commit: c8e9934490fa854d278ff7f97d5308aeeb30b391 Author: Tomáš Mózes <hydrapolic <AT> gmail <DOT> com> AuthorDate: Wed Sep 2 10:56:35 2020 +0000 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> CommitDate: Sat Sep 12 18:32:15 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c8e99344
app-emulation/xen-tools: add upstream and security patches Bug: https://bugs.gentoo.org/738040 Signed-off-by: Tomáš Mózes <hydrapolic <AT> gmail.com> Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> app-emulation/xen-tools/Manifest | 5 ++- ...4.13.1-r2.ebuild => xen-tools-4.12.3-r3.ebuild} | 42 ++++++++++------------ ...4.13.1-r2.ebuild => xen-tools-4.13.1-r3.ebuild} | 7 ++-- ...ls-4.14.0.ebuild => xen-tools-4.14.0-r1.ebuild} | 7 ++-- 4 files changed, 31 insertions(+), 30 deletions(-) diff --git a/app-emulation/xen-tools/Manifest b/app-emulation/xen-tools/Manifest index ae0221770b6..f149a5865eb 100644 --- a/app-emulation/xen-tools/Manifest +++ b/app-emulation/xen-tools/Manifest @@ -8,9 +8,12 @@ DIST seabios-1.12.0.tar.gz 613542 BLAKE2B f145c2db716996bfa9e5c014086ccfaa8ae96e DIST seabios-1.12.1.tar.gz 613450 BLAKE2B cb926b650c41a9962db407945cb5b6558079b061bd61f32ea56aedf0d37a00d10ad4434acbe717ffbc0dd1d1c0767304af8e640a53b0fc3784969dfa1590f681 SHA512 58755ce842adcb99c0f2f3ebbf9ec6d4a5072753966ab46805a96db1570847b109a90e6e03d61f9088ef877ca8ba96a8006777dc38ec434fce6b487f6c1f91d0 DIST seabios-1.13.0.tar.gz 620952 BLAKE2B 460a7dd2b2775b981bbd890ed0a50fe905794c68b0b895799667dd1378bb84125712330c2f6945112709d42cfb7b01196c7fff99051e44b6211d47d19531cfae SHA512 7f158badf7deecc2998eab2a08f3615dfe5a7c0a51323f7b4568a4d1280935bc32bb466c8226d87d2ca7e13f9f117ff0092befcc0699bc31c5018e84754e8393 DIST xen-4.12.3-upstream-patches-1.tar.xz 39052 BLAKE2B dbe18a8d67009be9597ea8f0cd45850ed0e437119095c414796efff2810e884a3d7c062a7e5e12e93d8991cbbab50c0095d7ae1c937129f8f9490aa5f31ca6f8 SHA512 1383b1c0e3d4918b6b43c9cdff5284e259385136aad479814ea1d50b25017a0466a6a0044321585f38f4c8fb30f5af91a45f666a6d7fce6e60a4dfdb346a421b +DIST xen-4.12.3-upstream-patches-2.tar.xz 45272 BLAKE2B 0bdcd69a3c8832271d7e0491719feebed5330233303d9c5a78913bcc20e76a3c2b9c4f30f4e3d8c648f113df0157350709ad5939bf2ca53363eee7732ae8aacb SHA512 ac7fdb2a1d731ba2903ff31c9a3ae90506cdbc36289ef5c11254aa85f33a8d160d6d9136e37bbd526e88e881118b4ca8a594c2934561bda4afa0ff8cf99b54e1 DIST xen-4.12.3.tar.gz 26985230 BLAKE2B 403de519a552f1cd49e5a85b63f48df1b7a47ff8381385860b67df32af0b33be1c13c92ca2234e4479b7f415e711e0f46c396c3f62dfb5b2465d2991723cf6ef SHA512 7bbf4e752477f18143ac9a62fb633b1fbe115a1a9b03d0132f33dfca025bc9b76d9c2e9b66a3e407d14aff161b940b1a82e3e3ca43213798e9dd38b6970194e0 -DIST xen-4.13.1-upstream-patches-1.tar.xz 46892 BLAKE2B 8ccfe1d6b3589e262fa04526d5238694e324fef3b514daebdffcb74cecfc2700e37f810faf868ec198c99ed3a9af2c351656c31798c5791bfd6816552d78fd7a SHA512 2d9708c4b558c5986afd1caea56f69ac8b11d69371fd4afae0e9c3480a0b863c99ebe2d3b857d623d41924437db7f7e44fefc7bae892cd05d7605243ae8140d5 +DIST xen-4.13.1-upstream-patches-2.tar.xz 53744 BLAKE2B 769b5b8022f7db66f677d8107c6473606376718bffeac7eba09c4270f4005811f472fb9ed2a2804260e0486228edbadfcf8f81bf1dae6d68df37da213d281390 SHA512 b07c865b96c6f48b9d0b4e4c2f3ec19f4dc44884f4024e440a3e537f594f9f5edd6edf805bdefc82e5f1f2520f35f940b64c158972cbf5bfdc8fb2ca7a1b0ac1 DIST xen-4.13.1.tar.gz 39024612 BLAKE2B efff138699fac2c14fad2e0dfd4535ebd744577df3dddccc2a589b81a76f24fc81c75e295f4cd33ca2e820929417b22d714504b576cb0737a563037bd56b6a95 SHA512 b56d20704155d98d803496cba83eb928e0f986a750831cd5600fc88d0ae772fe1456571654375054043d2da8daca255cc98385ebf08b1b1a75ecf7f4b7a0ee90 +DIST xen-4.14.0-upstream-patches-0.tar.xz 6872 BLAKE2B 958ad668362c9c02af39f2a02cde2baa9b9fc8853116c390f43a77bb17c649bfc6a4b51db5cbe564a8c3c440ce736603e44b97f45c50a7836c9a43bfb0d2255a SHA512 a30d9708e64e1405f837b14c1e5a0e28fcb9e7a177c822570e25d0ed118a9c58c380f4ed64a40bf970a9389baf9848e52f7d161efe922b883ee990c8029e7e1f DIST xen-4.14.0.tar.gz 39950576 BLAKE2B db4c3e79cfdfb10260d0d14d9d28e8c8bd9bf23f42aee743acf8f560bf4cdb96a425c0df887c70f9755f62680be24bfbe0149e52a4cb843ae83090cd9d6afc71 SHA512 ebce47a2f754955d8517123d69f62006634d97620fbbe3784869a0667466e586a249f57ffaf7846d5bcb45d69377cde43354c82c233fbb5407e55653b9a33ac0 DIST xen-gentoo-patches-21.tar.xz 18280 BLAKE2B 95446da72fc16cb82e4e51df8796c64db05a30894a351a98dbd6700ce354c34956ca09a1af98125a4e56c337936e8fae296d806519b8afa23a82b078aa0db8f1 SHA512 3cffac162606a09b10b47dca604f167897e6ac8d153411d3464ef29a7a4d46ac5b92340884cb21279cb2d053b131f1ea5cb2111e3e9a21b3298b5ab3320ee34d DIST xen-gentoo-patches-22.tar.xz 18764 BLAKE2B e0da49b39fbc6b689db47e40a4fbb4f6568644fe192b114cce01b0406cba4bf23339ad1bf39b972f895df004916827b6e774f97fc079aeb8ac436763efda5fc3 SHA512 5b7959af4ed30edd2526698ab60a86353e35d9dc48dc941b6df7659a7c4904260461e0decbd8d788542bd69384736f2175861d4943c3738618d20788b19ea9b1 +DIST xen-security-patches-28.tar.xz 1580 BLAKE2B c304894801b37259508582fc6947e26c0b8665e982d91de86c16efd5eaecd6c9bb19570534642d39e81175fe58baccf576990a481f40f8848692d3465ad17a85 SHA512 b442b5568e76e0f2a5cfc91063515b96347f8b30f6101a81536b78edecc400861fd99281e1994bc6626bff28ece3df8f8306575c8abbb2cddaf3a6d3542c0b2f diff --git a/app-emulation/xen-tools/xen-tools-4.13.1-r2.ebuild b/app-emulation/xen-tools/xen-tools-4.12.3-r3.ebuild similarity index 91% copy from app-emulation/xen-tools/xen-tools-4.13.1-r2.ebuild copy to app-emulation/xen-tools/xen-tools-4.12.3-r3.ebuild index e47034afe45..78129b81663 100644 --- a/app-emulation/xen-tools/xen-tools-4.13.1-r2.ebuild +++ b/app-emulation/xen-tools/xen-tools-4.12.3-r3.ebuild @@ -3,8 +3,8 @@ EAPI=7 -PYTHON_COMPAT=( python3_{6,7,8} ) -PYTHON_REQ_USE='ncurses,xml,threads(+)' +PYTHON_COMPAT=( python2_7 ) +PYTHON_REQ_USE='ncurses,xml,threads' inherit bash-completion-r1 flag-o-matic multilib python-single-r1 toolchain-funcs @@ -17,8 +17,8 @@ if [[ $PV == *9999 ]]; then S="${WORKDIR}/${REPO}" else KEYWORDS="~amd64 ~arm ~arm64 ~x86" - UPSTREAM_VER=1 - SECURITY_VER= + UPSTREAM_VER=2 + SECURITY_VER=28 # xen-tools's gentoo patches tarball GENTOO_VER=21 # xen-tools's gentoo patches version which apply to this specific ebuild @@ -26,17 +26,16 @@ else # xen-tools ovmf's patches OVMF_VER= - SEABIOS_VER="1.12.1" - EDK2_COMMIT="20d2e5a125e34fc8501026613a71549b2a1a3e54" - EDK2_OPENSSL_VERSION="1_1_1b" - EDK2_SOFTFLOAT_COMMIT="b64af41c3276f97f0e181920400ee056b9c88037" - IPXE_COMMIT="1dd56dbd11082fb622c2ed21cfaced4f47d798a6" + SEABIOS_VER=1.12.0 + EDK2_COMMIT=ef529e6ab7c31290a33045bb1f1837447cc0eb56 + IPXE_COMMIT=d2063b7693e0e35db97b2264aa987eb6341ae779 [[ -n ${UPSTREAM_VER} ]] && \ UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P/-tools/}-upstream-patches-${UPSTREAM_VER}.tar.xz https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${P/-tools/}-upstream-patches-${UPSTREAM_VER}.tar.xz"; [[ -n ${SECURITY_VER} ]] && \ - SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN/-tools}-security-patches-${SECURITY_VER}.tar.xz"; + SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN/-tools}-security-patches-${SECURITY_VER}.tar.xz + https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${PN/-tools/}-security-patches-${SECURITY_VER}.tar.xz"; [[ -n ${GENTOO_VER} ]] && \ GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN/-tools}-gentoo-patches-${GENTOO_VER}.tar.xz https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${PN/-tools/}-gentoo-patches-${GENTOO_VER}.tar.xz"; @@ -44,11 +43,9 @@ else OVMF_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN/-tools}-ovmf-patches-${OVMF_VER}.tar.xz"; SRC_URI="https://downloads.xenproject.org/release/xen/${MY_PV}/xen-${MY_PV}.tar.gz - https://github.com/qemu/seabios/archive/rel-${SEABIOS_VER}.tar.gz -> seabios-${SEABIOS_VER}.tar.gz + https://www.seabios.org/downloads/seabios-${SEABIOS_VER}.tar.gz ipxe? ( http://xenbits.xen.org/xen-extfiles/ipxe-git-${IPXE_COMMIT}.tar.gz ) ovmf? ( https://github.com/tianocore/edk2/archive/${EDK2_COMMIT}.tar.gz -> edk2-${EDK2_COMMIT}.tar.gz - https://github.com/openssl/openssl/archive/OpenSSL_${EDK2_OPENSSL_VERSION}.tar.gz - https://github.com/ucb-bar/berkeley-softfloat-3/archive/${EDK2_SOFTFLOAT_COMMIT}.tar.gz -> berkeley-softfloat-${EDK2_SOFTFLOAT_COMMIT}.tar.gz ${OVMF_PATCHSET_URI} ) ${UPSTREAM_PATCHSET_URI} ${SECURITY_PATCHSET_URI} @@ -100,7 +97,6 @@ DEPEND="${COMMON_DEPEND} sys-power/iasl ) api? ( dev-libs/libxml2 net-misc/curl ) - ovmf? ( !arm? ( !arm64? ( dev-lang/nasm ) ) $(python_gen_impl_dep sqlite) @@ -133,7 +129,7 @@ DEPEND="${COMMON_DEPEND} system-qemu? ( app-emulation/qemu[xen] ) ocaml? ( dev-ml/findlib >=dev-lang/ocaml-4 ) - python? ( >=dev-lang/swig-4.0.0 )" + python? ( dev-lang/swig )" RDEPEND="${COMMON_DEPEND} sys-apps/iproute2[-minimal] @@ -153,10 +149,8 @@ QA_WX_LOAD=" " QA_PREBUILT=" - usr/libexec/xen/bin/elf2dmp usr/libexec/xen/bin/ivshmem-client usr/libexec/xen/bin/ivshmem-server - usr/libexec/xen/bin/qemu-edid usr/libexec/xen/bin/qemu-img usr/libexec/xen/bin/qemu-io usr/libexec/xen/bin/qemu-keymap @@ -236,7 +230,7 @@ src_prepare() { fi # move before Gentoo patch, one patch should apply to seabios, to fix gcc-4.5.x build err - mv ../seabios-rel-${SEABIOS_VER} tools/firmware/seabios-dir-remote || die + mv ../seabios-${SEABIOS_VER} tools/firmware/seabios-dir-remote || die pushd tools/firmware/ > /dev/null ln -s seabios-dir-remote seabios-dir || die popd > /dev/null @@ -260,10 +254,6 @@ src_prepare() { popd > /dev/null fi mv ../edk2-${EDK2_COMMIT} tools/firmware/ovmf-dir-remote || die - rm -r tools/firmware/ovmf-dir-remote/CryptoPkg/Library/OpensslLib/openssl || die - rm -r tools/firmware/ovmf-dir-remote/ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3 || die - mv ../openssl-OpenSSL_${EDK2_OPENSSL_VERSION} tools/firmware/ovmf-dir-remote/CryptoPkg/Library/OpensslLib/openssl || die - mv ../berkeley-softfloat-3-${EDK2_SOFTFLOAT_COMMIT} tools/firmware/ovmf-dir-remote/ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3 || die cp tools/firmware/ovmf-makefile tools/firmware/ovmf-dir-remote/Makefile || die fi @@ -271,8 +261,14 @@ src_prepare() { if use ipxe; then cp "${DISTDIR}/ipxe-git-${IPXE_COMMIT}.tar.gz" tools/firmware/etherboot/_ipxe.tar.gz || die + # gcc 9 + cp "${WORKDIR}/patches-gentoo/${PN}-4.12.0-ipxe-gcc9.patch" \ + tools/firmware/etherboot/patches/ipxe-gcc9.patch || die + echo "ipxe-gcc9.patch" >> tools/firmware/etherboot/patches/series || die + # gcc 10 - cp "${WORKDIR}/patches-gentoo/xen-tools-4.13.0-ipxe-gcc10.patch" tools/firmware/etherboot/patches/ipxe-gcc10.patch || die + cp "${WORKDIR}/patches-gentoo/xen-tools-4.13.0-ipxe-gcc10.patch" \ + tools/firmware/etherboot/patches/ipxe-gcc10.patch || die echo ipxe-gcc10.patch >> tools/firmware/etherboot/patches/series || die fi diff --git a/app-emulation/xen-tools/xen-tools-4.13.1-r2.ebuild b/app-emulation/xen-tools/xen-tools-4.13.1-r3.ebuild similarity index 98% rename from app-emulation/xen-tools/xen-tools-4.13.1-r2.ebuild rename to app-emulation/xen-tools/xen-tools-4.13.1-r3.ebuild index e47034afe45..c0e4d5d7a6e 100644 --- a/app-emulation/xen-tools/xen-tools-4.13.1-r2.ebuild +++ b/app-emulation/xen-tools/xen-tools-4.13.1-r3.ebuild @@ -17,8 +17,8 @@ if [[ $PV == *9999 ]]; then S="${WORKDIR}/${REPO}" else KEYWORDS="~amd64 ~arm ~arm64 ~x86" - UPSTREAM_VER=1 - SECURITY_VER= + UPSTREAM_VER=2 + SECURITY_VER=28 # xen-tools's gentoo patches tarball GENTOO_VER=21 # xen-tools's gentoo patches version which apply to this specific ebuild @@ -36,7 +36,8 @@ else UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P/-tools/}-upstream-patches-${UPSTREAM_VER}.tar.xz https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${P/-tools/}-upstream-patches-${UPSTREAM_VER}.tar.xz"; [[ -n ${SECURITY_VER} ]] && \ - SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN/-tools}-security-patches-${SECURITY_VER}.tar.xz"; + SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN/-tools}-security-patches-${SECURITY_VER}.tar.xz + https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${PN/-tools/}-security-patches-${SECURITY_VER}.tar.xz"; [[ -n ${GENTOO_VER} ]] && \ GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN/-tools}-gentoo-patches-${GENTOO_VER}.tar.xz https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${PN/-tools/}-gentoo-patches-${GENTOO_VER}.tar.xz"; diff --git a/app-emulation/xen-tools/xen-tools-4.14.0.ebuild b/app-emulation/xen-tools/xen-tools-4.14.0-r1.ebuild similarity index 98% rename from app-emulation/xen-tools/xen-tools-4.14.0.ebuild rename to app-emulation/xen-tools/xen-tools-4.14.0-r1.ebuild index 6446bb397cf..7cf7cb407e7 100644 --- a/app-emulation/xen-tools/xen-tools-4.14.0.ebuild +++ b/app-emulation/xen-tools/xen-tools-4.14.0-r1.ebuild @@ -17,8 +17,8 @@ if [[ $PV == *9999 ]]; then S="${WORKDIR}/${REPO}" else KEYWORDS="~amd64 ~arm ~arm64 ~x86" - UPSTREAM_VER= - SECURITY_VER= + UPSTREAM_VER=0 + SECURITY_VER=28 # xen-tools's gentoo patches tarball GENTOO_VER=22 # xen-tools's gentoo patches version which apply to this specific ebuild @@ -36,7 +36,8 @@ else UPSTREAM_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${P/-tools/}-upstream-patches-${UPSTREAM_VER}.tar.xz https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${P/-tools/}-upstream-patches-${UPSTREAM_VER}.tar.xz"; [[ -n ${SECURITY_VER} ]] && \ - SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN/-tools}-security-patches-${SECURITY_VER}.tar.xz"; + SECURITY_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN/-tools}-security-patches-${SECURITY_VER}.tar.xz + https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${PN/-tools/}-security-patches-${SECURITY_VER}.tar.xz"; [[ -n ${GENTOO_VER} ]] && \ GENTOO_PATCHSET_URI="https://dev.gentoo.org/~dlan/distfiles/${PN/-tools}-gentoo-patches-${GENTOO_VER}.tar.xz https://github.com/hydrapolic/gentoo-dist/raw/master/xen/${PN/-tools/}-gentoo-patches-${GENTOO_VER}.tar.xz";
