summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authoryar2018-08-16 17:49:35 -0700
committeryar2018-08-16 18:17:10 -0700
commit1279cf248ea2695fdaf1ab9b3aaf8e797f2b54dd (patch)
treeebdd3abc29b2e9b577398cdeeca94a5aa2449bfb
parentd6be2f25ab9c374d10b57f8a7cda5465b16217c1 (diff)
downloadaur-1279cf248ea2695fdaf1ab9b3aaf8e797f2b54dd.tar.gz
bump 4.17.15 using linux-hardened tree
-rw-r--r--.SRCINFO20
-rw-r--r--.gitignore4
-rw-r--r--PKGBUILD21
-rw-r--r--config10
4 files changed, 34 insertions, 21 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 5e7d8ef3f38..541e32b30cf 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,8 +1,8 @@
# Generated by mksrcinfo v8
-# Tue Jul 31 21:13:10 UTC 2018
+# Fri Aug 17 01:14:05 UTC 2018
pkgbase = linux-linode
pkgdesc = Kernel for Linode servers
- pkgver = 4.17.11
+ pkgver = 4.17.15.a
pkgrel = 1
url = https://github.com/yardenac/linux-linode
install = install
@@ -26,8 +26,8 @@ pkgbase = linux-linode
backup = boot/grub/menu.lst
source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.17.tar.xz
source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.17.tar.sign
- source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.17.11.xz
- source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.17.11.sign
+ source = https://github.com/anthraxx/linux-hardened/releases/download/4.17.15.a/linux-hardened-4.17.15.a.patch
+ source = https://github.com/anthraxx/linux-hardened/releases/download/4.17.15.a/linux-hardened-4.17.15.a.patch.sig
source = config
source = 08_linux_linode
source = 98-linux-linode.hook
@@ -36,9 +36,9 @@ pkgbase = linux-linode
source = preset
md5sums = 5bb13a03274b66b56c85b26682e407d7
md5sums = SKIP
- md5sums = d11e0c49f8381d0656f0838310f27a0f
+ md5sums = 75374aab3601eae996162d844d0619a8
md5sums = SKIP
- md5sums = 35ef3de15ad6b81e8bb76b47ca946652
+ md5sums = aaf4606a7ee4bd418569a012070eaeb1
md5sums = bc30565cf444b710c252675cf65fb46e
md5sums = c52c29a8502f6c75e309208f0afab11f
md5sums = 625481f015365febcd65aa136ee555f9
@@ -46,9 +46,9 @@ pkgbase = linux-linode
md5sums = e1b5255cfbf5f8ca79b4b4568feec801
sha256sums = 9faa1dd896eaea961dc6e886697c0b3301277102e5bc976b2758f9a62d3ccd13
sha256sums = SKIP
- sha256sums = 1345bf04742096c50eff4de6ba2a2c07ba8779e3c46373cd8076475c36f2e7b0
+ sha256sums = 9942ac22490800fada20d8a4d674ad3cd81146f122159fd6e89b921076118b0c
sha256sums = SKIP
- sha256sums = 79ccb076b9957f58e38cd24002db055c7df5605130dd2ed97647ef7ca4323088
+ sha256sums = 75fe99352aeb24158e3270e23d76c4559809148acbd2446ade532d97c25beaa0
sha256sums = 7d56a81083d1468d90ebec97a44ec44f80f8cb87bd506ed1918d6664d6309ad5
sha256sums = 3efa91fcb4698bde0598678bbf9a4a747c011823af82704eed2c146ed7cd9734
sha256sums = 368fb58e7aa465f597e9a72da4b6eea4183c1a85242173412d54ad18d10d8fb3
@@ -56,9 +56,9 @@ pkgbase = linux-linode
sha256sums = 29fa2c1ea75f55a61276496507b788b1a8bde1d7c16bee4f525651db34076e46
sha512sums = 4d9de340a26155a89ea8773131c76220cc2057f2b5d031b467b60e8b14c1842518e2d60a863d8c695f0f7640f3f18d43826201984a238dade857b6cef79837db
sha512sums = SKIP
- sha512sums = 6cab8f1aecceb0491dca25afa088f9601178c8dfec51551afd34e219600bba54f65f929d9a10948cdb5595e339e096473127b55b1142e6dbe9a818149bec307d
+ sha512sums = fa5d1d4b63f0651489cb2679c0296c83fc1c167e2b399e8a64c8abd9c2aa073c7fb570948cb7100116d712d8aa9df8965502000d55b01a7d6935789a3ca3e1c7
sha512sums = SKIP
- sha512sums = ef4f23087371a7f661d9e052e16412a7062ad0feb7eaafc48a17e7f7c53e133ac7de78d093bc7334da470621091ceea04ff95252f662b2db8fa3f63b5c0ee5ef
+ sha512sums = 8eedd803337f0746ccc712acd868e08a4ef0ae9eaafe878faa25fb06087c5a79ac91874b2c8811b65a0f8b46d2eb04bf54dd7a8de8e9d930be344edec7b73780
sha512sums = 7a80f858c32a9dd62f43aba0b7119a1196869216117164bcde24ab46022e8a1bbe27821faa26ca690a1633a5a9fe324e98e5cdf14f37591d569cbc71f542482d
sha512sums = c57a6c8d9978cb6a1034bed33ba5e06bef9b134f22113761798d4fa46e8091e7b0bd26f3a14d79122ba780b2f7a93ca26850f4da6a654f81b34cc79c242f683f
sha512sums = db9080b2548e4dcd61eaaf20cd7d37cbbc8c204ce85a2e3408d0671f6b26010f77a61affd2c77e809768714eca29d3afb64765a3f2099317a2c928eff3feb4cf
diff --git a/.gitignore b/.gitignore
index 04340ad2739..e89bb574745 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,8 +4,8 @@
/*.part
/linux-*.tar.xz
/linux-*.tar.sign
-/patch-*.xz
-/patch-*.sign
+/linux-hardened-*.patch
+/linux-hardened-*.patch.sig
/*.diff
/*.log
/*.src.tar.gz
diff --git a/PKGBUILD b/PKGBUILD
index 6fb2ec54ccd..5cb5950dd86 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -5,7 +5,9 @@ pkgname=linux-linode
_basekernel=4.17
_kernelname=${pkgname#linux}
_srcname=linux-${_basekernel}
-pkgver=${_basekernel}.11
+_patchname=linux-hardened
+_hardenedver=a
+pkgver=${_basekernel}.15.${_hardenedver}
pkgrel=1
arch=('x86_64')
url="https://github.com/yardenac/linux-linode"
@@ -13,7 +15,7 @@ license=(GPL2)
makedepends=(xmlto docbook-xsl kmod inetutils bc libelf)
options=('!strip')
source=("https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar."{xz,sign}
- "https://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}."{xz,sign}
+ "https://github.com/anthraxx/${_patchname}/releases/download/${pkgver}/${_patchname}-${pkgver}.patch"{,.sig}
'config'
'08_linux_linode'
'98-linux-linode.hook'
@@ -21,24 +23,24 @@ source=("https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar."{xz,sign}
'menu.lst'
'preset')
sha512sums=('4d9de340a26155a89ea8773131c76220cc2057f2b5d031b467b60e8b14c1842518e2d60a863d8c695f0f7640f3f18d43826201984a238dade857b6cef79837db' 'SKIP'
- '6cab8f1aecceb0491dca25afa088f9601178c8dfec51551afd34e219600bba54f65f929d9a10948cdb5595e339e096473127b55b1142e6dbe9a818149bec307d' 'SKIP'
- 'ef4f23087371a7f661d9e052e16412a7062ad0feb7eaafc48a17e7f7c53e133ac7de78d093bc7334da470621091ceea04ff95252f662b2db8fa3f63b5c0ee5ef'
+ 'fa5d1d4b63f0651489cb2679c0296c83fc1c167e2b399e8a64c8abd9c2aa073c7fb570948cb7100116d712d8aa9df8965502000d55b01a7d6935789a3ca3e1c7' 'SKIP'
+ '8eedd803337f0746ccc712acd868e08a4ef0ae9eaafe878faa25fb06087c5a79ac91874b2c8811b65a0f8b46d2eb04bf54dd7a8de8e9d930be344edec7b73780'
'7a80f858c32a9dd62f43aba0b7119a1196869216117164bcde24ab46022e8a1bbe27821faa26ca690a1633a5a9fe324e98e5cdf14f37591d569cbc71f542482d'
'c57a6c8d9978cb6a1034bed33ba5e06bef9b134f22113761798d4fa46e8091e7b0bd26f3a14d79122ba780b2f7a93ca26850f4da6a654f81b34cc79c242f683f'
'db9080b2548e4dcd61eaaf20cd7d37cbbc8c204ce85a2e3408d0671f6b26010f77a61affd2c77e809768714eca29d3afb64765a3f2099317a2c928eff3feb4cf'
'73cb4c064d8942fddaac48158b7e77d19afc1cb61f83936f21832ba7d7266ccfd3021114252edd5cec5542096204f48cf30544fd6bffff79bc94d96fabe74f52'
'62870a08f000abfe8eb1f50271afdf04686af108554f7629dc5e1d7610ad14bdc9cd14d2609270b83f9edb745a520b81fa7bfb92ebcc28a146df040c895b549b')
sha256sums=('9faa1dd896eaea961dc6e886697c0b3301277102e5bc976b2758f9a62d3ccd13' 'SKIP'
- '1345bf04742096c50eff4de6ba2a2c07ba8779e3c46373cd8076475c36f2e7b0' 'SKIP'
- '79ccb076b9957f58e38cd24002db055c7df5605130dd2ed97647ef7ca4323088'
+ '9942ac22490800fada20d8a4d674ad3cd81146f122159fd6e89b921076118b0c' 'SKIP'
+ '75fe99352aeb24158e3270e23d76c4559809148acbd2446ade532d97c25beaa0'
'7d56a81083d1468d90ebec97a44ec44f80f8cb87bd506ed1918d6664d6309ad5'
'3efa91fcb4698bde0598678bbf9a4a747c011823af82704eed2c146ed7cd9734'
'368fb58e7aa465f597e9a72da4b6eea4183c1a85242173412d54ad18d10d8fb3'
'a055b6005a324240b35c416d9d08fba21c5f614eefb46f244035d04bf085224f'
'29fa2c1ea75f55a61276496507b788b1a8bde1d7c16bee4f525651db34076e46')
md5sums=('5bb13a03274b66b56c85b26682e407d7' 'SKIP'
- 'd11e0c49f8381d0656f0838310f27a0f' 'SKIP'
- '35ef3de15ad6b81e8bb76b47ca946652'
+ '75374aab3601eae996162d844d0619a8' 'SKIP'
+ 'aaf4606a7ee4bd418569a012070eaeb1'
'bc30565cf444b710c252675cf65fb46e'
'c52c29a8502f6c75e309208f0afab11f'
'625481f015365febcd65aa136ee555f9'
@@ -47,6 +49,7 @@ md5sums=('5bb13a03274b66b56c85b26682e407d7' 'SKIP'
validpgpkeys=(
'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linux Torvalds
'647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman
+ 'E240B57E2C4630BA768E2F26FC1B547C8D8172C8' # Levente Polyak
)
pkgdesc="Kernel for Linode servers"
depends=('coreutils' 'linux-firmware' 'kmod' 'mkinitcpio>=0.7' 'grub')
@@ -57,7 +60,7 @@ install=install
prepare() {
cd "${srcdir}/${_srcname}"
- patch -p1 -i "${srcdir}/patch-${pkgver}"
+ patch -p1 -i "${srcdir}/${_patchname}-${pkgver}.patch"
cat "${srcdir}/config" - > ./.config <<-EOF
CONFIG_LOCALVERSION="${_kernelname}"
CONFIG_LOCALVERSION_AUTO=n
diff --git a/config b/config
index 8d176cf9bd5..2d661730b36 100644
--- a/config
+++ b/config
@@ -187,6 +187,7 @@ CONFIG_RD_LZO=y
CONFIG_RD_LZ4=y
# CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE is not set
CONFIG_CC_OPTIMIZE_FOR_SIZE=y
+CONFIG_LOCAL_INIT=y
CONFIG_SYSCTL=y
CONFIG_ANON_INODES=y
CONFIG_HAVE_UID16=y
@@ -244,6 +245,10 @@ CONFIG_SLUB=y
# CONFIG_SLAB_MERGE_DEFAULT is not set
CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB_FREELIST_HARDENED=y
+CONFIG_SLAB_HARDENED=y
+CONFIG_SLAB_CANARY=y
+CONFIG_SLAB_SANITIZE=y
+CONFIG_SLAB_SANITIZE_VERIFY=y
CONFIG_SLUB_CPU_PARTIAL=y
# CONFIG_PROFILING is not set
CONFIG_CRASH_CORE=y
@@ -2942,6 +2947,8 @@ CONFIG_KEYS_COMPAT=y
CONFIG_ENCRYPTED_KEYS=y
# CONFIG_KEY_DH_OPERATIONS is not set
# CONFIG_SECURITY_DMESG_RESTRICT is not set
+CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y
+CONFIG_SECURITY_TIOCSTI_RESTRICT=y
CONFIG_SECURITY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y
@@ -2953,6 +2960,9 @@ CONFIG_HARDENED_USERCOPY=y
CONFIG_HARDENED_USERCOPY_FALLBACK=y
# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set
CONFIG_FORTIFY_SOURCE=y
+# CONFIG_FORTIFY_SOURCE_STRICT_STRING is not set
+CONFIG_PAGE_SANITIZE=y
+CONFIG_PAGE_SANITIZE_VERIFY=y
# CONFIG_STATIC_USERMODEHELPER is not set
# CONFIG_SECURITY_SELINUX is not set
# CONFIG_SECURITY_SMACK is not set