Xen project Mailing List

Re: [Xen-devel] [PATCH] vtpmmgr: fix build on 32-bit

To: Ian Campbell <Ian.Campbell@xxxxxxxxxx>

From: "Fioravante, Matthew E." <Matthew.Fioravante@xxxxxxxxxx>

Date: Mon, 21 Jan 2013 10:08:17 -0500

Accept-language: en-US

Acceptlanguage: en-US

Cc: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>, "Keir $Xen.org$" <keir@xxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>

Delivery-date: Mon, 21 Jan 2013 15:10:10 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Thread-index: Ac335tCuYoSEqD0nT8eGRFm7nANNHAAAkDfw

Thread-topic: [PATCH] vtpmmgr: fix build on 32-bit

> -----Original Message----- > From: Ian Campbell [mailto:Ian.Campbell@xxxxxxxxxx] > Sent: Monday, January 21, 2013 9:52 AM > To: Fioravante, Matthew E. > Cc: Samuel Thibault; xen-devel@xxxxxxxxxxxxx; Ian Jackson; Keir (Xen.org) > Subject: Re: [PATCH] vtpmmgr: fix build on 32-bit > > On Mon, 2013-01-21 at 14:33 +0000, Fioravante, Matthew E. wrote: > > > > > -----Original Message----- > > > From: Ian Campbell [mailto:Ian.Campbell@xxxxxxxxxx] > > > Sent: Monday, January 21, 2013 8:43 AM > > > To: Samuel Thibault > > > Cc: xen-devel@xxxxxxxxxxxxx; Ian Jackson; Keir (Xen.org); Fioravante, > Matthew E. > > > Subject: Re: [PATCH] vtpmmgr: fix build on 32-bit > > > > > > On Mon, 2013-01-21 at 13:24 +0000, Samuel Thibault wrote: > > > > Ian Campbell, le Mon 21 Jan 2013 13:22:09 +0000, a Ãcrit : > > > > > > -PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o bignum.o sha4.o > > > > > > havege.o timing.o entropy_poll.o > > > > > > +PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o bignum.o sha4.o > > > > > > +havege.o > > > > > > timing.o entropy_poll.o padlock.o > > > > > > > > > > But I wonder why we aren't using > > > > > stubdom/polarssl-$(XEN_TARGET_ARCH)/library/libpolarssl.a here? > > > > > > > > Indeed, it should have the same effect, if it contains these .o files. > > > > > > It looks to contain a superset, but the following incrmental patch > > > Works For Me > > > > The idea was to keep vtpm and vtpmmgr as small as possible. Only the > > components of polarssl that are required are linked in. Polarssl is > > designed so that you can mix and match the specific crypto pieces by > > choosing specific .o files. Some parts of polarssl like networking may > > even require lwip or other depencies which vtpm does not use. > > Because you are linking the .a file the linker should only pull in the bits > you > actually use, and by extension only pull in their dependencies. In that case if the output binaries are the same we can change it to link to the entire library if that is what's preferred. > > Ian. > > > Vtpmmgr actually uses its own rsa code (tpm_rsa.c) which is based on > > polarssl's rsa because the polarssl implementation is missing a > > feature. > > > > Not only is that somewhat important from an efficiency standpoint but > > also from a security standpoint. Security folks like smaller code > > bases that they can reason about. > > > > > > Ian. > > > > > > 8<----------------- > > > > > > From 7034f9965104fca7212ecc9bf89f3b3517b7bbfe Mon Sep 17 00:00:00 > > > 2001 > > > From: Ian Campbell <ian.campbell@xxxxxxxxxx> > > > Date: Mon, 21 Jan 2013 13:40:56 +0000 > > > Subject: [PATCH] vtpmmgr: Use libpolarssl.a instead of hardcoding > > > own list of .o files > > > > > > Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx> > > > Cc: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx> > > > Cc: "Fioravante, Matthew E." <Matthew.Fioravante@xxxxxxxxxx> > > > --- > > > stubdom/Makefile | 2 +- > > > stubdom/vtpmmgr/Makefile | 5 +---- > > > 2 files changed, 2 insertions(+), 5 deletions(-) > > > > > > diff --git a/stubdom/Makefile b/stubdom/Makefile index > > > 64ee6e2..65d02bb > > > 100644 > > > --- a/stubdom/Makefile > > > +++ b/stubdom/Makefile > > > @@ -432,7 +432,7 @@ vtpm-stubdom: mini-os-$(XEN_TARGET_ARCH)-vtpm > > > vtpm > > > > > > .PHONY: vtpmmgr-stubdom > > > vtpmmgr-stubdom: mini-os-$(XEN_TARGET_ARCH)-vtpmmgr vtpmmgr > > > - DEF_CPPFLAGS="$(TARGET_CPPFLAGS)" > > > DEF_CFLAGS="$(TARGET_CFLAGS)" DEF_LDFLAGS="$(TARGET_LDFLAGS)" > > > MINIOS_CONFIG="$(CURDIR)/vtpmmgr/minios.cfg" $(MAKE) -C $(MINI_OS) > > > OBJ_DIR=$(CURDIR)/$< APP_OBJS="$(CURDIR)/vtpmmgr/vtpmmgr.a" > > > APP_LDLIBS="-lm" > > > + DEF_CPPFLAGS="$(TARGET_CPPFLAGS)" > > > DEF_CFLAGS="$(TARGET_CFLAGS)" DEF_LDFLAGS="$(TARGET_LDFLAGS)" > > > MINIOS_CONFIG="$(CURDIR)/vtpmmgr/minios.cfg" $(MAKE) -C $(MINI_OS) > > > OBJ_DIR=$(CURDIR)/$< APP_OBJS="$(CURDIR)/vtpmmgr/vtpmmgr.a" > > > APP_LDLIBS="-lm -lpolarssl" > > This should work fine if you want to do it that way. > > > > > > > > .PHONY: pv-grub > > > pv-grub: mini-os-$(XEN_TARGET_ARCH)-grub libxc grub diff --git > > > a/stubdom/vtpmmgr/Makefile b/stubdom/vtpmmgr/Makefile index > > > e41c261..af13b39 100644 > > > --- a/stubdom/vtpmmgr/Makefile > > > +++ b/stubdom/vtpmmgr/Makefile > > > @@ -11,9 +11,6 @@ > > > > > > XEN_ROOT=../.. > > > > > > -PSSL_DIR=../polarssl-$(XEN_TARGET_ARCH)/library > > > -PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o bignum.o sha4.o > > > havege.o timing.o entropy_poll.o padlock.o > > > - > > > TARGET=vtpmmgr.a > > > OBJS=vtpmmgr.o vtpm_cmd_handler.o vtpm_storage.o init.o tpmrsa.o > > > tpm.o log.o > > > > > > @@ -22,7 +19,7 @@ CFLAGS+=-Wno-declaration-after-statement -Wno- > > > unused-label > > > > > > build: $(TARGET) > > > $(TARGET): $(OBJS) > > > - ar -rcs $@ $^ $(foreach obj,$(PSSL_OBJS),$(PSSL_DIR)/$(obj)) > > > + ar -rcs $@ $^ > > > > > > clean: > > > rm -f $(TARGET) $(OBJS) > > > -- > > > 1.7.2.5 > > > > > > > > > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.