Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/1429469/?format=api
{ "id": 1429469, "url": "http://patchwork.ozlabs.org/api/patches/1429469/?format=api", "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/patch/20210120224444.71840-2-agraf@csgraf.de/", "project": { "id": 14, "url": "http://patchwork.ozlabs.org/api/projects/14/?format=api", "name": "QEMU Development", "link_name": "qemu-devel", "list_id": "qemu-devel.nongnu.org", "list_email": "qemu-devel@nongnu.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20210120224444.71840-2-agraf@csgraf.de>", "list_archive_url": null, "date": "2021-01-20T22:44:34", "name": "[v6,01/11] hvf: Add hypervisor entitlement to output binaries", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "084bb37bc963b581c09a48314d7d6f371810e18f", "submitter": { "id": 65661, "url": "http://patchwork.ozlabs.org/api/people/65661/?format=api", "name": "Alexander Graf", "email": "agraf@csgraf.de" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/qemu-devel/patch/20210120224444.71840-2-agraf@csgraf.de/mbox/", "series": [ { "id": 225556, "url": "http://patchwork.ozlabs.org/api/series/225556/?format=api", "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/list/?series=225556", "date": "2021-01-20T22:44:33", "name": "hvf: Implement Apple Silicon Support", "version": 6, "mbox": "http://patchwork.ozlabs.org/series/225556/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/1429469/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/1429469/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@bilbo.ozlabs.org", "Authentication-Results": "ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org\n (client-ip=209.51.188.17; helo=lists.gnu.org;\n envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n receiver=<UNKNOWN>)", "Received": [ "from lists.gnu.org (lists.gnu.org [209.51.188.17])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 4DLggF3rlFz9sT6\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 21 Jan 2021 09:48:57 +1100 (AEDT)", "from localhost ([::1]:42528 helo=lists1p.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.90_1)\n\t(envelope-from <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)\n\tid 1l2MHX-0007Q1-GK\n\tfor incoming@patchwork.ozlabs.org; Wed, 20 Jan 2021 17:48:55 -0500", "from eggs.gnu.org ([2001:470:142:3::10]:56568)\n by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from <agraf@csgraf.de>)\n id 1l2MDe-0003rm-W3; Wed, 20 Jan 2021 17:44:55 -0500", "from mail.csgraf.de ([188.138.100.120]:45100\n helo=zulu616.server4you.de) by eggs.gnu.org with esmtp (Exim 4.90_1)\n (envelope-from <agraf@csgraf.de>)\n id 1l2MDa-0001Sd-P9; Wed, 20 Jan 2021 17:44:54 -0500", "from localhost.localdomain\n (dynamic-077-002-091-253.77.2.pool.telefonica.de [77.2.91.253])\n by csgraf.de (Postfix) with ESMTPSA id B306239003C7;\n Wed, 20 Jan 2021 23:44:46 +0100 (CET)" ], "From": "Alexander Graf <agraf@csgraf.de>", "To": "qemu-devel@nongnu.org", "Subject": "[PATCH v6 01/11] hvf: Add hypervisor entitlement to output binaries", "Date": "Wed, 20 Jan 2021 23:44:34 +0100", "Message-Id": "<20210120224444.71840-2-agraf@csgraf.de>", "X-Mailer": "git-send-email 2.24.3 (Apple Git-128)", "In-Reply-To": "<20210120224444.71840-1-agraf@csgraf.de>", "References": "<20210120224444.71840-1-agraf@csgraf.de>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Received-SPF": "pass client-ip=188.138.100.120; envelope-from=agraf@csgraf.de;\n helo=zulu616.server4you.de", "X-Spam_score_int": "-18", "X-Spam_score": "-1.9", "X-Spam_bar": "-", "X-Spam_report": "(-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_NONE=0.001,\n SPF_PASS=-0.001 autolearn=ham autolearn_force=no", "X-Spam_action": "no action", "X-BeenThere": "qemu-devel@nongnu.org", "X-Mailman-Version": "2.1.23", "Precedence": "list", "List-Id": "<qemu-devel.nongnu.org>", "List-Unsubscribe": "<https://lists.nongnu.org/mailman/options/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>", "List-Archive": "<https://lists.nongnu.org/archive/html/qemu-devel>", "List-Post": "<mailto:qemu-devel@nongnu.org>", "List-Help": "<mailto:qemu-devel-request@nongnu.org?subject=help>", "List-Subscribe": "<https://lists.nongnu.org/mailman/listinfo/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=subscribe>", "Cc": "Peter Maydell <peter.maydell@linaro.org>,\n Eduardo Habkost <ehabkost@redhat.com>,\n Richard Henderson <richard.henderson@linaro.org>,\n Cameron Esfahani <dirty@apple.com>, Roman Bolshakov <r.bolshakov@yadro.com>,\n qemu-arm@nongnu.org, Frank Yang <lfy@google.com>,\n Paolo Bonzini <pbonzini@redhat.com>, Peter Collingbourne <pcc@google.com>", "Errors-To": "qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org", "Sender": "\"Qemu-devel\"\n <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>" }, "content": "In macOS 11, QEMU only gets access to Hypervisor.framework if it has the\nrespective entitlement. Add an entitlement template and automatically self\nsign and apply the entitlement in the build.\n\nSigned-off-by: Alexander Graf <agraf@csgraf.de>\nReviewed-by: Roman Bolshakov <r.bolshakov@yadro.com>\nTested-by: Roman Bolshakov <r.bolshakov@yadro.com>\n\n---\n\nv1 -> v2:\n\n - Make safe to ctrl-C\n\nv3 -> v4:\n\n - Remove unused exe_full variable\n - Reuse exe_name variable\n---\n accel/hvf/entitlements.plist | 8 ++++++++\n meson.build | 29 +++++++++++++++++++++++++----\n scripts/entitlement.sh | 13 +++++++++++++\n 3 files changed, 46 insertions(+), 4 deletions(-)\n create mode 100644 accel/hvf/entitlements.plist\n create mode 100755 scripts/entitlement.sh", "diff": "diff --git a/accel/hvf/entitlements.plist b/accel/hvf/entitlements.plist\nnew file mode 100644\nindex 0000000000..154f3308ef\n--- /dev/null\n+++ b/accel/hvf/entitlements.plist\n@@ -0,0 +1,8 @@\n+<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n+<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n+<plist version=\"1.0\">\n+<dict>\n+ <key>com.apple.security.hypervisor</key>\n+ <true/>\n+</dict>\n+</plist>\ndiff --git a/meson.build b/meson.build\nindex 3d889857a0..c667d64498 100644\n--- a/meson.build\n+++ b/meson.build\n@@ -2146,9 +2146,14 @@ foreach target : target_dirs\n }]\n endif\n foreach exe: execs\n- emulators += {exe['name']:\n- executable(exe['name'], exe['sources'],\n- install: true,\n+ exe_name = exe['name']\n+ exe_sign = 'CONFIG_HVF' in config_target\n+ if exe_sign\n+ exe_name += '-unsigned'\n+ endif\n+\n+ emulator = executable(exe_name, exe['sources'],\n+ install: not exe_sign,\n c_args: c_args,\n dependencies: arch_deps + deps + exe['dependencies'],\n objects: lib.extract_all_objects(recursive: true),\n@@ -2156,7 +2161,23 @@ foreach target : target_dirs\n link_depends: [block_syms, qemu_syms] + exe.get('link_depends', []),\n link_args: link_args,\n gui_app: exe['gui'])\n- }\n+\n+ if exe_sign\n+ emulators += {exe['name'] : custom_target(exe['name'],\n+ install: true,\n+ install_dir: get_option('bindir'),\n+ depends: emulator,\n+ output: exe['name'],\n+ command: [\n+ meson.current_source_dir() / 'scripts/entitlement.sh',\n+ meson.current_build_dir() / exe_name,\n+ meson.current_build_dir() / exe['name'],\n+ meson.current_source_dir() / 'accel/hvf/entitlements.plist'\n+ ])\n+ }\n+ else\n+ emulators += {exe['name']: emulator}\n+ endif\n \n if 'CONFIG_TRACE_SYSTEMTAP' in config_host\n foreach stp: [\ndiff --git a/scripts/entitlement.sh b/scripts/entitlement.sh\nnew file mode 100755\nindex 0000000000..c540fa6435\n--- /dev/null\n+++ b/scripts/entitlement.sh\n@@ -0,0 +1,13 @@\n+#!/bin/sh -e\n+#\n+# Helper script for the build process to apply entitlements\n+\n+SRC=\"$1\"\n+DST=\"$2\"\n+ENTITLEMENT=\"$3\"\n+\n+trap 'rm \"$DST.tmp\"' exit\n+cp -af \"$SRC\" \"$DST.tmp\"\n+codesign --entitlements \"$ENTITLEMENT\" --force -s - \"$DST.tmp\"\n+mv \"$DST.tmp\" \"$DST\"\n+trap '' exit\n", "prefixes": [ "v6", "01/11" ] }