revbump; -4.2.0-r1, python eclass added to enable & ensure a py2 build wrt Bug 53930, xen-4-fix_dotconfig-gcc.patch, xen-4.2.0-externals.patch upgraded 1 sec. patch added, -4.2.1-r1 mirrors changes of -4.2.0-r1, -j1 workaround fixed in -jserver.patch also in -4.2.0.

(Portage version: 2.1.11.40/cvs/Linux x86_64, signed Manifest commit with key 0xB8072B0D)

10 files changed, 945 insertions, 13 deletions

diff --git a/app-emulation/xen-pvgrub/ChangeLog b/app-emulation/xen-pvgrub/ChangeLog
index db54802dc3ee..2e8bf2a3fd10 100644
--- a/app-emulation/xen-pvgrub/ChangeLog
+++ b/app-emulation/xen-pvgrub/ChangeLog
@@ -1,6 +1,20 @@
 # ChangeLog for app-emulation/xen-pvgrub
 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/ChangeLog,v 1.15 2013/01/28 05:29:05 idella4 Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/ChangeLog,v 1.16 2013/01/30 14:12:30 idella4 Exp $
+
+*xen-pvgrub-4.2.0-r1 (30 Jan 2013)
+*xen-pvgrub-4.2.1-r1 (30 Jan 2013)
+
+  30 Jan 2013; Ian Delaney <idella4@gentoo.org>
+  +files/xen-4-CVE-2012-4544-XSA-25.patch,
+  +files/xen-4-CVE-2012-6075-XSA-41.patch, +files/xen-4.2.0-jserver.patch,
+  +xen-pvgrub-4.2.0-r1.ebuild, +xen-pvgrub-4.2.1-r1.ebuild,
+  files/xen-4-fix_dotconfig-gcc.patch, files/xen-4.2.0-externals.patch,
+  xen-pvgrub-4.2.0.ebuild, xen-pvgrub-4.2.1.ebuild:
+  revbump; -4.2.0-r1, python eclass added to enable & ensure a py2 build wrt Bug
+  53930, xen-4-fix_dotconfig-gcc.patch, xen-4.2.0-externals.patch upgraded 1
+  sec. patch added, -4.2.1-r1 mirrors changes of -4.2.0-r1, -j1 workaround fixed
+  in -jserver.patch also in -4.2.0.
 
 *xen-pvgrub-4.2.1 (28 Jan 2013)
 
diff --git a/app-emulation/xen-pvgrub/files/xen-4-CVE-2012-4544-XSA-25.patch b/app-emulation/xen-pvgrub/files/xen-4-CVE-2012-4544-XSA-25.patch
new file mode 100644
index 000000000000..35b9338341cf
--- /dev/null
+++ b/app-emulation/xen-pvgrub/files/xen-4-CVE-2012-4544-XSA-25.patch
@@ -0,0 +1,369 @@
+
+# HG changeset patch
+# User Ian Jackson <Ian.Jackson@eu.citrix.com>
+# Date 1351264255 -3600
+# Node ID 537776f51f79c5789d06f97b363596a197c3e71c
+# Parent  40ccbee890e1fc053de3046bbc3d13b8ff6f5d63
+libxc: builder: limit maximum size of kernel/ramdisk.
+
+Allowing user supplied kernels of arbitrary sizes, especially during
+decompression, can swallow up dom0 memory leading to either virtual
+address space exhaustion in the builder process or allocation
+failures/OOM killing of both toolstack and unrelated processes.
+
+We disable these checks when building in a stub domain for pvgrub
+since this uses the guest's own memory and is isolated.
+
+Decompression of gzip compressed kernels and ramdisks has been safe
+since 14954:58205257517d (Xen 3.1.0 onwards).
+
+This is XSA-25 / CVE-2012-4544.
+
+Also make explicit checks for buffer overflows in various
+decompression routines. These were already ruled out due to other
+properties of the code but check them as a belt-and-braces measure.
+
+Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
+Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
+
+diff -r 40ccbee890e1 -r 537776f51f79 stubdom/grub/kexec.c
+--- stubdom/grub/kexec.c	Thu Oct 25 15:36:32 2012 +0200
++++ stubdom/grub/kexec.c	Fri Oct 26 16:10:55 2012 +0100
+@@ -137,6 +137,10 @@ void kexec(void *kernel, long kernel_siz
+     dom = xc_dom_allocate(xc_handle, cmdline, features);
+     dom->allocate = kexec_allocate;
+ 
++    /* We are using guest owned memory, therefore no limits. */
++    xc_dom_kernel_max_size(dom, 0);
++    xc_dom_ramdisk_max_size(dom, 0);
++
+     dom->kernel_blob = kernel;
+     dom->kernel_size = kernel_size;
+ 
+diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom.h
+--- tools/libxc/xc_dom.h	Thu Oct 25 15:36:32 2012 +0200
++++ tools/libxc/xc_dom.h	Fri Oct 26 16:10:55 2012 +0100
+@@ -55,6 +55,9 @@ struct xc_dom_image {
+     void *ramdisk_blob;
+     size_t ramdisk_size;
+ 
++    size_t max_kernel_size;
++    size_t max_ramdisk_size;
++
+     /* arguments and parameters */
+     char *cmdline;
+     uint32_t f_requested[XENFEAT_NR_SUBMAPS];
+@@ -180,6 +183,23 @@ void xc_dom_release_phys(struct xc_dom_i
+ void xc_dom_release(struct xc_dom_image *dom);
+ int xc_dom_mem_init(struct xc_dom_image *dom, unsigned int mem_mb);
+ 
++/* Set this larger if you have enormous ramdisks/kernels. Note that
++ * you should trust all kernels not to be maliciously large (e.g. to
++ * exhaust all dom0 memory) if you do this (see CVE-2012-4544 /
++ * XSA-25). You can also set the default independently for
++ * ramdisks/kernels in xc_dom_allocate() or call
++ * xc_dom_{kernel,ramdisk}_max_size.
++ */
++#ifndef XC_DOM_DECOMPRESS_MAX
++#define XC_DOM_DECOMPRESS_MAX (1024*1024*1024) /* 1GB */
++#endif
++
++int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz);
++int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz);
++
++int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz);
++int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz);
++
+ size_t xc_dom_check_gzip(xc_interface *xch,
+                      void *blob, size_t ziplen);
+ int xc_dom_do_gunzip(xc_interface *xch,
+@@ -240,7 +260,8 @@ void xc_dom_log_memory_footprint(struct 
+ void *xc_dom_malloc(struct xc_dom_image *dom, size_t size);
+ void *xc_dom_malloc_page_aligned(struct xc_dom_image *dom, size_t size);
+ void *xc_dom_malloc_filemap(struct xc_dom_image *dom,
+-                            const char *filename, size_t * size);
++                            const char *filename, size_t * size,
++                            const size_t max_size);
+ char *xc_dom_strdup(struct xc_dom_image *dom, const char *str);
+ 
+ /* --- alloc memory pool ------------------------------------------- */
+diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom_bzimageloader.c
+--- tools/libxc/xc_dom_bzimageloader.c	Thu Oct 25 15:36:32 2012 +0200
++++ tools/libxc/xc_dom_bzimageloader.c	Fri Oct 26 16:10:55 2012 +0100
+@@ -47,13 +47,19 @@ static int xc_try_bzip2_decode(
+     char *out_buf;
+     char *tmp_buf;
+     int retval = -1;
+-    int outsize;
++    unsigned int outsize;
+     uint64_t total;
+ 
+     stream.bzalloc = NULL;
+     stream.bzfree = NULL;
+     stream.opaque = NULL;
+ 
++    if ( dom->kernel_size == 0)
++    {
++        DOMPRINTF("BZIP2: Input is 0 size");
++        return -1;
++    }
++
+     ret = BZ2_bzDecompressInit(&stream, 0, 0);
+     if ( ret != BZ_OK )
+     {
+@@ -66,6 +72,17 @@ static int xc_try_bzip2_decode(
+      * the input buffer to start, and we'll realloc as needed.
+      */
+     outsize = dom->kernel_size;
++
++    /*
++     * stream.avail_in and outsize are unsigned int, while kernel_size
++     * is a size_t. Check we aren't overflowing.
++     */
++    if ( outsize != dom->kernel_size )
++    {
++        DOMPRINTF("BZIP2: Input too large");
++        goto bzip2_cleanup;
++    }
++
+     out_buf = malloc(outsize);
+     if ( out_buf == NULL )
+     {
+@@ -98,13 +115,20 @@ static int xc_try_bzip2_decode(
+         if ( stream.avail_out == 0 )
+         {
+             /* Protect against output buffer overflow */
+-            if ( outsize > INT_MAX / 2 )
++            if ( outsize > UINT_MAX / 2 )
+             {
+                 DOMPRINTF("BZIP2: output buffer overflow");
+                 free(out_buf);
+                 goto bzip2_cleanup;
+             }
+ 
++            if ( xc_dom_kernel_check_size(dom, outsize * 2) )
++            {
++                DOMPRINTF("BZIP2: output too large");
++                free(out_buf);
++                goto bzip2_cleanup;
++            }
++
+             tmp_buf = realloc(out_buf, outsize * 2);
+             if ( tmp_buf == NULL )
+             {
+@@ -172,9 +196,15 @@ static int _xc_try_lzma_decode(
+     unsigned char *out_buf;
+     unsigned char *tmp_buf;
+     int retval = -1;
+-    int outsize;
++    size_t outsize;
+     const char *msg;
+ 
++    if ( dom->kernel_size == 0)
++    {
++        DOMPRINTF("%s: Input is 0 size", what);
++        return -1;
++    }
++
+     /* sigh.  We don't know up-front how much memory we are going to need
+      * for the output buffer.  Allocate the output buffer to be equal
+      * the input buffer to start, and we'll realloc as needed.
+@@ -244,13 +274,20 @@ static int _xc_try_lzma_decode(
+         if ( stream->avail_out == 0 )
+         {
+             /* Protect against output buffer overflow */
+-            if ( outsize > INT_MAX / 2 )
++            if ( outsize > SIZE_MAX / 2 )
+             {
+                 DOMPRINTF("%s: output buffer overflow", what);
+                 free(out_buf);
+                 goto lzma_cleanup;
+             }
+ 
++            if ( xc_dom_kernel_check_size(dom, outsize * 2) )
++            {
++                DOMPRINTF("%s: output too large", what);
++                free(out_buf);
++                goto lzma_cleanup;
++            }
++
+             tmp_buf = realloc(out_buf, outsize * 2);
+             if ( tmp_buf == NULL )
+             {
+@@ -359,6 +396,12 @@ static int xc_try_lzo1x_decode(
+         0x89, 0x4c, 0x5a, 0x4f, 0x00, 0x0d, 0x0a, 0x1a, 0x0a
+     };
+ 
++    /*
++     * lzo_uint should match size_t. Check that this is the case to be
++     * sure we won't overflow various lzo_uint fields.
++     */
++    XC_BUILD_BUG_ON(sizeof(lzo_uint) != sizeof(size_t));
++
+     ret = lzo_init();
+     if ( ret != LZO_E_OK )
+     {
+@@ -438,6 +481,14 @@ static int xc_try_lzo1x_decode(
+         if ( src_len <= 0 || src_len > dst_len || src_len > left )
+             break;
+ 
++        msg = "Output buffer overflow";
++        if ( *size > SIZE_MAX - dst_len )
++            break;
++
++        msg = "Decompressed image too large";
++        if ( xc_dom_kernel_check_size(dom, *size + dst_len) )
++            break;
++
+         msg = "Failed to (re)alloc memory";
+         tmp_buf = realloc(out_buf, *size + dst_len);
+         if ( tmp_buf == NULL )
+diff -r 40ccbee890e1 -r 537776f51f79 tools/libxc/xc_dom_core.c
+--- tools/libxc/xc_dom_core.c	Thu Oct 25 15:36:32 2012 +0200
++++ tools/libxc/xc_dom_core.c	Fri Oct 26 16:10:55 2012 +0100
+@@ -159,7 +159,8 @@ void *xc_dom_malloc_page_aligned(struct 
+ }
+ 
+ void *xc_dom_malloc_filemap(struct xc_dom_image *dom,
+-                            const char *filename, size_t * size)
++                            const char *filename, size_t * size,
++                            const size_t max_size)
+ {
+     struct xc_dom_mem *block = NULL;
+     int fd = -1;
+@@ -171,6 +172,13 @@ void *xc_dom_malloc_filemap(struct xc_do
+     lseek(fd, 0, SEEK_SET);
+     *size = lseek(fd, 0, SEEK_END);
+ 
++    if ( max_size && *size > max_size )
++    {
++        xc_dom_panic(dom->xch, XC_OUT_OF_MEMORY,
++                     "tried to map file which is too large");
++        goto err;
++    }
++
+     block = malloc(sizeof(*block));
+     if ( block == NULL )
+         goto err;
+@@ -222,6 +230,40 @@ char *xc_dom_strdup(struct xc_dom_image 
+ }
+ 
+ /* ------------------------------------------------------------------------ */
++/* decompression buffer sizing                                              */
++int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz)
++{
++    /* No limit */
++    if ( !dom->max_kernel_size )
++        return 0;
++
++    if ( sz > dom->max_kernel_size )
++    {
++        xc_dom_panic(dom->xch, XC_INVALID_KERNEL,
++                     "kernel image too large");
++        return 1;
++    }
++
++    return 0;
++}
++
++int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz)
++{
++    /* No limit */
++    if ( !dom->max_ramdisk_size )
++        return 0;
++
++    if ( sz > dom->max_ramdisk_size )
++    {
++        xc_dom_panic(dom->xch, XC_INVALID_KERNEL,
++                     "ramdisk image too large");
++        return 1;
++    }
++
++    return 0;
++}
++
++/* ------------------------------------------------------------------------ */
+ /* read files, copy memory blocks, with transparent gunzip                  */
+ 
+ size_t xc_dom_check_gzip(xc_interface *xch, void *blob, size_t ziplen)
+@@ -235,7 +277,7 @@ size_t xc_dom_check_gzip(xc_interface *x
+ 
+     gzlen = blob + ziplen - 4;
+     unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0];
+-    if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */
++    if ( (unziplen < 0) || (unziplen > XC_DOM_DECOMPRESS_MAX) )
+     {
+         xc_dom_printf
+             (xch,
+@@ -288,6 +330,9 @@ int xc_dom_try_gunzip(struct xc_dom_imag
+     if ( unziplen == 0 )
+         return 0;
+ 
++    if ( xc_dom_kernel_check_size(dom, unziplen) )
++        return 0;
++
+     unzip = xc_dom_malloc(dom, unziplen);
+     if ( unzip == NULL )
+         return -1;
+@@ -588,6 +633,9 @@ struct xc_dom_image *xc_dom_allocate(xc_
+     memset(dom, 0, sizeof(*dom));
+     dom->xch = xch;
+ 
++    dom->max_kernel_size = XC_DOM_DECOMPRESS_MAX;
++    dom->max_ramdisk_size = XC_DOM_DECOMPRESS_MAX;
++
+     if ( cmdline )
+         dom->cmdline = xc_dom_strdup(dom, cmdline);
+     if ( features )
+@@ -608,10 +656,25 @@ struct xc_dom_image *xc_dom_allocate(xc_
+     return NULL;
+ }
+ 
++int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz)
++{
++    DOMPRINTF("%s: kernel_max_size=%zx", __FUNCTION__, sz);
++    dom->max_kernel_size = sz;
++    return 0;
++}
++
++int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz)
++{
++    DOMPRINTF("%s: ramdisk_max_size=%zx", __FUNCTION__, sz);
++    dom->max_ramdisk_size = sz;
++    return 0;
++}
++
+ int xc_dom_kernel_file(struct xc_dom_image *dom, const char *filename)
+ {
+     DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename);
+-    dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size);
++    dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size,
++                                             dom->max_kernel_size);
+     if ( dom->kernel_blob == NULL )
+         return -1;
+     return xc_dom_try_gunzip(dom, &dom->kernel_blob, &dom->kernel_size);
+@@ -621,7 +684,9 @@ int xc_dom_ramdisk_file(struct xc_dom_im
+ {
+     DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename);
+     dom->ramdisk_blob =
+-        xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size);
++        xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size,
++                              dom->max_ramdisk_size);
++
+     if ( dom->ramdisk_blob == NULL )
+         return -1;
+ //    return xc_dom_try_gunzip(dom, &dom->ramdisk_blob, &dom->ramdisk_size);
+@@ -781,7 +846,11 @@ int xc_dom_build_image(struct xc_dom_ima
+         void *ramdiskmap;
+ 
+         unziplen = xc_dom_check_gzip(dom->xch, dom->ramdisk_blob, dom->ramdisk_size);
++        if ( xc_dom_ramdisk_check_size(dom, unziplen) != 0 )
++            unziplen = 0;
++
+         ramdisklen = unziplen ? unziplen : dom->ramdisk_size;
++
+         if ( xc_dom_alloc_segment(dom, &dom->ramdisk_seg, "ramdisk", 0,
+                                   ramdisklen) != 0 )
+             goto err;
+
+
diff --git a/app-emulation/xen-pvgrub/files/xen-4-CVE-2012-6075-XSA-41.patch b/app-emulation/xen-pvgrub/files/xen-4-CVE-2012-6075-XSA-41.patch
new file mode 100644
index 000000000000..7513ac3d5cba
--- /dev/null
+++ b/app-emulation/xen-pvgrub/files/xen-4-CVE-2012-6075-XSA-41.patch
@@ -0,0 +1,39 @@
+authorMichael Contreras <michael@inetric.com>
+ Mon, 3 Dec 2012 04:11:22 +0000 (20:11 -0800)
+committerAnthony Liguori <aliguori@us.ibm.com>
+ Mon, 3 Dec 2012 14:14:10 +0000 (08:14 -0600)
+
+The e1000_receive function for the e1000 needs to discard packets longer than
+1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes
+this behavior and allocates memory based on this assumption.
+
+Signed-off-by: Michael Contreras <michael@inetric.com>
+Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
+hw/e1000.c
+
+--- tools/qemu-xen/hw/e1000.c
++++ tools/qemu-xen/hw/e1000.c
+@@ -59,6 +59,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
+ #define PNPMMIO_SIZE      0x20000
+ #define MIN_BUF_SIZE      60 /* Min. octets in an ethernet frame sans FCS */
+ 
++/* this is the size past which hardware will drop packets when setting LPE=0 */
++#define MAXIMUM_ETHERNET_VLAN_SIZE 1522
++
+ /*
+  * HW models:
+  *  E1000_DEV_ID_82540EM works with Windows and Linux
+@@ -805,6 +808,13 @@ e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size)
+         size = sizeof(min_buf);
+     }
+ 
++    /* Discard oversized packets if !LPE and !SBP. */
++    if (size > MAXIMUM_ETHERNET_VLAN_SIZE
++        && !(s->mac_reg[RCTL] & E1000_RCTL_LPE)
++        && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) {
++        return size;
++    }
++
+     if (!receive_filter(s, buf, size))
+         return size;
+ 
diff --git a/app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch b/app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch
index 78eb12b0fc64..4e08a30f323e 100644
--- a/app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch
+++ b/app-emulation/xen-pvgrub/files/xen-4-fix_dotconfig-gcc.patch
@@ -7,7 +7,7 @@ diff -ur xen-4.2.0.orig/extras/mini-os/minios.mk xen-4.2.0/extras/mini-os/minios
  # Define some default flags.
  # NB. '-Wcast-qual' is nasty, so I omitted it.
 -DEF_CFLAGS += -fno-builtin -Wall -Werror -Wredundant-decls -Wno-format -Wno-redundant-decls
-+DEF_CFLAGS += -fno-builtin -Wall  -Wredundant-decls -Wno-format -Wno-redundant-decls
++DEF_CFLAGS += -fno-builtin -Wall -Wredundant-decls -Wno-format -Wno-redundant-decls
  DEF_CFLAGS += $(call cc-option,$(CC),-fno-stack-protector,)
  DEF_CFLAGS += $(call cc-option,$(CC),-fgnu89-inline)
  DEF_CFLAGS += -Wstrict-prototypes -Wnested-externs -Wpointer-arith -Winline
@@ -19,7 +19,7 @@ diff -ur xen-4.2.0.orig/tools/libxc/Makefile xen-4.2.0/tools/libxc/Makefile
  -include $(XEN_TARGET_ARCH)/Makefile
 
 -CFLAGS   += -Werror -Wmissing-prototypes
-+CFLAGS   +=  -Wmissing-prototypes
++CFLAGS   += -Wmissing-prototypes
  CFLAGS   += -I. $(CFLAGS_xeninclude)
 
  # Needed for posix_fadvise64() in xc_linux.c
@@ -27,7 +27,7 @@ diff -ur xen-4.2.0.orig/tools/libxc/Makefile xen-4.2.0/tools/libxc/Makefile
 diff -ur xen-4.2.0.orig/Config.mk xen-4.2.0/Config.mk
 --- Config.mk	2012-09-17 18:23:12.000000000 +0800
 +++ Config.mk	2012-12-05 14:01:10.641260261 +0800
-@@ -7,7 +7,6 @@
+@@ -7,7 +7,6 @@ Drop .config
  # fallback for older make
  realpath = $(wildcard $(foreach file,$(1),$(shell cd -P $(dir $(file)) && echo "$$PWD/$(notdir $(file))")))
  
@@ -35,3 +35,211 @@ diff -ur xen-4.2.0.orig/Config.mk xen-4.2.0/Config.mk
  
  # A debug build of Xen and tools?
  debug ?= n
+@@ -24,7 +24,7 @@
+ 
+ # Tools to run on system hosting the build
+ HOSTCC      = gcc
+-HOSTCFLAGS  = -Wall -Werror -Wstrict-prototypes -O2 -fomit-frame-pointer
++HOSTCFLAGS  = -Wstrict-prototypes -O2 -fomit-frame-pointer
+ HOSTCFLAGS += -fno-strict-aliasing
+ 
+ DISTDIR     ?= $(XEN_ROOT)/dist
+@@ -156,7 +156,7 @@
+ 
+ CFLAGS += -std=gnu99
+ 
+-CFLAGS += -Wall -Wstrict-prototypes
++CFLAGS += -Wstrict-prototypes
+ 
+ # Clang complains about macros that expand to 'if ( ( foo == bar ) ) ...'
+ # and is over-zealous with the printf format lint
+diff -ur xen-4.2.1.orig/tools/blktap2/drivers/Makefile xen-4.2.1/tools/blktap2/drivers/Makefile
+--- tools/blktap2/drivers/Makefile	2012-12-17 23:00:11.000000000 +0800
++++ tools/blktap2/drivers/Makefile	2013-01-30 12:31:43.539941099 +0800
+@@ -9,7 +9,7 @@
+ LOCK_UTIL  = lock-util
+ INST_DIR   = $(SBINDIR)
+ 
+-CFLAGS    += -Werror -g
++CFLAGS    += -g
+ CFLAGS    += -Wno-unused
+ CFLAGS    += -fno-strict-aliasing
+ CFLAGS    += -I$(BLKTAP_ROOT)/include -I$(BLKTAP_ROOT)/drivers
+diff -ur xen-4.2.1.orig/tools/debugger/gdbsx/Rules.mk xen-4.2.1/tools/debugger/gdbsx/Rules.mk
+--- tools/debugger/gdbsx/Rules.mk	2012-12-17 23:00:22.000000000 +0800
++++ tools/debugger/gdbsx/Rules.mk	2013-01-30 12:31:43.516941098 +0800
+@@ -1,4 +1,4 @@
+ include $(XEN_ROOT)/tools/Rules.mk
+ 
+-CFLAGS   += -Werror -Wmissing-prototypes 
++CFLAGS   += -Wmissing-prototypes 
+ # (gcc 4.3x and later)   -Wconversion -Wno-sign-conversion
+diff -ur xen-4.2.1.orig/tools/debugger/xenitp/Makefile xen-4.2.1/tools/debugger/xenitp/Makefile
+--- tools/debugger/xenitp/Makefile	2012-12-17 23:00:22.000000000 +0800
++++ tools/debugger/xenitp/Makefile	2013-01-30 12:31:43.516941098 +0800
+@@ -1,7 +1,7 @@
+ XEN_ROOT=$(CURDIR)/../../..
+ include $(XEN_ROOT)/tools/Rules.mk
+ 
+-#CFLAGS  += -Werror -g -O0
++#CFLAGS  += -g -O0
+ 
+ CFLAGS  += $(CFLAGS_libxenctrl)
+ 
+diff -ur xen-4.2.1.orig/tools/libaio/harness/Makefile xen-4.2.1/tools/libaio/harness/Makefile
+--- tools/libaio/harness/Makefile	2012-12-17 23:00:35.000000000 +0800
++++ tools/libaio/harness/Makefile	2013-01-30 12:31:43.541941099 +0800
+@@ -4,7 +4,7 @@
+ HARNESS_SRCS:=main.c
+ # io_queue.c
+ 
+-CFLAGS=-Wall -Werror -g -O -laio
++CFLAGS=-Wall -g -O -laio
+ #-lpthread -lrt
+ 
+ all: $(PROGS)
+diff -ur xen-4.2.1.orig/tools/libfsimage/Rules.mk xen-4.2.1/tools/libfsimage/Rules.mk
+--- tools/libfsimage/Rules.mk	2012-12-17 23:00:36.000000000 +0800
++++ tools/libfsimage/Rules.mk	2013-01-30 12:31:43.515941097 +0800
+@@ -1,7 +1,7 @@
+ include $(XEN_ROOT)/tools/Rules.mk
+ 
+ CFLAGS += -Wno-unknown-pragmas -I$(XEN_ROOT)/tools/libfsimage/common/ -DFSIMAGE_FSDIR=\"$(FSDIR)\"
+-CFLAGS += -Werror -D_GNU_SOURCE
++CFLAGS += -D_GNU_SOURCE
+ LDFLAGS += -L../common/
+ 
+ PIC_OBJS := $(patsubst %.c,%.opic,$(LIB_SRCS-y))
+diff -ur xen-4.2.1.orig/tools/libxl/Makefile xen-4.2.1/tools/libxl/Makefile
+--- tools/libxl/Makefile	2012-12-17 23:01:08.000000000 +0800
++++ tools/libxl/Makefile	2013-01-30 12:31:43.541941099 +0800
+@@ -11,7 +11,7 @@
+ XLUMAJOR = 1.0
+ XLUMINOR = 1
+ 
+-CFLAGS += -Werror -Wno-format-zero-length -Wmissing-declarations \
++CFLAGS += -Wno-format-zero-length -Wmissing-declarations \
+ 	-Wno-declaration-after-statement -Wformat-nonliteral
+ CFLAGS += -I. -fPIC
+ 
+diff -ur xen-4.2.1.orig/tools/qemu-xen/pc-bios/optionrom/Makefile xen-4.2.1/tools/qemu-xen/pc-bios/optionrom/Makefile
+--- tools/qemu-xen/pc-bios/optionrom/Makefile	2012-09-11 02:10:52.000000000 +0800
++++ tools/qemu-xen/pc-bios/optionrom/Makefile	2013-01-30 12:31:43.528941098 +0800
+@@ -9,7 +9,7 @@
+ 
+ .PHONY : all clean build-all
+ 
+-CFLAGS := -Wall -Wstrict-prototypes -Werror -fomit-frame-pointer -fno-builtin
++CFLAGS := -Wall -Wstrict-prototypes -fomit-frame-pointer -fno-builtin
+ CFLAGS += -I$(SRC_PATH)
+ CFLAGS += $(call cc-option, $(CFLAGS), -fno-stack-protector)
+ QEMU_CFLAGS = $(CFLAGS)
+diff -ur xen-4.2.1.orig/tools/vtpm/Rules.mk xen-4.2.1/tools/vtpm/Rules.mk
+--- tools/vtpm/Rules.mk	2012-12-17 23:01:35.000000000 +0800
++++ tools/vtpm/Rules.mk	2013-01-30 12:31:43.515941097 +0800
+@@ -6,7 +6,7 @@
+ #
+ 
+ # General compiler flags
+-CFLAGS   = -Werror -g3
++CFLAGS   = -g3
+ 
+ # Generic project files
+ HDRS	= $(wildcard *.h)
+diff -ur xen-4.2.1.orig/tools/vtpm_manager/Rules.mk xen-4.2.1/tools/vtpm_manager/Rules.mk
+--- tools/vtpm_manager/Rules.mk	2012-12-17 23:01:35.000000000 +0800
++++ tools/vtpm_manager/Rules.mk	2013-01-30 12:31:43.511941097 +0800
+@@ -6,7 +6,7 @@
+ #
+ 
+ # General compiler flags
+-CFLAGS	= -Werror -g3
++CFLAGS	= -g3
+ 
+ # Generic project files
+ HDRS	= $(wildcard *.h)
+diff -ur xen-4.2.1.orig/tools/xenstat/xentop/Makefile xen-4.2.1/tools/xenstat/xentop/Makefile
+--- tools/xenstat/xentop/Makefile	2012-12-17 23:01:35.000000000 +0800
++++ tools/xenstat/xentop/Makefile	2013-01-30 12:31:43.535941098 +0800
+@@ -18,7 +18,7 @@
+ all install xentop:
+ else
+ 
+-CFLAGS += -DGCC_PRINTF -Wall -Werror $(CFLAGS_libxenstat)
++CFLAGS += -DGCC_PRINTF -Wall $(CFLAGS_libxenstat)
+ LDLIBS += $(LDLIBS_libxenstat) $(CURSES_LIBS) $(SOCKET_LIBS)
+ CFLAGS += -DHOST_$(XEN_OS)
+ 
+diff -ur xen-4.2.1.orig/xen/arch/arm/Rules.mk xen-4.2.1/xen/arch/arm/Rules.mk
+--- xen/arch/arm/Rules.mk	2012-12-17 23:01:37.000000000 +0800
++++ xen/arch/arm/Rules.mk	2013-01-30 12:31:43.498941097 +0800
+@@ -9,7 +9,7 @@
+ HAS_DEVICE_TREE := y
+ 
+ CFLAGS += -fno-builtin -fno-common -Wredundant-decls
+-CFLAGS += -iwithprefix include -Werror -Wno-pointer-arith -pipe
++CFLAGS += -iwithprefix include -Wno-pointer-arith -pipe
+ CFLAGS += -I$(BASEDIR)/include
+ 
+ # Prevent floating-point variables from creeping into Xen.
+diff -ur xen-4.2.1.orig/xen/arch/x86/Rules.mk xen-4.2.1/xen/arch/x86/Rules.mk
+--- xen/arch/x86/Rules.mk	2012-12-17 23:01:37.000000000 +0800
++++ xen/arch/x86/Rules.mk	2013-01-30 12:31:43.490941096 +0800
+@@ -24,7 +24,7 @@
+ endif
+ 
+ CFLAGS += -fno-builtin -fno-common -Wredundant-decls
+-CFLAGS += -iwithprefix include -Werror -Wno-pointer-arith -pipe
++CFLAGS += -iwithprefix include -Wno-pointer-arith -pipe
+ CFLAGS += -I$(BASEDIR)/include 
+ CFLAGS += -I$(BASEDIR)/include/asm-x86/mach-generic
+ CFLAGS += -I$(BASEDIR)/include/asm-x86/mach-default
+diff -ur xen-4.2.1.orig/xen/include/Makefile xen-4.2.1/xen/include/Makefile
+--- xen/include/Makefile	2012-12-17 23:01:55.000000000 +0800
++++ xen/include/Makefile	2013-01-30 12:31:43.502941097 +0800
+@@ -78,7 +78,7 @@
+ all: headers.chk
+ 
+ headers.chk: $(filter-out public/arch-% public/%ctl.h public/xsm/% public/%hvm/save.h, $(wildcard public/*.h public/*/*.h) $(public-y)) Makefile
+-	for i in $(filter %.h,$^); do $(CC) -ansi -include stdint.h -Wall -W -Werror -S -o /dev/null -xc $$i || exit 1; echo $$i; done >$@.new
++	for i in $(filter %.h,$^); do $(CC) -ansi -include stdint.h -Wall -W -S -o /dev/null -xc $$i || exit 1; echo $$i; done >$@.new
+ 	mv $@.new $@
+ 
+ endif
+diff -ur xen-4.2.1.orig/tools/tests/mce-test/tools/Makefile xen-4.2.1/tools/tests/mce-test/tools/Makefile
+--- tools/tests/mce-test/tools/Makefile  2012-12-17 23:01:35.000000000 +0800
++++ tools/tests/mce-test/tools/Makefile       2013-01-30 13:01:44.890020152 +0800
+@@ -1,7 +1,7 @@
+ XEN_ROOT=$(CURDIR)/../../../..
+ include $(XEN_ROOT)/tools/Rules.mk
+ 
+-CFLAGS += -Werror
++CFLAGS +=
+ CFLAGS += $(CFLAGS_libxenctrl)
+ CFLAGS += $(CFLAGS_libxenguest)
+ CFLAGS += $(CFLAGS_libxenstore)
+diff -ur xen-4.2.1.orig/tools/tests/mem-sharing/Makefile xen-4.2.1/tools/tests/mem-sharing/Makefile
+--- tools/tests/mem-sharing/Makefile     2012-12-17 23:01:35.000000000 +0800
++++ tools/tests/mem-sharing/Makefile  2013-01-30 13:01:44.890020152 +0800
+@@ -1,7 +1,7 @@
+ XEN_ROOT=$(CURDIR)/../../..
+ include $(XEN_ROOT)/tools/Rules.mk
+ 
+-CFLAGS += -Werror
++CFLAGS +=
+ 
+ CFLAGS += $(CFLAGS_libxenctrl)
+ CFLAGS += $(CFLAGS_xeninclude)
+diff -ur xen-4.2.1.orig/tools/tests/xen-access/Makefile xen-4.2.1/tools/tests/xen-access/Makefile
+--- tools/tests/xen-access/Makefile      2012-12-17 23:01:35.000000000 +0800
++++ tools/tests/xen-access/Makefile   2013-01-30 13:01:44.891020152 +0800
+@@ -1,7 +1,7 @@
+ XEN_ROOT=$(CURDIR)/../../..
+ include $(XEN_ROOT)/tools/Rules.mk
+ 
+-CFLAGS += -Werror
++CFLAGS +=
+ 
+ CFLAGS += $(CFLAGS_libxenctrl)
+ CFLAGS += $(CFLAGS_libxenguest)
+
diff --git a/app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch b/app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch
index a1b95b25de9f..70ff7da2f60f 100644
--- a/app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch
+++ b/app-emulation/xen-pvgrub/files/xen-4.2.0-externals.patch
@@ -1,5 +1,46 @@
 # Patch Makefile to patch insource newlib, 
 # Prevent internal downloading of external packages
+diff -ur xen-4.2.0.orig/stubdom/Makefile xen-4.2.0/stubdom/Makefile
+--- stubdom/Makefile	2012-09-17 18:21:17.000000000 +0800
++++ stubdom/Makefile	2012-12-05 14:01:10.694260256 +0800
+@@ -8,30 +8,30 @@
+ include $(XEN_ROOT)/Config.mk
+ 
+ #ZLIB_URL?=http://www.zlib.net
+-ZLIB_URL=$(XEN_EXTFILES_URL)
++ZLIB_URL=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ ZLIB_VERSION=1.2.3
+ 
+ #LIBPCI_URL?=http://www.kernel.org/pub/software/utils/pciutils
+-LIBPCI_URL?=$(XEN_EXTFILES_URL)
++LIBPCI_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ LIBPCI_VERSION=2.2.9
+ 
+ #NEWLIB_URL?=ftp://sources.redhat.com/pub/newlib
+-NEWLIB_URL?=$(XEN_EXTFILES_URL)
++NEWLIB_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ NEWLIB_VERSION=1.16.0
+ 
+ #LWIP_URL?=http://download.savannah.gnu.org/releases/lwip
+-LWIP_URL?=$(XEN_EXTFILES_URL)
++LWIP_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ LWIP_VERSION=1.3.0
+ 
+ #GRUB_URL?=http://alpha.gnu.org/gnu/grub
+-GRUB_URL?=$(XEN_EXTFILES_URL)
++GRUB_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ GRUB_VERSION=0.97
+ 
+-#OCAML_URL?=$(XEN_EXTFILES_URL)
++#OCAML_URL?=/mnt/gen2/TmpDir/portage/app-emulation/xen-pvgrub-4.2.0/distdir
+ OCAML_URL?=http://caml.inria.fr/pub/distrib/ocaml-3.11
+ OCAML_VERSION=3.11.0
+ 
+-WGET=wget -c
++WGET=cp -t . 
+ 
+ GNU_TARGET_ARCH:=$(XEN_TARGET_ARCH)
+ ifeq ($(XEN_TARGET_ARCH),x86_32)
 @@ -95,12 +95,13 @@
  ##############
  
diff --git a/app-emulation/xen-pvgrub/files/xen-4.2.0-jserver.patch b/app-emulation/xen-pvgrub/files/xen-4.2.0-jserver.patch
new file mode 100644
index 000000000000..d42080c767d3
--- /dev/null
+++ b/app-emulation/xen-pvgrub/files/xen-4.2.0-jserver.patch
@@ -0,0 +1,20 @@
+diff -ur xen-4.2.0.orig/tools/tests/x86_emulator/Makefile xen-4.2.0/tools/tests/x86_emulator/Makefile
+--- tools/tests/x86_emulator/Makefile	2012-09-17 18:21:19.000000000 +0800
++++ tools/tests/x86_emulator/Makefile	2012-11-24 05:06:24.355778737 +0800
+@@ -14,13 +14,13 @@
+ .PHONY: blowfish.h
+ blowfish.h:
+ 	rm -f blowfish.bin
+-	XEN_TARGET_ARCH=x86_32 make -f blowfish.mk all
++	XEN_TARGET_ARCH=x86_32 $(MAKE) -f blowfish.mk all
+ 	(echo "static unsigned int blowfish32_code[] = {"; \
+ 	od -v -t x blowfish.bin | sed 's/^[0-9]* /0x/' | sed 's/ /, 0x/g' | sed 's/$$/,/';\
+ 	echo "};") >$@
+ 	rm -f blowfish.bin
+ ifeq ($(XEN_COMPILE_ARCH),x86_64)
+-	XEN_TARGET_ARCH=x86_64 make -f blowfish.mk all
++	XEN_TARGET_ARCH=x86_64 $(MAKE) -f blowfish.mk all
+ 	(echo "static unsigned int blowfish64_code[] = {"; \
+ 	od -v -t x blowfish.bin | sed 's/^[0-9]* /0x/' | sed 's/ /, 0x/g' | sed 's/$$/,/';\
+ 	echo "};") >>$@
+
diff --git a/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0-r1.ebuild b/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0-r1.ebuild
new file mode 100644
index 000000000000..c6f0c68511a5
--- /dev/null
+++ b/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0-r1.ebuild
@@ -0,0 +1,118 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0-r1.ebuild,v 1.1 2013/01/30 14:12:30 idella4 Exp $
+
+EAPI=4
+PYTHON_DEPEND="2:2.6"
+
+inherit flag-o-matic eutils multilib python toolchain-funcs
+
+XEN_EXTFILES_URL="http://xenbits.xensource.com/xen-extfiles"
+LIBPCI_URL=ftp://atrey.karlin.mff.cuni.cz/pub/linux/pci
+GRUB_URL=mirror://gnu-alpha/grub
+SRC_URI="
+		http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz
+		$GRUB_URL/grub-0.97.tar.gz
+		$XEN_EXTFILES_URL/zlib-1.2.3.tar.gz
+		$LIBPCI_URL/pciutils-2.2.9.tar.bz2
+		$XEN_EXTFILES_URL/lwip-1.3.0.tar.gz
+		$XEN_EXTFILES_URL/newlib/newlib-1.16.0.tar.gz"
+
+S="${WORKDIR}/xen-${PV}"
+
+DESCRIPTION="allows to boot Xen domU kernels from a menu.lst laying inside guest filesystem"
+HOMEPAGE="http://xen.org/"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="custom-cflags"
+
+DEPEND="sys-devel/gettext"
+
+RDEPEND=">=app-emulation/xen-4.2.0"
+
+pkg_setup() {
+	python_set_active_version 2
+	python_pkg_setup
+}
+
+src_prepare() {
+
+	# if the user *really* wants to use their own custom-cflags, let them
+	if use custom-cflags; then
+		einfo "User wants their own CFLAGS - removing defaults"
+		# try and remove all the default custom-cflags
+		find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \
+			-e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \
+			-e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \
+			-e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \
+			-e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \
+			-e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \
+			-i {} \;
+	fi
+
+	#Substitute for internal downloading
+	cp $DISTDIR/zlib-1.2.3.tar.gz \
+		$DISTDIR/pciutils-2.2.9.tar.bz2 \
+		$DISTDIR/lwip-1.3.0.tar.gz \
+		$DISTDIR/newlib-1.16.0.tar.gz \
+		$DISTDIR/grub-0.97.tar.gz \
+		./stubdom/ || die "files not coped to stubdom"
+	# Note: tip to patch grub gentoo style, for review soon. This is around 1/3.
+#	cp "${WORKDIR}"/patch/{00[3-6]_all_grub*,010_all_grub*,01[3-9]_all_grub*,0[6-7]0_all_grub*} \
+#		"${WORKDIR}"/patch/{110_all_grub*,300_all_grub*} \
+#		 stubdom/grub.patches/ || die
+	einfo "files copied to stubdom"
+
+	# Patch the unmergeable newlib, fix most of the leftover gcc QA issues
+	cp "${FILESDIR}"/newlib-implicits.patch stubdom || die
+
+	# Patch stubdom/Makefile to patch insource newlib & prevent internal downloading
+	epatch "${FILESDIR}"/${P/-pvgrub/}-externals.patch
+
+	# Drop .config and Fix gcc-4.6
+	epatch 	"${FILESDIR}"/${PN/-pvgrub/}-4-fix_dotconfig-gcc.patch
+
+	#Sec patch
+	epatch "${FILESDIR}"/${PN/-pvgrub/}-4-CVE-2012-4544-XSA-25.patch
+}
+
+src_compile() {
+	use custom-cflags || unset CFLAGS
+	if test-flag-CC -fno-strict-overflow; then
+		append-flags -fno-strict-overflow
+	fi
+
+	emake CC="$(tc-getCC)" LD="$(tc-getLD)" -C tools/include
+
+	# TODO; fix those -j1
+	if use x86; then
+		emake -j1 CC="$(tc-getCC)" LD="$(tc-getLD)" \
+		XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
+	elif use amd64; then
+		emake -j1 CC="$(tc-getCC)" LD="$(tc-getLD)" \
+		XEN_TARGET_ARCH="x86_64" -C stubdom pv-grub
+		if use multilib; then
+			multilib_toolchain_setup x86
+			emake -j1 XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
+		fi
+	fi
+}
+
+src_install() {
+	if use x86; then
+		emake XEN_TARGET_ARCH="x86_32" DESTDIR="${D}" -C stubdom install-grub
+	fi
+	if use amd64; then
+		emake XEN_TARGET_ARCH="x86_64" DESTDIR="${D}" -C stubdom install-grub
+		if use multilib; then
+			emake XEN_TARGET_ARCH="x86_32" DESTDIR="${D}" -C stubdom install-grub
+		fi
+	fi
+}
+
+pkg_postinst() {
+	elog "Official Xen Guide and the unoffical wiki page:"
+	elog " http://www.gentoo.org/doc/en/xen-guide.xml"
+	elog " http://en.gentoo-wiki.com/wiki/Xen/"
+}
diff --git a/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0.ebuild b/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0.ebuild
index 01b7112774fc..787cdf7b15a6 100644
--- a/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0.ebuild
+++ b/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0.ebuild
@@ -1,8 +1,8 @@
-# Copyright 1999-2012 Gentoo Foundation
+# Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0.ebuild,v 1.1 2012/12/04 16:31:20 idella4 Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.0.ebuild,v 1.2 2013/01/30 14:12:30 idella4 Exp $
 
-EAPI="4"
+EAPI=4
 
 inherit flag-o-matic eutils multilib toolchain-funcs
 
@@ -29,7 +29,7 @@ IUSE="custom-cflags"
 DEPEND="sys-devel/gettext
 	sys-devel/gcc"
 
-RDEPEND="=app-emulation/xen-${PV}"
+RDEPEND=">=app-emulation/xen-4.2.0"
 
 src_prepare() {
 
diff --git a/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1-r1.ebuild b/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1-r1.ebuild
new file mode 100644
index 000000000000..9662bd2ad7a0
--- /dev/null
+++ b/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1-r1.ebuild
@@ -0,0 +1,120 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1-r1.ebuild,v 1.1 2013/01/30 14:12:30 idella4 Exp $
+
+EAPI=4
+PYTHON_DEPEND="2:2.6"
+
+inherit flag-o-matic eutils multilib python toolchain-funcs
+
+XEN_EXTFILES_URL="http://xenbits.xensource.com/xen-extfiles"
+LIBPCI_URL=ftp://atrey.karlin.mff.cuni.cz/pub/linux/pci
+GRUB_URL=mirror://gnu-alpha/grub
+SRC_URI="
+		http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz
+		$GRUB_URL/grub-0.97.tar.gz
+		$XEN_EXTFILES_URL/zlib-1.2.3.tar.gz
+		$LIBPCI_URL/pciutils-2.2.9.tar.bz2
+		$XEN_EXTFILES_URL/lwip-1.3.0.tar.gz
+		$XEN_EXTFILES_URL/newlib/newlib-1.16.0.tar.gz"
+
+S="${WORKDIR}/xen-${PV}"
+
+DESCRIPTION="allows to boot Xen domU kernels from a menu.lst laying inside guest filesystem"
+HOMEPAGE="http://xen.org/"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="custom-cflags"
+
+DEPEND="sys-devel/gettext"
+
+RDEPEND=">=app-emulation/xen-4.2.1"
+
+pkg_setup() {
+	python_set_active_version 2
+	python_pkg_setup
+}
+
+src_prepare() {
+
+	# if the user *really* wants to use their own custom-cflags, let them
+	if use custom-cflags; then
+		einfo "User wants their own CFLAGS - removing defaults"
+		# try and remove all the default custom-cflags
+		find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \
+			-e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \
+			-e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \
+			-e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \
+			-e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \
+			-e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \
+			-i {} \;
+	fi
+
+	#Substitute for internal downloading
+	cp $DISTDIR/zlib-1.2.3.tar.gz \
+		$DISTDIR/pciutils-2.2.9.tar.bz2 \
+		$DISTDIR/lwip-1.3.0.tar.gz \
+		$DISTDIR/newlib-1.16.0.tar.gz \
+		$DISTDIR/grub-0.97.tar.gz \
+		./stubdom/ || die "files not coped to stubdom"
+	# Note: tip to patch grub gentoo style, for review soon. This is around 1/3.
+#	cp "${WORKDIR}"/patch/{00[3-6]_all_grub*,010_all_grub*,01[3-9]_all_grub*,0[6-7]0_all_grub*} \
+#		"${WORKDIR}"/patch/{110_all_grub*,300_all_grub*} \
+#		 stubdom/grub.patches/ || die
+	einfo "files copied to stubdom"
+
+	# Patch the unmergeable newlib, fix most of the leftover gcc QA issues
+	cp "${FILESDIR}"/newlib-implicits.patch stubdom || die
+
+	# Patch stubdom/Makefile to patch insource newlib & prevent internal downloading
+	epatch "${FILESDIR}"/${P/-pvgrub/}-externals.patch
+
+	# Drop .config and Fix gcc-4.6
+	epatch 	"${FILESDIR}"/${PN/-pvgrub/}-4-fix_dotconfig-gcc.patch
+
+	# fix jobserver in Makefile
+	epatch "${FILESDIR}"/${PN/-pvgrub/}-4.2.0-jserver.patch
+
+	#Sec patch
+	epatch "${FILESDIR}"/${PN/-pvgrub/}-4-CVE-2012-6075-XSA-41.patch
+}
+
+src_compile() {
+	use custom-cflags || unset CFLAGS
+	if test-flag-CC -fno-strict-overflow; then
+		append-flags -fno-strict-overflow
+	fi
+
+	emake CC="$(tc-getCC)" LD="$(tc-getLD)" -C tools/include
+
+	if use x86; then
+		emake CC="$(tc-getCC)" LD="$(tc-getLD)" \
+		XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
+	elif use amd64; then
+		emake CC="$(tc-getCC)" LD="$(tc-getLD)" \
+		XEN_TARGET_ARCH="x86_64" -C stubdom pv-grub
+		if use multilib; then
+			multilib_toolchain_setup x86
+			emake XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
+		fi
+	fi
+}
+
+src_install() {
+	if use x86; then
+		emake XEN_TARGET_ARCH="x86_32" DESTDIR="${D}" -C stubdom install-grub
+	fi
+	if use amd64; then
+		emake XEN_TARGET_ARCH="x86_64" DESTDIR="${D}" -C stubdom install-grub
+		if use multilib; then
+			emake XEN_TARGET_ARCH="x86_32" DESTDIR="${D}" -C stubdom install-grub
+		fi
+	fi
+}
+
+pkg_postinst() {
+	elog "Official Xen Guide and the unoffical wiki page:"
+	elog " http://www.gentoo.org/doc/en/xen-guide.xml"
+	elog " http://en.gentoo-wiki.com/wiki/Xen/"
+}
diff --git a/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1.ebuild b/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1.ebuild
index c6ffd2658f9e..560887f36597 100644
--- a/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1.ebuild
+++ b/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1.ebuild,v 1.1 2013/01/28 05:29:05 idella4 Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-pvgrub/xen-pvgrub-4.2.1.ebuild,v 1.2 2013/01/30 14:12:30 idella4 Exp $
 
 EAPI="4"
 
@@ -29,7 +29,7 @@ IUSE="custom-cflags"
 DEPEND="sys-devel/gettext
 	sys-devel/gcc"
 
-RDEPEND="=app-emulation/xen-${PV}"
+RDEPEND=">=app-emulation/xen-4.2.1"
 
 src_prepare() {
 
@@ -67,6 +67,9 @@ src_prepare() {
 
 	# Drop .config and Fix gcc-4.6
 	epatch 	"${FILESDIR}"/${PN/-pvgrub/}-4-fix_dotconfig-gcc.patch
+
+	# fix jobserver in Makefile
+	epatch "${FILESDIR}"/${PN/-pvgrub/}-4.2.0-jserver.patch
 }
 
 src_compile() {
@@ -79,14 +82,14 @@ src_compile() {
 
 	# TODO; fix those -j1
 	if use x86; then
-		emake -j1 CC="$(tc-getCC)" LD="$(tc-getLD)" \
+		emake CC="$(tc-getCC)" LD="$(tc-getLD)" \
 		XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
 	elif use amd64; then
-		emake -j1 CC="$(tc-getCC)" LD="$(tc-getLD)" \
+		emake CC="$(tc-getCC)" LD="$(tc-getLD)" \
 		XEN_TARGET_ARCH="x86_64" -C stubdom pv-grub
 		if use multilib; then
 			multilib_toolchain_setup x86
-			emake -j1 XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
+			emake XEN_TARGET_ARCH="x86_32" -C stubdom pv-grub
 		fi
 	fi
 }