TOMOYO Linux on MeeGo 1.1

This page describes how to run TOMOYO Linux on MeeGo.

• Step 1: Setting up environment for emulator
• Step 2: Compiling kernel and tools
• Step 3: Initializing TOMOYO Linux
• Step 4: Analyzing MeeGo environment

Step 1: Setting up environment for emulator

Download and extract a MeeGo handset UI image file.

$ cd
$ wget http://download3.meego.com/sep03/meego-handset-ia32-1.0.80.9.20100706.1-sdk-pre0901.tar.bz2
$ tar -jxf meego-handset-ia32-1.0.80.9.20100706.1-sdk-pre0901.tar.bz2 --strip 1

"root" user's password for this image file is "meego".

If you are going to use this image file on QEMU, download and install qemu-gl package as shown in http://wiki.meego.com/MeeGo_SDK_with_QEMU .

$ wget http://download3.meego.com/qemu-gl_0.12.4-3_i386.deb
$ sudo dpkg -i qemu-gl_0.12.4-3_i386.deb
$ wget http://download3.meego.com/qemugl_cmd.sh
$ chmod 755 qemugl_cmd.sh

You can boot QEMU like below.

$ ./qemugl_cmd.sh meego-handset-ia32-1.0.80.9.20100706.1-sdk-pre0901.raw

If the MeeGo environment shows up correctly, you can proceed to step 2.

If you are going to use this image file on VMware, you need to modify this image file a bit.

First, create a VMware virtual machine with 4GB of virtual hard disk.

Next, boot the virtual machine using LiveCD. For example, you can use http://releases.ubuntu.com/lucid/ubuntu-10.04.2-desktop-i386.iso (MD5: 477350cbea8936c63d587cf2be69181b). If you booted using this ISO file, start the gnome terminal and become "root".

$ sudo bash

Check the virtual hard disk's device name. Below case shows that /dev/sda is the virtual hard disk.

# fdisk -l

Disk /dev/sda: 4294 MB, 4294967296 bytes
255 heads, 63 sectors/track, 522 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

Disk /dev/sda doesn't contain a valid partition table

Retrieve this image file using ssh (or curl or wget or whatever) and write to virtual hard disk. Substitute below vmwarehost with VMware host's IP address.

# ssh root@vmwarehost 'cat ~/meego-handset-ia32-1.0.80.9.20100706.1-sdk-pre0901.raw' > /dev/sda
# fdisk /dev/sda

WARNING: DOS-compatible mode is deprecated. It's strongly recommended to
         switch off the mode (command 'c') and change display units to
         sectors (command 'u').

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

Then, mount the first partition of the virtual hard disk on /mnt/ .

# fdisk -l

Disk /dev/sda: 4294 MB, 4294967296 bytes
186 heads, 61 sectors/track, 739 cylinders
Units = cylinders of 11346 * 512 = 5809152 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00097211

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1         517     2929687+  83  Linux
Partition 1 has different physical/logical endings:
     phys=(364, 185, 61) logical=(516, 79, 21)

# mount /dev/sda1 /mnt/

Open /etc/X11/xorg.conf-handset in that partition using a text editor.

# gedit /mnt/etc/X11/xorg.conf-handset

Comment out Driver and BusID lines in the Device section. A diff output is shown below.

--- a/etc/X11/xorg.conf-handset
+++ b/etc/X11/xorg.conf-handset
@@ -32,10 +32,10 @@
         #Option     "DefaultRefresh"     	# [<bool>]
         #Option     "ModeSetClearScreen" 	# [<bool>]
 	Identifier  "Card0"
-	Driver      "vesa"
+	#Driver      "vesa"
 	VendorName  "Technical Corp."
 	BoardName   "Unknown Board"
-	BusID       "PCI:0:2:0"
+	#BusID       "PCI:0:2:0"
 EndSection
 
 Section "Screen"

Save the file and quit the text editor. Then, unmount the partition.

# umount /mnt/

Check your IP address. You will need this IP address when logging into MeeGo environment via SSH. Hereafter, I use "meegohost" for referring this IP address.

# ifconfig eth0

eth0      Link encap:Ethernet  HWaddr 00:0c:29:99:19:08
          inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: 2001:c90:301:ba9:20c:29ff:fe99:1908/64 Scope:Global
          inet6 addr: fe80::20c:29ff:fe99:1908/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2210718 errors:39 dropped:40 overruns:0 frame:0
          TX packets:270495 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3299820248 (3.2 GB)  TX bytes:19256240 (19.2 MB)
          Interrupt:19 Base address:0x2000

Reboot the system.

# reboot

If the MeeGo environment shows up correctly, you can proceed to step 2. If it doesn't, check below things.

Login to the MeeGo environment via SSH using password "meego".

$ ssh root@meegohost

Then, check /var/log/Xorg.log.0 for (EE) lines. If you found "ioctl EVIOCGNAME failed: Inappropriate ioctl for device" line like below, you might need to let X ignore that device.

[    35.030] (II) XKB: reuse xkmfile /var/lib/xkb/server-D378AD8F86E560F712A83EE36E4E5E92C595B9BD.xkm
[    35.093] (II) config/udev: Adding input device AT Translated Set 2 keyboard (/dev/input/event1)
[    35.094] (**) AT Translated Set 2 keyboard: Applying InputClass "default"
[    35.094] (**) AT Translated Set 2 keyboard: always reports core events
[    35.094] (**) AT Translated Set 2 keyboard: Device: "/dev/input/event1"
[    35.094] (II) AT Translated Set 2 keyboard: Found keys
[    35.094] (II) AT Translated Set 2 keyboard: Configuring as keyboard
[    35.094] (II) XINPUT: Adding extended input device "AT Translated Set 2 keyboard" (type: KEYBOARD)
[    35.094] (**) Option "xkb_rules" "evdev"
[    35.094] (**) Option "xkb_model" "evdev"
[    35.094] (**) Option "xkb_layout" "us"
[    35.096] (II) config/udev: Adding input device ImPS/2 Generic Wheel Mouse (/dev/input/event2)
[    35.096] (**) ImPS/2 Generic Wheel Mouse: Applying InputClass "default"
[    35.096] (**) ImPS/2 Generic Wheel Mouse: always reports core events
[    35.096] (**) ImPS/2 Generic Wheel Mouse: Device: "/dev/input/event2"
[    35.096] (II) ImPS/2 Generic Wheel Mouse: Found 3 mouse buttons
[    35.096] (II) ImPS/2 Generic Wheel Mouse: Found scroll wheel(s)
[    35.096] (II) ImPS/2 Generic Wheel Mouse: Found relative axes
[    35.096] (II) ImPS/2 Generic Wheel Mouse: Found x and y relative axes
[    35.096] (II) ImPS/2 Generic Wheel Mouse: Configuring as mouse
[    35.097] (**) ImPS/2 Generic Wheel Mouse: YAxisMapping: buttons 4 and 5
[    35.097] (**) ImPS/2 Generic Wheel Mouse: EmulateWheelButton: 4, EmulateWheelInertia: 10, EmulateWheelTimeout: 200
[    35.097] (II) XINPUT: Adding extended input device "ImPS/2 Generic Wheel Mouse" (type: MOUSE)
[    35.098] (**) ImPS/2 Generic Wheel Mouse: (accel) keeping acceleration scheme 1
[    35.098] (**) ImPS/2 Generic Wheel Mouse: (accel) acceleration profile 0
[    35.098] (**) ImPS/2 Generic Wheel Mouse: (accel) acceleration factor: 2.000
[    35.098] (**) ImPS/2 Generic Wheel Mouse: (accel) acceleration threshold: 4
[    35.098] (II) ImPS/2 Generic Wheel Mouse: initialized for relative axes.
[    35.099] (II) config/udev: Adding input device ImPS/2 Generic Wheel Mouse (/dev/input/mouse0)
[    35.100] (**) ImPS/2 Generic Wheel Mouse: Applying InputClass "default"
[    35.100] (**) ImPS/2 Generic Wheel Mouse: always reports core events
[    35.100] (**) ImPS/2 Generic Wheel Mouse: Device: "/dev/input/mouse0"
[    35.100] (EE) ioctl EVIOCGNAME failed: Inappropriate ioctl for device
[    35.100] (II) UnloadModule: "evdev"
[    35.100] (EE) PreInit returned NULL for "ImPS/2 Generic Wheel Mouse"

To let X ignore a device ("ImPS/2 Generic Wheel Mouse (/dev/input/mouse0)" in above case), add a section like below and reboot the system.

--- a/etc/X11/xorg.conf-handset
+++ b/etc/X11/xorg.conf-handset
@@ -23,6 +23,13 @@
 	ModelName    "Monitor Model"
 EndSection
 
+Section "InputClass"
+	Identifier "ImPS/2 Generic Wheel Mouse"
+	MatchProduct "ImPS/2 Generic Wheel Mouse"
+	MatchDevicePath "/dev/input/mouse0"
+	Option "Ignore" "on"
+EndSection
+
 Section "Device"
         ### Available Driver options are:-
         ### Values: <i>: integer, <f>: float, <bool>: "True"/"False",

Do troubleshooting now before proceeding to next step.

Step 2: Compiling kernel and tools

Set up environment for compiling kernel and tools. This section assumes Fedora 13 in order to use "rpmbuild" command.

First, install packages needed for compiling.

$ su -
# yum -y install wget gcc rpm-build elfutils-libelf-devel binutils-devel newt-devel ncurses-devel
# exit

Next, download a kernel source package.

$ cd
$ wget https://repo.meego.com/MeeGo/builds/1.0.99/1.0.99.2.20101019.1/core/repos/source/kernel-2.6.35.3-10.3.src.rpm

Next, install the package and run preparation stage.

$ rpm -ivh kernel-2.6.35.3-10.3.src.rpm
$ rpmbuild -bp ~/rpmbuild/SPECS/kernel.spec
$ cd ~/rpmbuild/BUILD/kernel-2.6.35.3/linux-2.6.35/

If you are going to use this kernel on QEMU, download and apply kernel patch. If you are going to use this kernel on VMware, you don't need to do this.

$ wget http://meego.gitorious.org/meego-developer-tools/meego-emulator-virtiogl-x86/blobs/raw/master/linux-2.6.35-virtio-for-qemu-gl-acceleration.patch
$ patch -p1 < linux-2.6.35-virtio-for-qemu-gl-acceleration.patch

Next, create a kernel config file. You can pull it from the MeeGo environment on QEMU by doing

$ scp -p -P 6666 root@127.0.0.1:/boot/config-\* .config

or from the MeeGo environment on VMware by doing

$ scp -p root@meegohost:/boot/config-\* .config

Now, update the kernel config file. If you are going to use this kernel on QEMU, be sure to answer "y" or "m" to "Virtio userspace memory transport".

$ make -s oldconfig

MeeGo kernel is using writeback mode for mounting ext3 filesystem image. But use of writeback mode will corrupt files (e.g. data from deleted files is implicitly imported to previously written files) when QEMU or VMware is suddenly terminated. Change kernel config like below if you want to use ordered mode for mounting ext3 filesystem image.

$ sed -i -e 's/# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set/CONFIG_EXT3_DEFAULTS_TO_ORDERED=y/' -- .config

If you don't mean to debug kernel, you can save compilation time and disk space. Change kernel config like below if you don't mean to debug kernel.

$ sed -i -e 's/CONFIG_DEBUG_INFO=y/# CONFIG_DEBUG_INFO is not set/' -- .config

Next, download and apply TOMOYO Linux kernel patch.

$ wget https://sourceforge.net/projects/tomoyo/files/ccs-patch/1.8/ccs-patch-1.8.11-20240715.tar.gz
$ wget https://sourceforge.net/projects/tomoyo/files/ccs-patch/1.8/ccs-patch-1.8.11-20240715.tar.gz.asc
$ gpg ccs-patch-1.8.11-20240715.tar.gz.asc
$ tar -zxf ccs-patch-1.8.11-20240715.tar.gz
$ patch -p1 < patches/ccs-patch-2.6.35.diff
$ cat config.ccs >> .config

Now, build the kernel.

$ make -s

Download and build the tools.

$ cd ~/rpmbuild/BUILD/
$ wget https://sourceforge.net/projects/tomoyo/files/ccs-tools/1.8/ccs-tools-1.8.9-20210910.tar.gz
$ wget https://sourceforge.net/projects/tomoyo/files/ccs-tools/1.8/ccs-tools-1.8.9-20210910.tar.gz.asc
$ gpg ccs-tools-1.8.9-20210910.tar.gz.asc
$ tar -zxf ccs-tools-1.8.9-20210910.tar.gz
$ make -sC ccs-tools/

Create a directory for temporarily holding kernel and tools and copy them.

$ su
# mkdir -p /tmp/meego/boot/extlinux/
# make -sC ccs-tools/ INSTALLDIR=/tmp/meego/ install
# cd kernel-2.6.35.3/linux-2.6.35/
# make -s INSTALL_MOD_PATH=/tmp/meego/ modules_install vdso_install
# make -s INSTALL_PATH=/tmp/meego/boot/extlinux/ install
# chmod -R go-w /tmp/meego/
# chown -R root:root /tmp/meego/
# exit

Copy the kernel and tools. You can push them to the MeeGo environment on QEMU by doing

$ cd /tmp/meego/
$ tar -zcf - | ssh root@127.0.0.1 -p 6666  'cd / && tar -zxf -'

or to the MeeGo environment on VMware by doing

$ cd /tmp/meego/
$ tar -zcf - | ssh root@meegohost 'cd / && tar -zxf -'

Step 3: Initializing TOMOYO Linux

Log in to the MeeGo environment via SSH.

Initialize TOMOYO Linux's configuration.

# /usr/lib/ccs/init_policy --use_profile=1

Change bootloader configuration.

# vi /boot/extlinux/extlinux.conf

Edit extlinux.conf like below.

--- extlinux.conf
+++ extlinux.conf
@@ -18,7 +18,7 @@
 menu color timeout 0 #ffffffff #00000000
 menu color cmdline 0 #ffffffff #00000000
 label meego0
-	menu label MeeGo (2.6.35~rc6-134.1-qemu)
-	kernel vmlinuz-2.6.35~rc6-134.1-qemu
-	append ro root=/dev/sda1 quiet vga=current quiet
+	menu label MeeGo (2.6.35.3)
+	kernel vmlinuz-2.6.35.3
+	append ro root=/dev/sda1 vga=current
 	menu default

Save the file and reboot the MeeGo environment.

# reboot

Step 4: Analyzing MeeGo environment

You can operate from SSH session. You can switch to console screen by pressing Alt+F1 key and switch back to graphical screen by Alt+F2 key if you removed "quiet" options from /boot/extlinux/extlinux.conf . Also, you may locate xterm window on graphical screen by doing

# export DISPLAY=:0
# xterm -into `xwininfo -root -tree -int | awk ' { if ( index($2, "duihome") > 0) print $1; } '`

Below movie demonstrates how you can use TOMOYO Linux for analyzing the MeeGo environment.

• How to use Policy Editor: detailed usage of policy editor