diff options
author | V3n3RiX <venerix@koprulu.sector> | 2022-03-20 00:40:44 +0000 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2022-03-20 00:40:44 +0000 |
commit | 4cbcc855382a06088e2f016f62cafdbcb7e40665 (patch) | |
tree | 356496503d52354aa6d9f2d36126302fed5f3a73 /app-antivirus/lkrg | |
parent | fcc5224904648a8e6eb528d7603154160a20022f (diff) |
gentoo resync : 20.03.2022
Diffstat (limited to 'app-antivirus/lkrg')
-rw-r--r-- | app-antivirus/lkrg/Manifest | 5 | ||||
-rw-r--r-- | app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch | 23 | ||||
-rw-r--r-- | app-antivirus/lkrg/lkrg-0.9.2.ebuild | 40 | ||||
-rw-r--r-- | app-antivirus/lkrg/metadata.xml | 11 |
4 files changed, 79 insertions, 0 deletions
diff --git a/app-antivirus/lkrg/Manifest b/app-antivirus/lkrg/Manifest new file mode 100644 index 000000000000..58abb30508d0 --- /dev/null +++ b/app-antivirus/lkrg/Manifest @@ -0,0 +1,5 @@ +AUX lkrg-0.9.2-systemd-coredump-umh-whitelist.patch 1052 BLAKE2B 6cf0af6b59026b1526f85f6db4a6c6b936add6b0f612a38a06eefb1de9363e57417c03c69e770be1c5e3da0fdb1f0382e862154e84c9828526dbca7c813bdadb SHA512 daba60c48e68ea8c0102424fd20c1eca360ffb1ce8eec25bd52935b5f2b5c0b6936fb3476fc941a27cef7fe4dc3be3446a8424f48e3bedf856e70fb56bd267c8 +DIST lkrg-0.9.2.tar.gz 125976 BLAKE2B c3da2d4599c9dd5b7d6fbec426fd93d802715f6c8566471f82c8f1c7d31621ebb4a2cc4c285d076aad6a6ee6b1bb790debbb365cfc6220192df049ac1d3c67a9 SHA512 5fec807618817bcb516e1a6779def6979badbdac6fe9b38fcce8425a0c7ebe3fb55c05d3080d8cac2d67cac6e8b7d2d77b3a1be450227299e2a02a311e223331 +DIST lkrg-0.9.2.tar.gz.sign 801 BLAKE2B 0cd8b18c8a0fbcca61ffa868b406d048461ddf9189fb08f15faa45e01b8731906a6b14105dfcf92bb5124373860f6695594063ee8d138c94c70adf471bc15e0a SHA512 18b547ca84a7fd2957484857e17983408e92fd005d58b77b399c5156ecb09fc5e9e6c910337654a2655883d103098c1769b1993017eec753bd21e63d6491ad04 +EBUILD lkrg-0.9.2.ebuild 1026 BLAKE2B 6fb93f1537b995dc893095d87b8a40b531f39486ccfca6cb5f58a371ae4bd9d620757a5040d6697860ba48010952f1999b3fb26249c2f5be2ad0961beb80f169 SHA512 d69194399c394b528e51b4e9f2a63ebe80f92bbf6eca3208d43b51c3931975f1fc15eb3b0cc5e31c58895a2aeedf13ab2eab00a527c363eceec9b1940cc3facd +MISC metadata.xml 326 BLAKE2B 01848278e317c44c65d36ffb73d68b87981796f69301447a32ea47f93bc1fda9ca82e7b8036310e733bf1f0ab67a4e31868e48e0c720023a016ae9f743b72f59 SHA512 afa115a36eeb4290c82de2be302f5432294beb26e3d4709de0c67df693694bcdd73573ca24b404493af492e958698c257f4b48395c29d4ab46a9796e871bcc3a diff --git a/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch b/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch new file mode 100644 index 000000000000..438784aff16e --- /dev/null +++ b/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch @@ -0,0 +1,23 @@ +commit 7939aa03e00e7e48781d405743e2f2d31fca113b +Author: John Helmert III <ajak@gentoo.org> +Date: Fri Jan 7 01:46:35 2022 -0600 + + Add non-usr-merged systemd-coredump to UMH whitelist + + Some distributions haven't merged /usr yet, so add the alternative + path for systemd-coredump. + + Signed-off-by: John Helmert III <ajak@gentoo.org> + +diff --git a/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c b/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c +index ac2a737..7387135 100644 +--- a/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c ++++ b/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c +@@ -45,6 +45,7 @@ static const char * const p_umh_global[] = { + "/etc/acpi/events/RadioPower.sh", + "/etc/acpi/wireless-rtl-ac-dc-power.sh", + "/lib/systemd/systemd-cgroups-agent", ++ "/lib/systemd/systemd-coredump", + "/sbin/bridge-stp", + "/sbin/critical_overtemp", + "/sbin/drbdadm", diff --git a/app-antivirus/lkrg/lkrg-0.9.2.ebuild b/app-antivirus/lkrg/lkrg-0.9.2.ebuild new file mode 100644 index 000000000000..05421d7d8ec1 --- /dev/null +++ b/app-antivirus/lkrg/lkrg-0.9.2.ebuild @@ -0,0 +1,40 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit linux-mod linux-info verify-sig + +DESCRIPTION="Linux Kernel Runtime Guard" +HOMEPAGE="https://lkrg.org" +SRC_URI="https://lkrg.org/download/${P}.tar.gz + verify-sig? ( https://lkrg.org/download/${P}.tar.gz.sign )" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64" + +BDEPEND="verify-sig? ( sec-keys/openpgp-keys-openwall )" + +PATCHES=( "${FILESDIR}/${PN}-${PV}-systemd-coredump-umh-whitelist.patch" ) + +MODULE_NAMES="p_lkrg(misc:${S}:${S})" +VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openwall.asc" + +pkg_setup() { + CONFIG_CHECK="HAVE_KRETPROBES KALLSYMS_ALL KPROBES JUMP_LABEL" + CONFIG_CHECK+=" MODULE_UNLOAD !PREEMPT_RT ~STACKTRACE" + linux-mod_pkg_setup + + # compile against selected (not running) target + BUILD_PARAMS="P_KVER=${KV_FULL} P_KERNEL=${KERNEL_DIR}" + BUILD_TARGETS="all" +} + +src_unpack() { + if use verify-sig; then + verify-sig_verify_detached ${DISTDIR}/${P}.tar.gz{,.sign} + fi + + default +} diff --git a/app-antivirus/lkrg/metadata.xml b/app-antivirus/lkrg/metadata.xml new file mode 100644 index 000000000000..e9dbfa382604 --- /dev/null +++ b/app-antivirus/lkrg/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>ajak@gentoo.org</email> + <name>John Helmert III</name> + </maintainer> + <upstream> + <remote-id type="github">lkrg-org/lkrg</remote-id> + </upstream> +</pkgmetadata> |