aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorMathieu Othacehe <m.othacehe@gmail.com>2019-11-16 09:34:27 +0100
committerMathieu Othacehe <m.othacehe@gmail.com>2019-11-16 09:34:27 +0100
commit154d97abdd16674fdebc763351f661bbcdc869a4 (patch)
tree0277a9380edd1390f16e432283d32499ffed36d1 /gnu/packages/patches
parente4696c69d75f4fcf54c42beeb928032726bdaf7d (diff)
parent87e7faa2ae641d8302efc8b90f1e45f43f67f6da (diff)
downloadguix-154d97abdd16674fdebc763351f661bbcdc869a4.tar
guix-154d97abdd16674fdebc763351f661bbcdc869a4.tar.gz
Merge remote-tracking branch master into core-updates
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/arm-trusted-firmware-disable-hdcp.patch82
-rw-r--r--gnu/packages/patches/arm-trusted-firmware-optional-bin-generation.patch86
-rw-r--r--gnu/packages/patches/arm-trusted-firmware-rockchip-disable-binary.patch73
-rw-r--r--gnu/packages/patches/avahi-CVE-2018-1000845.patch42
-rw-r--r--gnu/packages/patches/cpio-CVE-2016-2037.patch49
-rw-r--r--gnu/packages/patches/docker-adjust-tests-for-changes-in-go.patch67
-rw-r--r--gnu/packages/patches/emacs-magit-log-format-author-margin.patch72
-rw-r--r--gnu/packages/patches/icecat-gnuzilla-fixes.patch546
-rw-r--r--gnu/packages/patches/icecat-makeicecat.patch22
-rw-r--r--gnu/packages/patches/java-svg-salamander-Fix-non-det.patch86
-rw-r--r--gnu/packages/patches/kodi-increase-test-timeout.patch18
-rw-r--r--gnu/packages/patches/libmpeg2-arm-private-symbols.patch48
-rw-r--r--gnu/packages/patches/libmpeg2-global-symbol-test.patch63
-rw-r--r--gnu/packages/patches/libreoffice-boost.patch17
-rw-r--r--gnu/packages/patches/libvirt-create-machine-cgroup.patch48
-rw-r--r--gnu/packages/patches/mumps-shared-libseq.patch42
-rw-r--r--gnu/packages/patches/mumps-shared-mumps.patch63
-rw-r--r--gnu/packages/patches/mumps-shared-pord.patch77
-rw-r--r--gnu/packages/patches/openmpi-psm2-priority.patch21
-rw-r--r--gnu/packages/patches/patchelf-page-size.patch70
-rw-r--r--gnu/packages/patches/patchelf-rework-for-arm.patch473
-rw-r--r--gnu/packages/patches/ruby-concurrent-ignore-broken-test.patch16
-rw-r--r--gnu/packages/patches/ruby-concurrent-test-arm.patch36
-rw-r--r--gnu/packages/patches/sbcl-graph-asdf-definitions.patch70
-rw-r--r--gnu/packages/patches/seahorse-gkr-use-0-on-empty-flags.patch32
-rw-r--r--gnu/packages/patches/tomb-fix-errors-on-open.patch25
-rw-r--r--gnu/packages/patches/udiskie-no-appindicator.patch155
-rw-r--r--gnu/packages/patches/vlc-fix-test_libvlc_slaves.patch35
-rw-r--r--gnu/packages/patches/weasyprint-library-paths.patch43
-rw-r--r--gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch47
-rw-r--r--gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch107
31 files changed, 1805 insertions, 826 deletions
diff --git a/gnu/packages/patches/arm-trusted-firmware-disable-hdcp.patch b/gnu/packages/patches/arm-trusted-firmware-disable-hdcp.patch
new file mode 100644
index 0000000000..edae2352d9
--- /dev/null
+++ b/gnu/packages/patches/arm-trusted-firmware-disable-hdcp.patch
@@ -0,0 +1,82 @@
+From c7f0cd054578152a250f784bf82c8ca53aa91a02 Mon Sep 17 00:00:00 2001
+From: Ziyuan Xu <xzy.xu@rock-chips.com>
+Date: Tue, 8 Oct 2019 10:27:05 +0800
+Subject: [PATCH] plat/rockchip: cliam a macro to enable hdcp feature for DP
+
+HDCP is using a binary driver, add macro PLAT_RK_DP_HDCP to make it as
+an option.
+
+Change-Id: I54ef1a3635a28e8ae56654bd1e91dfe011520a7f
+Signed-off-by: Ziyuan Xu <xzy.xu@rock-chips.com>
+Signed-off-by: Kever Yang <kever.yang@rock-chips.com>
+---
+ plat/rockchip/rk3399/plat_sip_calls.c | 4 ++++
+ plat/rockchip/rk3399/platform.mk | 11 +++++++----
+ 2 files changed, 11 insertions(+), 4 deletions(-)
+
+diff --git a/plat/rockchip/rk3399/plat_sip_calls.c b/plat/rockchip/rk3399/plat_sip_calls.c
+index c2cc5b11c..ce8476c9a 100644
+--- a/plat/rockchip/rk3399/plat_sip_calls.c
++++ b/plat/rockchip/rk3399/plat_sip_calls.c
+@@ -56,17 +56,21 @@ uintptr_t rockchip_plat_sip_handler(uint32_t smc_fid,
+ void *handle,
+ u_register_t flags)
+ {
++#ifdef PLAT_RK_DP_HDCP
+ uint64_t x5, x6;
++#endif
+
+ switch (smc_fid) {
+ case RK_SIP_DDR_CFG:
+ SMC_RET1(handle, ddr_smc_handler(x1, x2, x3, x4));
++#ifdef PLAT_RK_DP_HDCP
+ case RK_SIP_HDCP_CONTROL:
+ SMC_RET1(handle, dp_hdcp_ctrl(x1));
+ case RK_SIP_HDCP_KEY_DATA64:
+ x5 = read_ctx_reg(get_gpregs_ctx(handle), CTX_GPREG_X5);
+ x6 = read_ctx_reg(get_gpregs_ctx(handle), CTX_GPREG_X6);
+ SMC_RET1(handle, dp_hdcp_store_key(x1, x2, x3, x4, x5, x6));
++#endif
+ default:
+ ERROR("%s: unhandled SMC (0x%x)\n", __func__, smc_fid);
+ SMC_RET1(handle, SMC_UNK);
+diff --git a/plat/rockchip/rk3399/platform.mk b/plat/rockchip/rk3399/platform.mk
+index 25c498da8..01577492d 100644
+--- a/plat/rockchip/rk3399/platform.mk
++++ b/plat/rockchip/rk3399/platform.mk
+@@ -57,7 +57,6 @@ BL31_SOURCES += ${RK_GIC_SOURCES} \
+ ${RK_PLAT_COMMON}/aarch64/platform_common.c \
+ ${RK_PLAT_COMMON}/rockchip_sip_svc.c \
+ ${RK_PLAT_SOC}/plat_sip_calls.c \
+- ${RK_PLAT_SOC}/drivers/dp/cdn_dp.c \
+ ${RK_PLAT_SOC}/drivers/gpio/rk3399_gpio.c \
+ ${RK_PLAT_SOC}/drivers/pmu/pmu.c \
+ ${RK_PLAT_SOC}/drivers/pmu/pmu_fw.c \
+@@ -89,17 +88,21 @@ $(eval $(call add_define,RK3399M0FW))
+ RK3399M0PMUFW=${BUILD_M0}/${PLAT_M0}pmu.bin
+ $(eval $(call add_define,RK3399M0PMUFW))
+
++ifdef PLAT_RK_DP_HDCP
++BL31_SOURCES += ${RK_PLAT_SOC}/drivers/dp/cdn_dp.c
++
+ HDCPFW=${RK_PLAT_SOC}/drivers/dp/hdcp.bin
+ $(eval $(call add_define,HDCPFW))
+
++${BUILD_PLAT}/bl31/cdn_dp.o: CCACHE_EXTRAFILES=$(HDCPFW)
++${RK_PLAT_SOC}/drivers/dp/cdn_dp.c: $(HDCPFW)
++endif
++
+ # CCACHE_EXTRAFILES is needed because ccache doesn't handle .incbin
+ export CCACHE_EXTRAFILES
+ ${BUILD_PLAT}/bl31/pmu_fw.o: CCACHE_EXTRAFILES=$(RK3399M0FW):$(RK3399M0PMUFW)
+ ${RK_PLAT_SOC}/drivers/pmu/pmu_fw.c: $(RK3399M0FW)
+
+-${BUILD_PLAT}/bl31/cdn_dp.o: CCACHE_EXTRAFILES=$(HDCPFW)
+-${RK_PLAT_SOC}/drivers/dp/cdn_dp.c: $(HDCPFW)
+-
+ $(eval $(call MAKE_PREREQ_DIR,${BUILD_M0},${BUILD_PLAT}))
+ .PHONY: $(RK3399M0FW)
+ $(RK3399M0FW): | ${BUILD_M0}
+--
+2.20.1
+
diff --git a/gnu/packages/patches/arm-trusted-firmware-optional-bin-generation.patch b/gnu/packages/patches/arm-trusted-firmware-optional-bin-generation.patch
new file mode 100644
index 0000000000..b2b8a12e1d
--- /dev/null
+++ b/gnu/packages/patches/arm-trusted-firmware-optional-bin-generation.patch
@@ -0,0 +1,86 @@
+From b02de4cb14ee9c2bfff53d36f0b7ec6a2065bc94 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christoph=20M=C3=BCllner?= <christophm30@gmail.com>
+Date: Wed, 24 Apr 2019 09:45:30 +0200
+Subject: [PATCH 1/2] build_macros: Add mechanism to prevent bin generation.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+On certain platforms it does not make sense to generate
+TF-A binary images. For example a platform could make use of serveral
+memory areas, which are non-continuous and the resulting binary
+therefore would suffer from the padding-bytes.
+Typically these platforms use the ELF image.
+
+This patch introduces a variable DISABLE_BIN_GENERATION, which
+can be set to '1' in the platform makefile to prevent the binary
+generation.
+
+Signed-off-by: Christoph Müllner <christophm30@gmail.com>
+Change-Id: I62948e88bab685bb055fe6167d9660d14e604462
+---
+ docs/user-guide.rst | 4 ++++
+ make_helpers/build_macros.mk | 9 +++++++++
+ make_helpers/defaults.mk | 3 +++
+ 3 files changed, 16 insertions(+)
+
+diff --git a/docs/user-guide.rst b/docs/user-guide.rst
+index 0848769b3..19919f112 100644
+--- a/docs/user-guide.rst
++++ b/docs/user-guide.rst
+@@ -369,6 +369,10 @@ Common build options
+ - ``DEBUG``: Chooses between a debug and release build. It can take either 0
+ (release) or 1 (debug) as values. 0 is the default.
+
++- ``DISABLE_BIN_GENERATION``: Boolean option to disable the generation
++ of the binary image. If set to 1, then only the ELF image is built.
++ 0 is the default.
++
+ - ``DYN_DISABLE_AUTH``: Provides the capability to dynamically disable Trusted
+ Board Boot authentication at runtime. This option is meant to be enabled only
+ for development platforms. ``TRUSTED_BOARD_BOOT`` flag must be set if this
+diff --git a/make_helpers/build_macros.mk b/make_helpers/build_macros.mk
+index 5d33954ad..2d41b2db1 100644
+--- a/make_helpers/build_macros.mk
++++ b/make_helpers/build_macros.mk
+@@ -438,6 +438,11 @@ else
+ --script $(LINKERFILE) $(BUILD_DIR)/build_message.o \
+ $(OBJS) $(LDPATHS) $(LIBWRAPPER) $(LDLIBS) $(BL_LIBS)
+ endif
++ifeq ($(DISABLE_BIN_GENERATION),1)
++ @${ECHO_BLANK_LINE}
++ @echo "Built $$@ successfully"
++ @${ECHO_BLANK_LINE}
++endif
+
+ $(DUMP): $(ELF)
+ $${ECHO} " OD $$@"
+@@ -451,7 +456,11 @@ $(BIN): $(ELF)
+ @${ECHO_BLANK_LINE}
+
+ .PHONY: bl$(1)
++ifeq ($(DISABLE_BIN_GENERATION),1)
++bl$(1): $(ELF) $(DUMP)
++else
+ bl$(1): $(BIN) $(DUMP)
++endif
+
+ all: bl$(1)
+
+diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk
+index be84f7791..dc797ed1f 100644
+--- a/make_helpers/defaults.mk
++++ b/make_helpers/defaults.mk
+@@ -62,6 +62,9 @@ DEBUG := 0
+ # Build platform
+ DEFAULT_PLAT := fvp
+
++# Disable the generation of the binary image (ELF only).
++DISABLE_BIN_GENERATION := 0
++
+ # Enable capability to disable authentication dynamically. Only meant for
+ # development platforms.
+ DYN_DISABLE_AUTH := 0
+--
+2.20.1
+
diff --git a/gnu/packages/patches/arm-trusted-firmware-rockchip-disable-binary.patch b/gnu/packages/patches/arm-trusted-firmware-rockchip-disable-binary.patch
new file mode 100644
index 0000000000..8819a7cfad
--- /dev/null
+++ b/gnu/packages/patches/arm-trusted-firmware-rockchip-disable-binary.patch
@@ -0,0 +1,73 @@
+From 42383dcf7db5debb9e183c7c5631974a4c2f91ea Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christoph=20M=C3=BCllner?= <christophm30@gmail.com>
+Date: Wed, 24 Apr 2019 09:52:54 +0200
+Subject: [PATCH 2/2] rockchip: Disable binary generation for all SoCs.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+All supported Rockchip SoCs (RK3288, RK3328, RK3368 and RK3399)
+have non-continuous memory areas in the linker script with a huge
+gap between them. This results in extremely padded binary images
+with a size of about 4 GiB.
+
+E.g. on the RK3399 we have the following memory areas (and base addresses):
+RAM (0x1000), SRAM (0xFF8C0000), and PMUSRAM (0xFF3B0000).
+
+Consumers of the TF-A project (e.g. coreboot or U-Boot) therefore
+use the ELF image instead, which has a size of a few hundred kBs.
+
+In order to prevent the generation of a huge and useless file,
+this patch disables the binary generation for all affected Rockchip
+SoCs.
+
+Signed-off-by: Christoph Müllner <christophm30@gmail.com>
+Change-Id: I4ac65bdf1e598c3e1a59507897d183aee9a36916
+---
+ plat/rockchip/rk3328/platform.mk | 2 ++
+ plat/rockchip/rk3368/platform.mk | 2 ++
+ plat/rockchip/rk3399/platform.mk | 2 ++
+ 3 files changed, 6 insertions(+)
+
+diff --git a/plat/rockchip/rk3328/platform.mk b/plat/rockchip/rk3328/platform.mk
+index 18b1b9419..01c5af6a2 100644
+--- a/plat/rockchip/rk3328/platform.mk
++++ b/plat/rockchip/rk3328/platform.mk
+@@ -8,6 +8,8 @@ RK_PLAT := plat/rockchip
+ RK_PLAT_SOC := ${RK_PLAT}/${PLAT}
+ RK_PLAT_COMMON := ${RK_PLAT}/common
+
++DISABLE_BIN_GENERATION := 1
++
+ include lib/libfdt/libfdt.mk
+
+ PLAT_INCLUDES := -Idrivers/arm/gic/common/ \
+diff --git a/plat/rockchip/rk3368/platform.mk b/plat/rockchip/rk3368/platform.mk
+index d1315fc58..4ec36ce06 100644
+--- a/plat/rockchip/rk3368/platform.mk
++++ b/plat/rockchip/rk3368/platform.mk
+@@ -8,6 +8,8 @@ RK_PLAT := plat/rockchip
+ RK_PLAT_SOC := ${RK_PLAT}/${PLAT}
+ RK_PLAT_COMMON := ${RK_PLAT}/common
+
++DISABLE_BIN_GENERATION := 1
++
+ include lib/libfdt/libfdt.mk
+
+ PLAT_INCLUDES := -I${RK_PLAT_COMMON}/ \
+diff --git a/plat/rockchip/rk3399/platform.mk b/plat/rockchip/rk3399/platform.mk
+index 101359856..25c498da8 100644
+--- a/plat/rockchip/rk3399/platform.mk
++++ b/plat/rockchip/rk3399/platform.mk
+@@ -8,6 +8,8 @@ RK_PLAT := plat/rockchip
+ RK_PLAT_SOC := ${RK_PLAT}/${PLAT}
+ RK_PLAT_COMMON := ${RK_PLAT}/common
+
++DISABLE_BIN_GENERATION := 1
++
+ include lib/libfdt/libfdt.mk
+
+ PLAT_INCLUDES := -I${RK_PLAT_COMMON}/ \
+--
+2.20.1
+
diff --git a/gnu/packages/patches/avahi-CVE-2018-1000845.patch b/gnu/packages/patches/avahi-CVE-2018-1000845.patch
new file mode 100644
index 0000000000..e5b13e0bee
--- /dev/null
+++ b/gnu/packages/patches/avahi-CVE-2018-1000845.patch
@@ -0,0 +1,42 @@
+From e111def44a7df4624a4aa3f85fe98054bffb6b4f Mon Sep 17 00:00:00 2001
+From: Trent Lloyd <trent@lloyd.id.au>
+Date: Sat, 22 Dec 2018 09:06:07 +0800
+Subject: [PATCH] Drop legacy unicast queries from address not on local link
+
+When handling legacy unicast queries, ensure that the source IP is
+inside a subnet on the local link, otherwise drop the packet.
+
+Fixes #145
+Fixes #203
+CVE-2017-6519
+CVE-2018-100084
+---
+ avahi-core/server.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/avahi-core/server.c b/avahi-core/server.c
+index a2cb19a8..a2580e38 100644
+--- a/avahi-core/server.c
++++ b/avahi-core/server.c
+@@ -930,6 +930,7 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
+
+ if (avahi_dns_packet_is_query(p)) {
+ int legacy_unicast = 0;
++ char t[AVAHI_ADDRESS_STR_MAX];
+
+ /* For queries EDNS0 might allow ARCOUNT != 0. We ignore the
+ * AR section completely here, so far. Until the day we add
+@@ -947,6 +948,13 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
+ legacy_unicast = 1;
+ }
+
++ if (!is_mdns_mcast_address(dst_address) &&
++ !avahi_interface_address_on_link(i, src_address)) {
++
++ avahi_log_debug("Received non-local unicast query from host %s on interface '%s.%i'.", avahi_address_snprint(t, sizeof(t), src_address), i->hardware->name, i->protocol);
++ return;
++ }
++
+ if (legacy_unicast)
+ reflect_legacy_unicast_query_packet(s, p, i, src_address, port);
+
diff --git a/gnu/packages/patches/cpio-CVE-2016-2037.patch b/gnu/packages/patches/cpio-CVE-2016-2037.patch
deleted file mode 100644
index f1e068fb45..0000000000
--- a/gnu/packages/patches/cpio-CVE-2016-2037.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-Fix CVE-2016-2037 (out of bounds write in process_copy_in()).
-
-Copied from upstream mailing list:
-https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00005.html
-
----
-
- Other calls to cpio_safer_name_suffix seem to be safe.
- .
- * src/copyin.c (process_copy_in): Make sure that file_hdr.c_name
- has at least two bytes allocated.
- * src/util.c (cpio_safer_name_suffix): Document that use of this
- function requires to be careful.
-Author: Pavel Raiskup <praiskup@redhat.com>
-
----
- src/copyin.c | 2 ++
- src/util.c | 5 ++++-
- 2 files changed, 6 insertions(+), 1 deletion(-)
-
-Index: cpio-2.11+dfsg/src/copyin.c
-===================================================================
---- cpio-2.11+dfsg.orig/src/copyin.c
-+++ cpio-2.11+dfsg/src/copyin.c
-@@ -1433,6 +1433,8 @@ process_copy_in ()
- break;
- }
-
-+ if (file_hdr.c_namesize <= 1)
-+ file_hdr.c_name = xrealloc(file_hdr.c_name, 2);
- cpio_safer_name_suffix (file_hdr.c_name, false, !no_abs_paths_flag,
- false);
-
-Index: cpio-2.11+dfsg/src/util.c
-===================================================================
---- cpio-2.11+dfsg.orig/src/util.c
-+++ cpio-2.11+dfsg/src/util.c
-@@ -1374,7 +1374,10 @@ set_file_times (int fd,
- }
-
- /* Do we have to ignore absolute paths, and if so, does the filename
-- have an absolute path? */
-+ have an absolute path?
-+ Before calling this function make sure that the allocated NAME buffer has
-+ capacity at least 2 bytes to allow us to store the "." string inside. */
-+
- void
- cpio_safer_name_suffix (char *name, bool link_target, bool absolute_names,
- bool strip_leading_dots)
diff --git a/gnu/packages/patches/docker-adjust-tests-for-changes-in-go.patch b/gnu/packages/patches/docker-adjust-tests-for-changes-in-go.patch
new file mode 100644
index 0000000000..82d92cd4de
--- /dev/null
+++ b/gnu/packages/patches/docker-adjust-tests-for-changes-in-go.patch
@@ -0,0 +1,67 @@
+From 4983ef7c1693ad6dfbe4e3809b12541241d7ff56 Mon Sep 17 00:00:00 2001
+From: Sebastiaan van Stijn <github@gone.nl>
+Date: Wed, 14 Aug 2019 02:51:08 +0200
+Subject: [PATCH] Adjust tests for changes in Go 1.12.8 / 1.11.13
+
+```
+00:38:11 === Failed
+00:38:11 === FAIL: opts TestParseDockerDaemonHost (0.00s)
+00:38:11 hosts_test.go:87: tcp tcp:a.b.c.d address expected error "Invalid bind address format: tcp:a.b.c.d" return, got "parse tcp://tcp:a.b.c.d: invalid port \":a.b.c.d\" after host" and addr
+00:38:11 hosts_test.go:87: tcp tcp:a.b.c.d/path address expected error "Invalid bind address format: tcp:a.b.c.d/path" return, got "parse tcp://tcp:a.b.c.d/path: invalid port \":a.b.c.d\" after host" and addr
+00:38:11
+00:38:11 === FAIL: opts TestParseTCP (0.00s)
+00:38:11 hosts_test.go:129: tcp tcp:a.b.c.d address expected error Invalid bind address format: tcp:a.b.c.d return, got parse tcp://tcp:a.b.c.d: invalid port ":a.b.c.d" after host and addr
+00:38:11 hosts_test.go:129: tcp tcp:a.b.c.d/path address expected error Invalid bind address format: tcp:a.b.c.d/path return, got parse tcp://tcp:a.b.c.d/path: invalid port ":a.b.c.d" after host and addr
+```
+
+Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
+Upstream-commit: 683766613a8c1dca8f95b19ddb7e083bb3aef266
+Component: engine
+---
+ opts/hosts_test.go | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/opts/hosts_test.go b/opts/hosts_test.go
+index 8c54ec0f4b..7a0a943adf 100644
+--- a/opts/hosts_test.go
++++ b/opts/hosts_test.go
+@@ -53,8 +53,8 @@ func TestParseHost(t *testing.T) {
+ func TestParseDockerDaemonHost(t *testing.T) {
+ invalids := map[string]string{
+
+- "tcp:a.b.c.d": "Invalid bind address format: tcp:a.b.c.d",
+- "tcp:a.b.c.d/path": "Invalid bind address format: tcp:a.b.c.d/path",
++ "tcp:a.b.c.d": "",
++ "tcp:a.b.c.d/path": "",
+ "udp://127.0.0.1": "Invalid bind address format: udp://127.0.0.1",
+ "udp://127.0.0.1:2375": "Invalid bind address format: udp://127.0.0.1:2375",
+ "tcp://unix:///run/docker.sock": "Invalid proto, expected tcp: unix:///run/docker.sock",
+@@ -83,7 +83,7 @@ func TestParseDockerDaemonHost(t *testing.T) {
+ "localhost:5555/path": "tcp://localhost:5555/path",
+ }
+ for invalidAddr, expectedError := range invalids {
+- if addr, err := parseDaemonHost(invalidAddr); err == nil || err.Error() != expectedError {
++ if addr, err := parseDaemonHost(invalidAddr); err == nil || expectedError != "" && err.Error() != expectedError {
+ t.Errorf("tcp %v address expected error %q return, got %q and addr %v", invalidAddr, expectedError, err, addr)
+ }
+ }
+@@ -99,8 +99,8 @@ func TestParseTCP(t *testing.T) {
+ defaultHTTPHost = "tcp://127.0.0.1:2376"
+ )
+ invalids := map[string]string{
+- "tcp:a.b.c.d": "Invalid bind address format: tcp:a.b.c.d",
+- "tcp:a.b.c.d/path": "Invalid bind address format: tcp:a.b.c.d/path",
++ "tcp:a.b.c.d": "",
++ "tcp:a.b.c.d/path": "",
+ "udp://127.0.0.1": "Invalid proto, expected tcp: udp://127.0.0.1",
+ "udp://127.0.0.1:2375": "Invalid proto, expected tcp: udp://127.0.0.1:2375",
+ }
+@@ -125,7 +125,7 @@ func TestParseTCP(t *testing.T) {
+ "localhost:5555/path": "tcp://localhost:5555/path",
+ }
+ for invalidAddr, expectedError := range invalids {
+- if addr, err := ParseTCPAddr(invalidAddr, defaultHTTPHost); err == nil || err.Error() != expectedError {
++ if addr, err := ParseTCPAddr(invalidAddr, defaultHTTPHost); err == nil || expectedError != "" && err.Error() != expectedError {
+ t.Errorf("tcp %v address expected error %v return, got %s and addr %v", invalidAddr, expectedError, err, addr)
+ }
+ }
diff --git a/gnu/packages/patches/emacs-magit-log-format-author-margin.patch b/gnu/packages/patches/emacs-magit-log-format-author-margin.patch
new file mode 100644
index 0000000000..fc52157a32
--- /dev/null
+++ b/gnu/packages/patches/emacs-magit-log-format-author-margin.patch
@@ -0,0 +1,72 @@
+From 94914ca4690c0cff12d600a0c8ba6bfb3fb38dc5 Mon Sep 17 00:00:00 2001
+From: Jonas Bernoulli <jonas@bernoul.li>
+Date: Tue, 25 Jun 2019 21:44:32 +0200
+Subject: [PATCH] magit-log-format-author-margin: New function
+
+Split it from `magit-log-format-margin'.
+---
+ lisp/magit-log.el | 48 +++++++++++++++++++++++++----------------------
+ 1 file changed, 26 insertions(+), 22 deletions(-)
+
+diff --git a/lisp/magit-log.el b/lisp/magit-log.el
+index c8e6ef63..c0a79b19 100644
+--- a/lisp/magit-log.el
++++ b/lisp/magit-log.el
+@@ -1374,28 +1374,32 @@ The shortstat style is experimental and rather slow."
+ (when-let ((option (magit-margin-option)))
+ (if magit-log-margin-show-shortstat
+ (magit-log-format-shortstat-margin rev)
+- (pcase-let ((`(,_ ,style ,width ,details ,details-width)
+- (or magit-buffer-margin
+- (symbol-value option))))
+- (magit-make-margin-overlay
+- (concat (and details
+- (concat (propertize (truncate-string-to-width
+- (or author "")
+- details-width
+- nil ?\s (make-string 1 magit-ellipsis))
+- 'face 'magit-log-author)
+- " "))
+- (propertize
+- (if (stringp style)
+- (format-time-string
+- style
+- (seconds-to-time (string-to-number date)))
+- (pcase-let* ((abbr (eq style 'age-abbreviated))
+- (`(,cnt ,unit) (magit--age date abbr)))
+- (format (format (if abbr "%%2i%%-%ic" "%%2i %%-%is")
+- (- width (if details (1+ details-width) 0)))
+- cnt unit)))
+- 'face 'magit-log-date)))))))
++ (magit-log-format-author-margin author date))))
++
++(defun magit-log-format-author-margin (author date &optional previous-line)
++ (pcase-let ((`(,_ ,style ,width ,details ,details-width)
++ (or magit-buffer-margin
++ (symbol-value option))))
++ (magit-make-margin-overlay
++ (concat (and details
++ (concat (propertize (truncate-string-to-width
++ (or author "")
++ details-width
++ nil ?\s (make-string 1 magit-ellipsis))
++ 'face 'magit-log-author)
++ " "))
++ (propertize
++ (if (stringp style)
++ (format-time-string
++ style
++ (seconds-to-time (string-to-number date)))
++ (pcase-let* ((abbr (eq style 'age-abbreviated))
++ (`(,cnt ,unit) (magit--age date abbr)))
++ (format (format (if abbr "%%2i%%-%ic" "%%2i %%-%is")
++ (- width (if details (1+ details-width) 0)))
++ cnt unit)))
++ 'face 'magit-log-date))
++ previous-line)))
+
+ (defun magit-log-format-shortstat-margin (rev)
+ (magit-make-margin-overlay
+--
+2.23.0
+
diff --git a/gnu/packages/patches/icecat-gnuzilla-fixes.patch b/gnu/packages/patches/icecat-gnuzilla-fixes.patch
new file mode 100644
index 0000000000..e8e0946f57
--- /dev/null
+++ b/gnu/packages/patches/icecat-gnuzilla-fixes.patch
@@ -0,0 +1,546 @@
+From 2abca7767c461a022317bf18fbec51e8b3ce6a92 Mon Sep 17 00:00:00 2001
+From: Mark H Weaver <mhw@netris.org>
+Date: Thu, 31 Oct 2019 03:59:46 -0400
+Subject: [PATCH 1/2] Branding: fix patching of trademarkInfo within l10n
+ directory.
+
+This is a followup to commit 930298e1efff3e40721659d8fd7118cdd2477bd4.
+
+* makeicecat: Patch in the IceCat logo copyright notice in all
+brand.dtd files within l10n directory.
+---
+ makeicecat | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/makeicecat b/makeicecat
+index 3ff2ead..4ff3e64 100755
+--- a/makeicecat
++++ b/makeicecat
+@@ -226,7 +226,7 @@ cp $DATA/bookmarks.html.in browser/locales/generic/profile/bookmarks.html.in
+
+ # Custom legal about pages
+
+-find l10n -wholename '*/brand.dtd' |xargs /bin/sed 's/trademarkInfo.part1.*/trademarkInfo.part1 "">/' -i
++find l10n -wholename '*/brand.dtd' |xargs /bin/sed 's/trademarkInfo.part1.*/trademarkInfo.part1 "The IceCat logo is Copyright 2008-2015 Free Software Foundation, released under the terms of the GNU Lesser General Public License, version 3 or any later version.">/' -i
+ find l10n -wholename '*/brand.ftl' |xargs /bin/sed 's/^trademarkInfo = .*/trademarkInfo = The IceCat logo is Copyright 2008-2015 Free Software Foundation, released under the terms of the GNU Lesser General Public License, version 3 or any later version./' -i
+
+ for STRING in rights.intro-point3-unbranded rights.intro-point4a-unbranded rights.intro-point4b-unbranded rights.intro-point4c-unbranded
+--
+2.23.0
+
+From 150af5dd8b502b66f325b9fe8bd0b2ae553326a4 Mon Sep 17 00:00:00 2001
+From: Mark H Weaver <mhw@netris.org>
+Date: Wed, 30 Oct 2019 18:34:44 -0400
+Subject: [PATCH 2/2] Add first batch of IceCat-specific preferences.
+
+* makeicecat: Add code to add IceCat-specific messages to l10n directory.
+* data/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl,
+data/files-to-append/l10n/es-AR/browser/browser/preferences/preferences.ftl,
+data/files-to-append/l10n/es-CL/browser/browser/preferences/preferences.ftl,
+data/files-to-append/l10n/es-ES/browser/browser/preferences/preferences.ftl,
+data/files-to-append/l10n/es-MX/browser/browser/preferences/preferences.ftl,
+data/files-to-append/l10n/fr/browser/browser/preferences/preferences.ftl,
+data/files-to-append/l10n/it/browser/browser/preferences/preferences.ftl,
+data/patches/icecat-preferences.patch: New files.
+---
+ .../en-US/browser/preferences/preferences.ftl | 36 ++++
+ .../browser/preferences/preferences.ftl | 36 ++++
+ .../browser/preferences/preferences.ftl | 36 ++++
+ .../browser/preferences/preferences.ftl | 36 ++++
+ .../browser/preferences/preferences.ftl | 36 ++++
+ .../browser/preferences/preferences.ftl | 36 ++++
+ .../browser/preferences/preferences.ftl | 36 ++++
+ data/patches/icecat-preferences.patch | 155 ++++++++++++++++++
+ makeicecat | 13 ++
+ 9 files changed, 420 insertions(+)
+ create mode 100644 data/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl
+ create mode 100644 data/files-to-append/l10n/es-AR/browser/browser/preferences/preferences.ftl
+ create mode 100644 data/files-to-append/l10n/es-CL/browser/browser/preferences/preferences.ftl
+ create mode 100644 data/files-to-append/l10n/es-ES/browser/browser/preferences/preferences.ftl
+ create mode 100644 data/files-to-append/l10n/es-MX/browser/browser/preferences/preferences.ftl
+ create mode 100644 data/files-to-append/l10n/fr/browser/browser/preferences/preferences.ftl
+ create mode 100644 data/files-to-append/l10n/it/browser/browser/preferences/preferences.ftl
+ create mode 100644 data/patches/icecat-preferences.patch
+
+diff --git a/data/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl b/data/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl
+new file mode 100644
+index 0000000..2f90bcd
+--- /dev/null
++++ b/data/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl
+@@ -0,0 +1,36 @@
++
++## IceCat-specific privacy settings
++
++icecat-privacy-group-header = IceCat-specific privacy settings
++
++disable-javascript-option =
++ .label = Disable JavaScript
++disable-javascript-description = Disabling Javascript greatly improves privacy, security and <a href=\"https://www.gnu.org/philosophy/javascript-trap.html\">freedom</a>, but it will break many sites.
++
++disable-custom-fonts-option =
++ .label = Do not load custom fonts
++disable-custom-fonts-description = Custom fonts can be used for <a href=\"https://en.wikipedia.org/wiki/Device_fingerprint\">fingerprinting</a>. Disabling them improves privacy but may make some sites look wrong.
++
++isolate-request-first-party-option =
++ .label = Isolate requests to First Party domains
++isolate-request-first-party-description = This <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">improves privacy</a>, but it may interfere with login into some sites.
++
++auto-update-extensions-option =
++ .label = Automatically update extensions
++auto-update-extensions-description = Enabling automated updates is good for security, but would start Internet connections in the background.
++
++spoof-referers-option =
++ .label = Spoof Referers
++spoof-referers-description = <a href=\"https://en.wikipedia.org/wiki/HTTP_referer\">Referers</a> tell sites what link brought you there. This feature greatly improves your privacy, but it may break functionality on some sites.
++
++detect-captive-portal-option =
++ .label = Detect captive portal
++detect-captive-portal-description = <a href=\"https://en.wikipedia.org/wiki/Captive_portal\">Captive portals</a> are the sites that control access to public wireless networks in hotels, airports, cafes, etc. The detection service is useful if you connect to such netwoks, but it will start connections automatically.
++
++geolocation-option =
++ .label = Enable Geolocation
++geolocation-description = This is commonly used for maps, weather sites, and some stores. It is better to keep it off unless you really need it.
++
++webgl-option =
++ .label = Enable WebGL
++webgl-description = Needed to visualize 3D graphics, but it may expose you to security threats. Enable it only if you really use it.
+diff --git a/data/files-to-append/l10n/es-AR/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/es-AR/browser/browser/preferences/preferences.ftl
+new file mode 100644
+index 0000000..ad052b3
+--- /dev/null
++++ b/data/files-to-append/l10n/es-AR/browser/browser/preferences/preferences.ftl
+@@ -0,0 +1,36 @@
++
++## IceCat-specific privacy settings
++
++icecat-privacy-group-header = Ajustes de privacidad de IceCat
++
++disable-javascript-option =
++ .label = Desactivar JavaScript
++disable-javascript-description = Desactivar JavaScript mejora enormemente la privacidad, la seguridad en Internet y la <a href=\"https://www.gnu.org/philosophy/javascript-trap.es.html\">libertad</a> en su equipo, pero afectará a la funcionalidad de muchas páginas.
++
++disable-custom-fonts-option =
++ .label = No cargar fuentes personalizadas
++disable-custom-fonts-description = Las fuentes personalizadas pueden usarse para <a href=\"https://en.wikipedia.org/wiki/Device_fingerprint\">rastrear</a> al usuario. Desactivarlas mejora la privacidad pero puede afectar al aspecto visual de algunas páginas.
++
++isolate-request-first-party-option =
++ .label = Aislar las solicitudes a los Dominios Primarios
++isolate-request-first-party-description = Este ajuste <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">mejora la privacidad</a>, pero puede interferir con el inicio de sesión en algunas webs.
++
++auto-update-extensions-option =
++ .label = Actualizar las extensiones automáticamente
++auto-update-extensions-description = Activar las actualizaciones automáticas es bueno para la seguridad, pero precisa del establecimiento de conexiones a otros servidores en segundo plano.
++
++spoof-referers-option =
++ .label = Modificar los referers HTTP
++spoof-referers-description = Los <a href=\"https://es.wikipedia.org/wiki/Referer_(Cabecera_HTTP)\">referers</a> son cabeceras HTTP que informan a una página acerca de nuestro enlace de origen. Activar esta característica mejora enormemente su privacidad, pero puede afectar a la funcionalidad de algunas páginas.
++
++detect-captive-portal-option =
++ .label = Detectar los portales cautivos
++detect-captive-portal-description = Los <a href=\"https://es.wikipedia.org/wiki/Portal_cautivo\">portales cautivos</a> son las webs que registran y controlan el acceso a redes inalámbricas públicas en hoteles, aeropuertos, cafés y similares. El servicio que los detecta es práctico si se ve a menudo en la necesidad de usarlos, pero implica el establecimiento de conexiones en segundo plano.
++
++geolocation-option =
++ .label = Activar Geolocalización
++geolocation-description = Esta característica se usa habitualmente en mapas, páginas del tiempo y algunas tiendas. Es mejor desactivarla si realmente no necesita que identifiquen su ubicación.
++
++webgl-option =
++ .label = Activar WebGL
++webgl-description = Esta función necesaria para mostrar ciertos gráficos 3D en el navegador puede exponerle a ciertos riesgos de seguridad. Actívela solamente si va a usarla.
+diff --git a/data/files-to-append/l10n/es-CL/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/es-CL/browser/browser/preferences/preferences.ftl
+new file mode 100644
+index 0000000..ad052b3
+--- /dev/null
++++ b/data/files-to-append/l10n/es-CL/browser/browser/preferences/preferences.ftl
+@@ -0,0 +1,36 @@
++
++## IceCat-specific privacy settings
++
++icecat-privacy-group-header = Ajustes de privacidad de IceCat
++
++disable-javascript-option =
++ .label = Desactivar JavaScript
++disable-javascript-description = Desactivar JavaScript mejora enormemente la privacidad, la seguridad en Internet y la <a href=\"https://www.gnu.org/philosophy/javascript-trap.es.html\">libertad</a> en su equipo, pero afectará a la funcionalidad de muchas páginas.
++
++disable-custom-fonts-option =
++ .label = No cargar fuentes personalizadas
++disable-custom-fonts-description = Las fuentes personalizadas pueden usarse para <a href=\"https://en.wikipedia.org/wiki/Device_fingerprint\">rastrear</a> al usuario. Desactivarlas mejora la privacidad pero puede afectar al aspecto visual de algunas páginas.
++
++isolate-request-first-party-option =
++ .label = Aislar las solicitudes a los Dominios Primarios
++isolate-request-first-party-description = Este ajuste <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">mejora la privacidad</a>, pero puede interferir con el inicio de sesión en algunas webs.
++
++auto-update-extensions-option =
++ .label = Actualizar las extensiones automáticamente
++auto-update-extensions-description = Activar las actualizaciones automáticas es bueno para la seguridad, pero precisa del establecimiento de conexiones a otros servidores en segundo plano.
++
++spoof-referers-option =
++ .label = Modificar los referers HTTP
++spoof-referers-description = Los <a href=\"https://es.wikipedia.org/wiki/Referer_(Cabecera_HTTP)\">referers</a> son cabeceras HTTP que informan a una página acerca de nuestro enlace de origen. Activar esta característica mejora enormemente su privacidad, pero puede afectar a la funcionalidad de algunas páginas.
++
++detect-captive-portal-option =
++ .label = Detectar los portales cautivos
++detect-captive-portal-description = Los <a href=\"https://es.wikipedia.org/wiki/Portal_cautivo\">portales cautivos</a> son las webs que registran y controlan el acceso a redes inalámbricas públicas en hoteles, aeropuertos, cafés y similares. El servicio que los detecta es práctico si se ve a menudo en la necesidad de usarlos, pero implica el establecimiento de conexiones en segundo plano.
++
++geolocation-option =
++ .label = Activar Geolocalización
++geolocation-description = Esta característica se usa habitualmente en mapas, páginas del tiempo y algunas tiendas. Es mejor desactivarla si realmente no necesita que identifiquen su ubicación.
++
++webgl-option =
++ .label = Activar WebGL
++webgl-description = Esta función necesaria para mostrar ciertos gráficos 3D en el navegador puede exponerle a ciertos riesgos de seguridad. Actívela solamente si va a usarla.
+diff --git a/data/files-to-append/l10n/es-ES/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/es-ES/browser/browser/preferences/preferences.ftl
+new file mode 100644
+index 0000000..ad052b3
+--- /dev/null
++++ b/data/files-to-append/l10n/es-ES/browser/browser/preferences/preferences.ftl
+@@ -0,0 +1,36 @@
++
++## IceCat-specific privacy settings
++
++icecat-privacy-group-header = Ajustes de privacidad de IceCat
++
++disable-javascript-option =
++ .label = Desactivar JavaScript
++disable-javascript-description = Desactivar JavaScript mejora enormemente la privacidad, la seguridad en Internet y la <a href=\"https://www.gnu.org/philosophy/javascript-trap.es.html\">libertad</a> en su equipo, pero afectará a la funcionalidad de muchas páginas.
++
++disable-custom-fonts-option =
++ .label = No cargar fuentes personalizadas
++disable-custom-fonts-description = Las fuentes personalizadas pueden usarse para <a href=\"https://en.wikipedia.org/wiki/Device_fingerprint\">rastrear</a> al usuario. Desactivarlas mejora la privacidad pero puede afectar al aspecto visual de algunas páginas.
++
++isolate-request-first-party-option =
++ .label = Aislar las solicitudes a los Dominios Primarios
++isolate-request-first-party-description = Este ajuste <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">mejora la privacidad</a>, pero puede interferir con el inicio de sesión en algunas webs.
++
++auto-update-extensions-option =
++ .label = Actualizar las extensiones automáticamente
++auto-update-extensions-description = Activar las actualizaciones automáticas es bueno para la seguridad, pero precisa del establecimiento de conexiones a otros servidores en segundo plano.
++
++spoof-referers-option =
++ .label = Modificar los referers HTTP
++spoof-referers-description = Los <a href=\"https://es.wikipedia.org/wiki/Referer_(Cabecera_HTTP)\">referers</a> son cabeceras HTTP que informan a una página acerca de nuestro enlace de origen. Activar esta característica mejora enormemente su privacidad, pero puede afectar a la funcionalidad de algunas páginas.
++
++detect-captive-portal-option =
++ .label = Detectar los portales cautivos
++detect-captive-portal-description = Los <a href=\"https://es.wikipedia.org/wiki/Portal_cautivo\">portales cautivos</a> son las webs que registran y controlan el acceso a redes inalámbricas públicas en hoteles, aeropuertos, cafés y similares. El servicio que los detecta es práctico si se ve a menudo en la necesidad de usarlos, pero implica el establecimiento de conexiones en segundo plano.
++
++geolocation-option =
++ .label = Activar Geolocalización
++geolocation-description = Esta característica se usa habitualmente en mapas, páginas del tiempo y algunas tiendas. Es mejor desactivarla si realmente no necesita que identifiquen su ubicación.
++
++webgl-option =
++ .label = Activar WebGL
++webgl-description = Esta función necesaria para mostrar ciertos gráficos 3D en el navegador puede exponerle a ciertos riesgos de seguridad. Actívela solamente si va a usarla.
+diff --git a/data/files-to-append/l10n/es-MX/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/es-MX/browser/browser/preferences/preferences.ftl
+new file mode 100644
+index 0000000..ad052b3
+--- /dev/null
++++ b/data/files-to-append/l10n/es-MX/browser/browser/preferences/preferences.ftl
+@@ -0,0 +1,36 @@
++
++## IceCat-specific privacy settings
++
++icecat-privacy-group-header = Ajustes de privacidad de IceCat
++
++disable-javascript-option =
++ .label = Desactivar JavaScript
++disable-javascript-description = Desactivar JavaScript mejora enormemente la privacidad, la seguridad en Internet y la <a href=\"https://www.gnu.org/philosophy/javascript-trap.es.html\">libertad</a> en su equipo, pero afectará a la funcionalidad de muchas páginas.
++
++disable-custom-fonts-option =
++ .label = No cargar fuentes personalizadas
++disable-custom-fonts-description = Las fuentes personalizadas pueden usarse para <a href=\"https://en.wikipedia.org/wiki/Device_fingerprint\">rastrear</a> al usuario. Desactivarlas mejora la privacidad pero puede afectar al aspecto visual de algunas páginas.
++
++isolate-request-first-party-option =
++ .label = Aislar las solicitudes a los Dominios Primarios
++isolate-request-first-party-description = Este ajuste <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">mejora la privacidad</a>, pero puede interferir con el inicio de sesión en algunas webs.
++
++auto-update-extensions-option =
++ .label = Actualizar las extensiones automáticamente
++auto-update-extensions-description = Activar las actualizaciones automáticas es bueno para la seguridad, pero precisa del establecimiento de conexiones a otros servidores en segundo plano.
++
++spoof-referers-option =
++ .label = Modificar los referers HTTP
++spoof-referers-description = Los <a href=\"https://es.wikipedia.org/wiki/Referer_(Cabecera_HTTP)\">referers</a> son cabeceras HTTP que informan a una página acerca de nuestro enlace de origen. Activar esta característica mejora enormemente su privacidad, pero puede afectar a la funcionalidad de algunas páginas.
++
++detect-captive-portal-option =
++ .label = Detectar los portales cautivos
++detect-captive-portal-description = Los <a href=\"https://es.wikipedia.org/wiki/Portal_cautivo\">portales cautivos</a> son las webs que registran y controlan el acceso a redes inalámbricas públicas en hoteles, aeropuertos, cafés y similares. El servicio que los detecta es práctico si se ve a menudo en la necesidad de usarlos, pero implica el establecimiento de conexiones en segundo plano.
++
++geolocation-option =
++ .label = Activar Geolocalización
++geolocation-description = Esta característica se usa habitualmente en mapas, páginas del tiempo y algunas tiendas. Es mejor desactivarla si realmente no necesita que identifiquen su ubicación.
++
++webgl-option =
++ .label = Activar WebGL
++webgl-description = Esta función necesaria para mostrar ciertos gráficos 3D en el navegador puede exponerle a ciertos riesgos de seguridad. Actívela solamente si va a usarla.
+diff --git a/data/files-to-append/l10n/fr/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/fr/browser/browser/preferences/preferences.ftl
+new file mode 100644
+index 0000000..4008883
+--- /dev/null
++++ b/data/files-to-append/l10n/fr/browser/browser/preferences/preferences.ftl
+@@ -0,0 +1,36 @@
++
++## IceCat-specific privacy settings
++
++icecat-privacy-group-header = Vie privée de IceCat
++
++disable-javascript-option =
++ .label = Disable JavaScript
++disable-javascript-description = Désactiver JavaScript améliore grandement le respect de la vie privée, la sécurité et <a href=\"https://www.gnu.org/philosophy/javascript-trap.fr.html\">la liberté</a>, mais cela risque de rendre beaucoup de sites web inutilisables.
++
++disable-custom-fonts-option =
++ .label = Ne pas charger de polices personnalisées
++disable-custom-fonts-description = Les polices personnalisées peuvent être utilisées pour vous <a href=\"https://fr.wikipedia.org/wiki/Empreinte_digitale_d%27appareil\">identifier</a>. Les désactiver améliore le respect de la vie privée mais peut détérorier le rendu de certains sites.
++
++isolate-request-first-party-option =
++ .label = Isoler les requêtes vers les domaines de premier niveau
++isolate-request-first-party-description = Améliore <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">le respect de la vie privée</a>, mais peut interférer avec la page de login de certains sites web.
++
++auto-update-extensions-option =
++ .label = Mettre à jour les extensions automatiquement
++auto-update-extensions-description = Activer les mises à jour automatiques améliore votre sécurité, mais cela va ouvrir des connexions internet en arrière-plan.
++
++spoof-referers-option =
++ .label = Usurper l'identité des Referers
++spoof-referers-description = <a href=\"https://fr.wikipedia.org/wiki/R%C3%A9f%C3%A9rent_(informatique)\">Les Referers</a> indiquent aux sites web quel lien vous y a amené. Cette fonctionnalité améliore grandement le respect de la vie privée, mais peut entraîner la perte de fonctionnalités sur certains sites.
++
++detect-captive-portal-option =
++ .label = Détecter les portails captifs
++detect-captive-portal-description = <a href=\"https://fr.wikipedia.org/wiki/Portail_captif\">Les portails captifs</a> sont les sites qui contrôlent l'accès aux réseaux sans fils publics dans les hôtels, les aéroports, les bars, etc. Ce service de détection est utile si vous vous connectez à ce type de réseaux, mais cela entraîne l'ouverture automatique de connexions.
++
++geolocation-option =
++ .label = Activer la géolocalisation
++geolocation-description = Elle est utilisée couramment pour les cartes, les sites de prévisions météo, et certaines boutiques en ligne. Il vaut mieux la désactivez à moins d'en avoir réellement besoin.
++
++webgl-option =
++ .label = Activer WebGL
++webgl-description = Nécessaire afin de visualiser les graphisme en 3D, mais peut vous exposer à des menaces de sécurité. Activer WebGL seulement si vous l'utilisez réellement.
+diff --git a/data/files-to-append/l10n/it/browser/browser/preferences/preferences.ftl b/data/files-to-append/l10n/it/browser/browser/preferences/preferences.ftl
+new file mode 100644
+index 0000000..a1fe1b7
+--- /dev/null
++++ b/data/files-to-append/l10n/it/browser/browser/preferences/preferences.ftl
+@@ -0,0 +1,36 @@
++
++## IceCat-specific privacy settings
++
++icecat-privacy-group-header = Impostazioni sulla privacy di IceCat
++
++disable-javascript-option =
++ .label = Disabilita JavaScript
++disable-javascript-description = Disabilitare Javascript migliora notevolmente la privacy, la sicurezza e la <a href=\"https://www.gnu.org/philosophy/javascript-trap.it.html\">libertà</a>, ma compromette la funzionalità molti siti.
++
++disable-custom-fonts-option =
++ .label = Non caricare caratteri personalizzati
++disable-custom-fonts-description = I caratteri personalizzati possono essere utilizzati per il <a href=\"https://it.wikipedia.org/wiki/Device_fingerprint\">fingerprinting</a>. Disabilitarli migliora la privacy ma potrebbe far compromettere la visibilità di alcuni siti.
++
++isolate-request-first-party-option =
++ .label = Isolare le richieste ai domini proprietari
++isolate-request-first-party-description = Questo <a href=\"https://www.torproject.org/projects/torbrowser/design/#identifier-linkability\">migliora la privacy</a>, ma potrebbe interferire con il login in alcuni siti.
++
++auto-update-extensions-option =
++ .label = Aggiorna automaticamente le estensioni
++auto-update-extensions-description = Abilitare gli aggiornamenti automatici è positivo per la sicurezza, ma avvierebbe connessioni Internet in background.
++
++spoof-referers-option =
++ .label = Spoof Referers
++spoof-referers-description = <a href=\"https://it.wikipedia.org/wiki/Referer\">I referer</a> dicono ai siti quale link ti ha portato lì. Questa funzione migliora notevolmente la privacy, ma potrebbe compromettere la funzionalità di alcuni siti.
++
++detect-captive-portal-option =
++ .label = Rileva il captive portal
++detect-captive-portal-description = <a href=\"https://it.wikipedia.org/wiki/Captive_portal\">I captive portal</a> sono i siti che controllano l'accesso alle reti wireless pubbliche negli hotel, negli aeroporti, nei bar, ecc. Il servizio di rilevamento è utile se ci si connette a tali reti, ma avvierà automaticamente le connessioni.
++
++geolocation-option =
++ .label = Abilita geolocalizzazione
++geolocation-description = Questo è comunemente usato per mappe, siti meteo e alcuni negozi online. È meglio tenerlo spento a meno che non se ne abbia veramente bisogno.
++
++webgl-option =
++ .label = Abilita WebGL
++webgl-description = Necessario per visualizzare la grafica 3D, ma potrebbe esporre a minacce alla sicurezza. Abilitare solo in caso di necessità.
+diff --git a/data/patches/icecat-preferences.patch b/data/patches/icecat-preferences.patch
+new file mode 100644
+index 0000000..86fdd06
+--- /dev/null
++++ b/data/patches/icecat-preferences.patch
+@@ -0,0 +1,155 @@
++--- a/browser/components/preferences/in-content/privacy.xul.orig 2019-10-16 15:29:49.000000000 -0400
+++++ b/browser/components/preferences/in-content/privacy.xul 2019-10-30 23:54:53.591633131 -0400
++@@ -594,6 +594,79 @@
++ data-l10n-id="addressbar-suggestions-settings"/>
++ </groupbox>
++
+++<!-- IceCat-specific privacy group -->
+++<groupbox id="iceCatPrivacyGroup"
+++ data-category="panePrivacy"
+++ hidden="true">
+++ <label><html:h2 data-l10n-id="icecat-privacy-group-header"/></label>
+++ <vbox>
+++ <checkbox id="disableJavaScript" data-l10n-id="disable-javascript-option"
+++ preference="javascript.enabled"
+++ onsyncfrompreference="return gPrivacyPane.readDisableJavaScriptOption();"
+++ onsynctopreference="return gPrivacyPane.writeDisableJavaScriptOption();"/>
+++ <vbox class="indent">
+++ <label data-l10n-id="disable-javascript-description"/>
+++ </vbox>
+++ </vbox>
+++ <vbox>
+++ <checkbox id="disableCustomFonts" data-l10n-id="disable-custom-fonts-option"
+++ preference="browser.display.use_document_fonts"
+++ onsyncfrompreference="return gPrivacyPane.readDisableCustomFontsOption();"
+++ onsynctopreference="return gPrivacyPane.writeDisableCustomFontsOption();"/>
+++ <vbox class="indent">
+++ <label data-l10n-id="disable-custom-fonts-description"/>
+++ </vbox>
+++ </vbox>
+++ <vbox>
+++ <checkbox id="isolateRequestFirstParty" data-l10n-id="isolate-request-first-party-option"
+++ preference="privacy.firstparty.isolate"/>
+++ <vbox class="indent">
+++ <label data-l10n-id="isolate-request-first-party-description"/>
+++ </vbox>
+++ </vbox>
+++ <vbox>
+++ <checkbox id="autoUpdateExtensions" data-l10n-id="auto-update-extensions-option"
+++ preference="extensions.update.enabled"/>
+++ <vbox class="indent">
+++ <label data-l10n-id="auto-update-extensions-description"/>
+++ </vbox>
+++ </vbox>
+++ <vbox>
+++ <checkbox id="spoofReferrers" data-l10n-id="spoof-referers-option"
+++ preference="network.http.referer.spoofSource"/>
+++ <vbox class="indent">
+++ <label data-l10n-id="spoof-referers-description"/>
+++ </vbox>
+++ </vbox>
+++ <vbox>
+++ <checkbox id="detectCaptivePortal" data-l10n-id="detect-captive-portal-option"
+++ preference="captivedetect.canonicalURL"
+++ onsyncfrompreference="return gPrivacyPane.readDetectCaptiveOption();"
+++ onsynctopreference="return gPrivacyPane.writeDetectCaptiveOption();"/>
+++ <vbox class="indent">
+++ <label data-l10n-id="detect-captive-portal-description"/>
+++ </vbox>
+++ </vbox>
+++ <vbox>
+++ <checkbox id="geolocation" data-l10n-id="geolocation-option"
+++ preference="browser.search.geoip.url"
+++ onsyncfrompreference="return gPrivacyPane.readGeolocationOption();"
+++ onsynctopreference="return gPrivacyPane.writeGeolocationOption();"/>
+++ <vbox class="indent">
+++ <label data-l10n-id="geolocation-description"/>
+++ </vbox>
+++ </vbox>
+++ <vbox>
+++ <checkbox id="webgl" data-l10n-id="webgl-option"
+++ preference="webgl.disabled"
+++ onsyncfrompreference="return gPrivacyPane.readWebGLOption();"
+++ onsynctopreference="return gPrivacyPane.writeWebGLOption();"/>
+++ <vbox class="indent">
+++ <label data-l10n-id="webgl-description"/>
+++ </vbox>
+++ </vbox>
+++</groupbox>
+++
++ <hbox id="permissionsCategory"
++ class="subcategory"
++ hidden="true"
++--- a/browser/components/preferences/in-content/privacy.js.orig 2019-10-16 15:29:49.000000000 -0400
+++++ b/browser/components/preferences/in-content/privacy.js 2019-10-31 00:08:05.819561577 -0400
++@@ -93,6 +93,16 @@
++ { id: "browser.urlbar.suggest.history", type: "bool" },
++ { id: "browser.urlbar.suggest.openpage", type: "bool" },
++
+++ // IceCat-specific
+++ { id: "javascript.enabled", type: "bool" },
+++ { id: "browser.display.use_document_fonts", type: "int" },
+++ { id: "privacy.firstparty.isolate", type: "bool" },
+++ { id: "extensions.update.enabled", type: "bool" },
+++ { id: "network.http.referer.spoofSource", type: "bool" },
+++ { id: "webgl.disabled", type: "bool" },
+++ { id: "captivedetect.canonicalURL", type: "string" },
+++ { id: "browser.search.geoip.url", type: "string" },
+++
++ // History
++ { id: "places.history.enabled", type: "bool" },
++ { id: "browser.formfill.enable", type: "bool" },
++@@ -587,6 +597,53 @@
++ SiteDataManager.updateSites();
++ },
++
+++ // ICECAT PREFERENCES
+++
+++ readDisableJavaScriptOption() {
+++ let pref = Preferences.get("javascript.enabled");
+++ return !pref.value;
+++ },
+++ writeDisableJavaScriptOption() {
+++ let checkbox = document.getElementById("disableJavaScript");
+++ return !checkbox.checked;
+++ },
+++
+++ readDisableCustomFontsOption() {
+++ let pref = Preferences.get("browser.display.use_document_fonts");
+++ return pref.value == 0;
+++ },
+++ writeDisableCustomFontsOption() {
+++ let checkbox = document.getElementById("disableCustomFonts");
+++ return checkbox.checked ? 0 : 1;
+++ },
+++
+++ readDetectCaptiveOption() {
+++ let pref = Preferences.get("captivedetect.canonicalURL");
+++ return pref.value !== "";
+++ },
+++ writeDetectCaptiveOption() {
+++ let checkbox = document.getElementById("detectCaptivePortal");
+++ return checkbox.checked ? "http://detectportal.firefox.com/success.txt" : "";
+++ },
+++
+++ readGeolocationOption() {
+++ let pref = Preferences.get("browser.search.geoip.url");
+++ return pref.value !== "";
+++ },
+++ writeGeolocationOption() {
+++ let checkbox = document.getElementById("geolocation");
+++ return checkbox.checked ? "https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%" : "";
+++ },
+++
+++ readWebGLOption() {
+++ let pref = Preferences.get("webgl.disabled");
+++ return !pref.value;
+++ },
+++ writeWebGLOption() {
+++ let checkbox = document.getElementById("webgl");
+++ return !checkbox.checked;
+++ },
+++
++ // CONTENT BLOCKING
++
++ /**
+diff --git a/makeicecat b/makeicecat
+index 4ff3e64..493d946 100755
+--- a/makeicecat
++++ b/makeicecat
+@@ -87,6 +87,19 @@ for patch in $DATA/patches/*.patch; do
+ done
+ shopt -u nullglob
+
++for file_to_append in $(cd $DATA/files-to-append; find . -type f -print); do
++ echo Appending new data to the end of file: $file_to_append
++ cat $DATA/files-to-append/$file_to_append >> $file_to_append
++done
++
++for dir in l10n/*; do
++ if [[ $dir != l10n/compare-locales ]]; then
++ if [[ ! -e $DATA/files-to-append/$dir/browser/browser/preferences/preferences.ftl ]]; then
++ cat $DATA/files-to-append/browser/locales/en-US/browser/preferences/preferences.ftl >> $dir/browser/browser/preferences/preferences.ftl
++ fi
++ fi
++done
++
+ cp $DATA/Changelog.IceCat $DATA/README.IceCat .
+
+ ###############################################################################
+--
+2.23.0
+
diff --git a/gnu/packages/patches/icecat-makeicecat.patch b/gnu/packages/patches/icecat-makeicecat.patch
index 7d4f774c83..66816070aa 100644
--- a/gnu/packages/patches/icecat-makeicecat.patch
+++ b/gnu/packages/patches/icecat-makeicecat.patch
@@ -3,16 +3,16 @@ in a snippet without network access. After this patch is applied, some
additional changes will be made using 'substitute*'.
diff --git a/makeicecat b/makeicecat
-index 5a4390b..fcfa143 100644
+index b04c731..06d1f3f 100644
--- a/makeicecat
+++ b/makeicecat
-@@ -29,55 +29,55 @@ SOURCEDIR=icecat-$FFVERSION
+@@ -30,55 +30,55 @@ SOURCEDIR=icecat-$FFVERSION
DATA="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/data
--mkdir output
+-mkdir -p output
-cd output
-+# mkdir output
++# mkdir -p output
+# cd output
###############################################################################
@@ -23,9 +23,9 @@ index 5a4390b..fcfa143 100644
-
-wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz
-wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
--gpg --recv-keys --keyserver keyserver.ubuntu.com 24C6F355
+-gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
-gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
--echo -n 0a5f0c1d8d1e9443d85083d37fec32e5cc15c1001ea992d49745490065b4a023 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
+-echo -n 85f1c2eaf68ebedcbc0b78a342f6d16ef0865dedd426a1bba94b75c85f716f38 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
-
-echo Extracting Firefox tarball
-tar -xf firefox-${FFVERSION}esr.source.tar.xz
@@ -35,9 +35,9 @@ index 5a4390b..fcfa143 100644
+#
+# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz
+# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
-+# gpg --recv-keys --keyserver keyserver.ubuntu.com 24C6F355
++# gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
+# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
-+# echo -n 0a5f0c1d8d1e9443d85083d37fec32e5cc15c1001ea992d49745490065b4a023 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
++# echo -n 85f1c2eaf68ebedcbc0b78a342f6d16ef0865dedd426a1bba94b75c85f716f38 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
+#
+# echo Extracting Firefox tarball
+# tar -xf firefox-${FFVERSION}esr.source.tar.xz
@@ -96,9 +96,9 @@ index 5a4390b..fcfa143 100644
-cd $SOURCEDIR
+# cd $SOURCEDIR
- #for patch in $DATA/patches/*; do
- # echo Patching with file: $patch
-@@ -590,6 +590,6 @@ sed 's/777/755/;' -i toolkit/crashreporter/google-breakpad/Makefile.in
+ shopt -s nullglob
+ for patch in $DATA/patches/*.patch; do
+@@ -611,6 +611,6 @@ sed 's/777/755/;' -i toolkit/crashreporter/google-breakpad/Makefile.in
# Fix CVE-2012-3386
/bin/sed 's/chmod a+w/chmod u+w/' -i ./js/src/ctypes/libffi/Makefile.in ./toolkit/crashreporter/google-breakpad/Makefile.in ./toolkit/crashreporter/google-breakpad/src/third_party/glog/Makefile.in || true
diff --git a/gnu/packages/patches/java-svg-salamander-Fix-non-det.patch b/gnu/packages/patches/java-svg-salamander-Fix-non-det.patch
new file mode 100644
index 0000000000..418fa0867f
--- /dev/null
+++ b/gnu/packages/patches/java-svg-salamander-Fix-non-det.patch
@@ -0,0 +1,86 @@
+From c812efa9fcbfb49a571cc73af83c8da5cb951bcf Mon Sep 17 00:00:00 2001
+From: Julien Lepiller <julien@lepiller.eu>
+Date: Thu, 2 May 2019 19:05:33 +0200
+Subject: [PATCH] Fix non determinism and installation
+
+---
+ svg-core/build.xml | 22 ----------------------
+ svg-core/nbproject/build-impl.xml | 1 -
+ 2 files changed, 23 deletions(-)
+
+diff --git a/svg-core/build.xml b/svg-core/build.xml
+index cc72eb7..0f9c3e6 100755
+--- a/svg-core/build.xml
++++ b/svg-core/build.xml
+@@ -102,7 +102,6 @@
+ <jar destfile="${maven-javadoc-jar}" update="false">
+ <manifest>
+ <attribute name="Version" value="${version}"/>
+- <attribute name="Date" value="${TODAY}"/>
+ </manifest>
+
+ <fileset dir="dist/javadoc">
+@@ -112,7 +111,6 @@
+ <jar destfile="${maven-sources-jar}" update="false">
+ <manifest>
+ <attribute name="Version" value="${version}"/>
+- <attribute name="Date" value="${TODAY}"/>
+ </manifest>
+
+ <fileset dir="src/main/java">
+@@ -126,7 +124,6 @@
+ <manifest>
+ <attribute name="Main-Class" value="com.kitfox.svg.app.SVGPlayer"/>
+ <attribute name="Version" value="${version}"/>
+- <attribute name="Date" value="${TODAY}"/>
+ </manifest>
+
+ <fileset dir="build/classes">
+@@ -203,7 +200,6 @@
+ <manifest>
+ <attribute name="Main-Class" value="com.kitfox.svg.app.SVGPlayer"/>
+ <attribute name="Version" value="${version}"/>
+- <attribute name="Date" value="${TODAY}"/>
+ </manifest>
+
+ <fileset dir="build/classes">
+@@ -213,24 +209,6 @@
+ </fileset>
+ </jar>
+
+- <delete file="${key.location}"/>
+- <genkey alias="${key.user}" storepass="${key.password}" keystore="${key.location}" validity="1000" verbose="true">
+- <dname>
+- <param name="CN" value="Mark McKay, mark@kitfox.com"/>
+- <param name="OU" value="kitfox.com"/>
+- <param name="O" value="kitfox"/>
+- <param name="L" value="Toronto"/>
+- <param name="S" value="Ontario"/>
+- <param name="C" value="CA"/>
+- </dname>
+- </genkey>
+-
+- <copy file="${dist.jar}" toFile="${project.www.jar}"/>
+- <signjar jar="${project.www.jar}"
+- alias="${key.user}"
+- storepass="${key.password}"
+- keystore="${key.location}"/>
+-
+ <delete file="${project.tiny.jar}"/>
+ <jar destfile="${project.tiny.jar}" update="true">
+ <manifest>
+diff --git a/svg-core/nbproject/build-impl.xml b/svg-core/nbproject/build-impl.xml
+index b448d8a..37725ad 100755
+--- a/svg-core/nbproject/build-impl.xml
++++ b/svg-core/nbproject/build-impl.xml
+@@ -1045,7 +1045,6 @@ is divided into following sections:
+ </manifest>
+ </target>
+ <target depends="init,-init-macrodef-copylibs,compile,-pre-pre-jar,-pre-jar,-do-jar-create-manifest,-do-jar-copy-manifest,-do-jar-set-mainclass,-do-jar-set-profile,-do-jar-set-splashscreen" if="do.mkdist" name="-do-jar-copylibs">
+- <j2seproject3:copylibs manifest="${tmp.manifest.file}"/>
+ <echo level="info">To run this application from the command line without Ant, try:</echo>
+ <property location="${dist.jar}" name="dist.jar.resolved"/>
+ <echo level="info">java -jar "${dist.jar.resolved}"</echo>
+--
+2.21.0
+
diff --git a/gnu/packages/patches/kodi-increase-test-timeout.patch b/gnu/packages/patches/kodi-increase-test-timeout.patch
new file mode 100644
index 0000000000..8fb149ff9d
--- /dev/null
+++ b/gnu/packages/patches/kodi-increase-test-timeout.patch
@@ -0,0 +1,18 @@
+Increase thread timeout to reduce flakiness.
+
+Taken from upstream:
+https://github.com/xbmc/xbmc/commit/574b0182d8b641fd24029f372ebdcccc897123e2
+
+diff --git a/xbmc/threads/test/TestEvent.cpp b/xbmc/threads/test/TestEvent.cpp
+index 42fb8c2fc609..40e644c0ed3c 100644
+--- a/xbmc/threads/test/TestEvent.cpp
++++ b/xbmc/threads/test/TestEvent.cpp
+@@ -484,7 +484,7 @@ TEST(TestEvent, GroupTimedWait)
+ EXPECT_TRUE(w3.result == NULL);
+
+ // this should end given the wait is for only 50 millis
+- EXPECT_TRUE(waitThread3.timed_join(MILLIS(100)));
++ EXPECT_TRUE(waitThread3.timed_join(MILLIS(200)));
+
+ EXPECT_TRUE(!w3.waiting);
+ EXPECT_TRUE(w3.result == NULL);
diff --git a/gnu/packages/patches/libmpeg2-arm-private-symbols.patch b/gnu/packages/patches/libmpeg2-arm-private-symbols.patch
new file mode 100644
index 0000000000..7f88d65e21
--- /dev/null
+++ b/gnu/packages/patches/libmpeg2-arm-private-symbols.patch
@@ -0,0 +1,48 @@
+Set visibility of global symbols used in ARM specific assembly file to
+internal.
+
+Taken from Debian:
+https://salsa.debian.org/multimedia-team/mpeg2dec/blob/master/debian/patches/60_arm-private-symbols.patch
+
+--- mpeg2dec.orig/libmpeg2/motion_comp_arm_s.S
++++ mpeg2dec/libmpeg2/motion_comp_arm_s.S
+@@ -23,7 +23,8 @@
+
+ @ ----------------------------------------------------------------
+ .align
+- .global MC_put_o_16_arm
++ .global MC_put_o_16_arm
++ .internal MC_put_o_16_arm
+ MC_put_o_16_arm:
+ @@ void func(uint8_t * dest, const uint8_t * ref, int stride, int height)
+ pld [r1]
+@@ -83,7 +84,8 @@ MC_put_o_16_arm_align_jt:
+
+ @ ----------------------------------------------------------------
+ .align
+- .global MC_put_o_8_arm
++ .global MC_put_o_8_arm
++ .internal MC_put_o_8_arm
+ MC_put_o_8_arm:
+ @@ void func(uint8_t * dest, const uint8_t * ref, int stride, int height)
+ pld [r1]
+@@ -152,7 +154,8 @@ MC_put_o_8_arm_align_jt:
+ .endm
+
+ .align
+- .global MC_put_x_16_arm
++ .global MC_put_x_16_arm
++ .internal MC_put_x_16_arm
+ MC_put_x_16_arm:
+ @@ void func(uint8_t * dest, const uint8_t * ref, int stride, int height)
+ pld [r1]
+@@ -244,7 +247,8 @@ MC_put_x_16_arm_align_jt:
+
+ @ ----------------------------------------------------------------
+ .align
+- .global MC_put_x_8_arm
++ .global MC_put_x_8_arm
++ .internal MC_put_x_8_arm
+ MC_put_x_8_arm:
+ @@ void func(uint8_t * dest, const uint8_t * ref, int stride, int height)
+ pld [r1]
diff --git a/gnu/packages/patches/libmpeg2-global-symbol-test.patch b/gnu/packages/patches/libmpeg2-global-symbol-test.patch
new file mode 100644
index 0000000000..f6eb3c6bd7
--- /dev/null
+++ b/gnu/packages/patches/libmpeg2-global-symbol-test.patch
@@ -0,0 +1,63 @@
+Rewrite the public symbol check to verify the shared libraries, to check for
+more things, and to avoid duplication; fixes make check on ARM
+
+Taken from Debian:
+https://salsa.debian.org/multimedia-team/mpeg2dec/blob/master/debian/patches/61_global-symbol-test.patch
+
+--- mpeg2dec.orig/test/globals
++++ mpeg2dec/test/globals
+@@ -1,4 +1,8 @@
+ #!/bin/sh
++# TODO
++# - fix checking of .a libs; problem is that "nm -g --defined-only" lists
++# internal symbols; this can be solved by using objdump, but it's probably
++# good enough to just run the tests on the shared lib
+
+ if test x"$srcdir" != x""; then
+ builddir="." # running from make check, but it does not define that
+@@ -14,22 +18,30 @@ builddir=`cd $builddir;pwd`
+
+ error=0
+
+-bad_globals=`nm -g --defined-only $builddir/../libmpeg2/*.o |\
+- awk '{if ($3) print $3}' | grep -v '^_\?mpeg2_'`
+-
+-if test x"$bad_globals" != x""; then
+- echo BAD GLOBAL SYMBOLS:
+- for s in $bad_globals; do echo $s; done
++# check_bad_public_symbols <symbol prefix> <lib file> [<lib file>...]
++#
++# checks public symbols in shared libs:
++# - allow prefix_anything
++# - reject _prefixanything
++# - allow _anything
++# - reject anything else
++#
++# NB: skips missing files
++check_bad_public_symbols() {
++ symbols_prefix="$1"
++ shift
++ lib_files=`ls "$@" 2>/dev/null`
++ [ -z "$lib_files" ] && return
++ bad_globals=`nm -g --defined-only $lib_files |
++ awk '{if ($3) print $3}' |
++ sed -n "/^${symbols_prefix}_/ d; /^_${symbols_prefix}/ { p; d }; /^_/ d; p"`
++ [ -z "$bad_globals" ] && return
+ error=1
+-fi
+-
+-bad_globals=`nm -g --defined-only $builddir/../libmpeg2/convert/*.o |\
+- awk '{if ($3) print $3}' | grep -v '^_\?mpeg2convert_'`
++ echo BAD GLOBAL SYMBOLS in $lib_files:
++ echo "$bad_globals"
++}
+
+-if test x"$bad_globals" != x""; then
+- echo BAD GLOBAL SYMBOLS:
+- for s in $bad_globals; do echo $s; done
+- error=1
+-fi
++check_bad_public_symbols mpeg2 $builddir/../libmpeg2/.libs/libmpeg2.so
++check_bad_public_symbols mpeg2convert $builddir/../libmpeg2/convert/.libs/libmpeg2convert.so
+
+ exit $error
diff --git a/gnu/packages/patches/libreoffice-boost.patch b/gnu/packages/patches/libreoffice-boost.patch
deleted file mode 100644
index b50664226b..0000000000
--- a/gnu/packages/patches/libreoffice-boost.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Fix compatibility with newer Boost.
-
-Extracted from this upstream commit:
-https://cgit.freedesktop.org/libreoffice/core/commit/?id=23a8d5ffbbe58761b89f590f0735abccd69a3681
-
-diff --git a/sfx2/source/appl/shutdownicon.cxx b/sfx2/source/appl/shutdownicon.cxx
---- a/sfx2/source/appl/shutdownicon.cxx
-+++ b/sfx2/source/appl/shutdownicon.cxx
-@@ -144,7 +144,7 @@ bool LoadModule()
- #endif // ENABLE_QUICKSTART_APPLET
- }
- assert(!boost::logic::indeterminate(loaded));
-- return loaded;
-+ return bool(loaded);
- }
-
- }
diff --git a/gnu/packages/patches/libvirt-create-machine-cgroup.patch b/gnu/packages/patches/libvirt-create-machine-cgroup.patch
new file mode 100644
index 0000000000..585ac237e1
--- /dev/null
+++ b/gnu/packages/patches/libvirt-create-machine-cgroup.patch
@@ -0,0 +1,48 @@
+From 9ca0b2955edea162b255b428e493cd8ffac52167 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Miguel=20=C3=81ngel=20Arruga=20Vivas?=
+ <rosen644835@gmail.com>
+Date: Fri, 1 Nov 2019 17:29:00 +0100
+Subject: [PATCH] vircgroup: Ensure /machine group is associated with its
+ parent.
+
+Call first virCgroupNew on the parent group virCgroupNewPartition if
+it is available on before the creation of the child group. This
+ensures that the creation of a first level group on the unified
+architecture, as the check at virCgroupV2ParseControllersFile as the
+parent file is there.
+
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1760233
+---
+ src/util/vircgroup.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
+index b46f20abfd..33c61f2d45 100644
+--- a/src/util/vircgroup.c
++++ b/src/util/vircgroup.c
+@@ -855,9 +855,6 @@ virCgroupNewPartition(const char *path,
+ if (virCgroupSetPartitionSuffix(path, &newPath) < 0)
+ goto cleanup;
+
+- if (virCgroupNew(-1, newPath, NULL, controllers, group) < 0)
+- goto cleanup;
+-
+ if (STRNEQ(newPath, "/")) {
+ char *tmp;
+ parentPath = g_strdup(newPath);
+@@ -868,7 +865,12 @@ virCgroupNewPartition(const char *path,
+
+ if (virCgroupNew(-1, parentPath, NULL, controllers, &parent) < 0)
+ goto cleanup;
++ }
+
++ if (virCgroupNew(-1, newPath, parent, controllers, group) < 0)
++ goto cleanup;
++
++ if (parent) {
+ if (virCgroupMakeGroup(parent, *group, create, VIR_CGROUP_NONE) < 0)
+ goto cleanup;
+ }
+--
+2.23.0
+
diff --git a/gnu/packages/patches/mumps-shared-libseq.patch b/gnu/packages/patches/mumps-shared-libseq.patch
new file mode 100644
index 0000000000..feafcf123b
--- /dev/null
+++ b/gnu/packages/patches/mumps-shared-libseq.patch
@@ -0,0 +1,42 @@
+Create a shared version of the sequential library, MUST BE LAST IN SERIES
+
+Index: mumps/libseq/Makefile
+===================================================================
+--- mumps.orig/libseq/Makefile
++++ mumps/libseq/Makefile
+@@ -8,15 +8,17 @@ all: libmpiseq
+
+ include ../Makefile.inc
+
+-libmpiseq: libmpiseq$(PLAT)$(LIBEXT)
++libmpiseq: libmpiseq$(PLAT).a libmpiseq$(PLAT).so
+
+-libmpiseq$(PLAT)$(LIBEXT): mpi.o mpic.o elapse.o
+- $(AR)$@ mpi.o mpic.o elapse.o
++libmpiseq$(PLAT).a: mpi.o mpic.o elapse.o
++ $(AR) $@ mpi.o mpic.o elapse.o
+ $(RANLIB) $@
++libmpiseq$(PLAT).so: mpi.o mpic.o elapse.o
++ $(FC) -shared $^ -Wl,-soname,libmpiseq$(PLAT)-5.1.2.so -o libmpiseq$(PLAT)-5.1.2.so -Wl,-z,defs
+ .f.o:
+- $(FC) $(OPTF) -c $*.f $(OUTF)$*.o
++ $(FC) $(OPTF) -fPIC -c $*.f $(OUTF)$*.o
+ .c.o:
+- $(CC) $(OPTC) $(CDEFS) -I. -c $*.c $(OUTC)$*.o
++ $(CC) $(OPTC) $(CDEFS) -I. -fPIC -c $*.c $(OUTC)$*.o
+
+ clean:
+- $(RM) *.o *$(LIBEXT)
++ $(RM) *.o *.a *.so
+Index: mumps/Makefile
+===================================================================
+--- mumps.orig/Makefile
++++ mumps/Makefile
+@@ -60,6 +60,7 @@ requiredobj: Makefile.inc $(LIBSEQNEEDED
+
+ libseqneeded:
+ (cd libseq; $(MAKE))
++ cp libseq/lib* $(libdir)
+
+ # Build the libpord.a library and copy it into $(topdir)/lib
+ $(libdir)/libpord$(PLAT).a:
diff --git a/gnu/packages/patches/mumps-shared-mumps.patch b/gnu/packages/patches/mumps-shared-mumps.patch
new file mode 100644
index 0000000000..9e2491f300
--- /dev/null
+++ b/gnu/packages/patches/mumps-shared-mumps.patch
@@ -0,0 +1,63 @@
+Create a shared version of the MUMPS library.
+
+Index: mumps/src/Makefile
+===================================================================
+--- mumps.orig/src/Makefile
++++ mumps/src/Makefile
+@@ -23,8 +23,10 @@ z:
+
+ include $(topdir)/Makefile.inc
+
+-mumps_lib: $(libdir)/libmumps_common$(PLAT)$(LIBEXT) \
+- $(libdir)/lib$(ARITH)mumps$(PLAT)$(LIBEXT)
++mumps_lib: $(libdir)/libmumps_common$(PLAT).a \
++ $(libdir)/libmumps_common$(PLAT).so \
++ $(libdir)/lib$(ARITH)mumps$(PLAT).a \
++ $(libdir)/lib$(ARITH)mumps$(PLAT).so
+
+ OBJS_COMMON_MOD = \
+ lr_common.o \
+@@ -167,14 +169,22 @@ OBJS_OTHER = \
+ $(ARITH)tools.o\
+ $(ARITH)type3_root.o
+
+-$(libdir)/libmumps_common$(PLAT)$(LIBEXT): $(OBJS_COMMON_MOD) $(OBJS_COMMON_OTHER)
+- $(AR)$@ $?
++$(libdir)/libmumps_common$(PLAT).a: $(OBJS_COMMON_MOD) $(OBJS_COMMON_OTHER)
++ $(AR) $@ $?
+ $(RANLIB) $@
+
+-$(libdir)/lib$(ARITH)mumps$(PLAT)$(LIBEXT): $(OBJS_MOD) $(OBJS_OTHER)
+- $(AR)$@ $?
++$(libdir)/libmumps_common$(PLAT).so: $(OBJS_COMMON_MOD) $(OBJS_COMMON_OTHER)
++ $(FC) -shared $^ -Wl,-soname,libmumps_common$(PLAT)-5.1.2.so -L$(libdir) $(LORDERINGS) -lpthread $(MPIFLIB) $(MPICLIB) $(LEXTRAS) -o $(libdir)/libmumps_common$(PLAT)-5.1.2.so -Wl,-z,defs
++ ln -s libmumps_common$(PLAT)-5.1.2.so $@
++
++$(libdir)/lib$(ARITH)mumps$(PLAT).a: $(OBJS_MOD) $(OBJS_OTHER)
++ $(AR) $@ $?
+ $(RANLIB) $@
+
++$(libdir)/lib$(ARITH)mumps$(PLAT).so: $(OBJS_MOD) $(OBJS_OTHER)
++ $(FC) -shared $^ -Wl,-soname,lib$(ARITH)mumps$(PLAT)-5.1.2.so -L$(libdir) -lmumps_common$(PLAT) $(LORDERINGS) $(MPIFLIB) $(LEXTRAS) $(LIBBLAS) $(SCALAP) $(LAPACK) -o $(libdir)/lib$(ARITH)mumps$(PLAT)-5.1.2.so -Wl,-z,defs
++ ln -s lib$(ARITH)mumps$(PLAT)-5.1.2.so $@
++
+ # Dependencies between modules:
+ $(ARITH)mumps_load.o: $(ARITH)mumps_comm_buffer.o \
+ $(ARITH)mumps_struc_def.o \
+@@ -290,13 +300,13 @@ $(OBJS_OTHER):$(OBJS_COMMON_MOD) $(OBJS_
+
+ .SUFFIXES: .c .F .o
+ .F.o:
+- $(FC) $(OPTF) $(INCS) $(IORDERINGSF) $(ORDERINGSF) -I. -I../include -c $*.F $(OUTF)$*.o
++ $(FC) $(OPTF) $(INCS) $(IORDERINGSF) $(ORDERINGSF) -I. -I../include -fPIC -c $*.F $(OUTF)$*.o
+ .c.o:
+- $(CC) $(OPTC) $(INCS) -I../include $(CDEFS) $(IORDERINGSC) $(ORDERINGSC) -c $*.c $(OUTC)$*.o
++ $(CC) $(OPTC) $(INCS) -I../include $(CDEFS) $(IORDERINGSC) $(ORDERINGSC) -fPIC -c $*.c $(OUTC)$*.o
+
+ $(ARITH)mumps_c.o: mumps_c.c
+ $(CC) $(OPTC) $(INCS) $(CDEFS) -DMUMPS_ARITH=MUMPS_ARITH_$(ARITH) \
+- $(IORDERINGSC) $(ORDERINGSC) -I../include -c mumps_c.c $(OUTC)$@
++ $(IORDERINGSC) $(ORDERINGSC) -I../include -fPIC -c mumps_c.c $(OUTC)$@
+
+
+ clean:
diff --git a/gnu/packages/patches/mumps-shared-pord.patch b/gnu/packages/patches/mumps-shared-pord.patch
new file mode 100644
index 0000000000..48062d4f89
--- /dev/null
+++ b/gnu/packages/patches/mumps-shared-pord.patch
@@ -0,0 +1,77 @@
+Create static and shared versions of the PORD library.
+
+Index: mumps/PORD/lib/Makefile
+===================================================================
+--- mumps.orig/PORD/lib/Makefile
++++ mumps/PORD/lib/Makefile
+@@ -9,7 +9,7 @@
+
+ INCLUDES = -I../include
+
+-COPTIONS = $(INCLUDES) $(CFLAGS) $(OPTFLAGS)
++COPTIONS = $(INCLUDES) $(CFLAGS) $(OPTFLAGS) -fPIC
+
+ OBJS = graph.o gbipart.o gbisect.o ddcreate.o ddbisect.o nestdiss.o \
+ multisector.o gelim.o bucket.o tree.o \
+@@ -24,12 +24,16 @@ OBJS = graph.o gbipart.o gbisect.o ddcre
+ .c.o:
+ $(CC) $(COPTIONS) -c $*.c $(OUTC)$*.o
+
+-libpord$(LIBEXT):$(OBJS)
+- $(AR)$@ $(OBJS)
++libpord$(PLAT).a:$(OBJS)
++ $(AR) $@ $(OBJS)
+ $(RANLIB) $@
+
++libpord$(PLAT).so: $(OBJS)
++ $(CC) -shared $(OBJS) -Wl,-soname,libpord$(PLAT)-5.1.2.so -o libpord$(PLAT)-5.1.2.so -Wl,-z,defs
++ ln -s libpord$(PLAT)-5.1.2.so $@
++
+ clean:
+ rm -f *.o
+
+ realclean:
+- rm -f *.o libpord.a
++ rm -f *.o libpord*.a *.so
+Index: mumps/Makefile
+===================================================================
+--- mumps.orig/Makefile
++++ mumps/Makefile
+@@ -54,7 +54,7 @@ dexamples: d
+ multi_example: s d c z
+ (cd examples ; $(MAKE) multi)
+
+-requiredobj: Makefile.inc $(LIBSEQNEEDED) $(libdir)/libpord$(PLAT)$(LIBEXT)
++requiredobj: Makefile.inc $(LIBSEQNEEDED) $(libdir)/libpord$(PLAT).a $(libdir)/libpord$(PLAT).so
+
+ # dummy MPI library (sequential version)
+
+@@ -62,19 +62,25 @@ libseqneeded:
+ (cd libseq; $(MAKE))
+
+ # Build the libpord.a library and copy it into $(topdir)/lib
+-$(libdir)/libpord$(PLAT)$(LIBEXT):
++$(libdir)/libpord$(PLAT).a:
+ if [ "$(LPORDDIR)" != "" ] ; then \
+ cd $(LPORDDIR); \
+ $(MAKE) CC="$(CC)" CFLAGS="$(OPTC)" AR="$(AR)" RANLIB="$(RANLIB)" OUTC="$(OUTC)" LIBEXT=$(LIBEXT); \
+ fi;
+ if [ "$(LPORDDIR)" != "" ] ; then \
+- cp $(LPORDDIR)/libpord$(LIBEXT) $@; \
++ cp $(LPORDDIR)/libpord$(PLAT).a $@; \
+ fi;
+
++$(libdir)/libpord$(PLAT).so:
++ if [ "$(LPORDDIR)" != "" ] ; then \
++ cd $(LPORDDIR); make CC="$(CC)" CFLAGS="$(OPTC)" AR="$(AR)" ARFUNCT= RANLIB="$(RANLIB)" libpord$(PLAT).so; fi;
++ if [ "$(LPORDDIR)" != "" ] ; then \
++ cp -a $(LPORDDIR)/libpord*.so lib/; fi;
++
+ clean:
+ (cd src; $(MAKE) clean)
+ (cd examples; $(MAKE) clean)
+- (cd $(libdir); $(RM) *$(PLAT)$(LIBEXT))
++ (cd $(libdir); $(RM) *$(PLAT).a *$(PLAT).so)
+ (cd libseq; $(MAKE) clean)
+ if [ "$(LPORDDIR)" != "" ] ; then \
+ cd $(LPORDDIR); $(MAKE) realclean; \
diff --git a/gnu/packages/patches/openmpi-psm2-priority.patch b/gnu/packages/patches/openmpi-psm2-priority.patch
new file mode 100644
index 0000000000..d9dd558010
--- /dev/null
+++ b/gnu/packages/patches/openmpi-psm2-priority.patch
@@ -0,0 +1,21 @@
+PSM2 is the only valid implementation for OmniPath (OPA). UCX also
+supports OmniPath, but it does so via Verbs, thus getting much lower
+performance (typically 3 GiB/s instead of 10 GiB/s).
+
+To work around that, give the mtl_psm2 component a higher priority
+than the pml_ucx component.
+
+See <https://www.mail-archive.com/users@lists.open-mpi.org/msg33581.html>.
+
+--- openmpi-4.0.2/ompi/mca/mtl/psm2/mtl_psm2_component.c 2019-11-15 17:06:15.142076840 +0100
++++ openmpi-4.0.2/ompi/mca/mtl/psm2/mtl_psm2_component.c 2019-11-15 17:06:22.242009379 +0100
+@@ -126,7 +126,7 @@ ompi_mtl_psm2_component_register(void)
+ setenv("PSM2_DEVICES", "self,shm", 0);
+ }
+
+- param_priority = 40;
++ param_priority = 55;
+ (void) mca_base_component_var_register (&mca_mtl_psm2_component.super.mtl_version,
+ "priority", "Priority of the PSM2 MTL component",
+ MCA_BASE_VAR_TYPE_INT, NULL, 0, 0,
+
diff --git a/gnu/packages/patches/patchelf-page-size.patch b/gnu/packages/patches/patchelf-page-size.patch
deleted file mode 100644
index 1c14047512..0000000000
--- a/gnu/packages/patches/patchelf-page-size.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-Improve the determination of pageSize in patchelf.cc.
-
-Patch by Mark H Weaver <mhw@netris.org>.
-
---- patchelf/src/patchelf.cc.orig 1969-12-31 19:00:01.000000000 -0500
-+++ patchelf/src/patchelf.cc 2014-02-16 20:15:06.283203125 -0500
-@@ -21,11 +21,19 @@
- using namespace std;
-
-
--#ifdef MIPSEL
--/* The lemote fuloong 2f kernel defconfig sets a page size of 16KB */
--const unsigned int pageSize = 4096*4;
--#else
-+/* Note that some platforms support multiple page sizes. Therefore,
-+ it is not enough to query the current page size. 'pageSize' must
-+ be the maximum architectural page size for the platform, which is
-+ typically defined in the corresponding ABI document.
-+
-+ XXX FIXME: This won't work when we're cross-compiling. */
-+
-+#if defined __MIPSEL__ || defined __MIPSEB__ || defined __aarch64__
-+const unsigned int pageSize = 65536;
-+#elif defined __x86_64__ || defined __i386__ || defined __arm__
- const unsigned int pageSize = 4096;
-+#else
-+# error maximum architectural page size unknown for this platform
- #endif
-
-
---- patchelf/tests/no-rpath.sh.orig 2014-01-14 08:17:47.000000000 -0500
-+++ patchelf/tests/no-rpath.sh 2015-01-06 18:31:53.418172797 -0500
-@@ -1,23 +1,23 @@
- #! /bin/sh -e
- SCRATCH=scratch/$(basename $0 .sh)
-
--rm -rf ${SCRATCH}
--mkdir -p ${SCRATCH}
-+if [ "$(uname -m)" = i686 -a "$(uname -s)" = Linux ]; then
-+ rm -rf ${SCRATCH}
-+ mkdir -p ${SCRATCH}
-
--cp ${srcdir}/no-rpath ${SCRATCH}/
-+ cp ${srcdir}/no-rpath ${SCRATCH}/
-
--oldRPath=$(../src/patchelf --print-rpath ${SCRATCH}/no-rpath)
--if test -n "$oldRPath"; then exit 1; fi
--../src/patchelf \
-- --set-interpreter "$(../src/patchelf --print-interpreter ../src/patchelf)" \
-- --set-rpath /foo:/bar:/xxxxxxxxxxxxxxx ${SCRATCH}/no-rpath
-+ oldRPath=$(../src/patchelf --print-rpath ${SCRATCH}/no-rpath)
-+ if test -n "$oldRPath"; then exit 1; fi
-+ ../src/patchelf \
-+ --set-interpreter "$(../src/patchelf --print-interpreter ../src/patchelf)" \
-+ --set-rpath /foo:/bar:/xxxxxxxxxxxxxxx ${SCRATCH}/no-rpath
-
--newRPath=$(../src/patchelf --print-rpath ${SCRATCH}/no-rpath)
--if ! echo "$newRPath" | grep -q '/foo:/bar'; then
-- echo "incomplete RPATH"
-- exit 1
--fi
-+ newRPath=$(../src/patchelf --print-rpath ${SCRATCH}/no-rpath)
-+ if ! echo "$newRPath" | grep -q '/foo:/bar'; then
-+ echo "incomplete RPATH"
-+ exit 1
-+ fi
-
--if [ "$(uname -m)" = i686 -a "$(uname -s)" = Linux ]; then
- cd ${SCRATCH} && ./no-rpath
- fi
diff --git a/gnu/packages/patches/patchelf-rework-for-arm.patch b/gnu/packages/patches/patchelf-rework-for-arm.patch
deleted file mode 100644
index 6f4eb8f72b..0000000000
--- a/gnu/packages/patches/patchelf-rework-for-arm.patch
+++ /dev/null
@@ -1,473 +0,0 @@
-Rework the growing algorithm in patchelf to support ARM systems.
-See <https://github.com/NixOS/patchelf/issues/8>.
-This patch copied from:
-<https://github.com/sriemer/patchelf/commit/0a96239cea6b97b9a0fff80da576e58ca2dfb2a2>
-
-From 0a96239cea6b97b9a0fff80da576e58ca2dfb2a2 Mon Sep 17 00:00:00 2001
-From: Sebastian Parschauer <s.parschauer@gmx.de>
-Date: Sat, 28 Jun 2014 01:24:57 +0200
-Subject: [PATCH] Rework the growing algorithm
-
-On ARM systems there is no space in virtual memory for another LOAD
-area in front of the code LOAD area. So insert data to its end
-instead. At this location there should be enough space in virtual
-memory due to alignment. We can extend it until the end of the
-alignment but the file shift may be greater as it must be aligned
-to the page size. Do the same for the data LOAD area.
----
- src/patchelf.cc | 357 ++++++++++++++++++++++----------------------------------
- 1 file changed, 142 insertions(+), 215 deletions(-)
-
-diff --git a/src/patchelf.cc b/src/patchelf.cc
-index dcbfd38..4fce9e6 100644
---- a/src/patchelf.cc
-+++ b/src/patchelf.cc
-@@ -116,7 +116,11 @@ private:
-
- void sortShdrs();
-
-- void shiftFile(unsigned int extraPages, Elf_Addr startPage);
-+ void shiftFileSingle(size_t fileShift, Elf_Off insertOff);
-+
-+ void shiftFile(size_t neededCode, size_t neededData,
-+ Elf_Off codeOff[], Elf_Off dataOff[],
-+ Elf_Addr *codePage, Elf_Addr *dataPage);
-
- string getSectionName(const Elf_Shdr & shdr);
-
-@@ -130,13 +134,11 @@ private:
- unsigned int size);
-
- void writeReplacedSections(Elf_Off & curOff,
-- Elf_Addr startAddr, Elf_Off startOffset);
-+ Elf_Addr startAddr, Elf_Off startOffset, bool isData);
-
- void rewriteHeaders(Elf_Addr phdrAddress);
-
-- void rewriteSectionsLibrary();
--
-- void rewriteSectionsExecutable();
-+ void rewriteSectionsBinary();
-
- public:
-
-@@ -391,46 +393,119 @@ static unsigned int roundUp(unsigned int n, unsigned int m)
-
-
- template<ElfFileParams>
--void ElfFile<ElfFileParamNames>::shiftFile(unsigned int extraPages, Elf_Addr startPage)
-+void ElfFile<ElfFileParamNames>::shiftFileSingle(size_t fileShift,
-+ Elf_Off insertOff)
- {
-- /* Move the entire contents of the file `extraPages' pages
-- further. */
- unsigned int oldSize = fileSize;
-- unsigned int shift = extraPages * pageSize;
-- growFile(fileSize + extraPages * pageSize);
-- memmove(contents + extraPages * pageSize, contents, oldSize);
-- memset(contents + sizeof(Elf_Ehdr), 0, shift - sizeof(Elf_Ehdr));
-+
-+ /* Grow at the end */
-+ growFile(fileSize + fileShift);
-+
-+ /* move the data from the insertion point
-+ to the end and zero inserted space */
-+ memmove(contents + insertOff + fileShift,
-+ contents + insertOff, oldSize - insertOff);
-+ memset(contents + insertOff, 0, fileShift);
-
- /* Adjust the ELF header. */
- wri(hdr->e_phoff, sizeof(Elf_Ehdr));
-- wri(hdr->e_shoff, rdi(hdr->e_shoff) + shift);
-+ if (rdi(hdr->e_shoff) >= insertOff)
-+ wri(hdr->e_shoff, rdi(hdr->e_shoff) + fileShift);
-
- /* Update the offsets in the section headers. */
-- for (int i = 1; i < rdi(hdr->e_shnum); ++i)
-- wri(shdrs[i].sh_offset, rdi(shdrs[i].sh_offset) + shift);
-+ for (int i = 1; i < rdi(hdr->e_shnum); ++i) {
-+ if (rdi(shdrs[i].sh_offset) >= insertOff)
-+ wri(shdrs[i].sh_offset, rdi(shdrs[i].sh_offset) + fileShift);
-+ }
-
- /* Update the offsets in the program headers. */
- for (int i = 0; i < rdi(hdr->e_phnum); ++i) {
-- wri(phdrs[i].p_offset, rdi(phdrs[i].p_offset) + shift);
-- if (rdi(phdrs[i].p_align) != 0 &&
-- (rdi(phdrs[i].p_vaddr) - rdi(phdrs[i].p_offset)) % rdi(phdrs[i].p_align) != 0) {
-- debug("changing alignment of program header %d from %d to %d\n", i,
-- rdi(phdrs[i].p_align), pageSize);
-- wri(phdrs[i].p_align, pageSize);
-+ if (rdi(phdrs[i].p_offset) >= insertOff)
-+ wri(phdrs[i].p_offset, rdi(phdrs[i].p_offset) + fileShift);
-+ /* Check for ELF load command alignment issue the same
-+ way as glibc/elf/dl-load.c does. This gives us the
-+ chance to run an interpreter explicitly. */
-+ if (rdi(phdrs[i].p_type) == PT_LOAD && ((rdi(phdrs[i].p_vaddr) -
-+ rdi(phdrs[i].p_offset)) & (rdi(phdrs[i].p_align) - 1)) != 0) {
-+ debug("changing alignment of program header %d from %d to %d\n",
-+ i, rdi(phdrs[i].p_align), pageSize);
-+ wri(phdrs[i].p_align, pageSize);
- }
- }
-+}
-+
-+template<ElfFileParams>
-+void ElfFile<ElfFileParamNames>::shiftFile(size_t neededCode,
-+ size_t neededData, Elf_Off codeOff[], Elf_Off dataOff[],
-+ Elf_Addr *codePage, Elf_Addr *dataPage)
-+{
-+ /* Move some contents of the file further. The binary has one LOAD area
-+ * for code and one for data. There is virtual memory space between
-+ * these which we can use due to alignment.
-+ */
-+ unsigned int memShift = neededCode;
-+ unsigned int fileShift = roundUp(neededCode, pageSize);
-+ unsigned int maxMemShift = 0;
-+
-+ if (neededCode > 0) {
-+ /* find the LOAD program header for code and extend it */
-+ for (int i = 0; i < rdi(hdr->e_phnum); ++i) {
-+ if (rdi(phdrs[i].p_type) == PT_LOAD &&
-+ rdi(phdrs[i].p_flags) & PF_X) {
-+ codeOff[1] = rdi(phdrs[i].p_filesz);
-+ codeOff[0] = codeOff[1] + rdi(phdrs[i].p_offset);
-+ maxMemShift = rdi(phdrs[i].p_memsz) % rdi(phdrs[i].p_align);
-+ if (maxMemShift == 0)
-+ continue;
-+ maxMemShift = rdi(phdrs[i].p_align) - maxMemShift;
-+ if (maxMemShift == 0 || memShift > maxMemShift)
-+ continue;
-+ *codePage = rdi(phdrs[i].p_vaddr);
-+ wri(phdrs[i].p_filesz, rdi(phdrs[i].p_filesz) + memShift);
-+ wri(phdrs[i].p_memsz, rdi(phdrs[i].p_memsz) + memShift);
-+ break;
-+ }
-+ }
-+ debug("codeOff: %#lx, memShift: %d, maxMemShift: %d, fileShift: %d\n",
-+ codeOff[1], memShift, maxMemShift, fileShift);
-+ if (codeOff[1] == 0 || maxMemShift == 0)
-+ goto out;
-+
-+ shiftFileSingle(fileShift, codeOff[0]);
-+ }
-+
-+ /* +++ Do the same for the data LOAD area +++ */
-+ memShift = neededData;
-+ fileShift = roundUp(neededData, pageSize);
-+ maxMemShift = 0;
-+ if (neededData > 0) {
-+ /* find the LOAD program header for data and extend it */
-+ for (int i = 0; i < rdi(hdr->e_phnum); ++i) {
-+ if (rdi(phdrs[i].p_type) == PT_LOAD &&
-+ rdi(phdrs[i].p_flags) & PF_W) {
-+ dataOff[1] = rdi(phdrs[i].p_filesz);
-+ dataOff[0] = dataOff[1] + rdi(phdrs[i].p_offset);
-+ maxMemShift = rdi(phdrs[i].p_memsz) % rdi(phdrs[i].p_align);
-+ if (maxMemShift == 0)
-+ continue;
-+ maxMemShift = rdi(phdrs[i].p_align) - maxMemShift;
-+ if (maxMemShift == 0 || memShift > maxMemShift)
-+ continue;
-+ *dataPage = rdi(phdrs[i].p_vaddr);
-+ wri(phdrs[i].p_filesz, rdi(phdrs[i].p_filesz) + memShift);
-+ wri(phdrs[i].p_memsz, rdi(phdrs[i].p_memsz) + memShift);
-+ break;
-+ }
-+ }
-+ debug("dataOff: %#lx, memShift: %d, maxMemShift: %d, fileShift: %d\n",
-+ dataOff[1], memShift, maxMemShift, fileShift);
-+ if (dataOff[1] == 0 || maxMemShift == 0)
-+ goto out;
-
-- /* Add a segment that maps the new program/section headers and
-- PT_INTERP segment into memory. Otherwise glibc will choke. */
-- phdrs.resize(rdi(hdr->e_phnum) + 1);
-- wri(hdr->e_phnum, rdi(hdr->e_phnum) + 1);
-- Elf_Phdr & phdr = phdrs[rdi(hdr->e_phnum) - 1];
-- wri(phdr.p_type, PT_LOAD);
-- wri(phdr.p_offset, 0);
-- wri(phdr.p_vaddr, wri(phdr.p_paddr, startPage));
-- wri(phdr.p_filesz, wri(phdr.p_memsz, shift));
-- wri(phdr.p_flags, PF_R | PF_W);
-- wri(phdr.p_align, pageSize);
-+ shiftFileSingle(fileShift, dataOff[0]);
-+ }
-+out:
-+ return;
- }
-
-
-@@ -491,7 +566,7 @@ string & ElfFile<ElfFileParamNames>::replaceSection(const SectionName & sectionN
-
- template<ElfFileParams>
- void ElfFile<ElfFileParamNames>::writeReplacedSections(Elf_Off & curOff,
-- Elf_Addr startAddr, Elf_Off startOffset)
-+ Elf_Addr startAddr, Elf_Off startOffset, bool isData = false)
- {
- /* Overwrite the old section contents with 'X's. Do this
- *before* writing the new section contents (below) to prevent
-@@ -501,6 +576,9 @@ void ElfFile<ElfFileParamNames>::writeReplacedSections(Elf_Off & curOff,
- {
- string sectionName = i->first;
- Elf_Shdr & shdr = findSection(sectionName);
-+ if ((!isData && rdi(shdr.sh_flags) & SHF_WRITE) ||
-+ (isData && ~(rdi(shdr.sh_flags)) & SHF_WRITE))
-+ continue;
- memset(contents + rdi(shdr.sh_offset), 'X', rdi(shdr.sh_size));
- }
-
-@@ -509,6 +587,9 @@ void ElfFile<ElfFileParamNames>::writeReplacedSections(Elf_Off & curOff,
- {
- string sectionName = i->first;
- Elf_Shdr & shdr = findSection(sectionName);
-+ if ((!isData && rdi(shdr.sh_flags) & SHF_WRITE) ||
-+ (isData && ~(rdi(shdr.sh_flags)) & SHF_WRITE))
-+ continue;
- debug("rewriting section `%s' from offset 0x%x (size %d) to offset 0x%x (size %d)\n",
- sectionName.c_str(), rdi(shdr.sh_offset), rdi(shdr.sh_size), curOff, i->second.size());
-
-@@ -546,201 +627,47 @@ void ElfFile<ElfFileParamNames>::writeReplacedSections(Elf_Off & curOff,
- curOff += roundUp(i->second.size(), sectionAlignment);
- }
-
-- replacedSections.clear();
-+ if (isData)
-+ replacedSections.clear();
- }
-
-
- template<ElfFileParams>
--void ElfFile<ElfFileParamNames>::rewriteSectionsLibrary()
-+void ElfFile<ElfFileParamNames>::rewriteSectionsBinary()
- {
-- /* For dynamic libraries, we just place the replacement sections
-- at the end of the file. They're mapped into memory by a
-- PT_LOAD segment located directly after the last virtual address
-- page of other segments. */
-- Elf_Addr startPage = 0;
-- for (unsigned int i = 0; i < phdrs.size(); ++i) {
-- Elf_Addr thisPage = roundUp(rdi(phdrs[i].p_vaddr) + rdi(phdrs[i].p_memsz), pageSize);
-- if (thisPage > startPage) startPage = thisPage;
-- }
--
-- debug("last page is 0x%llx\n", (unsigned long long) startPage);
-+ Elf_Off codeOff[2] = {0}, dataOff[2] = {0};
-+ Elf_Addr codePage = 0, dataPage = 0;
-+ size_t neededCode = 0, neededData = 0, oldCode = 0, oldData = 0;
-+ Elf_Shdr shdr = findSection(".text");
-+ Elf_Addr firstPage = rdi(shdr.sh_addr) - rdi(shdr.sh_offset);
-
-+ debug("first page is 0x%llx\n", (unsigned long long) firstPage);
-
-- /* Compute the total space needed for the replaced sections and
-- the program headers. */
-- off_t neededSpace = (phdrs.size() + 1) * sizeof(Elf_Phdr);
-+ /* Compute the total space needed for the replaced sections */
- for (ReplacedSections::iterator i = replacedSections.begin();
-- i != replacedSections.end(); ++i)
-- neededSpace += roundUp(i->second.size(), sectionAlignment);
-- debug("needed space is %d\n", neededSpace);
--
--
-- size_t startOffset = roundUp(fileSize, pageSize);
--
-- growFile(startOffset + neededSpace);
--
--
-- /* Even though this file is of type ET_DYN, it could actually be
-- an executable. For instance, Gold produces executables marked
-- ET_DYN. In that case we can still hit the kernel bug that
-- necessitated rewriteSectionsExecutable(). However, such
-- executables also tend to start at virtual address 0, so
-- rewriteSectionsExecutable() won't work because it doesn't have
-- any virtual address space to grow downwards into. As a
-- workaround, make sure that the virtual address of our new
-- PT_LOAD segment relative to the first PT_LOAD segment is equal
-- to its offset; otherwise we hit the kernel bug. This may
-- require creating a hole in the executable. The bigger the size
-- of the uninitialised data segment, the bigger the hole. */
-- if (isExecutable) {
-- if (startOffset >= startPage) {
-- debug("shifting new PT_LOAD segment by %d bytes to work around a Linux kernel bug\n", startOffset - startPage);
-- } else {
-- size_t hole = startPage - startOffset;
-- /* Print a warning, because the hole could be very big. */
-- fprintf(stderr, "warning: working around a Linux kernel bug by creating a hole of %zu bytes in ‘%s’\n", hole, fileName.c_str());
-- assert(hole % pageSize == 0);
-- /* !!! We could create an actual hole in the file here,
-- but it's probably not worth the effort. */
-- growFile(fileSize + hole);
-- startOffset += hole;
-- }
-- startPage = startOffset;
-- }
--
--
-- /* Add a segment that maps the replaced sections and program
-- headers into memory. */
-- phdrs.resize(rdi(hdr->e_phnum) + 1);
-- wri(hdr->e_phnum, rdi(hdr->e_phnum) + 1);
-- Elf_Phdr & phdr = phdrs[rdi(hdr->e_phnum) - 1];
-- wri(phdr.p_type, PT_LOAD);
-- wri(phdr.p_offset, startOffset);
-- wri(phdr.p_vaddr, wri(phdr.p_paddr, startPage));
-- wri(phdr.p_filesz, wri(phdr.p_memsz, neededSpace));
-- wri(phdr.p_flags, PF_R | PF_W);
-- wri(phdr.p_align, pageSize);
--
--
-- /* Write out the replaced sections. */
-- Elf_Off curOff = startOffset + phdrs.size() * sizeof(Elf_Phdr);
-- writeReplacedSections(curOff, startPage, startOffset);
-- assert((off_t) curOff == startOffset + neededSpace);
--
--
-- /* Move the program header to the start of the new area. */
-- wri(hdr->e_phoff, startOffset);
--
-- rewriteHeaders(startPage);
--}
--
--
--template<ElfFileParams>
--void ElfFile<ElfFileParamNames>::rewriteSectionsExecutable()
--{
-- /* Sort the sections by offset, otherwise we won't correctly find
-- all the sections before the last replaced section. */
-- sortShdrs();
--
--
-- /* What is the index of the last replaced section? */
-- unsigned int lastReplaced = 0;
-- for (unsigned int i = 1; i < rdi(hdr->e_shnum); ++i) {
-- string sectionName = getSectionName(shdrs[i]);
-- if (replacedSections.find(sectionName) != replacedSections.end()) {
-- debug("using replaced section `%s'\n", sectionName.c_str());
-- lastReplaced = i;
-- }
-- }
--
-- assert(lastReplaced != 0);
--
-- debug("last replaced is %d\n", lastReplaced);
--
-- /* Try to replace all sections before that, as far as possible.
-- Stop when we reach an irreplacable section (such as one of type
-- SHT_PROGBITS). These cannot be moved in virtual address space
-- since that would invalidate absolute references to them. */
-- assert(lastReplaced + 1 < shdrs.size()); /* !!! I'm lazy. */
-- size_t startOffset = rdi(shdrs[lastReplaced + 1].sh_offset);
-- Elf_Addr startAddr = rdi(shdrs[lastReplaced + 1].sh_addr);
-- string prevSection;
-- for (unsigned int i = 1; i <= lastReplaced; ++i) {
-- Elf_Shdr & shdr(shdrs[i]);
-- string sectionName = getSectionName(shdr);
-- debug("looking at section `%s'\n", sectionName.c_str());
-- /* !!! Why do we stop after a .dynstr section? I can't
-- remember! */
-- if ((rdi(shdr.sh_type) == SHT_PROGBITS && sectionName != ".interp")
-- || prevSection == ".dynstr")
-- {
-- startOffset = rdi(shdr.sh_offset);
-- startAddr = rdi(shdr.sh_addr);
-- lastReplaced = i - 1;
-- break;
-+ i != replacedSections.end(); ++i) {
-+ shdr = findSection(i->first);
-+ if (rdi(shdr.sh_flags) & SHF_WRITE) {
-+ oldData += rdi(shdr.sh_size);
-+ neededData += roundUp(i->second.size(), sectionAlignment);
- } else {
-- if (replacedSections.find(sectionName) == replacedSections.end()) {
-- debug("replacing section `%s' which is in the way\n", sectionName.c_str());
-- replaceSection(sectionName, rdi(shdr.sh_size));
-- }
-+ oldCode += rdi(shdr.sh_size);
-+ neededCode += roundUp(i->second.size(), sectionAlignment);
- }
-- prevSection = sectionName;
- }
-
-- debug("first reserved offset/addr is 0x%x/0x%llx\n",
-- startOffset, (unsigned long long) startAddr);
--
-- assert(startAddr % pageSize == startOffset % pageSize);
-- Elf_Addr firstPage = startAddr - startOffset;
-- debug("first page is 0x%llx\n", (unsigned long long) firstPage);
--
-- /* Right now we assume that the section headers are somewhere near
-- the end, which appears to be the case most of the time.
-- Therefore they're not accidentally overwritten by the replaced
-- sections. !!! Fix this. */
-- assert((off_t) rdi(hdr->e_shoff) >= startOffset);
--
--
-- /* Compute the total space needed for the replaced sections, the
-- ELF header, and the program headers. */
-- size_t neededSpace = sizeof(Elf_Ehdr) + phdrs.size() * sizeof(Elf_Phdr);
-- for (ReplacedSections::iterator i = replacedSections.begin();
-- i != replacedSections.end(); ++i)
-- neededSpace += roundUp(i->second.size(), sectionAlignment);
--
-- debug("needed space is %d\n", neededSpace);
--
-- /* If we need more space at the start of the file, then grow the
-- file by the minimum number of pages and adjust internal
-- offsets. */
-- if (neededSpace > startOffset) {
--
-- /* We also need an additional program header, so adjust for that. */
-- neededSpace += sizeof(Elf_Phdr);
-- debug("needed space is %d\n", neededSpace);
--
-- unsigned int neededPages = roundUp(neededSpace - startOffset, pageSize) / pageSize;
-- debug("needed pages is %d\n", neededPages);
-- if (neededPages * pageSize > firstPage)
-- error("virtual address space underrun!");
--
-- firstPage -= neededPages * pageSize;
-- startOffset += neededPages * pageSize;
--
-- shiftFile(neededPages, firstPage);
-- }
--
--
-- /* Clear out the free space. */
-- Elf_Off curOff = sizeof(Elf_Ehdr) + phdrs.size() * sizeof(Elf_Phdr);
-- debug("clearing first %d bytes\n", startOffset - curOff);
-- memset(contents + curOff, 0, startOffset - curOff);
-+ debug("needed space is C: %d, D: %d\n", neededCode, neededData);
-
-+ /* If we need more space within the file, then grow the
-+ file and adjust internal offsets. */
-+ shiftFile(neededCode, neededData, codeOff, dataOff, &codePage,
-+ &dataPage);
-+ assert(codeOff[0] > 0);
-
- /* Write out the replaced sections. */
-- writeReplacedSections(curOff, firstPage, 0);
-- assert((off_t) curOff == neededSpace);
--
-+ debug("codePage: %#lx, dataPage: %#lx\n", codePage, dataPage);
-+ writeReplacedSections(codeOff[0], codePage + codeOff[1], codeOff[0]);
-+ writeReplacedSections(dataOff[0], dataPage + dataOff[1], dataOff[0], true);
-
- rewriteHeaders(firstPage + rdi(hdr->e_phoff));
- }
-@@ -758,10 +685,10 @@ void ElfFile<ElfFileParamNames>::rewriteSections()
-
- if (rdi(hdr->e_type) == ET_DYN) {
- debug("this is a dynamic library\n");
-- rewriteSectionsLibrary();
-+ rewriteSectionsBinary();
- } else if (rdi(hdr->e_type) == ET_EXEC) {
- debug("this is an executable\n");
-- rewriteSectionsExecutable();
-+ rewriteSectionsBinary();
- } else error("unknown ELF type");
- }
-
---
-2.1.2
-
diff --git a/gnu/packages/patches/ruby-concurrent-ignore-broken-test.patch b/gnu/packages/patches/ruby-concurrent-ignore-broken-test.patch
deleted file mode 100644
index 4e801c3225..0000000000
--- a/gnu/packages/patches/ruby-concurrent-ignore-broken-test.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-This test appears to fail in GNU Guix and elsewhere. It has been reported
-upstream at https://github.com/puma/puma/issues/995
-
-diff --git a/spec/concurrent/channel_spec.rb b/spec/concurrent/channel_spec.rb
-index d70fba8..4f29a8b 100644
---- a/spec/concurrent/channel_spec.rb
-+++ b/spec/concurrent/channel_spec.rb
-@@ -598,7 +598,7 @@ module Concurrent
- }.to raise_error(ArgumentError)
- end
-
-- it 'loops until the block returns false' do
-+ xit 'loops until the block returns false' do
- actual = 0
- expected = 3
- latch = Concurrent::CountDownLatch.new(expected)
diff --git a/gnu/packages/patches/ruby-concurrent-test-arm.patch b/gnu/packages/patches/ruby-concurrent-test-arm.patch
deleted file mode 100644
index 06d5657814..0000000000
--- a/gnu/packages/patches/ruby-concurrent-test-arm.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Work around two test suite failures on ARM:
-
- https://github.com/ruby-concurrency/concurrent-ruby/issues/547
-
-The regexps here assume addresses like "0x1234" but on ARM (32-bit)
-we get something like "0x-7db1e810" (notice the dash).
-
-diff --git a/spec/concurrent/edge/promises_spec.rb b/spec/concurrent/edge/promises_spec.rb
-index 727210f..149f7cd 100644
---- a/spec/concurrent/edge/promises_spec.rb
-+++ b/spec/concurrent/edge/promises_spec.rb
-@@ -371,9 +371,9 @@ describe 'Concurrent::Promises' do
- four = three.delay.then(&:succ)
-
- # meaningful to_s and inspect defined for Future and Promise
-- expect(head.to_s).to match /<#Concurrent::Promises::Future:0x[\da-f]+ pending>/
-+ expect(head.to_s).to match /<#Concurrent::Promises::Future:0x-?[\da-f]+ pending>/
- expect(head.inspect).to(
-- match(/<#Concurrent::Promises::Future:0x[\da-f]+ pending>/))
-+ match(/<#Concurrent::Promises::Future:0x-?[\da-f]+ pending>/))
-
- # evaluates only up to three, four is left unevaluated
- expect(three.value!).to eq 3
-diff --git a/spec/concurrent/map_spec.rb b/spec/concurrent/map_spec.rb
-index c4050be..0a9095d 100644
---- a/spec/concurrent/map_spec.rb
-+++ b/spec/concurrent/map_spec.rb
-@@ -794,7 +794,7 @@ module Concurrent
- end
-
- it '#inspect' do
-- regexp = /\A#<Concurrent::Map:0x[0-9a-f]+ entries=[0-9]+ default_proc=.*>\Z/i
-+ regexp = /\A#<Concurrent::Map:0x-?[0-9a-f]+ entries=[0-9]+ default_proc=.*>\Z/i
- expect(Concurrent::Map.new.inspect).to match(regexp)
- expect((Concurrent::Map.new {}).inspect).to match(regexp)
- map = Concurrent::Map.new
diff --git a/gnu/packages/patches/sbcl-graph-asdf-definitions.patch b/gnu/packages/patches/sbcl-graph-asdf-definitions.patch
new file mode 100644
index 0000000000..a528ccfcc6
--- /dev/null
+++ b/gnu/packages/patches/sbcl-graph-asdf-definitions.patch
@@ -0,0 +1,70 @@
+commit 52ebece1243ae6900e414b6248b5145a28348eef
+Author: Guillaume Le Vaillant <glv@posteo.net>
+Date: Fri Oct 18 15:41:23 2019 +0200
+
+ Use basic ASDF system definitions instead of package-inferred-system
+
+diff --git a/graph.asd b/graph.asd
+index 193b6e3..56afc8f 100644
+--- a/graph.asd
++++ b/graph.asd
+@@ -3,12 +3,10 @@
+ :version "0.0.0"
+ :author ("Eric Schulte <schulte.eric@gmail.com>" "Thomas Dye")
+ :licence "GPL V3"
+- :class :package-inferred-system
+- :defsystem-depends-on (:asdf-package-system)
++ :in-order-to ((test-op (test-op graph-test)))
+ :depends-on (alexandria
+ metabang-bind
+ named-readtables
+ curry-compose-reader-macros
+- graph/graph))
+-
+-(register-system-packages "femlisp-matlisp" '(:fl.matlisp))
++ cl-heap)
++ :components ((:file "graph")))
+diff --git a/graph.dot.asd b/graph.dot.asd
+new file mode 100644
+index 0000000..12aec7e
+--- /dev/null
++++ b/graph.dot.asd
+@@ -0,0 +1,8 @@
++(defsystem :graph-dot
++ :depends-on (alexandria
++ metabang-bind
++ named-readtables
++ curry-compose-reader-macros
++ cl-ppcre
++ graph)
++ :components ((:file "dot")))
+diff --git a/graph.json.asd b/graph.json.asd
+new file mode 100644
+index 0000000..e7d091f
+--- /dev/null
++++ b/graph.json.asd
+@@ -0,0 +1,8 @@
++(defsystem :graph-json
++ :depends-on (alexandria
++ metabang-bind
++ named-readtables
++ curry-compose-reader-macros
++ yason
++ graph)
++ :components ((:file "json")))
+diff --git a/graph.test.asd b/graph.test.asd
+new file mode 100644
+index 0000000..1e811e1
+--- /dev/null
++++ b/graph.test.asd
+@@ -0,0 +1,10 @@
++(defsystem :graph-test
++ :depends-on (alexandria
++ metabang-bind
++ named-readtables
++ curry-compose-reader-macros
++ graph
++ stefil)
++ :perform (test-op (o s)
++ (uiop:symbol-call :graph/test 'test))
++ :components ((:file "test")))
diff --git a/gnu/packages/patches/seahorse-gkr-use-0-on-empty-flags.patch b/gnu/packages/patches/seahorse-gkr-use-0-on-empty-flags.patch
new file mode 100644
index 0000000000..55866d2973
--- /dev/null
+++ b/gnu/packages/patches/seahorse-gkr-use-0-on-empty-flags.patch
@@ -0,0 +1,32 @@
+Patch from <https://gitlab.gnome.org/GNOME/seahorse/commit/d9db29db567012b7c72e85e1be1fbf55fcc9b667>.
+
+From d9db29db567012b7c72e85e1be1fbf55fcc9b667 Mon Sep 17 00:00:00 2001
+From: Niels De Graef <nielsdegraef@gmail.com>
+Date: Sat, 11 May 2019 09:02:34 +0200
+Subject: [PATCH] gkr: Use 0 on empty flags
+
+A Flags-type variable without any flag set can be replaced with 0, so
+this is a safe thing to do. It also prevents us from having to deal with
+the accidental API break in libsecret (see
+https://gitlab.gnome.org/GNOME/libsecret/merge_requests/19)
+---
+ gkr/gkr-keyring-add.vala | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/gkr/gkr-keyring-add.vala b/gkr/gkr-keyring-add.vala
+index 4e92a520..f60c9a22 100644
+--- a/gkr/gkr-keyring-add.vala
++++ b/gkr/gkr-keyring-add.vala
+@@ -41,8 +41,7 @@ public class Seahorse.Gkr.KeyringAdd : Gtk.Dialog {
+
+ var cancellable = Dialog.begin_request(this);
+ var service = Backend.instance().service;
+- Secret.Collection.create.begin(service, this.name_entry.text, null,
+- Secret.CollectionCreateFlags.COLLECTION_CREATE_NONE,
++ Secret.Collection.create.begin(service, this.name_entry.text, null, 0,
+ cancellable, (obj, res) => {
+ /* Clear the operation without cancelling it since it is complete */
+ Dialog.complete_request(this, false);
+--
+2.23.0
+
diff --git a/gnu/packages/patches/tomb-fix-errors-on-open.patch b/gnu/packages/patches/tomb-fix-errors-on-open.patch
new file mode 100644
index 0000000000..5f41c9ee8f
--- /dev/null
+++ b/gnu/packages/patches/tomb-fix-errors-on-open.patch
@@ -0,0 +1,25 @@
+Description: Avoid error messages when opening a new tomb
+ Make sure control file exists and has user ownership before user writes to it.
+Author: Sven Geuer <debmaint@g-e-u-e-r.de>
+Bug: https://github.com/dyne/Tomb/issues/369
+Last-Update: 2019-11-04
+--- a/tomb
++++ b/tomb
+@@ -2197,14 +2197,15 @@
+ # {{{ Open
+
+ _update_control_file() {
+- # replaces a control file with new contents and gives it user ownership
++ # make sure a control file exists, gives it user ownership
++ # and replaces it with new contents
+ # stdin = contents
+ # $1 = path to control file
+ # $2 = contents
+ [[ "$2" = "" ]] && return 1
+ _sudo touch "$1"
+- print "$2" > "$1"
+ _sudo chown ${_UID}:${_GID} "$1"
++ print "$2" > "$1"
+ _verbose "updated control file $1 = $2"
+ }
+
diff --git a/gnu/packages/patches/udiskie-no-appindicator.patch b/gnu/packages/patches/udiskie-no-appindicator.patch
new file mode 100644
index 0000000000..c19099cdaa
--- /dev/null
+++ b/gnu/packages/patches/udiskie-no-appindicator.patch
@@ -0,0 +1,155 @@
+Remove the support for Unity's appindicator.
+
+diff -Naur udiskie-1.7.7/completions/_udiskie udiskie-1.7.7a/completions/_udiskie
+--- udiskie-1.7.7/completions/_udiskie 2019-02-17 18:28:58.000000000 +0100
++++ udiskie-1.7.7a/completions/_udiskie 2019-10-29 14:21:04.556193639 +0100
+@@ -21,8 +21,6 @@
+ '(-a)'{-A,--no-automount}"[disable automounting]"
+ '(-N)'{-n,--notify}"[show popup notifications]"
+ '(-n)'{-N,--no-notify}"[disable notifications]"
+- '(--no-appindicator)'--appindicator"[use appindicator for status icon]"
+- '(--appindicator)'--no-appindicator"[don't use appindicator]"
+ '(-T -s)'{-t,--tray}"[show tray icon]"
+ '(-T -t)'{-s,--smart-tray}"[auto hide tray icon]"
+ '(-t -s)'{-T,--no-tray}"[disable tray icon]"
+diff -Naur udiskie-1.7.7/doc/udiskie.8.txt udiskie-1.7.7a/doc/udiskie.8.txt
+--- udiskie-1.7.7/doc/udiskie.8.txt 2019-02-17 18:28:58.000000000 +0100
++++ udiskie-1.7.7a/doc/udiskie.8.txt 2019-10-29 14:21:52.304570344 +0100
+@@ -95,12 +95,6 @@
+ *-F, \--no-file-manager*::
+ Disable browsing.
+
+-*-appindicator*::
+- Use AppIndicator3 for the status icon. Use this on Ubuntu/Unity if no icon is shown.
+-
+-*--no-appindicator*::
+- Use Gtk.StatusIcon for the status icon (default).
+-
+ *--password-cache MINUTES*::
+ Cache passwords for LUKS partitions and set the timeout.
+
+diff -Naur udiskie-1.7.7/udiskie/appindicator.py udiskie-1.7.7a/udiskie/appindicator.py
+--- udiskie-1.7.7/udiskie/appindicator.py 2019-02-17 18:28:58.000000000 +0100
++++ udiskie-1.7.7a/udiskie/appindicator.py 1970-01-01 01:00:00.000000000 +0100
+@@ -1,61 +0,0 @@
+-"""
+-Status icon using AppIndicator3.
+-"""
+-
+-from gi.repository import Gtk
+-from gi.repository import AppIndicator3
+-
+-from udiskie.async_ import Async
+-
+-
+-class AppIndicatorIcon(object):
+-
+- """
+- Show status icon using AppIndicator as backend. Replaces
+- `udiskie.tray.StatusIcon` on ubuntu/unity.
+- """
+-
+- def __init__(self, menumaker, _icons):
+- self._maker = menumaker
+- self._menu = Gtk.Menu()
+- self._indicator = AppIndicator3.Indicator.new(
+- 'udiskie',
+- _icons.get_icon_name('media'),
+- AppIndicator3.IndicatorCategory.HARDWARE)
+- self._indicator.set_status(AppIndicator3.IndicatorStatus.PASSIVE)
+- self._indicator.set_menu(self._menu)
+- # Get notified before menu is shown, see:
+- # https://bugs.launchpad.net/screenlets/+bug/522152/comments/15
+- dbusmenuserver = self._indicator.get_property('dbus-menu-server')
+- self._dbusmenuitem = dbusmenuserver.get_property('root-node')
+- self._conn = self._dbusmenuitem.connect('about-to-show', self._on_show)
+- self.task = Async()
+- menumaker._quit_action = self.destroy
+- # Populate menu initially, so libdbusmenu does not ignore the
+- # 'about-to-show':
+- self._maker(self._menu)
+-
+- def destroy(self):
+- self.show(False)
+- self._dbusmenuitem.disconnect(self._conn)
+- self.task.callback()
+-
+- @property
+- def visible(self):
+- status = self._indicator.get_status()
+- return status == AppIndicator3.IndicatorStatus.ACTIVE
+-
+- def show(self, show=True):
+- if show == self.visible:
+- return
+- status = (AppIndicator3.IndicatorStatus.ACTIVE if show else
+- AppIndicator3.IndicatorStatus.PASSIVE)
+- self._indicator.set_status(status)
+-
+- def _on_show(self, menu):
+- # clear menu:
+- for item in self._menu.get_children():
+- self._menu.remove(item)
+- # repopulate:
+- self._maker(self._menu)
+- self._menu.show_all()
+diff -Naur udiskie-1.7.7/udiskie/cli.py udiskie-1.7.7a/udiskie/cli.py
+--- udiskie-1.7.7/udiskie/cli.py 2019-02-17 18:28:58.000000000 +0100
++++ udiskie-1.7.7a/udiskie/cli.py 2019-10-29 14:18:22.678919186 +0100
+@@ -376,9 +376,6 @@
+ -T, --no-tray Disable tray icon
+ -m MENU, --menu MENU Tray menu [flat/nested]
+
+- --appindicator Use appindicator for status icon
+- --no-appindicator Don't use appindicator
+-
+ --password-cache MINUTES Set password cache timeout
+ --no-password-cache Disable password cache
+
+@@ -400,7 +397,6 @@
+ 'notify': True,
+ 'tray': False,
+ 'menu': 'flat',
+- 'appindicator': False,
+ 'file_manager': 'xdg-open',
+ 'password_prompt': 'builtin:gui',
+ 'password_cache': False,
+@@ -415,7 +411,6 @@
+ '--no-tray': False,
+ '--smart-tray': 'auto'}),
+ 'menu': Value('--menu'),
+- 'appindicator': Switch('appindicator'),
+ 'file_manager': OptionalValue('--file-manager'),
+ 'password_prompt': OptionalValue('--password-prompt'),
+ 'password_cache': OptionalValue('--password-cache'),
+@@ -541,11 +536,7 @@
+ raise ValueError("Invalid menu: %s" % (options['menu'],))
+
+ menu_maker = udiskie.tray.UdiskieMenu(self, icons, actions, flat)
+- if options['appindicator']:
+- import udiskie.appindicator
+- TrayIcon = udiskie.appindicator.AppIndicatorIcon
+- else:
+- TrayIcon = udiskie.tray.TrayIcon
++ TrayIcon = udiskie.tray.TrayIcon
+ trayicon = TrayIcon(menu_maker, icons)
+ return udiskie.tray.UdiskieStatusIcon(trayicon, menu_maker, smart)
+
+diff -Naur udiskie-1.7.7/udiskie.egg-info/SOURCES.txt udiskie-1.7.7a/udiskie.egg-info/SOURCES.txt
+--- udiskie-1.7.7/udiskie.egg-info/SOURCES.txt 2019-02-17 19:42:25.000000000 +0100
++++ udiskie-1.7.7a/udiskie.egg-info/SOURCES.txt 2019-10-29 14:40:09.333315287 +0100
+@@ -24,7 +24,6 @@
+ test/test_cache.py
+ test/test_match.py
+ udiskie/__init__.py
+-udiskie/appindicator.py
+ udiskie/async_.py
+ udiskie/automount.py
+ udiskie/cache.py
+@@ -46,4 +45,4 @@
+ udiskie.egg-info/dependency_links.txt
+ udiskie.egg-info/entry_points.txt
+ udiskie.egg-info/requires.txt
+-udiskie.egg-info/top_level.txt
+\ Pas de fin de ligne à la fin du fichier
++udiskie.egg-info/top_level.txt
diff --git a/gnu/packages/patches/vlc-fix-test_libvlc_slaves.patch b/gnu/packages/patches/vlc-fix-test_libvlc_slaves.patch
new file mode 100644
index 0000000000..9bc6d35f18
--- /dev/null
+++ b/gnu/packages/patches/vlc-fix-test_libvlc_slaves.patch
@@ -0,0 +1,35 @@
+From 4186c94104ee528abd6860611b49515f3e6ec644 Mon Sep 17 00:00:00 2001
+From: Thomas Guillem <thomas@gllm.fr>
+Date: Fri, 18 Oct 2019 10:34:07 +0200
+Subject: [PATCH] input/item: sort before attaching slaves
+
+The order of readdir() is completely filesystem dependent.
+
+Slaves should be attached using the same order across multiple OSses/access
+modules.
+
+This fixes the test_libvlc_slaves on some system when the entry order from
+readdir() is different.
+
+This patch need to be backported to VLC 3.0.
+---
+ src/input/item.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/input/item.c b/src/input/item.c
+index e8db39ca28..fbd74cc95f 100644
+--- a/src/input/item.c
++++ b/src/input/item.c
+@@ -1809,8 +1809,8 @@ void vlc_readdir_helper_finish(struct vlc_readdir_helper *p_rdh, bool b_success)
+ {
+ if (b_success)
+ {
+- rdh_attach_slaves(p_rdh, p_rdh->p_node);
+ rdh_sort(p_rdh->p_node);
++ rdh_attach_slaves(p_rdh, p_rdh->p_node);
+ }
+ free(p_rdh->psz_ignored_exts);
+
+--
+2.20.1
+
diff --git a/gnu/packages/patches/weasyprint-library-paths.patch b/gnu/packages/patches/weasyprint-library-paths.patch
new file mode 100644
index 0000000000..317f0c542e
--- /dev/null
+++ b/gnu/packages/patches/weasyprint-library-paths.patch
@@ -0,0 +1,43 @@
+Make weasyprint load dynamic libraries from hard-coded path.
+
+From NixOS
+pkgs/development/python-modules/weasyprint/library-paths.patch
+
+diff --git a/weasyprint/fonts.py b/weasyprint/fonts.py
+index 377716c1..2016e01c 100644
+--- a/weasyprint/fonts.py
++++ b/weasyprint/fonts.py
+@@ -48,11 +48,8 @@ else:
+ # with OSError: dlopen() failed to load a library: cairo / cairo-2
+ # So let's hope we find the same file as cairo already did ;)
+ # Same applies to pangocairo requiring pangoft2
+- fontconfig = dlopen(ffi, 'fontconfig', 'libfontconfig',
+- 'libfontconfig-1.dll',
+- 'libfontconfig.so.1', 'libfontconfig-1.dylib')
+- pangoft2 = dlopen(ffi, 'pangoft2-1.0', 'libpangoft2-1.0-0',
+- 'libpangoft2-1.0.so', 'libpangoft2-1.0.dylib')
++ fontconfig = dlopen(ffi, '@fontconfig@')
++ pangoft2 = dlopen(ffi, '@pangoft2@')
+
+ ffi.cdef('''
+ // FontConfig
+diff --git a/weasyprint/text.py b/weasyprint/text.py
+index 035074e9..08e40395 100644
+--- a/weasyprint/text.py
++++ b/weasyprint/text.py
+@@ -243,12 +243,9 @@ def dlopen(ffi, *names):
+ return ffi.dlopen(names[0]) # pragma: no cover
+
+
+-gobject = dlopen(ffi, 'gobject-2.0', 'libgobject-2.0-0', 'libgobject-2.0.so',
+- 'libgobject-2.0.dylib')
+-pango = dlopen(ffi, 'pango-1.0', 'libpango-1.0-0', 'libpango-1.0.so',
+- 'libpango-1.0.dylib')
+-pangocairo = dlopen(ffi, 'pangocairo-1.0', 'libpangocairo-1.0-0',
+- 'libpangocairo-1.0.so', 'libpangocairo-1.0.dylib')
++gobject = dlopen(ffi, '@gobject@')
++pango = dlopen(ffi, '@pango@')
++pangocairo = dlopen(ffi, '@pangocairo@')
+
+ gobject.g_type_init()
+
diff --git a/gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch b/gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch
deleted file mode 100644
index a43889d2c6..0000000000
--- a/gnu/packages/patches/xorriso-no-mbr-in-inner-efi.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-https://dev.lovelyhq.com/libburnia/libisoburn/commit/1eb51f44dadb8b6c5f87533ca357186cdc1ac625
-diff --git a/frontend/grub-mkrescue-sed.sh b/frontend/grub-mkrescue-sed.sh
-index b3948c99..dcd9d696 100755
---- a/frontend/grub-mkrescue-sed.sh
-+++ b/frontend/grub-mkrescue-sed.sh
-@@ -120,6 +120,7 @@ fi
- # "yes" overwrites the MBR partition table area in the EFI boot image by zeros.
- # Some EFI implementations get stuck when seeing in the EFI partition a
- # partition table entry which begins at LBA 0.
-+# "extra" not only zeros the partition table but also the MBR signature.
- efi_zero_inner_pt=no
- if test -n "$MKRESCUE_SED_IN_EFI_NO_PT"
- then
-@@ -192,24 +193,31 @@ then
- find "$dir"
- fi
-
--if test "$efi_zero_inner_pt" = yes
-+if test "$efi_zero_inner_pt" = yes -o "$efi_zero_inner_pt" = extra
- then
- did_dd=0
- if test -e "$dir"/efi.img
- then
-+ # Look for 0x55 0xAA in bytes 510 and 511
- magic=$(dd bs=1 skip=510 count=2 if="$dir"/efi.img 2>/dev/null | \
- od -c | head -1 | awk '{print $2 " " $3}')
- if test "$magic" = "U 252"
- then
-+ echo "Performing actions for MKRESCUE_SED_IN_EFI_NO_PT=$efi_zero_inner_pt" >&2
- dd if=/dev/zero bs=1 seek=446 count=64 conv=notrunc of="$dir"/efi.img
- did_dd=1
-+ if test "$efi_zero_inner_pt" = extra
-+ then
-+ dd if=/dev/zero bs=1 seek=510 count=2 conv=notrunc of="$dir"/efi.img
-+ fi
-+ echo >&2
- fi
- fi
- if test "$did_dd" = 0
- then
- echo >&2
- echo "$0 : NOTE : No EFI image found or no MBR signature in it." >&2
-- echo "$0 : NOTE : Will not obey MKRESCUE_SED_IN_EFI_NO_PT=yes" >&2
-+ echo "$0 : NOTE : Will not obey MKRESCUE_SED_IN_EFI_NO_PT=$efi_zero_inner_pt" >&2
- echo >&2
- fi
- fi
diff --git a/gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch b/gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch
deleted file mode 100644
index a719ca1f89..0000000000
--- a/gnu/packages/patches/xorriso-no-partition-table-in-inner-efi.patch
+++ /dev/null
@@ -1,107 +0,0 @@
-https://dev.lovelyhq.com/libburnia/libisoburn/commit/3a2a3ba737a06162c22ace0ae09d33ba97aa2673
-diff --git a/frontend/grub-mkrescue-sed.sh b/frontend/grub-mkrescue-sed.sh
-index d772ff22..b3948c99 100755
---- a/frontend/grub-mkrescue-sed.sh
-+++ b/frontend/grub-mkrescue-sed.sh
-@@ -1,6 +1,6 @@
- #!/bin/sh
-
--# Copyright (C) 2015 - 2016
-+# Copyright (C) 2015 - 2019
- # Thomas Schmitt <scdbackup@gmx.net>, libburnia-project.org
- # Provided under BSD license: Use, modify, and distribute as you like.
-
-@@ -117,6 +117,15 @@ fi
- # command line.)
- # Each argument must be a single word. No whitespace. No quotation marks.
-
-+# "yes" overwrites the MBR partition table area in the EFI boot image by zeros.
-+# Some EFI implementations get stuck when seeing in the EFI partition a
-+# partition table entry which begins at LBA 0.
-+efi_zero_inner_pt=no
-+if test -n "$MKRESCUE_SED_IN_EFI_NO_PT"
-+then
-+ efi_zero_inner_pt="$MKRESCUE_SED_IN_EFI_NO_PT"
-+fi
-+
-
- #
- # Do the work
-@@ -183,12 +192,48 @@ then
- find "$dir"
- fi
-
-+if test "$efi_zero_inner_pt" = yes
-+then
-+ did_dd=0
-+ if test -e "$dir"/efi.img
-+ then
-+ magic=$(dd bs=1 skip=510 count=2 if="$dir"/efi.img 2>/dev/null | \
-+ od -c | head -1 | awk '{print $2 " " $3}')
-+ if test "$magic" = "U 252"
-+ then
-+ dd if=/dev/zero bs=1 seek=446 count=64 conv=notrunc of="$dir"/efi.img
-+ did_dd=1
-+ fi
-+ fi
-+ if test "$did_dd" = 0
-+ then
-+ echo >&2
-+ echo "$0 : NOTE : No EFI image found or no MBR signature in it." >&2
-+ echo "$0 : NOTE : Will not obey MKRESCUE_SED_IN_EFI_NO_PT=yes" >&2
-+ echo >&2
-+ fi
-+fi
-+
- efi_tmp_name=
-+if test x"$mode" = xmjg \
-+ -o x"$mode" = xmbr_only \
-+ -o x"$mode" = xgpt_appended \
-+ -o x"$mode" = xmbr_hfs
-+then
-+ # Move EFI partition image file out of the "$dir" tree, i.e. out of the ISO
-+ efi_tmp_name=grub-mkrescue-sed-efi-img.$$
-+ if test -e "$dir"/efi.img
-+ then
-+ mv "$dir"/efi.img /tmp/$efi_tmp_name
-+ elif test -e /tmp/$efi_tmp_name
-+ then
-+ rm /tmp/$efi_tmp_name
-+ fi
-+fi
-+
- if test x"$mode" = xmjg
- then
- # Exchange arguments for the experimental GRUB2 mjg layout
-- efi_tmp_name=grub-mkrescue-sed-efi-img.$$
-- mv "$dir"/efi.img /tmp/$efi_tmp_name
- x=$(echo " $*" | sed \
- -e "s/-efi-boot-part --efi-boot-image/-no-pad -append_partition $partno 0xef \/tmp\/$efi_tmp_name/" \
- -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_${partno}:all:: -no-emul-boot -isohybrid-gpt-basdat/" \
-@@ -207,8 +252,6 @@ then
- elif test x"$mode" = xmbr_only
- then
- # Exchange arguments for no-HFS MBR-only layout
-- efi_tmp_name=grub-mkrescue-sed-efi-img.$$
-- mv "$dir"/efi.img /tmp/$efi_tmp_name
- x=$(echo " $*" | sed \
- -e "s/-efi-boot-part --efi-boot-image/$iso_mbr_part_type -no-pad -append_partition 2 0xef \/tmp\/$efi_tmp_name/" \
- -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_2:all:: -no-emul-boot/" \
-@@ -228,8 +271,6 @@ then
- elif test x"$mode" = xmbr_hfs
- then
- # Exchange arguments for MBR and HFS+ layout
-- efi_tmp_name=grub-mkrescue-sed-efi-img.$$
-- mv "$dir"/efi.img /tmp/$efi_tmp_name
- x=$(echo " $*" | sed \
- -e "s/-efi-boot-part --efi-boot-image/$iso_mbr_part_type -no-pad -append_partition 2 0xef \/tmp\/$efi_tmp_name/" \
- -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_2:all:: -no-emul-boot/" \
-@@ -247,8 +288,6 @@ then
- elif test x"$mode" = xgpt_appended
- then
- # Exchange arguments for no-HFS MBR-only layout
-- efi_tmp_name=grub-mkrescue-sed-efi-img.$$
-- mv "$dir"/efi.img /tmp/$efi_tmp_name
- x=$(echo " $*" | sed \
- -e "s/-efi-boot-part --efi-boot-image/-no-pad -append_partition 2 0xef \/tmp\/$efi_tmp_name -appended_part_as_gpt -partition_offset 16/" \
- -e "s/--efi-boot efi\.img/-eltorito-alt-boot -e --interval:appended_partition_2:all:: -no-emul-boot/" \