Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Ian Delaney (idella4)" <idella4@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in app-emulation/xen-tools/files: xen-4-CVE-2012-4544-XSA-25.patch xen-4-CVE-2012-6075-XSA-41.patch ipxe-nopie.patch xen-tools-4-add-nopie.patch xen-4-fix_dotconfig-gcc.patch xen-tools-4-docfix.patch xen-tools-3.4.2-as-needed.patch
Date: Wed, 30 Jan 2013 09:09:05
Message-Id: 20130130090902.2120D2171E@flycatcher.gentoo.org
1 idella4 13/01/30 09:09:02
2
3 Modified: ipxe-nopie.patch
4 Added: xen-4-CVE-2012-4544-XSA-25.patch
5 xen-4-CVE-2012-6075-XSA-41.patch
6 xen-tools-4-add-nopie.patch
7 xen-4-fix_dotconfig-gcc.patch
8 xen-tools-4-docfix.patch
9 Removed: xen-tools-3.4.2-as-needed.patch
10 Log:
11 revbump;-4.2.0-r3; adjustments to DEPS, implementation of ocaml flag courtesy of user known as 'a.m' wrt Bug #447716, reconstitution of ipxe-nopie with subsequent add of -4-add-nopie.patch, new use ocaml added and implemented (possible to rename), sed statements reduced to patches, 2 sec. patches applied, build & install of docs corrected/upgrade. 4.2.1-r1; changes mirrored those to 4.2.0-r3, add of 1 valid sec. patch. Drop un-needed -3.4.2-as-needed.patch
12
13 (Portage version: 2.1.11.40/cvs/Linux x86_64, signed Manifest commit with key 0xB8072B0D)
14
15 Revision Changes Path
16 1.3 app-emulation/xen-tools/files/ipxe-nopie.patch
17
18 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/ipxe-nopie.patch?rev=1.3&view=markup
19 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/ipxe-nopie.patch?rev=1.3&content-type=text/plain
20 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/ipxe-nopie.patch?r1=1.2&r2=1.3
21
22 Index: ipxe-nopie.patch
23 ===================================================================
24 RCS file: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/files/ipxe-nopie.patch,v
25 retrieving revision 1.2
26 retrieving revision 1.3
27 diff -u -r1.2 -r1.3
28 --- ipxe-nopie.patch 17 Dec 2012 10:54:06 -0000 1.2
29 +++ ipxe-nopie.patch 30 Jan 2013 09:09:01 -0000 1.3
30 @@ -4,8 +4,8 @@
31 * /tools/firmware/etherboot/patches/ipxe-nopie.patche New patch
32 * /tools/firmware/etherboot/patches/series Add ipxe-nopie.patch
33
34 ---- a/tools/firmware/etherboot/patches/ipxe-nopie.patch 1970-01-01 01:00:00.000000000 +0100
35 -+++ b/tools/firmware/etherboot/patches/ipxe-nopie.patch 2011-03-27 17:45:13.929697782 +0200
36 +#--- tools/firmware/etherboot/patches/ipxe-nopie.patch 1970-01-01 01:00:00.000000000 +0100
37 +#+++ tools/firmware/etherboot/patches/ipxe-nopie.patch 2011-03-27 17:45:13.929697782 +0200
38 @@ -0,0 +1,11 @@
39 +--- ipxe/src/Makefile~ 2011-03-27 17:41:52.000000000 +0200
40 ++++ ipxe/src/Makefile 2011-03-27 17:43:20.869446433 +0200
41 @@ -18,9 +18,3 @@
42 + ASFLAGS :=
43 + LDFLAGS :=
44 + MAKEDEPS := Makefile
45 ---- a/tools/firmware/etherboot/patches/series 2011-03-25 11:42:50.000000000 +0100
46 -+++ b/tools/firmware/etherboot/patches/series 2011-03-27 17:45:45.140446216 +0200
47 -build_fix_1.patch
48 -build_fix_2.patch
49 -build_fix_3.patch
50 -+ipxe-nopie.patch
51
52
53
54 1.1 app-emulation/xen-tools/files/xen-4-CVE-2012-4544-XSA-25.patch
55
56 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/xen-4-CVE-2012-4544-XSA-25.patch?rev=1.1&view=markup
57 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/xen-4-CVE-2012-4544-XSA-25.patch?rev=1.1&content-type=text/plain
58
59 Index: xen-4-CVE-2012-4544-XSA-25.patch
60 ===================================================================
61
62 # HG changeset patch
63 # User Ian Jackson <Ian.Jackson@×××××××××.com>
64 # Date 1351264255 -3600
65 # Node ID 537776f51f79c5789d06f97b363596a197c3e71c
66 # Parent 40ccbee890e1fc053de3046bbc3d13b8ff6f5d63
67 libxc: builder: limit maximum size of kernel/ramdisk.
68
69 Allowing user supplied kernels of arbitrary sizes, especially during
70 decompression, can swallow up dom0 memory leading to either virtual
71 address space exhaustion in the builder process or allocation
72 failures/OOM killing of both toolstack and unrelated processes.
73
74 We disable these checks when building in a stub domain for pvgrub
75 since this uses the guest's own memory and is isolated.
76
77 Decompression of gzip compressed kernels and ramdisks has been safe
78 since 14954:58205257517d (Xen 3.1.0 onwards).
79
80 This is XSA-25 / CVE-2012-4544.
81
82 Also make explicit checks for buffer overflows in various
83 decompression routines. These were already ruled out due to other
84 properties of the code but check them as a belt-and-braces measure.
85
86 Signed-off-by: Ian Campbell <ian.campbell@××××××.com>
87 Acked-by: Ian Jackson <ian.jackson@×××××××××.com>
88
89 diff -r 40ccbee890e1 -r 537776f51f79 stubdom/grub/kexec.c
90 --- stubdom/grub/kexec.c Thu Oct 25 15:36:32 2012 +0200
91 +++ stubdom/grub/kexec.c Fri Oct 26 16:10:55 2012 +0100
92 @@ -137,6 +137,10 @@ void kexec(void *kernel, long kernel_siz
93 dom = xc_dom_allocate(xc_handle, cmdline, features);
94 dom->allocate = kexec_allocate;
95
96 + /* We are using guest owned memory, therefore no limits. */
97 + xc_dom_kernel_max_size(dom, 0);
98 + xc_dom_ramdisk_max_size(dom, 0);
99 +
100 dom->kernel_blob = kernel;
101 dom->kernel_size = kernel_size;
102
103 diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom.h
104 --- tools/libxc/xc_dom.h Thu Oct 25 15:36:32 2012 +0200
105 +++ tools/libxc/xc_dom.h Fri Oct 26 16:10:55 2012 +0100
106 @@ -55,6 +55,9 @@ struct xc_dom_image {
107 void *ramdisk_blob;
108 size_t ramdisk_size;
109
110 + size_t max_kernel_size;
111 + size_t max_ramdisk_size;
112 +
113 /* arguments and parameters */
114 char *cmdline;
115 uint32_t f_requested[XENFEAT_NR_SUBMAPS];
116 @@ -180,6 +183,23 @@ void xc_dom_release_phys(struct xc_dom_i
117 void xc_dom_release(struct xc_dom_image *dom);
118 int xc_dom_mem_init(struct xc_dom_image *dom, unsigned int mem_mb);
119
120 +/* Set this larger if you have enormous ramdisks/kernels. Note that
121 + * you should trust all kernels not to be maliciously large (e.g. to
122 + * exhaust all dom0 memory) if you do this (see CVE-2012-4544 /
123 + * XSA-25). You can also set the default independently for
124 + * ramdisks/kernels in xc_dom_allocate() or call
125 + * xc_dom_{kernel,ramdisk}_max_size.
126 + */
127 +#ifndef XC_DOM_DECOMPRESS_MAX
128 +#define XC_DOM_DECOMPRESS_MAX (1024*1024*1024) /* 1GB */
129 +#endif
130 +
131 +int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz);
132 +int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz);
133 +
134 +int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz);
135 +int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz);
136 +
137 size_t xc_dom_check_gzip(xc_interface *xch,
138 void *blob, size_t ziplen);
139 int xc_dom_do_gunzip(xc_interface *xch,
140 @@ -240,7 +260,8 @@ void xc_dom_log_memory_footprint(struct
141 void *xc_dom_malloc(struct xc_dom_image *dom, size_t size);
142 void *xc_dom_malloc_page_aligned(struct xc_dom_image *dom, size_t size);
143 void *xc_dom_malloc_filemap(struct xc_dom_image *dom,
144 - const char *filename, size_t * size);
145 + const char *filename, size_t * size,
146 + const size_t max_size);
147 char *xc_dom_strdup(struct xc_dom_image *dom, const char *str);
148
149 /* --- alloc memory pool ------------------------------------------- */
150 diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom_bzimageloader.c
151 --- tools/libxc/xc_dom_bzimageloader.c Thu Oct 25 15:36:32 2012 +0200
152 +++ tools/libxc/xc_dom_bzimageloader.c Fri Oct 26 16:10:55 2012 +0100
153 @@ -47,13 +47,19 @@ static int xc_try_bzip2_decode(
154 char *out_buf;
155 char *tmp_buf;
156 int retval = -1;
157 - int outsize;
158 + unsigned int outsize;
159 uint64_t total;
160
161 stream.bzalloc = NULL;
162 stream.bzfree = NULL;
163 stream.opaque = NULL;
164
165 + if ( dom->kernel_size == 0)
166 + {
167 + DOMPRINTF("BZIP2: Input is 0 size");
168 + return -1;
169 + }
170 +
171 ret = BZ2_bzDecompressInit(&stream, 0, 0);
172 if ( ret != BZ_OK )
173 {
174 @@ -66,6 +72,17 @@ static int xc_try_bzip2_decode(
175 * the input buffer to start, and we'll realloc as needed.
176 */
177 outsize = dom->kernel_size;
178 +
179 + /*
180 + * stream.avail_in and outsize are unsigned int, while kernel_size
181 + * is a size_t. Check we aren't overflowing.
182 + */
183 + if ( outsize != dom->kernel_size )
184 + {
185 + DOMPRINTF("BZIP2: Input too large");
186 + goto bzip2_cleanup;
187 + }
188 +
189 out_buf = malloc(outsize);
190 if ( out_buf == NULL )
191 {
192 @@ -98,13 +115,20 @@ static int xc_try_bzip2_decode(
193 if ( stream.avail_out == 0 )
194 {
195 /* Protect against output buffer overflow */
196 - if ( outsize > INT_MAX / 2 )
197 + if ( outsize > UINT_MAX / 2 )
198 {
199 DOMPRINTF("BZIP2: output buffer overflow");
200 free(out_buf);
201 goto bzip2_cleanup;
202 }
203
204 + if ( xc_dom_kernel_check_size(dom, outsize * 2) )
205 + {
206 + DOMPRINTF("BZIP2: output too large");
207 + free(out_buf);
208 + goto bzip2_cleanup;
209 + }
210 +
211 tmp_buf = realloc(out_buf, outsize * 2);
212 if ( tmp_buf == NULL )
213 {
214 @@ -172,9 +196,15 @@ static int _xc_try_lzma_decode(
215 unsigned char *out_buf;
216 unsigned char *tmp_buf;
217 int retval = -1;
218 - int outsize;
219 + size_t outsize;
220 const char *msg;
221
222 + if ( dom->kernel_size == 0)
223 + {
224 + DOMPRINTF("%s: Input is 0 size", what);
225 + return -1;
226 + }
227 +
228 /* sigh. We don't know up-front how much memory we are going to need
229 * for the output buffer. Allocate the output buffer to be equal
230 * the input buffer to start, and we'll realloc as needed.
231 @@ -244,13 +274,20 @@ static int _xc_try_lzma_decode(
232 if ( stream->avail_out == 0 )
233 {
234 /* Protect against output buffer overflow */
235 - if ( outsize > INT_MAX / 2 )
236 + if ( outsize > SIZE_MAX / 2 )
237 {
238 DOMPRINTF("%s: output buffer overflow", what);
239 free(out_buf);
240 goto lzma_cleanup;
241 }
242
243 + if ( xc_dom_kernel_check_size(dom, outsize * 2) )
244 + {
245 + DOMPRINTF("%s: output too large", what);
246 + free(out_buf);
247 + goto lzma_cleanup;
248 + }
249 +
250 tmp_buf = realloc(out_buf, outsize * 2);
251 if ( tmp_buf == NULL )
252 {
253 @@ -359,6 +396,12 @@ static int xc_try_lzo1x_decode(
254 0x89, 0x4c, 0x5a, 0x4f, 0x00, 0x0d, 0x0a, 0x1a, 0x0a
255 };
256
257 + /*
258 + * lzo_uint should match size_t. Check that this is the case to be
259 + * sure we won't overflow various lzo_uint fields.
260 + */
261 + XC_BUILD_BUG_ON(sizeof(lzo_uint) != sizeof(size_t));
262 +
263 ret = lzo_init();
264 if ( ret != LZO_E_OK )
265 {
266 @@ -438,6 +481,14 @@ static int xc_try_lzo1x_decode(
267 if ( src_len <= 0 || src_len > dst_len || src_len > left )
268 break;
269
270 + msg = "Output buffer overflow";
271 + if ( *size > SIZE_MAX - dst_len )
272 + break;
273 +
274 + msg = "Decompressed image too large";
275 + if ( xc_dom_kernel_check_size(dom, *size + dst_len) )
276 + break;
277 +
278 msg = "Failed to (re)alloc memory";
279 tmp_buf = realloc(out_buf, *size + dst_len);
280 if ( tmp_buf == NULL )
281 diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom_core.c
282 --- tools/libxc/xc_dom_core.c Thu Oct 25 15:36:32 2012 +0200
283 +++ tools/libxc/xc_dom_core.c Fri Oct 26 16:10:55 2012 +0100
284 @@ -159,7 +159,8 @@ void *xc_dom_malloc_page_aligned(struct
285 }
286
287 void *xc_dom_malloc_filemap(struct xc_dom_image *dom,
288 - const char *filename, size_t * size)
289 + const char *filename, size_t * size,
290 + const size_t max_size)
291 {
292 struct xc_dom_mem *block = NULL;
293 int fd = -1;
294 @@ -171,6 +172,13 @@ void *xc_dom_malloc_filemap(struct xc_do
295 lseek(fd, 0, SEEK_SET);
296 *size = lseek(fd, 0, SEEK_END);
297
298 + if ( max_size && *size > max_size )
299 + {
300 + xc_dom_panic(dom->xch, XC_OUT_OF_MEMORY,
301 + "tried to map file which is too large");
302 + goto err;
303 + }
304 +
305 block = malloc(sizeof(*block));
306 if ( block == NULL )
307 goto err;
308 @@ -222,6 +230,40 @@ char *xc_dom_strdup(struct xc_dom_image
309 }
310
311 /* ------------------------------------------------------------------------ */
312 +/* decompression buffer sizing */
313 +int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz)
314 +{
315 + /* No limit */
316 + if ( !dom->max_kernel_size )
317 + return 0;
318 +
319 + if ( sz > dom->max_kernel_size )
320 + {
321 + xc_dom_panic(dom->xch, XC_INVALID_KERNEL,
322 + "kernel image too large");
323 + return 1;
324 + }
325 +
326 + return 0;
327 +}
328 +
329 +int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz)
330 +{
331 + /* No limit */
332 + if ( !dom->max_ramdisk_size )
333 + return 0;
334 +
335 + if ( sz > dom->max_ramdisk_size )
336 + {
337 + xc_dom_panic(dom->xch, XC_INVALID_KERNEL,
338 + "ramdisk image too large");
339 + return 1;
340 + }
341 +
342 + return 0;
343 +}
344 +
345 +/* ------------------------------------------------------------------------ */
346 /* read files, copy memory blocks, with transparent gunzip */
347
348 size_t xc_dom_check_gzip(xc_interface *xch, void *blob, size_t ziplen)
349 @@ -235,7 +277,7 @@ size_t xc_dom_check_gzip(xc_interface *x
350
351 gzlen = blob + ziplen - 4;
352 unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0];
353 - if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */
354 + if ( (unziplen < 0) || (unziplen > XC_DOM_DECOMPRESS_MAX) )
355 {
356 xc_dom_printf
357 (xch,
358 @@ -288,6 +330,9 @@ int xc_dom_try_gunzip(struct xc_dom_imag
359 if ( unziplen == 0 )
360 return 0;
361
362 + if ( xc_dom_kernel_check_size(dom, unziplen) )
363 + return 0;
364 +
365 unzip = xc_dom_malloc(dom, unziplen);
366 if ( unzip == NULL )
367 return -1;
368 @@ -588,6 +633,9 @@ struct xc_dom_image *xc_dom_allocate(xc_
369 memset(dom, 0, sizeof(*dom));
370 dom->xch = xch;
371
372 + dom->max_kernel_size = XC_DOM_DECOMPRESS_MAX;
373 + dom->max_ramdisk_size = XC_DOM_DECOMPRESS_MAX;
374 +
375 if ( cmdline )
376 dom->cmdline = xc_dom_strdup(dom, cmdline);
377 if ( features )
378 @@ -608,10 +656,25 @@ struct xc_dom_image *xc_dom_allocate(xc_
379 return NULL;
380 }
381
382 +int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz)
383 +{
384 + DOMPRINTF("%s: kernel_max_size=%zx", __FUNCTION__, sz);
385 + dom->max_kernel_size = sz;
386 + return 0;
387 +}
388 +
389 +int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz)
390 +{
391 + DOMPRINTF("%s: ramdisk_max_size=%zx", __FUNCTION__, sz);
392 + dom->max_ramdisk_size = sz;
393 + return 0;
394 +}
395 +
396 int xc_dom_kernel_file(struct xc_dom_image *dom, const char *filename)
397 {
398 DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename);
399 - dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size);
400 + dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size,
401 + dom->max_kernel_size);
402 if ( dom->kernel_blob == NULL )
403 return -1;
404 return xc_dom_try_gunzip(dom, &dom->kernel_blob, &dom->kernel_size);
405 @@ -621,7 +684,9 @@ int xc_dom_ramdisk_file(struct xc_dom_im
406 {
407 DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename);
408 dom->ramdisk_blob =
409 - xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size);
410 + xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size,
411 + dom->max_ramdisk_size);
412 +
413 if ( dom->ramdisk_blob == NULL )
414 return -1;
415 // return xc_dom_try_gunzip(dom, &dom->ramdisk_blob, &dom->ramdisk_size);
416 @@ -781,7 +846,11 @@ int xc_dom_build_image(struct xc_dom_ima
417 void *ramdiskmap;
418
419 unziplen = xc_dom_check_gzip(dom->xch, dom->ramdisk_blob, dom->ramdisk_size);
420 + if ( xc_dom_ramdisk_check_size(dom, unziplen) != 0 )
421 + unziplen = 0;
422 +
423 ramdisklen = unziplen ? unziplen : dom->ramdisk_size;
424 +
425 if ( xc_dom_alloc_segment(dom, &dom->ramdisk_seg, "ramdisk", 0,
426 ramdisklen) != 0 )
427 goto err;
428
429
430
431
432
433 1.1 app-emulation/xen-tools/files/xen-4-CVE-2012-6075-XSA-41.patch
434
435 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/xen-4-CVE-2012-6075-XSA-41.patch?rev=1.1&view=markup
436 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/xen-4-CVE-2012-6075-XSA-41.patch?rev=1.1&content-type=text/plain
437
438 Index: xen-4-CVE-2012-6075-XSA-41.patch
439 ===================================================================
440 authorMichael Contreras <michael@×××××××.com>
441 Mon, 3 Dec 2012 04:11:22 +0000 (20:11 -0800)
442 committerAnthony Liguori <aliguori@××××××.com>
443 Mon, 3 Dec 2012 14:14:10 +0000 (08:14 -0600)
444
445 The e1000_receive function for the e1000 needs to discard packets longer than
446 1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes
447 this behavior and allocates memory based on this assumption.
448
449 Signed-off-by: Michael Contreras <michael@×××××××.com>
450 Signed-off-by: Anthony Liguori <aliguori@××××××.com>
451 hw/e1000.c
452
453 --- tools/qemu-xen/hw/e1000.c
454 +++ tools/qemu-xen/hw/e1000.c
455 @@ -59,6 +59,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
456 #define PNPMMIO_SIZE 0x20000
457 #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */
458
459 +/* this is the size past which hardware will drop packets when setting LPE=0 */
460 +#define MAXIMUM_ETHERNET_VLAN_SIZE 1522
461 +
462 /*
463 * HW models:
464 * E1000_DEV_ID_82540EM works with Windows and Linux
465 @@ -805,6 +808,13 @@ e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size)
466 size = sizeof(min_buf);
467 }
468
469 + /* Discard oversized packets if !LPE and !SBP. */
470 + if (size > MAXIMUM_ETHERNET_VLAN_SIZE
471 + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE)
472 + && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) {
473 + return size;
474 + }
475 +
476 if (!receive_filter(s, buf, size))
477 return size;
478
479
480
481
482 1.1 app-emulation/xen-tools/files/xen-tools-4-add-nopie.patch
483
484 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/xen-tools-4-add-nopie.patch?rev=1.1&view=markup
485 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/xen-tools-4-add-nopie.patch?rev=1.1&content-type=text/plain
486
487 Index: xen-tools-4-add-nopie.patch
488 ===================================================================
489 2011-10-22 Ralf Glauberman <ralfglauberman@×××.de>
490
491 #360805 Don't compile ipxe with pie on hardened.
492 * /tools/firmware/etherboot/patches/ipxe-nopie.patche New patch
493 Reconstituted patch; Tue Jan 29 14:35:13 WST 2013
494
495 diff -ur xen-4.2.0.orig/tools/firmware/etherboot/patches/series xen-4.2.0/tools/firmware/etherboot/patches/series
496 --- tools/firmware/etherboot/patches/series 2013-01-29 14:34:10.773520921 +0800
497 +++ tools/firmware/etherboot/patches/series 2013-01-29 14:33:31.781519209 +0800
498 @@ -2,3 +2,4 @@
499 build_fix_1.patch
500 build_fix_2.patch
501 build_fix_3.patch
502 +ipxe-nopie.patch
503
504
505
506
507 1.1 app-emulation/xen-tools/files/xen-4-fix_dotconfig-gcc.patch
508
509 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/xen-4-fix_dotconfig-gcc.patch?rev=1.1&view=markup
510 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/xen-4-fix_dotconfig-gcc.patch?rev=1.1&content-type=text/plain
511
512 Index: xen-4-fix_dotconfig-gcc.patch
513 ===================================================================
514 # Fix gcc-4.6
515 diff -ur xen-4.2.0.orig/extras/mini-os/minios.mk xen-4.2.0/extras/mini-os/minios.mk
516 --- extras/mini-os/minios.mk 2012-09-17 18:21:17.000000000 +0800
517 +++ extras/mini-os/minios.mk 2012-12-05 14:01:10.653260260 +0800
518 @@ -6,7 +6,7 @@
519
520 # Define some default flags.
521 # NB. '-Wcast-qual' is nasty, so I omitted it.
522 -DEF_CFLAGS += -fno-builtin -Wall -Werror -Wredundant-decls -Wno-format -Wno-redundant-decls
523 +DEF_CFLAGS += -fno-builtin -Wall -Wredundant-decls -Wno-format -Wno-redundant-decls
524 DEF_CFLAGS += $(call cc-option,$(CC),-fno-stack-protector,)
525 DEF_CFLAGS += $(call cc-option,$(CC),-fgnu89-inline)
526 DEF_CFLAGS += -Wstrict-prototypes -Wnested-externs -Wpointer-arith -Winline
527 diff -ur xen-4.2.0.orig/tools/libxc/Makefile xen-4.2.0/tools/libxc/Makefile
528 --- tools/libxc/Makefile 2012-09-17 18:21:18.000000000 +0800
529 +++ tools/libxc/Makefile 2012-12-05 14:01:10.653260260 +0800
530 @@ -73,7 +73,7 @@
531
532 -include $(XEN_TARGET_ARCH)/Makefile
533
534 -CFLAGS += -Werror -Wmissing-prototypes
535 +CFLAGS += -Wmissing-prototypes
536 CFLAGS += -I. $(CFLAGS_xeninclude)
537
538 # Needed for posix_fadvise64() in xc_linux.c
539 # Drop .config
540 diff -ur xen-4.2.0.orig/Config.mk xen-4.2.0/Config.mk
541 --- Config.mk 2012-09-17 18:23:12.000000000 +0800
542 +++ Config.mk 2012-12-05 14:01:10.641260261 +0800
543 @@ -7,7 +7,6 @@ Drop .config
544 # fallback for older make
545 realpath = $(wildcard $(foreach file,$(1),$(shell cd -P $(dir $(file)) && echo "$$PWD/$(notdir $(file))")))
546
547 --include $(XEN_ROOT)/.config
548
549 # A debug build of Xen and tools?
550 debug ?= n
551 @@ -24,7 +24,7 @@
552
553 # Tools to run on system hosting the build
554 HOSTCC = gcc
555 -HOSTCFLAGS = -Wall -Werror -Wstrict-prototypes -O2 -fomit-frame-pointer
556 +HOSTCFLAGS = -Wstrict-prototypes -O2 -fomit-frame-pointer
557 HOSTCFLAGS += -fno-strict-aliasing
558
559 DISTDIR ?= $(XEN_ROOT)/dist
560 @@ -156,7 +156,7 @@
561
562 CFLAGS += -std=gnu99
563
564 -CFLAGS += -Wall -Wstrict-prototypes
565 +CFLAGS += -Wstrict-prototypes
566
567 # Clang complains about macros that expand to 'if ( ( foo == bar ) ) ...'
568 # and is over-zealous with the printf format lint
569 diff -ur xen-4.2.1.orig/tools/blktap2/drivers/Makefile xen-4.2.1/tools/blktap2/drivers/Makefile
570 --- tools/blktap2/drivers/Makefile 2012-12-17 23:00:11.000000000 +0800
571 +++ tools/blktap2/drivers/Makefile 2013-01-30 12:31:43.539941099 +0800
572 @@ -9,7 +9,7 @@
573 LOCK_UTIL = lock-util
574 INST_DIR = $(SBINDIR)
575
576 -CFLAGS += -Werror -g
577 +CFLAGS += -g
578 CFLAGS += -Wno-unused
579 CFLAGS += -fno-strict-aliasing
580 CFLAGS += -I$(BLKTAP_ROOT)/include -I$(BLKTAP_ROOT)/drivers
581 diff -ur xen-4.2.1.orig/tools/debugger/gdbsx/Rules.mk xen-4.2.1/tools/debugger/gdbsx/Rules.mk
582 --- tools/debugger/gdbsx/Rules.mk 2012-12-17 23:00:22.000000000 +0800
583 +++ tools/debugger/gdbsx/Rules.mk 2013-01-30 12:31:43.516941098 +0800
584 @@ -1,4 +1,4 @@
585 include $(XEN_ROOT)/tools/Rules.mk
586
587 -CFLAGS += -Werror -Wmissing-prototypes
588 +CFLAGS += -Wmissing-prototypes
589 # (gcc 4.3x and later) -Wconversion -Wno-sign-conversion
590 diff -ur xen-4.2.1.orig/tools/debugger/xenitp/Makefile xen-4.2.1/tools/debugger/xenitp/Makefile
591 --- tools/debugger/xenitp/Makefile 2012-12-17 23:00:22.000000000 +0800
592 +++ tools/debugger/xenitp/Makefile 2013-01-30 12:31:43.516941098 +0800
593 @@ -1,7 +1,7 @@
594 XEN_ROOT=$(CURDIR)/../../..
595 include $(XEN_ROOT)/tools/Rules.mk
596
597 -#CFLAGS += -Werror -g -O0
598 +#CFLAGS += -g -O0
599
600 CFLAGS += $(CFLAGS_libxenctrl)
601
602 diff -ur xen-4.2.1.orig/tools/libaio/harness/Makefile xen-4.2.1/tools/libaio/harness/Makefile
603 --- tools/libaio/harness/Makefile 2012-12-17 23:00:35.000000000 +0800
604 +++ tools/libaio/harness/Makefile 2013-01-30 12:31:43.541941099 +0800
605 @@ -4,7 +4,7 @@
606 HARNESS_SRCS:=main.c
607 # io_queue.c
608
609 -CFLAGS=-Wall -Werror -g -O -laio
610 +CFLAGS=-Wall -g -O -laio
611 #-lpthread -lrt
612
613 all: $(PROGS)
614 diff -ur xen-4.2.1.orig/tools/libfsimage/Rules.mk xen-4.2.1/tools/libfsimage/Rules.mk
615 --- tools/libfsimage/Rules.mk 2012-12-17 23:00:36.000000000 +0800
616 +++ tools/libfsimage/Rules.mk 2013-01-30 12:31:43.515941097 +0800
617 @@ -1,7 +1,7 @@
618 include $(XEN_ROOT)/tools/Rules.mk
619
620 CFLAGS += -Wno-unknown-pragmas -I$(XEN_ROOT)/tools/libfsimage/common/ -DFSIMAGE_FSDIR=\"$(FSDIR)\"
621 -CFLAGS += -Werror -D_GNU_SOURCE
622 +CFLAGS += -D_GNU_SOURCE
623 LDFLAGS += -L../common/
624
625 PIC_OBJS := $(patsubst %.c,%.opic,$(LIB_SRCS-y))
626 diff -ur xen-4.2.1.orig/tools/libxl/Makefile xen-4.2.1/tools/libxl/Makefile
627 --- tools/libxl/Makefile 2012-12-17 23:01:08.000000000 +0800
628 +++ tools/libxl/Makefile 2013-01-30 12:31:43.541941099 +0800
629 @@ -11,7 +11,7 @@
630 XLUMAJOR = 1.0
631 XLUMINOR = 1
632
633 -CFLAGS += -Werror -Wno-format-zero-length -Wmissing-declarations \
634 +CFLAGS += -Wno-format-zero-length -Wmissing-declarations \
635 -Wno-declaration-after-statement -Wformat-nonliteral
636 CFLAGS += -I. -fPIC
637
638 diff -ur xen-4.2.1.orig/tools/qemu-xen/pc-bios/optionrom/Makefile xen-4.2.1/tools/qemu-xen/pc-bios/optionrom/Makefile
639 --- tools/qemu-xen/pc-bios/optionrom/Makefile 2012-09-11 02:10:52.000000000 +0800
640 +++ tools/qemu-xen/pc-bios/optionrom/Makefile 2013-01-30 12:31:43.528941098 +0800
641 @@ -9,7 +9,7 @@
642
643 .PHONY : all clean build-all
644
645 -CFLAGS := -Wall -Wstrict-prototypes -Werror -fomit-frame-pointer -fno-builtin
646 +CFLAGS := -Wall -Wstrict-prototypes -fomit-frame-pointer -fno-builtin
647 CFLAGS += -I$(SRC_PATH)
648 CFLAGS += $(call cc-option, $(CFLAGS), -fno-stack-protector)
649 QEMU_CFLAGS = $(CFLAGS)
650 diff -ur xen-4.2.1.orig/tools/vtpm/Rules.mk xen-4.2.1/tools/vtpm/Rules.mk
651 --- tools/vtpm/Rules.mk 2012-12-17 23:01:35.000000000 +0800
652 +++ tools/vtpm/Rules.mk 2013-01-30 12:31:43.515941097 +0800
653 @@ -6,7 +6,7 @@
654 #
655
656 # General compiler flags
657 -CFLAGS = -Werror -g3
658 +CFLAGS = -g3
659
660 # Generic project files
661 HDRS = $(wildcard *.h)
662 diff -ur xen-4.2.1.orig/tools/vtpm_manager/Rules.mk xen-4.2.1/tools/vtpm_manager/Rules.mk
663 --- tools/vtpm_manager/Rules.mk 2012-12-17 23:01:35.000000000 +0800
664 +++ tools/vtpm_manager/Rules.mk 2013-01-30 12:31:43.511941097 +0800
665 @@ -6,7 +6,7 @@
666 #
667
668 # General compiler flags
669 -CFLAGS = -Werror -g3
670 +CFLAGS = -g3
671
672 # Generic project files
673 HDRS = $(wildcard *.h)
674 diff -ur xen-4.2.1.orig/tools/xenstat/xentop/Makefile xen-4.2.1/tools/xenstat/xentop/Makefile
675 --- tools/xenstat/xentop/Makefile 2012-12-17 23:01:35.000000000 +0800
676 +++ tools/xenstat/xentop/Makefile 2013-01-30 12:31:43.535941098 +0800
677 @@ -18,7 +18,7 @@
678 all install xentop:
679 else
680
681 -CFLAGS += -DGCC_PRINTF -Wall -Werror $(CFLAGS_libxenstat)
682 +CFLAGS += -DGCC_PRINTF -Wall $(CFLAGS_libxenstat)
683 LDLIBS += $(LDLIBS_libxenstat) $(CURSES_LIBS) $(SOCKET_LIBS)
684 CFLAGS += -DHOST_$(XEN_OS)
685
686 diff -ur xen-4.2.1.orig/xen/arch/arm/Rules.mk xen-4.2.1/xen/arch/arm/Rules.mk
687 --- xen/arch/arm/Rules.mk 2012-12-17 23:01:37.000000000 +0800
688 +++ xen/arch/arm/Rules.mk 2013-01-30 12:31:43.498941097 +0800
689 @@ -9,7 +9,7 @@
690 HAS_DEVICE_TREE := y
691
692 CFLAGS += -fno-builtin -fno-common -Wredundant-decls
693 -CFLAGS += -iwithprefix include -Werror -Wno-pointer-arith -pipe
694 +CFLAGS += -iwithprefix include -Wno-pointer-arith -pipe
695 CFLAGS += -I$(BASEDIR)/include
696
697 # Prevent floating-point variables from creeping into Xen.
698 diff -ur xen-4.2.1.orig/xen/arch/x86/Rules.mk xen-4.2.1/xen/arch/x86/Rules.mk
699 --- xen/arch/x86/Rules.mk 2012-12-17 23:01:37.000000000 +0800
700 +++ xen/arch/x86/Rules.mk 2013-01-30 12:31:43.490941096 +0800
701 @@ -24,7 +24,7 @@
702 endif
703
704 CFLAGS += -fno-builtin -fno-common -Wredundant-decls
705 -CFLAGS += -iwithprefix include -Werror -Wno-pointer-arith -pipe
706 +CFLAGS += -iwithprefix include -Wno-pointer-arith -pipe
707 CFLAGS += -I$(BASEDIR)/include
708 CFLAGS += -I$(BASEDIR)/include/asm-x86/mach-generic
709 CFLAGS += -I$(BASEDIR)/include/asm-x86/mach-default
710 diff -ur xen-4.2.1.orig/xen/include/Makefile xen-4.2.1/xen/include/Makefile
711 --- xen/include/Makefile 2012-12-17 23:01:55.000000000 +0800
712 +++ xen/include/Makefile 2013-01-30 12:31:43.502941097 +0800
713 @@ -78,7 +78,7 @@
714 all: headers.chk
715
716 headers.chk: $(filter-out public/arch-% public/%ctl.h public/xsm/% public/%hvm/save.h, $(wildcard public/*.h public/*/*.h) $(public-y)) Makefile
717 - for i in $(filter %.h,$^); do $(CC) -ansi -include stdint.h -Wall -W -Werror -S -o /dev/null -xc $$i || exit 1; echo $$i; done >$@.new
718 + for i in $(filter %.h,$^); do $(CC) -ansi -include stdint.h -Wall -W -S -o /dev/null -xc $$i || exit 1; echo $$i; done >$@.new
719 mv $@.new $@
720
721 endif
722 diff -ur xen-4.2.1.orig/tools/tests/mce-test/tools/Makefile xen-4.2.1/tools/tests/mce-test/tools/Makefile
723 --- tools/tests/mce-test/tools/Makefile 2012-12-17 23:01:35.000000000 +0800
724 +++ tools/tests/mce-test/tools/Makefile 2013-01-30 13:01:44.890020152 +0800
725 @@ -1,7 +1,7 @@
726 XEN_ROOT=$(CURDIR)/../../../..
727 include $(XEN_ROOT)/tools/Rules.mk
728
729 -CFLAGS += -Werror
730 +CFLAGS +=
731 CFLAGS += $(CFLAGS_libxenctrl)
732 CFLAGS += $(CFLAGS_libxenguest)
733 CFLAGS += $(CFLAGS_libxenstore)
734 diff -ur xen-4.2.1.orig/tools/tests/mem-sharing/Makefile xen-4.2.1/tools/tests/mem-sharing/Makefile
735 --- tools/tests/mem-sharing/Makefile 2012-12-17 23:01:35.000000000 +0800
736 +++ tools/tests/mem-sharing/Makefile 2013-01-30 13:01:44.890020152 +0800
737 @@ -1,7 +1,7 @@
738 XEN_ROOT=$(CURDIR)/../../..
739 include $(XEN_ROOT)/tools/Rules.mk
740
741 -CFLAGS += -Werror
742 +CFLAGS +=
743
744 CFLAGS += $(CFLAGS_libxenctrl)
745 CFLAGS += $(CFLAGS_xeninclude)
746 diff -ur xen-4.2.1.orig/tools/tests/xen-access/Makefile xen-4.2.1/tools/tests/xen-access/Makefile
747 --- tools/tests/xen-access/Makefile 2012-12-17 23:01:35.000000000 +0800
748 +++ tools/tests/xen-access/Makefile 2013-01-30 13:01:44.891020152 +0800
749 @@ -1,7 +1,7 @@
750 XEN_ROOT=$(CURDIR)/../../..
751 include $(XEN_ROOT)/tools/Rules.mk
752
753 -CFLAGS += -Werror
754 +CFLAGS +=
755
756 CFLAGS += $(CFLAGS_libxenctrl)
757 CFLAGS += $(CFLAGS_libxenguest)
758
759
760
761
762 1.1 app-emulation/xen-tools/files/xen-tools-4-docfix.patch
763
764 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/xen-tools-4-docfix.patch?rev=1.1&view=markup
765 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen-tools/files/xen-tools-4-docfix.patch?rev=1.1&content-type=text/plain
766
767 Index: xen-tools-4-docfix.patch
768 ===================================================================
769 diff -ur xen-4.2.0.orig/tools/qemu-xen-traditional/Makefile xen-4.2.0/tools/qemu-xen-traditional/Makefile
770 --- xen-4.2.0.orig/tools/qemu-xen-traditional/Makefile 2012-09-07 00:05:30.000000000 +0800
771 +++ xen-4.2.0/tools/qemu-xen-traditional/Makefile 2013-01-29 11:12:20.502989453 +0800
772 @@ -275,7 +275,7 @@
773
774 # documentation
775 %.html: %.texi
776 - texi2html -monolithic -number $<
777 + texi2html -monolithic $<
778
779 %.info: %.texi
780 makeinfo $< -o $@
Report Message
Find on MARC Find on Google Groups