From 6d418bd062b0a5ebe5b5139c71d7a94a7aa22077 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 21 Oct 2023 13:27:11 +0100 Subject: app-admin/opensnitch : version bump --- app-admin/opensnitch-ebpf-module/Manifest | 1 + .../opensnitch-ebpf-module-1.6.2.ebuild | 74 ++++++++++++++++++++++ 2 files changed, 75 insertions(+) create mode 100644 app-admin/opensnitch-ebpf-module/Manifest create mode 100644 app-admin/opensnitch-ebpf-module/opensnitch-ebpf-module-1.6.2.ebuild (limited to 'app-admin/opensnitch-ebpf-module') diff --git a/app-admin/opensnitch-ebpf-module/Manifest b/app-admin/opensnitch-ebpf-module/Manifest new file mode 100644 index 00000000..2bd412f2 --- /dev/null +++ b/app-admin/opensnitch-ebpf-module/Manifest @@ -0,0 +1 @@ +DIST opensnitch-1.6.2.tar.gz 1341337 BLAKE2B c71c89f758d9fdc0a7968c28c8b79791ddf0446392e243acf4db95302d1d109a68372b29bd5b068c41d0bd5ae426a68807d7045a448128fc8badc8ecb906952b SHA512 79e32520e9e370718f0096af8766867154e0e556c164f193816ba965e4d267146941e9849842f42cd2c9bcd00838df460c17570e5c34cf3c2a812491638b71ba diff --git a/app-admin/opensnitch-ebpf-module/opensnitch-ebpf-module-1.6.2.ebuild b/app-admin/opensnitch-ebpf-module/opensnitch-ebpf-module-1.6.2.ebuild new file mode 100644 index 00000000..0a11cc3e --- /dev/null +++ b/app-admin/opensnitch-ebpf-module/opensnitch-ebpf-module-1.6.2.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit linux-info + +DESCRIPTION="eBPF process monitor module for opensnitch" +HOMEPAGE="https://github.com/evilsocket/opensnitch" +# NOTE: app-admin/opensnitch and this ebuild share the same source +SRC_URI=" + https://github.com/evilsocket/opensnitch/archive/refs/tags/v${PV}.tar.gz -> opensnitch-${PV}.tar.gz +" +S="${WORKDIR}/opensnitch-${PV}" +EBPF_DIR=ebpf_prog + +KEYWORDS="~amd64" +LICENSE="GPL-3" +SLOT="0" +IUSE="dist-kernel" + +MINKV=5.5 # only compatible with kernels >= 5.5 + +RDEPEND=" + dist-kernel? ( virtual/dist-kernel:= ) + ~app-admin/opensnitch-$PV +" + +DEPEND=" + virtual/linux-sources + >=sys-kernel/linux-headers-${MINKV} +" + +BDEPEND=" + sys-devel/bc + sys-devel/clang + sys-devel/llvm +" + +RESTRICT="strip test" +QA_PREBUILT="*" + +pkg_setup() { + # see https://github.com/evilsocket/opensnitch/discussions/978 + local CONFIG_CHECK=" + CGROUP_BPF + BPF_EVENTS + FTRACE_SYSCALLS + KPROBES_ON_FTRACE + KPROBE_EVENTS + UPROBE_EVENTS + " + + linux-info_pkg_setup + kernel_is -ge ${MINKV//./ } || die "Kernel version at least ${MINKV} required" +} + +src_compile() { + MODULES_MAKEARGS+=( + ARCH="x86" + EXTRA_FLAGS="-fno-stack-protector -fcf-protection" + KERNEL_DIR="${KV_DIR}" + KERNEL_HEADERS=/usr # gentoo installs linux-headers to /usr + ) + emake "${MODULES_MAKEARGS[@]}" -C "$EBPF_DIR" || die + llvm-strip -g "$EBPF_DIR"/opensnitch*.o +} + +src_install(){ + insinto /usr/lib/opensnitchd/ebpf/ + doins "$EBPF_DIR"/opensnitch.o + doins "$EBPF_DIR"/opensnitch-dns.o + doins "$EBPF_DIR"/opensnitch-procs.o +} -- cgit v1.2.3