diff options
| author | Irvine | 2018-01-11 10:51:35 +0000 |
|---|---|---|
| committer | Irvine | 2018-01-11 10:51:35 +0000 |
| commit | 21f05628e10e52ea13ba50b356572ae73624ad13 (patch) | |
| tree | b10b801eba017ae5faeaa1016eac0a2992fc9498 | |
| parent | 2b3049808db70ce2ba8326dfe81b57c8daaf12f1 (diff) | |
| download | aur-21f05628e10e52ea13ba50b356572ae73624ad13.tar.gz | |
Sync with linux-hardened-4.14.13.-1
| -rw-r--r-- | .SRCINFO | 17 | ||||
| -rw-r--r-- | PKGBUILD | 175 | ||||
| -rw-r--r-- | config.x86_64 | 2 |
3 files changed, 67 insertions, 127 deletions
@@ -1,11 +1,10 @@ pkgbase = linux-hardened-apparmor - pkgver = 4.14.12.a + pkgver = 4.14.13.a pkgrel = 1 url = https://github.com/copperhead/linux-hardened arch = x86_64 license = GPL2 makedepends = xmlto - makedepends = docbook-xsl makedepends = kmod makedepends = inetutils makedepends = bc @@ -14,10 +13,10 @@ pkgbase = linux-hardened-apparmor options = !strip source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.14.tar.xz source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.14.tar.sign - source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.14.12.xz - source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.14.12.sign - source = https://github.com/thestinger/linux-hardened/releases/download/4.14.12.a/linux-hardened-4.14.12.a.patch - source = https://github.com/thestinger/linux-hardened/releases/download/4.14.12.a/linux-hardened-4.14.12.a.patch.sig + source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.14.13.xz + source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.14.13.sign + source = https://github.com/thestinger/linux-hardened/releases/download/4.14.13.a/linux-hardened-4.14.13.a.patch + source = https://github.com/thestinger/linux-hardened/releases/download/4.14.13.a/linux-hardened-4.14.13.a.patch.sig source = config.x86_64 source = 60-linux.hook source = 90-linux.hook @@ -35,11 +34,11 @@ pkgbase = linux-hardened-apparmor validpgpkeys = 65EEFE022108E2B708CBFCF7F9E712E59AF5F22A sha256sums = f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7 sha256sums = SKIP - sha256sums = da5d8db44b0988e4c45346899d3f5a51f8bd6c25f14e729615ca9ff9f17bdefd + sha256sums = ce897f467e80452f29d7a7a8809e8585ea12192a2c32e4d18578f64b043e802e sha256sums = SKIP - sha256sums = 199ac6bc8644677dc801dae69c4293d4cef100696f2d1c60a4bc5faaa4d896e8 + sha256sums = 6b12f95c7eecfc3629fe94079f5a82d509a31621f689503dd91225c730ed0371 sha256sums = SKIP - sha256sums = 7dfbc037dc5cd334a8450742dbe73eb0c8314100463b645a5e2cdffe3e8ddd1a + sha256sums = d0c7c7c5ebd1a77047bb85dd441f11dcc45bd2491f70b841e985a42b4b9975bf sha256sums = ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21 sha256sums = 75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919 sha256sums = ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65 @@ -2,13 +2,13 @@ pkgbase=linux-hardened-apparmor _srcname=linux-4.14 -_pkgver=4.14.12 +_pkgver=4.14.13 pkgver=${_pkgver}.a pkgrel=1 url='https://github.com/copperhead/linux-hardened' arch=('x86_64') license=('GPL2') -makedepends=('xmlto' 'docbook-xsl' 'kmod' 'inetutils' 'bc' 'libelf') +makedepends=('xmlto' 'kmod' 'inetutils' 'bc' 'libelf') options=('!strip') source=(https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.xz https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.sign @@ -37,11 +37,11 @@ source=(https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.xz replaces=('linux-grsec') sha256sums=('f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7' 'SKIP' - 'da5d8db44b0988e4c45346899d3f5a51f8bd6c25f14e729615ca9ff9f17bdefd' + 'ce897f467e80452f29d7a7a8809e8585ea12192a2c32e4d18578f64b043e802e' 'SKIP' - '199ac6bc8644677dc801dae69c4293d4cef100696f2d1c60a4bc5faaa4d896e8' + '6b12f95c7eecfc3629fe94079f5a82d509a31621f689503dd91225c730ed0371' 'SKIP' - '7dfbc037dc5cd334a8450742dbe73eb0c8314100463b645a5e2cdffe3e8ddd1a' + 'd0c7c7c5ebd1a77047bb85dd441f11dcc45bd2491f70b841e985a42b4b9975bf' 'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21' '75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919' 'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65' @@ -130,8 +130,6 @@ _package() { cd ${_srcname} - KARCH=x86 - # get kernel version _kernver="$(make LOCALVERSION= kernelrelease)" _basekernel=${_kernver%%-*} @@ -139,7 +137,7 @@ _package() { mkdir -p "${pkgdir}"/{boot,usr/lib/modules} make LOCALVERSION= INSTALL_MOD_PATH="${pkgdir}/usr" modules_install - cp arch/$KARCH/boot/bzImage "${pkgdir}/boot/vmlinuz-${pkgbase}" + cp arch/x86/boot/bzImage "${pkgdir}/boot/vmlinuz-${pkgbase}" # make room for external modules local _extramodules="extramodules-${_basekernel}${_kernelname:--ARCH}" @@ -151,14 +149,12 @@ _package() { # remove build and source links rm "${pkgdir}"/usr/lib/modules/${_kernver}/{source,build} - # remove the firmware - rm -rf "${pkgdir}/lib/firmware" # now we call depmod... depmod -b "${pkgdir}/usr" -F System.map "${_kernver}" # add vmlinux - install -Dm 644 vmlinux -t "${pkgdir}/usr/lib/modules/${_kernver}/build" + install -Dt "${pkgdir}/usr/lib/modules/${_kernver}/build" -m644 vmlinux # sed expression for following substitutions local _subst=" @@ -173,151 +169,96 @@ _package() { # install mkinitcpio preset file sed "${_subst}" ../linux.preset | - install -Dm 644 /dev/stdin "${pkgdir}/etc/mkinitcpio.d/${pkgbase}.preset" + install -Dm644 /dev/stdin "${pkgdir}/etc/mkinitcpio.d/${pkgbase}.preset" # install pacman hooks sed "${_subst}" ../60-linux.hook | - install -Dm 644 /dev/stdin "${pkgdir}/usr/share/libalpm/hooks/60-${pkgbase}.hook" + install -Dm644 /dev/stdin "${pkgdir}/usr/share/libalpm/hooks/60-${pkgbase}.hook" sed "${_subst}" ../90-linux.hook | - install -Dm 644 /dev/stdin "${pkgdir}/usr/share/libalpm/hooks/90-${pkgbase}.hook" + install -Dm644 /dev/stdin "${pkgdir}/usr/share/libalpm/hooks/90-${pkgbase}.hook" } _package-headers() { pkgdesc="Header files and scripts for building modules for ${pkgbase/linux/Linux} kernel" - install -dm755 "${pkgdir}/usr/lib/modules/${_kernver}" - cd ${_srcname} - install -D -m644 Makefile \ - "${pkgdir}/usr/lib/modules/${_kernver}/build/Makefile" - install -D -m644 kernel/Makefile \ - "${pkgdir}/usr/lib/modules/${_kernver}/build/kernel/Makefile" - install -D -m644 .config \ - "${pkgdir}/usr/lib/modules/${_kernver}/build/.config" - - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/include" - - for i in acpi asm-generic config crypto drm generated keys linux math-emu \ - media net pcmcia rdma scsi soc sound trace uapi video xen; do - cp -a include/${i} "${pkgdir}/usr/lib/modules/${_kernver}/build/include/" - done - - # copy arch includes for external modules - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/x86" - cp -a arch/x86/include "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/x86/" - - # copy files necessary for later builds, like nvidia and vmware - cp Module.symvers "${pkgdir}/usr/lib/modules/${_kernver}/build" - cp -a scripts "${pkgdir}/usr/lib/modules/${_kernver}/build" + local _builddir="${pkgdir}/usr/lib/modules/${_kernver}/build" - # fix permissions on scripts dir - chmod og-w -R "${pkgdir}/usr/lib/modules/${_kernver}/build/scripts" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/.tmp_versions" + install -Dt "${_builddir}" -m644 Makefile .config Module.symvers + install -Dt "${_builddir}/kernel" -m644 kernel/Makefile - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/kernel" + mkdir "${_builddir}/.tmp_versions" - cp arch/${KARCH}/Makefile "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/" + cp -t "${_builddir}" -a include scripts - cp arch/${KARCH}/kernel/asm-offsets.s "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/kernel/" + install -Dt "${_builddir}/arch/x86" -m644 arch/x86/Makefile + install -Dt "${_builddir}/arch/x86/kernel" -m644 arch/x86/kernel/asm-offsets.s - # add docbook makefile - #install -D -m644 Documentation/DocBook/Makefile \ - #"${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/DocBook/Makefile" + cp -t "${_builddir}/arch/x86" -a arch/x86/include - # add dm headers - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/md" - cp drivers/md/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/md" + install -Dt "${_builddir}/drivers/md" -m644 drivers/md/*.h + install -Dt "${_builddir}/net/mac80211" -m644 net/mac80211/*.h - # add inotify.h - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/include/linux" - cp include/linux/inotify.h "${pkgdir}/usr/lib/modules/${_kernver}/build/include/linux/" - - # add wireless headers - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/net/mac80211/" - cp net/mac80211/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/net/mac80211/" - - # add dvb headers for external modules - # in reference to: # http://bugs.archlinux.org/task/9912 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-core" - cp drivers/media/dvb-core/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-core/" - # and... - # http://bugs.archlinux.org/task/11194 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/include/config/dvb/" - cp include/config/dvb/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/include/config/dvb/" - - # add dvb headers for http://mcentral.de/hg/~mrec/em28xx-new - # in reference to: + install -Dt "${_builddir}/drivers/media/dvb-core" -m644 drivers/media/dvb-core/*.h + # http://bugs.archlinux.org/task/13146 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends/" - cp drivers/media/dvb-frontends/lgdt330x.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends/" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/i2c/" - cp drivers/media/i2c/msp3400-driver.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/i2c/" + install -Dt "${_builddir}/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h - # add dvb headers - # in reference to: # http://bugs.archlinux.org/task/20402 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/usb/dvb-usb" - cp drivers/media/usb/dvb-usb/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/usb/dvb-usb/" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends" - cp drivers/media/dvb-frontends/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends/" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/tuners" - cp drivers/media/tuners/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/tuners/" + install -Dt "${_builddir}/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h + install -Dt "${_builddir}/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h + install -Dt "${_builddir}/drivers/media/tuners" -m644 drivers/media/tuners/*.h # add xfs and shmem for aufs building - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/fs/xfs" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/mm" - # removed in 3.17 series - # cp fs/xfs/xfs_sb.h "${pkgdir}/usr/lib/modules/${_kernver}/build/fs/xfs/xfs_sb.h" + mkdir -p "${_builddir}"/{fs/xfs,mm} # copy in Kconfig files - for i in $(find . -name "Kconfig*"); do - mkdir -p "${pkgdir}"/usr/lib/modules/${_kernver}/build/`echo ${i} | sed 's|/Kconfig.*||'` - cp ${i} "${pkgdir}/usr/lib/modules/${_kernver}/build/${i}" - done + find . -name Kconfig\* -exec install -Dm644 {} "${_builddir}/{}" \; # add objtool for external module building and enabled VALIDATION_STACK option - if [ -f tools/objtool/objtool ]; then - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/tools/objtool" - cp -a tools/objtool/objtool "${pkgdir}/usr/lib/modules/${_kernver}/build/tools/objtool/" - fi + install -Dt "${_builddir}/tools/objtool" tools/objtool/objtool - chown -R root.root "${pkgdir}/usr/lib/modules/${_kernver}/build" - find "${pkgdir}/usr/lib/modules/${_kernver}/build" -type d -exec chmod 755 {} \; - - # strip scripts directory - find "${pkgdir}/usr/lib/modules/${_kernver}/build/scripts" -type f -perm -u+w 2>/dev/null | while read binary ; do - case "$(file -bi "${binary}")" in - *application/x-sharedlib*) # Libraries (.so) - /usr/bin/strip ${STRIP_SHARED} "${binary}";; - *application/x-archive*) # Libraries (.a) - /usr/bin/strip ${STRIP_STATIC} "${binary}";; - *application/x-executable*) # Binaries - /usr/bin/strip ${STRIP_BINARIES} "${binary}";; - esac + # remove unneeded architectures + local _arch + for _arch in "${_builddir}"/arch/*/; do + [[ ${_arch} == */x86/ ]] && continue + rm -r "${_arch}" done - # remove unneeded architectures - rm -rf "${pkgdir}"/usr/lib/modules/${_kernver}/build/arch/{alpha,arc,arm,arm26,arm64,avr32,blackfin,c6x,cris,frv,h8300,hexagon,ia64,m32r,m68k,m68knommu,metag,mips,microblaze,mn10300,openrisc,parisc,powerpc,ppc,s390,score,sh,sh64,sparc,sparc64,tile,unicore32,um,v850,xtensa} + # remove files already in linux-docs package + rm -r "${_builddir}/Documentation" - # remove a files already in linux-docs package - rm -f "${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/kbuild/Kconfig.recursion-issue-01" - rm -f "${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/kbuild/Kconfig.recursion-issue-02" - rm -f "${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/kbuild/Kconfig.select-break" + # remove now broken symlinks + find -L "${_builddir}" -type l -printf 'Removing %P\n' -delete + + # Fix permissions + chmod -R u=rwX,go=rX "${_builddir}" + + # strip scripts directory + local _binary _strip + while read -rd '' _binary; do + case "$(file -bi "${_binary}")" in + *application/x-sharedlib*) _strip="${STRIP_SHARED}" ;; # Libraries (.so) + *application/x-archive*) _strip="${STRIP_STATIC}" ;; # Libraries (.a) + *application/x-executable*) _strip="${STRIP_BINARIES}" ;; # Binaries + *) continue ;; + esac + /usr/bin/strip ${_strip} "${_binary}" + done < <(find "${_builddir}/scripts" -type f -perm -u+w -print0 2>/dev/null) } _package-docs() { pkgdesc="Kernel hackers manual - HTML documentation that comes with the ${pkgbase/linux/Linux} kernel" cd ${_srcname} + local _builddir="${pkgdir}/usr/lib/modules/${_kernver}/build" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build" - cp -al Documentation "${pkgdir}/usr/lib/modules/${_kernver}/build" - find "${pkgdir}" -type f -exec chmod 444 {} \; - find "${pkgdir}" -type d -exec chmod 755 {} \; + mkdir -p "${_builddir}" + cp -t "${_builddir}" -a Documentation - # remove a file already in linux package - #rm -f "${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/DocBook/Makefile" + # Fix permissions + chmod -R u=rwX,go=rX "${_builddir}" } pkgname=("${pkgbase}" "${pkgbase}-headers" "${pkgbase}-docs") diff --git a/config.x86_64 b/config.x86_64 index 5c261fed7a5d..30e6d6dbf40e 100644 --- a/config.x86_64 +++ b/config.x86_64 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.12 Kernel Configuration +# Linux/x86 4.14.13 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y |