26bc4d6e08a2b62cbdc654d5f663009a05cb3b83b3e3dc5e206362d3fd59abbb753ceb8d6d79eaa6e15d079bb8f4f35dc74667103faf4e85d  xenconsoled.confd
357ab672be7ac36e4b5b056504cd5094d9218c4ea148c2f739d628479ebf0d9c0eb201ea7d4f97f07d01e59b88cafd318de0e1250a5b3db41bd94aa3fb7c7e49  xendomains.initd
c7c0eecd5f454d903b57a710902da27dcb2c6b200f88d4eadfab33a447be6b41454109d482aab849a690446ea5c928e619dfc6cf95b7955f00a476f2317bb82b  xendomains.confd
ab2105c75cfe01768aecd5bcbb56269d63666e8a44e42b6a83aee87df6c84ee2f9ab249171c21b2e09f8fec2cae8318f6e87d160989398a3e7dd68db8d52c426  xen-consoles.logrotate
bdbe15c924071cdc2d0f23e53ba8e3f837d4b5369bfb218abd3405f9bef25d105269aaf0784baeb69c073a5786b8c82ffdfd414e86874da34293cfdc2c497928  xenqemu.confd
8475119369409efb8ad930c7735cd3d782191d18fab4fc322a51120c395162ff88e381182876036d1078afd30079dbf3f94a3568689e9b52ba235adead4b97d3  xenqemu.initd""