diff options
| author | Figue | 2019-12-31 19:39:52 +0100 |
|---|---|---|
| committer | Figue | 2019-12-31 19:39:52 +0100 |
| commit | 8f1fe4265c275dfe36b5e2b099a90f961bf3d2a4 (patch) | |
| tree | cddaf8235ed81e5d47b4a6a514e2d1625e38ff0e | |
| parent | c8c810b70589a24a46950affb5d2cd815c789d4d (diff) | |
| download | aur-8f1fe4265c275dfe36b5e2b099a90f961bf3d2a4.tar.gz | |
5.4.5-rt3-xanmod
| -rw-r--r-- | .SRCINFO | 23 | ||||
| -rw-r--r-- | 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch | 102 | ||||
| -rw-r--r-- | 60-linux.hook | 12 | ||||
| -rw-r--r-- | 90-linux.hook | 11 | ||||
| -rw-r--r-- | PKGBUILD | 91 | ||||
| -rw-r--r-- | linux-xanmod-rt.preset | 14 | ||||
| -rw-r--r-- | linux.install | 13 |
7 files changed, 28 insertions, 238 deletions
@@ -1,6 +1,6 @@ pkgbase = linux-xanmod-rt - pkgver = 4.19.82 - pkgrel = 2 + pkgver = 5.4.5 + pkgrel = 1 url = http://www.xanmod.org/ arch = x86_64 license = GPL2 @@ -16,33 +16,20 @@ pkgbase = linux-xanmod-rt makedepends = imagemagick makedepends = cpio options = !strip - source = https://github.com/xanmod/linux/archive/4.19.82-rt30-xanmod_rev2.tar.gz - source = 60-linux.hook - source = 90-linux.hook - source = linux-xanmod-rt.preset + source = https://github.com/xanmod/linux/archive/5.4.5-rt3-xanmod.tar.gz source = choose-gcc-optimization.sh - source = 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch - sha256sums = ced358a87e35ea3bd7d0e62c0518a55bce31104bed7207141a9cd4d94961c40b - sha256sums = ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21 - sha256sums = c043f3033bb781e2688794a59f6d1f7ed49ef9b13eb77ff9a425df33a244a636 - sha256sums = ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65 + sha256sums = c8cb0c5c1a4131c37c8afcbbc73d4fee6891c8d25eb2201a1ac6a048353a93f9 sha256sums = 8b2629f6340d4807c113cd9fa308f50f0a8d85df5698bef083e151f06d58f748 - sha256sums = 112b16c247dae8ff44066fd0268012f9c623d5da349ebd66896e54257b3404a5 pkgname = linux-xanmod-rt pkgdesc = The Linux kernel and modules with Xanmod patches - install = linux.install depends = coreutils depends = linux-firmware depends = kmod depends = mkinitcpio optdepends = crda: to set the correct wireless channels of your country - provides = linux - provides = linux-xanmod - backup = etc/mkinitcpio.d/linux-xanmod-rt.preset + optdepends = linux-firmware: firmware images needed for some devices pkgname = linux-xanmod-rt-headers pkgdesc = Header files and scripts for building modules for Xanmod Linux kernel - provides = linux-headers - provides = linux-xanmod-headers diff --git a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch deleted file mode 100644 index fdcc8faea235..000000000000 --- a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch +++ /dev/null @@ -1,102 +0,0 @@ -From 1ce3e84fdf0b56f477d30acdc8797dedd7330e37 Mon Sep 17 00:00:00 2001 -From: Serge Hallyn <serge.hallyn@canonical.com> -Date: Fri, 31 May 2013 19:12:12 +0100 -Subject: [PATCH 1/2] add sysctl to disallow unprivileged CLONE_NEWUSER by - default - -Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> -[bwh: Remove unneeded binary sysctl bits] -Signed-off-by: Daniel Micay <danielmicay@gmail.com> ---- - kernel/fork.c | 15 +++++++++++++++ - kernel/sysctl.c | 12 ++++++++++++ - kernel/user_namespace.c | 3 +++ - 3 files changed, 30 insertions(+) - -diff --git a/kernel/fork.c b/kernel/fork.c -index f0b58479534f..8b2d927125c5 100644 ---- a/kernel/fork.c -+++ b/kernel/fork.c -@@ -103,6 +103,11 @@ - - #define CREATE_TRACE_POINTS - #include <trace/events/task.h> -+#ifdef CONFIG_USER_NS -+extern int unprivileged_userns_clone; -+#else -+#define unprivileged_userns_clone 0 -+#endif - - /* - * Minimum number of threads to boot the kernel -@@ -1649,6 +1654,10 @@ static __latent_entropy struct task_struct *copy_process( - if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS)) - return ERR_PTR(-EINVAL); - -+ if ((clone_flags & CLONE_NEWUSER) && !unprivileged_userns_clone) -+ if (!capable(CAP_SYS_ADMIN)) -+ return ERR_PTR(-EPERM); -+ - /* - * Thread groups must share signals as well, and detached threads - * can only be started up within the thread group. -@@ -2467,6 +2476,12 @@ int ksys_unshare(unsigned long unshare_flags) - if (unshare_flags & CLONE_NEWNS) - unshare_flags |= CLONE_FS; - -+ if ((unshare_flags & CLONE_NEWUSER) && !unprivileged_userns_clone) { -+ err = -EPERM; -+ if (!capable(CAP_SYS_ADMIN)) -+ goto bad_unshare_out; -+ } -+ - err = check_unshare_flags(unshare_flags); - if (err) - goto bad_unshare_out; -diff --git a/kernel/sysctl.c b/kernel/sysctl.c -index cc02050fd0c4..ce2ad2b92897 100644 ---- a/kernel/sysctl.c -+++ b/kernel/sysctl.c -@@ -105,6 +105,9 @@ extern int core_uses_pid; - extern char core_pattern[]; - extern unsigned int core_pipe_limit; - #endif -+#ifdef CONFIG_USER_NS -+extern int unprivileged_userns_clone; -+#endif - extern int pid_max; - extern int pid_max_min, pid_max_max; - extern int percpu_pagelist_fraction; -@@ -514,6 +517,15 @@ static struct ctl_table kern_table[] = { - .proc_handler = proc_dointvec, - }, - #endif -+#ifdef CONFIG_USER_NS -+ { -+ .procname = "unprivileged_userns_clone", -+ .data = &unprivileged_userns_clone, -+ .maxlen = sizeof(int), -+ .mode = 0644, -+ .proc_handler = proc_dointvec, -+ }, -+#endif - #ifdef CONFIG_PROC_SYSCTL - { - .procname = "tainted", -diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c -index 923414a246e9..6b9dbc257e34 100644 ---- a/kernel/user_namespace.c -+++ b/kernel/user_namespace.c -@@ -26,6 +26,9 @@ - #include <linux/bsearch.h> - #include <linux/sort.h> - -+/* sysctl */ -+int unprivileged_userns_clone; -+ - static struct kmem_cache *user_ns_cachep __read_mostly; - static DEFINE_MUTEX(userns_state_mutex); - --- -2.19.1 - diff --git a/60-linux.hook b/60-linux.hook deleted file mode 100644 index b33873c854fb..000000000000 --- a/60-linux.hook +++ /dev/null @@ -1,12 +0,0 @@ -[Trigger] -Type = File -Operation = Install -Operation = Upgrade -Operation = Remove -Target = usr/lib/modules/%KERNVER%/* -Target = usr/lib/modules/%EXTRAMODULES%/* - -[Action] -Description = Updating %PKGBASE% module dependencies... -When = PostTransaction -Exec = /usr/bin/depmod %KERNVER% diff --git a/90-linux.hook b/90-linux.hook deleted file mode 100644 index fca45abe1a62..000000000000 --- a/90-linux.hook +++ /dev/null @@ -1,11 +0,0 @@ -[Trigger] -Type = File -Operation = Install -Operation = Upgrade -Target = usr/lib/modules/%KERNVER%/vmlinuz -Target = usr/lib/initcpio/* - -[Action] -Description = Updating %PKGBASE% initcpios... -When = PostTransaction -Exec = /usr/bin/mkinitcpio -p %PKGBASE% @@ -42,10 +42,10 @@ if [ -z ${use_pds+x} ]; then fi pkgbase=linux-xanmod-rt -pkgver=4.19.82 -xanmod=30 -pkgrel=2 -_rev=_rev2 +pkgver=5.4.5 +xanmod=3 +pkgrel=1 +_rev= arch=(x86_64) url="http://www.xanmod.org/" license=(GPL2) @@ -57,32 +57,23 @@ options=('!strip') _srcname="linux-${pkgver}-rt${xanmod}-xanmod${_rev}" source=(https://github.com/xanmod/linux/archive/${pkgver}-rt${xanmod}-xanmod${_rev}.tar.gz - 60-linux.hook # pacman hook for depmod - 90-linux.hook # pacman hook for initramfs regeneration - ${pkgbase}.preset # standard config files for mkinitcpio ramdisk choose-gcc-optimization.sh - 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch # Grabbed from linux-ck package ) -sha256sums=('ced358a87e35ea3bd7d0e62c0518a55bce31104bed7207141a9cd4d94961c40b' - 'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21' - 'c043f3033bb781e2688794a59f6d1f7ed49ef9b13eb77ff9a425df33a244a636' - 'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65' - '8b2629f6340d4807c113cd9fa308f50f0a8d85df5698bef083e151f06d58f748' - '112b16c247dae8ff44066fd0268012f9c623d5da349ebd66896e54257b3404a5') +sha256sums=('c8cb0c5c1a4131c37c8afcbbc73d4fee6891c8d25eb2201a1ac6a048353a93f9' + '8b2629f6340d4807c113cd9fa308f50f0a8d85df5698bef083e151f06d58f748') -_kernelname=${pkgbase#linux} +export KBUILD_BUILD_HOST=archlinux +export KBUILD_BUILD_USER=$pkgbase +export KBUILD_BUILD_TIMESTAMP="$(date -Ru${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH})" prepare() { cd $_srcname - # Workaround GCC 9 build, source: https://www.linuxquestions.org/questions/slackware-14/make-linux-4-19-42-error-4175653720/ - export LANG=en_US.UTF-8 - msg2 "Setting version..." scripts/setlocalversion --save-scmversion echo "-$pkgrel" > localversion.10-pkgrel - echo "$_kernelname" > localversion.20-pkgname + echo "${pkgbase#linux}" > localversion.20-pkgname # Archlinux patches local src @@ -119,7 +110,7 @@ prepare() { fi # Let's user choose microarchitecture optimization in GCC - ${srcdir}/choose-gcc-optimization.sh $_microarchitecture + sh ${srcdir}/choose-gcc-optimization.sh $_microarchitecture # This is intended for the people that want to build this package with their own config # Put the file "myconfig" at the package folder to use this feature @@ -130,8 +121,8 @@ prepare() { make olddefconfig - make -s kernelrelease > ../version - msg2 "Prepared %s version %s" "$pkgbase" "$(<../version)" + make -s kernelrelease > version + msg2 "Prepared %s version %s" "$pkgbase" "$(<version)" } build() { @@ -142,73 +133,40 @@ build() { _package() { pkgdesc="The Linux kernel and modules with Xanmod patches" depends=(coreutils linux-firmware kmod mkinitcpio) - optdepends=('crda: to set the correct wireless channels of your country') - provides=('linux' 'linux-xanmod') - #replaces=('linux-xanmod-git') - #conflicts=('linux-xanmod-git') - backup=("etc/mkinitcpio.d/$pkgbase.preset") - install=linux.install + optdepends=('crda: to set the correct wireless channels of your country' + 'linux-firmware: firmware images needed for some devices') + cd $_srcname local kernver="$(<version)" local modulesdir="$pkgdir/usr/lib/modules/$kernver" - cd $_srcname - msg2 "Installing boot image..." # systemd expects to find the kernel here to allow hibernation # https://github.com/systemd/systemd/commit/edda44605f06a41fb86b7ab8128dcf99161d2344 install -Dm644 "$(make -s image_name)" "$modulesdir/vmlinuz" - install -Dm644 "$modulesdir/vmlinuz" "$pkgdir/boot/vmlinuz-$pkgbase" + + # Used by mkinitcpio to name the kernel + echo "$pkgbase" | install -Dm644 /dev/stdin "$modulesdir/pkgbase" msg2 "Installing modules..." make INSTALL_MOD_PATH="$pkgdir/usr" modules_install - # a place for external modules, - # with version file for building modules and running depmod from hook - local extramodules="extramodules$_kernelname" - local extradir="$pkgdir/usr/lib/modules/$extramodules" - install -Dt "$extradir" -m644 ../version - ln -sr "$extradir" "$modulesdir/extramodules" - # remove build and source links rm "$modulesdir"/{source,build} - msg2 "Installing hooks..." - # sed expression for following substitutions - local subst=" - s|%PKGBASE%|$pkgbase|g - s|%KERNVER%|$kernver|g - s|%EXTRAMODULES%|$extramodules|g - " - - # hack to allow specifying an initially nonexisting install file - sed "$subst" "$startdir/$install" > "$startdir/$install.pkg" - true && install=$install.pkg - - # fill in mkinitcpio preset and pacman hooks - sed "$subst" ../$pkgbase.preset | install -Dm644 /dev/stdin \ - "$pkgdir/etc/mkinitcpio.d/$pkgbase.preset" - sed "$subst" ../60-linux.hook | install -Dm644 /dev/stdin \ - "$pkgdir/usr/share/libalpm/hooks/60-$pkgbase.hook" - sed "$subst" ../90-linux.hook | install -Dm644 /dev/stdin \ - "$pkgdir/usr/share/libalpm/hooks/90-$pkgbase.hook" - msg2 "Fixing permissions..." chmod -Rc u=rwX,go=rX "$pkgdir" } _package-headers() { pkgdesc="Header files and scripts for building modules for Xanmod Linux kernel" - provides=('linux-headers' 'linux-xanmod-headers') - #replaces=('linux-xanmod-git-headers') - #conflicts=('linux-xanmod-git-headers') - - local builddir="$pkgdir/usr/lib/modules/$(<version)/build" cd $_srcname + local builddir="$pkgdir/usr/lib/modules/$(<version)/build" msg2 "Installing build files..." - install -Dt "$builddir" -m644 Makefile .config Module.symvers System.map vmlinux + install -Dt "$builddir" -m644 .config Makefile Module.symvers System.map \ + localversion.* version vmlinux install -Dt "$builddir/kernel" -m644 kernel/Makefile install -Dt "$builddir/arch/x86" -m644 arch/x86/Makefile cp -t "$builddir" -a scripts @@ -219,9 +177,6 @@ _package-headers() { # add xfs and shmem for aufs building mkdir -p "$builddir"/{fs/xfs,mm} - # ??? - mkdir "$builddir/.tmp_versions" - msg2 "Installing headers..." cp -t "$builddir" -a include cp -t "$builddir/arch/x86" -a arch/x86/include @@ -275,7 +230,7 @@ _package-headers() { msg2 "Adding symlink..." mkdir -p "$pkgdir/usr/src" - ln -sr "$builddir" "$pkgdir/usr/src/$pkgbase-$pkgver" + ln -sr "$builddir" "$pkgdir/usr/src/$pkgbase" msg2 "Fixing permissions..." chmod -Rc u=rwX,go=rX "$pkgdir" diff --git a/linux-xanmod-rt.preset b/linux-xanmod-rt.preset deleted file mode 100644 index 66709a8c1537..000000000000 --- a/linux-xanmod-rt.preset +++ /dev/null @@ -1,14 +0,0 @@ -# mkinitcpio preset file for the '%PKGBASE%' package - -ALL_config="/etc/mkinitcpio.conf" -ALL_kver="/boot/vmlinuz-%PKGBASE%" - -PRESETS=('default' 'fallback') - -#default_config="/etc/mkinitcpio.conf" -default_image="/boot/initramfs-%PKGBASE%.img" -#default_options="" - -#fallback_config="/etc/mkinitcpio.conf" -fallback_image="/boot/initramfs-%PKGBASE%-fallback.img" -fallback_options="-S autodetect" diff --git a/linux.install b/linux.install deleted file mode 100644 index 372c56d9fd04..000000000000 --- a/linux.install +++ /dev/null @@ -1,13 +0,0 @@ -# arg 1: the new package version -# arg 2: the old package version - -post_upgrade() { - if findmnt --fstab -uno SOURCE /boot &>/dev/null && ! mountpoint -q /boot; then - echo "WARNING: /boot appears to be a separate partition but is not mounted." - fi -} - -post_remove() { - rm -f boot/initramfs-%PKGBASE%.img - rm -f boot/initramfs-%PKGBASE%-fallback.img -} |