vm-build: Add script to build in a microvm

This script uses the `ocivm` tool to launch a QEMU micro VM to build
the operating system.  This is necessary to produce an SELinux-enabled
system, since container runtimes interfere with the SELinux policy
build and filesystem labeling processes.

ocivm.sh

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+set -e
+
+. ./config
+
+name=build_yellow
+if ! ocivm list | grep -q localhost/cross-${target}; then
+    ocivm import localhost/cross-${target}
+fi
+ocivm \
+    --log-level DEBUG \
+    run \
+    -n ${name} \
+    -w /tmp/src \
+    -v "${PWD}":/tmp/src \
+    -v distfiles:/var/cache/distfiles:size=4G \
+    -v packages:/var/cache/binpkgs \
+    -v portage:/var/db/repos/gentoo:size=4G \
+    --tmpfs /usr/aarch64-unknown-linux-gnu/tmp \
+    --tmpfs /var/tmp \
+    localhost/cross-aarch64-unknown-linux-gnu \
+    "$@"

vm-build.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+# vim: set sw=4 ts=4 sts=4 et :
+
+exec ./ocivm.sh make O=/tmp/build 'IMAGESDIR=${PWD}/images'