Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Yixun Lan <dlan@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: app-emulation/xen/
Date: Wed, 05 Oct 2016 09:48:53
Message-Id: 1475660921.0e3fdafda4b8c744aa48bedbf658c6a3766fb384.dlan@gentoo
1 commit: 0e3fdafda4b8c744aa48bedbf658c6a3766fb384
2 Author: Yixun Lan <dlan <AT> gentoo <DOT> org>
3 AuthorDate: Wed Oct 5 09:44:51 2016 +0000
4 Commit: Yixun Lan <dlan <AT> gentoo <DOT> org>
5 CommitDate: Wed Oct 5 09:48:41 2016 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0e3fdafd
7
8 app-emulation/xen: fix XSA-190
9
10 Gentoo-Bug: 594850
11
12 Package-Manager: portage-2.3.1
13
14 app-emulation/xen/Manifest | 1 +
15 app-emulation/xen/xen-4.6.3-r3.ebuild | 193 ++++++++++++++++++++++++++++++++++
16 app-emulation/xen/xen-4.7.0-r3.ebuild | 193 ++++++++++++++++++++++++++++++++++
17 3 files changed, 387 insertions(+)
18
19 diff --git a/app-emulation/xen/Manifest b/app-emulation/xen/Manifest
20 index 66454f5..0e44681 100644
21 --- a/app-emulation/xen/Manifest
22 +++ b/app-emulation/xen/Manifest
23 @@ -3,3 +3,4 @@ DIST xen-4.6.3.tar.gz 19707041 SHA256 02badfce9a037bd1bd4a94210c1f6b85467746216c
24 DIST xen-4.7.0-upstream-patches-0.tar.xz 24560 SHA256 3d24ff56a6a21cf91982ae7106bc5c55c8443d8398479778452e48d17903aa16 SHA512 934b81c21c4e13fee5fe4e02ef439f47df76d1ade3caf7adeec1e0144d2546fe3802cce0f715294789d393336740fc12b21fb2127b7edfb548497221b5b40f12 WHIRLPOOL c67bf8139b0f2baf84b8c0ecff3726eeaf10f3f1cada6e3ad9a8cd92cd356bd7adc38f60f5835b7525786899bcd0c94c89700a958ea63bf0aff9f7139642154d
25 DIST xen-4.7.0.tar.gz 20702550 SHA256 be5876144d49729572ae06142e0bb93f1c1f2695578141eff2931995add24623 SHA512 2c52c8ef145dfab7d069e79318d5d631e1106a0ddc79d88b3bacf36c7f15cea67dccb704a245e785d2a1e42c6fb6c0ad74832f564aaeec025ad7b864031f0921 WHIRLPOOL 9725ac9fe94e78aab47b0534b5ee1a190106a773bf7d6204fed736abe7069b71937717b6680833736bd02a3a3a43f2eb2162fe7c0d992ddd47d12158b5d9835f
26 DIST xen-security-patches-15.tar.xz 5572 SHA256 60577d213ecde0734c2b49f75f56ce9895ad281e40329aff7a12a5d78035f105 SHA512 73c14edab07a61d2c98566dc12f10e710c0406f3dfd8d335a69413206638ff9e988a54cc822eaa64b0ef3128f66a135a85c2454d3fa67e29945f994783da8a52 WHIRLPOOL 3d6c9d22e67ba82de7d4a694c247a4e7063433e8f2d53821ec1b8c88e0a452645ecbb5959f81d1f4f7f0e7715419fa253f69c2df7a7435806dfbb0eea4012632
27 +DIST xen-security-patches-16.tar.xz 7368 SHA256 3301514f20cc106f75ad84a2352f573b8d807ddeedfc57d2d5fda8c13e63bc1b SHA512 5d83107ce9972e8ab4c2aa3e6285c3cfae04b11768b7d55baf9cbe4a63fdf5175a0bbb7685641df15af4f98d6d095ff2b35b7c9fd6be6355a777547d8106874c WHIRLPOOL 3747b209ca1fead0dc7e791caed040e033b52933695e190d97bbd3f4abba957dbfaafc84e11a7f51aeb45bad3884d8b341d136351db145985f27b152aa25aa79
28
29 diff --git a/app-emulation/xen/xen-4.6.3-r3.ebuild b/app-emulation/xen/xen-4.6.3-r3.ebuild
30 new file mode 100644
31 index 00000000..f6087d2
32 --- /dev/null
33 +++ b/app-emulation/xen/xen-4.6.3-r3.ebuild
34 @@ -0,0 +1,193 @@
35 +# Copyright 1999-2016 Gentoo Foundation
36 +# Distributed under the terms of the GNU General Public License v2
37 +# $Id$
38 +
39 +EAPI=5
40 +
41 +PYTHON_COMPAT=( python2_7 )
42 +
43 +inherit eutils multilib mount-boot flag-o-matic python-any-r1 toolchain-funcs
44 +
45 +MY_PV=${PV/_/-}
46 +MY_P=${PN}-${PV/_/-}
47 +
48 +if [[ $PV == *9999 ]]; then
49 + inherit git-r3
50 + KEYWORDS=""
51 + EGIT_REPO_URI="git://xenbits.xen.org/xen.git"
52 + SRC_URI=""
53 +else
54 + KEYWORDS="~amd64 ~arm -x86"
55 + UPSTREAM_VER=0
56 + SECURITY_VER=16
57 + GENTOO_VER=
58 +
59 + [[ -n ${UPSTREAM_VER} ]] && \
60 + UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz"
61 + [[ -n ${SECURITY_VER} ]] && \
62 + SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-security-patches-${SECURITY_VER}.tar.xz"
63 + [[ -n ${GENTOO_VER} ]] && \
64 + GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-gentoo-patches-${GENTOO_VER}.tar.xz"
65 + SRC_URI="http://bits.xensource.com/oss-xen/release/${MY_PV}/${MY_P}.tar.gz
66 + ${UPSTREAM_PATCHSET_URI}
67 + ${SECURITY_PATCHSET_URI}
68 + ${GENTOO_PATCHSET_URI}"
69 +fi
70 +
71 +DESCRIPTION="The Xen virtual machine monitor"
72 +HOMEPAGE="http://xen.org/"
73 +LICENSE="GPL-2"
74 +SLOT="0"
75 +IUSE="custom-cflags debug efi flask"
76 +
77 +DEPEND="${PYTHON_DEPS}
78 + efi? ( >=sys-devel/binutils-2.22[multitarget] )
79 + !efi? ( >=sys-devel/binutils-2.22 )"
80 +RDEPEND=""
81 +PDEPEND="~app-emulation/xen-tools-${PV}"
82 +
83 +# no tests are available for the hypervisor
84 +# prevent the silliness of /usr/lib/debug/usr/lib/debug files
85 +# prevent stripping of the debug info from the /usr/lib/debug/xen-syms
86 +RESTRICT="test splitdebug strip"
87 +
88 +# Approved by QA team in bug #144032
89 +QA_WX_LOAD="boot/xen-syms-${PV}"
90 +
91 +REQUIRED_USE="arm? ( debug )"
92 +
93 +S="${WORKDIR}/${MY_P}"
94 +
95 +pkg_setup() {
96 + python-any-r1_pkg_setup
97 + if [[ -z ${XEN_TARGET_ARCH} ]]; then
98 + if use amd64; then
99 + export XEN_TARGET_ARCH="x86_64"
100 + elif use arm; then
101 + export XEN_TARGET_ARCH="arm32"
102 + elif use arm64; then
103 + export XEN_TARGET_ARCH="arm64"
104 + else
105 + die "Unsupported architecture!"
106 + fi
107 + fi
108 +
109 + if use flask ; then
110 + export "XSM_ENABLE=y"
111 + export "FLASK_ENABLE=y"
112 + fi
113 +}
114 +
115 +src_prepare() {
116 + # Upstream's patchset
117 + if [[ -n ${UPSTREAM_VER} ]]; then
118 + EPATCH_SUFFIX="patch" \
119 + EPATCH_FORCE="yes" \
120 + EPATCH_OPTS="-p1" \
121 + epatch "${WORKDIR}"/patches-upstream
122 + fi
123 +
124 + # Security patchset
125 + if [[ -n ${SECURITY_VER} ]]; then
126 + einfo "Try to apply Xen Security patch set"
127 + # apply main xen patches
128 + # Two parallel systems, both work side by side
129 + # Over time they may concdense into one. This will suffice for now
130 + EPATCH_SUFFIX="patch"
131 + EPATCH_FORCE="yes"
132 +
133 + source "${WORKDIR}"/patches-security/${PV}.conf
134 +
135 + for i in ${XEN_SECURITY_MAIN}; do
136 + epatch "${WORKDIR}"/patches-security/xen/$i
137 + done
138 + fi
139 +
140 + # Gentoo's patchset
141 + if [[ -n ${GENTOO_VER} ]]; then
142 + EPATCH_SUFFIX="patch" \
143 + EPATCH_FORCE="yes" \
144 + epatch "${WORKDIR}"/patches-gentoo
145 + fi
146 +
147 + epatch "${FILESDIR}"/${PN}-4.6-efi.patch
148 +
149 + # Drop .config
150 + sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk || die "Couldn't drop"
151 +
152 + if use efi; then
153 + export EFI_VENDOR="gentoo"
154 + export EFI_MOUNTPOINT="boot"
155 + fi
156 +
157 + # if the user *really* wants to use their own custom-cflags, let them
158 + if use custom-cflags; then
159 + einfo "User wants their own CFLAGS - removing defaults"
160 + # try and remove all the default custom-cflags
161 + find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \
162 + -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \
163 + -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \
164 + -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \
165 + -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \
166 + -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \
167 + -i {} \; || die "failed to re-set custom-cflags"
168 + fi
169 +
170 + # remove -Werror for gcc-4.6's sake
171 + find "${S}" -name 'Makefile*' -o -name '*.mk' -o -name 'common.make' | \
172 + xargs sed -i 's/ *-Werror */ /'
173 + # not strictly necessary to fix this
174 + sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py"
175 +
176 + # Bug #575868 converted to a sed statement, typo of one char
177 + sed -e "s:granter’s:granter's:" -i xen/include/public/grant_table.h || die
178 +
179 + epatch_user
180 +}
181 +
182 +src_configure() {
183 + use arm && myopt="${myopt} CONFIG_EARLY_PRINTK=sun7i"
184 +
185 + use debug && myopt="${myopt} debug=y"
186 +
187 + if use custom-cflags; then
188 + filter-flags -fPIE -fstack-protector
189 + replace-flags -O3 -O2
190 + else
191 + unset CFLAGS
192 + unset LDFLAGS
193 + unset ASFLAGS
194 + fi
195 +}
196 +
197 +src_compile() {
198 + # Send raw LDFLAGS so that --as-needed works
199 + emake V=1 CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt}
200 +}
201 +
202 +src_install() {
203 + local myopt
204 + use debug && myopt="${myopt} debug=y"
205 +
206 + # The 'make install' doesn't 'mkdir -p' the subdirs
207 + if use efi; then
208 + mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die
209 + fi
210 +
211 + emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install
212 +
213 + # make install likes to throw in some extra EFI bits if it built
214 + use efi || rm -rf "${D}/usr/$(get_libdir)/efi"
215 +}
216 +
217 +pkg_postinst() {
218 + elog "Official Xen Guide and the unoffical wiki page:"
219 + elog " https://wiki.gentoo.org/wiki/Xen"
220 + elog " http://en.gentoo-wiki.com/wiki/Xen/"
221 +
222 + use efi && einfo "The efi executable is installed in boot/efi/gentoo"
223 +
224 + elog "You can optionally block the installation of /boot/xen-syms by an entry"
225 + elog "in folder /etc/portage/env using the portage's feature INSTALL_MASK"
226 + elog "e.g. echo ${msg} > /etc/portage/env/xen.conf"
227 +}
228
229 diff --git a/app-emulation/xen/xen-4.7.0-r3.ebuild b/app-emulation/xen/xen-4.7.0-r3.ebuild
230 new file mode 100644
231 index 00000000..f6087d2
232 --- /dev/null
233 +++ b/app-emulation/xen/xen-4.7.0-r3.ebuild
234 @@ -0,0 +1,193 @@
235 +# Copyright 1999-2016 Gentoo Foundation
236 +# Distributed under the terms of the GNU General Public License v2
237 +# $Id$
238 +
239 +EAPI=5
240 +
241 +PYTHON_COMPAT=( python2_7 )
242 +
243 +inherit eutils multilib mount-boot flag-o-matic python-any-r1 toolchain-funcs
244 +
245 +MY_PV=${PV/_/-}
246 +MY_P=${PN}-${PV/_/-}
247 +
248 +if [[ $PV == *9999 ]]; then
249 + inherit git-r3
250 + KEYWORDS=""
251 + EGIT_REPO_URI="git://xenbits.xen.org/xen.git"
252 + SRC_URI=""
253 +else
254 + KEYWORDS="~amd64 ~arm -x86"
255 + UPSTREAM_VER=0
256 + SECURITY_VER=16
257 + GENTOO_VER=
258 +
259 + [[ -n ${UPSTREAM_VER} ]] && \
260 + UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz"
261 + [[ -n ${SECURITY_VER} ]] && \
262 + SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-security-patches-${SECURITY_VER}.tar.xz"
263 + [[ -n ${GENTOO_VER} ]] && \
264 + GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-gentoo-patches-${GENTOO_VER}.tar.xz"
265 + SRC_URI="http://bits.xensource.com/oss-xen/release/${MY_PV}/${MY_P}.tar.gz
266 + ${UPSTREAM_PATCHSET_URI}
267 + ${SECURITY_PATCHSET_URI}
268 + ${GENTOO_PATCHSET_URI}"
269 +fi
270 +
271 +DESCRIPTION="The Xen virtual machine monitor"
272 +HOMEPAGE="http://xen.org/"
273 +LICENSE="GPL-2"
274 +SLOT="0"
275 +IUSE="custom-cflags debug efi flask"
276 +
277 +DEPEND="${PYTHON_DEPS}
278 + efi? ( >=sys-devel/binutils-2.22[multitarget] )
279 + !efi? ( >=sys-devel/binutils-2.22 )"
280 +RDEPEND=""
281 +PDEPEND="~app-emulation/xen-tools-${PV}"
282 +
283 +# no tests are available for the hypervisor
284 +# prevent the silliness of /usr/lib/debug/usr/lib/debug files
285 +# prevent stripping of the debug info from the /usr/lib/debug/xen-syms
286 +RESTRICT="test splitdebug strip"
287 +
288 +# Approved by QA team in bug #144032
289 +QA_WX_LOAD="boot/xen-syms-${PV}"
290 +
291 +REQUIRED_USE="arm? ( debug )"
292 +
293 +S="${WORKDIR}/${MY_P}"
294 +
295 +pkg_setup() {
296 + python-any-r1_pkg_setup
297 + if [[ -z ${XEN_TARGET_ARCH} ]]; then
298 + if use amd64; then
299 + export XEN_TARGET_ARCH="x86_64"
300 + elif use arm; then
301 + export XEN_TARGET_ARCH="arm32"
302 + elif use arm64; then
303 + export XEN_TARGET_ARCH="arm64"
304 + else
305 + die "Unsupported architecture!"
306 + fi
307 + fi
308 +
309 + if use flask ; then
310 + export "XSM_ENABLE=y"
311 + export "FLASK_ENABLE=y"
312 + fi
313 +}
314 +
315 +src_prepare() {
316 + # Upstream's patchset
317 + if [[ -n ${UPSTREAM_VER} ]]; then
318 + EPATCH_SUFFIX="patch" \
319 + EPATCH_FORCE="yes" \
320 + EPATCH_OPTS="-p1" \
321 + epatch "${WORKDIR}"/patches-upstream
322 + fi
323 +
324 + # Security patchset
325 + if [[ -n ${SECURITY_VER} ]]; then
326 + einfo "Try to apply Xen Security patch set"
327 + # apply main xen patches
328 + # Two parallel systems, both work side by side
329 + # Over time they may concdense into one. This will suffice for now
330 + EPATCH_SUFFIX="patch"
331 + EPATCH_FORCE="yes"
332 +
333 + source "${WORKDIR}"/patches-security/${PV}.conf
334 +
335 + for i in ${XEN_SECURITY_MAIN}; do
336 + epatch "${WORKDIR}"/patches-security/xen/$i
337 + done
338 + fi
339 +
340 + # Gentoo's patchset
341 + if [[ -n ${GENTOO_VER} ]]; then
342 + EPATCH_SUFFIX="patch" \
343 + EPATCH_FORCE="yes" \
344 + epatch "${WORKDIR}"/patches-gentoo
345 + fi
346 +
347 + epatch "${FILESDIR}"/${PN}-4.6-efi.patch
348 +
349 + # Drop .config
350 + sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk || die "Couldn't drop"
351 +
352 + if use efi; then
353 + export EFI_VENDOR="gentoo"
354 + export EFI_MOUNTPOINT="boot"
355 + fi
356 +
357 + # if the user *really* wants to use their own custom-cflags, let them
358 + if use custom-cflags; then
359 + einfo "User wants their own CFLAGS - removing defaults"
360 + # try and remove all the default custom-cflags
361 + find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \
362 + -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \
363 + -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \
364 + -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \
365 + -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \
366 + -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \
367 + -i {} \; || die "failed to re-set custom-cflags"
368 + fi
369 +
370 + # remove -Werror for gcc-4.6's sake
371 + find "${S}" -name 'Makefile*' -o -name '*.mk' -o -name 'common.make' | \
372 + xargs sed -i 's/ *-Werror */ /'
373 + # not strictly necessary to fix this
374 + sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py"
375 +
376 + # Bug #575868 converted to a sed statement, typo of one char
377 + sed -e "s:granter’s:granter's:" -i xen/include/public/grant_table.h || die
378 +
379 + epatch_user
380 +}
381 +
382 +src_configure() {
383 + use arm && myopt="${myopt} CONFIG_EARLY_PRINTK=sun7i"
384 +
385 + use debug && myopt="${myopt} debug=y"
386 +
387 + if use custom-cflags; then
388 + filter-flags -fPIE -fstack-protector
389 + replace-flags -O3 -O2
390 + else
391 + unset CFLAGS
392 + unset LDFLAGS
393 + unset ASFLAGS
394 + fi
395 +}
396 +
397 +src_compile() {
398 + # Send raw LDFLAGS so that --as-needed works
399 + emake V=1 CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt}
400 +}
401 +
402 +src_install() {
403 + local myopt
404 + use debug && myopt="${myopt} debug=y"
405 +
406 + # The 'make install' doesn't 'mkdir -p' the subdirs
407 + if use efi; then
408 + mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die
409 + fi
410 +
411 + emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install
412 +
413 + # make install likes to throw in some extra EFI bits if it built
414 + use efi || rm -rf "${D}/usr/$(get_libdir)/efi"
415 +}
416 +
417 +pkg_postinst() {
418 + elog "Official Xen Guide and the unoffical wiki page:"
419 + elog " https://wiki.gentoo.org/wiki/Xen"
420 + elog " http://en.gentoo-wiki.com/wiki/Xen/"
421 +
422 + use efi && einfo "The efi executable is installed in boot/efi/gentoo"
423 +
424 + elog "You can optionally block the installation of /boot/xen-syms by an entry"
425 + elog "in folder /etc/portage/env using the portage's feature INSTALL_MASK"
426 + elog "e.g. echo ${msg} > /etc/portage/env/xen.conf"
427 +}
Report Message
Find on MARC Find on Google Groups