From 714b8fd1f09ebb9e31ee8db22d347887ac544686 Mon Sep 17 00:00:00 2001 From: Ian Delaney Date: Fri, 6 Dec 2013 14:13:33 +0000 Subject: revbumps; add sec XSA-82.patch, remove old Package-Manager: portage-2.2.0/cvs/Linux x86_64 Manifest-Sign-Key: 0xB8072B0D --- app-emulation/xen/ChangeLog | 10 +- app-emulation/xen/Manifest | 13 +- .../xen/files/xen-CVE-2013-6885-XSA-82.patch | 46 +++++++ app-emulation/xen/xen-4.3.0-r3.ebuild | 140 -------------------- app-emulation/xen/xen-4.3.0-r4.ebuild | 141 +++++++++++++++++++++ app-emulation/xen/xen-4.3.1-r1.ebuild | 136 ++++++++++++++++++++ app-emulation/xen/xen-4.3.1.ebuild | 135 -------------------- 7 files changed, 339 insertions(+), 282 deletions(-) create mode 100644 app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch delete mode 100644 app-emulation/xen/xen-4.3.0-r3.ebuild create mode 100644 app-emulation/xen/xen-4.3.0-r4.ebuild create mode 100644 app-emulation/xen/xen-4.3.1-r1.ebuild delete mode 100644 app-emulation/xen/xen-4.3.1.ebuild (limited to 'app-emulation/xen') diff --git a/app-emulation/xen/ChangeLog b/app-emulation/xen/ChangeLog index 01d15ec45318..5865e42dbf4c 100644 --- a/app-emulation/xen/ChangeLog +++ b/app-emulation/xen/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for app-emulation/xen # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/ChangeLog,v 1.133 2013/11/24 06:55:49 idella4 Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/ChangeLog,v 1.134 2013/12/06 14:13:04 idella4 Exp $ + +*xen-4.3.0-r4 (06 Dec 2013) +*xen-4.3.1-r1 (06 Dec 2013) + + 06 Dec 2013; Ian Delaney + +files/xen-CVE-2013-6885-XSA-82.patch, +xen-4.3.0-r4.ebuild, + +xen-4.3.1-r1.ebuild, -xen-4.3.0-r3.ebuild, -xen-4.3.1.ebuild: + revbumps; add sec XSA-82.patch, remove old *xen-4.3.1 (24 Nov 2013) diff --git a/app-emulation/xen/Manifest b/app-emulation/xen/Manifest index c1a3b0e898cb..b518fed108a5 100644 --- a/app-emulation/xen/Manifest +++ b/app-emulation/xen/Manifest @@ -27,18 +27,19 @@ AUX xen-CVE-2013-4368-XSA-67.patch 1307 SHA256 7de3ac9baa6cd9fead46e68912dfa0189 AUX xen-CVE-2013-4375-XSA-71.patch 1628 SHA256 f1ef802098be2220ec1c0e0d20ff5385d34036b8cd312001dcc0e17fbe25f8d1 SHA512 9d057827933decc046506c46e1a482424169cc8d525ac49a39b296181615a4525383851e990fd3d46995db2f8261d92dc7955354cdf6ca15db8cbb89def17c6d WHIRLPOOL d1749db3dcceb5221dad395e2caede633456a304d922070096889b4b7d8e79bcda5fe4f7c8cb3e5f1e6c9dae349ef744d98290f286cbfc3737b0ff62f198e2a8 AUX xen-CVE-2013-4494-XSA-73.patch 3723 SHA256 1c070e66d1bea3c109f22ea4db2e8828f0f4b016d51d6d88667b775eec340514 SHA512 d14be9077685aec682f2cfa23886bc430fe55d985650e5392da0988f69f242ac0fa242c84448e8203ab6dd1b44904a2f38ad9e8976a829100193a1c06efb8417 WHIRLPOOL 96a15f94eed123a5ff53193c8dcf708aa17d21b3ebe23b5fc50b7ecbdf64ed4f827252389cc15249d05041d036853053f3846b3fea3538fc8724fe828ca57bde AUX xen-CVE-2013-6375-XSA-78.patch 926 SHA256 63aeab44272c17d079c9b8e22732c8c31e767236bb0ceb73d9f6226c5ae31d35 SHA512 d6aa117c570881015bdb93efaaf386fc4f141ef012017ab0a51bd63a024f5e9eef3856243235533d46ac7b67bffd10e0913a06f65e194581a6a70cbd6a6bf5ca WHIRLPOOL 16b04f8191b2243c05541742a98dface491ebe8db47e050eb14e74352182bfd02a86867c1ad644b3cef209008cfbb5d0499073447fbef49c5de129e1bdf519d6 +AUX xen-CVE-2013-6885-XSA-82.patch 1447 SHA256 db47b9dcb2124995754e7b43d7eedb5aae5c6d2dda6d43d313751b419ffd12e7 SHA512 f62b9bf0aae1eb22a551fc98d74f5baec391589be5252d472aa9b30012f426a7302063b02ceb3bc9b3fe88c67033eb771a4112727052ed3f9b5dc9d39f47f39d WHIRLPOOL 38678c9c32bc172a675bd0351a81743b92bbf72cbd14a29cc1a7ef15b8149bd4841816425142defdebc233a2dc58281e893533053e6310173ad3a5573233d1f5 DIST xen-4.2.2.tar.gz 15602746 SHA256 c9bfe91a5e72f8545acebad9889d64368020359bfe18044c0e683133e55ae005 SHA512 4943b18016ed8c2b194a3b55e6655b3b734b39ffb8cb7ee0a0580f2f4460a1d0e92e1de8ac23f5186272914fad1650586af51fd7c3644d0310eb16f2e11c5e80 WHIRLPOOL 519eb87cb2da694696cbc3e72070a0a3bdb07c46fa266d855d8379eec3a92adfa4d434af3ac01c37834ce4a9174081a6c40030b185a70902329b185cb8d0bbea DIST xen-4.3.0.tar.gz 16425975 SHA256 e1e9faabe4886e2227aacdbde74410653b233d66642ca1972a860cbec6439961 SHA512 e6b8f64e15e48704ea5cee5585cd6151fe6a5a62bc4670caf0b762c1aa71c9598db236c637ac34c42c92c6e8a5001acdd3d9d4b9305401a26273279358f481d6 WHIRLPOOL a91f14bc6535127ab17d3867b92fb3e008089453d5ba7996fd1d0b5c6d32a881c07df320f018c928e919f28de7b4ab4757c6bdb020e0cdb7d67960d4cab9dda0 DIST xen-4.3.1.tar.gz 16429423 SHA256 3b5b7cc508b1739753585b5c25635471cdcef680e8770a78bf6ef9333d26a9fd SHA512 f5250ad5ad3defc5dc1207eb6208a3928128ef57ac4162018bd92b750dc1df1eaaf37835528aca33a0f9e04c82d5f8c4ba79c03a1780d2b72cbb90cc26f77275 WHIRLPOOL 087390786cea9aee273a5d81988436303991aa5ea92faf111d3b619517368f8c8feef84f4f8c602cac723980a344eb90414887db4ca88a2ee14bc6b0253e36ca EBUILD xen-4.2.2-r1.ebuild 3756 SHA256 2ad7f2faed080ea2e4d991d7dd902826059e4a22b444e2f1b74b5bc1e54d50a2 SHA512 c6041bf852ffa425d93134e9c08334c71e96dc9cb795c8bc7a5eb485fa46d55f5de61ff9db55d484cbe0b641d9e850e4eb7c0eefd1b021ed21a050e1e78c4177 WHIRLPOOL 86e7873cc84b01064c1e7cd46003a43104257a3f7330a1433d85ce841b658a0a35e18f9284b8520a497b408d4b5ab6ce76cb1af67fb42019b86517f4b51f2d61 -EBUILD xen-4.3.0-r3.ebuild 4044 SHA256 23b21ea42e9fe6d14e0968bb17141be17bd87ffee0d0caf6320cb762f82653b4 SHA512 bd44bdf4c9c2b1c4472efb69f301148f16017b7eba92fff21989282eda2685af9fbe4545457ffdfdb1561463c0e9516abf0a987d2b3e1f7e21da4ba6e0aa47cb WHIRLPOOL 4c9afb2a3d1b3ea0f4588449b270d440bbd5064d85c1ea00efde666c074f39a0c4dee062c75b8412b985bec2c8507a84395fd9e07493c4ea8790e7a77d15188a -EBUILD xen-4.3.1.ebuild 3787 SHA256 2389fb7a95b00fa50505851b27896b3784e02cb3a76227398eee2e934bce5c98 SHA512 d7b335bd24c91acfe6c9e62e3ea818e2d2e59da5f40b4f5fa47708199b479244f6ac0d95398a5d1fd293325df0f3e038b8f7e9a3bb460843ccbae169ec9d1802 WHIRLPOOL 49115a6dd5ac153b27c445ce8063cb36300c77c26afad18faef40d2172e87c138f3317b9497a7750d29b5e249f1a71e59620822f74d65fdd9d6f6688abce2f87 -MISC ChangeLog 24462 SHA256 e1398dfa60fc14e8bb7361c28e1513e4bbcdd3067a3992f6e81e337d6c59fdda SHA512 d159e79d208a4e4a2421e6051475a07bf5ef594e9a113b1326ee35385a89db7993349ba35ad441be07393abbe8dfac59b70ec3b11a101f2919f88c7b45bcdb01 WHIRLPOOL b95bc3a9d8f330a19d2f58cbdbae0447dec288bd25420baadf4b01df505f4c99cfddb534f42aae43423b3cb53543d903068218fb5effde056a5f7696e70d2e13 +EBUILD xen-4.3.0-r4.ebuild 4095 SHA256 a196ea6987bc12adf97c5b644380db55ae2e10ea3d4ccd2d52a29fde0d48b89a SHA512 b8d264791609533fd5a93690ce13ce31634efd133e86ba0dd791cbb008c026cd3b3c536498e07163abf44beaa2a55b7d0908bc971aca0825f556dfea053a9f13 WHIRLPOOL e8f84bc808a5d8ffbd77766d3f3b6f681957c5eb4f261ffa1661232ada463e0aea5f677c1b1f7cb31287ef31fe90edc66bea90ad0817ea336bc1b228c14663c6 +EBUILD xen-4.3.1-r1.ebuild 3841 SHA256 c37e789ea8059a41be79affeadc93de7996f64da1c5266306d2533291f87a30d SHA512 d3621eee951ecfa5893a8c149fbd473c702f6af2d2117432e6379fd653de5919c3c05da354a4b5e98239b5fc5769a2e15e1741e3cf1b5d28eb7310831643538b WHIRLPOOL e601d7ea2da01b0b6db24d2efa753dc5a44d8148133e53a39b3d86bfbf3a4e8653c0c9b85d506b8a352ce7f049dddddb63c9b7c26380ce9a3a1297066b3aa4b9 +MISC ChangeLog 24741 SHA256 5ac9f6a09244c06dd0ea8077f4d807274888dfc7de08046bb2b74784ef335eab SHA512 ea4c639deded1785e4cc17cdfdc48edcf732b8ab8060c4821884ba9811270a2394cacf53b77fb665f1c660bc5bc82bd36bb4034d349c76c328a0947f88bc7fb5 WHIRLPOOL f1b271af12a9584ed54dcd73f9c6d60e94f2fdab60432f5e4270f2813196ee74ebe9d0170ddf5eafb550da6c520d1d673d7cdcf6ca136d648d05b26204e06455 MISC metadata.xml 572 SHA256 0f510aa5a7261b30e5eff6961fa9dd95b19db63e0eea93cfad1d47460318ba07 SHA512 8bbca8d353aa3b556783bddd4822b97c0372b169edb89ff2907a00895e014ff9dba9e8efccf04f45de8a69ce63849505455e9735c224700d1ebf93aa3f097ac5 WHIRLPOOL 1f5517720776198868cf5a0165b9daf2ee48187bde4ad4d86533c65898da608bde779289df7ef83eaf076e0ce284607fc21f61fc3ca0baaf86873ca400491d0e -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) -iEYEAREIAAYFAlKRowMACgkQso7CE7gHKw3KpQCgwwQtEWPP5UjKuniYarwDToCG -u1cAnj0gsXmnvCqb8NSHV/lRq4gu8Odo -=xVcB +iEYEAREIAAYFAlKh234ACgkQso7CE7gHKw2rrwCgt0KSAn8EebjZreXtJ5IeWxuZ +IHwAoLRQz+/bwgwVfmi/Saq9PzamOqem +=ywmi -----END PGP SIGNATURE----- diff --git a/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch b/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch new file mode 100644 index 000000000000..22648562283e --- /dev/null +++ b/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch @@ -0,0 +1,46 @@ +http://seclists.org/oss-sec/2013/q4/att-385/xsa82.patch +x86/AMD: work around erratum 793 + +The recommendation is to set a bit in an MSR - do this if the firmware +didn't, considering that otherwise we expose ourselves to a guest +induced DoS. + +This is CVE-2013-6885 / XSA-82. + +Signed-off-by: Jan Beulich +Acked-by: Suravee Suthikulpanit + +--- a/xen/arch/x86/cpu/amd.c ++++ b/xen/arch/x86/cpu/amd.c +@@ -476,6 +476,20 @@ static void __devinit init_amd(struct cp + "*** Pass \"allow_unsafe\" if you're trusting" + " all your (PV) guest kernels. ***\n"); + ++ if (c->x86 == 0x16 && c->x86_model <= 0xf) { ++ rdmsrl(MSR_AMD64_LS_CFG, value); ++ if (!(value & (1 << 15))) { ++ static bool_t warned; ++ ++ if (c == &boot_cpu_data || opt_cpu_info || ++ !test_and_set_bool(warned)) ++ printk(KERN_WARNING ++ "CPU%u: Applying workaround for erratum 793\n", ++ smp_processor_id()); ++ wrmsrl(MSR_AMD64_LS_CFG, value | (1 << 15)); ++ } ++ } ++ + /* AMD CPUs do not support SYSENTER outside of legacy mode. */ + clear_bit(X86_FEATURE_SEP, c->x86_capability); + +--- a/xen/include/asm-x86/msr-index.h ++++ b/xen/include/asm-x86/msr-index.h +@@ -213,6 +213,7 @@ + + /* AMD64 MSRs */ + #define MSR_AMD64_NB_CFG 0xc001001f ++#define MSR_AMD64_LS_CFG 0xc0011020 + #define MSR_AMD64_IC_CFG 0xc0011021 + #define MSR_AMD64_DC_CFG 0xc0011022 + #define AMD64_NB_CFG_CF8_EXT_ENABLE_BIT 46 + diff --git a/app-emulation/xen/xen-4.3.0-r3.ebuild b/app-emulation/xen/xen-4.3.0-r3.ebuild deleted file mode 100644 index 5667e184f874..000000000000 --- a/app-emulation/xen/xen-4.3.0-r3.ebuild +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright 1999-2013 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.3.0-r3.ebuild,v 1.1 2013/11/22 12:32:12 idella4 Exp $ - -EAPI=5 - -PYTHON_COMPAT=( python2_7 ) - -if [[ $PV == *9999 ]]; then - KEYWORDS="" - REPO="xen-unstable.hg" - EHG_REPO_URI="http://xenbits.xensource.com/${REPO}" - S="${WORKDIR}/${REPO}" - live_eclass="mercurial" -else - KEYWORDS="~amd64 ~x86" - SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz" -fi - -inherit mount-boot flag-o-matic python-any-r1 toolchain-funcs eutils ${live_eclass} - -DESCRIPTION="The Xen virtual machine monitor" -HOMEPAGE="http://xen.org/" -LICENSE="GPL-2" -SLOT="0" -IUSE="custom-cflags debug efi flask pae xsm" - -DEPEND="${PYTHON_DEPS} - efi? ( >=sys-devel/binutils-2.22[multitarget] ) - !efi? ( >=sys-devel/binutils-2.22[-multitarget] )" -RDEPEND="" -PDEPEND="~app-emulation/xen-tools-${PV}" - -RESTRICT="test" - -# Approved by QA team in bug #144032 -QA_WX_LOAD="boot/xen-syms-${PV}" - -REQUIRED_USE="flask? ( xsm )" - -pkg_setup() { - python-any-r1_pkg_setup - if [[ -z ${XEN_TARGET_ARCH} ]]; then - if use x86 && use amd64; then - die "Confusion! Both x86 and amd64 are set in your use flags!" - elif use x86; then - export XEN_TARGET_ARCH="x86_32" - elif use amd64; then - export XEN_TARGET_ARCH="x86_64" - else - die "Unsupported architecture!" - fi - fi - - if use flask ; then - export "XSM_ENABLE=y" - export "FLASK_ENABLE=y" - elif use xsm ; then - export "XSM_ENABLE=y" - fi -} - -src_prepare() { - # Drop .config and fix gcc-4.6 - epatch "${FILESDIR}"/${PN/-pvgrub/}-4.3-fix_dotconfig-gcc.patch - - if use efi; then - epatch "${FILESDIR}"/${PN}-4.2-efi.patch - export EFI_VENDOR="gentoo" - export EFI_MOUNTPOINT="boot" - fi - - # if the user *really* wants to use their own custom-cflags, let them - if use custom-cflags; then - einfo "User wants their own CFLAGS - removing defaults" - # try and remove all the default custom-cflags - find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \ - -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \ - -i {} \; || die "failed to re-set custom-cflags" - fi - - # not strictly necessary to fix this - sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py" - - #Security patches - epatch "${FILESDIR}"/${PN}-CVE-2013-1442-XSA-62.patch \ - "${FILESDIR}"/${PN}-CVE-2013-4355-XSA-63.patch \ - "${FILESDIR}"/${PN}-CVE-2013-4356-XSA-64.patch \ - "${FILESDIR}"/${PN}-CVE-2013-4361-XSA-66.patch \ - "${FILESDIR}"/${PN}-CVE-2013-4368-XSA-67.patch \ - "${FILESDIR}"/${PN}-CVE-2013-4375-XSA-71.patch \ - "${FILESDIR}"/${PN}-CVE-2013-4494-XSA-73.patch \ - "${FILESDIR}"/${PN}-4.3-CVE-2013-6375-XSA-75.patch \ - "${FILESDIR}"/${PN}-CVE-2013-6375-XSA-78.patch - - epatch_user -} - -src_configure() { - use debug && myopt="${myopt} debug=y" - use pae && myopt="${myopt} pae=y" - - if use custom-cflags; then - filter-flags -fPIE -fstack-protector - replace-flags -O3 -O2 - else - unset CFLAGS - fi -} - -src_compile() { - # Send raw LDFLAGS so that --as-needed works - emake CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt} -} - -src_install() { - local myopt - use debug && myopt="${myopt} debug=y" - use pae && myopt="${myopt} pae=y" - - # The 'make install' doesn't 'mkdir -p' the subdirs - if use efi; then - mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die - fi - - emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install -} - -pkg_postinst() { - elog "Official Xen Guide and the unoffical wiki page:" - elog " http://www.gentoo.org/doc/en/xen-guide.xml" - elog " http://en.gentoo-wiki.com/wiki/Xen/" - - use pae && ewarn "This is a PAE build of Xen. It will *only* boot PAE kernels!" - use efi && einfo "The efi executable is installed in boot/efi/gentoo" -} diff --git a/app-emulation/xen/xen-4.3.0-r4.ebuild b/app-emulation/xen/xen-4.3.0-r4.ebuild new file mode 100644 index 000000000000..dd672c809be0 --- /dev/null +++ b/app-emulation/xen/xen-4.3.0-r4.ebuild @@ -0,0 +1,141 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.3.0-r4.ebuild,v 1.1 2013/12/06 14:13:04 idella4 Exp $ + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +if [[ $PV == *9999 ]]; then + KEYWORDS="" + REPO="xen-unstable.hg" + EHG_REPO_URI="http://xenbits.xensource.com/${REPO}" + S="${WORKDIR}/${REPO}" + live_eclass="mercurial" +else + KEYWORDS="~amd64 ~x86" + SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz" +fi + +inherit mount-boot flag-o-matic python-any-r1 toolchain-funcs eutils ${live_eclass} + +DESCRIPTION="The Xen virtual machine monitor" +HOMEPAGE="http://xen.org/" +LICENSE="GPL-2" +SLOT="0" +IUSE="custom-cflags debug efi flask pae xsm" + +DEPEND="${PYTHON_DEPS} + efi? ( >=sys-devel/binutils-2.22[multitarget] ) + !efi? ( >=sys-devel/binutils-2.22[-multitarget] )" +RDEPEND="" +PDEPEND="~app-emulation/xen-tools-${PV}" + +RESTRICT="test" + +# Approved by QA team in bug #144032 +QA_WX_LOAD="boot/xen-syms-${PV}" + +REQUIRED_USE="flask? ( xsm )" + +pkg_setup() { + python-any-r1_pkg_setup + if [[ -z ${XEN_TARGET_ARCH} ]]; then + if use x86 && use amd64; then + die "Confusion! Both x86 and amd64 are set in your use flags!" + elif use x86; then + export XEN_TARGET_ARCH="x86_32" + elif use amd64; then + export XEN_TARGET_ARCH="x86_64" + else + die "Unsupported architecture!" + fi + fi + + if use flask ; then + export "XSM_ENABLE=y" + export "FLASK_ENABLE=y" + elif use xsm ; then + export "XSM_ENABLE=y" + fi +} + +src_prepare() { + # Drop .config and fix gcc-4.6 + epatch "${FILESDIR}"/${PN/-pvgrub/}-4.3-fix_dotconfig-gcc.patch + + if use efi; then + epatch "${FILESDIR}"/${PN}-4.2-efi.patch + export EFI_VENDOR="gentoo" + export EFI_MOUNTPOINT="boot" + fi + + # if the user *really* wants to use their own custom-cflags, let them + if use custom-cflags; then + einfo "User wants their own CFLAGS - removing defaults" + # try and remove all the default custom-cflags + find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \ + -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \ + -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \ + -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \ + -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \ + -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \ + -i {} \; || die "failed to re-set custom-cflags" + fi + + # not strictly necessary to fix this + sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py" + + #Security patches + epatch "${FILESDIR}"/${PN}-CVE-2013-1442-XSA-62.patch \ + "${FILESDIR}"/${PN}-CVE-2013-4355-XSA-63.patch \ + "${FILESDIR}"/${PN}-CVE-2013-4356-XSA-64.patch \ + "${FILESDIR}"/${PN}-CVE-2013-4361-XSA-66.patch \ + "${FILESDIR}"/${PN}-CVE-2013-4368-XSA-67.patch \ + "${FILESDIR}"/${PN}-CVE-2013-4375-XSA-71.patch \ + "${FILESDIR}"/${PN}-CVE-2013-4494-XSA-73.patch \ + "${FILESDIR}"/${PN}-4.3-CVE-2013-6375-XSA-75.patch \ + "${FILESDIR}"/${PN}-CVE-2013-6375-XSA-78.patch \ + "${FILESDIR}"/${PN}-CVE-2013-6885-XSA-82.patch + + epatch_user +} + +src_configure() { + use debug && myopt="${myopt} debug=y" + use pae && myopt="${myopt} pae=y" + + if use custom-cflags; then + filter-flags -fPIE -fstack-protector + replace-flags -O3 -O2 + else + unset CFLAGS + fi +} + +src_compile() { + # Send raw LDFLAGS so that --as-needed works + emake CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt} +} + +src_install() { + local myopt + use debug && myopt="${myopt} debug=y" + use pae && myopt="${myopt} pae=y" + + # The 'make install' doesn't 'mkdir -p' the subdirs + if use efi; then + mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die + fi + + emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install +} + +pkg_postinst() { + elog "Official Xen Guide and the unoffical wiki page:" + elog " http://www.gentoo.org/doc/en/xen-guide.xml" + elog " http://en.gentoo-wiki.com/wiki/Xen/" + + use pae && ewarn "This is a PAE build of Xen. It will *only* boot PAE kernels!" + use efi && einfo "The efi executable is installed in boot/efi/gentoo" +} diff --git a/app-emulation/xen/xen-4.3.1-r1.ebuild b/app-emulation/xen/xen-4.3.1-r1.ebuild new file mode 100644 index 000000000000..7ec58dd83332 --- /dev/null +++ b/app-emulation/xen/xen-4.3.1-r1.ebuild @@ -0,0 +1,136 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.3.1-r1.ebuild,v 1.1 2013/12/06 14:13:04 idella4 Exp $ + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +if [[ $PV == *9999 ]]; then + KEYWORDS="" + REPO="xen-unstable.hg" + EHG_REPO_URI="http://xenbits.xensource.com/${REPO}" + S="${WORKDIR}/${REPO}" + live_eclass="mercurial" +else + KEYWORDS="~amd64 ~x86" + SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz" +fi + +inherit mount-boot flag-o-matic python-any-r1 toolchain-funcs eutils ${live_eclass} + +DESCRIPTION="The Xen virtual machine monitor" +HOMEPAGE="http://xen.org/" +LICENSE="GPL-2" +SLOT="0" +IUSE="custom-cflags debug efi flask pae xsm" + +DEPEND="${PYTHON_DEPS} + efi? ( >=sys-devel/binutils-2.22[multitarget] ) + !efi? ( >=sys-devel/binutils-2.22[-multitarget] )" +RDEPEND="" +PDEPEND="~app-emulation/xen-tools-${PV}" + +RESTRICT="test" + +# Approved by QA team in bug #144032 +QA_WX_LOAD="boot/xen-syms-${PV}" + +REQUIRED_USE="flask? ( xsm )" + +pkg_setup() { + python-any-r1_pkg_setup + if [[ -z ${XEN_TARGET_ARCH} ]]; then + if use x86 && use amd64; then + die "Confusion! Both x86 and amd64 are set in your use flags!" + elif use x86; then + export XEN_TARGET_ARCH="x86_32" + elif use amd64; then + export XEN_TARGET_ARCH="x86_64" + else + die "Unsupported architecture!" + fi + fi + + if use flask ; then + export "XSM_ENABLE=y" + export "FLASK_ENABLE=y" + elif use xsm ; then + export "XSM_ENABLE=y" + fi +} + +src_prepare() { + # Drop .config and fix gcc-4.6 + epatch "${FILESDIR}"/${PN/-pvgrub/}-4.3-fix_dotconfig-gcc.patch + + if use efi; then + epatch "${FILESDIR}"/${PN}-4.2-efi.patch + export EFI_VENDOR="gentoo" + export EFI_MOUNTPOINT="boot" + fi + + # if the user *really* wants to use their own custom-cflags, let them + if use custom-cflags; then + einfo "User wants their own CFLAGS - removing defaults" + # try and remove all the default custom-cflags + find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \ + -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \ + -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \ + -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \ + -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \ + -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \ + -i {} \; || die "failed to re-set custom-cflags" + fi + + # not strictly necessary to fix this + sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py" + + # Security patches + epatch "${FILESDIR}"/${PN}-CVE-2013-4375-XSA-71.patch \ + "${FILESDIR}"/${PN}-CVE-2013-4494-XSA-73.patch \ + "${FILESDIR}"/${PN}-4.3-CVE-2013-6375-XSA-75.patch \ + "${FILESDIR}"/${PN}-CVE-2013-6375-XSA-78.patch \ + "${FILESDIR}"/${PN}-CVE-2013-6885-XSA-82.patch + + epatch_user +} + +src_configure() { + use debug && myopt="${myopt} debug=y" + use pae && myopt="${myopt} pae=y" + + if use custom-cflags; then + filter-flags -fPIE -fstack-protector + replace-flags -O3 -O2 + else + unset CFLAGS + fi +} + +src_compile() { + # Send raw LDFLAGS so that --as-needed works + emake CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt} +} + +src_install() { + local myopt + use debug && myopt="${myopt} debug=y" + use pae && myopt="${myopt} pae=y" + + # The 'make install' doesn't 'mkdir -p' the subdirs + if use efi; then + mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die + fi + + emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install +} + +pkg_postinst() { + elog "Official Xen Guide and the unoffical wiki page:" + elog " http://www.gentoo.org/doc/en/xen-guide.xml" + elog " http://en.gentoo-wiki.com/wiki/Xen/" + + use pae && ewarn "This is a PAE build of Xen. It will *only* boot PAE kernels!" + use efi && einfo "The efi executable is installed in boot/efi/gentoo" +} diff --git a/app-emulation/xen/xen-4.3.1.ebuild b/app-emulation/xen/xen-4.3.1.ebuild deleted file mode 100644 index a295b6497696..000000000000 --- a/app-emulation/xen/xen-4.3.1.ebuild +++ /dev/null @@ -1,135 +0,0 @@ -# Copyright 1999-2013 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.3.1.ebuild,v 1.1 2013/11/24 06:55:49 idella4 Exp $ - -EAPI=5 - -PYTHON_COMPAT=( python2_7 ) - -if [[ $PV == *9999 ]]; then - KEYWORDS="" - REPO="xen-unstable.hg" - EHG_REPO_URI="http://xenbits.xensource.com/${REPO}" - S="${WORKDIR}/${REPO}" - live_eclass="mercurial" -else - KEYWORDS="~amd64 ~x86" - SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz" -fi - -inherit mount-boot flag-o-matic python-any-r1 toolchain-funcs eutils ${live_eclass} - -DESCRIPTION="The Xen virtual machine monitor" -HOMEPAGE="http://xen.org/" -LICENSE="GPL-2" -SLOT="0" -IUSE="custom-cflags debug efi flask pae xsm" - -DEPEND="${PYTHON_DEPS} - efi? ( >=sys-devel/binutils-2.22[multitarget] ) - !efi? ( >=sys-devel/binutils-2.22[-multitarget] )" -RDEPEND="" -PDEPEND="~app-emulation/xen-tools-${PV}" - -RESTRICT="test" - -# Approved by QA team in bug #144032 -QA_WX_LOAD="boot/xen-syms-${PV}" - -REQUIRED_USE="flask? ( xsm )" - -pkg_setup() { - python-any-r1_pkg_setup - if [[ -z ${XEN_TARGET_ARCH} ]]; then - if use x86 && use amd64; then - die "Confusion! Both x86 and amd64 are set in your use flags!" - elif use x86; then - export XEN_TARGET_ARCH="x86_32" - elif use amd64; then - export XEN_TARGET_ARCH="x86_64" - else - die "Unsupported architecture!" - fi - fi - - if use flask ; then - export "XSM_ENABLE=y" - export "FLASK_ENABLE=y" - elif use xsm ; then - export "XSM_ENABLE=y" - fi -} - -src_prepare() { - # Drop .config and fix gcc-4.6 - epatch "${FILESDIR}"/${PN/-pvgrub/}-4.3-fix_dotconfig-gcc.patch - - if use efi; then - epatch "${FILESDIR}"/${PN}-4.2-efi.patch - export EFI_VENDOR="gentoo" - export EFI_MOUNTPOINT="boot" - fi - - # if the user *really* wants to use their own custom-cflags, let them - if use custom-cflags; then - einfo "User wants their own CFLAGS - removing defaults" - # try and remove all the default custom-cflags - find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \ - -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \ - -i {} \; || die "failed to re-set custom-cflags" - fi - - # not strictly necessary to fix this - sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py" - - # Security patches - epatch "${FILESDIR}"/${PN}-CVE-2013-4375-XSA-71.patch \ - "${FILESDIR}"/${PN}-CVE-2013-4494-XSA-73.patch \ - "${FILESDIR}"/${PN}-4.3-CVE-2013-6375-XSA-75.patch \ - "${FILESDIR}"/${PN}-CVE-2013-6375-XSA-78.patch - - epatch_user -} - -src_configure() { - use debug && myopt="${myopt} debug=y" - use pae && myopt="${myopt} pae=y" - - if use custom-cflags; then - filter-flags -fPIE -fstack-protector - replace-flags -O3 -O2 - else - unset CFLAGS - fi -} - -src_compile() { - # Send raw LDFLAGS so that --as-needed works - emake CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt} -} - -src_install() { - local myopt - use debug && myopt="${myopt} debug=y" - use pae && myopt="${myopt} pae=y" - - # The 'make install' doesn't 'mkdir -p' the subdirs - if use efi; then - mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die - fi - - emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install -} - -pkg_postinst() { - elog "Official Xen Guide and the unoffical wiki page:" - elog " http://www.gentoo.org/doc/en/xen-guide.xml" - elog " http://en.gentoo-wiki.com/wiki/Xen/" - - use pae && ewarn "This is a PAE build of Xen. It will *only* boot PAE kernels!" - use efi && einfo "The efi executable is installed in boot/efi/gentoo" -} -- cgit v1.2.3-65-gdbad