From df59e1ecc8569b9f48acc22a7e5649f96df33219 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 2 May 2021 18:25:10 +0100 Subject: sys-kernel/linux-{image,sources}-redcore : version bump --- sys-kernel/linux-image-redcore/Manifest | 2 +- .../files/5.11-linux-hardened.patch | 79 +++++----- .../linux-image-redcore-5.11.17.ebuild | 163 +++++++++++++++++++++ .../linux-image-redcore-5.11.8.ebuild | 163 --------------------- sys-kernel/linux-sources-redcore/Manifest | 2 +- .../files/5.11-linux-hardened.patch | 79 +++++----- .../linux-sources-redcore-5.11.17.ebuild | 88 +++++++++++ .../linux-sources-redcore-5.11.8.ebuild | 88 ----------- 8 files changed, 319 insertions(+), 345 deletions(-) create mode 100644 sys-kernel/linux-image-redcore/linux-image-redcore-5.11.17.ebuild delete mode 100644 sys-kernel/linux-image-redcore/linux-image-redcore-5.11.8.ebuild create mode 100644 sys-kernel/linux-sources-redcore/linux-sources-redcore-5.11.17.ebuild delete mode 100644 sys-kernel/linux-sources-redcore/linux-sources-redcore-5.11.8.ebuild diff --git a/sys-kernel/linux-image-redcore/Manifest b/sys-kernel/linux-image-redcore/Manifest index 7e53c998..5a30db60 100644 --- a/sys-kernel/linux-image-redcore/Manifest +++ b/sys-kernel/linux-image-redcore/Manifest @@ -1 +1 @@ -DIST linux-5.11.8.tar.xz 117631188 BLAKE2B 48028845215ba4514735575b2cf0f9bd67c224168074c406d01188ab28483ab139d6fab42dda6be10b04c9716e7be91fc6f5e4bbd58984bea40b7e7cff60e477 SHA512 2b78607a2cafab6bd49c18cc4f79f26df3694f3984d6d24936dc722e72dca567f86eff3ae87f8560ed9bb363410a6ec7bccc33f3d1c9ab2bc3385be5f6a99da6 +DIST linux-5.11.17.tar.xz 117653736 BLAKE2B 76226bb9e071620929fbdb4bc5ca08be1dab748dc337505ce9a377df0cf0612f6e57d0003bde3d312506a354d02fbc9f4e4be12269daa576969d52fabca13403 SHA512 105e7be115a50524f4bc535ae47ab556aff57e2c5329297b88b80bfabc236ffc0a85afaf26a25eb6e0a6db15528f8a077a312c449f4dc0c60b9648c68c5ba40b diff --git a/sys-kernel/linux-image-redcore/files/5.11-linux-hardened.patch b/sys-kernel/linux-image-redcore/files/5.11-linux-hardened.patch index d2f62db2..2fb3da83 100644 --- a/sys-kernel/linux-image-redcore/files/5.11-linux-hardened.patch +++ b/sys-kernel/linux-image-redcore/files/5.11-linux-hardened.patch @@ -101,19 +101,6 @@ index 1b7f8debada6..05f722d7d065 100644 tcp_slow_start_after_idle - BOOLEAN If set, provide RFC2861 behavior and time out the congestion window after an idle period. An idle period is defined at -diff --git a/Makefile b/Makefile -index d8a39ece170d..a1023be11847 100644 ---- a/Makefile -+++ b/Makefile -@@ -2,7 +2,7 @@ - VERSION = 5 - PATCHLEVEL = 11 - SUBLEVEL = 8 --EXTRAVERSION = -+EXTRAVERSION = -hardened1 - NAME = 💕 Valentine's Day Edition 💕 - - # *DOCUMENTATION* diff --git a/arch/Kconfig b/arch/Kconfig index 24862d15f3a3..ea5030c6dc46 100644 --- a/arch/Kconfig @@ -137,10 +124,10 @@ index 24862d15f3a3..ea5030c6dc46 100644 help This value can be used to select the number of bits to use to diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig -index e42da99db91f..569b9ea44ba0 100644 +index cd7f725b80d4..f02334b3c5ac 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig -@@ -1196,6 +1196,7 @@ config RODATA_FULL_DEFAULT_ENABLED +@@ -1206,6 +1206,7 @@ config RODATA_FULL_DEFAULT_ENABLED config ARM64_SW_TTBR0_PAN bool "Emulate Privileged Access Never using TTBR0_EL1 switching" @@ -148,7 +135,7 @@ index e42da99db91f..569b9ea44ba0 100644 help Enabling this option prevents the kernel from accessing user-space memory directly by pointing TTBR0_EL1 to a reserved -@@ -1774,6 +1775,7 @@ config RANDOMIZE_BASE +@@ -1788,6 +1789,7 @@ config RANDOMIZE_BASE bool "Randomize the address of the kernel image" select ARM64_MODULE_PLTS if MODULES select RELOCATABLE @@ -752,7 +739,7 @@ index 6442d97d9a4a..1ae285075f9f 100644 { return -ENXIO; diff --git a/fs/namei.c b/fs/namei.c -index dd85e12ac85a..a200b0144970 100644 +index b7c0dcc25bd4..14fba31826c0 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -932,10 +932,10 @@ static inline void put_link(struct nameidata *nd) @@ -771,7 +758,7 @@ index dd85e12ac85a..a200b0144970 100644 /** * may_follow_link - Check symlink following for unsafe situations diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig -index e2a488d403a6..ce54c1c693a8 100644 +index 14a72224b657..080a8027c6b1 100644 --- a/fs/nfs/Kconfig +++ b/fs/nfs/Kconfig @@ -195,7 +195,6 @@ config NFS_DEBUG @@ -1035,7 +1022,7 @@ index 2b5b64256cf4..8cdce21dce0f 100644 const struct kobj_ns_type_operations *kobj_child_ns_ops(struct kobject *parent); const struct kobj_ns_type_operations *kobj_ns_ops(struct kobject *kobj); diff --git a/include/linux/mm.h b/include/linux/mm.h -index 24b292fce8e5..e7224299eaa5 100644 +index 992c18d5e85d..19d0c045a94c 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -775,7 +775,7 @@ static inline int is_vmalloc_or_module_addr(const void *x) @@ -1304,10 +1291,10 @@ index 244208f6f6c2..764da159ccab 100644 #define TCP_RACK_LOSS_DETECTION 0x1 /* Use RACK to detect losses */ #define TCP_RACK_STATIC_REO_WND 0x2 /* Use static RACK reo wnd */ diff --git a/init/Kconfig b/init/Kconfig -index b7d3c6a12196..29ae7c93f608 100644 +index a3d27421de8f..208a3c8951d0 100644 --- a/init/Kconfig +++ b/init/Kconfig -@@ -418,6 +418,7 @@ config USELIB +@@ -417,6 +417,7 @@ config USELIB config AUDIT bool "Auditing support" depends on NET @@ -1315,7 +1302,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help Enable auditing infrastructure that can be used with another kernel subsystem, such as SELinux (which requires this for -@@ -1172,6 +1173,22 @@ config USER_NS +@@ -1171,6 +1172,22 @@ config USER_NS If unsure, say N. @@ -1338,7 +1325,7 @@ index b7d3c6a12196..29ae7c93f608 100644 config PID_NS bool "PID Namespaces" default y -@@ -1402,9 +1419,8 @@ menuconfig EXPERT +@@ -1401,9 +1418,8 @@ menuconfig EXPERT Only use this if you really know what you are doing. config UID16 @@ -1349,7 +1336,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help This enables the legacy 16-bit UID syscall wrappers. -@@ -1433,14 +1449,13 @@ config SGETMASK_SYSCALL +@@ -1432,14 +1448,13 @@ config SGETMASK_SYSCALL If unsure, leave the default option here. config SYSFS_SYSCALL @@ -1366,7 +1353,7 @@ index b7d3c6a12196..29ae7c93f608 100644 config FHANDLE bool "open by fhandle syscalls" if EXPERT -@@ -1591,8 +1606,7 @@ config SHMEM +@@ -1590,8 +1605,7 @@ config SHMEM which may be appropriate on small systems without swap. config AIO @@ -1376,7 +1363,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help This option enables POSIX asynchronous I/O which may by used by some high performance threaded applications. Disabling -@@ -1853,7 +1867,7 @@ config VM_EVENT_COUNTERS +@@ -1852,7 +1866,7 @@ config VM_EVENT_COUNTERS config SLUB_DEBUG default y @@ -1385,7 +1372,7 @@ index b7d3c6a12196..29ae7c93f608 100644 depends on SLUB && SYSFS help SLUB has extensive debug support features. Disabling these can -@@ -1877,7 +1891,6 @@ config SLUB_MEMCG_SYSFS_ON +@@ -1876,7 +1890,6 @@ config SLUB_MEMCG_SYSFS_ON config COMPAT_BRK bool "Disable heap randomization" @@ -1393,7 +1380,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help Randomizing heap placement makes heap exploits harder, but it also breaks ancient binaries (including anything libc5 based). -@@ -1924,7 +1937,6 @@ endchoice +@@ -1923,7 +1936,6 @@ endchoice config SLAB_MERGE_DEFAULT bool "Allow slab caches to be merged" @@ -1401,7 +1388,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help For reduced kernel memory fragmentation, slab caches can be merged when they share the same size and other characteristics. -@@ -1939,6 +1951,7 @@ config SLAB_MERGE_DEFAULT +@@ -1938,6 +1950,7 @@ config SLAB_MERGE_DEFAULT config SLAB_FREELIST_RANDOM bool "Randomize slab freelist" depends on SLAB || SLUB @@ -1409,7 +1396,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help Randomizes the freelist order used on creating new pages. This security feature reduces the predictability of the kernel slab -@@ -1947,6 +1960,7 @@ config SLAB_FREELIST_RANDOM +@@ -1946,6 +1959,7 @@ config SLAB_FREELIST_RANDOM config SLAB_FREELIST_HARDENED bool "Harden slab freelist metadata" depends on SLAB || SLUB @@ -1417,7 +1404,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help Many kernel heap attacks try to target slab cache metadata and other infrastructure. This options makes minor performance -@@ -1955,6 +1969,23 @@ config SLAB_FREELIST_HARDENED +@@ -1954,6 +1968,23 @@ config SLAB_FREELIST_HARDENED sanity-checking than others. This option is most effective with CONFIG_SLUB. @@ -1456,7 +1443,7 @@ index 1ffc2e059027..0eb5de8d177e 100644 pr_err("audit: error setting audit state (%d)\n", audit_default); diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c -index 261f8692d0d2..6e3c2148e3f4 100644 +index 1de87fcaeabd..8d844eef1d69 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -516,7 +516,7 @@ void bpf_prog_kallsyms_del_all(struct bpf_prog *fp) @@ -1469,7 +1456,7 @@ index 261f8692d0d2..6e3c2148e3f4 100644 static void diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c -index e5999d86c76e..0fe9f6fef7a2 100644 +index 32ca33539052..07c18d1d6f20 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -50,7 +50,7 @@ static DEFINE_SPINLOCK(map_idr_lock); @@ -1526,7 +1513,7 @@ index 8425dbc1d239..7ce0ad5cead5 100644 return err; diff --git a/kernel/fork.c b/kernel/fork.c -index d66cd1014211..cd4cd6ff7392 100644 +index 808af2cc8ab6..0948177da180 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -82,6 +82,7 @@ @@ -1537,7 +1524,7 @@ index d66cd1014211..cd4cd6ff7392 100644 #include #include #include -@@ -1864,6 +1865,10 @@ static __latent_entropy struct task_struct *copy_process( +@@ -1872,6 +1873,10 @@ static __latent_entropy struct task_struct *copy_process( if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS)) return ERR_PTR(-EINVAL); @@ -1548,7 +1535,7 @@ index d66cd1014211..cd4cd6ff7392 100644 /* * Thread groups must share signals as well, and detached threads * can only be started up within the thread group. -@@ -2933,6 +2938,12 @@ int ksys_unshare(unsigned long unshare_flags) +@@ -2941,6 +2946,12 @@ int ksys_unshare(unsigned long unshare_flags) if (unshare_flags & CLONE_NEWNS) unshare_flags |= CLONE_FS; @@ -1867,7 +1854,7 @@ index 62fbd09b5dc1..36470990b2e6 100644 EXPORT_SYMBOL(proc_dointvec_ms_jiffies); EXPORT_SYMBOL(proc_dostring); diff --git a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c -index 788b9d137de4..371d160251fb 100644 +index 5c9d968187ae..80156280360f 100644 --- a/kernel/time/hrtimer.c +++ b/kernel/time/hrtimer.c @@ -1605,7 +1605,7 @@ static void __hrtimer_run_queues(struct hrtimer_cpu_base *cpu_base, ktime_t now, @@ -1911,7 +1898,7 @@ index af612945a4d0..95c54dae4aa1 100644 static DEFINE_MUTEX(userns_state_mutex); diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug -index 7937265ef879..151000ca0f4c 100644 +index 431b6b7ec04d..160ecfd7b45c 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -375,6 +375,9 @@ config DEBUG_FORCE_FUNCTION_ALIGN_32B @@ -2683,10 +2670,10 @@ index 8c9b7d1e7c49..b74af3a4435e 100644 unsigned long arch_mmap_rnd(void) diff --git a/net/core/dev.c b/net/core/dev.c -index a5a1dbe66b76..b0af65c213cc 100644 +index 3c0d3b6d674d..93387bfaf741 100644 --- a/net/core/dev.c +++ b/net/core/dev.c -@@ -4867,7 +4867,7 @@ int netif_rx_any_context(struct sk_buff *skb) +@@ -4879,7 +4879,7 @@ int netif_rx_any_context(struct sk_buff *skb) } EXPORT_SYMBOL(netif_rx_any_context); @@ -2695,7 +2682,7 @@ index a5a1dbe66b76..b0af65c213cc 100644 { struct softnet_data *sd = this_cpu_ptr(&softnet_data); -@@ -6863,7 +6863,7 @@ static int napi_poll(struct napi_struct *n, struct list_head *repoll) +@@ -6876,7 +6876,7 @@ static int napi_poll(struct napi_struct *n, struct list_head *repoll) return work; } @@ -2952,7 +2939,7 @@ index 87983e70f03f..d1584b4b39f9 100644 + + If unsure, say N. diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c -index 3e5f4f2e705e..791329c77dea 100644 +index 08829809e88b..d06be35bacbe 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -588,6 +588,15 @@ static struct ctl_table ipv4_table[] = { @@ -3207,7 +3194,7 @@ index 7561f6f99f1d..ccae931a1c6c 100644 Detect overflows of buffers in common string and memory functions where the compiler can determine and validate the buffer sizes. diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening -index 269967c4fc1b..7dede18f1074 100644 +index a56c36470cb1..ea4c4aeed9cd 100644 --- a/security/Kconfig.hardening +++ b/security/Kconfig.hardening @@ -190,6 +190,7 @@ config STACKLEAK_RUNTIME_DISABLE @@ -3319,10 +3306,10 @@ index 95a3c1eda9e4..75addbf621da 100644 /** * selinux_secmark_enabled - Check to see if SECMARK is currently enabled diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c -index 4bde570d56a2..cc5caffc07fa 100644 +index 2b745ae8cb98..de739d432da6 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c -@@ -725,7 +725,6 @@ static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, +@@ -724,7 +724,6 @@ static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, size_t count, loff_t *ppos) { @@ -3330,7 +3317,7 @@ index 4bde570d56a2..cc5caffc07fa 100644 char *page; ssize_t length; unsigned int new_value; -@@ -749,18 +748,9 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, +@@ -748,18 +747,9 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, return PTR_ERR(page); length = -EINVAL; diff --git a/sys-kernel/linux-image-redcore/linux-image-redcore-5.11.17.ebuild b/sys-kernel/linux-image-redcore/linux-image-redcore-5.11.17.ebuild new file mode 100644 index 00000000..a63475f4 --- /dev/null +++ b/sys-kernel/linux-image-redcore/linux-image-redcore-5.11.17.ebuild @@ -0,0 +1,163 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit eutils + +EXTRAVERSION="redcore" +KV_FULL="${PV}-${EXTRAVERSION}" +KV_MAJOR="5.11" + +DESCRIPTION="Redcore Linux Kernel Image" +HOMEPAGE="https://redcorelinux.org" +SRC_URI="https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-${PV}.tar.xz" + +KEYWORDS="~amd64" +LICENSE="GPL-2" +SLOT="${PVR}" +IUSE="+cryptsetup +dmraid +dracut +dkms +mdadm" + +RESTRICT="binchecks strip mirror" +DEPEND=" + app-arch/lz4 + app-arch/xz-utils + sys-devel/autoconf + sys-devel/bc + sys-devel/make + cryptsetup? ( sys-fs/cryptsetup ) + dmraid? ( sys-fs/dmraid ) + dracut? ( >=sys-kernel/dracut-0.44-r8 ) + dkms? ( sys-kernel/dkms sys-kernel/linux-sources-redcore:${SLOT} ) + mdadm? ( sys-fs/mdadm ) + >=sys-kernel/linux-firmware-20180314" +RDEPEND="${DEPEND}" + +PATCHES=( + "${FILESDIR}"/"${KV_MAJOR}"-ath10k-be-quiet.patch + "${FILESDIR}"/"${KV_MAJOR}"-ata-fix-NCQ-LOG-strings-and-move-to-debug.patch + "${FILESDIR}"/"${KV_MAJOR}"-radeon_dp_aux_transfer_native-no-ratelimited_debug.patch + "${FILESDIR}"/"${KV_MAJOR}"-acpi-use-kern_warning_even_when_error.patch + "${FILESDIR}"/"${KV_MAJOR}"-Unknow-SSD-HFM128GDHTNG-8310B-QUIRK_NO_APST.patch + "${FILESDIR}"/"${KV_MAJOR}"-nvme-Patriot_Viper_VPN100-QUIRK_IGNORE_DEV_SUBNQN.patch + "${FILESDIR}"/"${KV_MAJOR}"-do_not_bug_the_next_18-years.patch + "${FILESDIR}"/"${KV_MAJOR}"-iwlwifi-use-debug-for-debug-infos.patch + "${FILESDIR}"/"${KV_MAJOR}"-compress-modules-zstd-support.patch + "${FILESDIR}"/"${KV_MAJOR}"-fix-bootconfig-makefile.patch + "${FILESDIR}"/"${KV_MAJOR}"-bootconfig-fallthrough.patch + "${FILESDIR}"/"${KV_MAJOR}"-apic_vector-spam-in-debug-mode-only.patch + "${FILESDIR}"/"${KV_MAJOR}"-iwlwifi-fix-5e003982b07ae.patch + "${FILESDIR}"/"${KV_MAJOR}"-amd_iommu_init_info.patch + "${FILESDIR}"/"${KV_MAJOR}"-0001-Revert-hwmon-k10temp-Remove-support-for-displaying-v.patch + "${FILESDIR}"/"${KV_MAJOR}"-k10temp-fix-ZEN2-desktop-add-ZEN3-desktop.patch + "${FILESDIR}"/"${KV_MAJOR}"-k10temp-add-Renoir-support.patch + "${FILESDIR}"/"${KV_MAJOR}"-0001-Revert-cpufreq-Avoid-configuring-old-governors-as-de.patch + "${FILESDIR}"/"${KV_MAJOR}"-revert-parts-of-a00ec3874e7d326ab2dffbed92faddf6a77a84e9-no-Intel-NO.patch + "${FILESDIR}"/"${KV_MAJOR}"-amdgpu-FDO-bug1488.patch + "${FILESDIR}"/"${KV_MAJOR}"-linux-hardened.patch + "${FILESDIR}"/"${KV_MAJOR}"-uksm-linux-hardened.patch +) + +S="${WORKDIR}"/linux-"${PV}" + +pkg_setup() { + export KBUILD_BUILD_USER="nexus" + export KBUILD_BUILD_HOST="nexus.redcorelinux.org" + + export REAL_ARCH="$ARCH" + unset ARCH ; unset LDFLAGS #will interfere with Makefile if set +} + +src_prepare() { + default + emake mrproper + sed -ri "s|^(EXTRAVERSION =).*|\1 -${EXTRAVERSION}|" Makefile + cp "${FILESDIR}"/"${KV_MAJOR}"-amd64.config .config + rm -rf $(find . -type f|grep -F \.orig) +} + +src_compile() { + emake prepare modules_prepare bzImage modules +} + +src_install() { + dodir boot + insinto boot + newins .config config-"${KV_FULL}" + newins System.map System.map-"${KV_FULL}" + newins arch/x86/boot/bzImage vmlinuz-"${KV_FULL}" + + dodir usr/src/linux-"${KV_FULL}" + insinto usr/src/linux-"${KV_FULL}" + doins Module.symvers + doins System.map + exeinto usr/src/linux-"${KV_FULL}" + doexe vmlinux + + emake INSTALL_MOD_PATH="${D}" modules_install + + rm -f "${D}"lib/modules/"${KV_FULL}"/build + rm -f "${D}"lib/modules/"${KV_FULL}"/source + export local KSYMS + for KSYMS in build source ; do + dosym ../../../usr/src/linux-"${KV_FULL}" lib/modules/"${KV_FULL}"/"${KSYMS}" + done +} + +_grub2_update_grubcfg() { + if [[ -x $(which grub2-mkconfig) ]]; then + elog "Updating GRUB-2 bootloader configuration, please wait" + grub2-mkconfig -o "${ROOT}"boot/grub/grub.cfg + else + elog "It looks like you're not using GRUB-2, you must update bootloader configuration by hand" + fi +} + +_dracut_initrd_create() { + if [[ -x $(which dracut) ]]; then + elog "Generating initrd for "${KV_FULL}", please wait" + addpredict /etc/ld.so.cache~ + dracut -N -f --kver="${KV_FULL}" "${ROOT}"boot/initrd-"${KV_FULL}" + else + elog "It looks like you're not using dracut, you must generate an initrd by hand" + fi +} + +_dracut_initrd_delete() { + rm -rf "${ROOT}"boot/initrd-"${KV_FULL}" +} + +_dkms_modules_delete() { + if [[ -x $(which dkms) ]] ; then + export local DKMSMOD + for DKMSMOD in $(dkms status | cut -d " " -f1,2 | sed -e 's/,//g' | sed -e 's/ /\//g' | sed -e 's/://g' | uniq) ; do + dkms remove "${DKMSMOD}" -k "${KV_FULL}" + done + fi +} + +_kernel_modules_delete() { + rm -rf "${ROOT}"lib/modules/"${KV_FULL}" +} + +pkg_postinst() { + if [ $(stat -c %d:%i /) == $(stat -c %d:%i /proc/1/root/.) ]; then + if use dracut; then + _dracut_initrd_create + fi + _grub2_update_grubcfg + fi +} + +pkg_postrm() { + if [ $(stat -c %d:%i /) == $(stat -c %d:%i /proc/1/root/.) ]; then + if use dracut; then + _dracut_initrd_delete + fi + _grub2_update_grubcfg + fi + if use dkms; then + _dkms_modules_delete + fi + _kernel_modules_delete +} diff --git a/sys-kernel/linux-image-redcore/linux-image-redcore-5.11.8.ebuild b/sys-kernel/linux-image-redcore/linux-image-redcore-5.11.8.ebuild deleted file mode 100644 index a63475f4..00000000 --- a/sys-kernel/linux-image-redcore/linux-image-redcore-5.11.8.ebuild +++ /dev/null @@ -1,163 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit eutils - -EXTRAVERSION="redcore" -KV_FULL="${PV}-${EXTRAVERSION}" -KV_MAJOR="5.11" - -DESCRIPTION="Redcore Linux Kernel Image" -HOMEPAGE="https://redcorelinux.org" -SRC_URI="https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-${PV}.tar.xz" - -KEYWORDS="~amd64" -LICENSE="GPL-2" -SLOT="${PVR}" -IUSE="+cryptsetup +dmraid +dracut +dkms +mdadm" - -RESTRICT="binchecks strip mirror" -DEPEND=" - app-arch/lz4 - app-arch/xz-utils - sys-devel/autoconf - sys-devel/bc - sys-devel/make - cryptsetup? ( sys-fs/cryptsetup ) - dmraid? ( sys-fs/dmraid ) - dracut? ( >=sys-kernel/dracut-0.44-r8 ) - dkms? ( sys-kernel/dkms sys-kernel/linux-sources-redcore:${SLOT} ) - mdadm? ( sys-fs/mdadm ) - >=sys-kernel/linux-firmware-20180314" -RDEPEND="${DEPEND}" - -PATCHES=( - "${FILESDIR}"/"${KV_MAJOR}"-ath10k-be-quiet.patch - "${FILESDIR}"/"${KV_MAJOR}"-ata-fix-NCQ-LOG-strings-and-move-to-debug.patch - "${FILESDIR}"/"${KV_MAJOR}"-radeon_dp_aux_transfer_native-no-ratelimited_debug.patch - "${FILESDIR}"/"${KV_MAJOR}"-acpi-use-kern_warning_even_when_error.patch - "${FILESDIR}"/"${KV_MAJOR}"-Unknow-SSD-HFM128GDHTNG-8310B-QUIRK_NO_APST.patch - "${FILESDIR}"/"${KV_MAJOR}"-nvme-Patriot_Viper_VPN100-QUIRK_IGNORE_DEV_SUBNQN.patch - "${FILESDIR}"/"${KV_MAJOR}"-do_not_bug_the_next_18-years.patch - "${FILESDIR}"/"${KV_MAJOR}"-iwlwifi-use-debug-for-debug-infos.patch - "${FILESDIR}"/"${KV_MAJOR}"-compress-modules-zstd-support.patch - "${FILESDIR}"/"${KV_MAJOR}"-fix-bootconfig-makefile.patch - "${FILESDIR}"/"${KV_MAJOR}"-bootconfig-fallthrough.patch - "${FILESDIR}"/"${KV_MAJOR}"-apic_vector-spam-in-debug-mode-only.patch - "${FILESDIR}"/"${KV_MAJOR}"-iwlwifi-fix-5e003982b07ae.patch - "${FILESDIR}"/"${KV_MAJOR}"-amd_iommu_init_info.patch - "${FILESDIR}"/"${KV_MAJOR}"-0001-Revert-hwmon-k10temp-Remove-support-for-displaying-v.patch - "${FILESDIR}"/"${KV_MAJOR}"-k10temp-fix-ZEN2-desktop-add-ZEN3-desktop.patch - "${FILESDIR}"/"${KV_MAJOR}"-k10temp-add-Renoir-support.patch - "${FILESDIR}"/"${KV_MAJOR}"-0001-Revert-cpufreq-Avoid-configuring-old-governors-as-de.patch - "${FILESDIR}"/"${KV_MAJOR}"-revert-parts-of-a00ec3874e7d326ab2dffbed92faddf6a77a84e9-no-Intel-NO.patch - "${FILESDIR}"/"${KV_MAJOR}"-amdgpu-FDO-bug1488.patch - "${FILESDIR}"/"${KV_MAJOR}"-linux-hardened.patch - "${FILESDIR}"/"${KV_MAJOR}"-uksm-linux-hardened.patch -) - -S="${WORKDIR}"/linux-"${PV}" - -pkg_setup() { - export KBUILD_BUILD_USER="nexus" - export KBUILD_BUILD_HOST="nexus.redcorelinux.org" - - export REAL_ARCH="$ARCH" - unset ARCH ; unset LDFLAGS #will interfere with Makefile if set -} - -src_prepare() { - default - emake mrproper - sed -ri "s|^(EXTRAVERSION =).*|\1 -${EXTRAVERSION}|" Makefile - cp "${FILESDIR}"/"${KV_MAJOR}"-amd64.config .config - rm -rf $(find . -type f|grep -F \.orig) -} - -src_compile() { - emake prepare modules_prepare bzImage modules -} - -src_install() { - dodir boot - insinto boot - newins .config config-"${KV_FULL}" - newins System.map System.map-"${KV_FULL}" - newins arch/x86/boot/bzImage vmlinuz-"${KV_FULL}" - - dodir usr/src/linux-"${KV_FULL}" - insinto usr/src/linux-"${KV_FULL}" - doins Module.symvers - doins System.map - exeinto usr/src/linux-"${KV_FULL}" - doexe vmlinux - - emake INSTALL_MOD_PATH="${D}" modules_install - - rm -f "${D}"lib/modules/"${KV_FULL}"/build - rm -f "${D}"lib/modules/"${KV_FULL}"/source - export local KSYMS - for KSYMS in build source ; do - dosym ../../../usr/src/linux-"${KV_FULL}" lib/modules/"${KV_FULL}"/"${KSYMS}" - done -} - -_grub2_update_grubcfg() { - if [[ -x $(which grub2-mkconfig) ]]; then - elog "Updating GRUB-2 bootloader configuration, please wait" - grub2-mkconfig -o "${ROOT}"boot/grub/grub.cfg - else - elog "It looks like you're not using GRUB-2, you must update bootloader configuration by hand" - fi -} - -_dracut_initrd_create() { - if [[ -x $(which dracut) ]]; then - elog "Generating initrd for "${KV_FULL}", please wait" - addpredict /etc/ld.so.cache~ - dracut -N -f --kver="${KV_FULL}" "${ROOT}"boot/initrd-"${KV_FULL}" - else - elog "It looks like you're not using dracut, you must generate an initrd by hand" - fi -} - -_dracut_initrd_delete() { - rm -rf "${ROOT}"boot/initrd-"${KV_FULL}" -} - -_dkms_modules_delete() { - if [[ -x $(which dkms) ]] ; then - export local DKMSMOD - for DKMSMOD in $(dkms status | cut -d " " -f1,2 | sed -e 's/,//g' | sed -e 's/ /\//g' | sed -e 's/://g' | uniq) ; do - dkms remove "${DKMSMOD}" -k "${KV_FULL}" - done - fi -} - -_kernel_modules_delete() { - rm -rf "${ROOT}"lib/modules/"${KV_FULL}" -} - -pkg_postinst() { - if [ $(stat -c %d:%i /) == $(stat -c %d:%i /proc/1/root/.) ]; then - if use dracut; then - _dracut_initrd_create - fi - _grub2_update_grubcfg - fi -} - -pkg_postrm() { - if [ $(stat -c %d:%i /) == $(stat -c %d:%i /proc/1/root/.) ]; then - if use dracut; then - _dracut_initrd_delete - fi - _grub2_update_grubcfg - fi - if use dkms; then - _dkms_modules_delete - fi - _kernel_modules_delete -} diff --git a/sys-kernel/linux-sources-redcore/Manifest b/sys-kernel/linux-sources-redcore/Manifest index 7e53c998..5a30db60 100644 --- a/sys-kernel/linux-sources-redcore/Manifest +++ b/sys-kernel/linux-sources-redcore/Manifest @@ -1 +1 @@ -DIST linux-5.11.8.tar.xz 117631188 BLAKE2B 48028845215ba4514735575b2cf0f9bd67c224168074c406d01188ab28483ab139d6fab42dda6be10b04c9716e7be91fc6f5e4bbd58984bea40b7e7cff60e477 SHA512 2b78607a2cafab6bd49c18cc4f79f26df3694f3984d6d24936dc722e72dca567f86eff3ae87f8560ed9bb363410a6ec7bccc33f3d1c9ab2bc3385be5f6a99da6 +DIST linux-5.11.17.tar.xz 117653736 BLAKE2B 76226bb9e071620929fbdb4bc5ca08be1dab748dc337505ce9a377df0cf0612f6e57d0003bde3d312506a354d02fbc9f4e4be12269daa576969d52fabca13403 SHA512 105e7be115a50524f4bc535ae47ab556aff57e2c5329297b88b80bfabc236ffc0a85afaf26a25eb6e0a6db15528f8a077a312c449f4dc0c60b9648c68c5ba40b diff --git a/sys-kernel/linux-sources-redcore/files/5.11-linux-hardened.patch b/sys-kernel/linux-sources-redcore/files/5.11-linux-hardened.patch index d2f62db2..2fb3da83 100644 --- a/sys-kernel/linux-sources-redcore/files/5.11-linux-hardened.patch +++ b/sys-kernel/linux-sources-redcore/files/5.11-linux-hardened.patch @@ -101,19 +101,6 @@ index 1b7f8debada6..05f722d7d065 100644 tcp_slow_start_after_idle - BOOLEAN If set, provide RFC2861 behavior and time out the congestion window after an idle period. An idle period is defined at -diff --git a/Makefile b/Makefile -index d8a39ece170d..a1023be11847 100644 ---- a/Makefile -+++ b/Makefile -@@ -2,7 +2,7 @@ - VERSION = 5 - PATCHLEVEL = 11 - SUBLEVEL = 8 --EXTRAVERSION = -+EXTRAVERSION = -hardened1 - NAME = 💕 Valentine's Day Edition 💕 - - # *DOCUMENTATION* diff --git a/arch/Kconfig b/arch/Kconfig index 24862d15f3a3..ea5030c6dc46 100644 --- a/arch/Kconfig @@ -137,10 +124,10 @@ index 24862d15f3a3..ea5030c6dc46 100644 help This value can be used to select the number of bits to use to diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig -index e42da99db91f..569b9ea44ba0 100644 +index cd7f725b80d4..f02334b3c5ac 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig -@@ -1196,6 +1196,7 @@ config RODATA_FULL_DEFAULT_ENABLED +@@ -1206,6 +1206,7 @@ config RODATA_FULL_DEFAULT_ENABLED config ARM64_SW_TTBR0_PAN bool "Emulate Privileged Access Never using TTBR0_EL1 switching" @@ -148,7 +135,7 @@ index e42da99db91f..569b9ea44ba0 100644 help Enabling this option prevents the kernel from accessing user-space memory directly by pointing TTBR0_EL1 to a reserved -@@ -1774,6 +1775,7 @@ config RANDOMIZE_BASE +@@ -1788,6 +1789,7 @@ config RANDOMIZE_BASE bool "Randomize the address of the kernel image" select ARM64_MODULE_PLTS if MODULES select RELOCATABLE @@ -752,7 +739,7 @@ index 6442d97d9a4a..1ae285075f9f 100644 { return -ENXIO; diff --git a/fs/namei.c b/fs/namei.c -index dd85e12ac85a..a200b0144970 100644 +index b7c0dcc25bd4..14fba31826c0 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -932,10 +932,10 @@ static inline void put_link(struct nameidata *nd) @@ -771,7 +758,7 @@ index dd85e12ac85a..a200b0144970 100644 /** * may_follow_link - Check symlink following for unsafe situations diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig -index e2a488d403a6..ce54c1c693a8 100644 +index 14a72224b657..080a8027c6b1 100644 --- a/fs/nfs/Kconfig +++ b/fs/nfs/Kconfig @@ -195,7 +195,6 @@ config NFS_DEBUG @@ -1035,7 +1022,7 @@ index 2b5b64256cf4..8cdce21dce0f 100644 const struct kobj_ns_type_operations *kobj_child_ns_ops(struct kobject *parent); const struct kobj_ns_type_operations *kobj_ns_ops(struct kobject *kobj); diff --git a/include/linux/mm.h b/include/linux/mm.h -index 24b292fce8e5..e7224299eaa5 100644 +index 992c18d5e85d..19d0c045a94c 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -775,7 +775,7 @@ static inline int is_vmalloc_or_module_addr(const void *x) @@ -1304,10 +1291,10 @@ index 244208f6f6c2..764da159ccab 100644 #define TCP_RACK_LOSS_DETECTION 0x1 /* Use RACK to detect losses */ #define TCP_RACK_STATIC_REO_WND 0x2 /* Use static RACK reo wnd */ diff --git a/init/Kconfig b/init/Kconfig -index b7d3c6a12196..29ae7c93f608 100644 +index a3d27421de8f..208a3c8951d0 100644 --- a/init/Kconfig +++ b/init/Kconfig -@@ -418,6 +418,7 @@ config USELIB +@@ -417,6 +417,7 @@ config USELIB config AUDIT bool "Auditing support" depends on NET @@ -1315,7 +1302,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help Enable auditing infrastructure that can be used with another kernel subsystem, such as SELinux (which requires this for -@@ -1172,6 +1173,22 @@ config USER_NS +@@ -1171,6 +1172,22 @@ config USER_NS If unsure, say N. @@ -1338,7 +1325,7 @@ index b7d3c6a12196..29ae7c93f608 100644 config PID_NS bool "PID Namespaces" default y -@@ -1402,9 +1419,8 @@ menuconfig EXPERT +@@ -1401,9 +1418,8 @@ menuconfig EXPERT Only use this if you really know what you are doing. config UID16 @@ -1349,7 +1336,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help This enables the legacy 16-bit UID syscall wrappers. -@@ -1433,14 +1449,13 @@ config SGETMASK_SYSCALL +@@ -1432,14 +1448,13 @@ config SGETMASK_SYSCALL If unsure, leave the default option here. config SYSFS_SYSCALL @@ -1366,7 +1353,7 @@ index b7d3c6a12196..29ae7c93f608 100644 config FHANDLE bool "open by fhandle syscalls" if EXPERT -@@ -1591,8 +1606,7 @@ config SHMEM +@@ -1590,8 +1605,7 @@ config SHMEM which may be appropriate on small systems without swap. config AIO @@ -1376,7 +1363,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help This option enables POSIX asynchronous I/O which may by used by some high performance threaded applications. Disabling -@@ -1853,7 +1867,7 @@ config VM_EVENT_COUNTERS +@@ -1852,7 +1866,7 @@ config VM_EVENT_COUNTERS config SLUB_DEBUG default y @@ -1385,7 +1372,7 @@ index b7d3c6a12196..29ae7c93f608 100644 depends on SLUB && SYSFS help SLUB has extensive debug support features. Disabling these can -@@ -1877,7 +1891,6 @@ config SLUB_MEMCG_SYSFS_ON +@@ -1876,7 +1890,6 @@ config SLUB_MEMCG_SYSFS_ON config COMPAT_BRK bool "Disable heap randomization" @@ -1393,7 +1380,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help Randomizing heap placement makes heap exploits harder, but it also breaks ancient binaries (including anything libc5 based). -@@ -1924,7 +1937,6 @@ endchoice +@@ -1923,7 +1936,6 @@ endchoice config SLAB_MERGE_DEFAULT bool "Allow slab caches to be merged" @@ -1401,7 +1388,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help For reduced kernel memory fragmentation, slab caches can be merged when they share the same size and other characteristics. -@@ -1939,6 +1951,7 @@ config SLAB_MERGE_DEFAULT +@@ -1938,6 +1950,7 @@ config SLAB_MERGE_DEFAULT config SLAB_FREELIST_RANDOM bool "Randomize slab freelist" depends on SLAB || SLUB @@ -1409,7 +1396,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help Randomizes the freelist order used on creating new pages. This security feature reduces the predictability of the kernel slab -@@ -1947,6 +1960,7 @@ config SLAB_FREELIST_RANDOM +@@ -1946,6 +1959,7 @@ config SLAB_FREELIST_RANDOM config SLAB_FREELIST_HARDENED bool "Harden slab freelist metadata" depends on SLAB || SLUB @@ -1417,7 +1404,7 @@ index b7d3c6a12196..29ae7c93f608 100644 help Many kernel heap attacks try to target slab cache metadata and other infrastructure. This options makes minor performance -@@ -1955,6 +1969,23 @@ config SLAB_FREELIST_HARDENED +@@ -1954,6 +1968,23 @@ config SLAB_FREELIST_HARDENED sanity-checking than others. This option is most effective with CONFIG_SLUB. @@ -1456,7 +1443,7 @@ index 1ffc2e059027..0eb5de8d177e 100644 pr_err("audit: error setting audit state (%d)\n", audit_default); diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c -index 261f8692d0d2..6e3c2148e3f4 100644 +index 1de87fcaeabd..8d844eef1d69 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -516,7 +516,7 @@ void bpf_prog_kallsyms_del_all(struct bpf_prog *fp) @@ -1469,7 +1456,7 @@ index 261f8692d0d2..6e3c2148e3f4 100644 static void diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c -index e5999d86c76e..0fe9f6fef7a2 100644 +index 32ca33539052..07c18d1d6f20 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -50,7 +50,7 @@ static DEFINE_SPINLOCK(map_idr_lock); @@ -1526,7 +1513,7 @@ index 8425dbc1d239..7ce0ad5cead5 100644 return err; diff --git a/kernel/fork.c b/kernel/fork.c -index d66cd1014211..cd4cd6ff7392 100644 +index 808af2cc8ab6..0948177da180 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -82,6 +82,7 @@ @@ -1537,7 +1524,7 @@ index d66cd1014211..cd4cd6ff7392 100644 #include #include #include -@@ -1864,6 +1865,10 @@ static __latent_entropy struct task_struct *copy_process( +@@ -1872,6 +1873,10 @@ static __latent_entropy struct task_struct *copy_process( if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS)) return ERR_PTR(-EINVAL); @@ -1548,7 +1535,7 @@ index d66cd1014211..cd4cd6ff7392 100644 /* * Thread groups must share signals as well, and detached threads * can only be started up within the thread group. -@@ -2933,6 +2938,12 @@ int ksys_unshare(unsigned long unshare_flags) +@@ -2941,6 +2946,12 @@ int ksys_unshare(unsigned long unshare_flags) if (unshare_flags & CLONE_NEWNS) unshare_flags |= CLONE_FS; @@ -1867,7 +1854,7 @@ index 62fbd09b5dc1..36470990b2e6 100644 EXPORT_SYMBOL(proc_dointvec_ms_jiffies); EXPORT_SYMBOL(proc_dostring); diff --git a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c -index 788b9d137de4..371d160251fb 100644 +index 5c9d968187ae..80156280360f 100644 --- a/kernel/time/hrtimer.c +++ b/kernel/time/hrtimer.c @@ -1605,7 +1605,7 @@ static void __hrtimer_run_queues(struct hrtimer_cpu_base *cpu_base, ktime_t now, @@ -1911,7 +1898,7 @@ index af612945a4d0..95c54dae4aa1 100644 static DEFINE_MUTEX(userns_state_mutex); diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug -index 7937265ef879..151000ca0f4c 100644 +index 431b6b7ec04d..160ecfd7b45c 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -375,6 +375,9 @@ config DEBUG_FORCE_FUNCTION_ALIGN_32B @@ -2683,10 +2670,10 @@ index 8c9b7d1e7c49..b74af3a4435e 100644 unsigned long arch_mmap_rnd(void) diff --git a/net/core/dev.c b/net/core/dev.c -index a5a1dbe66b76..b0af65c213cc 100644 +index 3c0d3b6d674d..93387bfaf741 100644 --- a/net/core/dev.c +++ b/net/core/dev.c -@@ -4867,7 +4867,7 @@ int netif_rx_any_context(struct sk_buff *skb) +@@ -4879,7 +4879,7 @@ int netif_rx_any_context(struct sk_buff *skb) } EXPORT_SYMBOL(netif_rx_any_context); @@ -2695,7 +2682,7 @@ index a5a1dbe66b76..b0af65c213cc 100644 { struct softnet_data *sd = this_cpu_ptr(&softnet_data); -@@ -6863,7 +6863,7 @@ static int napi_poll(struct napi_struct *n, struct list_head *repoll) +@@ -6876,7 +6876,7 @@ static int napi_poll(struct napi_struct *n, struct list_head *repoll) return work; } @@ -2952,7 +2939,7 @@ index 87983e70f03f..d1584b4b39f9 100644 + + If unsure, say N. diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c -index 3e5f4f2e705e..791329c77dea 100644 +index 08829809e88b..d06be35bacbe 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -588,6 +588,15 @@ static struct ctl_table ipv4_table[] = { @@ -3207,7 +3194,7 @@ index 7561f6f99f1d..ccae931a1c6c 100644 Detect overflows of buffers in common string and memory functions where the compiler can determine and validate the buffer sizes. diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening -index 269967c4fc1b..7dede18f1074 100644 +index a56c36470cb1..ea4c4aeed9cd 100644 --- a/security/Kconfig.hardening +++ b/security/Kconfig.hardening @@ -190,6 +190,7 @@ config STACKLEAK_RUNTIME_DISABLE @@ -3319,10 +3306,10 @@ index 95a3c1eda9e4..75addbf621da 100644 /** * selinux_secmark_enabled - Check to see if SECMARK is currently enabled diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c -index 4bde570d56a2..cc5caffc07fa 100644 +index 2b745ae8cb98..de739d432da6 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c -@@ -725,7 +725,6 @@ static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, +@@ -724,7 +724,6 @@ static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, size_t count, loff_t *ppos) { @@ -3330,7 +3317,7 @@ index 4bde570d56a2..cc5caffc07fa 100644 char *page; ssize_t length; unsigned int new_value; -@@ -749,18 +748,9 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, +@@ -748,18 +747,9 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, return PTR_ERR(page); length = -EINVAL; diff --git a/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.11.17.ebuild b/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.11.17.ebuild new file mode 100644 index 00000000..0926edee --- /dev/null +++ b/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.11.17.ebuild @@ -0,0 +1,88 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit eutils + +EXTRAVERSION="redcore" +KV_FULL="${PV}-${EXTRAVERSION}" +KV_MAJOR="5.11" + +DESCRIPTION="Redcore Linux Kernel Sources" +HOMEPAGE="https://redcorelinux.org" +SRC_URI="https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-${PV}.tar.xz" + +KEYWORDS="~amd64" +LICENSE="GPL-2" +SLOT="${PVR}" +IUSE="" + +RESTRICT="strip mirror" +DEPEND=" + app-arch/lz4 + app-arch/xz-utils + sys-devel/autoconf + sys-devel/bc + sys-devel/make" +RDEPEND="${DEPEND}" + +PATCHES=( + "${FILESDIR}"/"${KV_MAJOR}"-ath10k-be-quiet.patch + "${FILESDIR}"/"${KV_MAJOR}"-ata-fix-NCQ-LOG-strings-and-move-to-debug.patch + "${FILESDIR}"/"${KV_MAJOR}"-radeon_dp_aux_transfer_native-no-ratelimited_debug.patch + "${FILESDIR}"/"${KV_MAJOR}"-acpi-use-kern_warning_even_when_error.patch + "${FILESDIR}"/"${KV_MAJOR}"-Unknow-SSD-HFM128GDHTNG-8310B-QUIRK_NO_APST.patch + "${FILESDIR}"/"${KV_MAJOR}"-nvme-Patriot_Viper_VPN100-QUIRK_IGNORE_DEV_SUBNQN.patch + "${FILESDIR}"/"${KV_MAJOR}"-do_not_bug_the_next_18-years.patch + "${FILESDIR}"/"${KV_MAJOR}"-iwlwifi-use-debug-for-debug-infos.patch + "${FILESDIR}"/"${KV_MAJOR}"-compress-modules-zstd-support.patch + "${FILESDIR}"/"${KV_MAJOR}"-fix-bootconfig-makefile.patch + "${FILESDIR}"/"${KV_MAJOR}"-bootconfig-fallthrough.patch + "${FILESDIR}"/"${KV_MAJOR}"-apic_vector-spam-in-debug-mode-only.patch + "${FILESDIR}"/"${KV_MAJOR}"-iwlwifi-fix-5e003982b07ae.patch + "${FILESDIR}"/"${KV_MAJOR}"-amd_iommu_init_info.patch + "${FILESDIR}"/"${KV_MAJOR}"-0001-Revert-hwmon-k10temp-Remove-support-for-displaying-v.patch + "${FILESDIR}"/"${KV_MAJOR}"-k10temp-fix-ZEN2-desktop-add-ZEN3-desktop.patch + "${FILESDIR}"/"${KV_MAJOR}"-k10temp-add-Renoir-support.patch + "${FILESDIR}"/"${KV_MAJOR}"-0001-Revert-cpufreq-Avoid-configuring-old-governors-as-de.patch + "${FILESDIR}"/"${KV_MAJOR}"-revert-parts-of-a00ec3874e7d326ab2dffbed92faddf6a77a84e9-no-Intel-NO.patch + "${FILESDIR}"/"${KV_MAJOR}"-amdgpu-FDO-bug1488.patch + "${FILESDIR}"/"${KV_MAJOR}"-linux-hardened.patch + "${FILESDIR}"/"${KV_MAJOR}"-uksm-linux-hardened.patch +) + +S="${WORKDIR}"/linux-"${PV}" + +pkg_setup() { + export KBUILD_BUILD_USER="nexus" + export KBUILD_BUILD_HOST="nexus.redcorelinux.org" + + export REAL_ARCH="$ARCH" + unset ARCH ; unset LDFLAGS #will interfere with Makefile if set +} + +src_prepare() { + default + emake mrproper + sed -ri "s|^(EXTRAVERSION =).*|\1 -${EXTRAVERSION}|" Makefile + cp "${FILESDIR}"/"${KV_MAJOR}"-amd64.config .config + rm -rf $(find . -type f|grep -F \.orig) +} + +src_compile() { + emake prepare modules_prepare +} + +src_install() { + dodir usr/src/linux-"${KV_FULL}" + cp -ax "${S}"/* "${D}"usr/src/linux-"${KV_FULL}" +} + +_kernel_sources_delete() { + rm -rf "${ROOT}"usr/src/linux-"${KV_FULL}" +} + +pkg_postrm() { + _kernel_sources_delete +} diff --git a/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.11.8.ebuild b/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.11.8.ebuild deleted file mode 100644 index 0926edee..00000000 --- a/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.11.8.ebuild +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit eutils - -EXTRAVERSION="redcore" -KV_FULL="${PV}-${EXTRAVERSION}" -KV_MAJOR="5.11" - -DESCRIPTION="Redcore Linux Kernel Sources" -HOMEPAGE="https://redcorelinux.org" -SRC_URI="https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-${PV}.tar.xz" - -KEYWORDS="~amd64" -LICENSE="GPL-2" -SLOT="${PVR}" -IUSE="" - -RESTRICT="strip mirror" -DEPEND=" - app-arch/lz4 - app-arch/xz-utils - sys-devel/autoconf - sys-devel/bc - sys-devel/make" -RDEPEND="${DEPEND}" - -PATCHES=( - "${FILESDIR}"/"${KV_MAJOR}"-ath10k-be-quiet.patch - "${FILESDIR}"/"${KV_MAJOR}"-ata-fix-NCQ-LOG-strings-and-move-to-debug.patch - "${FILESDIR}"/"${KV_MAJOR}"-radeon_dp_aux_transfer_native-no-ratelimited_debug.patch - "${FILESDIR}"/"${KV_MAJOR}"-acpi-use-kern_warning_even_when_error.patch - "${FILESDIR}"/"${KV_MAJOR}"-Unknow-SSD-HFM128GDHTNG-8310B-QUIRK_NO_APST.patch - "${FILESDIR}"/"${KV_MAJOR}"-nvme-Patriot_Viper_VPN100-QUIRK_IGNORE_DEV_SUBNQN.patch - "${FILESDIR}"/"${KV_MAJOR}"-do_not_bug_the_next_18-years.patch - "${FILESDIR}"/"${KV_MAJOR}"-iwlwifi-use-debug-for-debug-infos.patch - "${FILESDIR}"/"${KV_MAJOR}"-compress-modules-zstd-support.patch - "${FILESDIR}"/"${KV_MAJOR}"-fix-bootconfig-makefile.patch - "${FILESDIR}"/"${KV_MAJOR}"-bootconfig-fallthrough.patch - "${FILESDIR}"/"${KV_MAJOR}"-apic_vector-spam-in-debug-mode-only.patch - "${FILESDIR}"/"${KV_MAJOR}"-iwlwifi-fix-5e003982b07ae.patch - "${FILESDIR}"/"${KV_MAJOR}"-amd_iommu_init_info.patch - "${FILESDIR}"/"${KV_MAJOR}"-0001-Revert-hwmon-k10temp-Remove-support-for-displaying-v.patch - "${FILESDIR}"/"${KV_MAJOR}"-k10temp-fix-ZEN2-desktop-add-ZEN3-desktop.patch - "${FILESDIR}"/"${KV_MAJOR}"-k10temp-add-Renoir-support.patch - "${FILESDIR}"/"${KV_MAJOR}"-0001-Revert-cpufreq-Avoid-configuring-old-governors-as-de.patch - "${FILESDIR}"/"${KV_MAJOR}"-revert-parts-of-a00ec3874e7d326ab2dffbed92faddf6a77a84e9-no-Intel-NO.patch - "${FILESDIR}"/"${KV_MAJOR}"-amdgpu-FDO-bug1488.patch - "${FILESDIR}"/"${KV_MAJOR}"-linux-hardened.patch - "${FILESDIR}"/"${KV_MAJOR}"-uksm-linux-hardened.patch -) - -S="${WORKDIR}"/linux-"${PV}" - -pkg_setup() { - export KBUILD_BUILD_USER="nexus" - export KBUILD_BUILD_HOST="nexus.redcorelinux.org" - - export REAL_ARCH="$ARCH" - unset ARCH ; unset LDFLAGS #will interfere with Makefile if set -} - -src_prepare() { - default - emake mrproper - sed -ri "s|^(EXTRAVERSION =).*|\1 -${EXTRAVERSION}|" Makefile - cp "${FILESDIR}"/"${KV_MAJOR}"-amd64.config .config - rm -rf $(find . -type f|grep -F \.orig) -} - -src_compile() { - emake prepare modules_prepare -} - -src_install() { - dodir usr/src/linux-"${KV_FULL}" - cp -ax "${S}"/* "${D}"usr/src/linux-"${KV_FULL}" -} - -_kernel_sources_delete() { - rm -rf "${ROOT}"usr/src/linux-"${KV_FULL}" -} - -pkg_postrm() { - _kernel_sources_delete -} -- cgit v1.2.3