Refactor build system, remove hvt compile-time specialization #345
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is a large change, and the majority of it is effectively a full re-write of the build system. The actual removal of hvt compile-time specialization is fairly straightforward. User-visible changes: - 'configure.sh' now needs to be run manually before running 'make', this is consistent with POLA. - conversely, 'make clean' no longer cleans Makeconf. Use 'distclean' or 'clobber' for that. - 'configure.sh' will now print the targets that can (will) be built on this system. The strategy is still "build everything we can", however I have disabled Genode on all systems except Linux due to toolchain issues. - You can now build a subset of targets from the top-level 'make', by specifying 'CONFIG_XXX=' (disable) or 'CONFIG_XXX=1' (enable) either on the command line, or editing the generated Makeconf. - Makefiles use silent rules by default. To get the old verbose ones back, use 'make V=1'. - The 'solo5-hvt' tender is no longer "specialized" to the unikernel. We build two tenders, 'solo5-hvt' with all non-debug modules configured and 'solo5-hvt-debug' with additional debug modules (gdb, dumpcore where available). - 'solo5-hvt-configure' is kept around for now for backward compatibility with OPAM/MirageOS but is essentially a NOP. Developer-visible changes: - The build system now has proper support for auto-generation of dependencies. This means you can safely edit source files, run make and be sure you will get a complete incremental build. - Makefiles have been refactored to use common best practices, remove repetition, consistent variable names and clear interfaces between configure.sh/Makeconf/Makefiles, all the while keeping them simple enough to understand for me on a Monday morning before coffee. I.e. limit use of macros, eval, etc. - hvt tender modules are no longer defined by compile-time flags, instead a dynamic array is placed into a special ELF section (.modules). This means that a hvt tender binary can be combined from an arbitrary set of hvt_module_XXX object files, which is the right way to do things going forward and also simplifies the build system (not needing to build multiple targets from the same set of sources). Shortcomings / TODOs: - Dependency files (*.d) are stored in-tree. I spent several days on trying to figure out how to get them to work out of tree, but in combination with the non-recursive use of subdirectories in 'bindings' I could not figure out the required Makefile magic. - HVT_DROP_PRIVILEGES=0 is non-functional with the new modules arrangement, but needs a re-design anyway. Other changes included as part of this PR: - Revert privilege dropping on FreeBSD (see discussion in Solo5#282). - The build system changes effectively implement option 1 in Solo5#292, i.e. on x86_64 -m no-red-zone is only used for bindings, not for application code. - tests/tests.bats has been refactored for DRY as it was getting totally unmaintainable.
2 tasks
|
Note that the failures for |
|
(This PR is intended mainly as a heads up and to document the changes made, I'm not actually asking people to review the build system changes, unless you feel particularly masochistic...) |
This is the equivalent of Solo5#342, required for OpenBSD 6.5+.
ricarkol
approved these changes
Mar 28, 2019
configure.sh
Outdated
| ;; | ||
| aarch64-*) | ||
| TARGET_ARCH=aarch64 | ||
| aarch64-linux*) |
There was a problem hiding this comment.
Better to have it as x86_64-*linux*. My rhel:
$ cc -dumpmachine
x86_64-redhat-linux
| */ | ||
| extern struct hvt_module *hvt_core_modules[]; | ||
| struct hvt_module { | ||
| const char *name; |
There was a problem hiding this comment.
If you use const char name[32]; (the compiler will complain if 32 is too small) then the modules section can contain the name like below:
[kollerr@oc6638465227 solo5]$ readelf -x modules tenders/hvt/solo5-hvt
Hex dump of section 'modules':
0x00606180 636f7265 00000000 00000000 00000000 core............
0x00606190 90184000 00000000 00000000 00000000 ..@.............
0x006061a0 00000000 00000000 00000000 00000000 ................
0x006061b0 00000000 00000000 00000000 00000000 ................
0x006061c0 626c6b00 00000000 00000000 00000000 blk.............
0x006061d0 202e4000 00000000 e02d4000 00000000 .@......-@.....
0x006061e0 d02d4000 00000000 00000000 00000000 .-@.............
0x006061f0 00000000 00000000 00000000 00000000 ................
0x00606200 6e657400 00000000 00000000 00000000 net.............
0x00606210 40344000 00000000 20384000 00000000 @4@..... 8@.....
0x00606220 30324000 00000000 02@.....
There was a problem hiding this comment.
Uh, yeah, the .modules stuff is a bit raw. I'm not going to change it now, will revisit when I get back.
Handles e.g. RHEL which uses 'x86_64-redhat-linux'. Thanks to @ricarkol.
This was referenced Mar 29, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is step 1 of #326. Note that as I'll be offline for about two weeks starting this Friday, I am going to merge this at the latest by tomorrow morning. As far as I know there are no major showstoppers and the shortcomings can be fixed later.
/cc @ricarkol @djwillia @hannesm (FreeBSD) @adamsteen (OpenBSD) @Kensan (Muen) @ehmry (Genode).
Note that I have not tested Muen or Genode beyond build-testing. I have also not tested the result of this with downstream Mirage/Solo5 on anything other than Debian (which is also being done by the E2E CI now).
@ehmry There was some confusion in "which set of CFLAGS / LD / LDFLAGS" was used for Genode in the old build system, I think I've picked the right ones in the new version but you might want to double-check.
This is a large change, and the majority of it is effectively a full
re-write of the build system. The actual removal of hvt compile-time
specialization is fairly straightforward.
User-visible changes:
this is consistent with POLA.
'clobber' for that.
this system. The strategy is still "build everything we can", however
I have disabled Genode on all systems except Linux due to toolchain
issues.
specifying 'CONFIG_XXX=' (disable) or 'CONFIG_XXX=1' (enable) either
on the command line, or editing the generated Makeconf.
back, use 'make V=1'.
We build two tenders, 'solo5-hvt' with all non-debug modules
configured and 'solo5-hvt-debug' with additional debug modules (gdb,
dumpcore where available).
compatibility with OPAM/MirageOS but is essentially a NOP.
Developer-visible changes:
dependencies. This means you can safely edit source files, run make
and be sure you will get a complete incremental build.
repetition, consistent variable names and clear interfaces between
configure.sh/Makeconf/Makefiles, all the while keeping them simple
enough to understand for me on a Monday morning before coffee. I.e.
limit use of macros, eval, etc.
instead a dynamic array is placed into a special ELF section
(.modules). This means that a hvt tender binary can be combined from
an arbitrary set of hvt_module_XXX object files, which is the right
way to do things going forward and also simplifies the build system
(not needing to build multiple targets from the same set of sources).
Shortcomings / TODOs:
trying to figure out how to get them to work out of tree, but in
combination with the non-recursive use of subdirectories in 'bindings'
I could not figure out the required Makefile magic.
arrangement, but needs a re-design anyway.
Other changes included as part of this PR:
on x86_64 -m no-red-zone is only used for bindings, not for
application code.
unmaintainable.