diff options
| author |   Yixun Lan <dlan@gentoo.org> | 2014-05-17 14:08:30 +0000 |
|---|---|---|
| committer | Yixun Lan <dlan@gentoo.org> | 2014-05-17 14:08:30 +0000 |
| commit | 5514086fcefa10be3c16e216fcdaa65e3c13abb9 (patch) | |
| tree | 9e07a1322917a1c0f084c84adc1ee3fd5a1958b8 /app-emulation/xen | |
| parent | Version bump (diff) | |
| download | historical-5514086fcefa10be3c16e216fcdaa65e3c13abb9.tar.gz historical-5514086fcefa10be3c16e216fcdaa65e3c13abb9.tar.bz2 historical-5514086fcefa10be3c16e216fcdaa65e3c13abb9.zip | |
tree clean old ebuilds
Package-Manager: portage-2.2.8/cvs/Linux x86_64
Manifest-Sign-Key: 0xAABEFD55
Diffstat (limited to 'app-emulation/xen')
17 files changed, 25 insertions, 1269 deletions
diff --git a/app-emulation/xen/ChangeLog b/app-emulation/xen/ChangeLog index fcb23f303771..be2e00169a0e 100644 --- a/app-emulation/xen/ChangeLog +++ b/app-emulation/xen/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for app-emulation/xen # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/ChangeLog,v 1.162 2014/05/17 13:34:02 ago Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/ChangeLog,v 1.163 2014/05/17 14:08:19 dlan Exp $ + + 17 May 2014; Yixun Lan <dlan@gentoo.org> -xen-4.2.3.ebuild, + -xen-4.2.4-r1.ebuild, -xen-4.3.1-r5.ebuild, -xen-4.3.2-r1.ebuild, + -files/xen-4-XSA-83.patch, -files/xen-4.3-CVE-2013-4553-XSA-74.patch, + -files/xen-4.3-CVE-2013-6375-XSA-75.patch, + -files/xen-4.3-CVE-2014-263-XSA-84-85.patch, -files/xen-4.3-XSA-87.patch, + -files/xen-CVE-2013-4375-XSA-71.patch, -files/xen-CVE-2013-4494-XSA-73.patch, + -files/xen-CVE-2013-4554-XSA-76.patch, -files/xen-CVE-2013-6375-XSA-78.patch, + -files/xen-CVE-2013-6400-XSA-80.patch, -files/xen-CVE-2013-6885-XSA-82.patch: + tree clean old ebuilds 17 May 2014; Agostino Sarubbo <ago@gentoo.org> xen-4.2.4-r2.ebuild: Stable for x86, wrt bug #509054 diff --git a/app-emulation/xen/Manifest b/app-emulation/xen/Manifest index 6ba0bd876c9a..7b6c7e5bf782 100644 --- a/app-emulation/xen/Manifest +++ b/app-emulation/xen/Manifest @@ -1,55 +1,35 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 -AUX xen-4-XSA-83.patch 598 SHA256 71ba62c024ed867f99f335ed63d7e04a7981d348cc29a3718e5c48f15a1e0fb1 SHA512 8ca0f9e896da10ad32b93e7dfa908550180912b0f1eeb8be214f54fb6cc6c7a925df26db6521a37430e5e66c31e3eafb8a7169ff92097adaff7227cb95759c14 WHIRLPOOL b7369455f0dbcb37c3a3b7afe8de1e47e3303ead0a37c7e2ae13c5ebd66031bbfca21b6f4fb8a1191e32ef17a5fe74564c93ec7861f4a8d7dbc815fecfb6e068 AUX xen-4-fix_dotconfig-gcc.patch 1525 SHA256 943119cde08d16d05a927a85fb54ee4cee323cb4870dd0d90a552051fedc9907 SHA512 aa507594d96159c4e01ccfc4781f9afe7b6fe125c9df5925128c002f28fdf04999954b523cc53c6d7eaa49cb6e05120605f4e7d6f8bab6d5718d73a60b5accea WHIRLPOOL 6f4395203199b8037363ed56256e12f426f0c26f449c5e4a001c5454370a0e412f18cd03099866c30592ee0413556b85b3c374efb7172212db37ff3891c004af AUX xen-4.2-efi.patch 2216 SHA256 0886961e2656fe7e140dd0ac0e6620d4c14ef0796b8f8889bda163e2a9f8db8b SHA512 ecaa4f1f1c3ca737931fe5343529708dfb7ec7040dbf2acf2b155e7c7f019ce3e2630ddb302213570a2647fe220dbf23eb6c28618d6b1be9161e25fcadd71cb4 WHIRLPOOL 63b56e22683b2755ae17e7871c1b535d750f655ff8c003979d039654f5ef3303457b5d4469f216c1744202d4d1f4561f7498c1d93171ab1110a93e3a2fa8db8d -AUX xen-4.3-CVE-2013-4553-XSA-74.patch 1389 SHA256 b505cdba662b1b1cd91d5611fac998c6b4e89e366780c6b9864b6965075afb38 SHA512 fc0c1a1777a751096bc5990eee04e754deed2f18b8c8a5d65bf19c71ba9788599369f51e2d518f613e8cea8cb0d2d22ad60cec4d1b8805d7bd8e0818a54afb2b WHIRLPOOL e324f4922f61a22840ac0268fe2643a0fe496409d12a5797d7ba057ecd4982f8a9224e20615721c34680d45145d3933090ca1a11644cd2ca8f312995c3cba96f -AUX xen-4.3-CVE-2013-6375-XSA-75.patch 1748 SHA256 039a74a4ccd1f17a5fd5341d160af87b14875dc1b2e46d8e4d337581031228d8 SHA512 195d147643b626ab9265d83ba2d7fbdef7b5716533682b723f32cbbbde6089fafb49e11c68ba6d323bb120fb0d34d85caf5ec5759048f60ba9096e479729c32b WHIRLPOOL eb52b7334ead997fea54810498be22bf47bcd2230a2ea2552b6125f3f78b5f9f9df49a7625c43ed700b3e56c6ea8979171e6be2e6d54d53c706517fc901d4702 -AUX xen-4.3-CVE-2014-263-XSA-84-85.patch 6086 SHA256 91725c156bae4209f1401b38a37c1a38941ef6e9370ac3425523555fde81d835 SHA512 c26f9b3ecdb2894a72033850a532e0d9b735ba8e73c3cfc379171ec17c8f82e07596e6bd9824242702645d77e37054c0668279ad55effe10461d70e0831c39e8 WHIRLPOOL 94d0bf7fdc5064b0463344e1a09c81d9a41ab5c565c88accc511c547ed4ab3c0c7ac76443eab02c4b0153552ec2dc139da10960c5a8944aa9b49cee03160a911 -AUX xen-4.3-XSA-87.patch 916 SHA256 a13ce270b177d33537d627b85471abaa01215cd458541f4c6524914d7c81eb38 SHA512 a1ad45f8311787ac0e1ed1a186f9c4e9aea924398ec7bbbc5b1e4b2d3b4617e113b385ff2aee854458270b0d73ed11defac5dfe603b1fd7b97f4c951def559b3 WHIRLPOOL b3a36c01d4e0bca3c5df42488f9bfc91e756af8c899d7414b81b7dac2bb60733555321b607ed229817ac546ebce65fddce0f8781909d7021d19b44a931fb85bf AUX xen-4.3-fix_dotconfig-gcc.patch 8854 SHA256 4e0d22acdb4ecc4a1d418ec91bc6ddb9ef1c283ee3ca1f67bac85d3116d76ccc SHA512 b4c969b0cf166862ea5c5cb0912d7dae8c5bf7befd6dd6bdf4e56df8a4daf85c0a36c94247053f74edc0f24b1c15a18e7ddae9d24ad28d54b726a1fbbab442be WHIRLPOOL de7b614ae486fd2cc591b405b475745b003c638c9be4c8153b61a368802af36d2a2974d1e022eb14fb58ad9260f9f82c438c84cb65c3499076c579f7e1c3e6ad AUX xen-4.4-efi.patch 1873 SHA256 096ae932f6f9387b8d5a837279c436173310f121e06ba356b7dded67d682ac7a SHA512 a448b72f679fa2e9d544d73bfb68d2deef646706917114a458c9c44a0338d46390ebffe8b671a30f057be9f15b8fb4246c574916e674b5bd314b6908e5e06c82 WHIRLPOOL 02ba29e135f85727a655ed674624a97c3bad40ddd00a0e194b64f5179b9e65c9f6831c902c754001551dc4fbc0a08ee52c075208551d72a65b2f93f7aef29698 -AUX xen-CVE-2013-4375-XSA-71.patch 1628 SHA256 f1ef802098be2220ec1c0e0d20ff5385d34036b8cd312001dcc0e17fbe25f8d1 SHA512 9d057827933decc046506c46e1a482424169cc8d525ac49a39b296181615a4525383851e990fd3d46995db2f8261d92dc7955354cdf6ca15db8cbb89def17c6d WHIRLPOOL d1749db3dcceb5221dad395e2caede633456a304d922070096889b4b7d8e79bcda5fe4f7c8cb3e5f1e6c9dae349ef744d98290f286cbfc3737b0ff62f198e2a8 -AUX xen-CVE-2013-4494-XSA-73.patch 3723 SHA256 1c070e66d1bea3c109f22ea4db2e8828f0f4b016d51d6d88667b775eec340514 SHA512 d14be9077685aec682f2cfa23886bc430fe55d985650e5392da0988f69f242ac0fa242c84448e8203ab6dd1b44904a2f38ad9e8976a829100193a1c06efb8417 WHIRLPOOL 96a15f94eed123a5ff53193c8dcf708aa17d21b3ebe23b5fc50b7ecbdf64ed4f827252389cc15249d05041d036853053f3846b3fea3538fc8724fe828ca57bde -AUX xen-CVE-2013-4554-XSA-76.patch 556 SHA256 8c4d460c71e8e8dffa32ce24f57ce872ccd8623ab72fd38be432f0a2b097e7c1 SHA512 4bfd4dfc560629968a81b4f9b7509d8366208ca6d7987f27da44a41caa840437f623ed5ab489c9a1623c99ba9e702a5d647aa833961ed7d4ab72d0141258d6a4 WHIRLPOOL 6a7020ff3df9020a716b3ecdd3dd11869025e7205c17a9314a8f2705812b1a9e6fd4a19d891d00ca5c750456f4c871317c0ec451ab84db3c985c57e92ecb47d4 -AUX xen-CVE-2013-6375-XSA-78.patch 926 SHA256 63aeab44272c17d079c9b8e22732c8c31e767236bb0ceb73d9f6226c5ae31d35 SHA512 d6aa117c570881015bdb93efaaf386fc4f141ef012017ab0a51bd63a024f5e9eef3856243235533d46ac7b67bffd10e0913a06f65e194581a6a70cbd6a6bf5ca WHIRLPOOL 16b04f8191b2243c05541742a98dface491ebe8db47e050eb14e74352182bfd02a86867c1ad644b3cef209008cfbb5d0499073447fbef49c5de129e1bdf519d6 -AUX xen-CVE-2013-6400-XSA-80.patch 2072 SHA256 d15e627c59dd48e1cacb2fbcd5e2148975daa426df1f693b991d69201c048e77 SHA512 119d4a183c8a56496b337bb5c797e63df99ac88f879d0700e6ed4573a21901dd45fbc997cbaa8d4d635da574eb46ceb6d91a846cfb20b6d0a0b42381cfb9144c WHIRLPOOL 217c68bbe0b179a0f81fd591b546389a21f82acc3d60b5bdf1d6323263ce4a6ceb18d45dc0089c3758f179937b50816f1d53287f9b9b6486b4303e92df6d9cb3 -AUX xen-CVE-2013-6885-XSA-82.patch 1447 SHA256 db47b9dcb2124995754e7b43d7eedb5aae5c6d2dda6d43d313751b419ffd12e7 SHA512 f62b9bf0aae1eb22a551fc98d74f5baec391589be5252d472aa9b30012f426a7302063b02ceb3bc9b3fe88c67033eb771a4112727052ed3f9b5dc9d39f47f39d WHIRLPOOL 38678c9c32bc172a675bd0351a81743b92bbf72cbd14a29cc1a7ef15b8149bd4841816425142defdebc233a2dc58281e893533053e6310173ad3a5573233d1f5 -DIST xen-4.2.3-upstream-patches-0.tar.xz 84436 SHA256 7c2477b9b29c9d84bb26ed60bfc2700f2a614ed8040b93906e801831f3498b41 SHA512 a4e8b53a0efb9d64d4dc65ee3107422c8007537e03f9c8e6f1b2c838cf62e6819d447c1ed44aacb5c4e9979f0dad7ed313d2db61df6e6ad2d7708a81964a7e12 WHIRLPOOL cc3c2224bba3b2e5f057ec95f9e85e58b17bc0dce338da429c7970877967cddf69228258ff491be9c1d022169a90fcde34ef1bcb0c198c9123ca219707a5a99f -DIST xen-4.2.3.tar.gz 15613235 SHA256 69b6a73701383d609ad094a38925004e8595755fb39a6fafd579ba754e8667db SHA512 01521c8724354f92a2555683a8b103e5e16aedeb2c6166cc3ce40a0cc6cd9e07a601aa24930bb7391e00eb97f04003e6523dead09382cf86eb56f5b886509b9a WHIRLPOOL e7f7848ad632e5e77db95b2eb37c82f31a73021af4b6bb44091cc14103faa193bc2d6deb089e2a196daab5a08dbc08f135a8937a25a4ff5d31fe37c789bae1e9 -DIST xen-4.2.4-upstream-patches-0.tar.xz 15480 SHA256 c01c2edf3f7f0f3e1c9408f2eddb2ee3d211a3fe44833852335488bb585072b1 SHA512 3eb85f982478b9c09db94978fee4e042c556ddcd4b89aaff1c4a3adf07b118404eeacb29b83e58e2e8a1d389d0027903458d14b2b900b31f4806f7c428a387b9 WHIRLPOOL d4c9b0550b0f38f5227ea305c0b983deafb97bdac4fa498bc791dce6796d564303813959a1a90d488b69d5540ef9a65fab70598329420691d30b4f4c48de37e9 DIST xen-4.2.4-upstream-patches-1.tar.xz 27932 SHA256 8f246eaf65a7cfe72cd9af596993ec1326dd1c4411efd1b76294a7bffafed119 SHA512 4d0eca51d91588214b06c3a082fff62ffb69fa518f0d1afb28e7489ffc1539751a586b334db6cefc7ef99ffaaff296af26c85a6dc114db7d78663de7748922f3 WHIRLPOOL 28e82065d033bd2ef0b140a2eaf2aea546e3e7ec5fa1e6f44a0d4dd7c26324981805dbc9f41b13fd3b12dc8440dfa74a1da79b117f7294e222b7407ad7371f74 DIST xen-4.2.4.tar.gz 15663999 SHA256 e23e6292affd7a6d82da99527e8bf3964e57eb7322144c67c2025692b1a21550 SHA512 3e5263511e7c40899f580f3384bd987f9c875b8e6816202fd1a5a64fe7e336803d09e58148af074938ef261f0ceeafad121ac541ddd2bf66b76c5aa4ad07c357 WHIRLPOOL 25d23f5d921139ba0f853fcd76ae998647d32292bccfd4e7c4f3b12f860a38fbb33ebda67c839657bf3a25d837c9c02b80d663362263d16d42284ffde09f0bc2 -DIST xen-4.3.1.tar.gz 16429423 SHA256 3b5b7cc508b1739753585b5c25635471cdcef680e8770a78bf6ef9333d26a9fd SHA512 f5250ad5ad3defc5dc1207eb6208a3928128ef57ac4162018bd92b750dc1df1eaaf37835528aca33a0f9e04c82d5f8c4ba79c03a1780d2b72cbb90cc26f77275 WHIRLPOOL 087390786cea9aee273a5d81988436303991aa5ea92faf111d3b619517368f8c8feef84f4f8c602cac723980a344eb90414887db4ca88a2ee14bc6b0253e36ca -DIST xen-4.3.2-upstream-patches-0.tar.xz 13844 SHA256 c083f9b4490049cfcd83782574f52847df9b5738c8fe3220481526e73d01c380 SHA512 69c5b4fbfcf4ddc5964a7c0b60012eab244368d67c625cdb67d9c33f1e273c04234bed1e78de9e6a40ede1a30d279d5d588718bd5f210d37e016e53c03a4a0f9 WHIRLPOOL bb7b088fec542521fe6a0438607618c390f83da379f9a6de57472afdfb0f5d4a3aedcdaf43716df4353eb1cbf642a34e2da546da974bb8906a6780486d3844f6 DIST xen-4.3.2-upstream-patches-1.tar.xz 28004 SHA256 451df6bc293102a8f5eff0bc5b2c9feba0d8c0df5bdfba5591fac405e4f0141f SHA512 c0fd9ed16773e62121290dfc85e082997b049756a5038b0e3d4d618566a86abcf8baf499d176a529d8c33e2b333bd2be11dc075d026ce21b0d42d20b141c9e4f WHIRLPOOL 9a01940b7247a448ee1795539682a79dd70b470a535f438f077d2da7633f06eeb01c26c62c504a0e7ad68d7156957f96d8e966762b9c782e1bce37416b40a648 DIST xen-4.3.2.tar.gz 16472188 SHA256 17611d95f955302560ff72d97c08933b4e62bc2e8ffb71400fc54e388746ff69 SHA512 ec94d849b56ec590b89022075ce43768d8ef44b7be9580ce032509b44c085f0f66495845607a18cd3dea6b89c69bc2a18012705556f59288cd8653c3e5eca302 WHIRLPOOL 72250369fb2c90ba608e1da018cb6417b3089642c8ba59af9f2825ec5ba7c4e6c5d6f86140b20825817e4625727c6d58c5d38b00863c994e31c8a04927997bd3 DIST xen-4.4.0-upstream-patches-2.tar.xz 51840 SHA256 b1828719a42a429d66c4943bde714ac98dbd368d9f337795b3a9da4e7d755e22 SHA512 dabaa350dcc07f91df7bb4712b69f8fb5c5cf624b5e6ddfde75be891c4d7b7a81e0d8824b707fdc85a4de98929609c9f276ee871a54afa15ff21d80cebf31f80 WHIRLPOOL 6326d13e69090957d8f7f6b2cb088d597103d03b54728f37a49b89b7fac71446b4aa11c535996b206c1c7373eff8ac693e0f48b7fc3e69a566362df6eb6ecab6 DIST xen-4.4.0.tar.gz 18116578 SHA256 6910a504fe2ffe8db0e7a44756ce1c4c95e1ccbef942a1fc8da27aced5aac021 SHA512 84bc293415b8ce9686240b0145a92be190cdd7032c66b5b07906baacbfeb33ad1e6148336e951fd4506b7f4e0b250937c702226c0207d7088a50e643bedabd17 WHIRLPOOL 87886cc83bf1eaaf5dd5b67d7cc82823d98dd9b4b47c0a178ea70ee2367c1a4a142aa66df13f58603840d0e310fb5c09dc0d5b87f6361c934e1c83c95d09d406 -EBUILD xen-4.2.3.ebuild 4212 SHA256 f09e7ea233bef41c17089ca7a046c6944f214e81907fb09ee0940e3735bed992 SHA512 d9d42dabf5114fb259c22eb6cd2b1a956cabbaf18131dcb562c23dcd55698607ae5049667c954f4454bb6adb0cfc46054bb23215cf5bf29ec16aeb13b85d46f2 WHIRLPOOL 935e22e705fc0364c41bb18b4780a435de2e8c48bb1fb8f6ebfa501f486f03f03c064bfc77d045afb961d4bfc2db1e12b276bbbbfece359cd54885df822016be -EBUILD xen-4.2.4-r1.ebuild 4214 SHA256 fb0bd32cf4eb686fefd03deb82a29e21716f9f2d0f598cd2f51acd56668842a5 SHA512 00ca3b2a0f5117af7462e1befd365a0ed0d605ad94007a17efba686daca5f00e73a9a0927793347d9077b51d164b5fa3210fd621c904f6be8f8e8d20c562df6f WHIRLPOOL b83ef51ec1dfe1c04a9773191b842405f8ca84177dd7d7bcdf78a10d1fbea5dc509a2679bef1dfaf61c80284828e4fc2a3fc74ddbbd36b44e75b7e567aa1a46f EBUILD xen-4.2.4-r2.ebuild 4211 SHA256 aebf00f9d5872e6a7f7ee36de3e6b637568a0e48d3241c379aa44d31e84d99c5 SHA512 e01e53e9b35d3d2d2ea4785145e97c6cf12084a2a989e30570555801283fbfc1d6a78d30da150bc5da35fffae5b85415d0a0347dac20d94479ae640993b278e6 WHIRLPOOL 01c4e89d8be6571f1c5ebdf8b5022bb2b2fa6d02340db18559f12598fd47318511fcc7aa674b2dc955b208716364cb237c6b23da5da3585f86ef487b0322f717 -EBUILD xen-4.3.1-r5.ebuild 4118 SHA256 acac2edea0a26f1025254f754e864e386e70488d9d0d7d9a5743552c61022b9b SHA512 c75f3cee4665776b2f350101f7cde6efa916c45976ee1f690a4d0ed07cffd051d0bfdc0cc006b7f0a463e747a5cc7b41900ecbaa1ab32505f0fefd68811c610f WHIRLPOOL e6a4eda3889fbb94430ddc50be50cb71a3a292595dd19399d14d1bcdd06f19ea40bdc3c0a926cd8791c3af9cb883bb3564a35acd1ca647aed2b4cd179261871a -EBUILD xen-4.3.2-r1.ebuild 4108 SHA256 18de3d799cc197167780901eb9a16e4174b7c122eb5642a4d18297c90ed42175 SHA512 df8478bde9928cb47d146009c3b38e110545624b51a553ccdafee5bf865395eff3fba5ce5833f6c21fb1dfe730108f05d194b531b8232892433da7595a7bd450 WHIRLPOOL f94d271e122a018c307315ff5ed907915f7c0599a43202d4cce96cd5851cdd9eb667c8594d5239a330e473ee29f334175ffc1e69615817a1b7553f767d58468e EBUILD xen-4.3.2-r2.ebuild 4106 SHA256 cb21092b3d977d83eb1aaba467d52803a05ebc659aab39855e8b51a3ece2d542 SHA512 3143729cccb9dadba8ab28a7893be4d1512e93e4eca29c7370f32bdb2c5cadf08ac8e45ad90b1052c37fdc5d2da9517e429d42a3fdccadea5b794e5dce00bf81 WHIRLPOOL f6e6e1b015b3a201bb8335e4aef0d6846ef8b607e3b786f2878198bf943029dce4d4944448d3245649e8ee04a26d8b02b1b9f6db1fb7e0d70dc5e32b9049573f EBUILD xen-4.4.0-r3.ebuild 4337 SHA256 e1f9729188b68dc4cf7f52c8ef32a7805c7656bbc9f355346b275e3bfde90efa SHA512 279a70ed5e46e522d40d044147d58e03a9d3b164ba94c40fe6a6e015498f6165d18dc09aa18fd507b2700465393d1f0b414092b847f7d90771ff778e98d44c5c WHIRLPOOL 469de6e728d2fffe2e7581de58027f2b0f8aa9b93b8f3a31022f55961235e1946b9497bd525c1b27996aa9fb540695ed8545d61df4075d90dc2f0be13229fd8b -MISC ChangeLog 29624 SHA256 74bdb9c3ae7505eacc40becaec681eff7de42905b1cc40959fd923386b31a61c SHA512 47fa5e8438d91f32022de811be4dfc1728208b5aa165f2c6c3a95451629fa41c0e84091111aca2cf526059932e1fea8d819c25a1c082585c4cbc1da72f391dc7 WHIRLPOOL eef19a880da16f18b959c63d92e2d2dd695070afa9c6b15236bb3af4c5fbcf0504561daa6fd5452fcfd7ce8327ebc54622f0412d71027804702e608e371caca8 +MISC ChangeLog 30214 SHA256 a2dafb20732cf67da9870a874506335d087db6b32fed99c024ee935cc3087a9a SHA512 3ae144785cab89aed59a762af7b5d0ecbbd8bd0c4b21781acf36b98c58d539b647e5904853635c4b5b8c69fe6f50d353175b9e0a9f2cae631a9680d1470f24f1 WHIRLPOOL 070c73f0188c721af46c1b8d84dffd8f17064be3aee373d928b1a43954eb2b54d90745dfb74dd14a915c68974945c39f4702bf84228ebddb20c040ba1e5782e3 MISC metadata.xml 480 SHA256 c6d867148db1480748552aea9692bdee95fb98a94fcfadab0d128cbf1102b0d5 SHA512 888aa860cbb74d79c76f096107d8b22975470373ab11249da2c4ae9c4e172bc52fee73fdfaf07c19e977cabbbdf35ea5b3c6508d4a6f555b771ab6729806fe5c WHIRLPOOL c4d10589ca2c8b4e8bbd877dfc8f4f3b66ce8ae7bece71617e9571f07a39270f54c41f5fbbb2b29020ffc6473e2341064bd708813af3e20a31d5b9bd0510ebe2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) -iQIcBAEBCAAGBQJTd2VLAAoJELp701BxlEWfFocP/AgMkmqaHPj3hlajnA3aU5Z4 -FVKY9abwjEk8QXpEakzmxAZCO4zKBvD0GCC8TJJvOd/8TD7PuHF6HrSW2a5fhcSY -xbrck4nRunYzgh6LSTc/2hVerYB03sZ5sBuqLnUTIicW3fWMljU4awd6pOKmyBUn -oOurf7j26bTv7fclgA4CA9NdAGmQpHTN4iQDEVs1B6/BBFq6ztKWKAnorH+Ukr+7 -mqAaFT3sbvWbRx3ZcE+uSvUNS1J+kASmfYfCVFV7u8CR++7QUDR3DwjP9+jd0Ln9 -omcd0VREpJj/nXfKszrL1/B9f1TveU7SCtJ6lgMuUmplsSdOdEJwTc/DFZnJejK9 -JC5p4hE8NjiNR5//0gzHJVYNMxQa3xFo63gfnUWVx50IiKNc3muqacDvwNkSTM0/ -vBgfWOryZ6+9BwvHaD8KzvqkN5B5KE/Pd8xDjeIkiFb7qmt667KQcX+TQ8A4IQ1y -yPlLSJAx4c6OlZSGr9QfYJE3aV7tD79dLWYaWEQjBiEZt09RcG/N0VYccHErbWrs -icqC6ufnWQkLYnnLEDsX39I0R5eA1y5wOJoC0xrhZWKn2R/oX5toaadMaZNJ3oKz -B5dUT3Vio7Wmu45l3a2KJkk3SkyY0pypnyQQtGQK2FXohmswzHJ6kQJXdiSnUvW8 -kCQF6G0M3cupnGc8VxyM -=cWY/ +iQIcBAEBCAAGBQJTd21jAAoJEJIMDbyqvv1VEAEP/iUk6WlQTWJueYaciXBSPISd +Ei9ydDjsOi2knkC7aS/rRndm8XFZZ8MI1F6YIRzXLe2qakdABY6csmr3o8y090mB +2UNBfSl1Tck06ButUNIyHhrEM068jymqCFgjVoQ2Y8nZZCo9rXTWwWvz8wZ2eZYl +hUJH/aFdqPTTDAe3Q/qvFOkTMeIGJSnSpG/7SFQRmBOVD5rHEFp9SV6xvzXIVpi+ +DQ2zoxWUJGWnZP82PKdFgba3lkLROVXPsqAWwJOCXJ6k27lQZgzblRiI+OXEeYtr +6DLe2PaOe+pwvA1MnIj2zjx4frCyIxfFmrI7pEy9MrbxlfVhUaaJLqhxcwxunIiw +Fj7LMz1lE+UzdKfAm57sjYtHyERQVDoe9hK1mFXRerMdDz8kxyuVjCw7mYd63IqL +/bQDhzYT4ZooCSvJFe4U/449JuYRdXZTdErtDQacYT4w42JkSG+6sh7OHLJsvSe6 +P0XNk7tIUguM0POWT2w4AGgaYsS5yZEG7auGhXObHYWQlYIhbUDi/tqfsY7b7fSo +E17HNn1PSbpg2a+o+mac2oM72au9vfiyG0xEPcQ7AvbsLSMCSY1CUD7uVdzLHMRR +9QnXxBQyQsfkkQa3Kg9wuTbJ4qR00jBHOLD7ieBlmMhCHY8oKRjpKmFtZrijE5be +keZTZVbFj+cq6PCZYP9x +=FDjt -----END PGP SIGNATURE----- diff --git a/app-emulation/xen/files/xen-4-XSA-83.patch b/app-emulation/xen/files/xen-4-XSA-83.patch deleted file mode 100644 index 209c38b93d59..000000000000 --- a/app-emulation/xen/files/xen-4-XSA-83.patch +++ /dev/null @@ -1,20 +0,0 @@ -x86/irq: avoid use-after-free on error path in pirq_guest_bind() - -This is XSA-83. - -Coverity-ID: 1146952 -Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> -Reviewed-by: Jan Beulich <jbeulich@suse.com> - ---- a/xen/arch/x86/irq.c -+++ b/xen/arch/x86/irq.c -@@ -1590,8 +1590,7 @@ int pirq_guest_bind(struct vcpu *v, stru - printk(XENLOG_G_INFO - "Cannot bind IRQ%d to dom%d. Out of memory.\n", - pirq->pirq, v->domain->domain_id); -- rc = -ENOMEM; -- goto out; -+ return -ENOMEM; - } - - action = newaction; diff --git a/app-emulation/xen/files/xen-4.3-CVE-2013-4553-XSA-74.patch b/app-emulation/xen/files/xen-4.3-CVE-2013-4553-XSA-74.patch deleted file mode 100644 index 4c9c27c3b6a0..000000000000 --- a/app-emulation/xen/files/xen-4.3-CVE-2013-4553-XSA-74.patch +++ /dev/null @@ -1,41 +0,0 @@ -x86: restrict XEN_DOMCTL_getmemlist - -Coverity ID 1055652 - -(See the code comment.) - -This is CVE-2013-4553 / XSA-74. - -Signed-off-by: Jan Beulich <jbeulich@suse.com> -Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> -Reviewed-by: Tim Deegan <tim@xen.org> - ---- a/xen/arch/x86/domctl.c -+++ b/xen/arch/x86/domctl.c -@@ -329,6 +329,26 @@ long arch_do_domctl( - break; - } - -+ /* -+ * XSA-74: This sub-hypercall is broken in several ways: -+ * - lock order inversion (p2m locks inside page_alloc_lock) -+ * - no preemption on huge max_pfns input -+ * - not (re-)checking d->is_dying with page_alloc_lock held -+ * - not honoring start_pfn input (which libxc also doesn't set) -+ * Additionally it is rather useless, as the result is stale by the -+ * time the caller gets to look at it. -+ * As it only has a single, non-production consumer (xen-mceinj), -+ * rather than trying to fix it we restrict it for the time being. -+ */ -+ if ( /* No nested locks inside copy_to_guest_offset(). */ -+ paging_mode_external(current->domain) || -+ /* Arbitrary limit capping processing time. */ -+ max_pfns > GB(4) / PAGE_SIZE ) -+ { -+ ret = -EOPNOTSUPP; -+ break; -+ } -+ - spin_lock(&d->page_alloc_lock); - - ret = i = 0; diff --git a/app-emulation/xen/files/xen-4.3-CVE-2013-6375-XSA-75.patch b/app-emulation/xen/files/xen-4.3-CVE-2013-6375-XSA-75.patch deleted file mode 100644 index 5db50cf53f3e..000000000000 --- a/app-emulation/xen/files/xen-4.3-CVE-2013-6375-XSA-75.patch +++ /dev/null @@ -1,56 +0,0 @@ -nested VMX: VMLANUCH/VMRESUME emulation must check permission first thing - -Otherwise uninitialized data may be used, leading to crashes. - -This is XSA-75. - -Reported-and-tested-by: Jeff Zimmerman <Jeff_Zimmerman@McAfee.com> -Signed-off-by: Jan Beulich <jbeulich@suse.com> -Reviewed-and-tested-by: Andrew Cooper <andrew.cooper3@citrix.com> - ---- a/xen/arch/x86/hvm/vmx/vvmx.c -+++ b/xen/arch/x86/hvm/vmx/vvmx.c -@@ -1509,15 +1509,10 @@ static void clear_vvmcs_launched(struct - } - } - --int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs) -+static int nvmx_vmresume(struct vcpu *v, struct cpu_user_regs *regs) - { - struct nestedvmx *nvmx = &vcpu_2_nvmx(v); - struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); -- int rc; -- -- rc = vmx_inst_check_privilege(regs, 0); -- if ( rc != X86EMUL_OKAY ) -- return rc; - - /* check VMCS is valid and IO BITMAP is set */ - if ( (nvcpu->nv_vvmcxaddr != VMCX_EADDR) && -@@ -1536,6 +1531,10 @@ int nvmx_handle_vmresume(struct cpu_user - struct vcpu *v = current; - struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); - struct nestedvmx *nvmx = &vcpu_2_nvmx(v); -+ int rc = vmx_inst_check_privilege(regs, 0); -+ -+ if ( rc != X86EMUL_OKAY ) -+ return rc; - - if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR ) - { -@@ -1555,10 +1554,13 @@ int nvmx_handle_vmresume(struct cpu_user - int nvmx_handle_vmlaunch(struct cpu_user_regs *regs) - { - bool_t launched; -- int rc; - struct vcpu *v = current; - struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); - struct nestedvmx *nvmx = &vcpu_2_nvmx(v); -+ int rc = vmx_inst_check_privilege(regs, 0); -+ -+ if ( rc != X86EMUL_OKAY ) -+ return rc; - - if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR ) - { - diff --git a/app-emulation/xen/files/xen-4.3-CVE-2014-263-XSA-84-85.patch b/app-emulation/xen/files/xen-4.3-CVE-2014-263-XSA-84-85.patch deleted file mode 100644 index 3c44c353c9fc..000000000000 --- a/app-emulation/xen/files/xen-4.3-CVE-2014-263-XSA-84-85.patch +++ /dev/null @@ -1,188 +0,0 @@ -From: Xen.org security team <security () xen org> -Date: Thu, 06 Feb 2014 14:18:48 +0000 - -flask: fix reading strings from guest memory - -Since the string size is being specified by the guest, we must range -check it properly before doing allocations based on it. While for the -two cases that are exposed only to trusted guests (via policy -restriction) this just uses an arbitrary upper limit (PAGE_SIZE), for -the FLASK_[GS]ETBOOL case (which any guest can use) the upper limit -gets enforced based on the longest name across all boolean settings. - -This is XSA-84. - -Reported-by: Matthew Daley <mattd@bugfuzz.com> -Signed-off-by: Jan Beulich <jbeulich@suse.com> -Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> -=================================================================== -From: Xen.org security team <security () xen org> -Date: Thu, 06 Feb 2014 12:38:51 +0000 - -From 593bc8c63d582ec0fc2b3a35336106cf9c3a8b34 Mon Sep 17 00:00:00 2001 -From: Matthew Daley <mattd@bugfuzz.com> -Date: Sun, 12 Jan 2014 14:29:32 +1300 -Subject: [PATCH] xsm/flask: correct off-by-one in - flask_security_avc_cachestats cpu id check - -This is XSA-85 - -Signed-off-by: Matthew Daley <mattd@bugfuzz.com> -Reviewed-by: Jan Beulich <jbeulich@suse.com> -Reviewed-by: Ian Campbell <ian.campbell@citrix.com> ---- - xen/xsm/flask/flask_op.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c -index 4426ab9..22878f5 100644 ---- a/xen/xsm/flask/flask_op.c -+++ b/xen/xsm/flask/flask_op.c -@@ -53,6 +53,7 @@ static DEFINE_SPINLOCK(sel_sem); - /* global data for booleans */ - static int bool_num = 0; - static int *bool_pending_values = NULL; -+static size_t bool_maxstr; - static int flask_security_make_bools(void); - - extern int ss_initialized; -@@ -71,9 +72,15 @@ static int domain_has_security(struct do - perms, NULL); - } - --static int flask_copyin_string(XEN_GUEST_HANDLE_PARAM(char) u_buf, char **buf, uint32_t size) -+static int flask_copyin_string(XEN_GUEST_HANDLE_PARAM(char) u_buf, char **buf, -+ size_t size, size_t max_size) - { -- char *tmp = xmalloc_bytes(size + 1); -+ char *tmp; -+ -+ if ( size > max_size ) -+ return -ENOENT; -+ -+ tmp = xmalloc_array(char, size + 1); - if ( !tmp ) - return -ENOMEM; - -@@ -99,7 +106,7 @@ static int flask_security_user(struct xe - if ( rv ) - return rv; - -- rv = flask_copyin_string(arg->u.user, &user, arg->size); -+ rv = flask_copyin_string(arg->u.user, &user, arg->size, PAGE_SIZE); - if ( rv ) - return rv; - -@@ -210,7 +217,7 @@ static int flask_security_context(struct - if ( rv ) - return rv; - -- rv = flask_copyin_string(arg->context, &buf, arg->size); -+ rv = flask_copyin_string(arg->context, &buf, arg->size, PAGE_SIZE); - if ( rv ) - return rv; - -@@ -303,7 +310,7 @@ static int flask_security_resolve_bool(s - if ( arg->bool_id != -1 ) - return 0; - -- rv = flask_copyin_string(arg->name, &name, arg->size); -+ rv = flask_copyin_string(arg->name, &name, arg->size, bool_maxstr); - if ( rv ) - return rv; - -@@ -334,7 +341,7 @@ static int flask_security_set_bool(struc - int num; - int *values; - -- rv = security_get_bools(&num, NULL, &values); -+ rv = security_get_bools(&num, NULL, &values, NULL); - if ( rv != 0 ) - goto out; - -@@ -440,7 +447,7 @@ static int flask_security_make_bools(voi - - xfree(bool_pending_values); - -- ret = security_get_bools(&num, NULL, &values); -+ ret = security_get_bools(&num, NULL, &values, &bool_maxstr); - if ( ret != 0 ) - goto out; - -@@ -457,7 +457,7 @@ static int flask_security_avc_cachestats(struct xen_flask_cache_stats *arg) - { - struct avc_cache_stats *st; - -- if ( arg->cpu > nr_cpu_ids ) -+ if ( arg->cpu >= nr_cpu_ids ) - return -ENOENT; - if ( !cpu_online(arg->cpu) ) - return -ENOENT; --- -1.8.5.2 ---- a/xen/xsm/flask/include/conditional.h -+++ b/xen/xsm/flask/include/conditional.h -@@ -13,7 +13,9 @@ - #ifndef _FLASK_CONDITIONAL_H_ - #define _FLASK_CONDITIONAL_H_ - --int security_get_bools(int *len, char ***names, int **values); -+#include <xen/types.h> -+ -+int security_get_bools(int *len, char ***names, int **values, size_t *maxstr); - - int security_set_bools(int len, int *values); - ---- a/xen/xsm/flask/ss/services.c -+++ b/xen/xsm/flask/ss/services.c -@@ -1850,7 +1850,7 @@ int security_find_bool(const char *name) - return rv; - } - --int security_get_bools(int *len, char ***names, int **values) -+int security_get_bools(int *len, char ***names, int **values, size_t *maxstr) - { - int i, rc = -ENOMEM; - -@@ -1858,6 +1858,8 @@ int security_get_bools(int *len, char ** - if ( names ) - *names = NULL; - *values = NULL; -+ if ( maxstr ) -+ *maxstr = 0; - - *len = policydb.p_bools.nprim; - if ( !*len ) -@@ -1879,16 +1881,17 @@ int security_get_bools(int *len, char ** - - for ( i = 0; i < *len; i++ ) - { -- size_t name_len; -+ size_t name_len = strlen(policydb.p_bool_val_to_name[i]); -+ - (*values)[i] = policydb.bool_val_to_struct[i]->state; - if ( names ) { -- name_len = strlen(policydb.p_bool_val_to_name[i]) + 1; -- (*names)[i] = (char*)xmalloc_array(char, name_len); -+ (*names)[i] = xmalloc_array(char, name_len + 1); - if ( !(*names)[i] ) - goto err; -- strlcpy((*names)[i], policydb.p_bool_val_to_name[i], name_len); -- (*names)[i][name_len - 1] = 0; -+ strlcpy((*names)[i], policydb.p_bool_val_to_name[i], name_len + 1); - } -+ if ( maxstr && name_len > *maxstr ) -+ *maxstr = name_len; - } - rc = 0; - out: -@@ -2006,7 +2009,7 @@ static int security_preserve_bools(struc - struct cond_bool_datum *booldatum; - struct cond_node *cur; - -- rc = security_get_bools(&nbools, &bnames, &bvalues); -+ rc = security_get_bools(&nbools, &bnames, &bvalues, NULL); - if ( rc ) - goto out; - for ( i = 0; i < nbools; i++ ) - diff --git a/app-emulation/xen/files/xen-4.3-XSA-87.patch b/app-emulation/xen/files/xen-4.3-XSA-87.patch deleted file mode 100644 index 3c31ed5d9f66..000000000000 --- a/app-emulation/xen/files/xen-4.3-XSA-87.patch +++ /dev/null @@ -1,23 +0,0 @@ -x86: PHYSDEVOP_{prepare,release}_msix are privileged - -Yet this wasn't being enforced. - -This is XSA-87. - -Signed-off-by: Jan Beulich <jbeulich@suse.com> -Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> - ---- 2014-01-14.orig/xen/arch/x86/physdev.c 2013-11-18 11:03:37.000000000 +0100 -+++ 2014-01-14/xen/arch/x86/physdev.c 2014-01-22 12:47:47.000000000 +0100 -@@ -640,7 +640,10 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H - if ( copy_from_guest(&dev, arg, 1) ) - ret = -EFAULT; - else -- ret = pci_prepare_msix(dev.seg, dev.bus, dev.devfn, -+ ret = xsm_resource_setup_pci(XSM_PRIV, -+ (dev.seg << 16) | (dev.bus << 8) | -+ dev.devfn) ?: -+ pci_prepare_msix(dev.seg, dev.bus, dev.devfn, - cmd != PHYSDEVOP_prepare_msix); - break; - } diff --git a/app-emulation/xen/files/xen-CVE-2013-4375-XSA-71.patch b/app-emulation/xen/files/xen-CVE-2013-4375-XSA-71.patch deleted file mode 100644 index 3fb2338ab76b..000000000000 --- a/app-emulation/xen/files/xen-CVE-2013-4375-XSA-71.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 23260e589e52ec83349f22198eab2331b5a1684e Mon Sep 17 00:00:00 2001 -From: Matthew Daley <mattjd@gmail.com> -Date: Wed, 25 Sep 2013 12:28:47 +1200 -Subject: [PATCH] xen_disk: mark ioreq as mapped before unmapping in error - case - -Commit c6961b7d ("xen_disk: use bdrv_aio_flush instead of bdrv_flush") -modified the semantics of ioreq_{un,}map so that they are idempotent if -called when they're not needed (ie., twice in a row). However, it neglected -to handle the case where batch mapping is not being used (the default), and -one of the grants fails to map. In this case, ioreq_unmap will be called to -unwind and unmap any mappings already performed, but ioreq_unmap simply -returns due to the aforementioned change (the ioreq has not already been -marked as mapped). - -The frontend user can therefore force xen_disk to leak grant mappings, a -per-backend-domain limited resource. - -Fix by marking the ioreq as mapped before calling ioreq_unmap in this -situation. - -This is XSA-71 / CVE-2013-4375 - -Signed-off-by: Matthew Daley <mattjd@gmail.com> ---- - hw/xen_disk.c | 1 + - 1 file changed, 1 insertion(+) - -diff -ur xen-4.3.0.orig/tools/qemu-xen-traditional/hw/xen_disk.c xen-4.3.0/tools/qemu-xen-traditional/hw/xen_disk.c ---- tools/qemu-xen-traditional/hw/xen_disk.c 2013-06-18 00:39:51.000000000 +0800 -+++ tools/qemu-xen-traditional/hw/xen_disk.c 2013-11-06 11:05:44.977888267 +0800 -@@ -298,6 +298,7 @@ - xen_be_printf(&ioreq->blkdev->xendev, 0, - "can't map grant ref %d (%s, %d maps)\n", - ioreq->refs[i], strerror(errno), ioreq->blkdev->cnt_map); -+ ioreq->mapped = 1; - ioreq_unmap(ioreq); - return -1; - } diff --git a/app-emulation/xen/files/xen-CVE-2013-4494-XSA-73.patch b/app-emulation/xen/files/xen-CVE-2013-4494-XSA-73.patch deleted file mode 100644 index e644afe3b0da..000000000000 --- a/app-emulation/xen/files/xen-CVE-2013-4494-XSA-73.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 068bfa76bbd52430e65853375e1d5db99d193e2f Mon Sep 17 00:00:00 2001 -From: Andrew Cooper <andrew.cooper3@citrix.com> -Date: Thu, 31 Oct 2013 20:49:00 +0000 -Subject: [PATCH] gnttab: correct locking order reversal - -Coverity ID 1087189 - -Correct a lock order reversal between a domains page allocation and grant -table locks. - -This is CVE-2013-4494 / XSA-73. - -Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> - -Consolidate error handling. - -Signed-off-by: Jan Beulich <jbeulich@suse.com> -Reviewed-by: Keir Fraser <keir@xen.org> -Tested-by: Matthew Daley <mattjd@gmail.com> ---- - xen/common/grant_table.c | 52 +++++++++++++++++++++++++++++++++++++++------- - 1 file changed, 44 insertions(+), 8 deletions(-) - -diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c -index f42bc7a..48df928 100644 ---- a/xen/common/grant_table.c -+++ b/xen/common/grant_table.c -@@ -1517,6 +1517,8 @@ gnttab_transfer( - - for ( i = 0; i < count; i++ ) - { -+ bool_t okay; -+ - if (i && hypercall_preempt_check()) - return i; - -@@ -1625,16 +1627,18 @@ gnttab_transfer( - * pages when it is dying. - */ - if ( unlikely(e->is_dying) || -- unlikely(e->tot_pages >= e->max_pages) || -- unlikely(!gnttab_prepare_for_transfer(e, d, gop.ref)) ) -+ unlikely(e->tot_pages >= e->max_pages) ) - { -- if ( !e->is_dying ) -- gdprintk(XENLOG_INFO, "gnttab_transfer: " -- "Transferee has no reservation " -- "headroom (%d,%d) or provided a bad grant ref (%08x) " -- "or is dying (%d)\n", -- e->tot_pages, e->max_pages, gop.ref, e->is_dying); - spin_unlock(&e->page_alloc_lock); -+ -+ if ( e->is_dying ) -+ gdprintk(XENLOG_INFO, "gnttab_transfer: " -+ "Transferee (d%d) is dying\n", e->domain_id); -+ else -+ gdprintk(XENLOG_INFO, "gnttab_transfer: " -+ "Transferee (d%d) has no headroom (tot %u, max %u)\n", -+ e->domain_id, e->tot_pages, e->max_pages); -+ - rcu_unlock_domain(e); - put_gfn(d, gop.mfn); - page->count_info &= ~(PGC_count_mask|PGC_allocated); -@@ -1646,6 +1650,38 @@ gnttab_transfer( - /* Okay, add the page to 'e'. */ - if ( unlikely(domain_adjust_tot_pages(e, 1) == 1) ) - get_knownalive_domain(e); -+ -+ /* -+ * We must drop the lock to avoid a possible deadlock in -+ * gnttab_prepare_for_transfer. We have reserved a page in e so can -+ * safely drop the lock and re-aquire it later to add page to the -+ * pagelist. -+ */ -+ spin_unlock(&e->page_alloc_lock); -+ okay = gnttab_prepare_for_transfer(e, d, gop.ref); -+ spin_lock(&e->page_alloc_lock); -+ -+ if ( unlikely(!okay) || unlikely(e->is_dying) ) -+ { -+ bool_t drop_dom_ref = (domain_adjust_tot_pages(e, -1) == 0); -+ -+ spin_unlock(&e->page_alloc_lock); -+ -+ if ( okay /* i.e. e->is_dying due to the surrounding if() */ ) -+ gdprintk(XENLOG_INFO, "gnttab_transfer: " -+ "Transferee (d%d) is now dying\n", e->domain_id); -+ -+ if ( drop_dom_ref ) -+ put_domain(e); -+ rcu_unlock_domain(e); -+ -+ put_gfn(d, gop.mfn); -+ page->count_info &= ~(PGC_count_mask|PGC_allocated); -+ free_domheap_page(page); -+ gop.status = GNTST_general_error; -+ goto copyback; -+ } -+ - page_list_add_tail(page, &e->page_list); - page_set_owner(page, e); - --- -1.7.10.4 - diff --git a/app-emulation/xen/files/xen-CVE-2013-4554-XSA-76.patch b/app-emulation/xen/files/xen-CVE-2013-4554-XSA-76.patch deleted file mode 100644 index 54e4325a0de8..000000000000 --- a/app-emulation/xen/files/xen-CVE-2013-4554-XSA-76.patch +++ /dev/null @@ -1,19 +0,0 @@ -x86/HVM: only allow ring 0 guest code to make hypercalls - -Anything else would allow for privilege escalation. - -This is CVE-2013-4554 / XSA-76. - -Signed-off-by: Jan Beulich <jbeulich@suse.com> - ---- a/xen/arch/x86/hvm/hvm.c -+++ b/xen/arch/x86/hvm/hvm.c -@@ -3359,7 +3359,7 @@ int hvm_do_hypercall(struct cpu_user_reg - case 4: - case 2: - hvm_get_segment_register(curr, x86_seg_ss, &sreg); -- if ( unlikely(sreg.attr.fields.dpl == 3) ) -+ if ( unlikely(sreg.attr.fields.dpl) ) - { - default: - regs->eax = -EPERM; diff --git a/app-emulation/xen/files/xen-CVE-2013-6375-XSA-78.patch b/app-emulation/xen/files/xen-CVE-2013-6375-XSA-78.patch deleted file mode 100644 index 5a8c1330ac3d..000000000000 --- a/app-emulation/xen/files/xen-CVE-2013-6375-XSA-78.patch +++ /dev/null @@ -1,23 +0,0 @@ -http://seclists.org/oss-sec/2013/q4/att-322/xsa78.patch -VT-d: fix TLB flushing in dma_pte_clear_one() - -The third parameter of __intel_iommu_iotlb_flush() is to indicate -whether the to be flushed entry was a present one. A few lines before, -we bailed if !dma_pte_present(*pte), so there's no need to check the -flag here again - we can simply always pass TRUE here. - -This is XSA-78. - -Suggested-by: Cheng Yueqiang <yqcheng.2008@phdis.smu.edu.sg> -Signed-off-by: Jan Beulich <jbeulich@suse.com> - ---- a/xen/drivers/passthrough/vtd/iommu.c -+++ b/xen/drivers/passthrough/vtd/iommu.c -@@ -646,7 +646,7 @@ static void dma_pte_clear_one(struct dom - iommu_flush_cache_entry(pte, sizeof(struct dma_pte)); - - if ( !this_cpu(iommu_dont_flush_iotlb) ) -- __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K , 0, 1); -+ __intel_iommu_iotlb_flush(domain, addr >> PAGE_SHIFT_4K, 1, 1); - - unmap_vtd_domain_page(page); diff --git a/app-emulation/xen/files/xen-CVE-2013-6400-XSA-80.patch b/app-emulation/xen/files/xen-CVE-2013-6400-XSA-80.patch deleted file mode 100644 index c9045959a018..000000000000 --- a/app-emulation/xen/files/xen-CVE-2013-6400-XSA-80.patch +++ /dev/null @@ -1,72 +0,0 @@ -IOMMU: clear "don't flush" override on error paths - -Both xenmem_add_to_physmap() and iommu_populate_page_table() each have -an error path that fails to clear that flag, thus suppressing further -flushes on the respective pCPU. - -In iommu_populate_page_table() also slightly re-arrange code to avoid -the false impression of the flag in question being guarded by a -domain's page_alloc_lock. - -This is CVE-2013-6400 / XSA-80. - -Signed-off-by: Jan Beulich <jbeulich@suse.com> -Acked-by: Ian Campbell <ian.campbell@citrix.com> - ---- a/xen/arch/x86/mm.c -+++ b/xen/arch/x86/mm.c -@@ -4648,7 +4648,7 @@ static int xenmem_add_to_physmap(struct - { - rc = xenmem_add_to_physmap_once(d, xatp); - if ( rc < 0 ) -- return rc; -+ break; - - xatp->idx++; - xatp->gpfn++; ---- a/xen/drivers/passthrough/iommu.c -+++ b/xen/drivers/passthrough/iommu.c -@@ -306,11 +306,11 @@ static int iommu_populate_page_table(str - { - struct hvm_iommu *hd = domain_hvm_iommu(d); - struct page_info *page; -- int rc; -+ int rc = 0; - -+ this_cpu(iommu_dont_flush_iotlb) = 1; - spin_lock(&d->page_alloc_lock); - -- this_cpu(iommu_dont_flush_iotlb) = 1; - page_list_for_each ( page, &d->page_list ) - { - if ( is_hvm_domain(d) || -@@ -320,18 +320,20 @@ static int iommu_populate_page_table(str - rc = hd->platform_ops->map_page( - d, mfn_to_gmfn(d, page_to_mfn(page)), page_to_mfn(page), - IOMMUF_readable|IOMMUF_writable); -- if (rc) -- { -- spin_unlock(&d->page_alloc_lock); -- hd->platform_ops->teardown(d); -- return rc; -- } -+ if ( rc ) -+ break; - } - } -- this_cpu(iommu_dont_flush_iotlb) = 0; -- iommu_iotlb_flush_all(d); -+ - spin_unlock(&d->page_alloc_lock); -- return 0; -+ this_cpu(iommu_dont_flush_iotlb) = 0; -+ -+ if ( !rc ) -+ iommu_iotlb_flush_all(d); -+ else -+ hd->platform_ops->teardown(d); -+ -+ return rc; - } - - diff --git a/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch b/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch deleted file mode 100644 index 22648562283e..000000000000 --- a/app-emulation/xen/files/xen-CVE-2013-6885-XSA-82.patch +++ /dev/null @@ -1,46 +0,0 @@ -http://seclists.org/oss-sec/2013/q4/att-385/xsa82.patch -x86/AMD: work around erratum 793 - -The recommendation is to set a bit in an MSR - do this if the firmware -didn't, considering that otherwise we expose ourselves to a guest -induced DoS. - -This is CVE-2013-6885 / XSA-82. - -Signed-off-by: Jan Beulich <jbeulich@suse.com> -Acked-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com> - ---- a/xen/arch/x86/cpu/amd.c -+++ b/xen/arch/x86/cpu/amd.c -@@ -476,6 +476,20 @@ static void __devinit init_amd(struct cp - "*** Pass \"allow_unsafe\" if you're trusting" - " all your (PV) guest kernels. ***\n"); - -+ if (c->x86 == 0x16 && c->x86_model <= 0xf) { -+ rdmsrl(MSR_AMD64_LS_CFG, value); -+ if (!(value & (1 << 15))) { -+ static bool_t warned; -+ -+ if (c == &boot_cpu_data || opt_cpu_info || -+ !test_and_set_bool(warned)) -+ printk(KERN_WARNING -+ "CPU%u: Applying workaround for erratum 793\n", -+ smp_processor_id()); -+ wrmsrl(MSR_AMD64_LS_CFG, value | (1 << 15)); -+ } -+ } -+ - /* AMD CPUs do not support SYSENTER outside of legacy mode. */ - clear_bit(X86_FEATURE_SEP, c->x86_capability); - ---- a/xen/include/asm-x86/msr-index.h -+++ b/xen/include/asm-x86/msr-index.h -@@ -213,6 +213,7 @@ - - /* AMD64 MSRs */ - #define MSR_AMD64_NB_CFG 0xc001001f -+#define MSR_AMD64_LS_CFG 0xc0011020 - #define MSR_AMD64_IC_CFG 0xc0011021 - #define MSR_AMD64_DC_CFG 0xc0011022 - #define AMD64_NB_CFG_CF8_EXT_ENABLE_BIT 46 - diff --git a/app-emulation/xen/xen-4.2.3.ebuild b/app-emulation/xen/xen-4.2.3.ebuild deleted file mode 100644 index 04131dea8af4..000000000000 --- a/app-emulation/xen/xen-4.2.3.ebuild +++ /dev/null @@ -1,154 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.2.3.ebuild,v 1.4 2014/02/21 04:53:41 idella4 Exp $ - -EAPI=5 - -PYTHON_COMPAT=( python{2_6,2_7} ) - -if [[ $PV == *9999 ]]; then - KEYWORDS="" - REPO="xen-unstable.hg" - EHG_REPO_URI="http://xenbits.xensource.com/${REPO}" - S="${WORKDIR}/${REPO}" - live_eclass="mercurial" -else - KEYWORDS="amd64 x86" - UPSTREAM_VER=0 - GENTOO_VER= - - [[ -n ${UPSTREAM_VER} ]] && \ - UPSTREAM_PATCHSET_URI="http://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz" - [[ -n ${GENTOO_VER} ]] && \ - GENTOO_PATCHSET_URI="http://dev.gentoo.org/~dlan/distfiles/${P}-gentoo-patches-${GENTOO_VER}.tar.xz" - SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz - ${UPSTREAM_PATCHSET_URI} - ${GENTOO_PATCHSET_URI}" -fi - -inherit mount-boot flag-o-matic python-any-r1 toolchain-funcs eutils ${live_eclass} - -DESCRIPTION="The Xen virtual machine monitor" -HOMEPAGE="http://xen.org/" -LICENSE="GPL-2" -SLOT="0" -IUSE="custom-cflags debug efi flask pae xsm" - -DEPEND="${PYTHON_DEPS} - efi? ( >=sys-devel/binutils-2.22[multitarget] ) - !efi? ( >=sys-devel/binutils-2.22[-multitarget] )" -RDEPEND="" -PDEPEND="~app-emulation/xen-tools-${PV}" - -RESTRICT="test" - -# Approved by QA team in bug #144032 -QA_WX_LOAD="boot/xen-syms-${PV}" - -REQUIRED_USE=" - flask? ( xsm ) - " - -pkg_setup() { - python-any-r1_pkg_setup - if [[ -z ${XEN_TARGET_ARCH} ]]; then - if use x86 && use amd64; then - die "Confusion! Both x86 and amd64 are set in your use flags!" - elif use x86; then - export XEN_TARGET_ARCH="x86_32" - elif use amd64; then - export XEN_TARGET_ARCH="x86_64" - else - die "Unsupported architecture!" - fi - fi - - if use flask ; then - export "XSM_ENABLE=y" - export "FLASK_ENABLE=y" - elif use xsm ; then - export "XSM_ENABLE=y" - fi -} - -src_prepare() { - # Upstream's patchset - if [[ -n ${UPSTREAM_VER} ]]; then - EPATCH_SUFFIX="patch" \ - EPATCH_FORCE="yes" \ - epatch "${WORKDIR}"/patches-upstream - fi - - # Gentoo's patchset - if [[ -n ${GENTOO_VER} ]]; then - EPATCH_SUFFIX="patch" \ - EPATCH_FORCE="yes" \ - epatch "${WORKDIR}"/patches-gentoo - fi - - # Drop .config and fix gcc-4.6 - epatch "${FILESDIR}"/${PN/-pvgrub/}-4-fix_dotconfig-gcc.patch - - if use efi; then - epatch "${FILESDIR}"/${PN}-4.2-efi.patch - export EFI_VENDOR="gentoo" - export EFI_MOUNTPOINT="boot" - fi - - # if the user *really* wants to use their own custom-cflags, let them - if use custom-cflags; then - einfo "User wants their own CFLAGS - removing defaults" - # try and remove all the default custom-cflags - find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \ - -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \ - -i {} \; || die "failed to re-set custom-cflags" - fi - - # not strictly necessary to fix this - sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py" - - epatch_user -} - -src_configure() { - use debug && myopt="${myopt} debug=y" - use pae && myopt="${myopt} pae=y" - - if use custom-cflags; then - filter-flags -fPIE -fstack-protector - replace-flags -O3 -O2 - else - unset CFLAGS - fi -} - -src_compile() { - # Send raw LDFLAGS so that --as-needed works - emake CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt} -} - -src_install() { - local myopt - use debug && myopt="${myopt} debug=y" - use pae && myopt="${myopt} pae=y" - - # The 'make install' doesn't 'mkdir -p' the subdirs - if use efi; then - mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die - fi - - emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install -} - -pkg_postinst() { - elog "Official Xen Guide and the unoffical wiki page:" - elog " http://www.gentoo.org/doc/en/xen-guide.xml" - elog " http://en.gentoo-wiki.com/wiki/Xen/" - - use pae && ewarn "This is a PAE build of Xen. It will *only* boot PAE kernels!" - use efi && einfo "The efi executable is installed in boot/efi/gentoo" -} diff --git a/app-emulation/xen/xen-4.2.4-r1.ebuild b/app-emulation/xen/xen-4.2.4-r1.ebuild deleted file mode 100644 index 21405b77e54f..000000000000 --- a/app-emulation/xen/xen-4.2.4-r1.ebuild +++ /dev/null @@ -1,154 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.2.4-r1.ebuild,v 1.1 2014/04/09 21:35:41 dlan Exp $ - -EAPI=5 - -PYTHON_COMPAT=( python{2_6,2_7} ) - -if [[ $PV == *9999 ]]; then - KEYWORDS="" - REPO="xen-unstable.hg" - EHG_REPO_URI="http://xenbits.xensource.com/${REPO}" - S="${WORKDIR}/${REPO}" - live_eclass="mercurial" -else - KEYWORDS="~amd64 ~x86" - UPSTREAM_VER=0 - GENTOO_VER= - - [[ -n ${UPSTREAM_VER} ]] && \ - UPSTREAM_PATCHSET_URI="http://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz" - [[ -n ${GENTOO_VER} ]] && \ - GENTOO_PATCHSET_URI="http://dev.gentoo.org/~dlan/distfiles/${P}-gentoo-patches-${GENTOO_VER}.tar.xz" - SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz - ${UPSTREAM_PATCHSET_URI} - ${GENTOO_PATCHSET_URI}" -fi - -inherit mount-boot flag-o-matic python-any-r1 toolchain-funcs eutils ${live_eclass} - -DESCRIPTION="The Xen virtual machine monitor" -HOMEPAGE="http://xen.org/" -LICENSE="GPL-2" -SLOT="0" -IUSE="custom-cflags debug efi flask pae xsm" - -DEPEND="${PYTHON_DEPS} - efi? ( >=sys-devel/binutils-2.22[multitarget] ) - !efi? ( >=sys-devel/binutils-2.22[-multitarget] )" -RDEPEND="" -PDEPEND="~app-emulation/xen-tools-${PV}" - -RESTRICT="test" - -# Approved by QA team in bug #144032 -QA_WX_LOAD="boot/xen-syms-${PV}" - -REQUIRED_USE=" - flask? ( xsm ) - " - -pkg_setup() { - python-any-r1_pkg_setup - if [[ -z ${XEN_TARGET_ARCH} ]]; then - if use x86 && use amd64; then - die "Confusion! Both x86 and amd64 are set in your use flags!" - elif use x86; then - export XEN_TARGET_ARCH="x86_32" - elif use amd64; then - export XEN_TARGET_ARCH="x86_64" - else - die "Unsupported architecture!" - fi - fi - - if use flask ; then - export "XSM_ENABLE=y" - export "FLASK_ENABLE=y" - elif use xsm ; then - export "XSM_ENABLE=y" - fi -} - -src_prepare() { - # Upstream's patchset - if [[ -n ${UPSTREAM_VER} ]]; then - EPATCH_SUFFIX="patch" \ - EPATCH_FORCE="yes" \ - epatch "${WORKDIR}"/patches-upstream - fi - - # Gentoo's patchset - if [[ -n ${GENTOO_VER} ]]; then - EPATCH_SUFFIX="patch" \ - EPATCH_FORCE="yes" \ - epatch "${WORKDIR}"/patches-gentoo - fi - - # Drop .config and fix gcc-4.6 - epatch "${FILESDIR}"/${PN/-pvgrub/}-4-fix_dotconfig-gcc.patch - - if use efi; then - epatch "${FILESDIR}"/${PN}-4.2-efi.patch - export EFI_VENDOR="gentoo" - export EFI_MOUNTPOINT="boot" - fi - - # if the user *really* wants to use their own custom-cflags, let them - if use custom-cflags; then - einfo "User wants their own CFLAGS - removing defaults" - # try and remove all the default custom-cflags - find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \ - -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \ - -i {} \; || die "failed to re-set custom-cflags" - fi - - # not strictly necessary to fix this - sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py" - - epatch_user -} - -src_configure() { - use debug && myopt="${myopt} debug=y" - use pae && myopt="${myopt} pae=y" - - if use custom-cflags; then - filter-flags -fPIE -fstack-protector - replace-flags -O3 -O2 - else - unset CFLAGS - fi -} - -src_compile() { - # Send raw LDFLAGS so that --as-needed works - emake CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt} -} - -src_install() { - local myopt - use debug && myopt="${myopt} debug=y" - use pae && myopt="${myopt} pae=y" - - # The 'make install' doesn't 'mkdir -p' the subdirs - if use efi; then - mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die - fi - - emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install -} - -pkg_postinst() { - elog "Official Xen Guide and the unoffical wiki page:" - elog " http://www.gentoo.org/doc/en/xen-guide.xml" - elog " http://en.gentoo-wiki.com/wiki/Xen/" - - use pae && ewarn "This is a PAE build of Xen. It will *only* boot PAE kernels!" - use efi && einfo "The efi executable is installed in boot/efi/gentoo" -} diff --git a/app-emulation/xen/xen-4.3.1-r5.ebuild b/app-emulation/xen/xen-4.3.1-r5.ebuild deleted file mode 100644 index 44fdd94c1dca..000000000000 --- a/app-emulation/xen/xen-4.3.1-r5.ebuild +++ /dev/null @@ -1,144 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.3.1-r5.ebuild,v 1.2 2014/02/16 06:40:24 ago Exp $ - -EAPI=5 - -PYTHON_COMPAT=( python2_7 ) - -if [[ $PV == *9999 ]]; then - KEYWORDS="" - REPO="xen-unstable.hg" - EHG_REPO_URI="http://xenbits.xensource.com/${REPO}" - S="${WORKDIR}/${REPO}" - live_eclass="mercurial" -else - # Set to match entry in stable 4.3.1-r1, Bug 493944 - KEYWORDS="amd64 -x86" - SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz" -fi - -inherit mount-boot flag-o-matic python-any-r1 toolchain-funcs eutils ${live_eclass} - -DESCRIPTION="The Xen virtual machine monitor" -HOMEPAGE="http://xen.org/" -LICENSE="GPL-2" -SLOT="0" -IUSE="custom-cflags debug efi flask xsm" - -DEPEND="${PYTHON_DEPS} - efi? ( >=sys-devel/binutils-2.22[multitarget] ) - !efi? ( >=sys-devel/binutils-2.22[-multitarget] )" -RDEPEND="" -PDEPEND="~app-emulation/xen-tools-${PV}" - -RESTRICT="test" - -# Approved by QA team in bug #144032 -QA_WX_LOAD="boot/xen-syms-${PV}" - -REQUIRED_USE="flask? ( xsm )" - -# Security patches -XSA_PATCHES=( - "${FILESDIR}"/${PN}-CVE-2013-4375-XSA-71.patch - "${FILESDIR}"/${PN}-CVE-2013-4494-XSA-73.patch - "${FILESDIR}"/${PN}-4.3-CVE-2013-6375-XSA-75.patch - "${FILESDIR}"/${PN}-CVE-2013-6375-XSA-78.patch - "${FILESDIR}"/${PN}-CVE-2013-6885-XSA-82.patch - "${FILESDIR}"/${PN}-4.3-CVE-2013-4553-XSA-74.patch - "${FILESDIR}"/${PN}-CVE-2013-4554-XSA-76.patch - "${FILESDIR}"/${PN}-CVE-2013-6400-XSA-80.patch - "${FILESDIR}"/${PN}-4-XSA-83.patch # bug #499054 - "${FILESDIR}"/${PN}-4.3-CVE-2014-263-XSA-84-85.patch # bug #500528 500536 - "${FILESDIR}"/${PN}-4.3-XSA-87.patch # bug #499124 -) - -pkg_setup() { - python-any-r1_pkg_setup - if [[ -z ${XEN_TARGET_ARCH} ]]; then - if use x86 && use amd64; then - die "Confusion! Both x86 and amd64 are set in your use flags!" - elif use x86; then - export XEN_TARGET_ARCH="x86_32" - elif use amd64; then - export XEN_TARGET_ARCH="x86_64" - else - die "Unsupported architecture!" - fi - fi - - if use flask ; then - export "XSM_ENABLE=y" - export "FLASK_ENABLE=y" - elif use xsm ; then - export "XSM_ENABLE=y" - fi -} - -src_prepare() { - # Drop .config and fix gcc-4.6 - epatch "${FILESDIR}"/${PN/-pvgrub/}-4.3-fix_dotconfig-gcc.patch - - if use efi; then - epatch "${FILESDIR}"/${PN}-4.2-efi.patch - export EFI_VENDOR="gentoo" - export EFI_MOUNTPOINT="boot" - fi - - # if the user *really* wants to use their own custom-cflags, let them - if use custom-cflags; then - einfo "User wants their own CFLAGS - removing defaults" - # try and remove all the default custom-cflags - find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \ - -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \ - -i {} \; || die "failed to re-set custom-cflags" - fi - - # not strictly necessary to fix this - sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py" - - [[ ${XSA_PATCHES[@]} ]] && epatch "${XSA_PATCHES[@]}" - - epatch_user -} - -src_configure() { - use debug && myopt="${myopt} debug=y" - - if use custom-cflags; then - filter-flags -fPIE -fstack-protector - replace-flags -O3 -O2 - else - unset CFLAGS - fi -} - -src_compile() { - # Send raw LDFLAGS so that --as-needed works - emake CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt} -} - -src_install() { - local myopt - use debug && myopt="${myopt} debug=y" - - # The 'make install' doesn't 'mkdir -p' the subdirs - if use efi; then - mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die - fi - - emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install -} - -pkg_postinst() { - elog "Official Xen Guide and the unoffical wiki page:" - elog " http://www.gentoo.org/doc/en/xen-guide.xml" - elog " http://en.gentoo-wiki.com/wiki/Xen/" - - use efi && einfo "The efi executable is installed in boot/efi/gentoo" -} diff --git a/app-emulation/xen/xen-4.3.2-r1.ebuild b/app-emulation/xen/xen-4.3.2-r1.ebuild deleted file mode 100644 index 376e03b06acd..000000000000 --- a/app-emulation/xen/xen-4.3.2-r1.ebuild +++ /dev/null @@ -1,150 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.3.2-r1.ebuild,v 1.1 2014/04/09 21:35:41 dlan Exp $ - -EAPI=5 - -PYTHON_COMPAT=( python2_7 ) - -if [[ $PV == *9999 ]]; then - KEYWORDS="" - REPO="xen-unstable.hg" - EHG_REPO_URI="http://xenbits.xensource.com/${REPO}" - S="${WORKDIR}/${REPO}" - live_eclass="mercurial" -else - # Set to match entry in stable 4.3.1-r1, Bug 493944 - KEYWORDS="~amd64 -x86" - UPSTREAM_VER=0 - GENTOO_VER= - - [[ -n ${UPSTREAM_VER} ]] && \ - UPSTREAM_PATCHSET_URI="http://dev.gentoo.org/~dlan/distfiles/${P}-upstream-patches-${UPSTREAM_VER}.tar.xz" - [[ -n ${GENTOO_VER} ]] && \ - GENTOO_PATCHSET_URI="http://dev.gentoo.org/~dlan/distfiles/${P}-gentoo-patches-${GENTOO_VER}.tar.xz" - SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz - ${UPSTREAM_PATCHSET_URI} - ${GENTOO_PATCHSET_URI}" -fi - -inherit mount-boot flag-o-matic python-any-r1 toolchain-funcs eutils ${live_eclass} - -DESCRIPTION="The Xen virtual machine monitor" -HOMEPAGE="http://xen.org/" -LICENSE="GPL-2" -SLOT="0" -IUSE="custom-cflags debug efi flask xsm" - -DEPEND="${PYTHON_DEPS} - efi? ( >=sys-devel/binutils-2.22[multitarget] ) - !efi? ( >=sys-devel/binutils-2.22[-multitarget] )" -RDEPEND="" -PDEPEND="~app-emulation/xen-tools-${PV}" - -RESTRICT="test" - -# Approved by QA team in bug #144032 -QA_WX_LOAD="boot/xen-syms-${PV}" - -REQUIRED_USE="flask? ( xsm )" - -pkg_setup() { - python-any-r1_pkg_setup - if [[ -z ${XEN_TARGET_ARCH} ]]; then - if use x86 && use amd64; then - die "Confusion! Both x86 and amd64 are set in your use flags!" - elif use x86; then - export XEN_TARGET_ARCH="x86_32" - elif use amd64; then - export XEN_TARGET_ARCH="x86_64" - else - die "Unsupported architecture!" - fi - fi - - if use flask ; then - export "XSM_ENABLE=y" - export "FLASK_ENABLE=y" - elif use xsm ; then - export "XSM_ENABLE=y" - fi -} - -src_prepare() { - # Upstream's patchset - if [[ -n ${UPSTREAM_VER} ]]; then - EPATCH_SUFFIX="patch" \ - EPATCH_FORCE="yes" \ - epatch "${WORKDIR}"/patches-upstream - fi - - # Gentoo's patchset - if [[ -n ${GENTOO_VER} ]]; then - EPATCH_SUFFIX="patch" \ - EPATCH_FORCE="yes" \ - epatch "${WORKDIR}"/patches-gentoo - fi - - # Drop .config and fix gcc-4.6 - epatch "${FILESDIR}"/${PN/-pvgrub/}-4.3-fix_dotconfig-gcc.patch - - if use efi; then - epatch "${FILESDIR}"/${PN}-4.2-efi.patch - export EFI_VENDOR="gentoo" - export EFI_MOUNTPOINT="boot" - fi - - # if the user *really* wants to use their own custom-cflags, let them - if use custom-cflags; then - einfo "User wants their own CFLAGS - removing defaults" - # try and remove all the default custom-cflags - find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \ - -e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \ - -e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \ - -i {} \; || die "failed to re-set custom-cflags" - fi - - # not strictly necessary to fix this - sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py" - - epatch_user -} - -src_configure() { - use debug && myopt="${myopt} debug=y" - - if use custom-cflags; then - filter-flags -fPIE -fstack-protector - replace-flags -O3 -O2 - else - unset CFLAGS - fi -} - -src_compile() { - # Send raw LDFLAGS so that --as-needed works - emake V=1 CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt} -} - -src_install() { - local myopt - use debug && myopt="${myopt} debug=y" - - # The 'make install' doesn't 'mkdir -p' the subdirs - if use efi; then - mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die - fi - - emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install -} - -pkg_postinst() { - elog "Official Xen Guide and the unoffical wiki page:" - elog " http://www.gentoo.org/doc/en/xen-guide.xml" - elog " http://en.gentoo-wiki.com/wiki/Xen/" - - use efi && einfo "The efi executable is installed in boot/efi/gentoo" -} |