OpenXT Packages

Copyright 2015 by Assured Information Security, Inc. Created by Jean-Edouard Lejosne <lejosnej@ainfosec.com>. This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/.

Format

OpenXT uses the ipk format for packages, and opkg as a package manager.

ipk and opkg are comparable to respectively deb and dpkg in Debian. (some dpkg operations, like dpkg -c, will work on ipks).

opkg can use configuration files similar to the Debian /etc/apt/sources.list. Such configuration files are created at build time in OpenEmbedded.

OpenEmbedded packages

Everything OpenEmbedded builds end up in separate packages.

For simple recipes, 3 packages are created:

  • package_version.ipk, which contain the stripped binaries that were built
  • package_version-dev.ikg, which contains mainly development headers
  • package_version-dbg.ipk, with the symbols for debugging (gdb)

For kernel recipes, a lot of packages are created. There's mainly one package for the kernel itself, and one package per kernel module.

For every package (and all their DEPENDencies) needed by a given image/task (like dom0), only package_version.ipk will be installed at build time in the rootfs.

The OpenXT build system also includes a recipe called task-xenclient-extra, which is a list of packages that aren't likely to get built for any rootfs, but that we want available, mostly for debugging purposes (example: gdb).

Building

All the packages for all the targets are collected at the end of the build, and copied to a web server by the packages_tree step based on a configuration value.

The recipe xenclient-feed-configs builds the opkg config files based on another configuration value.

The two configuration values to set in your .config are, respectively:

  • BUILD_RSYNC_DESTINATION=<HOST>:<PATH>, which is the rsync destination for the build output

  • NETBOOT_HTTP_URL=http://<HOST>/<PATH>, which is the URL for web access to the build output location

Installing

With everything setup, built and installed right, every single package built by OpenEmbedded should be install-able using:

$ nr
$ rw
$ opkg update
$ opkg install <PACKAGE>
$ ro

Note: when doing that, make sure there's enough space on the rootfs first.

We usually try to make sure that the volume group always has at least 1GB of free space, which you can allocate to dom0 using:

$ lvresize L+1G /dev/mapper/xenclientroot
$ rw
$ resize2fs /dev/mapper/xenclient-root
$ ro

When working on OpenXT, people will usually want to install gdb/valgrind, built by task-xenclient-extra, and the -dbg packages for the things to debug. Installing -dbg packages usually pull a lot of -dbg dependencies, especially the first time, so extending the rootfs is usually required.

Â