[gentoo-commits] repo/proj/guru:dev commit in: app-crypt/intel-ipsec-mb/, app-crypt/intel-ipsec-mb/files/ - gentoo-commits

From:	Aisha Tammy <gentoo@×××××.cc>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/proj/guru:dev commit in: app-crypt/intel-ipsec-mb/, app-crypt/intel-ipsec-mb/files/
Date:	Thu, 23 Dec 2021 15:08:16
Message-Id:	`1640270943.9dff5c48772c2e43872211b98d7d11258fd37736.epsilon-0@gentoo`

1

commit:     9dff5c48772c2e43872211b98d7d11258fd37736

2

Author:     Aisha Tammy <gentoo <AT> aisha <DOT> cc>

3

AuthorDate: Thu Dec 23 14:49:03 2021 +0000

4

Commit:     Aisha Tammy <gentoo <AT> aisha <DOT> cc>

5

CommitDate: Thu Dec 23 14:49:03 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=9dff5c48

7

8

app-crypt/intel-ipsec-mb: fast multi-buffer crypto for ipsec

9

10

Package-Manager: Portage-3.0.28, Repoman-3.0.3

11

Signed-off-by: Aisha Tammy <gentoo <AT> aisha.cc>

12

13

 app-crypt/intel-ipsec-mb/Manifest                  |   1 +

14

 .../intel-ipsec-mb-1.1_remove-werror-and-O3.patch  | 122 +++++++++++++++++++++

15

 app-crypt/intel-ipsec-mb/intel-ipsec-mb-1.1.ebuild |  54 +++++++++

16

 .../intel-ipsec-mb/intel-ipsec-mb-9999.ebuild      |  54 +++++++++

17

 app-crypt/intel-ipsec-mb/metadata.xml              |  13 +++

18

 5 files changed, 244 insertions(+)

19

20

diff --git a/app-crypt/intel-ipsec-mb/Manifest b/app-crypt/intel-ipsec-mb/Manifest

21

new file mode 100644

22

index 000000000..3120cdfa8

23

--- /dev/null

24

+++ b/app-crypt/intel-ipsec-mb/Manifest

25

@@ -0,0 +1 @@

26

+DIST intel-ipsec-mb-1.1.tar.gz 1227915 BLAKE2B 56d104c2bcebd4a8125d64362c14603b7005c8ef0978d4039da3128f06fbba7f469ac8df23e3315b9f3fe33c392804fd718a533edd34e4a545f767a1c2e2fd60 SHA512 aca5863d36b333c4c896549074242fb4c2c0a4d6598b27baa794944436527bdd6e1a5dbca9d39e0c3a89e61d7d175adcf5bf6c6cbdffd0a43bca1fea0be42ebe

27

28

diff --git a/app-crypt/intel-ipsec-mb/files/intel-ipsec-mb-1.1_remove-werror-and-O3.patch b/app-crypt/intel-ipsec-mb/files/intel-ipsec-mb-1.1_remove-werror-and-O3.patch

29

new file mode 100644

30

index 000000000..64868c264

31

--- /dev/null

32

+++ b/app-crypt/intel-ipsec-mb/files/intel-ipsec-mb-1.1_remove-werror-and-O3.patch

33

@@ -0,0 +1,122 @@

34

+diff --git a/lib/Makefile b/lib/Makefile

35

+index 065d2c1..2bc3a03 100644

36

+--- a/lib/Makefile

37

++++ b/lib/Makefile

38

+@@ -112,10 +112,10 @@ YASM_INCLUDES := $(foreach i,$(ASM_INCLUDE_DIRS),-I $i)

39

+ NASM_INCLUDES := $(foreach i,$(ASM_INCLUDE_DIRS),-I$i/)

40

+ ifneq ($(MINGW),0)

41

+ YASM_FLAGS := -f x64 -f win64 -X gnu -g dwarf2 -DWIN_ABI $(YASM_INCLUDES)

42

+-NASM_FLAGS := -Werror -fwin64 -Xvc -gcv8 -DWIN_ABI $(NASM_INCLUDES)

43

++NASM_FLAGS := -fwin64 -Xvc -gcv8 -DWIN_ABI $(NASM_INCLUDES)

44

+ else

45

+ YASM_FLAGS := -f x64 -f elf64 -X gnu -g dwarf2 -DLINUX -D__linux__ $(YASM_INCLUDES)

46

+-NASM_FLAGS := -Werror -felf64 -Xgnu -gdwarf -DLINUX -D__linux__ $(NASM_INCLUDES)

47

++NASM_FLAGS := -felf64 -Xgnu -gdwarf -DLINUX -D__linux__ $(NASM_INCLUDES)

48

+ endif

49

+

50

+ DEBUG_OPT ?= -O0

51

+@@ -153,7 +153,6 @@ endif

52

+

53

+ # prevent SIMD optimizations for non-aesni modules

54

+ CFLAGS_NO_SIMD = $(CFLAGS) -O1

55

+-CFLAGS += $(OPT)

56

+

57

+ # Set generic architectural optimizations

58

+ OPT_X86 := -msse4.2

59

+@@ -696,7 +695,7 @@ install: $(LIB_DIR)/$(LIBNAME)

60

+ 	install -m 0444 $(MAN2) $(MAN_DIR)

61

+ 	install -d $(LIB_INSTALL_DIR)

62

+ ifeq ($(SHARED),y)

63

+-	install -s -m $(LIBPERM) $(LIB_DIR)/$(LIBNAME) $(LIB_INSTALL_DIR)

64

++	install -m $(LIBPERM) $(LIB_DIR)/$(LIBNAME) $(LIB_INSTALL_DIR)

65

+ else

66

+ 	# must not strip symbol table for static libs

67

+ 	install -m $(LIBPERM) $(LIB_DIR)/$(LIBNAME) $(LIB_INSTALL_DIR)

68

+diff --git a/lib/win_x64.mak b/lib/win_x64.mak

69

+index a71d715..c5f07dc 100644

70

+--- a/lib/win_x64.mak

71

++++ b/lib/win_x64.mak

72

+@@ -110,7 +110,7 @@ LINK_TOOL = link

73

+ LINKFLAGS = $(DLFLAGS) /nologo /machine:X64

74

+

75

+ AS = nasm

76

+-AFLAGS = $(DAFLAGS) -Werror -fwin64 -Xvc -DWIN_ABI -Iinclude/ \

77

++AFLAGS = $(DAFLAGS) -fwin64 -Xvc -DWIN_ABI -Iinclude/ \

78

+ 	-I./ -Iavx/ -Iavx2/ -Iavx512/ -Isse/

79

+

80

+ # dependency

81

+diff --git a/perf/Makefile b/perf/Makefile

82

+index 2f578fe..bdae07a 100644

83

+--- a/perf/Makefile

84

++++ b/perf/Makefile

85

+@@ -40,9 +40,9 @@ CFLAGS = -D_GNU_SOURCE -DNO_COMPAT_IMB_API_053 $(INCLUDES) \

86

+

87

+ ifeq ($(MINGW),0)

88

+ CFLAGS += -DLINUX

89

+-NASM_FLAGS := -Werror -felf64 -Xgnu -gdwarf -DLINUX -D__linux__

90

++NASM_FLAGS := -felf64 -Xgnu -gdwarf -DLINUX -D__linux__

91

+ else

92

+-NASM_FLAGS := -Werror -fwin64 -Xvc -gcv8 -DWIN_ABI

93

++NASM_FLAGS := -fwin64 -Xvc -gcv8 -DWIN_ABI

94

+ endif

95

+

96

+ # if "-z ibt" is supported then assume "-z shstk, -z cet-report=error" are also supported

97

+@@ -57,7 +57,7 @@ CFLAGS += -fcf-protection=full

98

+ endif

99

+

100

+ ifeq ($(MINGW),0)

101

+-LDFLAGS = -fPIE -z noexecstack -z relro -z now -pthread

102

++LDFLAGS += -fPIE -z noexecstack -z relro -z now -pthread

103

+ endif

104

+ ifeq ($(CC_HAS_CET),1)

105

+ LDFLAGS += -fcf-protection=full -Wl,-z,ibt -Wl,-z,shstk -Wl,-z,cet-report=error

106

+diff --git a/perf/win_x64.mak b/perf/win_x64.mak

107

+index a388ff5..71e5f24 100644

108

+--- a/perf/win_x64.mak

109

++++ b/perf/win_x64.mak

110

+@@ -68,7 +68,7 @@ LNK = link

111

+ LFLAGS = /out:$(APP).exe $(DLFLAGS)

112

+

113

+ AS = nasm

114

+-AFLAGS = -Werror -fwin64 -Xvc -DWIN_ABI

115

++AFLAGS = -fwin64 -Xvc -DWIN_ABI

116

+

117

+ OBJECTS = ipsec_perf.obj msr.obj misc.obj

118

+

119

+diff --git a/test/Makefile b/test/Makefile

120

+index 93bae06..22fef57 100644

121

+--- a/test/Makefile

122

++++ b/test/Makefile

123

+@@ -60,15 +60,15 @@ endif

124

+ YASM_FLAGS := -f x64 -f elf64 -X gnu -g dwarf2 -DLINUX -D__linux__

125

+ ifeq ($(MINGW),0)

126

+ CFLAGS += -DLINUX

127

+-NASM_FLAGS := -Werror -felf64 -Xgnu -gdwarf -DLINUX -D__linux__

128

++NASM_FLAGS := -felf64 -Xgnu -gdwarf -DLINUX -D__linux__

129

+ else

130

+-NASM_FLAGS := -Werror -fwin64 -Xvc -gcv8 -DWIN_ABI

131

++NASM_FLAGS := -fwin64 -Xvc -gcv8 -DWIN_ABI

132

+ endif

133

+

134

+ ifeq ($(MINGW),0)

135

+-LDFLAGS = -fPIE -z noexecstack -z relro -z now

136

++LDFLAGS += -fPIE -z noexecstack -z relro -z now

137

+ else

138

+-LDFLAGS = -fPIE

139

++LDFLAGS += -fPIE

140

+ endif

141

+

142

+ ifeq ($(CC_HAS_CET),1)

143

+diff --git a/test/win_x64.mak b/test/win_x64.mak

144

+index e28e6a7..2e564a7 100644

145

+--- a/test/win_x64.mak

146

++++ b/test/win_x64.mak

147

+@@ -67,7 +67,7 @@ TEST_LFLAGS = /out:$(TEST_APP).exe $(DLFLAGS)

148

+ XVALID_LFLAGS = /out:$(XVALID_APP).exe $(DLFLAGS)

149

+

150

+ AS = nasm

151

+-AFLAGS = -Werror -fwin64 -Xvc -DWIN_ABI

152

++AFLAGS = -fwin64 -Xvc -DWIN_ABI

153

+

154

+ # dependency

155

+ !ifndef DEPTOOL

156

157

diff --git a/app-crypt/intel-ipsec-mb/intel-ipsec-mb-1.1.ebuild b/app-crypt/intel-ipsec-mb/intel-ipsec-mb-1.1.ebuild

158

new file mode 100644

159

index 000000000..7e0f4de90

160

--- /dev/null

161

+++ b/app-crypt/intel-ipsec-mb/intel-ipsec-mb-1.1.ebuild

162

@@ -0,0 +1,54 @@

163

+# Copyright 2021 Gentoo Authors

164

+# Distributed under the terms of the GNU General Public License v2

165

+

166

+EAPI=7

167

+

168

+inherit toolchain-funcs

169

+

170

+DESCRIPTION="Multi-Buffer Crypto for IPSec from Intel"

171

+HOMEPAGE="https://github.com/intel/intel-ipsec-mb"

172

+

173

+if [[ ${PV} == 9999 ]]; then

174

+	inherit git-r3

175

+	EGIT_REPO_URI="https://github.com/intel/intel-ipsec-mb.git"

176

+else

177

+	SRC_URI="https://github.com/intel/intel-ipsec-mb/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz"

178

+	KEYWORDS="~amd64"

179

+fi

180

+

181

+LICENSE="BSD"

182

+SLOT="0"

183

+IUSE="+safe-data +safe-lookup +safe-param test"

184

+RESTRICT="!test? ( test )"

185

+

186

+BDEPEND="

187

+	>=dev-lang/nasm-2.13.03

188

+"

189

+

190

+PATCHES=( "${FILESDIR}/intel-ipsec-mb-1.1_remove-werror-and-O3.patch" )

191

+

192

+src_configure(){

193

+	tc-export CC LD AR

194

+}

195

+

196

+src_compile() {

197

+	local myconf=(

198

+		SAFE_DATA=$(usex safe-data y n)

199

+		SAFE_LOOKUP=$(usex safe-lookup y n)

200

+		SAFE_PARAM=$(usex safe-param y n)

201

+	)

202

+	emake "${myconf[@]}" EXTRA_CFLAGS="${CFLAGS}"

203

+}

204

+

205

+src_install() {

206

+	emake PREFIX="${ED}/usr" \

207

+		LIB_INSTALL_DIR="${ED}/usr/$(get_libdir)" \

208

+		MAN_DIR="${ED}/usr/share/man/man7" \

209

+		install

210

+}

211

+

212

+src_test() {

213

+	cd "${S}/test"

214

+	LD_LIBRARY_PATH=../lib ./ipsec_MB_testapp -v

215

+	LD_LIBRARY_PATH=../lib ./ipsec_xvalid_test -v

216

+}

217

218

diff --git a/app-crypt/intel-ipsec-mb/intel-ipsec-mb-9999.ebuild b/app-crypt/intel-ipsec-mb/intel-ipsec-mb-9999.ebuild

219

new file mode 100644

220

index 000000000..7e0f4de90

221

--- /dev/null

222

+++ b/app-crypt/intel-ipsec-mb/intel-ipsec-mb-9999.ebuild

223

@@ -0,0 +1,54 @@

224

+# Copyright 2021 Gentoo Authors

225

+# Distributed under the terms of the GNU General Public License v2

226

+

227

+EAPI=7

228

+

229

+inherit toolchain-funcs

230

+

231

+DESCRIPTION="Multi-Buffer Crypto for IPSec from Intel"

232

+HOMEPAGE="https://github.com/intel/intel-ipsec-mb"

233

+

234

+if [[ ${PV} == 9999 ]]; then

235

+	inherit git-r3

236

+	EGIT_REPO_URI="https://github.com/intel/intel-ipsec-mb.git"

237

+else

238

+	SRC_URI="https://github.com/intel/intel-ipsec-mb/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz"

239

+	KEYWORDS="~amd64"

240

+fi

241

+

242

+LICENSE="BSD"

243

+SLOT="0"

244

+IUSE="+safe-data +safe-lookup +safe-param test"

245

+RESTRICT="!test? ( test )"

246

+

247

+BDEPEND="

248

+	>=dev-lang/nasm-2.13.03

249

+"

250

+

251

+PATCHES=( "${FILESDIR}/intel-ipsec-mb-1.1_remove-werror-and-O3.patch" )

252

+

253

+src_configure(){

254

+	tc-export CC LD AR

255

+}

256

+

257

+src_compile() {

258

+	local myconf=(

259

+		SAFE_DATA=$(usex safe-data y n)

260

+		SAFE_LOOKUP=$(usex safe-lookup y n)

261

+		SAFE_PARAM=$(usex safe-param y n)

262

+	)

263

+	emake "${myconf[@]}" EXTRA_CFLAGS="${CFLAGS}"

264

+}

265

+

266

+src_install() {

267

+	emake PREFIX="${ED}/usr" \

268

+		LIB_INSTALL_DIR="${ED}/usr/$(get_libdir)" \

269

+		MAN_DIR="${ED}/usr/share/man/man7" \

270

+		install

271

+}

272

+

273

+src_test() {

274

+	cd "${S}/test"

275

+	LD_LIBRARY_PATH=../lib ./ipsec_MB_testapp -v

276

+	LD_LIBRARY_PATH=../lib ./ipsec_xvalid_test -v

277

+}

278

279

diff --git a/app-crypt/intel-ipsec-mb/metadata.xml b/app-crypt/intel-ipsec-mb/metadata.xml

280

new file mode 100644

281

index 000000000..515d9d259

282

--- /dev/null

283

+++ b/app-crypt/intel-ipsec-mb/metadata.xml

284

@@ -0,0 +1,13 @@

285

+<?xml version="1.0" encoding="UTF-8"?>

286

+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">

287

+<pkgmetadata>

288

+	<maintainer type="person">

289

+		<email>gentoo@×××××.cc</email>

290

+		<name>Aisha Tammy</name>

291

+	</maintainer>

292

+	<use>

293

+		<flag name="safe-data">sensitive information is cleared on completion of a function call</flag>

294

+		<flag name="safe-lookup">lookups which depend on sensitive information are implemented with constant time functions</flag>

295

+		<flag name="safe-param">input parameters are checked, looking generally for NULL pointers or an incorrect input length</flag>

296

+	</use>

297

+</pkgmetadata>

1	commit: 9dff5c48772c2e43872211b98d7d11258fd37736
2	Author: Aisha Tammy <gentoo <AT> aisha <DOT> cc>
3	AuthorDate: Thu Dec 23 14:49:03 2021 +0000
4	Commit: Aisha Tammy <gentoo <AT> aisha <DOT> cc>
5	CommitDate: Thu Dec 23 14:49:03 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=9dff5c48
7
8	app-crypt/intel-ipsec-mb: fast multi-buffer crypto for ipsec
9
10	Package-Manager: Portage-3.0.28, Repoman-3.0.3
11	Signed-off-by: Aisha Tammy <gentoo <AT> aisha.cc>
12
13	app-crypt/intel-ipsec-mb/Manifest \| 1 +
14	.../intel-ipsec-mb-1.1_remove-werror-and-O3.patch \| 122 +++++++++++++++++++++
15	app-crypt/intel-ipsec-mb/intel-ipsec-mb-1.1.ebuild \| 54 +++++++++
16	.../intel-ipsec-mb/intel-ipsec-mb-9999.ebuild \| 54 +++++++++
17	app-crypt/intel-ipsec-mb/metadata.xml \| 13 +++
18	5 files changed, 244 insertions(+)
19
20	diff --git a/app-crypt/intel-ipsec-mb/Manifest b/app-crypt/intel-ipsec-mb/Manifest
21	new file mode 100644
22	index 000000000..3120cdfa8
23	--- /dev/null
24	+++ b/app-crypt/intel-ipsec-mb/Manifest
25	@@ -0,0 +1 @@
26	+DIST intel-ipsec-mb-1.1.tar.gz 1227915 BLAKE2B 56d104c2bcebd4a8125d64362c14603b7005c8ef0978d4039da3128f06fbba7f469ac8df23e3315b9f3fe33c392804fd718a533edd34e4a545f767a1c2e2fd60 SHA512 aca5863d36b333c4c896549074242fb4c2c0a4d6598b27baa794944436527bdd6e1a5dbca9d39e0c3a89e61d7d175adcf5bf6c6cbdffd0a43bca1fea0be42ebe
27
28	diff --git a/app-crypt/intel-ipsec-mb/files/intel-ipsec-mb-1.1_remove-werror-and-O3.patch b/app-crypt/intel-ipsec-mb/files/intel-ipsec-mb-1.1_remove-werror-and-O3.patch
29	new file mode 100644
30	index 000000000..64868c264
31	--- /dev/null
32	+++ b/app-crypt/intel-ipsec-mb/files/intel-ipsec-mb-1.1_remove-werror-and-O3.patch
33	@@ -0,0 +1,122 @@
34	+diff --git a/lib/Makefile b/lib/Makefile
35	+index 065d2c1..2bc3a03 100644
36	+--- a/lib/Makefile
37	++++ b/lib/Makefile
38	+@@ -112,10 +112,10 @@ YASM_INCLUDES := $(foreach i,$(ASM_INCLUDE_DIRS),-I $i)
39	+ NASM_INCLUDES := $(foreach i,$(ASM_INCLUDE_DIRS),-I$i/)
40	+ ifneq ($(MINGW),0)
41	+ YASM_FLAGS := -f x64 -f win64 -X gnu -g dwarf2 -DWIN_ABI $(YASM_INCLUDES)
42	+-NASM_FLAGS := -Werror -fwin64 -Xvc -gcv8 -DWIN_ABI $(NASM_INCLUDES)
43	++NASM_FLAGS := -fwin64 -Xvc -gcv8 -DWIN_ABI $(NASM_INCLUDES)
44	+ else
45	+ YASM_FLAGS := -f x64 -f elf64 -X gnu -g dwarf2 -DLINUX -D__linux__ $(YASM_INCLUDES)
46	+-NASM_FLAGS := -Werror -felf64 -Xgnu -gdwarf -DLINUX -D__linux__ $(NASM_INCLUDES)
47	++NASM_FLAGS := -felf64 -Xgnu -gdwarf -DLINUX -D__linux__ $(NASM_INCLUDES)
48	+ endif
49	+
50	+ DEBUG_OPT ?= -O0
51	+@@ -153,7 +153,6 @@ endif
52	+
53	+ # prevent SIMD optimizations for non-aesni modules
54	+ CFLAGS_NO_SIMD = $(CFLAGS) -O1
55	+-CFLAGS += $(OPT)
56	+
57	+ # Set generic architectural optimizations
58	+ OPT_X86 := -msse4.2
59	+@@ -696,7 +695,7 @@ install: $(LIB_DIR)/$(LIBNAME)
60	+ install -m 0444 $(MAN2) $(MAN_DIR)
61	+ install -d $(LIB_INSTALL_DIR)
62	+ ifeq ($(SHARED),y)
63	+- install -s -m $(LIBPERM) $(LIB_DIR)/$(LIBNAME) $(LIB_INSTALL_DIR)
64	++ install -m $(LIBPERM) $(LIB_DIR)/$(LIBNAME) $(LIB_INSTALL_DIR)
65	+ else
66	+ # must not strip symbol table for static libs
67	+ install -m $(LIBPERM) $(LIB_DIR)/$(LIBNAME) $(LIB_INSTALL_DIR)
68	+diff --git a/lib/win_x64.mak b/lib/win_x64.mak
69	+index a71d715..c5f07dc 100644
70	+--- a/lib/win_x64.mak
71	++++ b/lib/win_x64.mak
72	+@@ -110,7 +110,7 @@ LINK_TOOL = link
73	+ LINKFLAGS = $(DLFLAGS) /nologo /machine:X64
74	+
75	+ AS = nasm
76	+-AFLAGS = $(DAFLAGS) -Werror -fwin64 -Xvc -DWIN_ABI -Iinclude/ \
77	++AFLAGS = $(DAFLAGS) -fwin64 -Xvc -DWIN_ABI -Iinclude/ \
78	+ -I./ -Iavx/ -Iavx2/ -Iavx512/ -Isse/
79	+
80	+ # dependency
81	+diff --git a/perf/Makefile b/perf/Makefile
82	+index 2f578fe..bdae07a 100644
83	+--- a/perf/Makefile
84	++++ b/perf/Makefile
85	+@@ -40,9 +40,9 @@ CFLAGS = -D_GNU_SOURCE -DNO_COMPAT_IMB_API_053 $(INCLUDES) \
86	+
87	+ ifeq ($(MINGW),0)
88	+ CFLAGS += -DLINUX
89	+-NASM_FLAGS := -Werror -felf64 -Xgnu -gdwarf -DLINUX -D__linux__
90	++NASM_FLAGS := -felf64 -Xgnu -gdwarf -DLINUX -D__linux__
91	+ else
92	+-NASM_FLAGS := -Werror -fwin64 -Xvc -gcv8 -DWIN_ABI
93	++NASM_FLAGS := -fwin64 -Xvc -gcv8 -DWIN_ABI
94	+ endif
95	+
96	+ # if "-z ibt" is supported then assume "-z shstk, -z cet-report=error" are also supported
97	+@@ -57,7 +57,7 @@ CFLAGS += -fcf-protection=full
98	+ endif
99	+
100	+ ifeq ($(MINGW),0)
101	+-LDFLAGS = -fPIE -z noexecstack -z relro -z now -pthread
102	++LDFLAGS += -fPIE -z noexecstack -z relro -z now -pthread
103	+ endif
104	+ ifeq ($(CC_HAS_CET),1)
105	+ LDFLAGS += -fcf-protection=full -Wl,-z,ibt -Wl,-z,shstk -Wl,-z,cet-report=error
106	+diff --git a/perf/win_x64.mak b/perf/win_x64.mak
107	+index a388ff5..71e5f24 100644
108	+--- a/perf/win_x64.mak
109	++++ b/perf/win_x64.mak
110	+@@ -68,7 +68,7 @@ LNK = link
111	+ LFLAGS = /out:$(APP).exe $(DLFLAGS)
112	+
113	+ AS = nasm
114	+-AFLAGS = -Werror -fwin64 -Xvc -DWIN_ABI
115	++AFLAGS = -fwin64 -Xvc -DWIN_ABI
116	+
117	+ OBJECTS = ipsec_perf.obj msr.obj misc.obj
118	+
119	+diff --git a/test/Makefile b/test/Makefile
120	+index 93bae06..22fef57 100644
121	+--- a/test/Makefile
122	++++ b/test/Makefile
123	+@@ -60,15 +60,15 @@ endif
124	+ YASM_FLAGS := -f x64 -f elf64 -X gnu -g dwarf2 -DLINUX -D__linux__
125	+ ifeq ($(MINGW),0)
126	+ CFLAGS += -DLINUX
127	+-NASM_FLAGS := -Werror -felf64 -Xgnu -gdwarf -DLINUX -D__linux__
128	++NASM_FLAGS := -felf64 -Xgnu -gdwarf -DLINUX -D__linux__
129	+ else
130	+-NASM_FLAGS := -Werror -fwin64 -Xvc -gcv8 -DWIN_ABI
131	++NASM_FLAGS := -fwin64 -Xvc -gcv8 -DWIN_ABI
132	+ endif
133	+
134	+ ifeq ($(MINGW),0)
135	+-LDFLAGS = -fPIE -z noexecstack -z relro -z now
136	++LDFLAGS += -fPIE -z noexecstack -z relro -z now
137	+ else
138	+-LDFLAGS = -fPIE
139	++LDFLAGS += -fPIE
140	+ endif
141	+
142	+ ifeq ($(CC_HAS_CET),1)
143	+diff --git a/test/win_x64.mak b/test/win_x64.mak
144	+index e28e6a7..2e564a7 100644
145	+--- a/test/win_x64.mak
146	++++ b/test/win_x64.mak
147	+@@ -67,7 +67,7 @@ TEST_LFLAGS = /out:$(TEST_APP).exe $(DLFLAGS)
148	+ XVALID_LFLAGS = /out:$(XVALID_APP).exe $(DLFLAGS)
149	+
150	+ AS = nasm
151	+-AFLAGS = -Werror -fwin64 -Xvc -DWIN_ABI
152	++AFLAGS = -fwin64 -Xvc -DWIN_ABI
153	+
154	+ # dependency
155	+ !ifndef DEPTOOL
156
157	diff --git a/app-crypt/intel-ipsec-mb/intel-ipsec-mb-1.1.ebuild b/app-crypt/intel-ipsec-mb/intel-ipsec-mb-1.1.ebuild
158	new file mode 100644
159	index 000000000..7e0f4de90
160	--- /dev/null
161	+++ b/app-crypt/intel-ipsec-mb/intel-ipsec-mb-1.1.ebuild
162	@@ -0,0 +1,54 @@
163	+# Copyright 2021 Gentoo Authors
164	+# Distributed under the terms of the GNU General Public License v2
165	+
166	+EAPI=7
167	+
168	+inherit toolchain-funcs
169	+
170	+DESCRIPTION="Multi-Buffer Crypto for IPSec from Intel"
171	+HOMEPAGE="https://github.com/intel/intel-ipsec-mb"
172	+
173	+if [[ ${PV} == 9999 ]]; then
174	+ inherit git-r3
175	+ EGIT_REPO_URI="https://github.com/intel/intel-ipsec-mb.git"
176	+else
177	+ SRC_URI="https://github.com/intel/intel-ipsec-mb/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz"
178	+ KEYWORDS="~amd64"
179	+fi
180	+
181	+LICENSE="BSD"
182	+SLOT="0"
183	+IUSE="+safe-data +safe-lookup +safe-param test"
184	+RESTRICT="!test? ( test )"
185	+
186	+BDEPEND="
187	+ >=dev-lang/nasm-2.13.03
188	+"
189	+
190	+PATCHES=( "${FILESDIR}/intel-ipsec-mb-1.1_remove-werror-and-O3.patch" )
191	+
192	+src_configure(){
193	+ tc-export CC LD AR
194	+}
195	+
196	+src_compile() {
197	+ local myconf=(
198	+ SAFE_DATA=$(usex safe-data y n)
199	+ SAFE_LOOKUP=$(usex safe-lookup y n)
200	+ SAFE_PARAM=$(usex safe-param y n)
201	+ )
202	+ emake "${myconf[@]}" EXTRA_CFLAGS="${CFLAGS}"
203	+}
204	+
205	+src_install() {
206	+ emake PREFIX="${ED}/usr" \
207	+ LIB_INSTALL_DIR="${ED}/usr/$(get_libdir)" \
208	+ MAN_DIR="${ED}/usr/share/man/man7" \
209	+ install
210	+}
211	+
212	+src_test() {
213	+ cd "${S}/test"
214	+ LD_LIBRARY_PATH=../lib ./ipsec_MB_testapp -v
215	+ LD_LIBRARY_PATH=../lib ./ipsec_xvalid_test -v
216	+}
217
218	diff --git a/app-crypt/intel-ipsec-mb/intel-ipsec-mb-9999.ebuild b/app-crypt/intel-ipsec-mb/intel-ipsec-mb-9999.ebuild
219	new file mode 100644
220	index 000000000..7e0f4de90
221	--- /dev/null
222	+++ b/app-crypt/intel-ipsec-mb/intel-ipsec-mb-9999.ebuild
223	@@ -0,0 +1,54 @@
224	+# Copyright 2021 Gentoo Authors
225	+# Distributed under the terms of the GNU General Public License v2
226	+
227	+EAPI=7
228	+
229	+inherit toolchain-funcs
230	+
231	+DESCRIPTION="Multi-Buffer Crypto for IPSec from Intel"
232	+HOMEPAGE="https://github.com/intel/intel-ipsec-mb"
233	+
234	+if [[ ${PV} == 9999 ]]; then
235	+ inherit git-r3
236	+ EGIT_REPO_URI="https://github.com/intel/intel-ipsec-mb.git"
237	+else
238	+ SRC_URI="https://github.com/intel/intel-ipsec-mb/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz"
239	+ KEYWORDS="~amd64"
240	+fi
241	+
242	+LICENSE="BSD"
243	+SLOT="0"
244	+IUSE="+safe-data +safe-lookup +safe-param test"
245	+RESTRICT="!test? ( test )"
246	+
247	+BDEPEND="
248	+ >=dev-lang/nasm-2.13.03
249	+"
250	+
251	+PATCHES=( "${FILESDIR}/intel-ipsec-mb-1.1_remove-werror-and-O3.patch" )
252	+
253	+src_configure(){
254	+ tc-export CC LD AR
255	+}
256	+
257	+src_compile() {
258	+ local myconf=(
259	+ SAFE_DATA=$(usex safe-data y n)
260	+ SAFE_LOOKUP=$(usex safe-lookup y n)
261	+ SAFE_PARAM=$(usex safe-param y n)
262	+ )
263	+ emake "${myconf[@]}" EXTRA_CFLAGS="${CFLAGS}"
264	+}
265	+
266	+src_install() {
267	+ emake PREFIX="${ED}/usr" \
268	+ LIB_INSTALL_DIR="${ED}/usr/$(get_libdir)" \
269	+ MAN_DIR="${ED}/usr/share/man/man7" \
270	+ install
271	+}
272	+
273	+src_test() {
274	+ cd "${S}/test"
275	+ LD_LIBRARY_PATH=../lib ./ipsec_MB_testapp -v
276	+ LD_LIBRARY_PATH=../lib ./ipsec_xvalid_test -v
277	+}
278
279	diff --git a/app-crypt/intel-ipsec-mb/metadata.xml b/app-crypt/intel-ipsec-mb/metadata.xml
280	new file mode 100644
281	index 000000000..515d9d259
282	--- /dev/null
283	+++ b/app-crypt/intel-ipsec-mb/metadata.xml
284	@@ -0,0 +1,13 @@
285	+<?xml version="1.0" encoding="UTF-8"?>
286	+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
287	+<pkgmetadata>
288	+ <maintainer type="person">
289	+ <email>gentoo@×××××.cc</email>
290	+ <name>Aisha Tammy</name>
291	+ </maintainer>
292	+ <use>
293	+ <flag name="safe-data">sensitive information is cleared on completion of a function call</flag>
294	+ <flag name="safe-lookup">lookups which depend on sensitive information are implemented with constant time functions</flag>
295	+ <flag name="safe-param">input parameters are checked, looking generally for NULL pointers or an incorrect input length</flag>
296	+ </use>
297	+</pkgmetadata>

Gentoo Archives: gentoo-commits