/[gentoo-x86]/sys-kernel/hardened-sources/hardened-sources-2.4.22-r2.ebuild
Gentoo

Contents of /sys-kernel/hardened-sources/hardened-sources-2.4.22-r2.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.6 - (show annotations) (download)
Sat Apr 17 11:31:19 2004 UTC (10 years, 3 months ago) by plasmaroo
Branch: MAIN
CVS Tags: HEAD
Changes since 1.5: +1 -1 lines
FILE REMOVED
Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178 vulnerabilities.

1 # Copyright 1999-2004 Gentoo Technologies, Inc.
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /home/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.22-r2.ebuild,v 1.5 2004/04/12 16:36:22 aliz Exp $
4
5 IUSE="build selinux"
6
7 # OKV=original kernel version, KV=patched kernel version. They can be the same.
8
9 ETYPE="sources"
10
11 inherit kernel eutils
12
13 OKV=2.4.22
14 EXTRAVERSION=-hardened
15 KV=${OKV}${EXTRAVERSION}
16 S=${WORKDIR}/linux-${KV}
17 DESCRIPTION="Special Security Hardened Gentoo Linux Kernel"
18 SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2
19 mirror://gentoo/patches-${KV}.tar.bz2"
20
21
22 HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/proj/en/hardened/"
23 KEYWORDS="~x86 ~ppc"
24 SLOT="${KV}"
25
26 src_unpack() {
27 unpack linux-${OKV}.tar.bz2 patches-${KV}.tar.bz2
28 mv linux-${OKV} linux-${KV} || die
29
30 cd ${KV}
31 # We can't use LSM/SELinux and GRSec in the same kernel. If USE=selinux, we will
32 # patch in LSM/SELinux and drop support for GRsec. Otherwise we will include GRSec.
33 if [ "`use selinux`" ]; then
34 einfo "Enabling SELinux support. This will drop GRSec2 support."
35 for file in *grsec*; do
36 einfo "Dropping ${file}.."
37 rm -f ${file}
38 done
39 else
40 einfo "Did not find \"selinux\" in use, building with GRSec2 support."
41 for file in *lsm* *selinux*; do
42 einfo "Dropping ${file}..."
43 rm -f ${file}
44 done
45 fi
46
47 kernel_src_unpack
48
49 cd ${S}
50 epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln"
51 epatch ${FILESDIR}/mremap-CAN-2003-0985.patch || die "failed to patch for mremap vuln"
52 epatch ${FILESDIR}/rtc_fix.patch || die "failed to patch for rtc vuln"
53 }
54
55 pkg_postinst() {
56 einfo "This kernel contains LSM/SElinux or GRSecurity, and Systrace"
57 einfo "Also included are various other performance and security related patches"
58 einfo "If you experience problems with this kernel please report them by"
59 einfo "assigning bugs on bugs.gentoo.org to frogger@gentoo.org"
60 if [ "`use selinux`" ]; then
61 einfo ""
62 einfo "Warning! This kernel contains the new SELinux API and currently"
63 einfo "does not support ReiserFS. If you need ReiserFS support, and are"
64 einfo "using SELinux, then do not use this kernel."
65 einfo ""
66 einfo "The new SELinux API contains many changes from the previous API,"
67 einfo "including new userspace utilities. Please see "
68 einfo "http://www.gentoo.org/proj/en/hardened/selinux for more info."
69 fi
70 }

  ViewVC Help
Powered by ViewVC 1.1.20