diff options
| author |   Michał Górny <mgorny@gentoo.org> | 2023-05-11 06:56:07 +0200 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2023-05-11 09:55:43 +0200 |
| commit | f1ae1d391a96cf461a26ee7ff102b84f726dabb0 (patch) | |
| tree | 294692b9b3167cc673aafb8774c8a7ef9779f5af /sys-kernel | |
| parent | dev-python/cvxopt: Add missing dep on dev-python/sphinx-rtd-theme (diff) | |
| download | gentoo-f1ae1d391a96cf461a26ee7ff102b84f726dabb0.tar.gz gentoo-f1ae1d391a96cf461a26ee7ff102b84f726dabb0.tar.bz2 gentoo-f1ae1d391a96cf461a26ee7ff102b84f726dabb0.zip | |
sys-kernel/gentoo-kernel: Backport CVE-2023-32233 fix to 6.3.1-r1
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'sys-kernel')
| -rw-r--r-- | sys-kernel/gentoo-kernel/Manifest | 2 | ||||
| -rw-r--r-- | sys-kernel/gentoo-kernel/gentoo-kernel-6.3.1-r1.ebuild | 140 |
2 files changed, 142 insertions, 0 deletions
diff --git a/sys-kernel/gentoo-kernel/Manifest b/sys-kernel/gentoo-kernel/Manifest index e6cca830897e..8f23f864d268 100644 --- a/sys-kernel/gentoo-kernel/Manifest +++ b/sys-kernel/gentoo-kernel/Manifest @@ -24,6 +24,8 @@ DIST genpatches-6.2-16.base.tar.xz 768864 BLAKE2B e852e0feb635be67bbf0da77ca6c94 DIST genpatches-6.2-16.extras.tar.xz 3812 BLAKE2B ffc7e5852ee193ff8bf364ae77394e10c0d9cf8f21ec4f9886d87803be3f6152e632990be009b68f3910ba3e95d7c2bd30c37d6cbf5c49cccf497dffd12f62a5 SHA512 b17df7f12e2c50bfaab0a0a865e1a7687f058e6b4d6fdcd1b107c690e6869e8ad5c127a51ea64b55ce3dc57d74da05fa075f9d99fb3f0b24dbe6dee5d7fb4402 DIST genpatches-6.3-2.base.tar.xz 8036 BLAKE2B 754d46f15ab113a1bae41d154b47c4cde2a93df9dbc4333b93e7d3abc424ef19dca2993c25705020096ab9d500f794a852c4cff68f29907e7667edbec7503ff6 SHA512 45eb038e9118a2feff7625cefc7bbb96ef4fd8fa29fce118943dbd0685075fbf9c525202879abf6308d7e80e94b8e9704799e3c863105add026c86b97314d580 DIST genpatches-6.3-2.extras.tar.xz 3808 BLAKE2B 6eccde5d3591804ef50d800dc7ec4cb8b2192d805832cde3496c519bf4ff0f9eef62a76f1e77677df66a054ed1f1efe341f71b8f86b185b10145de8200bc2c70 SHA512 8d79b8c2eed3c962a4c8fda80934720a2ee1436d4e42d762d3f945972537491f415aa6b3615f7a81a727bbb239cd0277ecfb18c83a90ba57252674bf135b35f8 +DIST genpatches-6.3-3.base.tar.xz 9340 BLAKE2B e163214c2f648a410b6253caf1cd2fa60beff29341cfba23674cf41712e11893c1f9574a1bfc4df797e69900a3a3f18e65399f5be720c58ab32c5780a41891c4 SHA512 8d308cac9a26c32688588fc8aa34f6798f5c0334fa01f3b813922ab46f0d53cde6c94a5c71817f929c5fd4f96741380da1d97c6ba6a3a5091549651c32fc99c9 +DIST genpatches-6.3-3.extras.tar.xz 3804 BLAKE2B 53064668f5f323d3146f16e96a7864ec41048fcc632aad93ce2c5e2b81f496e9b3f50c7730adfb8d4032d69c7277002419bd17d2698c4a1c4fa97ff86bb56411 SHA512 b24a3dee17f10bb60674792522ac6c39ad891bfd46e0c710fef554eb7393446c0071cac74f46507f9ffb206c798bbf881c2690743c33cd40dedcb41ded592a88 DIST gentoo-kernel-config-g7.tar.gz 4625 BLAKE2B 72ba0d038ee34ca5eb26d43bd373735aef3a50d02b414993ea05485e49d83d46df98a6cb0f6f3170a8ec0c99b557432fd9a11cbb92ff7c2837625a7f4469831e SHA512 2d74a8ca9f5402b4290ed93cd3ddba04a7f2ff42c8d8d3f2cbbe22fc20daa0fca119368daa8af39b7a26b1b99e4e3187c3c5d95886a651675ad94ff98d686628 DIST kernel-aarch64-fedora.config.5.10.12 223184 BLAKE2B a0246dac2f7a4ad6a55b611538d24382ac87a8960077811a859c9595ac67f961b4bccb7e139a89abc7c0e26e80832da5c94211fc658082f2e7dde984f14dd29d SHA512 7d803b347b136331db1ad6e22e0445fe0224c3e26cd7c034cbe9794915d457b492e05f77664865079874ec001351553652646e2e08d0fee31e30b841b0008f52 DIST kernel-aarch64-fedora.config.5.15.19 242615 BLAKE2B 94e59440681535e38137b71814e1ae53f57a347f62cf31e0c1c8571ae43d9ae9be9957743c8cbc9ec74850c964eaabefe6799a28bc311ea7b99ee31391b47fb1 SHA512 fb77d3b73a215f97d70cd6d8c96ed20e497786b99ed7d7a7f2ed60cc1251289c1a4c7e058c41b5efac62e4a9b4b3d917dbdb11585955bba2b6584981430f4ddb diff --git a/sys-kernel/gentoo-kernel/gentoo-kernel-6.3.1-r1.ebuild b/sys-kernel/gentoo-kernel/gentoo-kernel-6.3.1-r1.ebuild new file mode 100644 index 000000000000..7832a0fc4616 --- /dev/null +++ b/sys-kernel/gentoo-kernel/gentoo-kernel-6.3.1-r1.ebuild @@ -0,0 +1,140 @@ +# Copyright 2020-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit kernel-build toolchain-funcs + +MY_P=linux-${PV%.*} +GENPATCHES_P=genpatches-${PV%.*}-$(( ${PV##*.} + 2 )) +# https://koji.fedoraproject.org/koji/packageinfo?packageID=8 +# forked to https://github.com/projg2/fedora-kernel-config-for-gentoo +CONFIG_VER=6.3.1-gentoo +GENTOO_CONFIG_VER=g7 + +DESCRIPTION="Linux kernel built with Gentoo patches" +HOMEPAGE=" + https://wiki.gentoo.org/wiki/Project:Distribution_Kernel + https://www.kernel.org/ +" +SRC_URI+=" + https://cdn.kernel.org/pub/linux/kernel/v$(ver_cut 1).x/${MY_P}.tar.xz + https://dev.gentoo.org/~mpagano/dist/genpatches/${GENPATCHES_P}.base.tar.xz + https://dev.gentoo.org/~mpagano/dist/genpatches/${GENPATCHES_P}.extras.tar.xz + https://github.com/projg2/gentoo-kernel-config/archive/${GENTOO_CONFIG_VER}.tar.gz + -> gentoo-kernel-config-${GENTOO_CONFIG_VER}.tar.gz + amd64? ( + https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-x86_64-fedora.config + -> kernel-x86_64-fedora.config.${CONFIG_VER} + ) + arm64? ( + https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-aarch64-fedora.config + -> kernel-aarch64-fedora.config.${CONFIG_VER} + ) + ppc64? ( + https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-ppc64le-fedora.config + -> kernel-ppc64le-fedora.config.${CONFIG_VER} + ) + x86? ( + https://raw.githubusercontent.com/projg2/fedora-kernel-config-for-gentoo/${CONFIG_VER}/kernel-i686-fedora.config + -> kernel-i686-fedora.config.${CONFIG_VER} + ) +" +S=${WORKDIR}/${MY_P} + +LICENSE="GPL-2" +KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~riscv ~x86" +IUSE="debug hardened" +REQUIRED_USE="arm? ( savedconfig ) + hppa? ( savedconfig ) + riscv? ( savedconfig )" + +RDEPEND=" + !sys-kernel/gentoo-kernel-bin:${SLOT} +" +BDEPEND=" + debug? ( dev-util/pahole ) +" +PDEPEND=" + >=virtual/dist-kernel-${PV} +" + +QA_FLAGS_IGNORED=" + usr/src/linux-.*/scripts/gcc-plugins/.*.so + usr/src/linux-.*/vmlinux + usr/src/linux-.*/arch/powerpc/kernel/vdso.*/vdso.*.so.dbg +" + +src_prepare() { + local PATCHES=( + # meh, genpatches have no directory + "${WORKDIR}"/*.patch + ) + default + + local biendian=false + + # prepare the default config + case ${ARCH} in + amd64) + cp "${DISTDIR}/kernel-x86_64-fedora.config.${CONFIG_VER}" .config || die + ;; + arm) + return + ;; + arm64) + cp "${DISTDIR}/kernel-aarch64-fedora.config.${CONFIG_VER}" .config || die + biendian=true + ;; + hppa) + return + ;; + ppc) + # assume powermac/powerbook defconfig + # we still package.use.force savedconfig + cp "${WORKDIR}/${MY_P}/arch/powerpc/configs/pmac32_defconfig" .config || die + ;; + ppc64) + cp "${DISTDIR}/kernel-ppc64le-fedora.config.${CONFIG_VER}" .config || die + biendian=true + ;; + riscv) + return + ;; + x86) + cp "${DISTDIR}/kernel-i686-fedora.config.${CONFIG_VER}" .config || die + ;; + *) + die "Unsupported arch ${ARCH}" + ;; + esac + + local myversion="-gentoo-dist" + use hardened && myversion+="-hardened" + echo "CONFIG_LOCALVERSION=\"${myversion}\"" > "${T}"/version.config || die + local dist_conf_path="${WORKDIR}/gentoo-kernel-config-${GENTOO_CONFIG_VER}" + + local merge_configs=( + "${T}"/version.config + "${dist_conf_path}"/base.config + ) + use debug || merge_configs+=( + "${dist_conf_path}"/no-debug.config + ) + if use hardened; then + merge_configs+=( "${dist_conf_path}"/hardened-base.config ) + + tc-is-gcc && merge_configs+=( "${dist_conf_path}"/hardened-gcc-plugins.config ) + + if [[ -f "${dist_conf_path}/hardened-${ARCH}.config" ]]; then + merge_configs+=( "${dist_conf_path}/hardened-${ARCH}.config" ) + fi + fi + + # this covers ppc64 and aarch64_be only for now + if [[ ${biendian} == true && $(tc-endian) == big ]]; then + merge_configs+=( "${dist_conf_path}/big-endian.config" ) + fi + + kernel-build_merge_configs "${merge_configs[@]}" +} |