From eebe067a5001e0309473c18be46d5062cba7ff04 Mon Sep 17 00:00:00 2001 From: Jose Carlos Venegas Munoz Date: Wed, 13 Jun 2018 12:07:17 -0500 Subject: [PATCH] configure-hypervisor: Add option to build static qemu. Add option to get configuration for an static qemu. Fixes: #66 Signed-off-by: Jose Carlos Venegas Munoz --- scripts/configure-hypervisor.sh | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/scripts/configure-hypervisor.sh b/scripts/configure-hypervisor.sh index e5ff2e2e86..15f71116c3 100755 --- a/scripts/configure-hypervisor.sh +++ b/scripts/configure-hypervisor.sh @@ -55,6 +55,7 @@ Options: is specified. -h : Display this help. -m : Display options one per line (includes continuation characters). + -s : Generate options to build static Example: @@ -204,7 +205,7 @@ main() action="" - while getopts "dhm" opt + while getopts "dhms" opt do case "$opt" in d) @@ -219,6 +220,9 @@ main() m) action="multi" ;; + s) + static="true" + ;; esac done @@ -304,6 +308,10 @@ main() qemu_options+=(security:--disable-static) fi + if [ -n ${static} ]; then + qemu_options+=(misc:--static) + fi + # Not required as "-uuid ..." is always passed to the qemu binary qemu_options+=(size:--disable-uuid) @@ -348,7 +356,7 @@ main() fi # Support Ceph RADOS Block Device (RBD) - qemu_options+=(functionality:--enable-rbd) + [ -z "${static}" ] && qemu_options+=(functionality:--enable-rbd) # In "passthrough" security mode # (-fsdev "...,security_model=passthrough,..."), qemu uses a helper @@ -398,7 +406,7 @@ main() # SECURITY: Link binary as a Position Independant Executable, # and take advantage of ASLR, making ROP attacks much harder to perform. # (https://wiki.debian.org/Hardening) - _qemu_ldflags+=" -pie" + [ -z "${static}" ] && _qemu_ldflags+=" -pie" # SECURITY: Disallow executing code on the stack. _qemu_ldflags+=" -z noexecstack"