From 5c22c8190455a20f7f96cb1fdb0696b43c9232f3 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 14 Jan 2024 12:21:12 +0000 Subject: sys-kernel/linux-{image,sources}-redcore : enable LANDLOCK, revision bump --- .../linux-sources-redcore/files/6.5-amd64.config | 6 +- .../linux-sources-redcore-6.5.13-r1.ebuild | 74 ---------------------- .../linux-sources-redcore-6.5.13-r2.ebuild | 74 ++++++++++++++++++++++ 3 files changed, 77 insertions(+), 77 deletions(-) delete mode 100644 sys-kernel/linux-sources-redcore/linux-sources-redcore-6.5.13-r1.ebuild create mode 100644 sys-kernel/linux-sources-redcore/linux-sources-redcore-6.5.13-r2.ebuild (limited to 'sys-kernel/linux-sources-redcore') diff --git a/sys-kernel/linux-sources-redcore/files/6.5-amd64.config b/sys-kernel/linux-sources-redcore/files/6.5-amd64.config index 4e60c08a..f00f92d3 100644 --- a/sys-kernel/linux-sources-redcore/files/6.5-amd64.config +++ b/sys-kernel/linux-sources-redcore/files/6.5-amd64.config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 6.5.8-redcore Kernel Configuration +# Linux/x86 6.5.13-redcore-r1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (Gentoo Hardened 13.2.0-r10 p3) 13.2.0" CONFIG_CC_IS_GCC=y @@ -10616,7 +10616,7 @@ CONFIG_SECURITY_APPARMOR_PARANOID_LOAD=y CONFIG_SECURITY_YAMA=y # CONFIG_SECURITY_SAFESETID is not set # CONFIG_SECURITY_LOCKDOWN_LSM is not set -# CONFIG_SECURITY_LANDLOCK is not set +CONFIG_SECURITY_LANDLOCK=y CONFIG_INTEGRITY=y # CONFIG_INTEGRITY_SIGNATURE is not set CONFIG_INTEGRITY_AUDIT=y @@ -10625,7 +10625,7 @@ CONFIG_INTEGRITY_AUDIT=y # CONFIG_EVM is not set CONFIG_DEFAULT_SECURITY_APPARMOR=y # CONFIG_DEFAULT_SECURITY_DAC is not set -CONFIG_LSM="yama,loadpin,safesetid,integrity,apparmor" +CONFIG_LSM="landlock,yama,loadpin,safesetid,integrity,apparmor" # # Kernel hardening options diff --git a/sys-kernel/linux-sources-redcore/linux-sources-redcore-6.5.13-r1.ebuild b/sys-kernel/linux-sources-redcore/linux-sources-redcore-6.5.13-r1.ebuild deleted file mode 100644 index dfbf9707..00000000 --- a/sys-kernel/linux-sources-redcore/linux-sources-redcore-6.5.13-r1.ebuild +++ /dev/null @@ -1,74 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit eutils - -EXTRAVERSION="redcore-r1" -KV_FULL="${PV}-${EXTRAVERSION}" -KV_MAJOR="6.5" - -DESCRIPTION="Redcore Linux Kernel Sources" -HOMEPAGE="https://redcorelinux.org" -SRC_URI="https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-${PV}.tar.xz" - -KEYWORDS="~amd64" -LICENSE="GPL-2" -SLOT="${KV_MAJOR}" -IUSE="" - -RESTRICT="strip mirror" -DEPEND=" - app-arch/lz4 - app-arch/xz-utils - dev-build/make - sys-devel/autoconf - sys-devel/bc" -RDEPEND="${DEPEND}" - -PATCHES=( - "${FILESDIR}"/"${KV_MAJOR}"-ath10k-be-quiet.patch - "${FILESDIR}"/"${KV_MAJOR}"-ata-fix-NCQ-LOG-strings-and-move-to-debug.patch - "${FILESDIR}"/"${KV_MAJOR}"-acpi-use-kern_warning_even_when_error.patch - "${FILESDIR}"/"${KV_MAJOR}"-fix-bootconfig-makefile.patch - "${FILESDIR}"/"${KV_MAJOR}"-apic_vector-spam-in-debug-mode-only.patch - "${FILESDIR}"/"${KV_MAJOR}"-0001-Revert-cpufreq-Avoid-configuring-old-governors-as-de.patch - "${FILESDIR}"/"${KV_MAJOR}"-revert-parts-of-a00ec3874e7d326ab2dffbed92faddf6a77a84e9-no-Intel-NO.patch - "${FILESDIR}"/"${KV_MAJOR}"-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch -) - -S="${WORKDIR}"/linux-"${PV}" - -pkg_setup() { - export KBUILD_BUILD_USER="nexus" - export KBUILD_BUILD_HOST="nexus.redcorelinux.org" - - export REAL_ARCH="$ARCH" - unset ARCH ; unset LDFLAGS #will interfere with Makefile if set -} - -src_prepare() { - default - emake mrproper - sed -ri "s|^(EXTRAVERSION =).*|\1 -${EXTRAVERSION}|" Makefile - cp "${FILESDIR}"/"${KV_MAJOR}"-amd64.config .config - rm -rf $(find . -type f|grep -F \.orig) -} - -src_compile() { - emake prepare modules_prepare -} - -src_install() { - dodir usr/src/linux-"${KV_FULL}" - cp -ax "${S}"/* "${D}"usr/src/linux-"${KV_FULL}" -} - -_kernel_sources_delete() { - rm -rf "${ROOT}"usr/src/linux-"${KV_FULL}" -} - -pkg_postrm() { - _kernel_sources_delete -} diff --git a/sys-kernel/linux-sources-redcore/linux-sources-redcore-6.5.13-r2.ebuild b/sys-kernel/linux-sources-redcore/linux-sources-redcore-6.5.13-r2.ebuild new file mode 100644 index 00000000..49783dc5 --- /dev/null +++ b/sys-kernel/linux-sources-redcore/linux-sources-redcore-6.5.13-r2.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit eutils + +EXTRAVERSION="redcore-r2" +KV_FULL="${PV}-${EXTRAVERSION}" +KV_MAJOR="6.5" + +DESCRIPTION="Redcore Linux Kernel Sources" +HOMEPAGE="https://redcorelinux.org" +SRC_URI="https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-${PV}.tar.xz" + +KEYWORDS="~amd64" +LICENSE="GPL-2" +SLOT="${KV_MAJOR}" +IUSE="" + +RESTRICT="strip mirror" +DEPEND=" + app-arch/lz4 + app-arch/xz-utils + dev-build/make + sys-devel/autoconf + sys-devel/bc" +RDEPEND="${DEPEND}" + +PATCHES=( + "${FILESDIR}"/"${KV_MAJOR}"-ath10k-be-quiet.patch + "${FILESDIR}"/"${KV_MAJOR}"-ata-fix-NCQ-LOG-strings-and-move-to-debug.patch + "${FILESDIR}"/"${KV_MAJOR}"-acpi-use-kern_warning_even_when_error.patch + "${FILESDIR}"/"${KV_MAJOR}"-fix-bootconfig-makefile.patch + "${FILESDIR}"/"${KV_MAJOR}"-apic_vector-spam-in-debug-mode-only.patch + "${FILESDIR}"/"${KV_MAJOR}"-0001-Revert-cpufreq-Avoid-configuring-old-governors-as-de.patch + "${FILESDIR}"/"${KV_MAJOR}"-revert-parts-of-a00ec3874e7d326ab2dffbed92faddf6a77a84e9-no-Intel-NO.patch + "${FILESDIR}"/"${KV_MAJOR}"-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch +) + +S="${WORKDIR}"/linux-"${PV}" + +pkg_setup() { + export KBUILD_BUILD_USER="nexus" + export KBUILD_BUILD_HOST="nexus.redcorelinux.org" + + export REAL_ARCH="$ARCH" + unset ARCH ; unset LDFLAGS #will interfere with Makefile if set +} + +src_prepare() { + default + emake mrproper + sed -ri "s|^(EXTRAVERSION =).*|\1 -${EXTRAVERSION}|" Makefile + cp "${FILESDIR}"/"${KV_MAJOR}"-amd64.config .config + rm -rf $(find . -type f|grep -F \.orig) +} + +src_compile() { + emake prepare modules_prepare +} + +src_install() { + dodir usr/src/linux-"${KV_FULL}" + cp -ax "${S}"/* "${D}"usr/src/linux-"${KV_FULL}" +} + +_kernel_sources_delete() { + rm -rf "${ROOT}"usr/src/linux-"${KV_FULL}" +} + +pkg_postrm() { + _kernel_sources_delete +} -- cgit v1.2.3