diff --git a/sys-kernel/hardened-kernel/Manifest b/sys-kernel/hardened-kernel/Manifest index 4ae0e49..6ff269f 100644 --- a/sys-kernel/hardened-kernel/Manifest +++ b/sys-kernel/hardened-kernel/Manifest @@ -1,15 +1,10 @@ -AUX linux-5.10.amd64.config 151905 BLAKE2B 54a6d20bf154dba27bd3bba51bbe94705f00839c469bedf2f4fc28857e2b951d512c0bf4d15dc689917bc7fa7c5c2305d087035c1ed8d2513d8945373db65420 SHA512 d01d509ecc38b7085b9d4cfe59cc27b9a3da898a5f83abe54e71ec832eb60521bdee0419c445d3811e18d6ba78ccf5c5dc8e10d832e2f34f3df668d575f5ea57 +AUX linux-5.10.amd64.config 151905 BLAKE2B b89c8bbab9ae6e3954cca173b815a8971f3fb358ab0f3be1ed90b18e10c54a1d5ccc3a7548bc37a9439b68c482f30ae7097d5ef03f82e6eb31471aaad8e38168 SHA512 3e36f5214fff3cd069b696400ad1983076bbefaac73cf658f3cb7c0c5fcdc6a793d649fd9a5ec36b3b025da3597fa4bb5c53294851bd7f4f535876b1f6ccb5aa AUX linux-5.10/1190-reiser4-v5.patch 2902366 BLAKE2B 46a723adf391156110e44a132ecf30dd5101f7e9af9b92a6b667f630a52b379c42533e6273049ed33e3ead78f1aed7fcbca04e19dad180c4aee0e374b1a5a1fc SHA512 8859faa5176b615d6f85ca054f7073c197ded54258bd088fbdeb788dacf8f70f486b3e14877f1dc6f365f2a35bdcfc5f47c049af92603fa125a31686cb0c096f AUX linux-5.10/400-ath_regd.patch 6414 BLAKE2B 698c546f85e712feaa84ff3296bae2de35782676cf42677b8bb53b9f44314a25b1bd94b9ee6a66da12dbd016da1fe3bf0140c76eb61b37332294e637153fd31e SHA512 1db61a8d92ab35d7c72990e44c59039f60e356c67d693affcdb96cd0179b5e44abd3f029b4e6dd230b289451ac7d60daeaee0a5863fd344698d53cf3d3f1c618 AUX linux-5.10/beacon_timeout.patch 4047 BLAKE2B b182c326d5d750bec5f73b263124323f10fd452c839d540f21caa7fff46ffa0acb90433bece36efc29056362090cc2512ad116c135402056db557b601e41ab26 SHA512 3dd7e7b83b451ccfbb6285ea04ebcc11f6f1b08c6c676baba7942aa87f62e7118d4e4ad23fa4ddecf61968af5904084a7091712b6a67044b238f2a3f24a4701b -DIST genpatches-4.19-124.base.tar.xz 3482680 BLAKE2B e8716be023f6512fb4613fab11a6ecf6472dd738cdb63669cfc6573e70030bfc5d3374c18672661867dd584d621cffdced21403a337af40b2428ff6703b6aa53 SHA512 dde38efe4b8e413b0aa1380c3fc4284b153b048a38cb8e05fdec34c14588d3e60092a20d247195389ceace0dc9e353caacaf9573c75a2327b4667dcad90c15fa -DIST genpatches-4.19-124.extras.tar.xz 17516 BLAKE2B 1c7db2f9f888a9becf0dd891a3f9980431419af50552a4cda06c51f1a7b5d923698d6ce625c619b73386a300438f858a551ca53adc2a5bc110d6eda2a575a22d SHA512 4f29e993be982e272205c6d57e1828e7cc837abbde4a1e7b59e6b20eac648315bec135338b8f6e33df2b49d81e855a9f5c7eeebf6238fa8bc3bbd2215c324eff -DIST genpatches-5.10-58.base.tar.xz 1910208 BLAKE2B 3f385e4cae808101f092a1ebf72dc9cf1bcc94ed8bdca8a4772afd0c32cb1424f96fee2e59ab7605b588e64d162e46aae2918b7916bded019f97f637292853ee SHA512 be328dd7212c5a0e009ba95d45c716912d96743f3ae5e2e5e1daabc252f1e151043abe21f61ef90fc4f23d4e164b6ebe2d289abfc1470daf1a33a1564dbe7b06 -DIST genpatches-5.10-58.extras.tar.xz 3420 BLAKE2B 81c42396369ce4e26d2a1574067d251b9013bd012f052e3e35ecaa1953e3d81cb9e398eb9521d191a4197ad2a81780d49059fd7abb9774e886d6d10b6b6831d3 SHA512 79afef40259c8ab2cfa957bdb56666e9ff691ff68362ad95482129e7037fc0659185923ec87ac97d217f5d2956e2be7189077ddf38844fa6c7ced4f0f6f58870 -DIST linux-4.19.tar.xz 103117552 BLAKE2B 1dbf16cf410867412d17568fe42bc1e90c034183b654d270b650621ff7664a321950943d0639205bc1ee7ef6210be170c1f2c785a042ed8a4ec5e3a486d890e0 SHA512 ab67cc746b375a8b135e8b23e35e1d6787930d19b3c26b2679787d62951cbdbc3bb66f8ededeb9b890e5008b2459397f9018f1a6772fdef67780b06a4cb9f6f4 +DIST genpatches-5.10-66.base.tar.xz 2062612 BLAKE2B 6aed0d13a78b49d310840e9f3d2ce17493e827c3ee5c43617b36478d02b542ca1b73ba18b8790f06df72686da9935e9596d2a3b85eb63107b998bc9765238685 SHA512 3c834cf4887f899f230db5e5a7c1f082c383726c52dda457b7fddc77e7e6e980083def63653d036a7c9bff6cfafa08abe534ef4cd8d65cc6766ef87633187df4 +DIST genpatches-5.10-66.extras.tar.xz 3476 BLAKE2B 83c469744224ee1c4e5498d30b50610f0679996262323e9e048ed14df49790fa33e704ef61c3a58fb1dc23bd13262f87cd7459a5005079eee89701fa66fab696 SHA512 985413d00a94b3e84b7be1db8ee40b6d80d7651823bf68f0a6a50fa0c46f3cbf26839d88d561aba86378d321a4628a5df90debec0e4436c01d53df074f4bd104 DIST linux-5.10.tar.xz 116606704 BLAKE2B b923d7b66309224f42f35f8a5fa219421b0a9362d2adacdadd8d96251f61f7230878ea297a269a7f3b3c56830f0b177e068691e1d7f88501a05653b0a13274d1 SHA512 95bc137d0cf9148da6a9d1f1a878698dc27b40f68e22c597544010a6c591ce1b256f083489d3ff45ff77753289b535135590194d88ef9f007d0ddab3d74de70e -DIST linux-hardened-4.19.125.a.patch 97705 BLAKE2B ca013aaf31bf90177b5d2d2cb2018bafaa0173c6017193bd5bbc3568a4bd34d628798a8dc56411add627340b3b1617f7d43b02a7e032bd7e4374166e7c3bf8e0 SHA512 771a696115a9879b36fb01d3dc7c4cc9cd02591c07f6cca6f73e956818fa77e1dc42289f79167c4fb2deb69ec8fd9b458757bf45403d7fce874b7b57eb551482 -DIST linux-hardened-5.10.52-hardened1.patch 118920 BLAKE2B d62736ac92b20e3360dbe1d32384ec2643573b55bc3eecd97c787e9d8723bac875037c01f378862ed0f1bebeaaadd2c7802007f59ad27a9c49917e64710cd120 SHA512 cabbf2d125d0c4c41cc89421e10929956fbcd164b2ba69ad01e5737433b606733dacdd9efee439d25cb46c85d46f6e363a8ff8131557fa82d2cbf042eb6924b0 -EBUILD hardened-kernel-4.19.125.ebuild 2568 BLAKE2B 1c165f8359a5d5926cc866769f0ca7fe8b999e190cc92cd92b253efac18ca6d4bcddb89c1ffe8d83bdcb2249421dd58b7372ec4d74f4f432e874503a8fe2e5ab SHA512 08c7c6ef75a00bbf78ab49a01214230e44a602c51b70ad9d61b49c76a014b6d006d67984a482b3142b9aba835ab819f80bbde0a8adc40eab298fba9e9d3b3742 -EBUILD hardened-kernel-5.10.52.ebuild 3016 BLAKE2B 737c1e4ba35cbfb13778169cb092643c701686bbbb53e2442ff77b6b6540e27b7bff1abe7da4a14057fc75c734a25c50375ed8ce05a6a54116a1f3b1a9bb2185 SHA512 50814ca60199a2d8c416d998c6e2a9e0ede68279b7e771151459fa208021c314f6c298b31e2e8369c1f84b60f17280833e284da71e3a034d4f2385bb1c1ae30b +DIST linux-hardened-5.10.60-hardened1.patch 111162 BLAKE2B f8d39236fb3679eb0a87ca98a07c323a18ec2dbfda132f052d8784b8827a92005eba354a45ca0385875e7365df7101d7ca8f703f8d7ecabe4c0aa3fc4dbf8af3 SHA512 79874407e98c259dccd917b76c69ef09bc32b55aec5193211ef3705d6ba2d8c74a1205dff08abac97c8f5200f2ee0997575cdf55295bd5282726f20d8e664d19 +EBUILD hardened-kernel-5.10.60.ebuild 3016 BLAKE2B 737c1e4ba35cbfb13778169cb092643c701686bbbb53e2442ff77b6b6540e27b7bff1abe7da4a14057fc75c734a25c50375ed8ce05a6a54116a1f3b1a9bb2185 SHA512 50814ca60199a2d8c416d998c6e2a9e0ede68279b7e771151459fa208021c314f6c298b31e2e8369c1f84b60f17280833e284da71e3a034d4f2385bb1c1ae30b MISC metadata.xml 345 BLAKE2B 4003222d76459210cbeba27d68bcef9b42f500dd3dafe53505dae42004c5224eeae395fb30d7582de614654d2fde19d118c8c31fbc35e5335c9150d93f42efc9 SHA512 994d288cd16858bad3177d383a279f0f549ddf40ef87c62683815540b331bd48d4afa4d0c6af947e409c58f8abb5e1da045bb98dc00a422ea724cdf0610d6619 diff --git a/sys-kernel/hardened-kernel/files/linux-5.10.amd64.config b/sys-kernel/hardened-kernel/files/linux-5.10.amd64.config index af02713..a2c1ed3 100644 --- a/sys-kernel/hardened-kernel/files/linux-5.10.amd64.config +++ b/sys-kernel/hardened-kernel/files/linux-5.10.amd64.config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.10.52 Kernel Configuration +# Linux/x86 5.10.60 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (Gentoo Hardened 9.3.0-r1 p3) 9.3.0" CONFIG_CC_IS_GCC=y @@ -4777,7 +4777,7 @@ CONFIG_EXT4_FS_SECURITY=y CONFIG_JBD2=y # CONFIG_JBD2_DEBUG is not set CONFIG_FS_MBCACHE=y -CONFIG_REISER4_FS=y +CONFIG_REISER4_FS=m # CONFIG_REISER4_OLD is not set # CONFIG_REISER4_DEBUG is not set # CONFIG_REISERFS_FS is not set diff --git a/sys-kernel/hardened-kernel/hardened-kernel-4.19.125.ebuild b/sys-kernel/hardened-kernel/hardened-kernel-4.19.125.ebuild deleted file mode 100644 index c7ba0d1..0000000 --- a/sys-kernel/hardened-kernel/hardened-kernel-4.19.125.ebuild +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright 2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit kernel-build - -MY_P=linux-${PV%.*} -GENPATCHES_P=genpatches-${PV%.*}-$((${PV##*.}-1)) -HARDENED_PATCH_VER="${PV}.a" -GENPATCHES_EXCLUDE="1500_XATTR_USER_PREFIX.patch - 1510_fs-enable-link-security-restrictions-by-default.patch - 2900_dev-root-proc-mount-fix.patch - 4200_fbcondecor.patch - 4400_alpha-sysctl-uac.patch" - - -DESCRIPTION="Linux kernel built with Gentoo patches" -HOMEPAGE="https://www.kernel.org/" -SRC_URI+=" https://cdn.kernel.org/pub/linux/kernel/v$(ver_cut 1).x/${MY_P}.tar.xz - https://dev.gentoo.org/~mpagano/dist/genpatches/${GENPATCHES_P}.base.tar.xz - https://dev.gentoo.org/~mpagano/dist/genpatches/${GENPATCHES_P}.extras.tar.xz - https://github.com/anthraxx/linux-hardened/releases/download/${HARDENED_PATCH_VER}/linux-hardened-${HARDENED_PATCH_VER}.patch" - -S=${WORKDIR}/${MY_P} - -LICENSE="GPL-2" -KEYWORDS="~amd64" - -BDEPEND=" - !initramfs? ( sys-kernel/initramfs-image ) - app-crypt/sbsigntools" -RDEPEND=" - !sys-kernel/gentoo-kernel:${SLOT} - !sys-kernel/gentoo-kernel-bin:${SLOT} - !sys-kernel/vanilla-kernel:${SLOT} - !sys-kernel/vanilla-kernel-bin:${SLOT}" - -src_prepare() { - # remove some genpatches causes conflicts with linux-hardened patch - for patch in ${GENPATCHES_EXCLUDE}; do - rm -f ${WORKDIR}/${patch} - done - # include linux-hardened patch with priority - cp ${DISTDIR}/linux-hardened-${HARDENED_PATCH_VER}.patch ${WORKDIR}/1199_linux-hardened-${HARDENED_PATCH_VER}.patch - # copy Clear Linux patches - if [ -d "${FILESDIR}"/${MY_P} ]; then - cp "${FILESDIR}"/${MY_P}/*.patch ${WORKDIR}/ - fi - - local PATCHES=( - # meh, genpatches have no directory - "${WORKDIR}"/*.patch - ) - default - - # prepare the default config - case ${ARCH} in - amd64) - cp "${FILESDIR}"/${MY_P}.amd64.config .config || die - ;; - *) - die "Unsupported arch ${ARCH}" - ;; - esac - - local config_tweaks=( - # shove arch under the carpet! - -e 's:^CONFIG_DEFAULT_HOSTNAME=:&"gentoo":' - # disable signatures - -e '/CONFIG_MODULE_SIG/d' - -e '/CONFIG_SECURITY_LOCKDOWN/d' - # disable compression to allow stripping - -e '/CONFIG_MODULE_COMPRESS/d' - ) - sed -i "${config_tweaks[@]}" .config || die -} - -src_install() { - default - - if [[ -z "${UEFI_SB_KEY}" && -z "${UEFI_SB_CRT}" ]] ;then - sbsign --key ${UEFI_SB_KEY} --cert ${UEFI_SB_CRT} --output ${D}/usr/src/linux-${PV}/arch/x86/boot/bzImage.signed \ - ${D}/usr/src/linux-${PV}/arch/x86/boot/bzImage && \ - mv ${D}/usr/src/linux-${PV}/arch/x86/boot/bzImage.signed ${D}/usr/src/linux-${PV}/arch/x86/boot/bzImage - fi -} diff --git a/sys-kernel/hardened-kernel/hardened-kernel-5.10.52.ebuild b/sys-kernel/hardened-kernel/hardened-kernel-5.10.60.ebuild similarity index 100% rename from sys-kernel/hardened-kernel/hardened-kernel-5.10.52.ebuild rename to sys-kernel/hardened-kernel/hardened-kernel-5.10.60.ebuild