[gentoo-commits] repo/gentoo:master commit in: app-emulation/xen/ - gentoo-commits

From:	Ian Delaney <idella4@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: app-emulation/xen/
Date:	Fri, 19 Feb 2016 16:08:52
Message-Id:	`1455898114.9cdacdabd74f26b5141fc0a329f64fd5788267d5.idella4@gentoo`

1

commit:     9cdacdabd74f26b5141fc0a329f64fd5788267d5

2

Author:     Ian Delaney <idella4 <AT> gentoo <DOT> org>

3

AuthorDate: Fri Feb 19 13:41:02 2016 +0000

4

Commit:     Ian Delaney <idella4 <AT> gentoo <DOT> org>

5

CommitDate: Fri Feb 19 16:08:34 2016 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9cdacdab

7

8

app-emulation/xen: revbumps; 4.5.2-r5, 4.6.0-r9

9

10

add sec patches xsa170 wrt the security bug

11

12

Gentoo bug: #574012

13

14

Package-Manager: portage-2.2.26

15

16

 app-emulation/xen/Manifest            |   2 +

17

 app-emulation/xen/xen-4.5.2-r5.ebuild | 192 +++++++++++++++++++++++++++++++++

18

 app-emulation/xen/xen-4.6.0-r9.ebuild | 197 ++++++++++++++++++++++++++++++++++

19

 3 files changed, 391 insertions(+)

20

21

diff --git a/app-emulation/xen/Manifest b/app-emulation/xen/Manifest

22

index 09ead71..645c102 100644

23

--- a/app-emulation/xen/Manifest

24

+++ b/app-emulation/xen/Manifest

25

@@ -5,4 +5,6 @@ DIST xen-4.6.1.tar.gz 19693042 SHA256 44cc2fccba1e147ef4c8da0584ce0f24189c8743de

26

 DIST xen-security-patches-0.tar.xz 5944 SHA256 c0456793064185f0781668264a09a2412a25e2ff8c4ce0d332204e37b94d7e96 SHA512 de812e66563e608548b220aa00c8fd71973af748a00cea79959f46a5b6893a38248d2ea455026af43f47e3f5e566d08b5a6f3d18f22e940d75d2a2ca76cec3d3 WHIRLPOOL 3e18d32798bdfe584ee8d102963090b569ec3660fd5723d8c608091e5c7d935c1edced5e258d92bf51fe06975455a3ae33dfedd01702c6076aedf97ea61f2d1b

27

 DIST xen-security-patches-5.tar.gz 8716 SHA256 afd114f2cb1b623ac1709d75c771006f91b5b2a0a0695f4da3d6aa6f6b340d9f SHA512 f2276759cb418e252052701f5e41e626e1d232098bd7e393e7e58286d356ef33f249c2f9d7b5b1219279de7c4c66832f0d4f761d36bc51e7c10cea973dd9882e WHIRLPOOL 18cb29a0fde10f1bac698c577713db1307c02408778b5d128a4f017ae8be6fba893feb9b8f09fe2d8164dc761d136190d1dbee8a3eb4caa35d8bf976a498d405

28

 DIST xen-security-patches-6.tar.gz 8308 SHA256 b0dc1df6b27073a83b12a17a04a01e74af8c19a1c96d9dda580bb738eaab25f3 SHA512 b9155eef3f18e47288a6a6bb570a073d4c84449fe11fbac4c35cceaa4f7c06624597f63a8768bddd735c345b8c430aeee18b71f43e9b188de3cfa0cbf608dc0a WHIRLPOOL 9933ed07a2419170070a9eedfda200ec5ebef67b6b98c1b435793008c126347cdc8c0ef9ff2cb4fe0b7333ff51211545a3fe2ff726ca7c22d46f231d6d1e82aa

29

+DIST xen-security-patches-8.tar.gz 9416 SHA256 3c0e6e8428f1890c8dda72ac94244fa3d6611b3612ef59ffed29b59481806a12 SHA512 f5ee325a8b25079ea256cb5a2e039e6738dee999be6d9d91ade875663c36f72a086bcb0bd1bb243483afb921da401c5d7453fea7405323fdaf8cf6e06a221049 WHIRLPOOL c30f14bb8a1a3ad22a962d4050027fa89a373f742c3eb7a161e1490beb186c6221f24247cd84b07e7f266c38aae6ef386f2e4db29a4b43cceaaaa54b644bb4f1

30

+DIST xen-security-patches-9.tar.gz 9793 SHA256 2167d7bc2a631cf13d5b49c9577dbc8d128517e8ecbf90ef85c38f52ab3187aa SHA512 42f4997f35cc06333584a9a3c65366493094b60a6c67928b6165f3fb7d35d3a8f9dc0c3eadd4522de0d99bcc8511afba1d5e543396399b37983eb547abedca44 WHIRLPOOL 8abb68b4ac10fbc2b590c8a29cd2474d5392d3958542dad7f21ba4ad51c7541bb1686ed2629323e214c3e72b0de7212f25a4681f653d4179404c9f4c53e3d83a

31

 DIST xen-upstream-patches-0.tar.gz 2297 SHA256 bf21272ad029391d30bf31896efcadc75267538f6c7de5d239453f19659d58ee SHA512 3f5d60aaebd181bddab4dd02e0064de2f75672f44a687a7331fa40e81d56763fea84504081a449d11403b21ad0ba2dac075f0b1796809ef8d16e244f6be99e3d WHIRLPOOL 4ebe79c8f2ea1c45e88e59941e477ed5639dbca3fe95c9a67e07afb0f4b6fb8b7fea8e58422d7c8f906299e4f37c14b4db15200997e5a92b647df98fa93e10c7

32

33

diff --git a/app-emulation/xen/xen-4.5.2-r5.ebuild b/app-emulation/xen/xen-4.5.2-r5.ebuild

34

new file mode 100644

35

index 0000000..7e17547

36

--- /dev/null

37

+++ b/app-emulation/xen/xen-4.5.2-r5.ebuild

38

@@ -0,0 +1,192 @@

39

+# Copyright 1999-2016 Gentoo Foundation

40

+# Distributed under the terms of the GNU General Public License v2

41

+# $Id$

42

+

43

+EAPI=5

44

+

45

+PYTHON_COMPAT=( python2_7 )

46

+

47

+inherit eutils multilib mount-boot flag-o-matic python-any-r1 toolchain-funcs

48

+

49

+MY_PV=${PV/_/-}

50

+MY_P=${PN}-${PV/_/-}

51

+

52

+if [[ $PV == *9999 ]]; then

53

+	inherit git-r3

54

+	KEYWORDS=""

55

+	EGIT_REPO_URI="git://xenbits.xen.org/${PN}.git"

56

+	SRC_URI=""

57

+else

58

+	KEYWORDS="~amd64 ~arm ~arm64 -x86"

59

+	UPSTREAM_VER=

60

+	SECURITY_VER=0

61

+	# var set to reflect https://dev.gentoo.org/~idella4/

62

+	SEC_VER=8

63

+	GENTOO_VER=

64

+

65

+	[[ -n ${UPSTREAM_VER} ]] && \

66

+		UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz"

67

+	[[ -n ${SECURITY_VER} ]] && \

68

+		SECURITY_PATCHSET_URI="https://dev.gentoo.org/~idella4/distfiles/${PN/-tools}-security-patches-${SECURITY_VER}.tar.xz

69

+		https://dev.gentoo.org/~idella4/distfiles/${PN/-tools}-security-patches-${SEC_VER}.tar.gz"

70

+	[[ -n ${GENTOO_VER} ]] && \

71

+		GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-gentoo-patches-${GENTOO_VER}.tar.xz"

72

+	SRC_URI="http://bits.xensource.com/oss-xen/release/${MY_PV}/${MY_P}.tar.gz

73

+		${UPSTREAM_PATCHSET_URI}

74

+		${SECURITY_PATCHSET_URI}

75

+		${GENTOO_PATCHSET_URI}"

76

+

77

+fi

78

+

79

+DESCRIPTION="The Xen virtual machine monitor"

80

+HOMEPAGE="http://xen.org/"

81

+LICENSE="GPL-2"

82

+SLOT="0"

83

+IUSE="custom-cflags debug efi flask xsm"

84

+

85

+DEPEND="${PYTHON_DEPS}

86

+	efi? ( >=sys-devel/binutils-2.22[multitarget] )

87

+	!efi? ( >=sys-devel/binutils-2.22[-multitarget] )"

88

+RDEPEND=""

89

+PDEPEND="~app-emulation/xen-tools-${PV}"

90

+

91

+RESTRICT="test"

92

+

93

+# Approved by QA team in bug #144032

94

+QA_WX_LOAD="boot/xen-syms-${PV}"

95

+

96

+REQUIRED_USE="flask? ( xsm )

97

+	arm? ( debug )"

98

+

99

+S="${WORKDIR}/${MY_P}"

100

+

101

+pkg_setup() {

102

+	python-any-r1_pkg_setup

103

+	if [[ -z ${XEN_TARGET_ARCH} ]]; then

104

+		if use x86 && use amd64; then

105

+			die "Confusion! Both x86 and amd64 are set in your use flags!"

106

+		elif use x86; then

107

+			export XEN_TARGET_ARCH="x86_32"

108

+		elif use amd64; then

109

+			export XEN_TARGET_ARCH="x86_64"

110

+		elif use arm; then

111

+			export XEN_TARGET_ARCH="arm32"

112

+		elif use arm64; then

113

+			export XEN_TARGET_ARCH="arm64"

114

+		else

115

+			die "Unsupported architecture!"

116

+		fi

117

+	fi

118

+

119

+	if use flask ; then

120

+		export "XSM_ENABLE=y"

121

+		export "FLASK_ENABLE=y"

122

+	elif use xsm ; then

123

+		export "XSM_ENABLE=y"

124

+	fi

125

+}

126

+

127

+src_prepare() {

128

+	# Upstream's patchset

129

+	if [[ -n ${UPSTREAM_VER} ]]; then

130

+		EPATCH_SUFFIX="patch" \

131

+		EPATCH_FORCE="yes" \

132

+		EPATCH_OPTS="-p1" \

133

+			epatch "${WORKDIR}"/patches-upstream

134

+	fi

135

+

136

+	if [[ -n ${SECURITY_VER} ]]; then

137

+		einfo "Try to apply Xen Security patcheset"

138

+		# apply main xen patches

139

+		# Two parallel systems, both work side by side

140

+		# Over time they may concdense into one. This will suffice for now

141

+		EPATCH_SUFFIX="patch"

142

+		EPATCH_FORCE="yes"

143

+		for i in ${XEN_SECURITY_MAIN}; do

144

+			epatch "${WORKDIR}"/patches-security/xen/$i

145

+		done

146

+

147

+		for i in "${WORKDIR}"/xen-sec/xsa*.patch; do

148

+			epatch $i

149

+		done

150

+	fi

151

+

152

+	# Gentoo's patchset

153

+	if [[ -n ${GENTOO_VER} ]]; then

154

+		EPATCH_SUFFIX="patch" \

155

+		EPATCH_FORCE="yes" \

156

+			epatch "${WORKDIR}"/patches-gentoo

157

+	fi

158

+

159

+	# Drop .config

160

+	sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk || die "Couldn't	drop"

161

+

162

+	if use efi; then

163

+		epatch "${FILESDIR}"/${PN}-4.5-efi.patch

164

+		export EFI_VENDOR="gentoo"

165

+		export EFI_MOUNTPOINT="boot"

166

+	fi

167

+

168

+	# if the user *really* wants to use their own custom-cflags, let them

169

+	if use custom-cflags; then

170

+		einfo "User wants their own CFLAGS - removing defaults"

171

+		# try and remove all the default custom-cflags

172

+		find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \

173

+			-e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \

174

+			-e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \

175

+			-e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \

176

+			-e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \

177

+			-e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \

178

+			-i {} \; || die "failed to re-set custom-cflags"

179

+	fi

180

+

181

+	# remove -Werror for gcc-4.6's sake

182

+	find "${S}" -name 'Makefile*' -o -name '*.mk' -o -name 'common.make' | \

183

+		xargs sed -i 's/ *-Werror */ /'

184

+	# not strictly necessary to fix this

185

+	sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py"

186

+

187

+	epatch_user

188

+}

189

+

190

+src_configure() {

191

+	use arm && myopt="${myopt} CONFIG_EARLY_PRINTK=sun7i"

192

+

193

+	use debug && myopt="${myopt} debug=y"

194

+

195

+	if use custom-cflags; then

196

+		filter-flags -fPIE -fstack-protector

197

+		replace-flags -O3 -O2

198

+	else

199

+		unset CFLAGS

200

+	fi

201

+}

202

+

203

+src_compile() {

204

+	# Send raw LDFLAGS so that --as-needed works

205

+	emake V=1 CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt}

206

+}

207

+

208

+src_install() {

209

+	local myopt

210

+	use debug && myopt="${myopt} debug=y"

211

+

212

+	# The 'make install' doesn't 'mkdir -p' the subdirs

213

+	if use efi; then

214

+		mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die

215

+	fi

216

+

217

+	emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install

218

+}

219

+

220

+pkg_postinst() {

221

+	elog "Official Xen Guide and the unoffical wiki page:"

222

+	elog " https://wiki.gentoo.org/wiki/Xen"

223

+	elog " http://en.gentoo-wiki.com/wiki/Xen/"

224

+

225

+	use efi && einfo "The efi executable is installed in boot/efi/gentoo"

226

+

227

+	elog "You can optionally block the installation of /boot/xen-syms by an entry"

228

+	elog "in folder /etc/portage/env using the portage's feature INSTALL_MASK"

229

+	elog "e.g. echo ${msg} > /etc/portage/env/xen.conf"

230

+}

231

232

diff --git a/app-emulation/xen/xen-4.6.0-r9.ebuild b/app-emulation/xen/xen-4.6.0-r9.ebuild

233

new file mode 100644

234

index 0000000..b0eaa00

235

--- /dev/null

236

+++ b/app-emulation/xen/xen-4.6.0-r9.ebuild

237

@@ -0,0 +1,197 @@

238

+# Copyright 1999-2016 Gentoo Foundation

239

+# Distributed under the terms of the GNU General Public License v2

240

+# $Id$

241

+

242

+EAPI=5

243

+

244

+PYTHON_COMPAT=( python2_7 )

245

+

246

+inherit eutils multilib mount-boot flag-o-matic python-any-r1 toolchain-funcs

247

+

248

+MY_PV=${PV/_/-}

249

+MY_P=${PN}-${PV/_/-}

250

+

251

+if [[ $PV == *9999 ]]; then

252

+	inherit git-r3

253

+	KEYWORDS=""

254

+	EGIT_REPO_URI="git://xenbits.xen.org/xen.git"

255

+	SRC_URI=""

256

+else

257

+	KEYWORDS="~amd64 ~arm ~arm64 -x86"

258

+	UPSTREAM_VER=0

259

+	SECURITY_VER=0

260

+	# var set to reflect https://dev.gentoo.org/~idella4/

261

+	# first instance of UPS_VER (usptream ver)

262

+	UPS_VER=0

263

+	SEC_VER=9

264

+	GENTOO_VER=

265

+

266

+	[[ -n ${UPSTREAM_VER} ]] && \

267

+		UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz

268

+		https://dev.gentoo.org/~idella4/distfiles/${PN}-upstream-patches-${UPS_VER}.tar.gz"

269

+	[[ -n ${SECURITY_VER} ]] && \

270

+		SECURITY_PATCHSET_URI="https://dev.gentoo.org/~idella4/distfiles/${PN/-tools}-security-patches-${SECURITY_VER}.tar.xz

271

+		https://dev.gentoo.org/~idella4/distfiles/${PN}-security-patches-${SEC_VER}.tar.gz"

272

+	[[ -n ${GENTOO_VER} ]] && \

273

+		GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-gentoo-patches-${GENTOO_VER}.tar.xz"

274

+	SRC_URI="http://bits.xensource.com/oss-xen/release/${MY_PV}/${MY_P}.tar.gz

275

+		${UPSTREAM_PATCHSET_URI}

276

+		${SECURITY_PATCHSET_URI}

277

+		${GENTOO_PATCHSET_URI}"

278

+fi

279

+

280

+DESCRIPTION="The Xen virtual machine monitor"

281

+HOMEPAGE="http://xen.org/"

282

+LICENSE="GPL-2"

283

+SLOT="0"

284

+IUSE="custom-cflags debug efi flask"

285

+

286

+DEPEND="${PYTHON_DEPS}

287

+	efi? ( >=sys-devel/binutils-2.22[multitarget] )

288

+	!efi? ( >=sys-devel/binutils-2.22 )"

289

+RDEPEND=""

290

+PDEPEND="~app-emulation/xen-tools-${PV}"

291

+

292

+# no tests are available for the hypervisor

293

+# prevent the silliness of /usr/lib/debug/usr/lib/debug files

294

+# prevent stripping of the debug info from the /usr/lib/debug/xen-syms

295

+RESTRICT="test splitdebug strip"

296

+

297

+# Approved by QA team in bug #144032

298

+QA_WX_LOAD="boot/xen-syms-${PV}"

299

+

300

+REQUIRED_USE="arm? ( debug )"

301

+

302

+S="${WORKDIR}/${MY_P}"

303

+

304

+pkg_setup() {

305

+	python-any-r1_pkg_setup

306

+	if [[ -z ${XEN_TARGET_ARCH} ]]; then

307

+		if use amd64; then

308

+			export XEN_TARGET_ARCH="x86_64"

309

+		elif use arm; then

310

+			export XEN_TARGET_ARCH="arm32"

311

+		elif use arm64; then

312

+			export XEN_TARGET_ARCH="arm64"

313

+		else

314

+			die "Unsupported architecture!"

315

+		fi

316

+	fi

317

+

318

+	if use flask ; then

319

+		export "XSM_ENABLE=y"

320

+		export "FLASK_ENABLE=y"

321

+	fi

322

+}

323

+

324

+src_prepare() {

325

+	# Upstream's patchset

326

+	if [[ -n ${UPSTREAM_VER} ]]; then

327

+		EPATCH_SUFFIX="patch" \

328

+		EPATCH_FORCE="yes" \

329

+		EPATCH_OPTS="-p1" \

330

+			epatch "${WORKDIR}"/patches-upstream \

331

+				"${WORKDIR}"/libexec.patch

332

+	fi

333

+

334

+	if [[ -n ${SECURITY_VER} ]]; then

335

+		einfo "Try to apply Xen Security patcheset"

336

+		# apply main xen patches

337

+		# Two parallel systems, both work side by side

338

+		# Over time they may concdense into one. This will suffice for now

339

+		EPATCH_SUFFIX="patch"

340

+		EPATCH_FORCE="yes"

341

+		for i in ${XEN_SECURITY_MAIN}; do

342

+			epatch "${WORKDIR}"/patches-security/xen/$i

343

+		done

344

+

345

+		for i in "${WORKDIR}"/xen-sec/xsa*.patch; do

346

+			epatch $i

347

+		done

348

+	fi

349

+

350

+	# Gentoo's patchset

351

+	if [[ -n ${GENTOO_VER} ]]; then

352

+		EPATCH_SUFFIX="patch" \

353

+		EPATCH_FORCE="yes" \

354

+			epatch "${WORKDIR}"/patches-gentoo

355

+	fi

356

+

357

+	epatch "${FILESDIR}"/${PN}-4.6-efi.patch

358

+

359

+	# Drop .config

360

+	sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk || die "Couldn't	drop"

361

+

362

+	if use efi; then

363

+		export EFI_VENDOR="gentoo"

364

+		export EFI_MOUNTPOINT="boot"

365

+	fi

366

+

367

+	# if the user *really* wants to use their own custom-cflags, let them

368

+	if use custom-cflags; then

369

+		einfo "User wants their own CFLAGS - removing defaults"

370

+		# try and remove all the default custom-cflags

371

+		find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \

372

+			-e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \

373

+			-e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \

374

+			-e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \

375

+			-e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \

376

+			-e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \

377

+			-i {} \; || die "failed to re-set custom-cflags"

378

+	fi

379

+

380

+	# remove -Werror for gcc-4.6's sake

381

+	find "${S}" -name 'Makefile*' -o -name '*.mk' -o -name 'common.make' | \

382

+		xargs sed -i 's/ *-Werror */ /'

383

+	# not strictly necessary to fix this

384

+	sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py"

385

+

386

+	epatch_user

387

+}

388

+

389

+src_configure() {

390

+	use arm && myopt="${myopt} CONFIG_EARLY_PRINTK=sun7i"

391

+

392

+	use debug && myopt="${myopt} debug=y"

393

+

394

+	if use custom-cflags; then

395

+		filter-flags -fPIE -fstack-protector

396

+		replace-flags -O3 -O2

397

+	else

398

+		unset CFLAGS

399

+		unset LDFLAGS

400

+		unset ASFLAGS

401

+	fi

402

+}

403

+

404

+src_compile() {

405

+	# Send raw LDFLAGS so that --as-needed works

406

+	emake V=1 CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt}

407

+}

408

+

409

+src_install() {

410

+	local myopt

411

+	use debug && myopt="${myopt} debug=y"

412

+

413

+	# The 'make install' doesn't 'mkdir -p' the subdirs

414

+	if use efi; then

415

+		mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die

416

+	fi

417

+

418

+	emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install

419

+

420

+	# make install likes to throw in some extra EFI bits if it built

421

+	use efi || rm -rf "${D}/usr/$(get_libdir)/efi"

422

+}

423

+

424

+pkg_postinst() {

425

+	elog "Official Xen Guide and the unoffical wiki page:"

426

+	elog " https://wiki.gentoo.org/wiki/Xen"

427

+	elog " http://en.gentoo-wiki.com/wiki/Xen/"

428

+

429

+	use efi && einfo "The efi executable is installed in boot/efi/gentoo"

430

+

431

+	elog "You can optionally block the installation of /boot/xen-syms by an entry"

432

+	elog "in folder /etc/portage/env using the portage's feature INSTALL_MASK"

433

+	elog "e.g. echo ${msg} > /etc/portage/env/xen.conf"

434

+}

1	commit: 9cdacdabd74f26b5141fc0a329f64fd5788267d5
2	Author: Ian Delaney <idella4 <AT> gentoo <DOT> org>
3	AuthorDate: Fri Feb 19 13:41:02 2016 +0000
4	Commit: Ian Delaney <idella4 <AT> gentoo <DOT> org>
5	CommitDate: Fri Feb 19 16:08:34 2016 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9cdacdab
7
8	app-emulation/xen: revbumps; 4.5.2-r5, 4.6.0-r9
9
10	add sec patches xsa170 wrt the security bug
11
12	Gentoo bug: #574012
13
14	Package-Manager: portage-2.2.26
15
16	app-emulation/xen/Manifest \| 2 +
17	app-emulation/xen/xen-4.5.2-r5.ebuild \| 192 +++++++++++++++++++++++++++++++++
18	app-emulation/xen/xen-4.6.0-r9.ebuild \| 197 ++++++++++++++++++++++++++++++++++
19	3 files changed, 391 insertions(+)
20
21	diff --git a/app-emulation/xen/Manifest b/app-emulation/xen/Manifest
22	index 09ead71..645c102 100644
23	--- a/app-emulation/xen/Manifest
24	+++ b/app-emulation/xen/Manifest
25	@@ -5,4 +5,6 @@ DIST xen-4.6.1.tar.gz 19693042 SHA256 44cc2fccba1e147ef4c8da0584ce0f24189c8743de
26	DIST xen-security-patches-0.tar.xz 5944 SHA256 c0456793064185f0781668264a09a2412a25e2ff8c4ce0d332204e37b94d7e96 SHA512 de812e66563e608548b220aa00c8fd71973af748a00cea79959f46a5b6893a38248d2ea455026af43f47e3f5e566d08b5a6f3d18f22e940d75d2a2ca76cec3d3 WHIRLPOOL 3e18d32798bdfe584ee8d102963090b569ec3660fd5723d8c608091e5c7d935c1edced5e258d92bf51fe06975455a3ae33dfedd01702c6076aedf97ea61f2d1b
27	DIST xen-security-patches-5.tar.gz 8716 SHA256 afd114f2cb1b623ac1709d75c771006f91b5b2a0a0695f4da3d6aa6f6b340d9f SHA512 f2276759cb418e252052701f5e41e626e1d232098bd7e393e7e58286d356ef33f249c2f9d7b5b1219279de7c4c66832f0d4f761d36bc51e7c10cea973dd9882e WHIRLPOOL 18cb29a0fde10f1bac698c577713db1307c02408778b5d128a4f017ae8be6fba893feb9b8f09fe2d8164dc761d136190d1dbee8a3eb4caa35d8bf976a498d405
28	DIST xen-security-patches-6.tar.gz 8308 SHA256 b0dc1df6b27073a83b12a17a04a01e74af8c19a1c96d9dda580bb738eaab25f3 SHA512 b9155eef3f18e47288a6a6bb570a073d4c84449fe11fbac4c35cceaa4f7c06624597f63a8768bddd735c345b8c430aeee18b71f43e9b188de3cfa0cbf608dc0a WHIRLPOOL 9933ed07a2419170070a9eedfda200ec5ebef67b6b98c1b435793008c126347cdc8c0ef9ff2cb4fe0b7333ff51211545a3fe2ff726ca7c22d46f231d6d1e82aa
29	+DIST xen-security-patches-8.tar.gz 9416 SHA256 3c0e6e8428f1890c8dda72ac94244fa3d6611b3612ef59ffed29b59481806a12 SHA512 f5ee325a8b25079ea256cb5a2e039e6738dee999be6d9d91ade875663c36f72a086bcb0bd1bb243483afb921da401c5d7453fea7405323fdaf8cf6e06a221049 WHIRLPOOL c30f14bb8a1a3ad22a962d4050027fa89a373f742c3eb7a161e1490beb186c6221f24247cd84b07e7f266c38aae6ef386f2e4db29a4b43cceaaaa54b644bb4f1
30	+DIST xen-security-patches-9.tar.gz 9793 SHA256 2167d7bc2a631cf13d5b49c9577dbc8d128517e8ecbf90ef85c38f52ab3187aa SHA512 42f4997f35cc06333584a9a3c65366493094b60a6c67928b6165f3fb7d35d3a8f9dc0c3eadd4522de0d99bcc8511afba1d5e543396399b37983eb547abedca44 WHIRLPOOL 8abb68b4ac10fbc2b590c8a29cd2474d5392d3958542dad7f21ba4ad51c7541bb1686ed2629323e214c3e72b0de7212f25a4681f653d4179404c9f4c53e3d83a
31	DIST xen-upstream-patches-0.tar.gz 2297 SHA256 bf21272ad029391d30bf31896efcadc75267538f6c7de5d239453f19659d58ee SHA512 3f5d60aaebd181bddab4dd02e0064de2f75672f44a687a7331fa40e81d56763fea84504081a449d11403b21ad0ba2dac075f0b1796809ef8d16e244f6be99e3d WHIRLPOOL 4ebe79c8f2ea1c45e88e59941e477ed5639dbca3fe95c9a67e07afb0f4b6fb8b7fea8e58422d7c8f906299e4f37c14b4db15200997e5a92b647df98fa93e10c7
32
33	diff --git a/app-emulation/xen/xen-4.5.2-r5.ebuild b/app-emulation/xen/xen-4.5.2-r5.ebuild
34	new file mode 100644
35	index 0000000..7e17547
36	--- /dev/null
37	+++ b/app-emulation/xen/xen-4.5.2-r5.ebuild
38	@@ -0,0 +1,192 @@
39	+# Copyright 1999-2016 Gentoo Foundation
40	+# Distributed under the terms of the GNU General Public License v2
41	+# $Id$
42	+
43	+EAPI=5
44	+
45	+PYTHON_COMPAT=( python2_7 )
46	+
47	+inherit eutils multilib mount-boot flag-o-matic python-any-r1 toolchain-funcs
48	+
49	+MY_PV=${PV/_/-}
50	+MY_P=${PN}-${PV/_/-}
51	+
52	+if [[ $PV == *9999 ]]; then
53	+ inherit git-r3
54	+ KEYWORDS=""
55	+ EGIT_REPO_URI="git://xenbits.xen.org/${PN}.git"
56	+ SRC_URI=""
57	+else
58	+ KEYWORDS="~amd64 ~arm ~arm64 -x86"
59	+ UPSTREAM_VER=
60	+ SECURITY_VER=0
61	+ # var set to reflect https://dev.gentoo.org/~idella4/
62	+ SEC_VER=8
63	+ GENTOO_VER=
64	+
65	+ [[ -n ${UPSTREAM_VER} ]] && \
66	+ UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz"
67	+ [[ -n ${SECURITY_VER} ]] && \
68	+ SECURITY_PATCHSET_URI="https://dev.gentoo.org/~idella4/distfiles/${PN/-tools}-security-patches-${SECURITY_VER}.tar.xz
69	+ https://dev.gentoo.org/~idella4/distfiles/${PN/-tools}-security-patches-${SEC_VER}.tar.gz"
70	+ [[ -n ${GENTOO_VER} ]] && \
71	+ GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-gentoo-patches-${GENTOO_VER}.tar.xz"
72	+ SRC_URI="http://bits.xensource.com/oss-xen/release/${MY_PV}/${MY_P}.tar.gz
73	+ ${UPSTREAM_PATCHSET_URI}
74	+ ${SECURITY_PATCHSET_URI}
75	+ ${GENTOO_PATCHSET_URI}"
76	+
77	+fi
78	+
79	+DESCRIPTION="The Xen virtual machine monitor"
80	+HOMEPAGE="http://xen.org/"
81	+LICENSE="GPL-2"
82	+SLOT="0"
83	+IUSE="custom-cflags debug efi flask xsm"
84	+
85	+DEPEND="${PYTHON_DEPS}
86	+ efi? ( >=sys-devel/binutils-2.22[multitarget] )
87	+ !efi? ( >=sys-devel/binutils-2.22[-multitarget] )"
88	+RDEPEND=""
89	+PDEPEND="~app-emulation/xen-tools-${PV}"
90	+
91	+RESTRICT="test"
92	+
93	+# Approved by QA team in bug #144032
94	+QA_WX_LOAD="boot/xen-syms-${PV}"
95	+
96	+REQUIRED_USE="flask? ( xsm )
97	+ arm? ( debug )"
98	+
99	+S="${WORKDIR}/${MY_P}"
100	+
101	+pkg_setup() {
102	+ python-any-r1_pkg_setup
103	+ if [[ -z ${XEN_TARGET_ARCH} ]]; then
104	+ if use x86 && use amd64; then
105	+ die "Confusion! Both x86 and amd64 are set in your use flags!"
106	+ elif use x86; then
107	+ export XEN_TARGET_ARCH="x86_32"
108	+ elif use amd64; then
109	+ export XEN_TARGET_ARCH="x86_64"
110	+ elif use arm; then
111	+ export XEN_TARGET_ARCH="arm32"
112	+ elif use arm64; then
113	+ export XEN_TARGET_ARCH="arm64"
114	+ else
115	+ die "Unsupported architecture!"
116	+ fi
117	+ fi
118	+
119	+ if use flask ; then
120	+ export "XSM_ENABLE=y"
121	+ export "FLASK_ENABLE=y"
122	+ elif use xsm ; then
123	+ export "XSM_ENABLE=y"
124	+ fi
125	+}
126	+
127	+src_prepare() {
128	+ # Upstream's patchset
129	+ if [[ -n ${UPSTREAM_VER} ]]; then
130	+ EPATCH_SUFFIX="patch" \
131	+ EPATCH_FORCE="yes" \
132	+ EPATCH_OPTS="-p1" \
133	+ epatch "${WORKDIR}"/patches-upstream
134	+ fi
135	+
136	+ if [[ -n ${SECURITY_VER} ]]; then
137	+ einfo "Try to apply Xen Security patcheset"
138	+ # apply main xen patches
139	+ # Two parallel systems, both work side by side
140	+ # Over time they may concdense into one. This will suffice for now
141	+ EPATCH_SUFFIX="patch"
142	+ EPATCH_FORCE="yes"
143	+ for i in ${XEN_SECURITY_MAIN}; do
144	+ epatch "${WORKDIR}"/patches-security/xen/$i
145	+ done
146	+
147	+ for i in "${WORKDIR}"/xen-sec/xsa*.patch; do
148	+ epatch $i
149	+ done
150	+ fi
151	+
152	+ # Gentoo's patchset
153	+ if [[ -n ${GENTOO_VER} ]]; then
154	+ EPATCH_SUFFIX="patch" \
155	+ EPATCH_FORCE="yes" \
156	+ epatch "${WORKDIR}"/patches-gentoo
157	+ fi
158	+
159	+ # Drop .config
160	+ sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk \|\| die "Couldn't drop"
161	+
162	+ if use efi; then
163	+ epatch "${FILESDIR}"/${PN}-4.5-efi.patch
164	+ export EFI_VENDOR="gentoo"
165	+ export EFI_MOUNTPOINT="boot"
166	+ fi
167	+
168	+ # if the user really wants to use their own custom-cflags, let them
169	+ if use custom-cflags; then
170	+ einfo "User wants their own CFLAGS - removing defaults"
171	+ # try and remove all the default custom-cflags
172	+ find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \
173	+ -e 's/CFLAGS\(.\)=\(.\)-O3\(.*\)/CFLAGS\1=\2\3/' \
174	+ -e 's/CFLAGS\(.\)=\(.\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \
175	+ -e 's/CFLAGS\(.\)=\(.\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \
176	+ -e 's/CFLAGS\(.\)=\(.\)-g3\s\(.\)/CFLAGS\1=\2 \3/' \
177	+ -e 's/CFLAGS\(.\)=\(.\)-O2\(.*\)/CFLAGS\1=\2\3/' \
178	+ -i {} \; \|\| die "failed to re-set custom-cflags"
179	+ fi
180	+
181	+ # remove -Werror for gcc-4.6's sake
182	+ find "${S}" -name 'Makefile' -o -name '.mk' -o -name 'common.make' \| \
183	+ xargs sed -i 's/ -Werror / /'
184	+ # not strictly necessary to fix this
185	+ sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" \|\| die "failed to re-set setup.py"
186	+
187	+ epatch_user
188	+}
189	+
190	+src_configure() {
191	+ use arm && myopt="${myopt} CONFIG_EARLY_PRINTK=sun7i"
192	+
193	+ use debug && myopt="${myopt} debug=y"
194	+
195	+ if use custom-cflags; then
196	+ filter-flags -fPIE -fstack-protector
197	+ replace-flags -O3 -O2
198	+ else
199	+ unset CFLAGS
200	+ fi
201	+}
202	+
203	+src_compile() {
204	+ # Send raw LDFLAGS so that --as-needed works
205	+ emake V=1 CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt}
206	+}
207	+
208	+src_install() {
209	+ local myopt
210	+ use debug && myopt="${myopt} debug=y"
211	+
212	+ # The 'make install' doesn't 'mkdir -p' the subdirs
213	+ if use efi; then
214	+ mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} \|\| die
215	+ fi
216	+
217	+ emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install
218	+}
219	+
220	+pkg_postinst() {
221	+ elog "Official Xen Guide and the unoffical wiki page:"
222	+ elog " https://wiki.gentoo.org/wiki/Xen"
223	+ elog " http://en.gentoo-wiki.com/wiki/Xen/"
224	+
225	+ use efi && einfo "The efi executable is installed in boot/efi/gentoo"
226	+
227	+ elog "You can optionally block the installation of /boot/xen-syms by an entry"
228	+ elog "in folder /etc/portage/env using the portage's feature INSTALL_MASK"
229	+ elog "e.g. echo ${msg} > /etc/portage/env/xen.conf"
230	+}
231
232	diff --git a/app-emulation/xen/xen-4.6.0-r9.ebuild b/app-emulation/xen/xen-4.6.0-r9.ebuild
233	new file mode 100644
234	index 0000000..b0eaa00
235	--- /dev/null
236	+++ b/app-emulation/xen/xen-4.6.0-r9.ebuild
237	@@ -0,0 +1,197 @@
238	+# Copyright 1999-2016 Gentoo Foundation
239	+# Distributed under the terms of the GNU General Public License v2
240	+# $Id$
241	+
242	+EAPI=5
243	+
244	+PYTHON_COMPAT=( python2_7 )
245	+
246	+inherit eutils multilib mount-boot flag-o-matic python-any-r1 toolchain-funcs
247	+
248	+MY_PV=${PV/_/-}
249	+MY_P=${PN}-${PV/_/-}
250	+
251	+if [[ $PV == *9999 ]]; then
252	+ inherit git-r3
253	+ KEYWORDS=""
254	+ EGIT_REPO_URI="git://xenbits.xen.org/xen.git"
255	+ SRC_URI=""
256	+else
257	+ KEYWORDS="~amd64 ~arm ~arm64 -x86"
258	+ UPSTREAM_VER=0
259	+ SECURITY_VER=0
260	+ # var set to reflect https://dev.gentoo.org/~idella4/
261	+ # first instance of UPS_VER (usptream ver)
262	+ UPS_VER=0
263	+ SEC_VER=9
264	+ GENTOO_VER=
265	+
266	+ [[ -n ${UPSTREAM_VER} ]] && \
267	+ UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz
268	+ https://dev.gentoo.org/~idella4/distfiles/${PN}-upstream-patches-${UPS_VER}.tar.gz"
269	+ [[ -n ${SECURITY_VER} ]] && \
270	+ SECURITY_PATCHSET_URI="https://dev.gentoo.org/~idella4/distfiles/${PN/-tools}-security-patches-${SECURITY_VER}.tar.xz
271	+ https://dev.gentoo.org/~idella4/distfiles/${PN}-security-patches-${SEC_VER}.tar.gz"
272	+ [[ -n ${GENTOO_VER} ]] && \
273	+ GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-gentoo-patches-${GENTOO_VER}.tar.xz"
274	+ SRC_URI="http://bits.xensource.com/oss-xen/release/${MY_PV}/${MY_P}.tar.gz
275	+ ${UPSTREAM_PATCHSET_URI}
276	+ ${SECURITY_PATCHSET_URI}
277	+ ${GENTOO_PATCHSET_URI}"
278	+fi
279	+
280	+DESCRIPTION="The Xen virtual machine monitor"
281	+HOMEPAGE="http://xen.org/"
282	+LICENSE="GPL-2"
283	+SLOT="0"
284	+IUSE="custom-cflags debug efi flask"
285	+
286	+DEPEND="${PYTHON_DEPS}
287	+ efi? ( >=sys-devel/binutils-2.22[multitarget] )
288	+ !efi? ( >=sys-devel/binutils-2.22 )"
289	+RDEPEND=""
290	+PDEPEND="~app-emulation/xen-tools-${PV}"
291	+
292	+# no tests are available for the hypervisor
293	+# prevent the silliness of /usr/lib/debug/usr/lib/debug files
294	+# prevent stripping of the debug info from the /usr/lib/debug/xen-syms
295	+RESTRICT="test splitdebug strip"
296	+
297	+# Approved by QA team in bug #144032
298	+QA_WX_LOAD="boot/xen-syms-${PV}"
299	+
300	+REQUIRED_USE="arm? ( debug )"
301	+
302	+S="${WORKDIR}/${MY_P}"
303	+
304	+pkg_setup() {
305	+ python-any-r1_pkg_setup
306	+ if [[ -z ${XEN_TARGET_ARCH} ]]; then
307	+ if use amd64; then
308	+ export XEN_TARGET_ARCH="x86_64"
309	+ elif use arm; then
310	+ export XEN_TARGET_ARCH="arm32"
311	+ elif use arm64; then
312	+ export XEN_TARGET_ARCH="arm64"
313	+ else
314	+ die "Unsupported architecture!"
315	+ fi
316	+ fi
317	+
318	+ if use flask ; then
319	+ export "XSM_ENABLE=y"
320	+ export "FLASK_ENABLE=y"
321	+ fi
322	+}
323	+
324	+src_prepare() {
325	+ # Upstream's patchset
326	+ if [[ -n ${UPSTREAM_VER} ]]; then
327	+ EPATCH_SUFFIX="patch" \
328	+ EPATCH_FORCE="yes" \
329	+ EPATCH_OPTS="-p1" \
330	+ epatch "${WORKDIR}"/patches-upstream \
331	+ "${WORKDIR}"/libexec.patch
332	+ fi
333	+
334	+ if [[ -n ${SECURITY_VER} ]]; then
335	+ einfo "Try to apply Xen Security patcheset"
336	+ # apply main xen patches
337	+ # Two parallel systems, both work side by side
338	+ # Over time they may concdense into one. This will suffice for now
339	+ EPATCH_SUFFIX="patch"
340	+ EPATCH_FORCE="yes"
341	+ for i in ${XEN_SECURITY_MAIN}; do
342	+ epatch "${WORKDIR}"/patches-security/xen/$i
343	+ done
344	+
345	+ for i in "${WORKDIR}"/xen-sec/xsa*.patch; do
346	+ epatch $i
347	+ done
348	+ fi
349	+
350	+ # Gentoo's patchset
351	+ if [[ -n ${GENTOO_VER} ]]; then
352	+ EPATCH_SUFFIX="patch" \
353	+ EPATCH_FORCE="yes" \
354	+ epatch "${WORKDIR}"/patches-gentoo
355	+ fi
356	+
357	+ epatch "${FILESDIR}"/${PN}-4.6-efi.patch
358	+
359	+ # Drop .config
360	+ sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk \|\| die "Couldn't drop"
361	+
362	+ if use efi; then
363	+ export EFI_VENDOR="gentoo"
364	+ export EFI_MOUNTPOINT="boot"
365	+ fi
366	+
367	+ # if the user really wants to use their own custom-cflags, let them
368	+ if use custom-cflags; then
369	+ einfo "User wants their own CFLAGS - removing defaults"
370	+ # try and remove all the default custom-cflags
371	+ find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \
372	+ -e 's/CFLAGS\(.\)=\(.\)-O3\(.*\)/CFLAGS\1=\2\3/' \
373	+ -e 's/CFLAGS\(.\)=\(.\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \
374	+ -e 's/CFLAGS\(.\)=\(.\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \
375	+ -e 's/CFLAGS\(.\)=\(.\)-g3\s\(.\)/CFLAGS\1=\2 \3/' \
376	+ -e 's/CFLAGS\(.\)=\(.\)-O2\(.*\)/CFLAGS\1=\2\3/' \
377	+ -i {} \; \|\| die "failed to re-set custom-cflags"
378	+ fi
379	+
380	+ # remove -Werror for gcc-4.6's sake
381	+ find "${S}" -name 'Makefile' -o -name '.mk' -o -name 'common.make' \| \
382	+ xargs sed -i 's/ -Werror / /'
383	+ # not strictly necessary to fix this
384	+ sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" \|\| die "failed to re-set setup.py"
385	+
386	+ epatch_user
387	+}
388	+
389	+src_configure() {
390	+ use arm && myopt="${myopt} CONFIG_EARLY_PRINTK=sun7i"
391	+
392	+ use debug && myopt="${myopt} debug=y"
393	+
394	+ if use custom-cflags; then
395	+ filter-flags -fPIE -fstack-protector
396	+ replace-flags -O3 -O2
397	+ else
398	+ unset CFLAGS
399	+ unset LDFLAGS
400	+ unset ASFLAGS
401	+ fi
402	+}
403	+
404	+src_compile() {
405	+ # Send raw LDFLAGS so that --as-needed works
406	+ emake V=1 CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt}
407	+}
408	+
409	+src_install() {
410	+ local myopt
411	+ use debug && myopt="${myopt} debug=y"
412	+
413	+ # The 'make install' doesn't 'mkdir -p' the subdirs
414	+ if use efi; then
415	+ mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} \|\| die
416	+ fi
417	+
418	+ emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install
419	+
420	+ # make install likes to throw in some extra EFI bits if it built
421	+ use efi \|\| rm -rf "${D}/usr/$(get_libdir)/efi"
422	+}
423	+
424	+pkg_postinst() {
425	+ elog "Official Xen Guide and the unoffical wiki page:"
426	+ elog " https://wiki.gentoo.org/wiki/Xen"
427	+ elog " http://en.gentoo-wiki.com/wiki/Xen/"
428	+
429	+ use efi && einfo "The efi executable is installed in boot/efi/gentoo"
430	+
431	+ elog "You can optionally block the installation of /boot/xen-syms by an entry"
432	+ elog "in folder /etc/portage/env using the portage's feature INSTALL_MASK"
433	+ elog "e.g. echo ${msg} > /etc/portage/env/xen.conf"
434	+}

Gentoo Archives: gentoo-commits