From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 55E6A158649 for ; Thu, 11 May 2023 19:26:21 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 47CF0E0A6E; Thu, 11 May 2023 19:26:20 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id E8D7AE0AA7 for ; Thu, 11 May 2023 19:26:18 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 9DC9333C84E for ; Thu, 11 May 2023 19:26:17 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 07677A69 for ; Thu, 11 May 2023 19:26:16 +0000 (UTC) From: "Michał Górny" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Michał Górny" Message-ID: <1683833166.87ac09b70f4f42914fcd5a0af5f94b4c8f3e8efc.mgorny@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: sys-kernel/gentoo-kernel/ X-VCS-Repository: repo/gentoo X-VCS-Files: sys-kernel/gentoo-kernel/Manifest sys-kernel/gentoo-kernel/gentoo-kernel-5.15.110-r2.ebuild X-VCS-Directories: sys-kernel/gentoo-kernel/ X-VCS-Committer: mgorny X-VCS-Committer-Name: Michał Górny X-VCS-Revision: 87ac09b70f4f42914fcd5a0af5f94b4c8f3e8efc X-VCS-Branch: master Date: Thu, 11 May 2023 19:26:16 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: fc1914cf-a9c0-457f-8639-a6dc4e056ea5 X-Archives-Hash: 14a59d5ce83b83aea873d7528b4efa14 commit: 87ac09b70f4f42914fcd5a0af5f94b4c8f3e8efc Author: Michał Górny gentoo org> AuthorDate: Thu May 11 08:02:07 2023 +0000 Commit: Michał Górny gentoo org> CommitDate: Thu May 11 19:26:06 2023 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=87ac09b7 sys-kernel/gentoo-kernel: Backport CVE-2023-32233 fix to 5.15.110-r2 Signed-off-by: Michał Górny gentoo.org> sys-kernel/gentoo-kernel/Manifest | 2 + .../gentoo-kernel/gentoo-kernel-5.15.110-r2.ebuild | 134 +++++++++++++++++++++ 2 files changed, 136 insertions(+) diff --git a/sys-kernel/gentoo-kernel/Manifest b/sys-kernel/gentoo-kernel/Manifest index 0444d400d4dc..7f32b8e9a534 100644 --- a/sys-kernel/gentoo-kernel/Manifest +++ b/sys-kernel/gentoo-kernel/Manifest @@ -8,6 +8,8 @@ DIST genpatches-5.15-114.base.tar.xz 4428092 BLAKE2B d48a687c2ee6e7127bec22dda70 DIST genpatches-5.15-114.extras.tar.xz 3932 BLAKE2B 17aa4f2062511ba4e8b73a3449fe6ca4a1edb6cd80ff3037501f0dd7496db9282554cb45857752436e5c1de194e30988a84122698e8a6c27fb2e80edfe20845b SHA512 0bad9b065dd20cfc5436d7f449c0c79ca997be93db9fd1d3d7f1ce3929d7f73fa027a8c20475f5de770513211fca68cd2d0bca8c7fd8ba0daab15234c61e2ceb DIST genpatches-5.15-115.base.tar.xz 4432584 BLAKE2B a39251400e823a2e2cb5265981a3c243cd5ee5f294f77b23d022ea565ab78d507f64891b1076454aa24082034a89ad76d061fa898763820ea899bd18013a4347 SHA512 4e54fd61aaa960d813a7fe53e3669ae5d9e42bcb1b537189c7e03f3f66d72bc87ccd02c6fcb1e77c570168fbed6b1353e1bb5a50a21e41bd4667abdefd40b5c2 DIST genpatches-5.15-115.extras.tar.xz 3932 BLAKE2B 2cd277a80fa68517ed5b2494b8289fe24e651c70b85a3ec8badfc8d98b7f0ed487769e53be865bfcd77d4d3eb31519d3cd9d15174d3231d62b81bdc020ab7f62 SHA512 01abc3b127db13150b754dca3b891854454e5c907c2eac18761f5b68c7d90dd8fc7d8c44c82d83ac90ec6fcacb56c9363083bd1731ec5cbe0ec66c31fe815c14 +DIST genpatches-5.15-116.base.tar.xz 4433124 BLAKE2B 1ace5f7ac7fe7dee5ca92c8228fa07f1abe85d92040adc0d2b83c2d5f55976c4ecfc0a3ed4575d5528db1eab14b65250d25d9fb28a880422385a45a887117820 SHA512 7346fe13050c49737f98e5ad7bdb848caf693b2e3129a7e9e382f1c6462242dcdae1fc7e184b10f7593159c7d6c3cd8bf69dd1d66abb604746871123424563f1 +DIST genpatches-5.15-116.extras.tar.xz 3928 BLAKE2B 0130495424324f43fcb5f29b4178c56b43b01c4a7ca7a3b95ac07130f44d6875519d0ee79d9cf8a9912bd6c6d8bb81a0adcd17f27da1e59e24f19073d9a20cff SHA512 ece809c981c8d2c5ed7ec66df69dec3920cc75e7e43145c0ca5dbc577e16cc58880d449d8503d1863974fd2fb707a403b5a9b5ad02d9835e01c45637fd6bcfd7 DIST genpatches-5.4-246.base.tar.xz 5659072 BLAKE2B 4b3f836c7e9f7f4d1cac0c735bbbb7751c0c165c826cbf549033c9e9fb85be3ccf45d480b0c8d80f7d980daaa1fb62265b600e24dee320673434333bec891e0c SHA512 029102ba3170b99836ddf5e4a9a7101826eae3dcced431a7049e4c025ca6057f694c66f67a20d5b08a124275ed91aac3a0e1060ca2946fea54d68b251e61b478 DIST genpatches-5.4-246.extras.tar.xz 1812 BLAKE2B 78297c82519cf71230dc19d674d345cb40d8226adab6af53c0c3af7239f7a1464b8c89b51b62c509b33e8b2eb1a8c102b10146a8a6151ab5f069a1e00f8f6f8c SHA512 13aa1321f559e01257926ef94dd023222c2be9225bb412424a4b4696c1e6d6abe3e7f29c375836e1f9986d496df89051a60c34e8f8070aa0bd556683a387e356 DIST genpatches-5.4-248.base.tar.xz 5689960 BLAKE2B 50714236c3fa565fb097577d8885ea6b0f6448061025221c317df2270877f70093446a79c60baa8247a80a481ee2475720836651cf2a83c31b13e0a59e6e30ed SHA512 0850c79fe4bbb6752e2a9a316204638287107b72ed180d0f417b6d03fd9288305a221d1e085bc4da0fe7ed82790e29525bee72c288f5e6d876c306ef316f8d82 diff --git a/sys-kernel/gentoo-kernel/gentoo-kernel-5.15.110-r2.ebuild b/sys-kernel/gentoo-kernel/gentoo-kernel-5.15.110-r2.ebuild new file mode 100644 index 000000000000..f45f633a3dbc --- /dev/null +++ b/sys-kernel/gentoo-kernel/gentoo-kernel-5.15.110-r2.ebuild @@ -0,0 +1,134 @@ +# Copyright 2020-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit kernel-build toolchain-funcs + +MY_P=linux-${PV%.*} +GENPATCHES_P=genpatches-${PV%.*}-$(( ${PV##*.} + 6 )) +CONFIG_VER=5.15.19 +CONFIG_HASH=ec69da7a42b5b7c3da91572ef22097b069ddbd01 +GENTOO_CONFIG_VER=g7 + +DESCRIPTION="Linux kernel built with Gentoo patches" +HOMEPAGE=" + https://wiki.gentoo.org/wiki/Project:Distribution_Kernel + https://www.kernel.org/ +" +SRC_URI+=" + https://cdn.kernel.org/pub/linux/kernel/v$(ver_cut 1).x/${MY_P}.tar.xz + https://dev.gentoo.org/~mpagano/dist/genpatches/${GENPATCHES_P}.base.tar.xz + https://dev.gentoo.org/~mpagano/dist/genpatches/${GENPATCHES_P}.extras.tar.xz + https://github.com/projg2/gentoo-kernel-config/archive/${GENTOO_CONFIG_VER}.tar.gz + -> gentoo-kernel-config-${GENTOO_CONFIG_VER}.tar.gz + amd64? ( + https://src.fedoraproject.org/rpms/kernel/raw/${CONFIG_HASH}/f/kernel-x86_64-fedora.config + -> kernel-x86_64-fedora.config.${CONFIG_VER} + ) + arm64? ( + https://src.fedoraproject.org/rpms/kernel/raw/${CONFIG_HASH}/f/kernel-aarch64-fedora.config + -> kernel-aarch64-fedora.config.${CONFIG_VER} + ) + ppc64? ( + https://src.fedoraproject.org/rpms/kernel/raw/${CONFIG_HASH}/f/kernel-ppc64le-fedora.config + -> kernel-ppc64le-fedora.config.${CONFIG_VER} + ) + x86? ( + https://src.fedoraproject.org/rpms/kernel/raw/${CONFIG_HASH}/f/kernel-i686-fedora.config + -> kernel-i686-fedora.config.${CONFIG_VER} + ) +" +S=${WORKDIR}/${MY_P} + +LICENSE="GPL-2" +KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~x86" +IUSE="debug hardened" +REQUIRED_USE="arm? ( savedconfig )" + +RDEPEND=" + !sys-kernel/gentoo-kernel-bin:${SLOT} +" +BDEPEND=" + debug? ( dev-util/pahole ) +" +PDEPEND=" + >=virtual/dist-kernel-${PV} +" + +QA_FLAGS_IGNORED=" + usr/src/linux-.*/scripts/gcc-plugins/.*.so + usr/src/linux-.*/vmlinux + usr/src/linux-.*/arch/powerpc/kernel/vdso.*/vdso.*.so.dbg +" + +src_prepare() { + local PATCHES=( + # meh, genpatches have no directory + "${WORKDIR}"/*.patch + ) + default + + local biendian=false + + # prepare the default config + case ${ARCH} in + amd64) + cp "${DISTDIR}/kernel-x86_64-fedora.config.${CONFIG_VER}" .config || die + ;; + arm) + return + ;; + arm64) + cp "${DISTDIR}/kernel-aarch64-fedora.config.${CONFIG_VER}" .config || die + biendian=true + ;; + hppa) + return + ;; + ppc) + # assume powermac/powerbook defconfig + # we still package.use.force savedconfig + cp "${WORKDIR}/${MY_P}/arch/powerpc/configs/pmac32_defconfig" .config || die + ;; + ppc64) + cp "${DISTDIR}/kernel-ppc64le-fedora.config.${CONFIG_VER}" .config || die + biendian=true + ;; + x86) + cp "${DISTDIR}/kernel-i686-fedora.config.${CONFIG_VER}" .config || die + ;; + *) + die "Unsupported arch ${ARCH}" + ;; + esac + + local myversion="-gentoo-dist" + use hardened && myversion+="-hardened" + echo "CONFIG_LOCALVERSION=\"${myversion}\"" > "${T}"/version.config || die + local dist_conf_path="${WORKDIR}/gentoo-kernel-config-${GENTOO_CONFIG_VER}" + + local merge_configs=( + "${T}"/version.config + "${dist_conf_path}"/base.config + ) + use debug || merge_configs+=( + "${dist_conf_path}"/no-debug.config + ) + if use hardened; then + merge_configs+=( "${dist_conf_path}"/hardened-base.config ) + + tc-is-gcc && merge_configs+=( "${dist_conf_path}"/hardened-gcc-plugins.config ) + + if [[ -f "${dist_conf_path}/hardened-${ARCH}.config" ]]; then + merge_configs+=( "${dist_conf_path}/hardened-${ARCH}.config" ) + fi + fi + + # this covers ppc64 and aarch64_be only for now + if [[ ${biendian} == true && $(tc-endian) == big ]]; then + merge_configs+=( "${dist_conf_path}/big-endian.config" ) + fi + + kernel-build_merge_configs "${merge_configs[@]}" +}