From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 92E94158041 for ; Thu, 28 Mar 2024 11:21:28 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id C2593E2A87; Thu, 28 Mar 2024 11:21:27 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id A8FD3E2A85 for ; Thu, 28 Mar 2024 11:21:27 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id EBB74343088 for ; Thu, 28 Mar 2024 11:21:26 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 7E7CD15C7 for ; Thu, 28 Mar 2024 11:21:25 +0000 (UTC) From: "Florian Schmaus" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Florian Schmaus" Message-ID: <1711624871.29e115efe6329ee27cca4aeaf6acf824ec8f835d.flow@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: app-emulation/xen/ X-VCS-Repository: repo/gentoo X-VCS-Files: app-emulation/xen/Manifest app-emulation/xen/xen-4.17.4_pre1.ebuild X-VCS-Directories: app-emulation/xen/ X-VCS-Committer: flow X-VCS-Committer-Name: Florian Schmaus X-VCS-Revision: 29e115efe6329ee27cca4aeaf6acf824ec8f835d X-VCS-Branch: master Date: Thu, 28 Mar 2024 11:21:25 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 1d7d9757-c3d6-48dd-8cc0-6a40259d53fd X-Archives-Hash: 7d54e85c87e911510d9dcd4af1350f7b commit: 29e115efe6329ee27cca4aeaf6acf824ec8f835d Author: Tomáš Mózes gmail com> AuthorDate: Sat Feb 3 18:37:58 2024 +0000 Commit: Florian Schmaus gentoo org> CommitDate: Thu Mar 28 11:21:11 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=29e115ef app-emulation/xen: add 4.17.4_pre1 Fixes XSA-449, XSA-450 Bug: https://bugs.gentoo.org/923741 Signed-off-by: Tomáš Mózes gmail.com> Signed-off-by: Florian Schmaus gentoo.org> app-emulation/xen/Manifest | 1 + app-emulation/xen/xen-4.17.4_pre1.ebuild | 179 +++++++++++++++++++++++++++++++ 2 files changed, 180 insertions(+) diff --git a/app-emulation/xen/Manifest b/app-emulation/xen/Manifest index f5a88a449f63..81661eb3996a 100644 --- a/app-emulation/xen/Manifest +++ b/app-emulation/xen/Manifest @@ -6,3 +6,4 @@ DIST xen-gentoo-patches-4.17.0-gentoo-patchset-2.tar.bz2 4001 BLAKE2B 7afce42675 DIST xen-upstream-patches-4.16.6-pre-patchset-0.tar.bz2 41361 BLAKE2B cf3498d1679fd36265f7d0f95f193a90c50d10d6f8a1df8895131c6b006aa1ba1236588b2cbead0fc7cd95ca74ea9bd24986f169889c1032e6bc4a87a8438404 SHA512 8e3cc0ff8f739ff687e5dcceacd58254d37bff6705993698a1fbfac0ccb2e67b7733c73029ff985b1f91dbdf29e247e96a50c1f2166d0b24df863db6915768ae DIST xen-upstream-patches-4.16.6-pre-patchset-1.tar.bz2 44167 BLAKE2B 6a11faf689b2875fe6845646cbc71541ff0ce02fed00f2fd0ccabdee4b71be96a5bfaa66a0a6de068a9b6534d5c0df2751f78ccd0755f1bcaef333d8337135dc SHA512 40721e0f4e11408c3687e8e77d850f6f0a02d0af0abe422d11478fe080c158ffee5408ed273d82c8c39a33dd0a97ab962f133a927e3a205fa84e9fe3911a57f1 DIST xen-upstream-patches-4.17.3-pre-patchset-0.tar.bz2 65870 BLAKE2B 9019ed4131157df83053873ce1978dfdaa21304bfd69a059e8869e4cd31e01128dbccf2b6a8f54b4c724dfa8d455cad0e55de555971e80a6cd56f143f2d618d3 SHA512 094172bb1c822fa6159792d517bdfdf9777f297be5acee99746a6b310db2c509f98001a280d798d931d4fa17983e8165297ad96489327368c035f8284efd382d +DIST xen-upstream-patches-4.17.4-pre-patchset-0.tar.bz2 17570 BLAKE2B 5ae7ceb1feef758166dc6d569da30cfa8867b3755d41a4d2834ad73630ee3beea5696b79a175a7c2680db59e50b802ef2a9ee5a3cedff74f3d9cbfac064b25f1 SHA512 6001c4889ae5bdb592f8d7801762e43db13223e6552e916978b8ce85eb78c3fcd885c24d58f3db688244ccf50646c8d41a2e20c47d3b85fefb29d1c0ed37dd99 diff --git a/app-emulation/xen/xen-4.17.4_pre1.ebuild b/app-emulation/xen/xen-4.17.4_pre1.ebuild new file mode 100644 index 000000000000..a5b1c04677df --- /dev/null +++ b/app-emulation/xen/xen-4.17.4_pre1.ebuild @@ -0,0 +1,179 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{9..11} ) + +inherit flag-o-matic mount-boot python-any-r1 secureboot toolchain-funcs + +if [[ ${PV} == *9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://xenbits.xen.org/git-http/xen.git" + SRC_URI="" +else + KEYWORDS="~amd64 ~arm -x86" + + XEN_GENTOO_PATCHSET_NUM=2 + XEN_GENTOO_PATCHSET_BASE=4.17.0 + XEN_PRE_PATCHSET_NUM=0 + XEN_PRE_VERSION_BASE=4.17.3 + + XEN_BASE_PV="${PV}" + if [[ -n "${XEN_PRE_VERSION_BASE}" ]]; then + XEN_BASE_PV="${XEN_PRE_VERSION_BASE}" + fi + + SRC_URI="https://downloads.xenproject.org/release/xen/${XEN_BASE_PV}/xen-${XEN_BASE_PV}.tar.gz" + + if [[ -n "${XEN_PRE_PATCHSET_NUM}" ]]; then + XEN_UPSTREAM_PATCHES_TAG="$(ver_cut 1-3)-pre-patchset-${XEN_PRE_PATCHSET_NUM}" + XEN_UPSTREAM_PATCHES_NAME="xen-upstream-patches-${XEN_UPSTREAM_PATCHES_TAG}" + SRC_URI+=" https://gitweb.gentoo.org/proj/xen-upstream-patches.git/snapshot/${XEN_UPSTREAM_PATCHES_NAME}.tar.bz2" + XEN_UPSTREAM_PATCHES_DIR="${WORKDIR}/${XEN_UPSTREAM_PATCHES_NAME}" + fi + if [[ -n "${XEN_GENTOO_PATCHSET_NUM}" ]]; then + XEN_GENTOO_PATCHES_TAG="$(ver_cut 1-3 ${XEN_GENTOO_PATCHSET_BASE})-gentoo-patchset-${XEN_GENTOO_PATCHSET_NUM}" + XEN_GENTOO_PATCHES_NAME="xen-gentoo-patches-${XEN_GENTOO_PATCHES_TAG}" + SRC_URI+=" https://gitweb.gentoo.org/proj/xen-gentoo-patches.git/snapshot/${XEN_GENTOO_PATCHES_NAME}.tar.bz2" + XEN_GENTOO_PATCHES_DIR="${WORKDIR}/${XEN_GENTOO_PATCHES_NAME}" + fi +fi + +DESCRIPTION="The Xen virtual machine monitor" +HOMEPAGE="https://xenproject.org" + +S="${WORKDIR}/xen-$(ver_cut 1-3 ${XEN_BASE_PV})" + +LICENSE="GPL-2" +SLOT="0" +IUSE="+boot-symlinks debug uefi flask" +REQUIRED_USE="arm? ( debug )" + +DEPEND="${PYTHON_DEPS} + uefi? ( >=sys-devel/binutils-2.22[multitarget] ) + !uefi? ( >=sys-devel/binutils-2.22 ) + flask? ( sys-apps/checkpolicy )" +RDEPEND="" +PDEPEND="~app-emulation/xen-tools-${PV}" + +# no tests are available for the hypervisor +# prevent the silliness of /usr/lib/debug/usr/lib/debug files +# prevent stripping of the debug info from the /usr/lib/debug/xen-syms +RESTRICT="test splitdebug strip" + +# Approved by QA team in bug #144032 +QA_WX_LOAD="boot/xen-syms-${PV}" + +pkg_setup() { + python-any-r1_pkg_setup + if [[ -z ${XEN_TARGET_ARCH} ]]; then + if use amd64; then + export XEN_TARGET_ARCH="x86_64" + elif use arm; then + export XEN_TARGET_ARCH="arm32" + elif use arm64; then + export XEN_TARGET_ARCH="arm64" + else + die "Unsupported architecture!" + fi + fi + use uefi && secureboot_pkg_setup +} + +src_prepare() { + if [[ -v XEN_UPSTREAM_PATCHES_DIR ]]; then + eapply "${XEN_UPSTREAM_PATCHES_DIR}" + fi + + if [[ -v XEN_GENTOO_PATCHES_DIR ]]; then + eapply "${XEN_GENTOO_PATCHES_DIR}" + fi + + # Symlinks do not work on fat32 volumes # 829765 + if ! use boot-symlinks || use uefi; then + eapply "${XEN_GENTOO_PATCHES_DIR}"/no-boot-symlinks/${PN}-4.16-no-symlinks.patch + fi + + # Workaround new gcc-11 options + sed -e '/^CFLAGS/s/-Werror//g' -i xen/Makefile || die + + # Drop .config + sed -e '/-include $(XEN_ROOT)\/.config/d' -i Config.mk || die "Couldn't drop" + + if use uefi; then + export EFI_VENDOR="gentoo" + export EFI_MOUNTPOINT="/boot" + fi + + default +} + +xen_make() { + # Setting clang to either 'y' or 'n' tells Xen's build system + # whether or not clang is used. + local clang=n + if tc-is-clang; then + clang=y + fi + + # Send raw LDFLAGS so that --as-needed works + emake \ + V=1 \ + LDFLAGS="$(raw-ldflags)" \ + HOSTCC="$(tc-getBUILD_CC)" \ + HOSTCXX="$(tc-getBUILD_CXX)" \ + CC="$(tc-getCC)" \ + CXX="$(tc-getCXX)" \ + LD="$(tc-getLD)" \ + AR="$(tc-getAR)" \ + OBJDUMP="$(tc-getOBJDUMP)" \ + RANLIB="$(tc-getRANLIB)" \ + clang="${clang}" \ + "$@" +} + +src_configure() { + cd xen || die + + touch gentoo-config || die + if use arm; then + echo "CONFIG_EARLY_PRINTK=sun7i" >> gentoo-config || die + fi + if use debug; then + cat <<-EOF >> gentoo-config || die + CONFIG_DEBUG=y + CONFIG_CRASH_DEBUG=y +EOF + fi + if use flask; then + echo "CONFIG_XSM=y" >> gentoo-config || die + fi + + # remove flags + unset CFLAGS + + tc-ld-disable-gold # Bug 700374 + + xen_make KCONFIG_ALLCONFIG=gentoo-config alldefconfig +} + +src_compile() { + xen_make -C xen +} + +src_install() { + # The 'make install' doesn't 'mkdir -p' the subdirs + if use uefi; then + mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die + fi + + xen_make DESTDIR="${D}" -C xen install + + if use uefi; then + secureboot_auto_sign --in-place + else + # make install likes to throw in some extra EFI bits if it built + rm -rf "${D}/usr/$(get_libdir)/efi" + fi +}