From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 0F351139357 for ; Tue, 11 Aug 2015 06:34:46 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 692C014229; Tue, 11 Aug 2015 06:34:44 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 0DE8114229 for ; Tue, 11 Aug 2015 06:34:43 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 083A3340939 for ; Tue, 11 Aug 2015 06:34:43 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 70EFB132 for ; Tue, 11 Aug 2015 06:34:40 +0000 (UTC) From: "Mike Frysinger" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Frysinger" Message-ID: <1439274862.719cc5ef240b766953ddbe1e7a6593f8091eed12.vapier@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/microcode-ctl/ X-VCS-Repository: repo/gentoo X-VCS-Files: sys-apps/microcode-ctl/microcode-ctl-1.28-r1.ebuild X-VCS-Directories: sys-apps/microcode-ctl/ X-VCS-Committer: vapier X-VCS-Committer-Name: Mike Frysinger X-VCS-Revision: 719cc5ef240b766953ddbe1e7a6593f8091eed12 X-VCS-Branch: master Date: Tue, 11 Aug 2015 06:34:40 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 2a28a322-6b53-47ca-98fc-dc1d76046ba7 X-Archives-Hash: b57174d5fcc263a6e58cc80c5c5b29cb commit: 719cc5ef240b766953ddbe1e7a6593f8091eed12 Author: Mike Frysinger gentoo org> AuthorDate: Tue Aug 11 06:28:16 2015 +0000 Commit: Mike Frysinger gentoo org> CommitDate: Tue Aug 11 06:34:22 2015 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=719cc5ef microcode-ctl: stop installing the init script Updating microcode on the fly is dangerous as it can modify the set of valid instructions. An active example of this is Intel's TSX insns -- the latest microcode push disables the insn on newer CPUs and causes SIGILL when you try to use it. But if you test for the insn before the microcode is updated, it will execute fine. For daemons that launched before the update, they'll find the flag works, and then crash later on when the insn no longer exists. Thus the only safe way to update microcode is at boot time via a builtin initramfs. Details on this operation can be found in #528712#41. .../microcode-ctl/microcode-ctl-1.28-r1.ebuild | 43 ++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/sys-apps/microcode-ctl/microcode-ctl-1.28-r1.ebuild b/sys-apps/microcode-ctl/microcode-ctl-1.28-r1.ebuild new file mode 100644 index 0000000..3aaef2b --- /dev/null +++ b/sys-apps/microcode-ctl/microcode-ctl-1.28-r1.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit toolchain-funcs + +MY_P=${PN/-/_}-${PV} +DESCRIPTION="Intel processor microcode update utility" +HOMEPAGE="https://fedorahosted.org/microcode_ctl/" +SRC_URI="https://fedorahosted.org/released/${PN/-/_}/${MY_P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="-* ~amd64 ~x86" +IUSE="selinux" + +DEPEND="" +RDEPEND=">=sys-apps/microcode-data-20090330 + selinux? ( sec-policy/selinux-cpucontrol )" + +S=${WORKDIR}/${MY_P} + +src_compile() { + emake \ + CC="$(tc-getCC)" \ + CFLAGS="${CFLAGS} ${CPPFLAGS} ${LDFLAGS}" +} + +src_install() { + dosbin microcode_ctl + doman microcode_ctl.8 + dodoc Changelog README +} + +pkg_preinst() { + if has_version "<${CATEGORY}/${PN}-1.28-r1" ; then + elog "The init scripts have been removed as they are unsafe. If you want to update" + elog "the microcode in your system, please use an initramfs. See bug #528712#41 for" + elog "details (and bug #557278 for genkernel users)." + fi +}