diff options
author | yar | 2018-08-16 17:49:35 -0700 |
---|---|---|
committer | yar | 2018-08-16 18:17:10 -0700 |
commit | 1279cf248ea2695fdaf1ab9b3aaf8e797f2b54dd (patch) | |
tree | ebdd3abc29b2e9b577398cdeeca94a5aa2449bfb | |
parent | d6be2f25ab9c374d10b57f8a7cda5465b16217c1 (diff) | |
download | aur-1279cf248ea2695fdaf1ab9b3aaf8e797f2b54dd.tar.gz |
bump 4.17.15 using linux-hardened tree
-rw-r--r-- | .SRCINFO | 20 | ||||
-rw-r--r-- | .gitignore | 4 | ||||
-rw-r--r-- | PKGBUILD | 21 | ||||
-rw-r--r-- | config | 10 |
4 files changed, 34 insertions, 21 deletions
@@ -1,8 +1,8 @@ # Generated by mksrcinfo v8 -# Tue Jul 31 21:13:10 UTC 2018 +# Fri Aug 17 01:14:05 UTC 2018 pkgbase = linux-linode pkgdesc = Kernel for Linode servers - pkgver = 4.17.11 + pkgver = 4.17.15.a pkgrel = 1 url = https://github.com/yardenac/linux-linode install = install @@ -26,8 +26,8 @@ pkgbase = linux-linode backup = boot/grub/menu.lst source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.17.tar.xz source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.17.tar.sign - source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.17.11.xz - source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.17.11.sign + source = https://github.com/anthraxx/linux-hardened/releases/download/4.17.15.a/linux-hardened-4.17.15.a.patch + source = https://github.com/anthraxx/linux-hardened/releases/download/4.17.15.a/linux-hardened-4.17.15.a.patch.sig source = config source = 08_linux_linode source = 98-linux-linode.hook @@ -36,9 +36,9 @@ pkgbase = linux-linode source = preset md5sums = 5bb13a03274b66b56c85b26682e407d7 md5sums = SKIP - md5sums = d11e0c49f8381d0656f0838310f27a0f + md5sums = 75374aab3601eae996162d844d0619a8 md5sums = SKIP - md5sums = 35ef3de15ad6b81e8bb76b47ca946652 + md5sums = aaf4606a7ee4bd418569a012070eaeb1 md5sums = bc30565cf444b710c252675cf65fb46e md5sums = c52c29a8502f6c75e309208f0afab11f md5sums = 625481f015365febcd65aa136ee555f9 @@ -46,9 +46,9 @@ pkgbase = linux-linode md5sums = e1b5255cfbf5f8ca79b4b4568feec801 sha256sums = 9faa1dd896eaea961dc6e886697c0b3301277102e5bc976b2758f9a62d3ccd13 sha256sums = SKIP - sha256sums = 1345bf04742096c50eff4de6ba2a2c07ba8779e3c46373cd8076475c36f2e7b0 + sha256sums = 9942ac22490800fada20d8a4d674ad3cd81146f122159fd6e89b921076118b0c sha256sums = SKIP - sha256sums = 79ccb076b9957f58e38cd24002db055c7df5605130dd2ed97647ef7ca4323088 + sha256sums = 75fe99352aeb24158e3270e23d76c4559809148acbd2446ade532d97c25beaa0 sha256sums = 7d56a81083d1468d90ebec97a44ec44f80f8cb87bd506ed1918d6664d6309ad5 sha256sums = 3efa91fcb4698bde0598678bbf9a4a747c011823af82704eed2c146ed7cd9734 sha256sums = 368fb58e7aa465f597e9a72da4b6eea4183c1a85242173412d54ad18d10d8fb3 @@ -56,9 +56,9 @@ pkgbase = linux-linode sha256sums = 29fa2c1ea75f55a61276496507b788b1a8bde1d7c16bee4f525651db34076e46 sha512sums = 4d9de340a26155a89ea8773131c76220cc2057f2b5d031b467b60e8b14c1842518e2d60a863d8c695f0f7640f3f18d43826201984a238dade857b6cef79837db sha512sums = SKIP - sha512sums = 6cab8f1aecceb0491dca25afa088f9601178c8dfec51551afd34e219600bba54f65f929d9a10948cdb5595e339e096473127b55b1142e6dbe9a818149bec307d + sha512sums = fa5d1d4b63f0651489cb2679c0296c83fc1c167e2b399e8a64c8abd9c2aa073c7fb570948cb7100116d712d8aa9df8965502000d55b01a7d6935789a3ca3e1c7 sha512sums = SKIP - sha512sums = ef4f23087371a7f661d9e052e16412a7062ad0feb7eaafc48a17e7f7c53e133ac7de78d093bc7334da470621091ceea04ff95252f662b2db8fa3f63b5c0ee5ef + sha512sums = 8eedd803337f0746ccc712acd868e08a4ef0ae9eaafe878faa25fb06087c5a79ac91874b2c8811b65a0f8b46d2eb04bf54dd7a8de8e9d930be344edec7b73780 sha512sums = 7a80f858c32a9dd62f43aba0b7119a1196869216117164bcde24ab46022e8a1bbe27821faa26ca690a1633a5a9fe324e98e5cdf14f37591d569cbc71f542482d sha512sums = c57a6c8d9978cb6a1034bed33ba5e06bef9b134f22113761798d4fa46e8091e7b0bd26f3a14d79122ba780b2f7a93ca26850f4da6a654f81b34cc79c242f683f sha512sums = db9080b2548e4dcd61eaaf20cd7d37cbbc8c204ce85a2e3408d0671f6b26010f77a61affd2c77e809768714eca29d3afb64765a3f2099317a2c928eff3feb4cf diff --git a/.gitignore b/.gitignore index 04340ad2739b..e89bb5747457 100644 --- a/.gitignore +++ b/.gitignore @@ -4,8 +4,8 @@ /*.part /linux-*.tar.xz /linux-*.tar.sign -/patch-*.xz -/patch-*.sign +/linux-hardened-*.patch +/linux-hardened-*.patch.sig /*.diff /*.log /*.src.tar.gz @@ -5,7 +5,9 @@ pkgname=linux-linode _basekernel=4.17 _kernelname=${pkgname#linux} _srcname=linux-${_basekernel} -pkgver=${_basekernel}.11 +_patchname=linux-hardened +_hardenedver=a +pkgver=${_basekernel}.15.${_hardenedver} pkgrel=1 arch=('x86_64') url="https://github.com/yardenac/linux-linode" @@ -13,7 +15,7 @@ license=(GPL2) makedepends=(xmlto docbook-xsl kmod inetutils bc libelf) options=('!strip') source=("https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar."{xz,sign} - "https://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}."{xz,sign} + "https://github.com/anthraxx/${_patchname}/releases/download/${pkgver}/${_patchname}-${pkgver}.patch"{,.sig} 'config' '08_linux_linode' '98-linux-linode.hook' @@ -21,24 +23,24 @@ source=("https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar."{xz,sign} 'menu.lst' 'preset') sha512sums=('4d9de340a26155a89ea8773131c76220cc2057f2b5d031b467b60e8b14c1842518e2d60a863d8c695f0f7640f3f18d43826201984a238dade857b6cef79837db' 'SKIP' - '6cab8f1aecceb0491dca25afa088f9601178c8dfec51551afd34e219600bba54f65f929d9a10948cdb5595e339e096473127b55b1142e6dbe9a818149bec307d' 'SKIP' - 'ef4f23087371a7f661d9e052e16412a7062ad0feb7eaafc48a17e7f7c53e133ac7de78d093bc7334da470621091ceea04ff95252f662b2db8fa3f63b5c0ee5ef' + 'fa5d1d4b63f0651489cb2679c0296c83fc1c167e2b399e8a64c8abd9c2aa073c7fb570948cb7100116d712d8aa9df8965502000d55b01a7d6935789a3ca3e1c7' 'SKIP' + '8eedd803337f0746ccc712acd868e08a4ef0ae9eaafe878faa25fb06087c5a79ac91874b2c8811b65a0f8b46d2eb04bf54dd7a8de8e9d930be344edec7b73780' '7a80f858c32a9dd62f43aba0b7119a1196869216117164bcde24ab46022e8a1bbe27821faa26ca690a1633a5a9fe324e98e5cdf14f37591d569cbc71f542482d' 'c57a6c8d9978cb6a1034bed33ba5e06bef9b134f22113761798d4fa46e8091e7b0bd26f3a14d79122ba780b2f7a93ca26850f4da6a654f81b34cc79c242f683f' 'db9080b2548e4dcd61eaaf20cd7d37cbbc8c204ce85a2e3408d0671f6b26010f77a61affd2c77e809768714eca29d3afb64765a3f2099317a2c928eff3feb4cf' '73cb4c064d8942fddaac48158b7e77d19afc1cb61f83936f21832ba7d7266ccfd3021114252edd5cec5542096204f48cf30544fd6bffff79bc94d96fabe74f52' '62870a08f000abfe8eb1f50271afdf04686af108554f7629dc5e1d7610ad14bdc9cd14d2609270b83f9edb745a520b81fa7bfb92ebcc28a146df040c895b549b') sha256sums=('9faa1dd896eaea961dc6e886697c0b3301277102e5bc976b2758f9a62d3ccd13' 'SKIP' - '1345bf04742096c50eff4de6ba2a2c07ba8779e3c46373cd8076475c36f2e7b0' 'SKIP' - '79ccb076b9957f58e38cd24002db055c7df5605130dd2ed97647ef7ca4323088' + '9942ac22490800fada20d8a4d674ad3cd81146f122159fd6e89b921076118b0c' 'SKIP' + '75fe99352aeb24158e3270e23d76c4559809148acbd2446ade532d97c25beaa0' '7d56a81083d1468d90ebec97a44ec44f80f8cb87bd506ed1918d6664d6309ad5' '3efa91fcb4698bde0598678bbf9a4a747c011823af82704eed2c146ed7cd9734' '368fb58e7aa465f597e9a72da4b6eea4183c1a85242173412d54ad18d10d8fb3' 'a055b6005a324240b35c416d9d08fba21c5f614eefb46f244035d04bf085224f' '29fa2c1ea75f55a61276496507b788b1a8bde1d7c16bee4f525651db34076e46') md5sums=('5bb13a03274b66b56c85b26682e407d7' 'SKIP' - 'd11e0c49f8381d0656f0838310f27a0f' 'SKIP' - '35ef3de15ad6b81e8bb76b47ca946652' + '75374aab3601eae996162d844d0619a8' 'SKIP' + 'aaf4606a7ee4bd418569a012070eaeb1' 'bc30565cf444b710c252675cf65fb46e' 'c52c29a8502f6c75e309208f0afab11f' '625481f015365febcd65aa136ee555f9' @@ -47,6 +49,7 @@ md5sums=('5bb13a03274b66b56c85b26682e407d7' 'SKIP' validpgpkeys=( 'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linux Torvalds '647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman + 'E240B57E2C4630BA768E2F26FC1B547C8D8172C8' # Levente Polyak ) pkgdesc="Kernel for Linode servers" depends=('coreutils' 'linux-firmware' 'kmod' 'mkinitcpio>=0.7' 'grub') @@ -57,7 +60,7 @@ install=install prepare() { cd "${srcdir}/${_srcname}" - patch -p1 -i "${srcdir}/patch-${pkgver}" + patch -p1 -i "${srcdir}/${_patchname}-${pkgver}.patch" cat "${srcdir}/config" - > ./.config <<-EOF CONFIG_LOCALVERSION="${_kernelname}" CONFIG_LOCALVERSION_AUTO=n @@ -187,6 +187,7 @@ CONFIG_RD_LZO=y CONFIG_RD_LZ4=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_LOCAL_INIT=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y CONFIG_HAVE_UID16=y @@ -244,6 +245,10 @@ CONFIG_SLUB=y # CONFIG_SLAB_MERGE_DEFAULT is not set CONFIG_SLAB_FREELIST_RANDOM=y CONFIG_SLAB_FREELIST_HARDENED=y +CONFIG_SLAB_HARDENED=y +CONFIG_SLAB_CANARY=y +CONFIG_SLAB_SANITIZE=y +CONFIG_SLAB_SANITIZE_VERIFY=y CONFIG_SLUB_CPU_PARTIAL=y # CONFIG_PROFILING is not set CONFIG_CRASH_CORE=y @@ -2942,6 +2947,8 @@ CONFIG_KEYS_COMPAT=y CONFIG_ENCRYPTED_KEYS=y # CONFIG_KEY_DH_OPERATIONS is not set # CONFIG_SECURITY_DMESG_RESTRICT is not set +CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y +CONFIG_SECURITY_TIOCSTI_RESTRICT=y CONFIG_SECURITY=y CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y @@ -2953,6 +2960,9 @@ CONFIG_HARDENED_USERCOPY=y CONFIG_HARDENED_USERCOPY_FALLBACK=y # CONFIG_HARDENED_USERCOPY_PAGESPAN is not set CONFIG_FORTIFY_SOURCE=y +# CONFIG_FORTIFY_SOURCE_STRICT_STRING is not set +CONFIG_PAGE_SANITIZE=y +CONFIG_PAGE_SANITIZE_VERIFY=y # CONFIG_STATIC_USERMODEHELPER is not set # CONFIG_SECURITY_SELINUX is not set # CONFIG_SECURITY_SMACK is not set |