configure-hypervisor: Add option to build static qemu.

Add option to get configuration for an static qemu.

Fixes: #66

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
This commit is contained in:
Jose Carlos Venegas Munoz 2018-06-13 12:07:17 -05:00
parent 3dab5aabfc
commit eebe067a50

View File

@ -55,6 +55,7 @@ Options:
is specified.
-h : Display this help.
-m : Display options one per line (includes continuation characters).
-s : Generate options to build static
Example:
@ -204,7 +205,7 @@ main()
action=""
while getopts "dhm" opt
while getopts "dhms" opt
do
case "$opt" in
d)
@ -219,6 +220,9 @@ main()
m)
action="multi"
;;
s)
static="true"
;;
esac
done
@ -304,6 +308,10 @@ main()
qemu_options+=(security:--disable-static)
fi
if [ -n ${static} ]; then
qemu_options+=(misc:--static)
fi
# Not required as "-uuid ..." is always passed to the qemu binary
qemu_options+=(size:--disable-uuid)
@ -348,7 +356,7 @@ main()
fi
# Support Ceph RADOS Block Device (RBD)
qemu_options+=(functionality:--enable-rbd)
[ -z "${static}" ] && qemu_options+=(functionality:--enable-rbd)
# In "passthrough" security mode
# (-fsdev "...,security_model=passthrough,..."), qemu uses a helper
@ -398,7 +406,7 @@ main()
# SECURITY: Link binary as a Position Independant Executable,
# and take advantage of ASLR, making ROP attacks much harder to perform.
# (https://wiki.debian.org/Hardening)
_qemu_ldflags+=" -pie"
[ -z "${static}" ] && _qemu_ldflags+=" -pie"
# SECURITY: Disallow executing code on the stack.
_qemu_ldflags+=" -z noexecstack"