diff options
| author |   Michał Górny <mgorny@gentoo.org> | 2023-05-11 10:01:55 +0200 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2023-05-11 21:26:04 +0200 |
| commit | c6792cc996391619762b895db53b5ee789d81b33 (patch) | |
| tree | e3438edd102754914adaf3ea419c57350f890dd2 /sys-kernel | |
| parent | games-emulation/mgba: Stabilize 0.10.2 x86, #906159 (diff) | |
| download | gentoo-c6792cc996391619762b895db53b5ee789d81b33.tar.gz gentoo-c6792cc996391619762b895db53b5ee789d81b33.tar.bz2 gentoo-c6792cc996391619762b895db53b5ee789d81b33.zip | |
sys-kernel/gentoo-kernel: Backport CVE-2023-32233 fix to 6.2.14-r2
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'sys-kernel')
| -rw-r--r-- | sys-kernel/gentoo-kernel/Manifest | 2 | ||||
| -rw-r--r-- | sys-kernel/gentoo-kernel/gentoo-kernel-6.2.14-r2.ebuild | 140 |
2 files changed, 142 insertions, 0 deletions
diff --git a/sys-kernel/gentoo-kernel/Manifest b/sys-kernel/gentoo-kernel/Manifest index 8f23f864d268..594c8115578f 100644 --- a/sys-kernel/gentoo-kernel/Manifest +++ b/sys-kernel/gentoo-kernel/Manifest @@ -22,6 +22,8 @@ DIST genpatches-6.2-15.base.tar.xz 763032 BLAKE2B b933b63ddc6d19f47ba58d5a5884ff DIST genpatches-6.2-15.extras.tar.xz 3808 BLAKE2B 6134125180afd914169eb329f5d9ec8f3f9fbd3ff61a0266200defdae573a62b39ba557c2a815229344ac762786715a6193ce3cb9c3ed08d07a87d83427ab107 SHA512 857e513619ab77e79461a337c02e9fa9fbb63ee9a837eef438b1e5af3c8c856867c738b0b28f21a8035a5e1b963eb8c13507223ad6a251f5320da67aeaeb595d DIST genpatches-6.2-16.base.tar.xz 768864 BLAKE2B e852e0feb635be67bbf0da77ca6c946abb4fdad1b7b6a6e72c350b7705c4c1edeaa152f8b5ab70e4089bec80de805dc4a506ca60f74f53d3572b3ad0214bcec8 SHA512 2ea683e51835696d825977f65d93b9c25259f59499669bbddbfadc1573e6510b46e916c4e4922d5c62bd64ecda992615fbdb076f5c50648debfe2f9f05e1974f DIST genpatches-6.2-16.extras.tar.xz 3812 BLAKE2B ffc7e5852ee193ff8bf364ae77394e10c0d9cf8f21ec4f9886d87803be3f6152e632990be009b68f3910ba3e95d7c2bd30c37d6cbf5c49cccf497dffd12f62a5 SHA512 b17df7f12e2c50bfaab0a0a865e1a7687f058e6b4d6fdcd1b107c690e6869e8ad5c127a51ea64b55ce3dc57d74da05fa075f9d99fb3f0b24dbe6dee5d7fb4402 +DIST genpatches-6.2-17.base.tar.xz 769888 BLAKE2B 517466cee5855a4e48a1d055b32b05f78c04931fe2460c57b5fa1aeabda22fd6063826423b951be57863eb50b849852f0b01c089badc030b2b5016a9d9d96502 SHA512 aefa91753cafe7babb994216e97a817318ca65e76087f176c2fd57cc2a41b8380c56966ad60b56567cf9f33b0b4f6386c143fe10ee78ec708ab6abe3e9d3a3fb +DIST genpatches-6.2-17.extras.tar.xz 3808 BLAKE2B 901180e014376c5b043259536379814d23e6af899f25e550368bec932dd23a9c8280c68d1690d7420516807e14e55b4758f811a33c1a6a064699b147383510b2 SHA512 486349288c8b0230167b5985d163f60ead8e636c0eb5fa58e8aa99647427133f5780a823f449956d59f3a8f7bb204d4c37f62f062b9e104607a058b48ae158b0 DIST genpatches-6.3-2.base.tar.xz 8036 BLAKE2B 754d46f15ab113a1bae41d154b47c4cde2a93df9dbc4333b93e7d3abc424ef19dca2993c25705020096ab9d500f794a852c4cff68f29907e7667edbec7503ff6 SHA512 45eb038e9118a2feff7625cefc7bbb96ef4fd8fa29fce118943dbd0685075fbf9c525202879abf6308d7e80e94b8e9704799e3c863105add026c86b97314d580 DIST genpatches-6.3-2.extras.tar.xz 3808 BLAKE2B 6eccde5d3591804ef50d800dc7ec4cb8b2192d805832cde3496c519bf4ff0f9eef62a76f1e77677df66a054ed1f1efe341f71b8f86b185b10145de8200bc2c70 SHA512 8d79b8c2eed3c962a4c8fda80934720a2ee1436d4e42d762d3f945972537491f415aa6b3615f7a81a727bbb239cd0277ecfb18c83a90ba57252674bf135b35f8 DIST genpatches-6.3-3.base.tar.xz 9340 BLAKE2B e163214c2f648a410b6253caf1cd2fa60beff29341cfba23674cf41712e11893c1f9574a1bfc4df797e69900a3a3f18e65399f5be720c58ab32c5780a41891c4 SHA512 8d308cac9a26c32688588fc8aa34f6798f5c0334fa01f3b813922ab46f0d53cde6c94a5c71817f929c5fd4f96741380da1d97c6ba6a3a5091549651c32fc99c9 diff --git a/sys-kernel/gentoo-kernel/gentoo-kernel-6.2.14-r2.ebuild b/sys-kernel/gentoo-kernel/gentoo-kernel-6.2.14-r2.ebuild new file mode 100644 index 000000000000..bdd41390459c --- /dev/null +++ b/sys-kernel/gentoo-kernel/gentoo-kernel-6.2.14-r2.ebuild @@ -0,0 +1,140 @@ +# Copyright 2020-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit kernel-build toolchain-funcs + +MY_P=linux-${PV%.*} +GENPATCHES_P=genpatches-${PV%.*}-$(( ${PV##*.} + 3 )) +# https://koji.fedoraproject.org/koji/packageinfo?packageID=8 +# forked to https://github.com/projg2/fedora-kernel-config-for-gentoo +CONFIG_VER=6.2.6-gentoo +GENTOO_CONFIG_VER=g7 + +DESCRIPTION="Linux kernel built with Gentoo patches" +HOMEPAGE=" + https://wiki.gentoo.org/wiki/Project:Distribution_Kernel + https://www.kernel.org/ +" +SRC_URI+=" + https://cdn.kernel.org/pub/linux/kernel/v$(ver_cut 1).x/${MY_P}.tar.xz + https://dev.gentoo.org/~mpagano/dist/genpatches/${GENPATCHES_P}.base.tar.xz + https://dev.gentoo.org/~mpagano/dist/genpatches/${GENPATCHES_P}.extras.tar.xz + https://github.com/projg2/gentoo-kernel-config/archive/${GENTOO_CONFIG_VER}.tar.gz + -> gentoo-kernel-config-${GENTOO_CONFIG_VER}.tar.gz + amd64? ( + https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-x86_64-fedora.config + -> kernel-x86_64-fedora.config.${CONFIG_VER} + ) + arm64? ( + https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-aarch64-fedora.config + -> kernel-aarch64-fedora.config.${CONFIG_VER} + ) + ppc64? ( + https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-ppc64le-fedora.config + -> kernel-ppc64le-fedora.config.${CONFIG_VER} + ) + x86? ( + https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-i686-fedora.config + -> kernel-i686-fedora.config.${CONFIG_VER} + ) +" +S=${WORKDIR}/${MY_P} + +LICENSE="GPL-2" +KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~riscv ~x86" +IUSE="debug hardened" +REQUIRED_USE="arm? ( savedconfig ) + hppa? ( savedconfig ) + riscv? ( savedconfig )" + +RDEPEND=" + !sys-kernel/gentoo-kernel-bin:${SLOT} +" +BDEPEND=" + debug? ( dev-util/pahole ) +" +PDEPEND=" + >=virtual/dist-kernel-${PV} +" + +QA_FLAGS_IGNORED=" + usr/src/linux-.*/scripts/gcc-plugins/.*.so + usr/src/linux-.*/vmlinux + usr/src/linux-.*/arch/powerpc/kernel/vdso.*/vdso.*.so.dbg +" + +src_prepare() { + local PATCHES=( + # meh, genpatches have no directory + "${WORKDIR}"/*.patch + ) + default + + local biendian=false + + # prepare the default config + case ${ARCH} in + amd64) + cp "${DISTDIR}/kernel-x86_64-fedora.config.${CONFIG_VER}" .config || die + ;; + arm) + return + ;; + arm64) + cp "${DISTDIR}/kernel-aarch64-fedora.config.${CONFIG_VER}" .config || die + biendian=true + ;; + hppa) + return + ;; + ppc) + # assume powermac/powerbook defconfig + # we still package.use.force savedconfig + cp "${WORKDIR}/${MY_P}/arch/powerpc/configs/pmac32_defconfig" .config || die + ;; + ppc64) + cp "${DISTDIR}/kernel-ppc64le-fedora.config.${CONFIG_VER}" .config || die + biendian=true + ;; + riscv) + return + ;; + x86) + cp "${DISTDIR}/kernel-i686-fedora.config.${CONFIG_VER}" .config || die + ;; + *) + die "Unsupported arch ${ARCH}" + ;; + esac + + local myversion="-gentoo-dist" + use hardened && myversion+="-hardened" + echo "CONFIG_LOCALVERSION=\"${myversion}\"" > "${T}"/version.config || die + local dist_conf_path="${WORKDIR}/gentoo-kernel-config-${GENTOO_CONFIG_VER}" + + local merge_configs=( + "${T}"/version.config + "${dist_conf_path}"/base.config + ) + use debug || merge_configs+=( + "${dist_conf_path}"/no-debug.config + ) + if use hardened; then + merge_configs+=( "${dist_conf_path}"/hardened-base.config ) + + tc-is-gcc && merge_configs+=( "${dist_conf_path}"/hardened-gcc-plugins.config ) + + if [[ -f "${dist_conf_path}/hardened-${ARCH}.config" ]]; then + merge_configs+=( "${dist_conf_path}/hardened-${ARCH}.config" ) + fi + fi + + # this covers ppc64 and aarch64_be only for now + if [[ ${biendian} == true && $(tc-endian) == big ]]; then + merge_configs+=( "${dist_conf_path}/big-endian.config" ) + fi + + kernel-build_merge_configs "${merge_configs[@]}" +} |