[gentoo-commits] repo/gentoo:master commit in: app-emulation/xen/, app-emulation/xen/files/

[gentoo-commits] repo/gentoo:master commit in: app-emulation/xen/, app-emulation/xen/files/

[Yixun Lan]

commit:     4ff6960975e9334ceba78d3c5d4a921b2ac7d00c
Author:     Tomas Mozes <hydrapolic <AT> gmail <DOT> com>
AuthorDate: Fri Dec 13 06:15:44 2019 +0000
Commit:     Yixun Lan <dlan <AT> gentoo <DOT> org>
CommitDate: Fri Dec 13 09:46:17 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ff69609

app-emulation/xen: bump to 4.11.3-r1

Fix XSA-{307,308,309,310,311}

Closes: https://bugs.gentoo.org/700374
Cloese: https://github.com/gentoo/gentoo/pull/13966
Bug: https://bugs.gentoo.org/702644
Package-Manager: Portage-2.3.81, Repoman-2.3.20
Signed-off-by: Tomáš Mózes <hydrapolic <AT> gmail.com>
Signed-off-by: Yixun Lan <dlan <AT> gentoo.org>

 app-emulation/xen/Manifest                         |  2 +-
 app-emulation/xen/files/xen-4.11-efi.patch         | 36 ++++++++++++++++++++++
 .../{xen-4.11.3.ebuild => xen-4.11.3-r1.ebuild}    |  6 ++--
 3 files changed, 41 insertions(+), 3 deletions(-)

diff --git a/app-emulation/xen/Manifest b/app-emulation/xen/Manifest
index 1e3cea990b9..f2f3a60bdef 100644
--- a/app-emulation/xen/Manifest
+++ b/app-emulation/xen/Manifest
@@ -1,7 +1,7 @@
 DIST xen-4.11.2-upstream-patches-2.tar.xz 86812 BLAKE2B c2dcb7e031f9dd0a18fed5705f1c81901e94264d8bc0993a8e6c10108ac01efc6a52487076ece078a96395608c6233f26696c6b9d4f89d0f034f5e14dd546793 SHA512 c11b848396258a403c8148c054f9ac5650e149a50aba3ee1554bbacda6e2fcc4c84b8e02a1bb1bcfaf406c637165ac3fe6ea6826365875444098fce30112136e
 DIST xen-4.11.2-upstream-patches-3.tar.xz 98796 BLAKE2B 5bfb86a54b5bb1452849ac78eabf49c4622010f089f20d334fd5d6bf8537c6ccf179dc6f9ff5c1208c8e6b3276ef8b37f42360cbba4f83cfbbdae6f3475d88d2 SHA512 5e8cf109b9a00acea6e843f5793f01a14edb0f29573a12b632b93b328393b0cbf5f048088d9a82b2eb0aa51b4d355509921e63696225c355fe667b5b1da6b5d9
 DIST xen-4.11.2.tar.gz 25164925 BLAKE2B 11adea16d93235af5807e6e3784e0fc36ce34f274a85d1976a5c8ad36a323437216b0cf6bb6cb13b00e1e838e319a9f8f4b9c417870eef9ed660f22274d81310 SHA512 48d3d926d35eb56c79c06d0abc6e6be2564fadb43367cc7f46881c669a75016707672179c2cca1c4cfb14af2cefd46e2e7f99470cddf7df2886d8435a2de814e
-DIST xen-4.11.3-upstream-patches-0.tar.xz 3692 BLAKE2B f1fb200020b6e8767cb4b900e3468edbebbd61c8147a13d2102e425f8c5f0016b95a1f51fb26bd3560c97b73bbd2935d117ce08f92744fd02a97658cd0168ff8 SHA512 ebb64219b62e418276056eae6c47561366c0a22afaa8750a56a252e84b84c4644189a22788cf176d7d2ca5ceb84d307afa884f373f54db693f0182d951353ab2
+DIST xen-4.11.3-upstream-patches-1.tar.xz 30200 BLAKE2B c63fd2d15efda1ae9aab534c13cd1826a87a5fbd2757f3d82461b1ef2dada0ee23dbb814328e3f8695e0819094d80584fc388536c927c386f02201d4d26a8287 SHA512 e48c60f724fa0f2d5e2bbea3d71590d7c3be2973c35c4b73ff0737f03207dcbfd7f9e43b43783bb739f7059778862693a50354178ae2fd53b04e5d39429e59cf
 DIST xen-4.11.3.tar.gz 25180826 BLAKE2B 56041bcef9adec754ee21032cf849745c6011224463f73b763ea186b37460f8456cb1f10614cb51ee4d2d77f03cba311f025e8999687888d15ac59cc122cd172 SHA512 2204e490e9fc357a05983a9bf4e7345e1d364fe00400ce473988dcb9ca7d4e2b921fe10f095cbbc64248130a92d22c6f0d154dcae250a57a7f915df32e3dc436
 DIST xen-4.12.1-upstream-patches-3.tar.xz 84912 BLAKE2B 4e8ee83d9f48f9ceadf401c069627c4ca91f70b726c4de9806070aaa090df912dfb15251be0d79829e249600451cf42621e722b739eb0961189b6bafcf1c5c57 SHA512 ae8f902cc39f3b0b99520d932e3be9ae51d00a997f3a008562bf39c63ba0ee9fc0a5f00d03027d4a9bf7de777bd8f1a41ffb10d52bee5b92a05364e9fb5434eb
 DIST xen-4.12.1.tar.gz 26970584 BLAKE2B ceab2af3d36b72d838d7b4f58f6855c97cf05282a4ea3c82eda29b8945ee20563845b7be02884bf0a061a633fb2b3016a2f7396ce34d9b3d93f90d6ee6d449ed SHA512 be15d3af6b109771aaf59b3621e4e1560b7d9a963d9b7f6a1f6f4a1c907fd97434b060c15f75849b44fbda33f26eb51b030d14d068c6ad5103ad240fe7a98f40

diff --git a/app-emulation/xen/files/xen-4.11-efi.patch b/app-emulation/xen/files/xen-4.11-efi.patch
new file mode 100644
index 00000000000..c7173d91b24
--- /dev/null
+++ b/app-emulation/xen/files/xen-4.11-efi.patch
@@ -0,0 +1,36 @@
+diff --git a/xen/Makefile b/xen/Makefile
+index af27147777..a5299b3868 100644
+--- a/xen/Makefile
++++ b/xen/Makefile
+@@ -57,9 +57,15 @@ _install: Z=$(CONFIG_XEN_INSTALL_SUFFIX)
+ _install: $(TARGET)$(CONFIG_XEN_INSTALL_SUFFIX)
+ 	[ -d $(D)$(BOOT_DIR) ] || $(INSTALL_DIR) $(D)$(BOOT_DIR)
+ 	$(INSTALL_DATA) $(TARGET)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_FULLVERSION)$(Z)
+-	ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION).$(XEN_SUBVERSION)$(Z)
+-	ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION)$(Z)
+-	ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)$(Z)
++	if [ 'x$(EFI_VENDOR)' == 'x' ]; then \
++		ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION).$(XEN_SUBVERSION)$(Z); \
++		ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION)$(Z); \
++		ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)$(Z); \
++	else \
++		$(INSTALL_DATA) $(TARGET)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION).$(XEN_SUBVERSION)$(Z); \
++		$(INSTALL_DATA) $(TARGET)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION)$(Z); \
++		$(INSTALL_DATA) $(TARGET)$(Z) $(D)$(BOOT_DIR)/$(T)$(Z); \
++	fi;
+ 	[ -d "$(D)$(DEBUG_DIR)" ] || $(INSTALL_DIR) $(D)$(DEBUG_DIR)
+ 	$(INSTALL_DATA) $(TARGET)-syms $(D)$(DEBUG_DIR)/$(T)-syms-$(XEN_FULLVERSION)
+ 	$(INSTALL_DATA) $(TARGET)-syms.map $(D)$(DEBUG_DIR)/$(T)-syms-$(XEN_FULLVERSION).map
+diff --git a/xen/arch/x86/Makefile b/xen/arch/x86/Makefile
+index ec02972f2b..628c245564 100644
+--- a/xen/arch/x86/Makefile
++++ b/xen/arch/x86/Makefile
+@@ -156,7 +156,7 @@ note.o: $(TARGET)-syms
+ 		--rename-section=.data=.note.gnu.build-id -S $@.bin $@
+ 	rm -f $@.bin
+ 
+-EFI_LDFLAGS = $(patsubst -m%,-mi386pep,$(LDFLAGS)) --subsystem=10
++EFI_LDFLAGS = -mi386pep $(patsubst -m%,-mi386pep,$(LDFLAGS)) --subsystem=10
+ EFI_LDFLAGS += --image-base=$(1) --stack=0,0 --heap=0,0 --strip-debug
+ EFI_LDFLAGS += --section-alignment=0x200000 --file-alignment=0x20
+ EFI_LDFLAGS += --major-image-version=$(XEN_VERSION)

diff --git a/app-emulation/xen/xen-4.11.3.ebuild b/app-emulation/xen/xen-4.11.3-r1.ebuild
similarity index 97%
rename from app-emulation/xen/xen-4.11.3.ebuild
rename to app-emulation/xen/xen-4.11.3-r1.ebuild
index 6d135ed74c9..3fb983d4016 100644
--- a/app-emulation/xen/xen-4.11.3.ebuild
+++ b/app-emulation/xen/xen-4.11.3-r1.ebuild
@@ -16,7 +16,7 @@ if [[ $PV == *9999 ]]; then
 	SRC_URI=""
 else
 	KEYWORDS="~amd64 ~arm -x86"
-	UPSTREAM_VER=0
+	UPSTREAM_VER=1
 	SECURITY_VER=
 	GENTOO_VER=
 
@@ -98,7 +98,7 @@ src_prepare() {
 	# Gentoo's patchset
 	[[ -n ${GENTOO_VER} ]] && eapply "${WORKDIR}"/patches-gentoo
 
-	eapply "${FILESDIR}"/${PN}-4.6-efi.patch
+	eapply "${FILESDIR}"/${PN}-4.11-efi.patch
 
 	# Drop .config
 	sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk || die "Couldn't	drop"
@@ -120,6 +120,8 @@ src_configure() {
 	unset CFLAGS
 	unset LDFLAGS
 	unset ASFLAGS
+
+	tc-ld-disable-gold # Bug 700374
 }
 
 src_compile() {

[gentoo-commits] repo/gentoo:master commit in: app-emulation/xen/, app-emulation/xen/files/

[Thomas Deutschmann]

commit:     694ead06cdd62b60f3faadb0ba953a7e28b169b3
Author:     Tomáš Mózes <hydrapolic <AT> gmail <DOT> com>
AuthorDate: Sun Jun 14 01:22:44 2020 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Wed Jun 17 15:25:20 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=694ead06

app-emulation/xen: bump to 4.14.0-rc1

Signed-off-by: Tomáš Mózes <hydrapolic <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/16228
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 app-emulation/xen/Manifest                 |   1 +
 app-emulation/xen/files/xen-4.14-efi.patch |  38 +++++++
 app-emulation/xen/xen-4.14.0_rc1.ebuild    | 166 +++++++++++++++++++++++++++++
 3 files changed, 205 insertions(+)

diff --git a/app-emulation/xen/Manifest b/app-emulation/xen/Manifest
index 36e807fb27b..82fe1ad99e8 100644
--- a/app-emulation/xen/Manifest
+++ b/app-emulation/xen/Manifest
@@ -4,3 +4,4 @@ DIST xen-4.12.3-upstream-patches-0.tar.xz 7236 BLAKE2B d795e2be6f1edb31f1d794912
 DIST xen-4.12.3.tar.gz 26985230 BLAKE2B 403de519a552f1cd49e5a85b63f48df1b7a47ff8381385860b67df32af0b33be1c13c92ca2234e4479b7f415e711e0f46c396c3f62dfb5b2465d2991723cf6ef SHA512 7bbf4e752477f18143ac9a62fb633b1fbe115a1a9b03d0132f33dfca025bc9b76d9c2e9b66a3e407d14aff161b940b1a82e3e3ca43213798e9dd38b6970194e0
 DIST xen-4.13.1-upstream-patches-0.tar.xz 7156 BLAKE2B 246b30cd8bc0ee8853a4e85ae0140d0ae52e69f3e4220bd97af8564491cf8285a7a592cd1392467a30acf6947733c8af355c110a44cb565927fb4f0bb7867113 SHA512 9059de696cb984c1891b5a87d1832562aa34b6568a21867c6744b603180f2b628905c81031f3c7c24867122d07432906750e0cfc6ca2fdacd31b82d35488455f
 DIST xen-4.13.1.tar.gz 39024612 BLAKE2B efff138699fac2c14fad2e0dfd4535ebd744577df3dddccc2a589b81a76f24fc81c75e295f4cd33ca2e820929417b22d714504b576cb0737a563037bd56b6a95 SHA512 b56d20704155d98d803496cba83eb928e0f986a750831cd5600fc88d0ae772fe1456571654375054043d2da8daca255cc98385ebf08b1b1a75ecf7f4b7a0ee90
+DIST xen-4.14.0-rc1.tar.gz 39946385 BLAKE2B af4d4d0d205b76d7cfb954c4c8ef95afbab7209de522691a875e3b2fc55d843ba6b1d71c693a472dbcf8cdf6b4cf4aa8f27065fdcf06145a50e6708fe63ea0e2 SHA512 90442feb6e5f1e853c337972217762e4c4ea44719275de74211bf0e7101746c33e0e437db544d03b5528d75b2e5bc97468b448e587ca0345b38b850f2aa393e9

diff --git a/app-emulation/xen/files/xen-4.14-efi.patch b/app-emulation/xen/files/xen-4.14-efi.patch
new file mode 100644
index 00000000000..351e1784352
--- /dev/null
+++ b/app-emulation/xen/files/xen-4.14-efi.patch
@@ -0,0 +1,38 @@
+diff --git a/xen/Makefile b/xen/Makefile
+index 0ade7f9..46c25d9 100644
+--- a/xen/Makefile
++++ b/xen/Makefile
+@@ -272,9 +272,17 @@ _install: Z=$(CONFIG_XEN_INSTALL_SUFFIX)
+ _install: $(TARGET)$(CONFIG_XEN_INSTALL_SUFFIX)
+ 	[ -d $(D)$(BOOT_DIR) ] || $(INSTALL_DIR) $(D)$(BOOT_DIR)
+ 	$(INSTALL_DATA) $(TARGET)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_FULLVERSION)$(Z)
+-	ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION).$(XEN_SUBVERSION)$(Z)
+-	ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION)$(Z)
+-	ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)$(Z)
++
++	if [ 'x$(EFI_VENDOR)' == 'x' ]; then \
++		ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION).$(XEN_SUBVERSION)$(Z); \
++		ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION)$(Z); \
++		ln -f -s $(T)-$(XEN_FULLVERSION)$(Z) $(D)$(BOOT_DIR)/$(T)$(Z); \
++	else \
++		$(INSTALL_DATA) $(TARGET)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION).$(XEN_SUBVERSION)$(Z); \
++		$(INSTALL_DATA) $(TARGET)$(Z) $(D)$(BOOT_DIR)/$(T)-$(XEN_VERSION)$(Z); \
++		$(INSTALL_DATA) $(TARGET)$(Z) $(D)$(BOOT_DIR)/$(T)$(Z); \
++	fi;
++
+ 	[ -d "$(D)$(DEBUG_DIR)" ] || $(INSTALL_DIR) $(D)$(DEBUG_DIR)
+ 	$(INSTALL_DATA) $(TARGET)-syms $(D)$(DEBUG_DIR)/$(T)-syms-$(XEN_FULLVERSION)
+ 	$(INSTALL_DATA) $(TARGET)-syms.map $(D)$(DEBUG_DIR)/$(T)-syms-$(XEN_FULLVERSION).map
+diff --git a/xen/arch/x86/Makefile b/xen/arch/x86/Makefile
+index 07eeefb..6b1c16b 100644
+--- a/xen/arch/x86/Makefile
++++ b/xen/arch/x86/Makefile
+@@ -163,7 +163,7 @@ note.o: $(TARGET)-syms
+ 		--rename-section=.data=.note.gnu.build-id -S $@.bin $@
+ 	rm -f $@.bin
+ 
+-EFI_LDFLAGS = $(patsubst -m%,-mi386pep,$(XEN_LDFLAGS)) --subsystem=10
++EFI_LDFLAGS = -mi386pep $(patsubst -m%,-mi386pep,$(LDFLAGS)) --subsystem=10
+ EFI_LDFLAGS += --image-base=$(1) --stack=0,0 --heap=0,0 --strip-debug
+ EFI_LDFLAGS += --section-alignment=0x200000 --file-alignment=0x20
+ EFI_LDFLAGS += --major-image-version=$(XEN_VERSION)

diff --git a/app-emulation/xen/xen-4.14.0_rc1.ebuild b/app-emulation/xen/xen-4.14.0_rc1.ebuild
new file mode 100644
index 00000000000..c2aafff59da
--- /dev/null
+++ b/app-emulation/xen/xen-4.14.0_rc1.ebuild
@@ -0,0 +1,166 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6..9} )
+
+inherit flag-o-matic mount-boot multilib python-any-r1 toolchain-funcs
+
+MY_PV=${PV/_/-}
+MY_P=${PN}-${MY_PV}
+
+if [[ $PV == *9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="git://xenbits.xen.org/xen.git"
+	SRC_URI=""
+else
+	#KEYWORDS="~amd64 ~arm -x86"
+	KEYWORDS=""
+	UPSTREAM_VER=
+	SECURITY_VER=
+	GENTOO_VER=
+
+	[[ -n ${UPSTREAM_VER} ]] && \
+		UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz
+		https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz"
+	[[ -n ${SECURITY_VER} ]] && \
+		SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-security-patches-${SECURITY_VER}.tar.xz"
+	[[ -n ${GENTOO_VER} ]] && \
+		GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-gentoo-patches-${GENTOO_VER}.tar.xz"
+	SRC_URI="https://downloads.xenproject.org/release/xen/${MY_PV}/${MY_P}.tar.gz
+		${UPSTREAM_PATCHSET_URI}
+		${SECURITY_PATCHSET_URI}
+		${GENTOO_PATCHSET_URI}"
+fi
+
+DESCRIPTION="The Xen virtual machine monitor"
+HOMEPAGE="https://www.xenproject.org"
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="debug efi flask"
+
+DEPEND="${PYTHON_DEPS}
+	efi? ( >=sys-devel/binutils-2.22[multitarget] )
+	!efi? ( >=sys-devel/binutils-2.22 )"
+RDEPEND=""
+PDEPEND="~app-emulation/xen-tools-${PV}"
+
+# no tests are available for the hypervisor
+# prevent the silliness of /usr/lib/debug/usr/lib/debug files
+# prevent stripping of the debug info from the /usr/lib/debug/xen-syms
+RESTRICT="test splitdebug strip"
+
+# Approved by QA team in bug #144032
+QA_WX_LOAD="boot/xen-syms-${PV}"
+
+REQUIRED_USE="arm? ( debug )"
+
+S="${WORKDIR}/${MY_P}"
+
+pkg_setup() {
+	python-any-r1_pkg_setup
+	if [[ -z ${XEN_TARGET_ARCH} ]]; then
+		if use amd64; then
+			export XEN_TARGET_ARCH="x86_64"
+		elif use arm; then
+			export XEN_TARGET_ARCH="arm32"
+		elif use arm64; then
+			export XEN_TARGET_ARCH="arm64"
+		else
+			die "Unsupported architecture!"
+		fi
+	fi
+
+	if use flask ; then
+		export "XSM_ENABLE=y"
+		export "FLASK_ENABLE=y"
+	fi
+}
+
+src_prepare() {
+	# Upstream's patchset
+	[[ -n ${UPSTREAM_VER} ]] && eapply "${WORKDIR}"/patches-upstream
+
+	# Security patchset
+	if [[ -n ${SECURITY_VER} ]]; then
+	einfo "Try to apply Xen Security patch set"
+		# apply main xen patches
+		# Two parallel systems, both work side by side
+		# Over time they may concdense into one. This will suffice for now
+		source "${WORKDIR}"/patches-security/${PV}.conf
+
+		local i
+		for i in ${XEN_SECURITY_MAIN}; do
+			eapply "${WORKDIR}"/patches-security/xen/$i
+		done
+	fi
+
+	# Gentoo's patchset
+	[[ -n ${GENTOO_VER} ]] && eapply "${WORKDIR}"/patches-gentoo
+
+	eapply "${FILESDIR}"/${PN}-4.14-efi.patch
+
+	# Drop .config
+	sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk || die "Couldn't	drop"
+
+	if use efi; then
+		export EFI_VENDOR="gentoo"
+		export EFI_MOUNTPOINT="/boot"
+	fi
+
+	default
+}
+
+src_configure() {
+	use arm && myopt="${myopt} CONFIG_EARLY_PRINTK=sun7i"
+
+	use debug && myopt="${myopt} debug=y"
+
+	# remove flags
+	unset CFLAGS
+	unset LDFLAGS
+	unset ASFLAGS
+
+	tc-ld-disable-gold # Bug 700374
+}
+
+src_compile() {
+	# Send raw LDFLAGS so that --as-needed works
+	emake V=1 CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt}
+}
+
+src_install() {
+	local myopt
+	use debug && myopt="${myopt} debug=y"
+
+	# The 'make install' doesn't 'mkdir -p' the subdirs
+	if use efi; then
+		mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die
+	fi
+
+	emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install
+
+	# make install likes to throw in some extra EFI bits if it built
+	use efi || rm -rf "${D}/usr/$(get_libdir)/efi"
+}
+
+pkg_postinst() {
+	elog "Official Xen Guide:"
+	elog " https://wiki.gentoo.org/wiki/Xen"
+
+	use efi && einfo "The efi executable is installed in /boot/efi/gentoo"
+
+	elog "You can optionally block the installation of /boot/xen-syms by an entry"
+	elog "in folder /etc/portage/env using the portage's feature INSTALL_MASK"
+	elog "e.g. echo ${msg} > /etc/portage/env/xen.conf"
+
+	ewarn
+	ewarn "Xen 4.12+ changed the default scheduler to credit2 which can cause"
+	ewarn "domU lockups on multi-cpu systems. The legacy credit scheduler seems"
+	ewarn "to work fine."
+	ewarn
+	ewarn "Add sched=credit to xen command line options to use the legacy scheduler."
+	ewarn
+	ewarn "https://wiki.gentoo.org/wiki/Xen#Xen_domU_hanging_with_Xen_4.12.2B"
+}

[gentoo-commits] repo/gentoo:master commit in: app-emulation/xen/, app-emulation/xen/files/

[Joonas Niilola]

commit:     4f2c2f779b6943e83e77b248b567c1e1d840c137
Author:     Tomáš Mózes <hydrapolic <AT> gmail <DOT> com>
AuthorDate: Sat Sep 11 11:01:18 2021 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Sat Sep 18 09:49:58 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4f2c2f77

app-emulation/xen: bump to 4.14.3/4.15.1

Bug: https://bugs.gentoo.org/812485
Bug: https://bugs.gentoo.org/810341
Closes: https://bugs.gentoo.org/800935
Signed-off-by: Tomáš Mózes <hydrapolic <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/22270
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 app-emulation/xen/Manifest                   |   2 +
 app-emulation/xen/files/xen-4.15-flask.patch |  13 +++
 app-emulation/xen/xen-4.14.3.ebuild          | 167 +++++++++++++++++++++++++++
 app-emulation/xen/xen-4.15.1.ebuild          | 167 +++++++++++++++++++++++++++
 4 files changed, 349 insertions(+)

diff --git a/app-emulation/xen/Manifest b/app-emulation/xen/Manifest
index 679f5a2e056..5c2893094f3 100644
--- a/app-emulation/xen/Manifest
+++ b/app-emulation/xen/Manifest
@@ -1,4 +1,6 @@
 DIST xen-4.14.2-upstream-patches-0.tar.xz 23304 BLAKE2B 954e0a49e5c3ec122aefe52afe328f440b8a4c8db966e0fa91e0b6d6cb3c0462b75fb99b3e7392811bd2e680cd7945e8a4d68317245fd42fdf0ad6cab33fbc68 SHA512 64d243f0c8acfec87812e4d78e3d8b24a86315824853f4f3b17122b7119425d180650695bc12e1a30f5b30c6ef684be7c08b2bc677ca2f0668d0335d92e2bf78
 DIST xen-4.14.2.tar.gz 39973157 BLAKE2B db5d3570f79e0fd97872f5e5dd57a4eb39e005728387bfef3b51fabe1c693cfd8108d09b1026f5a5a7eb79de71be6f4af36d252f7e0b35a65a1567b7949e3e29 SHA512 83c9333b70dbee3e29c6bf08e5ad030676e6c4a32b976f3f5e6a8f8d0dd9e4898bac88dd8e1c9d2ad3509cebb5d212e1745f9392a469d7afeb841d79801ccf39
+DIST xen-4.14.3.tar.gz 39982036 BLAKE2B 927fd2937f451567238702430cea3a6e5d2db70d5eef10f029bb1d6d030681573c851eb8076c8bad89c97c115f81a19ac8e46e78ca3f0e642565f7300c264ca1 SHA512 b462fcc1549f6e57f7f2a4fd10ce1e957a25a6a7c0319672b62699468f6c4330b9cd0cf2b0231b5cce94f4bb142a957eb8aa58aa0ffb5c85b37211d6b34ccf16
 DIST xen-4.15.0-upstream-patches-1.tar.xz 35180 BLAKE2B eb3b2a44b717a04daa4a2f158040cce78b42cba5a72c437d7b2f8f1237b808f6f13c2140d82e95056818db6c0eb706ebd7dead822a6a4e689e5d5e7c83523fdb SHA512 a7cfe2dbc82b15c48fa781a77b3ca1622fc2feac3874bf17cf56e82be46e9817913f94992e0e1a1cd2be2e719d4abb9a15744c8a1017e30c0d5c01d7db64dbb5
 DIST xen-4.15.0.tar.gz 40785399 BLAKE2B 8b0530f5516c39656506f4bb705952da0555a8ab7f47323473b171caeb7692f3107e9d94f13171d40576600064589eed35f4d210af02db4cc4706dd4fc202100 SHA512 93683b8a97387ca5f003c635a11d163e61c87dbdc9a03081f9155fe87b49f1dfa74ce243fcd5e04dc009353a36e2375b786f1ebde828b5951a094cd64197b4c7
+DIST xen-4.15.1.tar.gz 40800852 BLAKE2B 39475ea33f029fb0e84b82b4a2b13fd613bab01e3ef6c241dfede3d190ee9be53c99b62121d37d83b1e078764b3e4d88d1dfb99be1b5623691e56519850c6798 SHA512 8d3cbdf708f46477e32ee7cbd16a490c82efa855cecd84ee712b8680df4d69c987ba9ab00ff3851f627b98a8ebbc5dab71f92f142ed958ee2bc538bc792cd4b9

diff --git a/app-emulation/xen/files/xen-4.15-flask.patch b/app-emulation/xen/files/xen-4.15-flask.patch
new file mode 100644
index 00000000000..7dcf91b30fc
--- /dev/null
+++ b/app-emulation/xen/files/xen-4.15-flask.patch
@@ -0,0 +1,13 @@
+diff --git a/xen/common/Kconfig b/xen/common/Kconfig
+index eb953d1..78f058c 100644
+--- a/xen/common/Kconfig
++++ b/xen/common/Kconfig
+@@ -198,7 +198,7 @@ config XENOPROF
+ 
+ config XSM
+ 	bool "Xen Security Modules support"
+-	default ARM
++	default y
+ 	---help---
+ 	  Enables the security framework known as Xen Security Modules which
+ 	  allows administrators fine-grained control over a Xen domain and

diff --git a/app-emulation/xen/xen-4.14.3.ebuild b/app-emulation/xen/xen-4.14.3.ebuild
new file mode 100644
index 00000000000..5d3d91cd5e7
--- /dev/null
+++ b/app-emulation/xen/xen-4.14.3.ebuild
@@ -0,0 +1,167 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{8..9} )
+
+inherit flag-o-matic mount-boot multilib python-any-r1 toolchain-funcs
+
+MY_PV=${PV/_/-}
+MY_P=${PN}-${MY_PV}
+
+if [[ ${PV} == *9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="git://xenbits.xen.org/xen.git"
+	SRC_URI=""
+else
+	KEYWORDS="~amd64 ~arm -x86"
+	UPSTREAM_VER=
+	SECURITY_VER=
+	GENTOO_VER=
+
+	[[ -n ${UPSTREAM_VER} ]] && \
+		UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz
+		https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz"
+	[[ -n ${SECURITY_VER} ]] && \
+		SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-security-patches-${SECURITY_VER}.tar.xz"
+	[[ -n ${GENTOO_VER} ]] && \
+		GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-gentoo-patches-${GENTOO_VER}.tar.xz"
+	SRC_URI="https://downloads.xenproject.org/release/xen/${MY_PV}/${MY_P}.tar.gz
+		${UPSTREAM_PATCHSET_URI}
+		${SECURITY_PATCHSET_URI}
+		${GENTOO_PATCHSET_URI}"
+fi
+
+DESCRIPTION="The Xen virtual machine monitor"
+HOMEPAGE="https://www.xenproject.org"
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="debug efi flask"
+
+DEPEND="${PYTHON_DEPS}
+	efi? ( >=sys-devel/binutils-2.22[multitarget] )
+	!efi? ( >=sys-devel/binutils-2.22 )
+	flask? ( sys-apps/checkpolicy )"
+RDEPEND=""
+PDEPEND="~app-emulation/xen-tools-${PV}"
+
+# no tests are available for the hypervisor
+# prevent the silliness of /usr/lib/debug/usr/lib/debug files
+# prevent stripping of the debug info from the /usr/lib/debug/xen-syms
+RESTRICT="test splitdebug strip"
+
+# Approved by QA team in bug #144032
+QA_WX_LOAD="boot/xen-syms-${PV}"
+
+REQUIRED_USE="arm? ( debug )"
+
+S="${WORKDIR}/${MY_P}"
+
+pkg_setup() {
+	python-any-r1_pkg_setup
+	if [[ -z ${XEN_TARGET_ARCH} ]]; then
+		if use amd64; then
+			export XEN_TARGET_ARCH="x86_64"
+		elif use arm; then
+			export XEN_TARGET_ARCH="arm32"
+		elif use arm64; then
+			export XEN_TARGET_ARCH="arm64"
+		else
+			die "Unsupported architecture!"
+		fi
+	fi
+}
+
+src_prepare() {
+	# Upstream's patchset
+	[[ -n ${UPSTREAM_VER} ]] && eapply "${WORKDIR}"/patches-upstream
+
+	# Security patchset
+	if [[ -n ${SECURITY_VER} ]]; then
+	einfo "Try to apply Xen Security patch set"
+		# apply main xen patches
+		# Two parallel systems, both work side by side
+		# Over time they may concdense into one. This will suffice for now
+		source "${WORKDIR}"/patches-security/${PV}.conf
+
+		local i
+		for i in ${XEN_SECURITY_MAIN}; do
+			eapply "${WORKDIR}"/patches-security/xen/$i
+		done
+	fi
+
+	# Gentoo's patchset
+	[[ -n ${GENTOO_VER} ]] && eapply "${WORKDIR}"/patches-gentoo
+
+	# Symlinks do not work on fat32 volumes
+	eapply "${FILESDIR}"/${PN}-4.14-efi.patch
+
+	# Enable XSM-FLASK
+	use flask && eapply "${FILESDIR}"/${PN}-4.15-flask.patch
+
+	# Workaround new gcc-11 options
+	sed -e '/^CFLAGS/s/-Werror//g' -i xen/Makefile || die
+
+	# Drop .config
+	sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk || die "Couldn't	drop"
+
+	if use efi; then
+		export EFI_VENDOR="gentoo"
+		export EFI_MOUNTPOINT="/boot"
+	fi
+
+	default
+}
+
+src_configure() {
+	use arm && myopt="${myopt} CONFIG_EARLY_PRINTK=sun7i"
+	use debug && myopt="${myopt} debug=y"
+
+	# remove flags
+	unset CFLAGS
+	unset LDFLAGS
+	unset ASFLAGS
+
+	tc-ld-disable-gold # Bug 700374
+}
+
+src_compile() {
+	# Send raw LDFLAGS so that --as-needed works
+	emake V=1 CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt}
+}
+
+src_install() {
+	local myopt
+	use debug && myopt="${myopt} debug=y"
+
+	# The 'make install' doesn't 'mkdir -p' the subdirs
+	if use efi; then
+		mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die
+	fi
+
+	emake LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" DESTDIR="${D}" -C xen ${myopt} install
+
+	# make install likes to throw in some extra EFI bits if it built
+	use efi || rm -rf "${D}/usr/$(get_libdir)/efi"
+}
+
+pkg_postinst() {
+	elog "Official Xen Guide:"
+	elog " https://wiki.gentoo.org/wiki/Xen"
+
+	use efi && einfo "The efi executable is installed in /boot/efi/gentoo"
+
+	elog "You can optionally block the installation of /boot/xen-syms by an entry"
+	elog "in folder /etc/portage/env using the portage's feature INSTALL_MASK"
+	elog "e.g. echo ${msg} > /etc/portage/env/xen.conf"
+
+	ewarn
+	ewarn "Xen 4.12+ changed the default scheduler to credit2 which can cause"
+	ewarn "domU lockups on multi-cpu systems. The legacy credit scheduler seems"
+	ewarn "to work fine."
+	ewarn
+	ewarn "Add sched=credit to xen command line options to use the legacy scheduler."
+	ewarn
+	ewarn "https://wiki.gentoo.org/wiki/Xen#Xen_domU_hanging_with_Xen_4.12.2B"
+}

diff --git a/app-emulation/xen/xen-4.15.1.ebuild b/app-emulation/xen/xen-4.15.1.ebuild
new file mode 100644
index 00000000000..ddd07977693
--- /dev/null
+++ b/app-emulation/xen/xen-4.15.1.ebuild
@@ -0,0 +1,167 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{8..9} )
+
+inherit flag-o-matic mount-boot multilib python-any-r1 toolchain-funcs
+
+MY_PV=${PV/_/-}
+MY_P=${PN}-${MY_PV}
+
+if [[ ${PV} == *9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="git://xenbits.xen.org/xen.git"
+	SRC_URI=""
+else
+	KEYWORDS="~amd64 ~arm -x86"
+	UPSTREAM_VER=
+	SECURITY_VER=
+	GENTOO_VER=
+
+	[[ -n ${UPSTREAM_VER} ]] && \
+		UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz
+		https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz"
+	[[ -n ${SECURITY_VER} ]] && \
+		SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-security-patches-${SECURITY_VER}.tar.xz"
+	[[ -n ${GENTOO_VER} ]] && \
+		GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN}-gentoo-patches-${GENTOO_VER}.tar.xz"
+	SRC_URI="https://downloads.xenproject.org/release/xen/${MY_PV}/${MY_P}.tar.gz
+		${UPSTREAM_PATCHSET_URI}
+		${SECURITY_PATCHSET_URI}
+		${GENTOO_PATCHSET_URI}"
+fi
+
+DESCRIPTION="The Xen virtual machine monitor"
+HOMEPAGE="https://www.xenproject.org"
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="debug efi flask"
+
+DEPEND="${PYTHON_DEPS}
+	efi? ( >=sys-devel/binutils-2.22[multitarget] )
+	!efi? ( >=sys-devel/binutils-2.22 )
+	flask? ( sys-apps/checkpolicy )"
+RDEPEND=""
+PDEPEND="~app-emulation/xen-tools-${PV}"
+
+# no tests are available for the hypervisor
+# prevent the silliness of /usr/lib/debug/usr/lib/debug files
+# prevent stripping of the debug info from the /usr/lib/debug/xen-syms
+RESTRICT="test splitdebug strip"
+
+# Approved by QA team in bug #144032
+QA_WX_LOAD="boot/xen-syms-${PV}"
+
+REQUIRED_USE="arm? ( debug )"
+
+S="${WORKDIR}/${MY_P}"
+
+pkg_setup() {
+	python-any-r1_pkg_setup
+	if [[ -z ${XEN_TARGET_ARCH} ]]; then
+		if use amd64; then
+			export XEN_TARGET_ARCH="x86_64"
+		elif use arm; then
+			export XEN_TARGET_ARCH="arm32"
+		elif use arm64; then
+			export XEN_TARGET_ARCH="arm64"
+		else
+			die "Unsupported architecture!"
+		fi
+	fi
+}
+
+src_prepare() {
+	# Upstream's patchset
+	[[ -n ${UPSTREAM_VER} ]] && eapply "${WORKDIR}"/patches-upstream
+
+	# Security patchset
+	if [[ -n ${SECURITY_VER} ]]; then
+	einfo "Try to apply Xen Security patch set"
+		# apply main xen patches
+		# Two parallel systems, both work side by side
+		# Over time they may concdense into one. This will suffice for now
+		source "${WORKDIR}"/patches-security/${PV}.conf
+
+		local i
+		for i in ${XEN_SECURITY_MAIN}; do
+			eapply "${WORKDIR}"/patches-security/xen/$i
+		done
+	fi
+
+	# Gentoo's patchset
+	[[ -n ${GENTOO_VER} ]] && eapply "${WORKDIR}"/patches-gentoo
+
+	# Symlinks do not work on fat32 volumes
+	eapply "${FILESDIR}"/${PN}-4.15-efi.patch
+
+	# Enable XSM-FLASK
+	use flask && eapply "${FILESDIR}"/${PN}-4.15-flask.patch
+
+	# Workaround new gcc-11 options
+	sed -e '/^CFLAGS/s/-Werror//g' -i xen/Makefile || die
+
+	# Drop .config
+	sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk || die "Couldn't	drop"
+
+	if use efi; then
+		export EFI_VENDOR="gentoo"
+		export EFI_MOUNTPOINT="/boot"
+	fi
+
+	default
+}
+
+src_configure() {
+	use arm && myopt="${myopt} CONFIG_EARLY_PRINTK=sun7i"
+	use debug && myopt="${myopt} debug=y"
+
+	# remove flags
+	unset CFLAGS
+	unset LDFLAGS
+	unset ASFLAGS
+
+	tc-ld-disable-gold # Bug 700374
+}
+
+src_compile() {
+	# Send raw LDFLAGS so that --as-needed works
+	emake V=1 CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt}
+}
+
+src_install() {
+	local myopt
+	use debug && myopt="${myopt} debug=y"
+
+	# The 'make install' doesn't 'mkdir -p' the subdirs
+	if use efi; then
+		mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die
+	fi
+
+	emake LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" DESTDIR="${D}" -C xen ${myopt} install
+
+	# make install likes to throw in some extra EFI bits if it built
+	use efi || rm -rf "${D}/usr/$(get_libdir)/efi"
+}
+
+pkg_postinst() {
+	elog "Official Xen Guide:"
+	elog " https://wiki.gentoo.org/wiki/Xen"
+
+	use efi && einfo "The efi executable is installed in /boot/efi/gentoo"
+
+	elog "You can optionally block the installation of /boot/xen-syms by an entry"
+	elog "in folder /etc/portage/env using the portage's feature INSTALL_MASK"
+	elog "e.g. echo ${msg} > /etc/portage/env/xen.conf"
+
+	ewarn
+	ewarn "Xen 4.12+ changed the default scheduler to credit2 which can cause"
+	ewarn "domU lockups on multi-cpu systems. The legacy credit scheduler seems"
+	ewarn "to work fine."
+	ewarn
+	ewarn "Add sched=credit to xen command line options to use the legacy scheduler."
+	ewarn
+	ewarn "https://wiki.gentoo.org/wiki/Xen#Xen_domU_hanging_with_Xen_4.12.2B"
+}