diff options
| author |   Sam James <sam@gentoo.org> | 2024-08-23 17:08:10 +0100 |
|---|---|---|
| committer | Sam James <sam@gentoo.org> | 2024-08-25 14:56:09 +0100 |
| commit | de67dbf4abdef923ca8f7af0e48d4fcc5b220a96 (patch) | |
| tree | 6e24f284e0b20d27b67da736f548df675a73497d /sys-apps | |
| parent | app-admin/ttyplot: 1.7.0 (diff) | |
| download | gentoo-de67dbf4abdef923ca8f7af0e48d4fcc5b220a96.tar.gz gentoo-de67dbf4abdef923ca8f7af0e48d4fcc5b220a96.tar.bz2 gentoo-de67dbf4abdef923ca8f7af0e48d4fcc5b220a96.zip | |
sys-apps/systemd: wire up BPF support
Clang support is not yet done.
Bug: https://bugs.gentoo.org/917228
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'sys-apps')
| -rw-r--r-- | sys-apps/systemd/files/256-bpf-gcc.patch | 26 | ||||
| -rw-r--r-- | sys-apps/systemd/metadata.xml | 1 | ||||
| -rw-r--r-- | sys-apps/systemd/systemd-256.5.ebuild | 10 | ||||
| -rw-r--r-- | sys-apps/systemd/systemd-9999.ebuild | 9 |
4 files changed, 44 insertions, 2 deletions
diff --git a/sys-apps/systemd/files/256-bpf-gcc.patch b/sys-apps/systemd/files/256-bpf-gcc.patch new file mode 100644 index 000000000000..0570695d397c --- /dev/null +++ b/sys-apps/systemd/files/256-bpf-gcc.patch @@ -0,0 +1,26 @@ +https://github.com/systemd/systemd/commit/dde6f1d7456db7aa72d24b1d6956b419b6f9945c + +From dde6f1d7456db7aa72d24b1d6956b419b6f9945c Mon Sep 17 00:00:00 2001 +From: Sam James <sam@gentoo.org> +Date: Sat, 24 Aug 2024 13:09:47 +0100 +Subject: [PATCH] meson: search for 'bpf-unknown-none' too + +We currently search for 'bpf-gcc' and 'bpf-none-gcc'. Gentoo's +sys-devel/bpf-toolchain package uses 'bpf-unknown-none-gcc', as does Fedora's +cross-binutils. Search for this name too. +--- + meson.build | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/meson.build b/meson.build +index 5e0b666c64b17..fbc2bbdf2f22f 100644 +--- a/meson.build ++++ b/meson.build +@@ -1109,6 +1109,7 @@ else + elif bpf_compiler == 'gcc' + bpf_gcc = find_program('bpf-gcc', + 'bpf-none-gcc', ++ 'bpf-unknown-none-gcc', + required : true, + version : '>= 13.1.0') + bpf_gcc_found = bpf_gcc.found() diff --git a/sys-apps/systemd/metadata.xml b/sys-apps/systemd/metadata.xml index c9b8604a3c68..fea934417f1d 100644 --- a/sys-apps/systemd/metadata.xml +++ b/sys-apps/systemd/metadata.xml @@ -11,6 +11,7 @@ <use> <flag name="audit">Enable support for <pkg>sys-process/audit</pkg></flag> <flag name="boot">Enable EFI boot manager and stub loader</flag> + <flag name="bpf">Enable BPF support for sandboxing and firewalling.</flag> <flag name="cgroup-hybrid">Default to hybrid (legacy) cgroup hierarchy instead of unified (modern).</flag> <flag name="curl">Enable support for uploading journals</flag> <flag name="cryptsetup">Enable cryptsetup tools (includes unit generator for crypttab)</flag> diff --git a/sys-apps/systemd/systemd-256.5.ebuild b/sys-apps/systemd/systemd-256.5.ebuild index 3b8464645eec..1c74d39e00f8 100644 --- a/sys-apps/systemd/systemd-256.5.ebuild +++ b/sys-apps/systemd/systemd-256.5.ebuild @@ -33,7 +33,7 @@ HOMEPAGE="https://systemd.io/" LICENSE="GPL-2 LGPL-2.1 MIT public-domain" SLOT="0/2" IUSE=" - acl apparmor audit boot cgroup-hybrid cryptsetup curl +dns-over-tls elfutils + acl apparmor audit boot bpf cgroup-hybrid cryptsetup curl +dns-over-tls elfutils fido2 +gcrypt gnutls homed http idn importd iptables +kernel-install +kmod +lz4 lzma +openssl pam pcre pkcs11 policykit pwquality qrcode +resolvconf +seccomp selinux split-usr +sysv-utils test tpm ukify vanilla xkb +zstd @@ -158,6 +158,10 @@ BDEPEND=" >=sys-apps/coreutils-8.16 sys-devel/gettext virtual/pkgconfig + bpf? ( + dev-util/bpftool + sys-devel/bpf-toolchain + ) test? ( app-text/tree dev-lang/perl @@ -223,6 +227,7 @@ pkg_pretend() { ~!SYSFS_DEPRECATED_V2" use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL" + use bpf && CONFIG_CHECK+=" ~BPF ~BPF_SYSCALL ~BPF_LSM ~DEBUG_INFO_BTF" use seccomp && CONFIG_CHECK+=" ~SECCOMP ~SECCOMP_FILTER" if kernel_is -ge 5 10 20; then @@ -268,6 +273,7 @@ src_unpack() { src_prepare() { local PATCHES=( "${FILESDIR}/systemd-test-process-util.patch" + "${FILESDIR}/256-bpf-gcc.patch" ) if ! use vanilla; then @@ -311,6 +317,8 @@ multilib_src_configure() { $(meson_native_use_bool apparmor) $(meson_native_use_bool audit) $(meson_native_use_bool boot bootloader) + $(meson_native_use_bool bpf bpf-framework) + -Dbpf-compiler=gcc $(meson_native_use_bool cryptsetup libcryptsetup) $(meson_native_use_bool curl libcurl) $(meson_native_use_bool dns-over-tls dns-over-tls) diff --git a/sys-apps/systemd/systemd-9999.ebuild b/sys-apps/systemd/systemd-9999.ebuild index 3b40a5319500..f11fdab115eb 100644 --- a/sys-apps/systemd/systemd-9999.ebuild +++ b/sys-apps/systemd/systemd-9999.ebuild @@ -33,7 +33,7 @@ HOMEPAGE="https://systemd.io/" LICENSE="GPL-2 LGPL-2.1 MIT public-domain" SLOT="0/2" IUSE=" - acl apparmor audit boot cgroup-hybrid cryptsetup curl +dns-over-tls elfutils + acl apparmor audit boot bpf cgroup-hybrid cryptsetup curl +dns-over-tls elfutils fido2 +gcrypt gnutls homed http idn importd iptables +kernel-install +kmod +lz4 lzma +openssl pam pcre pkcs11 policykit pwquality qrcode +resolvconf +seccomp selinux split-usr +sysv-utils test tpm ukify vanilla xkb +zstd @@ -158,6 +158,10 @@ BDEPEND=" >=sys-apps/coreutils-8.16 sys-devel/gettext virtual/pkgconfig + bpf? ( + dev-util/bpftool + sys-devel/bpf-toolchain + ) test? ( app-text/tree dev-lang/perl @@ -223,6 +227,7 @@ pkg_pretend() { ~!SYSFS_DEPRECATED_V2" use acl && CONFIG_CHECK+=" ~TMPFS_POSIX_ACL" + use bpf && CONFIG_CHECK+=" ~BPF ~BPF_SYSCALL ~BPF_LSM ~DEBUG_INFO_BTF" use seccomp && CONFIG_CHECK+=" ~SECCOMP ~SECCOMP_FILTER" if kernel_is -ge 5 10 20; then @@ -311,6 +316,8 @@ multilib_src_configure() { $(meson_native_use_bool apparmor) $(meson_native_use_bool audit) $(meson_native_use_bool boot bootloader) + $(meson_native_use_bool bpf bpf-framework) + -Dbpf-compiler=gcc $(meson_native_use_bool cryptsetup libcryptsetup) $(meson_native_use_bool curl libcurl) $(meson_native_use_bool dns-over-tls dns-over-tls) |