sys-kernel/hardened-kernel: update v6.6.47 ebuild
This commit is contained in:
parent
9f556a3c62
commit
fb10daffba
GPG Key ID:
E93720C6C73A77F4
|
|
@ -52,7 +52,7 @@ pkg_postinst() {
|
|||
einfo
|
||||
einfo "You have enabled the module-src USE flag without the module USE"
|
||||
einfo "flag. This means that sources are installed to"
|
||||
einfo "${ROOT}/usr/src/wireguard instead of having the"
|
||||
einfo "${ROOT}/usr/src/amneziawg instead of having the"
|
||||
einfo "kernel module compiled. You will need to compile the module"
|
||||
einfo "yourself. Most likely, you don't want this USE flag, and should"
|
||||
einfo "rather use USE=module"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,18 @@
|
|||
AUX linux-6.1.amd64.config 174782 BLAKE2B 0e4a6382a52a14dc8f7fcb7d0912b9509cba70119a4d9818cf30af0a2b1c1d8a47fda164b5190c0916c90d7aaf106c82dcd79b8de9aaf9cb50c97501bd43b5a9 SHA512 dcb15715c26a4790782594c53a4c7614a85b141a5c2bca790189012a115be5bfcdc3119854ced8fa7b6668c4f32d2472b60af975fba262c355181bd6dab5c590
|
||||
AUX linux-6.6.amd64.config 181689 BLAKE2B f32a31e26e3ce14e665125bbe80ac7a9d4006197af7f32eb1350d84f91a7b98ec117ca18e6de1a2de928d457ebb0fa351af6b53d109f819fa733f6c4f818ffe0 SHA512 e660cf0c5a8713f36063f71300741d7fb684f41e29d44d69819bdccd57ba1b37c00ee92066128c3c838fd2a2648264e7d44168373ea98314a3c0306c5ec02ff5
|
||||
DIST genpatches-6.1-77.base.tar.xz 4198960 BLAKE2B 9c6921ca87ec2c3338107a994d6e094c6bf4ca5a705f21b3efa2803454327782ccf2cefa78b2a1bfa59413402d5d89b757a5522b86943c8c8c5d97592138758a SHA512 34daab45df35b30a5bc155aa82b074f6516bb1af7b2976590f88d88e25f6e8ae369fd1299f7e2f645c045b29d6b805dd07291ab45c212a9aa27df566dd6aca96
|
||||
DIST genpatches-6.1-77.extras.tar.xz 3816 BLAKE2B 2129b36991f127c4bb4783a535a2d58bbe8ba9f4f139f7b70bf41a1c54bc2ac9026cdf3e3662f47c28118844ff40b6ad1c8da1c5fa8f1f4edc768fa69cae2083 SHA512 1de0ce45d9a0a1555faa92842f884cbaed8f5e727e4e59cbafc31326c9a183acc4954b2cdba1bec2019466545870ead8b5300f419533e30386aa2a36f6606a9a
|
||||
DIST genpatches-6.6-54.base.tar.xz 2922380 BLAKE2B f65404127bb6547208aeddac1996a4a2659bd99ff7429bcaff28247a867c000e962457725eab80db2c76297f1e5c27806dc6fb23e31d5694b6df783e65995227 SHA512 102f721f87478ad18599bb5ff65cd236180dd3d9d058786a5306cb36be3f30a2d2ef684e83b6f458d4de78a196323e87d346eba704bfbce733010aed6ac3d7f9
|
||||
DIST genpatches-6.6-54.extras.tar.xz 4060 BLAKE2B 22ea7d143bfe168bc5d9d30832423bcd33b49c1b3b5ddf031000d7d9fce96f6fa0fb1d06fd33b27a5de9c9f3833a139557f0ed7408ef12b23568784ff38ca7a9 SHA512 1b1a229b5923e7f3426139b17608b5feae6061313f7aea66de23f09a54696def39bf4b384c4e884a3e5c758c08e04dcfe1ab7f2aa331db74b59f5e511c6f2c5b
|
||||
DIST gentoo-kernel-config-g13.tar.gz 5759 BLAKE2B 831f89078e539c8b4ce244528dfd847c12a45b52d540eb10d85ec0d9deb1c14288d8de12456865c92d16e3523ec3595676787a8f3b79545d76870b0fb68deb5d SHA512 2a7230cce57a67e3333f9a88a311afe4a928e27ce76036747451cb77d3186569ad11d7a5b827748ad53290a17ad63637a8362ca896516f85ff0944a8d68265a6
|
||||
DIST kernel-aarch64-fedora.config.6.6.12-gentoo 271041 BLAKE2B 5af7c2f57cd6cd9230d9ab1a539a4b12b02cfdd777f5921b2d69329b171060a8085909a60eed9916aea504e8d9c9d1e907a61f0c6681ac75d5c64864052f821e SHA512 f744444f2840020dce2dc8473e3e562fa53ac1c34a641a9f322c2c7efd8fc4d9b3677479d3a31e705fa60beff0b1beca79ab78ad7dd4b6633d4499bebbfc76bd
|
||||
DIST kernel-i686-fedora.config.6.6.12-gentoo 242515 BLAKE2B dbb4df93a5c8ee34d687262cced152a07f412a89ef2e8122429477633424fdac80809ed57a5a6de72de05313ec91f266d37c3494426099621d047c0561ccb57e SHA512 a65fe3299b6d8f89373937d2a782aa1469ebf18954b00bbf2798cee952b9946d7fead795388c079cb508f6d431e49b2812fb6d845c8a0e3861a4a3bd11e81968
|
||||
DIST kernel-ppc64le-fedora.config.6.6.12-gentoo 232147 BLAKE2B d67c2ab2d089ecdde3879129d2b1f85a592adae811ed053d00d4ff120e6bb44546bb41d74817be558adb1d669d06f3dd50e6ea542c8a9c2f13672f77f4e4eed5 SHA512 b130b4c57959c0f7be983334b08354640d5e2946bfdd956d6c5b895f816f6177d5fa4bb1c4382cca5c4dd4723aac42e9e89a002b71d86f4eb30f755008f8f9af
|
||||
DIST kernel-x86_64-fedora.config.6.6.12-gentoo 243607 BLAKE2B 7e670d37c6471e50aa0ba395570cd0173af0210afe63faa48d7a147327110652e3aab5c339cf10ed22a6a20e81e505aee84311beb21fda3eb577e06ea55ecac8 SHA512 c484403a60670dd006ecbe65240cb00d97e8b3fe22d1169c5b6ccb92bcdbddb3ecd474d2b57880b30baf6a38bcef11fc8d56b8b0b02fcddd859833c3640cdc9c
|
||||
DIST linux-6.1.tar.xz 134728520 BLAKE2B ae60257860b2bd1bd708d183f0443afc60ebbd2b3d535c45e44c2e541bd0928530a3b62de6385dd4e4726ebbedcc0a871d4f3ffb4105b9f1f6d8ed7467f5688e SHA512 6ed2a73c2699d0810e54753715635736fc370288ad5ce95c594f2379959b0e418665cd71bc512a0273fe226fe90074d8b10d14c209080a6466498417a4fdda68
|
||||
DIST linux-6.6.tar.xz 140064536 BLAKE2B 5f02fd8696d42f7ec8c5fbadec8e7270bdcfcb1f9844a6c4db3e1fd461c93ce1ccda650ca72dceb4890ebcbbf768ba8fba0bce91efc49fbd2c307b04e95665f2 SHA512 458b2c34d46206f9b4ccbac54cc57aeca1eaecaf831bc441e59701bac6eadffc17f6ce24af6eadd0454964e843186539ac0d63295ad2cc32d112b60360c39a35
|
||||
DIST linux-hardened-6.1.69-hardened1.patch 100238 BLAKE2B 4f5165e261273e040bf4a12e6759ce817e30560562ae129ed2fa76fc20ffc510f8380a1221c743c59b0d1e4c811fa704941bc1a6c02b243857eaaba1ecaebce5 SHA512 17813e6b55a2f6e614a2ec80ceac3cb14fd3beb807cd594dcb47df5456f6b8a5d6396b131cbdabb0582e47b0a7771b0444e97f77d5e57fd899e60550a2c32b01
|
||||
DIST linux-hardened-v6.6.47-hardened1.patch 98378 BLAKE2B 8a27a23f968313f3ce30a2654b953ba4e9605ca59cf1203acf9e658a7d6c2af130fcba6f41f11915831ac822d2d53db08b5566e7458e45dd8326725c29a945fb SHA512 267302e27742b502507d04fb12ecb6d3d9e5cd20c2899309408f7dfe4cf88136466005329a2e7c190259dba9b2f4e5d3d575b81acc8a5cc2a3f5b998f20a125c
|
||||
EBUILD hardened-kernel-6.1.69.ebuild 2978 BLAKE2B 70f353bd642de513cfd448c763aafa8a98deb0bfbd652d4ca63cff103af370bf851eded7d7a1597de08ae177b72932f5832be0f0c1d02aaac3794b2ed99f7ad1 SHA512 f0df36ced965c4b4ff077f87705f76e18912f302edfff7eeabf52f7905e75432957e68925a6d0b393d6347139c5fd9494bcdbef4d1e9a06af00c49f3c9f9e997
|
||||
EBUILD hardened-kernel-6.6.47.ebuild 4163 BLAKE2B a7ed6eb04686511b69bce2b9419f544650a8986df348674e3cbf75bafd3f702f81bea7b62849c9cfca64605fb8bb1658d9fe67da380bbebf70c0447709492d6a SHA512 baf1ac31aca2c0680daff980a96685bc39e62595154004c7c3e675d48e6e9e01cdc9569d642cab835b574a9247ecda8d6d8d8efc3201060a0da57b41c6943284
|
||||
MISC metadata.xml 345 BLAKE2B 4003222d76459210cbeba27d68bcef9b42f500dd3dafe53505dae42004c5224eeae395fb30d7582de614654d2fde19d118c8c31fbc35e5335c9150d93f42efc9 SHA512 994d288cd16858bad3177d383a279f0f549ddf40ef87c62683815540b331bd48d4afa4d0c6af947e409c58f8abb5e1da045bb98dc00a422ea724cdf0610d6619
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -0,0 +1,137 @@
|
|||
# Copyright 2020-2024 Gentoo Authors
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
EAPI=8
|
||||
|
||||
KERNEL_IUSE_GENERIC_UKI=1
|
||||
KERNEL_IUSE_MODULES_SIGN=1
|
||||
|
||||
inherit kernel-build toolchain-funcs
|
||||
|
||||
MY_P=linux-${PV%.*}
|
||||
GENPATCHES_P=genpatches-${PV%.*}-$(( ${PV##*.} + 7 ))
|
||||
CONFIG_VER=6.6.12-gentoo
|
||||
GENTOO_CONFIG_VER=g13
|
||||
HARDENED_PATCH_VER="${PV}-hardened1"
|
||||
GENPATCHES_EXCLUDE="1500_XATTR_USER_PREFIX.patch
|
||||
1510_fs-enable-link-security-restrictions-by-default.patch
|
||||
2900_dev-root-proc-mount-fix.patch
|
||||
4200_fbcondecor.patch
|
||||
4400_alpha-sysctl-uac.patch"
|
||||
|
||||
DESCRIPTION="Linux kernel built with Gentoo patches"
|
||||
HOMEPAGE="
|
||||
https://wiki.gentoo.org/wiki/Project:Distribution_Kernel
|
||||
https://www.kernel.org/
|
||||
"
|
||||
SRC_URI+="
|
||||
https://cdn.kernel.org/pub/linux/kernel/v$(ver_cut 1).x/${MY_P}.tar.xz
|
||||
https://dev.gentoo.org/~mpagano/dist/genpatches/${GENPATCHES_P}.base.tar.xz
|
||||
https://dev.gentoo.org/~mpagano/dist/genpatches/${GENPATCHES_P}.extras.tar.xz
|
||||
https://github.com/anthraxx/linux-hardened/releases/download/v${HARDENED_PATCH_VER}/linux-hardened-v${HARDENED_PATCH_VER}.patch
|
||||
https://github.com/projg2/gentoo-kernel-config/archive/${GENTOO_CONFIG_VER}.tar.gz
|
||||
-> gentoo-kernel-config-${GENTOO_CONFIG_VER}.tar.gz
|
||||
amd64? (
|
||||
https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-x86_64-fedora.config
|
||||
-> kernel-x86_64-fedora.config.${CONFIG_VER}
|
||||
)
|
||||
arm64? (
|
||||
https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-aarch64-fedora.config
|
||||
-> kernel-aarch64-fedora.config.${CONFIG_VER}
|
||||
)
|
||||
ppc64? (
|
||||
https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-ppc64le-fedora.config
|
||||
-> kernel-ppc64le-fedora.config.${CONFIG_VER}
|
||||
)
|
||||
x86? (
|
||||
https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-i686-fedora.config
|
||||
-> kernel-i686-fedora.config.${CONFIG_VER}
|
||||
)
|
||||
"
|
||||
S=${WORKDIR}/${MY_P}
|
||||
|
||||
KEYWORDS="amd64 ~arm arm64 ~hppa ~loong ~ppc ppc64 ~riscv ~sparc x86"
|
||||
IUSE="debug"
|
||||
REQUIRED_USE="
|
||||
arm? ( savedconfig )
|
||||
hppa? ( savedconfig )
|
||||
riscv? ( savedconfig )
|
||||
sparc? ( savedconfig )
|
||||
"
|
||||
|
||||
RDEPEND="
|
||||
!sys-kernel/gentoo-kernel-bin:${SLOT}
|
||||
"
|
||||
BDEPEND="
|
||||
debug? ( dev-util/pahole )
|
||||
"
|
||||
PDEPEND="
|
||||
>=virtual/dist-kernel-${PV}
|
||||
"
|
||||
|
||||
QA_FLAGS_IGNORED="
|
||||
usr/src/linux-.*/scripts/gcc-plugins/.*.so
|
||||
usr/src/linux-.*/vmlinux
|
||||
usr/src/linux-.*/arch/powerpc/kernel/vdso.*/vdso.*.so.dbg
|
||||
"
|
||||
|
||||
src_prepare() {
|
||||
# remove some genpatches causes conflicts with linux-hardened patch
|
||||
for patch in ${GENPATCHES_EXCLUDE}; do
|
||||
rm -f ${WORKDIR}/${patch}
|
||||
done
|
||||
# Remove already exists changes in linux-hardened patch
|
||||
sed -i '322,337d' "${WORKDIR}/4567_distro-Gentoo-Kconfig.patch"
|
||||
# include linux-hardened patch with priority
|
||||
cp ${DISTDIR}/linux-hardened-v${HARDENED_PATCH_VER}.patch ${WORKDIR}/1199_linux-hardened-${HARDENED_PATCH_VER}.patch
|
||||
# copy Clear Linux patches
|
||||
if [ -d "${FILESDIR}"/${MY_P} ]; then
|
||||
cp "${FILESDIR}"/${MY_P}/*.patch ${WORKDIR}/
|
||||
fi
|
||||
|
||||
local PATCHES=(
|
||||
# meh, genpatches have no directory
|
||||
"${WORKDIR}"/*.patch
|
||||
)
|
||||
default
|
||||
|
||||
local biendian=false
|
||||
|
||||
# prepare the default config
|
||||
case ${ARCH} in
|
||||
amd64)
|
||||
cp "${FILESDIR}/linux-6.6.amd64.config" .config || die
|
||||
;;
|
||||
*)
|
||||
die "Unsupported arch ${ARCH}"
|
||||
;;
|
||||
esac
|
||||
|
||||
local myversion="-hardened"
|
||||
echo "CONFIG_LOCALVERSION=\"${myversion}\"" > "${T}"/version.config || die
|
||||
local dist_conf_path="${WORKDIR}/gentoo-kernel-config-${GENTOO_CONFIG_VER}"
|
||||
|
||||
local merge_configs=(
|
||||
"${T}"/version.config
|
||||
)
|
||||
use debug || merge_configs+=(
|
||||
"${dist_conf_path}"/no-debug.config
|
||||
)
|
||||
|
||||
merge_configs+=( "${dist_conf_path}"/hardened-base.config )
|
||||
|
||||
tc-is-gcc && merge_configs+=( "${dist_conf_path}"/hardened-gcc-plugins.config )
|
||||
|
||||
if [[ -f "${dist_conf_path}/hardened-${ARCH}.config" ]]; then
|
||||
merge_configs+=( "${dist_conf_path}/hardened-${ARCH}.config" )
|
||||
fi
|
||||
|
||||
# this covers ppc64 and aarch64_be only for now
|
||||
if [[ ${biendian} == true && $(tc-endian) == big ]]; then
|
||||
merge_configs+=( "${dist_conf_path}/big-endian.config" )
|
||||
fi
|
||||
|
||||
use secureboot && merge_configs+=( "${dist_conf_path}/secureboot.config" )
|
||||
|
||||
kernel-build_merge_configs "${merge_configs[@]}"
|
||||
}
|
||||
Loading…
Reference in New Issue