microcode-ctl: stop installing the init script

Updating microcode on the fly is dangerous as it can modify the set of
valid instructions.  An active example of this is Intel's TSX insns --
the latest microcode push disables the insn on newer CPUs and causes
SIGILL when you try to use it.  But if you test for the insn before the
microcode is updated, it will execute fine.  For daemons that launched
before the update, they'll find the flag works, and then crash later on
when the insn no longer exists.

Thus the only safe way to update microcode is at boot time via a builtin
initramfs.  Details on this operation can be found in #528712#41.

1 files changed, 43 insertions, 0 deletions

diff --git a/sys-apps/microcode-ctl/microcode-ctl-1.28-r1.ebuild b/sys-apps/microcode-ctl/microcode-ctl-1.28-r1.ebuild
new file mode 100644
index 000000000000..3aaef2beed2f
--- /dev/null
+++ b/sys-apps/microcode-ctl/microcode-ctl-1.28-r1.ebuild
@@ -0,0 +1,43 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit toolchain-funcs
+
+MY_P=${PN/-/_}-${PV}
+DESCRIPTION="Intel processor microcode update utility"
+HOMEPAGE="https://fedorahosted.org/microcode_ctl/"
+SRC_URI="https://fedorahosted.org/released/${PN/-/_}/${MY_P}.tar.xz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="-* ~amd64 ~x86"
+IUSE="selinux"
+
+DEPEND=""
+RDEPEND=">=sys-apps/microcode-data-20090330
+	selinux? ( sec-policy/selinux-cpucontrol )"
+
+S=${WORKDIR}/${MY_P}
+
+src_compile() {
+	emake \
+		CC="$(tc-getCC)" \
+		CFLAGS="${CFLAGS} ${CPPFLAGS} ${LDFLAGS}"
+}
+
+src_install() {
+	dosbin microcode_ctl
+	doman microcode_ctl.8
+	dodoc Changelog README
+}
+
+pkg_preinst() {
+	if has_version "<${CATEGORY}/${PN}-1.28-r1" ; then
+		elog "The init scripts have been removed as they are unsafe.  If you want to update"
+		elog "the microcode in your system, please use an initramfs.  See bug #528712#41 for"
+		elog "details (and bug #557278 for genkernel users)."
+	fi
+}