[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] tools: make build of FLASK utils/policy explicit



On 1/14/16 3:35 PM, Doug Goldstein wrote:
> This patch makes the generation of the FLASK utilities and the policy
> explicit. This drops the two control knobs that affect how the FLASK
> policy and tools are generated and unifies it under one.
> 
> CC: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
> CC: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
> CC: Ian Campbell <ian.campbell@xxxxxxxxxx>
> CC: Wei Liu <wei.liu2@xxxxxxxxxx>
> CC: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
> Signed-off-by: Doug Goldstein <cardoe@xxxxxxxxxx>
> ---
> 
> So this patch is a replacement for:
> http://lists.xenproject.org/archives/html/xen-devel/2015-12/msg02538.html
> 
> This drops the old "xsmpolicy" flag for one which hopefully makes it more
> clear that its building the FLASK policy. It also builds the utilities
> only when the new flag is specified. The idea here is to reduce the number
> of knobs to turn and provide more clarity in the process. While this is
> an end-user change it should have no effect on the defaults since Xen does
> not build with XSM/FLASK by default. Most distros I checked provide a
> "xen-tools" package and "xen hypervisor" package so the fact that the knobs
> are separated should not affect their workflow in any meaningful fashion.
> The goal here is clarity. The hypervisor now saves how its configured in
> its .config file (different from the top level Xen .config) in
> /usr/lib/debug and in the future the tools stack could provide info about
> how it was configured or built ala: pkg-config --variable udevdir udev
> 
> There's another way to do this patch that I'm also submitting just to
> generate discussion. But I'm hoping at the end of the discussion we can
> land one of these patches.
> 
> ---
>  INSTALL              | 4 ++--
>  config/Tools.mk.in   | 2 +-
>  tools/Makefile       | 2 +-
>  tools/configure.ac   | 2 +-
>  tools/flask/Makefile | 3 +--
>  5 files changed, 6 insertions(+), 7 deletions(-)
> 
> diff --git a/INSTALL b/INSTALL
> index 3d2e86a..e8cbdfa 100644
> --- a/INSTALL
> +++ b/INSTALL
> @@ -82,8 +82,8 @@ them ocaml development packages must be installed. If they 
> are missing
>  configure will automatically disable this option.
>    --disable-ocamltools
>  
> -Disable XSM policy compilation.
> -  --disable-xsmpolicy
> +Enable FLASK policy and tools build for XSM
> +  --enable-flask
>  
>  Attempt to build of an OVMF firmware binary. This requires special
>  versions of development tools. Use at your own risk.
> diff --git a/config/Tools.mk.in b/config/Tools.mk.in
> index ccfe137..699526f 100644
> --- a/config/Tools.mk.in
> +++ b/config/Tools.mk.in
> @@ -50,7 +50,7 @@ GIT_HTTP            := @githttp@
>  # Optional components
>  XENSTAT_XENTOP      := @monitors@
>  OCAML_TOOLS         := @ocamltools@
> -FLASK_POLICY        := @xsmpolicy@
> +CONFIG_FLASK        := @flask@
>  CONFIG_OVMF         := @ovmf@
>  CONFIG_ROMBIOS      := @rombios@
>  CONFIG_SEABIOS      := @seabios@
> diff --git a/tools/Makefile b/tools/Makefile
> index 9f74ac7..41aa102 100644
> --- a/tools/Makefile
> +++ b/tools/Makefile
> @@ -5,7 +5,7 @@ SUBDIRS-y :=
>  SUBDIRS-y += include
>  SUBDIRS-y += libs
>  SUBDIRS-y += libxc
> -SUBDIRS-$(FLASK_ENABLE) += flask
> +SUBDIRS-$(CONFIG_FLASK) += flask
>  SUBDIRS-y += xenstore
>  SUBDIRS-y += misc
>  SUBDIRS-y += examples
> diff --git a/tools/configure.ac b/tools/configure.ac
> index 6c70040..5caa3ec 100644
> --- a/tools/configure.ac
> +++ b/tools/configure.ac
> @@ -80,7 +80,7 @@ AX_ARG_DEFAULT_DISABLE([rpath], [Build tools with 
> -Wl,-rpath,LIBDIR])
>  AX_ARG_DEFAULT_DISABLE([githttp], [Download GIT repositories via HTTP])
>  AX_ARG_DEFAULT_ENABLE([monitors], [Disable xenstat and xentop monitoring 
> tools])
>  AX_ARG_DEFAULT_ENABLE([ocamltools], [Disable Ocaml tools])
> -AX_ARG_DEFAULT_ENABLE([xsmpolicy], [Disable XSM policy compilation])
> +AX_ARG_DEFAULT_DISABLE([flask], [Enable building FLASK policy and tools for 
> XSM])
>  AX_ARG_DEFAULT_DISABLE([ovmf], [Enable OVMF])
>  AX_ARG_DEFAULT_ENABLE([seabios], [Disable SeaBIOS])
>  
> diff --git a/tools/flask/Makefile b/tools/flask/Makefile
> index a31cc16..ad1ea7a 100644
> --- a/tools/flask/Makefile
> +++ b/tools/flask/Makefile
> @@ -1,8 +1,7 @@
>  XEN_ROOT = $(CURDIR)/../..
>  include $(XEN_ROOT)/tools/Rules.mk
>  
> -SUBDIRS-y := utils
> -SUBDIRS-$(FLASK_POLICY) += policy
> +SUBDIRS-y := utils policy
>  
>  .PHONY: all clean install distclean
>  all clean install distclean: %: subdirs-%
> 

Given the support of the maintainers and committers for the proposal
[1], this patch should NOT be applied.

[1]
http://lists.xenproject.org/archives/html/xen-devel/2016-01/msg01796.html


-- 
Doug Goldstein

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.