+%bcond_without aesni
+%{!?_topdir:%define _topdir %(pwd)}
%define _vpp_build_dir build-tool-native
%define _unitdir /lib/systemd/system
-%define _topdir %(pwd)
%define _builddir %{_topdir}
%define _mu_build_dir %{_topdir}/%{name}-%{_version}/build-root
-%define _vpp_install_dir install-vpp-native
+%define _vpp_tag %{getenv:TAG}
+%if "%{_vpp_tag}" == ""
+%define _vpp_tag vpp
+%endif
+%define _vpp_install_dir install-%{_vpp_tag}-native
-# Failsafe backport of Python2-macros for RHEL <= 6
-%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
-%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
-%{!?python_version: %global python_version %(%{__python} -c "import sys; sys.stdout.write(sys.version[:3])")}
-%{!?__python2: %global __python2 %{__python}}
-%{!?python2_sitelib: %global python2_sitelib %{python_sitelib}}
-%{!?python2_sitearch: %global python2_sitearch %{python_sitearch}}
-%{!?python2_version: %global python2_version %{python_version}}
+%{?systemd_requires}
-%{!?python2_minor_version: %define python2_minor_version %(%{__python} -c "import sys ; print sys.version[2:3]")}
-%{?systemd_requires}
+# SELinux Related definitions
+%global selinuxtype targeted
+%global moduletype services
+%global modulenames vpp-custom
+
+# Usage: _format var format
+# Expand 'modulenames' into various formats as needed
+# Format must contain '$x' somewhere to do anything useful
+%global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done;
+
+# Relabel files
+%global relabel_files() \ # ADD files in *.fc file
+
+# Version of distribution SELinux policy package
+%global selinux_policyver 3.13.1-128.6.fc22
+
Name: vpp
Summary: Vector Packet Processing
-License: MIT
+License: ASL 2.0
Version: %{_version}
Release: %{_release}
-Requires: vpp-lib = %{_version}-%{_release}, net-tools, pciutils, python
BuildRequires: systemd, chrpath
-
-# Source: %{name}-%{_version}-%{_release}.tar.xz
-Source: vpp-latest.tar.xz
+BuildRequires: check, check-devel
+BuildRequires: mbedtls-devel mbedtls
+%if 0%{?fedora}
+Requires: vpp-lib = %{_version}-%{_release}, vpp-selinux-policy = %{_version}-%{_release}, net-tools, pciutils
+Requires: compat-openssl10
+Requires: mbedtls libffi-devel
+BuildRequires: subunit, subunit-devel
+BuildRequires: compat-openssl10-devel
+BuildRequires: python, python-devel, python-virtualenv, python-ply
+BuildRequires: python3, python36-devel, python3-virtualenv
+BuildRequires: cmake
+%else
+%if 0%{rhel} >= 7
+Requires: vpp-lib = %{_version}-%{_release}, vpp-selinux-policy = %{_version}-%{_release}, net-tools, pciutils, python36
+Requires: mbedtls libffi-devel
+BuildRequires: epel-release
+BuildRequires: mbedtls-devel mbedtls
+BuildREquires: openssl-devel
+BuildRequires: python36-devel
+%if 0%{rhel} == 7
+BuildRequires: devtoolset-9-toolchain
+BuildRequires: cmake3
+BuildRequires: glibc-static, yum-utils
+%else
+BuildRequires: cmake
+BuildRequires: dnf-utils
+%endif
+%endif
+%endif
+BuildRequires: libffi-devel
+BuildRequires: redhat-lsb
+BuildRequires: apr-devel
+BuildRequires: numactl-devel
+BuildRequires: autoconf automake libtool byacc bison flex
+BuildRequires: selinux-policy selinux-policy-devel
+
+Source: %{name}-%{_version}-%{_release}.tar.xz
+# Source: vpp-latest.tar.xz
%description
This package provides VPP executables: vpp, vpp_api_test, vpp_json_test
%package lib
Summary: VPP libraries
Group: System Environment/Libraries
+Requires: vpp-selinux-policy = %{_version}-%{_release}
%description lib
This package contains the VPP shared libraries, including:
%package plugins
Summary: Vector Packet Processing--runtime plugins
Group: System Environment/Libraries
-Requires: vpp = %{_version}-%{_release}
+Requires: vpp = %{_version}-%{_release} numactl-libs
%description plugins
This package contains VPP plugins
%description api-lua
This package contains the lua bindings for the vpp api
-%package api-java
-Summary: VPP api java bindings
+%package api-python3
+Summary: VPP api python3 bindings
Group: Development/Libraries
-Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release}
+Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release}, libffi-devel
+Requires: python3-setuptools
-%description api-java
-This package contains the java bindings for the vpp api
+%description api-python3
+This package contains the python3 bindings for the vpp api
-%package api-python
-Summary: VPP api python bindings
-Group: Development/Libraries
-Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release}, python-setuptools libffi-devel
+%package selinux-policy
+Summary: VPP Security-Enhanced Linux (SELinux) policy
+Group: System Environment/Base
+Requires(post): selinux-policy-base >= %{selinux_policyver}, selinux-policy-targeted >= %{selinux_policyver}, policycoreutils, libselinux-utils
+%if 0%{rhel} < 8
+Requires(post): policycoreutils-python
+%else
+Requires(post): python3-policycoreutils
+%endif
-%description api-python
-This package contains the python bindings for the vpp api
+%description selinux-policy
+This package contains a tailored VPP SELinux policy
%prep
-%setup -q -n %{name}-%{_version}
+%setup -q -c -T -n %{name}-%{_version}
+cd ..
+unxz --stdout ./SOURCES/%{name}-%{_version}-%{_release}.tar.xz | tar --extract --touch
+cd -
%pre
# Add the vpp group
groupadd -f -r vpp
%build
-make bootstrap
-make -C build-root PLATFORM=vpp TAG=vpp install-packages
-cd %{_mu_build_dir}/../src/vpp-api/python && %py2_build
+%if 0%{rhel} < 8
+. /opt/rh/devtoolset-9/enable
+%endif
+%if %{with aesni}
+ make install-dep
+ make -C build-root PLATFORM=vpp TAG=%{_vpp_tag} install-packages
+%else
+ make bootstrap AESNI=n
+ make -C build-root PLATFORM=vpp AESNI=n TAG=%{_vpp_tag} install-packages
+%endif
+cd %{_mu_build_dir}/../src/vpp-api/python && %py3_build
+cd %{_mu_build_dir}/../extras/selinux && make -f %{_datadir}/selinux/devel/Makefile
%install
#
#
mkdir -p -m755 %{buildroot}/etc/vpp
mkdir -p -m755 %{buildroot}/etc/sysctl.d
-install -p -m 644 %{_topdir}/vpp.service %{buildroot}%{_unitdir}
+install -p -m 644 %{_mu_build_dir}/../extras/rpm/vpp.service %{buildroot}%{_unitdir}
install -p -m 644 %{_mu_build_dir}/../src/vpp/conf/startup.conf %{buildroot}/etc/vpp/startup.conf
install -p -m 644 %{_mu_build_dir}/../src/vpp/conf/80-vpp.conf %{buildroot}/etc/sysctl.d
#
mkdir -p -m755 %{buildroot}%{_libdir}
mkdir -p -m755 %{buildroot}/etc/bash_completion.d
mkdir -p -m755 %{buildroot}/usr/share/vpp
-for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/*/lib* -type f -name '*.so.*.*.*' -print )
+for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/*/lib* -type f -name '*.so.*.*' -print )
do
install -p -m 755 $file %{buildroot}%{_libdir}
done
do
install -p -m 644 $file %{buildroot}/usr/share/vpp/api
done
-install -p -m 644 %{_mu_build_dir}/../src/scripts/vppctl_completion %{buildroot}/etc/bash_completion.d
-install -p -m 644 %{_mu_build_dir}/../src/scripts/vppctl-cmd-list %{buildroot}/usr/share/vpp
# Lua bindings
mkdir -p -m755 %{buildroot}/usr/share/doc/vpp/examples/lua/examples/cli
mkdir -p -m755 %{buildroot}/usr/share/doc/vpp/examples/lua/examples/lute
-for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/../../src/vpp-api/lua && git ls-files .)
-do
- install -p -m 644 %{_mu_build_dir}/%{_vpp_install_dir}/../../src/vpp-api/lua/$file \
- %{buildroot}/usr/share/doc/vpp/examples/lua/$file
-done
-
-# Java bindings
-mkdir -p -m755 %{buildroot}/usr/share/java
-for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/vpp/share/java -type f -name '*.jar' -print )
+# for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/../../src/vpp-api/lua && git ls-files .)
+for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/../../src/vpp-api/lua && find . -type f -regex '.*/*.[luteamd]' -print | sed -e 's/^\.\///')
do
- install -p -m 644 $file %{buildroot}/usr/share/java
+ ( cd %{_mu_build_dir}/%{_vpp_install_dir}/../../src/vpp-api/lua && install -p -m 644 $file \
+ %{buildroot}/usr/share/doc/vpp/examples/lua/$file )
done
# Python bindings
-cd %{_mu_build_dir}/../src/vpp-api/python && %py2_install
+cd %{_mu_build_dir}/../src/vpp-api/python && %py3_install
+
+# SELinux Policy
+# Install SELinux interfaces
+%_format INTERFACES %{_mu_build_dir}/../extras/selinux/$x.if
+install -d %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
+install -p -m 644 $INTERFACES \
+ %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
+
+# Install policy modules
+%_format MODULES %{_mu_build_dir}/../extras/selinux/$x.pp
+install -d %{buildroot}%{_datadir}/selinux/packages
+install -m 0644 $MODULES \
+ %{buildroot}%{_datadir}/selinux/packages
#
# devel
#
-for dir in $(find %{_mu_build_dir}/%{_vpp_install_dir}/*/include/ -maxdepth 0 -type d -print | grep -v dpdk)
+for dir in %{_mu_build_dir}/%{_vpp_install_dir}/vpp/include/
do
for subdir in $(cd ${dir} && find . -type d -print)
do
done
done
-mkdir -p -m755 %{buildroot}%{python2_sitelib}/jvppgen
-install -p -m755 %{_mu_build_dir}/../src/vpp-api/java/jvpp/gen/jvpp_gen.py %{buildroot}/usr/bin
-for i in $(ls %{_mu_build_dir}/../src/vpp-api/java/jvpp/gen/jvppgen/*.py); do
- install -p -m666 ${i} %{buildroot}%{python2_sitelib}/jvppgen
-done;
+install -p -m 644 %{_mu_build_dir}/../src/tools/vppapigen/vppapigen_c.py %{buildroot}/usr/share/vpp
+install -p -m 644 %{_mu_build_dir}/../src/tools/vppapigen/vppapigen_json.py %{buildroot}/usr/share/vpp
# sample plugin
mkdir -p -m755 %{buildroot}/usr/share/doc/vpp/examples/sample-plugin/sample
-for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/../../src/examples/sample-plugin && git ls-files .)
+#for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/../../src/examples/sample-plugin && git ls-files .)
+for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/../../src/examples/sample-plugin && find . -type f -regex '.*/*.[acdhimp]' -print | sed -e 's/^\.\///')
do
- install -p -m 644 %{_mu_build_dir}/%{_vpp_install_dir}/../../src/examples/sample-plugin/$file \
- %{buildroot}/usr/share/doc/vpp/examples/sample-plugin/$file
+ ( cd %{_mu_build_dir}/%{_vpp_install_dir}/../../src/examples/sample-plugin && install -p -m 644 $file \
+ %{buildroot}/usr/share/doc/vpp/examples/sample-plugin/$file )
done
+# vppctl sockfile directory
+mkdir -p -m755 %{buildroot}%{_localstatedir}/run/vpp
+# vpp.log directory
+mkdir -p -m755 %{buildroot}%{_localstatedir}/log/vpp
#
# vpp-plugins
-#
+#
mkdir -p -m755 %{buildroot}/usr/lib/vpp_plugins
mkdir -p -m755 %{buildroot}/usr/lib/vpp_api_test_plugins
-for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_plugins && find -type f -print)
+for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/%{_lib}/vpp_plugins && find -type f -print)
do
- install -p -m 644 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_plugins/$file \
+ install -p -m 755 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/%{_lib}/vpp_plugins/$file \
%{buildroot}/usr/lib/vpp_plugins/$file
done
-for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_api_test_plugins && find -type f -print)
+for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/%{_lib}/vpp_api_test_plugins && find -type f -print)
do
- install -p -m 644 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_api_test_plugins/$file \
+ install -p -m 755 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/%{_lib}/vpp_api_test_plugins/$file \
%{buildroot}/usr/lib/vpp_api_test_plugins/$file
done
-for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/plugins -type f -name '*.api.json' -print )
+for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/vpp/share/vpp/api/plugins -type f -name '*.api.json' -print )
do
- install -p -m 644 $file %{buildroot}/usr/share/vpp/api
+ install -p -m 755 $file %{buildroot}/usr/share/vpp/api
done
#
%{_mu_build_dir}/scripts/remove-rpath %{buildroot}
%post
-sysctl --system
+if [ $1 -eq 1 ] ; then
+ sysctl --system
+fi
%systemd_post vpp.service
%preun
%systemd_preun vpp.service
+%post selinux-policy
+%_format MODULES %{_datadir}/selinux/packages/$x.pp
+if %{_sbindir}/selinuxenabled ; then
+ %{_sbindir}/semodule -n -X 400 -s %{selinuxtype} -i $MODULES
+ %{_sbindir}/load_policy
+ %relabel_files
+fi
+
+
%postun
%systemd_postun
-
-# Unbind user-mode PCI drivers
-removed=
-pci_dirs=`find /sys/bus/pci/drivers -type d -name igb_uio -o -name uio_pci_generic -o -name vfio-pci`
-for d in $pci_dirs; do
- for f in ${d}/*; do
- [ -e "${f}/config" ] || continue
- echo ${f##*/} > ${d}/unbind
- basename `dirname ${f}` | xargs echo -n "Removing driver"; echo " for PCI ID" `basename ${f}`
- removed=y
+if [ $1 -eq 0 ] ; then
+ echo "Uninstalling, unbind user-mode PCI drivers"
+ # Unbind user-mode PCI drivers
+ removed=
+ pci_dirs=`find /sys/bus/pci/drivers -type d -name igb_uio -o -name uio_pci_generic -o -name vfio-pci`
+ for d in $pci_dirs; do
+ for f in ${d}/*; do
+ [ -e "${f}/config" ] || continue
+ echo ${f##*/} > ${d}/unbind
+ basename `dirname ${f}` | xargs echo -n "Removing driver"; echo " for PCI ID" `basename ${f}`
+ removed=y
+ done
done
-done
-if [ -n "${removed}" ]; then
- echo "There are changes in PCI drivers, rescaning"
- echo 1 > /sys/bus/pci/rescan
+ if [ -n "${removed}" ]; then
+ echo "There are changes in PCI drivers, rescaning"
+ echo 1 > /sys/bus/pci/rescan
+ else
+ echo "There weren't PCI devices binded"
+ fi
else
- echo "There weren't PCI devices binded"
+ echo "Upgrading package, dont' unbind interfaces"
+fi
+
+%postun selinux-policy
+if [ $1 -eq 0 ]; then
+ %{_sbindir}/semodule -n -r %{modulenames}
+ if %{_sbindir}/selinuxenabled ; then
+ %{_sbindir}/load_policy
+ %relabel_files
+ fi
fi
%files
%defattr(-,bin,bin)
%{_unitdir}/vpp.service
+/usr/bin/vat2
/usr/bin/vpp*
/usr/bin/svm*
-/usr/bin/elftool
-%config /etc/sysctl.d/80-vpp.conf
-%config /etc/vpp/startup.conf
+%config(noreplace) /etc/sysctl.d/80-vpp.conf
+%config(noreplace) /etc/vpp/startup.conf
/usr/share/vpp/api/*
+%defattr(-,root,vpp)
+%{_localstatedir}/run/vpp*
+
+%defattr(-,root,root)
+%{_localstatedir}/log/vpp*
+
%files lib
%defattr(-,bin,bin)
+%global __requires_exclude_from %{_libdir}/librte_pmd_mlx[45]_glue\\.so.*$
%exclude %{_libdir}/vpp_plugins
%exclude %{_libdir}/vpp_api_test_plugins
%{_libdir}/*
/usr/share/vpp/api/*
-/etc/bash_completion.d/vppctl_completion
-/usr/share/vpp/vppctl-cmd-list
%files api-lua
%defattr(644,root,root,644)
/usr/share/doc/vpp/examples/lua
-%files api-java
-%defattr(644,root,root)
-/usr/share/java/*
+%files api-python3
+%defattr(644,root,root,755)
+%{python3_sitelib}/vpp_*
-%files api-python
-%defattr(644,root,root)
-%{python2_sitelib}/vpp_papi*
+%files selinux-policy
+%defattr(-,root,root,0755)
+%attr(0644,root,root) %{_datadir}/selinux/packages/*.pp
+%attr(0644,root,root) %{_datadir}/selinux/devel/include/%{moduletype}/*.if
%files devel
%defattr(-,bin,bin)
/usr/bin/vppapigen
-/usr/bin/jvpp_gen.py
+/usr/bin/vapi_c_gen.py
+/usr/bin/vapi_cpp_gen.py
+/usr/bin/vapi_json_parser.py
%{_includedir}/*
-%{python2_sitelib}/jvppgen/*
/usr/share/doc/vpp/examples/sample-plugin
+/usr/share/vpp
%files plugins
%defattr(-,bin,bin)