From 47e988740a96b233a6a375e35276a51a2b88dc76 Mon Sep 17 00:00:00 2001 From: "Anthony G. Basile" Date: Wed, 15 Mar 2017 10:46:26 -0400 Subject: [PATCH] sys-kernel/hardened-sources: version bump to 4.9.15 vanilla-4.9 + genpatches-4.9-15 + grsecurity-3.1-4.9.15-201703150049 Package-Manager: Portage-2.3.3, Repoman-2.3.1 --- sys-kernel/hardened-sources/Manifest | 1 + .../hardened-sources-4.9.15.ebuild | 45 +++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 sys-kernel/hardened-sources/hardened-sources-4.9.15.ebuild diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest index 9359d2ac57593..d6be8005d23bf 100644 --- a/sys-kernel/hardened-sources/Manifest +++ b/sys-kernel/hardened-sources/Manifest @@ -18,6 +18,7 @@ DIST hardened-patches-4.7.6-1.extras.tar.bz2 1913657 SHA256 f32b7891fa0a821a6027 DIST hardened-patches-4.8.17-3.extras.tar.bz2 1932803 SHA256 7ff535912635b5ae83d793dcadb30f2ebab85abffb05d73f73af3a0262f5b170 SHA512 f9521c5f0df2ab5989f5fd5929b3f69620d519d92583601f52bf4c2871330008c9e2f19cee3538a2c4945bc22d0ddb8478a9fb332de64dbd611904749d046e82 WHIRLPOOL 1f0ff531b479db743eb0d806d35b770c405868082a249c7d41579649dd924c25d41bd1781bc0fe827a6d06447e0fe88dc630992f2be977f50138f741e707b542 DIST hardened-patches-4.9.13-2.extras.tar.bz2 1934070 SHA256 b51d648c2931986592d26ba06704d01a25ba39897f1d0346ce88fcc079418e49 SHA512 1675e1303df8d9b15c3a904d926931faf43ef40adc68c1f7fbc6bff9f597bc65c2111344cfb341373fece0696d5b8ffb56a33c2601f5aaf3cf2246bdf827a263 WHIRLPOOL a0d79c3319fc199d4c0b4affb8c019e612509749848d5165b0ecc59095bd2d7bd989cc2307958d7bab3e47fca13b76c7cecf654eda78d49f7f53b641ba825e0a DIST hardened-patches-4.9.14-1.extras.tar.bz2 1977361 SHA256 3d7d75c0320075d14db8fbbc41bb1f7d91f0f2033ebcbc81ab3b2116cc43aae8 SHA512 6371d60a1eeea6c415894562065bc00d2c4b835976dbe98273d3d2848fc5fdcbce0045aa48eaa4073b5216762757fc9cf28389a141aab257261545c638348bcc WHIRLPOOL 9b0f68fa9215afc8f74b55c84845b585a9909853141dd5ab619525211364d7c403ab3ef326f5c757d5cac49cd108c0666b4292028f4c5d68fb0dce5cbd5b1d49 +DIST hardened-patches-4.9.15-1.extras.tar.bz2 1996486 SHA256 06aaeb0a06a39475b3b234df2d3fd8fe7eedc23deb7dd710eed11c108cabe0b5 SHA512 93763fbbb36709fa69883ea229bd8e0af88fb8214594c549a97afe4701bbebdafba9dac2fdf46792a9110e563a5798fe03d23f9a8ee07a12bcceb53f852ccb69 WHIRLPOOL 09aa7ccd3dd7b58db7f3959f44c7b2cb79b4d28290c5728235e0d5509de221e87359bb43e122cc4907716f20e3a4b4c2f5360c1a4b567b813b0f11618b02cd52 DIST linux-4.4.tar.xz 87295988 SHA256 401d7c8fef594999a460d10c72c5a94e9c2e1022f16795ec51746b0d165418b2 SHA512 13c8459933a8b80608e226a1398e3d1848352ace84bcfb7e6a4a33cb230bbe1ab719d4b58e067283df91ce5311be6d2d595fc8c19e2ae6ecc652499415614b3e WHIRLPOOL 02abc203d867404b9934aaa4c1e5b5dcbb0b0021e91a03f3a7e7fd224eed106821d8b4949f32a590536db150e5a88c16fcde88538777a26d0c17900f0257b1bc DIST linux-4.7.tar.xz 90412100 SHA256 5190c3d1209aeda04168145bf50569dc0984f80467159b1dc50ad731e3285f10 SHA512 e8c02583e17e4fc4214fef694825fcb78c898266f1624deb1cdf56ab5c5fdfa669c5221122a7cf0d502ed6f921ff3797634acd9d294d29e98e3faa8a21920185 WHIRLPOOL e968c89ce714c8d918db6074dabac4b0200c57ff111260313cf5798eeefb8b5b10c1509b64e2ee611a78e81075c588a473b67f9802609b2fef9ebb87ae514d98 DIST linux-4.8.tar.xz 91966856 SHA256 3e9150065f193d3d94bcf46a1fe9f033c7ef7122ab71d75a7fb5a2f0c9a7e11a SHA512 a48a065f21e1c7c4de4cf8ca47b8b8d9a70f86b64e7cfa6e01be490f78895745b9c8790734b1d22182cf1f930fb87eaaa84e62ec8cc1f64ac4be9b949e7c0358 WHIRLPOOL 3888c8c07db0c069f827245d4d7306087f78f7d03e8240eb1fcd13622cd5dbe1c17cd8ed7dc11513f77f3efd5dbd84e2b48e82bdb9b9bfd2242fd62ae32812d5 diff --git a/sys-kernel/hardened-sources/hardened-sources-4.9.15.ebuild b/sys-kernel/hardened-sources/hardened-sources-4.9.15.ebuild new file mode 100644 index 0000000000000..32203865f2e63 --- /dev/null +++ b/sys-kernel/hardened-sources/hardened-sources-4.9.15.ebuild @@ -0,0 +1,45 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +ETYPE="sources" +K_WANT_GENPATCHES="base" +K_GENPATCHES_VER="15" +K_DEBLOB_AVAILABLE="1" + +inherit kernel-2 +detect_version + +HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1" +HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" +SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" + +UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" +UNIPATCH_EXCLUDE=" + 1500_XATTR_USER_PREFIX.patch + 1520_CVE-2017-6074-dccp-skb-freeing-fix.patch + 2900_dev-root-proc-mount-fix.patch" + +DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" +IUSE="deblob" + +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" + +RDEPEND=">=sys-devel/gcc-4.5" + +pkg_postinst() { + kernel-2_pkg_postinst + + local GRADM_COMPAT="sys-apps/gradm-3.1*" + + ewarn + ewarn "Users of grsecurity's RBAC system must ensure they are using" + ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." + ewarn "It is strongly recommended that the following command is issued" + ewarn "prior to booting a ${PF} kernel for the first time:" + ewarn + ewarn "emerge -na =${GRADM_COMPAT}" + ewarn +}