patch for hardened

Package-Manager: portage-2.1.10.49/cvs/Linux x86_64
author: Vadim Kuznetsov <vadimk@gentoo.org> 2012-03-24 12:37:01 +0000
committer: Vadim Kuznetsov <vadimk@gentoo.org> 2012-03-24 12:37:01 +0000
commit: 0a92fd6f490ea8b9d68450b3d61a4c261a971ff6 (patch)
tree: cf403a02f64ea88920cbdfd4f4ba3f703c5e99e6 /app-emulation
parent: Add Prefix keywords (diff)
download: historical-0a92fd6f490ea8b9d68450b3d61a4c261a971ff6.tar.gz
historical-0a92fd6f490ea8b9d68450b3d61a4c261a971ff6.tar.bz2
historical-0a92fd6f490ea8b9d68450b3d61a4c261a971ff6.zip
5 files changed, 184 insertions, 88 deletions
diff --git a/app-emulation/vmware-modules/ChangeLog b/app-emulation/vmware-modules/ChangeLog
index e107a0a9e80d..6365aadbe3f6 100644
--- a/app-emulation/vmware-modules/ChangeLog
+++ b/app-emulation/vmware-modules/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for app-emulation/vmware-modules
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/vmware-modules/ChangeLog,v 1.89 2012/03/12 13:36:34 vadimk Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/vmware-modules/ChangeLog,v 1.90 2012/03/24 12:37:01 vadimk Exp $
+
+  24 Mar 2012; Vadim Kuznetsov <vadimk@gentoo.org> +files/hardened.patch,
+  -vmware-modules-264.1.ebuild, vmware-modules-264.2.ebuild:
+  patch for hardened
 
   12 Mar 2012; Vadim Kuznetsov <vadimk@gentoo.org> +files/264.2-3.2.0.patch:
   missing patch
diff --git a/app-emulation/vmware-modules/Manifest b/app-emulation/vmware-modules/Manifest
index 55e47c548e25..a59141b269f5 100644
--- a/app-emulation/vmware-modules/Manifest
+++ b/app-emulation/vmware-modules/Manifest
@@ -15,15 +15,15 @@ AUX 264-makefile-include.patch 2501 RMD160 da46f1229097539c7272d421f4d50b322e4d6
 AUX 264-makefile-kernel-dir.patch 2201 RMD160 22b81e2c3c347ac6bad3afef15eea31250c34f2a SHA1 033160ded8fda76e6f016040cc4bb3f4ca0dd603 SHA256 780b79fcc6e8e836632f4542ac6c3da2d475b3ad1e2e88e1c51aea849a5172c7
 AUX 264-netdevice.patch 833 RMD160 552fa78378ac721865a0629a4a29318a11e6b1bd SHA1 16d95a575ea14de67d11f4faf72842c3edb96dea SHA256 8f17ce379abda45a8f94e1dcd6e43367273f97f76edd41f9941beb3b1730a751
 AUX 264.2-3.2.0.patch 2949 RMD160 e343db72eeb80e43ab5fbd5b4c2efebcb81c2c5e SHA1 bf88b0be9fcdc9705de846452d44833e0b146c11 SHA256 4105952362a9bf8a054df1c23f2562e86f79b3bef70696422548c01db248c1b0
+AUX hardened.patch 5052 RMD160 818caeb51a5fa7aae556e465beadc0ff684b54a7 SHA1 8a5feac39756fd476c087af247e853b0321a4823 SHA256 191cf892bfb9a6288d110191de824bf6243bc6f48f1e62ab49f3582c7ade5af6
 EBUILD vmware-modules-238.5.ebuild 2087 RMD160 6770e9125947e21472749ce723d5bbb201b5c345 SHA1 5d0e2337a14f7b572f0fbc400ab8fc52124d6009 SHA256 531581204310b9fd300f8ddd1125ed39d89cc8d9b8412c4cde2192e81e900df4
-EBUILD vmware-modules-264.1.ebuild 1947 RMD160 462c55f79892966bbef1f0c505092b9c8b579abc SHA1 d63b451316f54854188bcc71185bfeeb92761325 SHA256 8fc6e05da6208ee6652ef316e4b46e059a8e27cc7c4d87260f668bdfa77c5103
-EBUILD vmware-modules-264.2.ebuild 1941 RMD160 ad9cc388f6d82f8b7f33f9a3032036aed448be0f SHA1 95d3da2a3f25625ba6497a42fe4f06008fa2782a SHA256 3813bf34959246399ebaf64aac5bdb5ff746b9b39a4b739a1dc3a3b98fd96b5c
-MISC ChangeLog 19799 RMD160 1fc2a4f4fd4e5d9434f89282692e94d1836f31d8 SHA1 25af5293efd78d7f665c2f3cfd44878b5e2b21d1 SHA256 0a6b400ad62969e7cce4a4f337526f756023851d155eb87d7af4174bf56564f2
+EBUILD vmware-modules-264.2.ebuild 2002 RMD160 3993ec3151bed5952b2e3aafc4895e0129b194c8 SHA1 70bbfd5ff28260190cb0616ed273895ca3bc985d SHA256 1233042298377c5d3263aeed09ac8e48688f16491942f9794c8da585bc0c4146
+MISC ChangeLog 19956 RMD160 11da4b9216e445bc8e080283fe4c9b04223e3f52 SHA1 4d48cfd9392ebb4ab06e81b084ad0b7511c666eb SHA256 c59bc563db0db22278509ee0c1d842e8adfd7faacb7e5a43305864ca23a1016d
 MISC metadata.xml 288 RMD160 da2ee1499dd87693b63592a337d8352494cb9652 SHA1 e1b50a587afb7878e21828a957a6838e7d08e4e8 SHA256 100017b3059be218965923798780ab195dafaa893f98088592fb5b299e686c37
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.18 (GNU/Linux)
 
-iEYEARECAAYFAk9d+/EACgkQiLKviuHfItVzDACgxTnnEaDbw6K/dsEZA908CRRy
-ELoAoMMNy1vAfipweLn1Kr1g56VkJZsC
-=Q2ah
+iEYEARECAAYFAk9tv/wACgkQiLKviuHfItX6WgCdEMeyfUWSRVfG/JwnlarjTM04
+GlcAn2chmvU2IgnRCutp5ulmJpIf925B
+=cACV
 -----END PGP SIGNATURE-----
diff --git a/app-emulation/vmware-modules/files/hardened.patch b/app-emulation/vmware-modules/files/hardened.patch
new file mode 100644
index 000000000000..ea1b0f300751
--- /dev/null
+++ b/app-emulation/vmware-modules/files/hardened.patch
@@ -0,0 +1,170 @@
+diff --git a/vmci-only/linux/driver.c b/vmci-only/linux/driver.c
+index 921f25c..41a39e3 100644
+--- a/vmci-only/linux/driver.c
++++ b/vmci-only/linux/driver.c
+@@ -241,7 +241,24 @@ static unsigned int LinuxDriverPoll(struct file *file, poll_table *wait);
+ #define LinuxDriverUnlockIoctlPerFD(mutex) do {} while (0)
+ #endif
+ 
+-static struct file_operations vmuser_fops;
++/*
++ * Moved file operations initialize here because of incompatibilites
++ * with Gentoo hardened profile/hardend Linux 3.
++ */
++static struct file_operations vmuser_fops = {
++    .owner = THIS_MODULE,
++    .poll = LinuxDriverPoll,
++#ifdef HAVE_UNLOCKED_IOCTL
++    .unlocked_ioctl = LinuxDriver_UnlockedIoctl,
++#else
++    .ioctl = LinuxDriver_Ioctl,
++#endif
++#ifdef HAVE_COMPAT_IOCTL
++    .compat_ioctl = LinuxDriver_UnlockedIoctl,
++#endif
++    .open = LinuxDriver_Open,
++    .release = LinuxDriver_Close
++};
+ 
+ 
+ /*
+@@ -378,26 +395,6 @@ vmci_host_init(void)
+       return -ENOMEM;
+    }
+ 
+-   /*
+-    * Initialize the file_operations structure. Because this code is always
+-    * compiled as a module, this is fine to do it here and not in a static
+-    * initializer.
+-    */
+-
+-   memset(&vmuser_fops, 0, sizeof vmuser_fops);
+-   vmuser_fops.owner = THIS_MODULE;
+-   vmuser_fops.poll = LinuxDriverPoll;
+-#ifdef HAVE_UNLOCKED_IOCTL
+-   vmuser_fops.unlocked_ioctl = LinuxDriver_UnlockedIoctl;
+-#else
+-   vmuser_fops.ioctl = LinuxDriver_Ioctl;
+-#endif
+-#ifdef HAVE_COMPAT_IOCTL
+-   vmuser_fops.compat_ioctl = LinuxDriver_UnlockedIoctl;
+-#endif
+-   vmuser_fops.open = LinuxDriver_Open;
+-   vmuser_fops.release = LinuxDriver_Close;
+-
+    sprintf(linuxState.deviceName, "vmci");
+    linuxState.major = 10;
+    linuxState.misc.minor = MISC_DYNAMIC_MINOR;
+diff --git a/vmmon-only/linux/driver.c b/vmmon-only/linux/driver.c
+index b21dd44..960c2aa 100644
+--- a/vmmon-only/linux/driver.c
++++ b/vmmon-only/linux/driver.c
+@@ -178,7 +178,22 @@ static struct vm_operations_struct vmuser_mops = {
+ #endif
+ };
+ 
+-static struct file_operations vmuser_fops;
++static struct file_operations vmuser_fops = {
++   .owner = THIS_MODULE,
++   .poll = LinuxDriverPoll,
++#ifdef HAVE_UNLOCKED_IOCTL
++   .unlocked_ioctl = LinuxDriver_UnlockedIoctl,
++#else
++   .ioctl = LinuxDriver_Ioctl,
++#endif
++#ifdef HAVE_COMPAT_IOCTL
++   .compat_ioctl = LinuxDriver_UnlockedIoctl,
++#endif
++   .open = LinuxDriver_Open,
++   .release = LinuxDriver_Close,
++   .mmap = LinuxDriverMmap
++};
++
+ static struct timer_list tscTimer;
+ 
+ /*
+@@ -357,27 +372,6 @@ init_module(void)
+    spin_lock_init(&linuxState.pollListLock);
+ #endif
+ 
+-   /*
+-    * Initialize the file_operations structure. Because this code is always
+-    * compiled as a module, this is fine to do it here and not in a static
+-    * initializer.
+-    */
+-
+-   memset(&vmuser_fops, 0, sizeof vmuser_fops);
+-   vmuser_fops.owner = THIS_MODULE;
+-   vmuser_fops.poll = LinuxDriverPoll;
+-#ifdef HAVE_UNLOCKED_IOCTL
+-   vmuser_fops.unlocked_ioctl = LinuxDriver_UnlockedIoctl;
+-#else
+-   vmuser_fops.ioctl = LinuxDriver_Ioctl;
+-#endif
+-#ifdef HAVE_COMPAT_IOCTL
+-   vmuser_fops.compat_ioctl = LinuxDriver_UnlockedIoctl;
+-#endif
+-   vmuser_fops.open = LinuxDriver_Open;
+-   vmuser_fops.release = LinuxDriver_Close;
+-   vmuser_fops.mmap = LinuxDriverMmap;
+-
+ #ifdef VMX86_DEVEL
+    devel_init_module();
+    linuxState.minor = 0;
+diff --git a/vmnet-only/driver.c b/vmnet-only/driver.c
+index b12b982..40bd4cf 100644
+--- a/vmnet-only/driver.c
++++ b/vmnet-only/driver.c
+@@ -165,7 +165,22 @@ static long  VNetFileOpUnlockedIoctl(struct file * filp,
+                                      unsigned int iocmd, unsigned long ioarg);
+ #endif
+ 
+-static struct file_operations vnetFileOps;
++static struct file_operations vnetFileOps = {
++   .owner = THIS_MODULE,
++   .read = VNetFileOpRead,
++   .write = VNetFileOpWrite,
++   .poll = VNetFileOpPoll,
++#ifdef HAVE_UNLOCKED_IOCTL
++   .unlocked_ioctl = VNetFileOpUnlockedIoctl,
++#else
++   .ioctl = VNetFileOpIoctl,
++#endif
++#ifdef HAVE_COMPAT_IOCTL
++   .compat_ioctl = VNetFileOpUnlockedIoctl,
++#endif
++   .open = VNetFileOpOpen,
++   .release = VNetFileOpClose
++};
+ 
+ /*
+  * Utility functions
+@@ -476,28 +491,6 @@ init_module(void)
+       goto err_proto;
+    }
+ 
+-   /*
+-    * Initialize the file_operations structure. Because this code is always
+-    * compiled as a module, this is fine to do it here and not in a static
+-    * initializer.
+-    */
+-
+-   memset(&vnetFileOps, 0, sizeof vnetFileOps);
+-   vnetFileOps.owner = THIS_MODULE;
+-   vnetFileOps.read = VNetFileOpRead;
+-   vnetFileOps.write = VNetFileOpWrite;
+-   vnetFileOps.poll = VNetFileOpPoll;
+-#ifdef HAVE_UNLOCKED_IOCTL
+-   vnetFileOps.unlocked_ioctl = VNetFileOpUnlockedIoctl;
+-#else
+-   vnetFileOps.ioctl = VNetFileOpIoctl;
+-#endif
+-#ifdef HAVE_COMPAT_IOCTL
+-   vnetFileOps.compat_ioctl = VNetFileOpUnlockedIoctl;
+-#endif
+-   vnetFileOps.open = VNetFileOpOpen;
+-   vnetFileOps.release = VNetFileOpClose;
+-
+    retval = register_chrdev(VNET_MAJOR_NUMBER, "vmnet", &vnetFileOps);
+    if (retval) {
+       LOG(0, (KERN_NOTICE "/dev/vmnet: could not register major device %d\n",
diff --git a/app-emulation/vmware-modules/vmware-modules-264.1.ebuild b/app-emulation/vmware-modules/vmware-modules-264.1.ebuild
deleted file mode 100644
index a35a17403423..000000000000
--- a/app-emulation/vmware-modules/vmware-modules-264.1.ebuild
+++ /dev/null
@@ -1,79 +0,0 @@
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/vmware-modules/vmware-modules-264.1.ebuild,v 1.2 2012/01/06 14:30:38 vadimk Exp $
-
-EAPI="2"
-
-inherit eutils flag-o-matic linux-info linux-mod versionator
-
-PV_MAJOR=$(get_major_version)
-PV_MINOR=$(get_version_component_range 2)
-
-DESCRIPTION="VMware kernel modules"
-HOMEPAGE="http://www.vmware.com/"
-
-SRC_URI=""
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-
-RDEPEND=""
-DEPEND="${RDEPEND}
-	|| ( =app-emulation/vmware-player-4.0.${PV_MINOR}*
-	=app-emulation/vmware-workstation-8.0.${PV_MINOR}* )"
-
-S=${WORKDIR}
-
-pkg_setup() {
-	CONFIG_CHECK="~HIGH_RES_TIMERS"
-	if kernel_is ge 2 6 37 && kernel_is lt 2 6 39; then
-		CONFIG_CHECK="${CONFIG_CHECK} BKL"
-	fi
-
-	linux-info_pkg_setup
-
-	linux-mod_pkg_setup
-
-	VMWARE_GROUP=${VMWARE_GROUP:-vmware}
-
-	VMWARE_MODULE_LIST="vmblock vmci vmmon vmnet vsock"
-	VMWARE_MOD_DIR="${PN}-${PVR}"
-
-	BUILD_TARGETS="auto-build KERNEL_DIR=${KERNEL_DIR} KBUILD_OUTPUT=${KV_OUT_DIR}"
-
-	enewgroup "${VMWARE_GROUP}"
-	filter-flags -mfpmath=sse
-
-	for mod in ${VMWARE_MODULE_LIST}; do
-		MODULE_NAMES="${MODULE_NAMES} ${mod}(misc:${S}/${mod}-only)"
-	done
-}
-
-src_unpack() {
-	cd "${S}"
-	for mod in ${VMWARE_MODULE_LIST}; do
-		tar -xf /opt/vmware/lib/vmware/modules/source/${mod}.tar
-	done
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PV_MAJOR}-makefile-kernel-dir.patch"
-	epatch "${FILESDIR}/${PV_MAJOR}-makefile-include.patch"
-	epatch "${FILESDIR}/${PV_MAJOR}-jobserver.patch"
-	epatch "${FILESDIR}/${PV_MAJOR}-netdevice.patch"
-	epatch "${FILESDIR}/${PV_MAJOR}-3.2.0.patch"
-}
-
-src_install() {
-	linux-mod_src_install
-	local udevrules="${T}/60-vmware.rules"
-	cat > "${udevrules}" <<-EOF
-		KERNEL=="vmci",  GROUP="vmware", MODE=660
-		KERNEL=="vmmon", GROUP="vmware", MODE=660
-		KERNEL=="vsock", GROUP="vmware", MODE=660
-	EOF
-	insinto /etc/udev/rules.d/
-	doins "${udevrules}"
-}
diff --git a/app-emulation/vmware-modules/vmware-modules-264.2.ebuild b/app-emulation/vmware-modules/vmware-modules-264.2.ebuild
index bf691eca924d..48f13ceaa9f7 100644
--- a/app-emulation/vmware-modules/vmware-modules-264.2.ebuild
+++ b/app-emulation/vmware-modules/vmware-modules-264.2.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/vmware-modules/vmware-modules-264.2.ebuild,v 1.1 2012/03/10 14:17:50 vadimk Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/vmware-modules/vmware-modules-264.2.ebuild,v 1.2 2012/03/24 12:37:01 vadimk Exp $
 
 EAPI="2"
 
@@ -17,7 +17,7 @@ SRC_URI=""
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~amd64 ~x86"
-IUSE=""
+IUSE="hardened"
 
 RDEPEND=""
 DEPEND="${RDEPEND}
@@ -64,6 +64,7 @@ src_prepare() {
 	epatch "${FILESDIR}/${PV_MAJOR}-jobserver.patch"
 	epatch "${FILESDIR}/${PV_MAJOR}-netdevice.patch"
 	epatch "${FILESDIR}/${PV}-3.2.0.patch"
+	use hardened && epatch "${FILESDIR}/hardened.patch"
 }
 
 src_install() {
author	Vadim Kuznetsov <vadimk@gentoo.org>	2012-03-24 12:37:01 +0000
committer	Vadim Kuznetsov <vadimk@gentoo.org>	2012-03-24 12:37:01 +0000
commit	0a92fd6f490ea8b9d68450b3d61a4c261a971ff6 (patch)
tree	cf403a02f64ea88920cbdfd4f4ba3f703c5e99e6 /app-emulation
parent	Add Prefix keywords (diff)
download	historical-0a92fd6f490ea8b9d68450b3d61a4c261a971ff6.tar.gz historical-0a92fd6f490ea8b9d68450b3d61a4c261a971ff6.tar.bz2 historical-0a92fd6f490ea8b9d68450b3d61a4c261a971ff6.zip