From fab849d1daed0ba7f2ac497d07985c3dbb692543 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 16 Jun 2019 21:23:20 +0100 Subject: gentoo resync : 16.06.2019 --- sys-apps/kmod/Manifest | 3 +- sys-apps/kmod/files/kmod-26-libressl.patch | 143 +++++++++++++++++++++ sys-apps/kmod/kmod-26-r1.ebuild | 200 +++++++++++++++++++++++++++++ sys-apps/kmod/kmod-26.ebuild | 193 ---------------------------- 4 files changed, 345 insertions(+), 194 deletions(-) create mode 100644 sys-apps/kmod/files/kmod-26-libressl.patch create mode 100644 sys-apps/kmod/kmod-26-r1.ebuild delete mode 100644 sys-apps/kmod/kmod-26.ebuild (limited to 'sys-apps/kmod') diff --git a/sys-apps/kmod/Manifest b/sys-apps/kmod/Manifest index 4792b6da957c..2af1c9a8ef81 100644 --- a/sys-apps/kmod/Manifest +++ b/sys-apps/kmod/Manifest @@ -1,7 +1,8 @@ +AUX kmod-26-libressl.patch 4014 BLAKE2B db7a2ce3206210cd0358d136c8d0568dae077399075164320ff608ca6ba5f1bca16d206ca975d8f5f9977ec80fcfed5b81146f9649d61e8e88f5f8589368ab1e SHA512 b5d26fda11398d4877821cbe8bd36967bec095d6e6c2489ec8aa4ef968795f0e238a74e2a9c4db8435fc176dc046920a365771a387a25cb1d0ea763210a92483 AUX kmod-static-nodes-r1 500 BLAKE2B 44ae03377e6cc7b5a271063828fcb39ec6925d82e52207771e1b6b4f921d0a07e51e97a8e6f432b542d88fb0195e1298cd54ba92d462a828ddd94dab7f924eb3 SHA512 8210d90f5d0702aea626b6db00adbabbd550009d8275fe430c8b113fcb0593a4dfb9efb22c061dde259e1bd94390be49823415d3fd99909e22a2bbf7ae349f63 DIST kmod-25.tar.xz 545416 BLAKE2B 2ad428f70630a1ef509be888a9ebc45f164695365f0f722f5e7793e96b60c035040b4d9a27f926361cea6d665310fc6cc5599ff4aefeda0fae8571c6510a25a7 SHA512 d579cd0cea24a06362a74927b7a3c777e9e01c990306e1032e4781cd441ffe435c70f2c2c4f6ae39eb1d857e622746411d5824d0c0d8bb79f91dc9fa51956252 DIST kmod-26.tar.xz 552032 BLAKE2B 3e596d06b48599bf4919346475a036b058fb18a7b19d39953e24fa943b95fdbe34a29a5062f6b4fe3510e667ae873d3b9ae03b72350fa85ddbb40ca6a7730b34 SHA512 3ca276c6fc13c2dd2220ec528b8dc4ab4edee5d2b22e16b6f945c552e51f74342c01c33a53740e6af8c893d42bd4d6f629cd8fa6e15ef8bd8da30cb003ef0865 EBUILD kmod-25.ebuild 4913 BLAKE2B f17beda49f104502c22d5f1e83b36b0869829460be48a3d30edec854891b836c185afa85cd46d36279fea0cb01415038e0a2682037638a3723d86b6b51bc4b5c SHA512 ff8089459817c08226c91243aa8582e4a275b813b5569f6dcd2c591bade7db8832c38cb21736e50f8440eeb3b734197c3971b63e3e0899a6baf8f8dcf7f074ff -EBUILD kmod-26.ebuild 5009 BLAKE2B 545bdf26a17842acedfe60417b159cbd6087da5eb694f35d3ead332609575f15595e6ae36077169fe9af9015981d1352494661e57c063484b73382be9a66fc92 SHA512 138a6c74662bd99b6785573970c7791c9e6ef838fd9a3e09eec7c6c2b9582fe1fce69061ba90d49a304e3ac32585f36142ae3dfcbb637297cdcdcb4279de4186 +EBUILD kmod-26-r1.ebuild 5134 BLAKE2B e663244e433893ba30b1776258257d30a26beb87607553cf48688f3989b0675d186bbc8ee6c639ca139396db42311021f6818b177c15f61b6a62bc9660f68b12 SHA512 f025735f5ce30d16d2560660a2d781091940cfb517fd7f6100aaf470055b9f4185bdf282e98b065e35180b68adcca7f98fb0c035d9ac25607735a1e239a9b17c EBUILD kmod-9999.ebuild 5002 BLAKE2B f5d77bb0b1bc1b55886a7e31b52bd922e616b080d1ee710d889e6465685a8b47c74500d2852dba03d8068abe5def621628c63ed5e7c096b28f449f7ce0755729 SHA512 2df4cf048aa392368c00f338d5fd46382cc7b362717d6fec5e2efb6f6c38f9783201aecfbf54db02f2e3275cb8dfa6e53aeb8a59f7acedbebedddd0e45ca0172 MISC metadata.xml 540 BLAKE2B ec5ee262fe76215688d99e32778848e71de5825f488eea2219e076290e020aa86de6138ab8366d5e077d44797789a27c22fea1c64f9c6e2713cf315b4b891455 SHA512 c4f47a77dfa7bc4cbaa61744fc46c5547763b51b48521cd229ac89680325ecbf415bd9e1ce9c71982ea721d0d5c4cf3677a0f70e8dad65235f523840cd14de94 diff --git a/sys-apps/kmod/files/kmod-26-libressl.patch b/sys-apps/kmod/files/kmod-26-libressl.patch new file mode 100644 index 000000000000..cb36ab401c21 --- /dev/null +++ b/sys-apps/kmod/files/kmod-26-libressl.patch @@ -0,0 +1,143 @@ +From 628677e066198d8658d7edd5511a5bb27cd229f5 Mon Sep 17 00:00:00 2001 +From: Stefan Strogin +Date: Sun, 19 May 2019 03:42:01 +0300 +Subject: [PATCH] libkmod-signature: use PKCS#7 instead of CMS + +Linux uses either PKCS #7 or CMS for signing modules (see +scripts/sign-file.c). CMS is not supported by LibreSSL or older OpenSSL, +so PKCS #7 is used on systems with these libcrypto providers. + +CMS and PKCS #7 formats are very similar. CMS is newer but is as much as +possible backward compatible with PKCS #7 [1]. PKCS #7 is supported in +the latest OpenSSL as well as CMS. The fields used for signing kernel +modules are supported both in PKCS #7 and CMS. + +For now modinfo uses CMS with no alternative requiring OpenSSL 1.1.0 or +newer. + +Use PKCS #7 for parsing module signature information, so that modinfo +could be used both with OpenSSL and LibreSSL. + +[1] https://tools.ietf.org/html/rfc5652#section-1.1 + +Changes v1->v2: +- Don't use ifdefs for keeping redundant CMS code, just use PKCS #7 both +with OpenSSL and LibreSSL. + +Upstream-Status: Accepted +[https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git/commit/?id=628677e066198d8658d7edd5511a5bb27cd229f5] +Signed-off-by: Stefan Strogin +--- + libkmod/libkmod-signature.c | 37 +++++++++++++++++++------------------ + 1 file changed, 19 insertions(+), 18 deletions(-) + +diff --git a/libkmod/libkmod-signature.c b/libkmod/libkmod-signature.c +index 48d0145..4e8748c 100644 +--- a/libkmod/libkmod-signature.c ++++ b/libkmod/libkmod-signature.c +@@ -20,7 +20,7 @@ + #include + #include + #ifdef ENABLE_OPENSSL +-#include ++#include + #include + #endif + #include +@@ -122,7 +122,7 @@ static bool fill_default(const char *mem, off_t size, + #ifdef ENABLE_OPENSSL + + struct pkcs7_private { +- CMS_ContentInfo *cms; ++ PKCS7 *pkcs7; + unsigned char *key_id; + BIGNUM *sno; + }; +@@ -132,7 +132,7 @@ static void pkcs7_free(void *s) + struct kmod_signature_info *si = s; + struct pkcs7_private *pvt = si->private; + +- CMS_ContentInfo_free(pvt->cms); ++ PKCS7_free(pvt->pkcs7); + BN_free(pvt->sno); + free(pvt->key_id); + free(pvt); +@@ -197,11 +197,10 @@ static bool fill_pkcs7(const char *mem, off_t size, + struct kmod_signature_info *sig_info) + { + const char *pkcs7_raw; +- CMS_ContentInfo *cms; +- STACK_OF(CMS_SignerInfo) *sis; +- CMS_SignerInfo *si; +- int rc; +- ASN1_OCTET_STRING *key_id; ++ PKCS7 *pkcs7; ++ STACK_OF(PKCS7_SIGNER_INFO) *sis; ++ PKCS7_SIGNER_INFO *si; ++ PKCS7_ISSUER_AND_SERIAL *is; + X509_NAME *issuer; + ASN1_INTEGER *sno; + ASN1_OCTET_STRING *sig; +@@ -220,31 +219,33 @@ static bool fill_pkcs7(const char *mem, off_t size, + + in = BIO_new_mem_buf(pkcs7_raw, sig_len); + +- cms = d2i_CMS_bio(in, NULL); +- if (cms == NULL) { ++ pkcs7 = d2i_PKCS7_bio(in, NULL); ++ if (pkcs7 == NULL) { + BIO_free(in); + return false; + } + + BIO_free(in); + +- sis = CMS_get0_SignerInfos(cms); ++ sis = PKCS7_get_signer_info(pkcs7); + if (sis == NULL) + goto err; + +- si = sk_CMS_SignerInfo_value(sis, 0); ++ si = sk_PKCS7_SIGNER_INFO_value(sis, 0); + if (si == NULL) + goto err; + +- rc = CMS_SignerInfo_get0_signer_id(si, &key_id, &issuer, &sno); +- if (rc == 0) ++ is = si->issuer_and_serial; ++ if (is == NULL) + goto err; ++ issuer = is->issuer; ++ sno = is->serial; + +- sig = CMS_SignerInfo_get0_signature(si); ++ sig = si->enc_digest; + if (sig == NULL) + goto err; + +- CMS_SignerInfo_get0_algs(si, NULL, NULL, &dig_alg, &sig_alg); ++ PKCS7_SIGNER_INFO_get0_algs(si, NULL, &dig_alg, &sig_alg); + + sig_info->sig = (const char *)ASN1_STRING_get0_data(sig); + sig_info->sig_len = ASN1_STRING_length(sig); +@@ -277,7 +278,7 @@ static bool fill_pkcs7(const char *mem, off_t size, + if (pvt == NULL) + goto err3; + +- pvt->cms = cms; ++ pvt->pkcs7 = pkcs7; + pvt->key_id = key_id_str; + pvt->sno = sno_bn; + sig_info->private = pvt; +@@ -290,7 +291,7 @@ err3: + err2: + BN_free(sno_bn); + err: +- CMS_ContentInfo_free(cms); ++ PKCS7_free(pkcs7); + return false; + } + +-- +2.21.0 + diff --git a/sys-apps/kmod/kmod-26-r1.ebuild b/sys-apps/kmod/kmod-26-r1.ebuild new file mode 100644 index 000000000000..a10a6cdda8d6 --- /dev/null +++ b/sys-apps/kmod/kmod-26-r1.ebuild @@ -0,0 +1,200 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +PYTHON_COMPAT=( python{2_7,3_{5,6,7}} ) + +inherit bash-completion-r1 multilib python-r1 + +if [[ ${PV} == 9999* ]]; then + EGIT_REPO_URI="https://git.kernel.org/pub/scm/utils/kernel/${PN}/${PN}.git" + inherit autotools git-r3 +else + SRC_URI="mirror://kernel/linux/utils/kernel/kmod/${P}.tar.xz" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86" + inherit libtool +fi + +DESCRIPTION="library and tools for managing linux kernel modules" +HOMEPAGE="https://git.kernel.org/?p=utils/kernel/kmod/kmod.git" + +LICENSE="LGPL-2" +SLOT="0" +IUSE="debug doc libressl lzma python ssl static-libs +tools zlib" + +# Upstream does not support running the test suite with custom configure flags. +# I was also told that the test suite is intended for kmod developers. +# So we have to restrict it. +# See bug #408915. +RESTRICT="test" + +# Block systemd below 217 for -static-nodes-indicate-that-creation-of-static-nodes-.patch +RDEPEND="!sys-apps/module-init-tools + !sys-apps/modutils + !=app-arch/xz-utils-5.0.4-r1 ) + python? ( ${PYTHON_DEPS} ) + ssl? ( + !libressl? ( >=dev-libs/openssl-1.1.0:0= ) + libressl? ( dev-libs/libressl:0= ) + ) + zlib? ( >=sys-libs/zlib-1.2.6 )" #427130 +DEPEND="${RDEPEND} + doc? ( dev-util/gtk-doc ) + lzma? ( virtual/pkgconfig ) + python? ( + dev-python/cython[${PYTHON_USEDEP}] + virtual/pkgconfig + ) + zlib? ( virtual/pkgconfig )" +if [[ ${PV} == 9999* ]]; then + DEPEND="${DEPEND} + dev-libs/libxslt" +fi + +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +DOCS="NEWS README TODO" + +PATCHES=( + "${FILESDIR}/${P}-libressl.patch" # bug 677960 +) + +src_prepare() { + default + + if [[ ! -e configure ]] ; then + if use doc; then + gtkdocize --copy --docdir libkmod/docs || die + else + touch libkmod/docs/gtk-doc.make + fi + eautoreconf + else + elibtoolize + fi + + # Restore possibility of running --enable-static wrt #472608 + sed -i \ + -e '/--enable-static is not supported by kmod/s:as_fn_error:echo:' \ + configure || die +} + +src_configure() { + local myeconfargs=( + --bindir="${EPREFIX}/bin" + --enable-shared + --with-bashcompletiondir="$(get_bashcompdir)" + --with-rootlibdir="${EPREFIX}/$(get_libdir)" + $(use_enable debug) + $(use_enable doc gtk-doc) + $(use_enable static-libs static) + $(use_enable tools) + $(use_with lzma xz) + $(use_with ssl openssl) + $(use_with zlib) + ) + + local ECONF_SOURCE="${S}" + + kmod_configure() { + mkdir -p "${BUILD_DIR}" || die + run_in_build_dir econf "${myeconfargs[@]}" "$@" + } + + BUILD_DIR="${WORKDIR}/build" + kmod_configure --disable-python + + if use python; then + python_foreach_impl kmod_configure --enable-python + fi +} + +src_compile() { + emake -C "${BUILD_DIR}" + + if use python; then + local native_builddir=${BUILD_DIR} + + python_compile() { + emake -C "${BUILD_DIR}" -f Makefile -f - python \ + VPATH="${native_builddir}:${S}" \ + native_builddir="${native_builddir}" \ + libkmod_python_kmod_{kmod,list,module,_util}_la_LIBADD='$(PYTHON_LIBS) $(native_builddir)/libkmod/libkmod.la' \ + <<< 'python: $(pkgpyexec_LTLIBRARIES)' + } + + python_foreach_impl python_compile + fi +} + +src_install() { + emake -C "${BUILD_DIR}" DESTDIR="${D}" install + einstalldocs + + if use python; then + local native_builddir=${BUILD_DIR} + + python_install() { + emake -C "${BUILD_DIR}" DESTDIR="${D}" \ + VPATH="${native_builddir}:${S}" \ + install-pkgpyexecLTLIBRARIES \ + install-dist_pkgpyexecPYTHON + } + + python_foreach_impl python_install + fi + + find "${ED}" -name "*.la" -delete || die + + if use tools; then + local bincmd sbincmd + for sbincmd in depmod insmod lsmod modinfo modprobe rmmod; do + dosym ../bin/kmod /sbin/${sbincmd} + done + + # These are also usable as normal user + for bincmd in lsmod modinfo; do + dosym kmod /bin/${bincmd} + done + fi + + cat <<-EOF > "${T}"/usb-load-ehci-first.conf + softdep uhci_hcd pre: ehci_hcd + softdep ohci_hcd pre: ehci_hcd + EOF + + insinto /lib/modprobe.d + doins "${T}"/usb-load-ehci-first.conf #260139 + + newinitd "${FILESDIR}"/kmod-static-nodes-r1 kmod-static-nodes +} + +pkg_postinst() { + if [[ -L ${EROOT%/}/etc/runlevels/boot/static-nodes ]]; then + ewarn "Removing old conflicting static-nodes init script from the boot runlevel" + rm -f "${EROOT%/}"/etc/runlevels/boot/static-nodes + fi + + # Add kmod to the runlevel automatically if this is the first install of this package. + if [[ -z ${REPLACING_VERSIONS} ]]; then + if [[ ! -d ${EROOT%/}/etc/runlevels/sysinit ]]; then + mkdir -p "${EROOT%/}"/etc/runlevels/sysinit + fi + if [[ -x ${EROOT%/}/etc/init.d/kmod-static-nodes ]]; then + ln -s /etc/init.d/kmod-static-nodes "${EROOT%/}"/etc/runlevels/sysinit/kmod-static-nodes + fi + fi + + if [[ -e ${EROOT%/}/etc/runlevels/sysinit ]]; then + if [[ ! -e ${EROOT%/}/etc/runlevels/sysinit/kmod-static-nodes ]]; then + ewarn + ewarn "You need to add kmod-static-nodes to the sysinit runlevel for" + ewarn "kernel modules to have required static nodes!" + ewarn "Run this command:" + ewarn "\trc-update add kmod-static-nodes sysinit" + fi + fi +} diff --git a/sys-apps/kmod/kmod-26.ebuild b/sys-apps/kmod/kmod-26.ebuild deleted file mode 100644 index c65b8e722432..000000000000 --- a/sys-apps/kmod/kmod-26.ebuild +++ /dev/null @@ -1,193 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -PYTHON_COMPAT=( python{2_7,3_{5,6,7}} ) - -inherit bash-completion-r1 multilib python-r1 - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="https://git.kernel.org/pub/scm/utils/kernel/${PN}/${PN}.git" - inherit autotools git-r3 -else - SRC_URI="mirror://kernel/linux/utils/kernel/kmod/${P}.tar.xz" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86" - inherit libtool -fi - -DESCRIPTION="library and tools for managing linux kernel modules" -HOMEPAGE="https://git.kernel.org/?p=utils/kernel/kmod/kmod.git" - -LICENSE="LGPL-2" -SLOT="0" -IUSE="debug doc lzma python ssl static-libs +tools zlib" - -# Upstream does not support running the test suite with custom configure flags. -# I was also told that the test suite is intended for kmod developers. -# So we have to restrict it. -# See bug #408915. -RESTRICT="test" - -# Block systemd below 217 for -static-nodes-indicate-that-creation-of-static-nodes-.patch -RDEPEND="!sys-apps/module-init-tools - !sys-apps/modutils - !=app-arch/xz-utils-5.0.4-r1 ) - python? ( ${PYTHON_DEPS} ) - ssl? ( >=dev-libs/openssl-1.1.0:0= ) - zlib? ( >=sys-libs/zlib-1.2.6 )" #427130 -DEPEND="${RDEPEND} - doc? ( dev-util/gtk-doc ) - lzma? ( virtual/pkgconfig ) - python? ( - dev-python/cython[${PYTHON_USEDEP}] - virtual/pkgconfig - ) - zlib? ( virtual/pkgconfig )" -if [[ ${PV} == 9999* ]]; then - DEPEND="${DEPEND} - dev-libs/libxslt" -fi - -REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" - -DOCS="NEWS README TODO" - -src_prepare() { - default - - if [[ ! -e configure ]] ; then - if use doc; then - gtkdocize --copy --docdir libkmod/docs || die - else - touch libkmod/docs/gtk-doc.make - fi - eautoreconf - else - elibtoolize - fi - - # Restore possibility of running --enable-static wrt #472608 - sed -i \ - -e '/--enable-static is not supported by kmod/s:as_fn_error:echo:' \ - configure || die -} - -src_configure() { - local myeconfargs=( - --bindir="${EPREFIX}/bin" - --enable-shared - --with-bashcompletiondir="$(get_bashcompdir)" - --with-rootlibdir="${EPREFIX}/$(get_libdir)" - $(use_enable debug) - $(use_enable doc gtk-doc) - $(use_enable static-libs static) - $(use_enable tools) - $(use_with lzma xz) - $(use_with ssl openssl) - $(use_with zlib) - ) - - local ECONF_SOURCE="${S}" - - kmod_configure() { - mkdir -p "${BUILD_DIR}" || die - run_in_build_dir econf "${myeconfargs[@]}" "$@" - } - - BUILD_DIR="${WORKDIR}/build" - kmod_configure --disable-python - - if use python; then - python_foreach_impl kmod_configure --enable-python - fi -} - -src_compile() { - emake -C "${BUILD_DIR}" - - if use python; then - local native_builddir=${BUILD_DIR} - - python_compile() { - emake -C "${BUILD_DIR}" -f Makefile -f - python \ - VPATH="${native_builddir}:${S}" \ - native_builddir="${native_builddir}" \ - libkmod_python_kmod_{kmod,list,module,_util}_la_LIBADD='$(PYTHON_LIBS) $(native_builddir)/libkmod/libkmod.la' \ - <<< 'python: $(pkgpyexec_LTLIBRARIES)' - } - - python_foreach_impl python_compile - fi -} - -src_install() { - emake -C "${BUILD_DIR}" DESTDIR="${D}" install - einstalldocs - - if use python; then - local native_builddir=${BUILD_DIR} - - python_install() { - emake -C "${BUILD_DIR}" DESTDIR="${D}" \ - VPATH="${native_builddir}:${S}" \ - install-pkgpyexecLTLIBRARIES \ - install-dist_pkgpyexecPYTHON - } - - python_foreach_impl python_install - fi - - find "${ED}" -name "*.la" -delete || die - - if use tools; then - local bincmd sbincmd - for sbincmd in depmod insmod lsmod modinfo modprobe rmmod; do - dosym ../bin/kmod /sbin/${sbincmd} - done - - # These are also usable as normal user - for bincmd in lsmod modinfo; do - dosym kmod /bin/${bincmd} - done - fi - - cat <<-EOF > "${T}"/usb-load-ehci-first.conf - softdep uhci_hcd pre: ehci_hcd - softdep ohci_hcd pre: ehci_hcd - EOF - - insinto /lib/modprobe.d - doins "${T}"/usb-load-ehci-first.conf #260139 - - newinitd "${FILESDIR}"/kmod-static-nodes-r1 kmod-static-nodes -} - -pkg_postinst() { - if [[ -L ${EROOT%/}/etc/runlevels/boot/static-nodes ]]; then - ewarn "Removing old conflicting static-nodes init script from the boot runlevel" - rm -f "${EROOT%/}"/etc/runlevels/boot/static-nodes - fi - - # Add kmod to the runlevel automatically if this is the first install of this package. - if [[ -z ${REPLACING_VERSIONS} ]]; then - if [[ ! -d ${EROOT%/}/etc/runlevels/sysinit ]]; then - mkdir -p "${EROOT%/}"/etc/runlevels/sysinit - fi - if [[ -x ${EROOT%/}/etc/init.d/kmod-static-nodes ]]; then - ln -s /etc/init.d/kmod-static-nodes "${EROOT%/}"/etc/runlevels/sysinit/kmod-static-nodes - fi - fi - - if [[ -e ${EROOT%/}/etc/runlevels/sysinit ]]; then - if [[ ! -e ${EROOT%/}/etc/runlevels/sysinit/kmod-static-nodes ]]; then - ewarn - ewarn "You need to add kmod-static-nodes to the sysinit runlevel for" - ewarn "kernel modules to have required static nodes!" - ewarn "Run this command:" - ewarn "\trc-update add kmod-static-nodes sysinit" - fi - fi -} -- cgit v1.2.3