[gentoo-commits] repo/gentoo:master commit in: sys-firmware/intel-microcode/ - gentoo-commits

From:	Thomas Deutschmann <whissi@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: sys-firmware/intel-microcode/
Date:	Mon, 24 Sep 2018 14:31:38
Message-Id:	`1537799336.18ccb7f1533c05dd92085fb2c176154700afecfa.whissi@gentoo`

1

commit:     18ccb7f1533c05dd92085fb2c176154700afecfa

2

Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

3

AuthorDate: Mon Sep 24 14:28:49 2018 +0000

4

Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

5

CommitDate: Mon Sep 24 14:28:56 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18ccb7f1

7

8

sys-firmware/intel-microcode: bump

9

10

- New microcode:

11

12

  sig 0x000806e9, pf_mask 0x10, 2018-06-26, rev 0x0098

13

14

- Updated microcodes:

15

16

  sig 0x00050655, pf_mask 0xb7, 2018-03-14, rev 0x3000009 -> 2018-04-27, rev 0x300000b

17

  sig 0x000706a1, pf_mask 0x01, 2018-05-22, rev 0x0028    -> 2018-07-25, rev 0x002a

18

19

Package-Manager: Portage-2.3.50, Repoman-2.3.11

20

21

 sys-firmware/intel-microcode/Manifest              |   1 +

22

 .../intel-microcode-20180807a_p20180922.ebuild     | 253 +++++++++++++++++++++

23

 2 files changed, 254 insertions(+)

24

25

diff --git a/sys-firmware/intel-microcode/Manifest b/sys-firmware/intel-microcode/Manifest

26

index 2730dbac48e..b865a5e6ce6 100644

27

--- a/sys-firmware/intel-microcode/Manifest

28

+++ b/sys-firmware/intel-microcode/Manifest

29

@@ -1,2 +1,3 @@

30

 DIST intel-microcode-collection-20180916.tar.xz 4414792 BLAKE2B e0dee0ef27e5d5460a4856b73a0a3940e563b649912f648cf45c109404666b7ebffb3bcce900f2eb48502b8ef2f0410cdde39eb478879e79cca4414f326c6947 SHA512 ac1964cbaffdf8a5e42ea80fd6898583f3f97a3163b0b661bcc0a83f6a1e9ba0c0a22bc79b8aadb759e5d02f77d2e2c04bd16c8811a277eb261a9a5e3bae3761

31

+DIST intel-microcode-collection-20180922.tar.xz 4506768 BLAKE2B c985c20e01ab171637bf8acbab912a802608681a7f62779a63cd4218008435638c06452fef157d26ff6295dbee963827493dd85fb31b6e2b8e447158eb55d9f9 SHA512 08d38e25d02a45cbc2272c440e64255dbaac90efc67dd241f8e329c84eff2baab38236ee97a52e3803ecbc87a751d1d44f08a18288fba52cbbf916390d461646

32

 DIST microcode-20180807a.tgz 1628061 BLAKE2B a6b5a07596a0b1687efb95c207b2194865b2f975cc0d761a687d5b9d8fea63e777eb73373113f356a18592fd53651cf37d044d4e98cdfe6b306393b54ac06129 SHA512 3cd6794a5ce26e86f7b644e523ba978699316046e593da215b73b17c4b43049ac4a81636e2ce3e727d06c2efbac98657764aa3ff355edb429127585bb49a9b10

33

34

diff --git a/sys-firmware/intel-microcode/intel-microcode-20180807a_p20180922.ebuild b/sys-firmware/intel-microcode/intel-microcode-20180807a_p20180922.ebuild

35

new file mode 100644

36

index 00000000000..42757b59066

37

--- /dev/null

38

+++ b/sys-firmware/intel-microcode/intel-microcode-20180807a_p20180922.ebuild

39

@@ -0,0 +1,253 @@

40

+# Copyright 1999-2018 Gentoo Authors

41

+# Distributed under the terms of the GNU General Public License v2

42

+

43

+EAPI="6"

44

+

45

+inherit linux-info toolchain-funcs mount-boot

46

+

47

+# Find updates by searching and clicking the first link (hopefully it's the one):

48

+# https://www.intel.com/content/www/us/en/search.html?keyword=Processor+Microcode+Data+File

49

+

50

+COLLECTION_SNAPSHOT="${PV##*_p}"

51

+INTEL_SNAPSHOT="${PV/_p*}"

52

+NUM="28087"

53

+DESCRIPTION="Intel IA32/IA64 microcode update data"

54

+HOMEPAGE="http://inertiawar.com/microcode/ https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=${NUM}"

55

+SRC_URI="https://downloadmirror.intel.com/${NUM}/eng/microcode-${INTEL_SNAPSHOT}.tgz

56

+	https://dev.gentoo.org/~whissi/dist/intel-microcode/intel-microcode-collection-${COLLECTION_SNAPSHOT}.tar.xz"

57

+

58

+LICENSE="intel-ucode"

59

+SLOT="0"

60

+KEYWORDS="-* ~amd64 ~x86"

61

+IUSE="hostonly initramfs +split-ucode vanilla"

62

+REQUIRED_USE="|| ( initramfs split-ucode )"

63

+

64

+DEPEND="sys-apps/iucode_tool"

65

+

66

+# !<sys-apps/microcode-ctl-1.17-r2 due to bug #268586

67

+RDEPEND="hostonly? ( sys-apps/iucode_tool )"

68

+

69

+RESTRICT="binchecks bindist mirror strip"

70

+

71

+S=${WORKDIR}

72

+

73

+# Blacklist bad microcode here.

74

+# 0x000406f1 aka 06-4f-01 aka CPUID 406F1 require newer microcode loader

75

+MICROCODE_BLACKLIST_DEFAULT="-s !0x000406f1"

76

+MICROCODE_BLACKLIST="${MICROCODE_BLACKLIST:=${MICROCODE_BLACKLIST_DEFAULT}}"

77

+

78

+# In case we want to set some defaults ...

79

+MICROCODE_SIGNATURES_DEFAULT=""

80

+

81

+# Advanced users only:

82

+# merge with:

83

+# only current CPU: MICROCODE_SIGNATURES="-S"

84

+# only specific CPU: MICROCODE_SIGNATURES="-s 0x00000f4a -s 0x00010676"

85

+# exclude specific CPU: MICROCODE_SIGNATURES="-s !0x00000686"

86

+MICROCODE_SIGNATURES="${MICROCODE_SIGNATURES:=${MICROCODE_SIGNATURES_DEFAULT}}"

87

+

88

+pkg_pretend() {

89

+	use initramfs && mount-boot_pkg_pretend

90

+}

91

+

92

+src_prepare() {

93

+	default

94

+

95

+	# Prevent "invalid file format" errors from iucode_tool

96

+	rm -f "${S}"/intel-ucod*/list || die

97

+}

98

+

99

+src_install() {

100

+	# This will take ALL of the upstream microcode sources:

101

+	# - microcode.dat

102

+	# - intel-ucode/

103

+	# In some cases, they have not contained the same content (eg the directory has newer stuff).

104

+	MICROCODE_SRC=(

105

+		"${S}"/intel-ucode/

106

+		"${S}"/intel-ucode-with-caveats/

107

+	)

108

+

109

+	# Allow users who are scared about microcode updates not included in Intel's official

110

+	# microcode tarball to opt-out and comply with Intel marketing

111

+	if ! use vanilla; then

112

+		MICROCODE_SRC+=( "${S}"/intel-microcode-collection-${COLLECTION_SNAPSHOT} )

113

+	fi

114

+

115

+	opts=(

116

+		${MICROCODE_BLACKLIST}

117

+		${MICROCODE_SIGNATURES}

118

+		# be strict about what we are doing

119

+		--overwrite

120

+		--strict-checks

121

+		--no-ignore-broken

122

+		# we want to install latest version

123

+		--no-downgrade

124

+		# show everything we find

125

+		--list-all

126

+		# show what we selected

127

+		--list

128

+	)

129

+

130

+	# The earlyfw cpio needs to be in /boot because it must be loaded before

131

+	# rootfs is mounted.

132

+	use initramfs && dodir /boot && opts+=( --write-earlyfw="${ED%/}"/boot/intel-uc.img )

133

+	# split location (we use a temporary location so that we are able

134

+	# to re-run iucode_tool in pkg_preinst; use keepdir instead of dodir to carry

135

+	# this folder to pkg_preinst to avoid an error even if no microcode was selected):

136

+	keepdir /tmp/intel-ucode && opts+=( --write-firmware="${ED%/}"/tmp/intel-ucode )

137

+

138

+	iucode_tool \

139

+		"${opts[@]}" \

140

+		"${MICROCODE_SRC[@]}" \

141

+		|| die "iucode_tool ${opts[@]} ${MICROCODE_SRC[@]}"

142

+

143

+	dodoc releasenote

144

+

145

+	# Record how package was created so we can show this in build.log

146

+	# even for binary packages.

147

+	if [[ "${MICROCODE_BLACKLIST}" != "${MICROCODE_BLACKLIST_DEFAULT}" ]]; then

148

+		echo ${MICROCODE_BLACKLIST} > "${ED%/}/tmp/.blacklist_altered" || die "Failed to add marker that MICROCODE_BLACKLIST variable was used"

149

+	fi

150

+

151

+	if [[ "${MICROCODE_SIGNATURES}" != "${MICROCODE_SIGNATURES_DEFAULT}" ]]; then

152

+		echo ${MICROCODE_SIGNATURES} > "${ED%/}/tmp/.signatures_altered" || die "Failed to add marker that MICROCODE_SIGNATURES variable was used"

153

+	fi

154

+}

155

+

156

+pkg_preinst() {

157

+	if [[ -f "${ED%/}/tmp/.blacklist_altered" ]]; then

158

+		local _recorded_MICROCODE_BLACKLIST_value=$(cat "${ED%/}/tmp/.blacklist_altered")

159

+		ewarn "MICROCODE_BLACKLIST is set to \"${_recorded_MICROCODE_BLACKLIST_value}\" instead of default \"${MICROCODE_BLACKLIST_DEFAULT}\". You are on your own!"

160

+	fi

161

+

162

+	if [[ -f "${ED%/}/tmp/.signatures_altered" ]]; then

163

+		local _recorded_MICROCODE_SIGNATURES_value=$(cat "${ED%/}/tmp/.signatures_altered")

164

+		ewarn "Package was created using advanced options:"

165

+		ewarn "MICROCODE_SIGNATURES is set to \"${_recorded_MICROCODE_SIGNATURES_value}\" instead of default \"${MICROCODE_SIGNATURES_DEFAULT}\"!"

166

+	fi

167

+

168

+	# Make sure /boot is available if needed.

169

+	use initramfs && mount-boot_pkg_preinst

170

+

171

+	local _initramfs_file="${ED%/}/boot/intel-uc.img"

172

+	local _ucode_dir="${ED%/}/lib/firmware/intel-ucode"

173

+

174

+	if use hostonly; then

175

+		# While this output looks redundant we do this check to detect

176

+		# rare cases where iucode_tool was unable to detect system's processor(s).

177

+		local _detected_processors=$(iucode_tool --scan-system 2>&1)

178

+		if [[ -z "${_detected_processors}" ]]; then

179

+			ewarn "Looks like iucode_tool was unable to detect any processor!"

180

+		else

181

+			einfo "Only installing ucode(s) for ${_detected_processors#iucode_tool: system has } due to USE=hostonly ..."

182

+		fi

183

+

184

+		opts=(

185

+			--scan-system

186

+			# be strict about what we are doing

187

+			--overwrite

188

+			--strict-checks

189

+			--no-ignore-broken

190

+			# we want to install latest version

191

+			--no-downgrade

192

+			# show everything we find

193

+			--list-all

194

+			# show what we selected

195

+			--list

196

+		)

197

+

198

+		# The earlyfw cpio needs to be in /boot because it must be loaded before

199

+		# rootfs is mounted.

200

+		use initramfs && opts+=( --write-earlyfw=${_initramfs_file} )

201

+		# split location:

202

+		use split-ucode && dodir /lib/firmware/intel-ucode && opts+=( --write-firmware=${_ucode_dir} )

203

+

204

+		iucode_tool \

205

+			"${opts[@]}" \

206

+			"${ED%/}"/tmp/intel-ucode \

207

+			|| die "iucode_tool ${opts[@]} ${ED%/}/tmp/intel-ucode"

208

+

209

+	else

210

+		if use split-ucode; then

211

+			# Temporary /tmp/intel-ucode will become final /lib/firmware/intel-ucode ...

212

+			dodir /lib/firmware

213

+			mv "${ED%/}/tmp/intel-ucode" "${ED%/}/lib/firmware" || die "Failed to install splitted ucodes!"

214

+		fi

215

+	fi

216

+

217

+	# Because it is possible that this package will install not one single file

218

+	# due to user selection which is still somehow unexpected we add the following

219

+	# check to inform user so that the user has at least a chance to detect

220

+	# a problem/invalid select.

221

+	local _has_installed_something=

222

+	if use initramfs && [[ -s "${_initramfs_file}" ]]; then

223

+		_has_installed_something="yes"

224

+	elif use split-ucode; then

225

+		_has_installed_something=$(find "${_ucode_dir}" -maxdepth 0 -not -empty -exec echo yes \;)

226

+	fi

227

+

228

+	if use hostonly && [[ -n "${_has_installed_something}" ]]; then

229

+		elog "You only installed ucode(s) for all currently available (=online)"

230

+		elog "processor(s). Remember to re-emerge this package whenever you"

231

+		elog "change the system's processor model."

232

+		elog ""

233

+	elif [[ -z "${_has_installed_something}" ]]; then

234

+		ewarn "WARNING:"

235

+		if [[ -f "${ED%/}/tmp/.signatures_altered" ]]; then

236

+			ewarn "No ucode was installed! Because you have created this package"

237

+			ewarn "using MICROCODE_SIGNATURES variable please double check if you"

238

+			ewarn "have an invalid select."

239

+			ewarn "It's rare but it is also possible that just no ucode update"

240

+			ewarn "is available for your processor(s). In this case it is safe"

241

+			ewarn "to ignore this warning."

242

+		else

243

+			ewarn "No ucode was installed! It's rare but it is also possible"

244

+			ewarn "that just no ucode update is available for your processor(s)."

245

+			ewarn "In this case it is safe to ignore this warning."

246

+		fi

247

+

248

+		ewarn ""

249

+

250

+		if use hostonly; then

251

+			ewarn "Unset \"hostonly\" USE flag to install all available ucodes."

252

+			ewarn ""

253

+		fi

254

+	fi

255

+

256

+	# Cleanup any temporary leftovers so that we don't merge any

257

+	# unneeded files on disk.

258

+	rm -r "${ED%/}/tmp" || die "Failed to cleanup '${ED%/}/tmp'"

259

+}

260

+

261

+pkg_prerm() {

262

+	# Make sure /boot is mounted so that we can remove /boot/intel-uc.img!

263

+	use initramfs && mount-boot_pkg_prerm

264

+}

265

+

266

+pkg_postrm() {

267

+	# Don't forget to umount /boot if it was previously mounted by us.

268

+	use initramfs && mount-boot_pkg_postrm

269

+}

270

+

271

+pkg_postinst() {

272

+	# Don't forget to umount /boot if it was previously mounted by us.

273

+	use initramfs && mount-boot_pkg_postinst

274

+

275

+	# We cannot give detailed information if user is affected or not:

276

+	# If MICROCODE_BLACKLIST wasn't modified, user can still use MICROCODE_SIGNATURES

277

+	# to to force a specific, otherwise blacklisted, microcode. So we

278

+	# only show a generic warning based on running kernel version:

279

+	if kernel_is -lt 4 14 34; then

280

+		ewarn "${P} contains microcode updates which require"

281

+		ewarn "additional kernel patches which aren't yet included in kernel <4.14.34."

282

+		ewarn "Loading such a microcode through kernel interface from an unpatched kernel"

283

+		ewarn "can crash your system!"

284

+		ewarn ""

285

+		ewarn "Those microcodes are blacklisted per default. However, if you have altered"

286

+		ewarn "MICROCODE_BLACKLIST or MICROCODE_SIGNATURES, you maybe have unintentionally"

287

+		ewarn "re-enabled those microcodes...!"

288

+		ewarn ""

289

+		ewarn "Check \"${EROOT%/}/usr/share/doc/${PN}-*/releasenot*\" if your microcode update"

290

+		ewarn "requires additional kernel patches or not."

291

+	fi

292

+}

1	commit: 18ccb7f1533c05dd92085fb2c176154700afecfa
2	Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3	AuthorDate: Mon Sep 24 14:28:49 2018 +0000
4	Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5	CommitDate: Mon Sep 24 14:28:56 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18ccb7f1
7
8	sys-firmware/intel-microcode: bump
9
10	- New microcode:
11
12	sig 0x000806e9, pf_mask 0x10, 2018-06-26, rev 0x0098
13
14	- Updated microcodes:
15
16	sig 0x00050655, pf_mask 0xb7, 2018-03-14, rev 0x3000009 -> 2018-04-27, rev 0x300000b
17	sig 0x000706a1, pf_mask 0x01, 2018-05-22, rev 0x0028 -> 2018-07-25, rev 0x002a
18
19	Package-Manager: Portage-2.3.50, Repoman-2.3.11
20
21	sys-firmware/intel-microcode/Manifest \| 1 +
22	.../intel-microcode-20180807a_p20180922.ebuild \| 253 +++++++++++++++++++++
23	2 files changed, 254 insertions(+)
24
25	diff --git a/sys-firmware/intel-microcode/Manifest b/sys-firmware/intel-microcode/Manifest
26	index 2730dbac48e..b865a5e6ce6 100644
27	--- a/sys-firmware/intel-microcode/Manifest
28	+++ b/sys-firmware/intel-microcode/Manifest
29	@@ -1,2 +1,3 @@
30	DIST intel-microcode-collection-20180916.tar.xz 4414792 BLAKE2B e0dee0ef27e5d5460a4856b73a0a3940e563b649912f648cf45c109404666b7ebffb3bcce900f2eb48502b8ef2f0410cdde39eb478879e79cca4414f326c6947 SHA512 ac1964cbaffdf8a5e42ea80fd6898583f3f97a3163b0b661bcc0a83f6a1e9ba0c0a22bc79b8aadb759e5d02f77d2e2c04bd16c8811a277eb261a9a5e3bae3761
31	+DIST intel-microcode-collection-20180922.tar.xz 4506768 BLAKE2B c985c20e01ab171637bf8acbab912a802608681a7f62779a63cd4218008435638c06452fef157d26ff6295dbee963827493dd85fb31b6e2b8e447158eb55d9f9 SHA512 08d38e25d02a45cbc2272c440e64255dbaac90efc67dd241f8e329c84eff2baab38236ee97a52e3803ecbc87a751d1d44f08a18288fba52cbbf916390d461646
32	DIST microcode-20180807a.tgz 1628061 BLAKE2B a6b5a07596a0b1687efb95c207b2194865b2f975cc0d761a687d5b9d8fea63e777eb73373113f356a18592fd53651cf37d044d4e98cdfe6b306393b54ac06129 SHA512 3cd6794a5ce26e86f7b644e523ba978699316046e593da215b73b17c4b43049ac4a81636e2ce3e727d06c2efbac98657764aa3ff355edb429127585bb49a9b10
33
34	diff --git a/sys-firmware/intel-microcode/intel-microcode-20180807a_p20180922.ebuild b/sys-firmware/intel-microcode/intel-microcode-20180807a_p20180922.ebuild
35	new file mode 100644
36	index 00000000000..42757b59066
37	--- /dev/null
38	+++ b/sys-firmware/intel-microcode/intel-microcode-20180807a_p20180922.ebuild
39	@@ -0,0 +1,253 @@
40	+# Copyright 1999-2018 Gentoo Authors
41	+# Distributed under the terms of the GNU General Public License v2
42	+
43	+EAPI="6"
44	+
45	+inherit linux-info toolchain-funcs mount-boot
46	+
47	+# Find updates by searching and clicking the first link (hopefully it's the one):
48	+# https://www.intel.com/content/www/us/en/search.html?keyword=Processor+Microcode+Data+File
49	+
50	+COLLECTION_SNAPSHOT="${PV##*_p}"
51	+INTEL_SNAPSHOT="${PV/_p*}"
52	+NUM="28087"
53	+DESCRIPTION="Intel IA32/IA64 microcode update data"
54	+HOMEPAGE="http://inertiawar.com/microcode/ https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=${NUM}"
55	+SRC_URI="https://downloadmirror.intel.com/${NUM}/eng/microcode-${INTEL_SNAPSHOT}.tgz
56	+ https://dev.gentoo.org/~whissi/dist/intel-microcode/intel-microcode-collection-${COLLECTION_SNAPSHOT}.tar.xz"
57	+
58	+LICENSE="intel-ucode"
59	+SLOT="0"
60	+KEYWORDS="-* ~amd64 ~x86"
61	+IUSE="hostonly initramfs +split-ucode vanilla"
62	+REQUIRED_USE="\|\| ( initramfs split-ucode )"
63	+
64	+DEPEND="sys-apps/iucode_tool"
65	+
66	+# !<sys-apps/microcode-ctl-1.17-r2 due to bug #268586
67	+RDEPEND="hostonly? ( sys-apps/iucode_tool )"
68	+
69	+RESTRICT="binchecks bindist mirror strip"
70	+
71	+S=${WORKDIR}
72	+
73	+# Blacklist bad microcode here.
74	+# 0x000406f1 aka 06-4f-01 aka CPUID 406F1 require newer microcode loader
75	+MICROCODE_BLACKLIST_DEFAULT="-s !0x000406f1"
76	+MICROCODE_BLACKLIST="${MICROCODE_BLACKLIST:=${MICROCODE_BLACKLIST_DEFAULT}}"
77	+
78	+# In case we want to set some defaults ...
79	+MICROCODE_SIGNATURES_DEFAULT=""
80	+
81	+# Advanced users only:
82	+# merge with:
83	+# only current CPU: MICROCODE_SIGNATURES="-S"
84	+# only specific CPU: MICROCODE_SIGNATURES="-s 0x00000f4a -s 0x00010676"
85	+# exclude specific CPU: MICROCODE_SIGNATURES="-s !0x00000686"
86	+MICROCODE_SIGNATURES="${MICROCODE_SIGNATURES:=${MICROCODE_SIGNATURES_DEFAULT}}"
87	+
88	+pkg_pretend() {
89	+ use initramfs && mount-boot_pkg_pretend
90	+}
91	+
92	+src_prepare() {
93	+ default
94	+
95	+ # Prevent "invalid file format" errors from iucode_tool
96	+ rm -f "${S}"/intel-ucod*/list \|\| die
97	+}
98	+
99	+src_install() {
100	+ # This will take ALL of the upstream microcode sources:
101	+ # - microcode.dat
102	+ # - intel-ucode/
103	+ # In some cases, they have not contained the same content (eg the directory has newer stuff).
104	+ MICROCODE_SRC=(
105	+ "${S}"/intel-ucode/
106	+ "${S}"/intel-ucode-with-caveats/
107	+ )
108	+
109	+ # Allow users who are scared about microcode updates not included in Intel's official
110	+ # microcode tarball to opt-out and comply with Intel marketing
111	+ if ! use vanilla; then
112	+ MICROCODE_SRC+=( "${S}"/intel-microcode-collection-${COLLECTION_SNAPSHOT} )
113	+ fi
114	+
115	+ opts=(
116	+ ${MICROCODE_BLACKLIST}
117	+ ${MICROCODE_SIGNATURES}
118	+ # be strict about what we are doing
119	+ --overwrite
120	+ --strict-checks
121	+ --no-ignore-broken
122	+ # we want to install latest version
123	+ --no-downgrade
124	+ # show everything we find
125	+ --list-all
126	+ # show what we selected
127	+ --list
128	+ )
129	+
130	+ # The earlyfw cpio needs to be in /boot because it must be loaded before
131	+ # rootfs is mounted.
132	+ use initramfs && dodir /boot && opts+=( --write-earlyfw="${ED%/}"/boot/intel-uc.img )
133	+ # split location (we use a temporary location so that we are able
134	+ # to re-run iucode_tool in pkg_preinst; use keepdir instead of dodir to carry
135	+ # this folder to pkg_preinst to avoid an error even if no microcode was selected):
136	+ keepdir /tmp/intel-ucode && opts+=( --write-firmware="${ED%/}"/tmp/intel-ucode )
137	+
138	+ iucode_tool \
139	+ "${opts[@]}" \
140	+ "${MICROCODE_SRC[@]}" \
141	+ \|\| die "iucode_tool ${opts[@]} ${MICROCODE_SRC[@]}"
142	+
143	+ dodoc releasenote
144	+
145	+ # Record how package was created so we can show this in build.log
146	+ # even for binary packages.
147	+ if [[ "${MICROCODE_BLACKLIST}" != "${MICROCODE_BLACKLIST_DEFAULT}" ]]; then
148	+ echo ${MICROCODE_BLACKLIST} > "${ED%/}/tmp/.blacklist_altered" \|\| die "Failed to add marker that MICROCODE_BLACKLIST variable was used"
149	+ fi
150	+
151	+ if [[ "${MICROCODE_SIGNATURES}" != "${MICROCODE_SIGNATURES_DEFAULT}" ]]; then
152	+ echo ${MICROCODE_SIGNATURES} > "${ED%/}/tmp/.signatures_altered" \|\| die "Failed to add marker that MICROCODE_SIGNATURES variable was used"
153	+ fi
154	+}
155	+
156	+pkg_preinst() {
157	+ if [[ -f "${ED%/}/tmp/.blacklist_altered" ]]; then
158	+ local _recorded_MICROCODE_BLACKLIST_value=$(cat "${ED%/}/tmp/.blacklist_altered")
159	+ ewarn "MICROCODE_BLACKLIST is set to \"${_recorded_MICROCODE_BLACKLIST_value}\" instead of default \"${MICROCODE_BLACKLIST_DEFAULT}\". You are on your own!"
160	+ fi
161	+
162	+ if [[ -f "${ED%/}/tmp/.signatures_altered" ]]; then
163	+ local _recorded_MICROCODE_SIGNATURES_value=$(cat "${ED%/}/tmp/.signatures_altered")
164	+ ewarn "Package was created using advanced options:"
165	+ ewarn "MICROCODE_SIGNATURES is set to \"${_recorded_MICROCODE_SIGNATURES_value}\" instead of default \"${MICROCODE_SIGNATURES_DEFAULT}\"!"
166	+ fi
167	+
168	+ # Make sure /boot is available if needed.
169	+ use initramfs && mount-boot_pkg_preinst
170	+
171	+ local _initramfs_file="${ED%/}/boot/intel-uc.img"
172	+ local _ucode_dir="${ED%/}/lib/firmware/intel-ucode"
173	+
174	+ if use hostonly; then
175	+ # While this output looks redundant we do this check to detect
176	+ # rare cases where iucode_tool was unable to detect system's processor(s).
177	+ local _detected_processors=$(iucode_tool --scan-system 2>&1)
178	+ if [[ -z "${_detected_processors}" ]]; then
179	+ ewarn "Looks like iucode_tool was unable to detect any processor!"
180	+ else
181	+ einfo "Only installing ucode(s) for ${_detected_processors#iucode_tool: system has } due to USE=hostonly ..."
182	+ fi
183	+
184	+ opts=(
185	+ --scan-system
186	+ # be strict about what we are doing
187	+ --overwrite
188	+ --strict-checks
189	+ --no-ignore-broken
190	+ # we want to install latest version
191	+ --no-downgrade
192	+ # show everything we find
193	+ --list-all
194	+ # show what we selected
195	+ --list
196	+ )
197	+
198	+ # The earlyfw cpio needs to be in /boot because it must be loaded before
199	+ # rootfs is mounted.
200	+ use initramfs && opts+=( --write-earlyfw=${_initramfs_file} )
201	+ # split location:
202	+ use split-ucode && dodir /lib/firmware/intel-ucode && opts+=( --write-firmware=${_ucode_dir} )
203	+
204	+ iucode_tool \
205	+ "${opts[@]}" \
206	+ "${ED%/}"/tmp/intel-ucode \
207	+ \|\| die "iucode_tool ${opts[@]} ${ED%/}/tmp/intel-ucode"
208	+
209	+ else
210	+ if use split-ucode; then
211	+ # Temporary /tmp/intel-ucode will become final /lib/firmware/intel-ucode ...
212	+ dodir /lib/firmware
213	+ mv "${ED%/}/tmp/intel-ucode" "${ED%/}/lib/firmware" \|\| die "Failed to install splitted ucodes!"
214	+ fi
215	+ fi
216	+
217	+ # Because it is possible that this package will install not one single file
218	+ # due to user selection which is still somehow unexpected we add the following
219	+ # check to inform user so that the user has at least a chance to detect
220	+ # a problem/invalid select.
221	+ local _has_installed_something=
222	+ if use initramfs && [[ -s "${_initramfs_file}" ]]; then
223	+ _has_installed_something="yes"
224	+ elif use split-ucode; then
225	+ _has_installed_something=$(find "${_ucode_dir}" -maxdepth 0 -not -empty -exec echo yes \;)
226	+ fi
227	+
228	+ if use hostonly && [[ -n "${_has_installed_something}" ]]; then
229	+ elog "You only installed ucode(s) for all currently available (=online)"
230	+ elog "processor(s). Remember to re-emerge this package whenever you"
231	+ elog "change the system's processor model."
232	+ elog ""
233	+ elif [[ -z "${_has_installed_something}" ]]; then
234	+ ewarn "WARNING:"
235	+ if [[ -f "${ED%/}/tmp/.signatures_altered" ]]; then
236	+ ewarn "No ucode was installed! Because you have created this package"
237	+ ewarn "using MICROCODE_SIGNATURES variable please double check if you"
238	+ ewarn "have an invalid select."
239	+ ewarn "It's rare but it is also possible that just no ucode update"
240	+ ewarn "is available for your processor(s). In this case it is safe"
241	+ ewarn "to ignore this warning."
242	+ else
243	+ ewarn "No ucode was installed! It's rare but it is also possible"
244	+ ewarn "that just no ucode update is available for your processor(s)."
245	+ ewarn "In this case it is safe to ignore this warning."
246	+ fi
247	+
248	+ ewarn ""
249	+
250	+ if use hostonly; then
251	+ ewarn "Unset \"hostonly\" USE flag to install all available ucodes."
252	+ ewarn ""
253	+ fi
254	+ fi
255	+
256	+ # Cleanup any temporary leftovers so that we don't merge any
257	+ # unneeded files on disk.
258	+ rm -r "${ED%/}/tmp" \|\| die "Failed to cleanup '${ED%/}/tmp'"
259	+}
260	+
261	+pkg_prerm() {
262	+ # Make sure /boot is mounted so that we can remove /boot/intel-uc.img!
263	+ use initramfs && mount-boot_pkg_prerm
264	+}
265	+
266	+pkg_postrm() {
267	+ # Don't forget to umount /boot if it was previously mounted by us.
268	+ use initramfs && mount-boot_pkg_postrm
269	+}
270	+
271	+pkg_postinst() {
272	+ # Don't forget to umount /boot if it was previously mounted by us.
273	+ use initramfs && mount-boot_pkg_postinst
274	+
275	+ # We cannot give detailed information if user is affected or not:
276	+ # If MICROCODE_BLACKLIST wasn't modified, user can still use MICROCODE_SIGNATURES
277	+ # to to force a specific, otherwise blacklisted, microcode. So we
278	+ # only show a generic warning based on running kernel version:
279	+ if kernel_is -lt 4 14 34; then
280	+ ewarn "${P} contains microcode updates which require"
281	+ ewarn "additional kernel patches which aren't yet included in kernel <4.14.34."
282	+ ewarn "Loading such a microcode through kernel interface from an unpatched kernel"
283	+ ewarn "can crash your system!"
284	+ ewarn ""
285	+ ewarn "Those microcodes are blacklisted per default. However, if you have altered"
286	+ ewarn "MICROCODE_BLACKLIST or MICROCODE_SIGNATURES, you maybe have unintentionally"
287	+ ewarn "re-enabled those microcodes...!"
288	+ ewarn ""
289	+ ewarn "Check \"${EROOT%/}/usr/share/doc/${PN}-/releasenot\" if your microcode update"
290	+ ewarn "requires additional kernel patches or not."
291	+ fi
292	+}

Gentoo Archives: gentoo-commits