From 42219993aee33a51c16b1fecc74fd7f42bf03d9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Fabian=20Silva=20Delgado?= Date: Fri, 11 Sep 2015 22:48:17 -0300 Subject: drop linux-libre-lts-grsec{,-knock} packages for now The stable grsecurity patches are no longer public. https://grsecurity.net/announce.php --- libre/linux-libre-lts-grsec/PKGBUILD | 380 ----------------------------------- 1 file changed, 380 deletions(-) delete mode 100644 libre/linux-libre-lts-grsec/PKGBUILD (limited to 'libre/linux-libre-lts-grsec/PKGBUILD') diff --git a/libre/linux-libre-lts-grsec/PKGBUILD b/libre/linux-libre-lts-grsec/PKGBUILD deleted file mode 100644 index 21ce09455..000000000 --- a/libre/linux-libre-lts-grsec/PKGBUILD +++ /dev/null @@ -1,380 +0,0 @@ -# Maintainer: André Silva -# Contributor: Nicolás Reynolds -# Contributor: Sorin-Mihai Vârgolici -# Contributor: Michał Masłowski -# Contributor: Márcio Silva -# Contributor: Luke Shumaker - -# Based on linux-grsec-lts package - -pkgbase=linux-libre-lts-grsec -_pkgbasever=3.14-gnu -_pkgver=3.14.51-gnu -_grsecver=3.1 -_timestamp=201508181951 - -_replacesarchkernel=('linux-grsec-lts') # '%' gets replaced with _kernelname -_replacesoldkernels=('kernel26-grsec-lts' 'kernel26-libre%') # '%' gets replaced with _kernelname -_replacesoldmodules=() # '%' gets replaced with _kernelname - -_srcname=linux-${_pkgbasever%-*} -_archpkgver=${_pkgver%-*}.${_timestamp} -pkgver=${_pkgver//-/_}.${_timestamp} -pkgrel=2 -arch=('i686' 'x86_64') -url="https://grsecurity.net/" -license=('GPL2') -makedepends=('xmlto' 'docbook-xsl' 'kmod' 'inetutils' 'bc') -options=('!strip') -source=("http://linux-libre.fsfla.org/pub/linux-libre/releases/${_pkgbasever}/linux-libre-${_pkgbasever}.tar.xz" - "http://linux-libre.fsfla.org/pub/linux-libre/releases/${_pkgbasever}/linux-libre-${_pkgbasever}.tar.xz.sign" - "http://linux-libre.fsfla.org/pub/linux-libre/releases/${_pkgver}/patch-${_pkgbasever}-${_pkgver}.xz" - "http://linux-libre.fsfla.org/pub/linux-libre/releases/${_pkgver}/patch-${_pkgbasever}-${_pkgver}.xz.sign" - "https://repo.parabola.nu/other/grsecurity-libre/stable/grsecurity-libre-${_grsecver}-${_pkgver%-*}-${_timestamp}.patch" - "https://repo.parabola.nu/other/grsecurity-libre/stable/grsecurity-libre-${_grsecver}-${_pkgver%-*}-${_timestamp}.patch.sig" - "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_clut224.ppm" - "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_clut224.ppm.sig" - "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_mono.pbm" - "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_mono.pbm.sig" - "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_vga16.ppm" - "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_vga16.ppm.sig" - # the main kernel config files - 'config.i686' 'config.x86_64' - # standard config files for mkinitcpio ramdisk - 'linux.preset' - 'change-default-console-loglevel.patch' - '0001-Bluetooth-allocate-static-minor-for-vhci.patch' - '0002-module-allow-multiple-calls-to-MODULE_DEVICE_TABLE-p.patch' - '0003-module-remove-MODULE_GENERIC_TABLE.patch' - '0006-genksyms-fix-typeof-handling.patch' - 'gcc5_buildfixes.diff' - '0001-drm-radeon-Make-the-driver-load-without-the-firmwares.patch') -sha256sums=('477555c709b9407fe37dbd70d3331ff9dde1f9d874aba2741f138d07ae6f281b' - 'SKIP' - 'b12b75dfeac07e8bfe7c76bc7b4d9012dfbfc25201b7cdf9edf31466ee5a0fac' - 'SKIP' - '8b28ae2f46283274dbd6fd77bba36e6a18be633887125e2077ea269587b0b0b7' - 'SKIP' - 'bfd4a7f61febe63c880534dcb7c31c5b932dde6acf991810b41a939a93535494' - 'SKIP' - '13bd7a8d9ed6b6bc971e4cd162262c5a20448a83796af39ce394d827b0e5de74' - 'SKIP' - '6de8a8319271809ffdb072b68d53d155eef12438e6d04ff06a5a4db82c34fa8a' - 'SKIP' - '897c449ef482e9acb38e4b502f8bc24273de9d17c8e5064dc525e68735d89f45' - '1c2c35f21a35c76ee4107d3990f142533d2d88bdcc5692dc2dcfc95b2502ab20' - 'f0d90e756f14533ee67afda280500511a62465b4f76adcc5effa95a40045179c' - 'faced4eb4c47c4eb1a9ee8a5bf8a7c4b49d6b4d78efbe426e410730e6267d182' - '6d72e14552df59e6310f16c176806c408355951724cd5b48a47bf01591b8be02' - '52dec83a8805a8642d74d764494acda863e0aa23e3d249e80d4b457e20a3fd29' - '65d58f63215ee3c5f9c4fc6bce36fc5311a6c7dbdbe1ad29de40647b47ff9c0d' - 'cf2e7a2d00787f754028e7459688c2755a406e632ce48b60952fa4ff7ed6f4b7' - '9c89039a0f876888fda3be6f574bca5a120e3587d8342747bbc0723b0b4cde7a' - '38cf6bdf70dc070ff0b785937d99347bb91f8531ea2bcca50283c8923a184c6d') -validpgpkeys=( - '474402C8C582DAFBE389C427BCB7CF877E7D47A7' # Alexandre Oliva - 'C92BAA713B8D53D3CAE63FC9E6974752F9704456' # André Silva - '684D54A189305A9CC95446D36B888913DDB59515' # Márcio Silva -) - -_kernelname=${pkgbase#linux-libre} -_replacesarchkernel=("${_replacesarchkernel[@]/\%/${_kernelname}}") -_replacesoldkernels=("${_replacesoldkernels[@]/\%/${_kernelname}}") -_replacesoldmodules=("${_replacesoldmodules[@]/\%/${_kernelname}}") - -case "$CARCH" in - i686|x86_64) KARCH=x86;; -esac - -prepare() { - cd "${srcdir}/${_srcname}" - - # add upstream patch - if [ "${_pkgbasever}" != "${_pkgver}" ]; then - patch -p1 -i "${srcdir}/patch-${_pkgbasever}-${_pkgver}" - fi - - # add grsecurity patches (without nonfree bnx2 firmware patching) - patch -Np1 -i "${srcdir}/grsecurity-libre-${_grsecver}-${_pkgver%-*}-${_timestamp}.patch" - rm localversion-grsec - - # add freedo as boot logo - install -m644 -t drivers/video/logo \ - "${srcdir}/logo_linux_"{clut224.ppm,vga16.ppm,mono.pbm} - - # buildfixes for gcc5 - # https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/drivers/scsi/qla2xxx/qla_nx2.c?id=9493c2422cae272d6f1f567cbb424195defe4176 - # https://lkml.org/lkml/2014/11/9/27 - # https://lkml.org/lkml/2014/12/14/55 - patch -p1 -i "${srcdir}/gcc5_buildfixes.diff" - - # add latest fixes from stable queue, if needed - # http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git - - # set DEFAULT_CONSOLE_LOGLEVEL to 4 (same value as the 'quiet' kernel param) - # remove this when a Kconfig knob is made available by upstream - # (relevant patch sent upstream: https://lkml.org/lkml/2011/7/26/227) - patch -p1 -i "${srcdir}/change-default-console-loglevel.patch" - - # Fix vhci warning in kmod (to restore every kernel maintainer's sanity) - patch -p1 -i "${srcdir}/0001-Bluetooth-allocate-static-minor-for-vhci.patch" - - # Fix atkbd aliases - patch -p1 -i "${srcdir}/0002-module-allow-multiple-calls-to-MODULE_DEVICE_TABLE-p.patch" - patch -p1 -i "${srcdir}/0003-module-remove-MODULE_GENERIC_TABLE.patch" - - # Fix generation of symbol CRCs - # http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dc53324060f324e8af6867f57bf4891c13c6ef18 - patch -p1 -i "${srcdir}/0006-genksyms-fix-typeof-handling.patch" - - # Make the radeon driver load without the firmwares - # http://www.fsfla.org/pipermail/linux-libre/2015-August/003098.html - patch -Np1 -i ../0001-drm-radeon-Make-the-driver-load-without-the-firmwares.patch - - cat "${srcdir}/config.${CARCH}" > ./.config - - # append pkgrel to extraversion - sed -ri "s|^(EXTRAVERSION =.*\S).*|\1-${_timestamp}-${pkgrel}|" Makefile - - # don't run depmod on 'make install'. We'll do this ourselves in packaging - sed -i '2iexit 0' scripts/depmod.sh - - # get kernel version - make prepare - - # load configuration - # Configure the kernel. Replace the line below with one of your choice. - #make menuconfig # CLI menu for configuration - #make nconfig # new CLI menu for configuration - #make xconfig # X-based configuration - #make oldconfig # using old config from previous kernel version - # ... or manually edit .config - - # rewrite configuration - yes "" | make config >/dev/null -} - -build() { - cd "${srcdir}/${_srcname}" - - make ${MAKEFLAGS} LOCALVERSION= bzImage modules -} - -_package() { - pkgdesc="The ${pkgbase^} kernel and modules - stable longtime supported kernel package suitable for servers with grsecurity/PaX patches" - [ "${pkgbase}" = "linux-libre" ] && groups=('base') - depends=('coreutils' 'linux-libre-firmware' 'kmod' 'grsec-common' 'mkinitcpio>=0.7') - optdepends=('crda: to set the correct wireless channels of your country' - 'gradm: to configure and enable Role Based Access Control (RBAC)' - 'paxd-libre: to enable PaX exploit mitigations and apply exceptions automatically') - provides=("${_replacesarchkernel[@]/%/=${_archpkgver}}") - conflicts=("${_replacesarchkernel[@]}" "${_replacesoldkernels[@]}" "${_replacesoldmodules[@]}") - replaces=("${_replacesarchkernel[@]}" "${_replacesoldkernels[@]}" "${_replacesoldmodules[@]}") - backup=("etc/mkinitcpio.d/${pkgbase}.preset") - install=linux.install - - cd "${srcdir}/${_srcname}" - - # get kernel version - _kernver="$(make LOCALVERSION= kernelrelease)" - _basekernel=${_kernver%%-*} - _basekernel=${_basekernel%.*} - - mkdir -p "${pkgdir}"/{lib/modules,lib/firmware,boot} - make LOCALVERSION= INSTALL_MOD_PATH="${pkgdir}" modules_install - cp arch/$KARCH/boot/bzImage "${pkgdir}/boot/vmlinuz-${pkgbase}" - - # set correct depmod command for install - cp -f "${startdir}/${install}" "${startdir}/${install}.pkg" - true && install=${install}.pkg - sed \ - -e "s/KERNEL_NAME=.*/KERNEL_NAME=${_kernelname}/" \ - -e "s/KERNEL_VERSION=.*/KERNEL_VERSION=${_kernver}/" \ - -i "${startdir}/${install}" - - # install mkinitcpio preset file for kernel - install -D -m644 "${srcdir}/linux.preset" "${pkgdir}/etc/mkinitcpio.d/${pkgbase}.preset" - sed \ - -e "1s|'linux.*'|'${pkgbase}'|" \ - -e "s|ALL_kver=.*|ALL_kver=\"/boot/vmlinuz-${pkgbase}\"|" \ - -e "s|default_image=.*|default_image=\"/boot/initramfs-${pkgbase}.img\"|" \ - -e "s|fallback_image=.*|fallback_image=\"/boot/initramfs-${pkgbase}-fallback.img\"|" \ - -i "${pkgdir}/etc/mkinitcpio.d/${pkgbase}.preset" - - # remove build and source links - rm -f "${pkgdir}"/lib/modules/${_kernver}/{source,build} - # remove the firmware - rm -rf "${pkgdir}/lib/firmware" - # gzip -9 all modules to save 100MB of space - find "${pkgdir}" -name '*.ko' -exec gzip -9 {} \; - # make room for external modules - ln -s "../extramodules-${_basekernel}${_kernelname}" "${pkgdir}/lib/modules/${_kernver}/extramodules" - # add real version for building modules and running depmod from post_install/upgrade - mkdir -p "${pkgdir}/lib/modules/extramodules-${_basekernel}${_kernelname}" - echo "${_kernver}" > "${pkgdir}/lib/modules/extramodules-${_basekernel}${_kernelname}/version" - - # Now we call depmod... - depmod -b "${pkgdir}" -F System.map "${_kernver}" - - # move module tree /lib -> /usr/lib - mkdir -p "${pkgdir}/usr" - mv "${pkgdir}/lib" "${pkgdir}/usr/" - - # add vmlinux - install -D -m644 vmlinux "${pkgdir}/usr/lib/modules/${_kernver}/build/vmlinux" - - # add grsecurity gcc plugins - mkdir -p "$pkgdir/usr/lib/modules/${_kernver}/build/tools/gcc" - cp -a tools/gcc/*.h "$pkgdir/usr/lib/modules/${_kernver}/build/tools/gcc/" - cp -a tools/gcc/Makefile "$pkgdir/usr/lib/modules/${_kernver}/build/tools/gcc/" - install -m644 tools/gcc/*.so "$pkgdir/usr/lib/modules/${_kernver}/build/tools/gcc/" - mkdir -p "$pkgdir/usr/lib/modules/${_kernver}/build/tools/gcc/size_overflow_plugin" - install -m644 tools/gcc/size_overflow_plugin/Makefile tools/gcc/size_overflow_plugin/*.so \ - "$pkgdir/usr/lib/modules/${_kernver}/build/tools/gcc/size_overflow_plugin" -} - -_package-headers() { - pkgdesc="Header files and scripts for building modules for ${pkgbase^} kernel" - provides=("${_replacesarchkernel[@]/%/-headers=${_archpkgver}}") - conflicts=("${_replacesarchkernel[@]/%/-headers}" "${_replacesoldkernels[@]/%/-headers}") - replaces=("${_replacesarchkernel[@]/%/-headers}" "${_replacesoldkernels[@]/%/-headers}") - - install -dm755 "${pkgdir}/usr/lib/modules/${_kernver}" - - cd "${srcdir}/${_srcname}" - install -D -m644 Makefile \ - "${pkgdir}/usr/lib/modules/${_kernver}/build/Makefile" - install -D -m644 kernel/Makefile \ - "${pkgdir}/usr/lib/modules/${_kernver}/build/kernel/Makefile" - install -D -m644 .config \ - "${pkgdir}/usr/lib/modules/${_kernver}/build/.config" - - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/include" - - for i in acpi asm-generic config crypto drm generated keys linux math-emu \ - media net pcmcia scsi sound trace uapi video xen; do - cp -a include/${i} "${pkgdir}/usr/lib/modules/${_kernver}/build/include/" - done - - # copy arch includes for external modules - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}" - cp -a arch/${KARCH}/include "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/" - - # copy files necessary for later builds - cp Module.symvers "${pkgdir}/usr/lib/modules/${_kernver}/build" - cp -a scripts "${pkgdir}/usr/lib/modules/${_kernver}/build" - - # fix permissions on scripts dir - chmod og-w -R "${pkgdir}/usr/lib/modules/${_kernver}/build/scripts" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/.tmp_versions" - - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/kernel" - - cp arch/${KARCH}/Makefile "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/" - - if [ "${CARCH}" = "i686" ]; then - cp arch/${KARCH}/Makefile_32.cpu "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/" - fi - - cp arch/${KARCH}/kernel/asm-offsets.s "${pkgdir}/usr/lib/modules/${_kernver}/build/arch/${KARCH}/kernel/" - - # add docbook makefile - install -D -m644 Documentation/DocBook/Makefile \ - "${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/DocBook/Makefile" - - # add dm headers - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/md" - cp drivers/md/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/md" - - # add inotify.h - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/include/linux" - cp include/linux/inotify.h "${pkgdir}/usr/lib/modules/${_kernver}/build/include/linux/" - - # add wireless headers - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/net/mac80211/" - cp net/mac80211/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/net/mac80211/" - - # add dvb headers for external modules - # in reference to: - # http://bugs.archlinux.org/task/9912 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-core" - cp drivers/media/dvb-core/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-core/" - # and... - # http://bugs.archlinux.org/task/11194 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/include/config/dvb/" - cp include/config/dvb/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/include/config/dvb/" - - # add dvb headers for http://mcentral.de/hg/~mrec/em28xx-new - # in reference to: - # http://bugs.archlinux.org/task/13146 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends/" - cp drivers/media/dvb-frontends/lgdt330x.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends/" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/i2c/" - cp drivers/media/i2c/msp3400-driver.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/i2c/" - - # add dvb headers - # in reference to: - # http://bugs.archlinux.org/task/20402 - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/usb/dvb-usb" - cp drivers/media/usb/dvb-usb/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/usb/dvb-usb/" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends" - cp drivers/media/dvb-frontends/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/dvb-frontends/" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/tuners" - cp drivers/media/tuners/*.h "${pkgdir}/usr/lib/modules/${_kernver}/build/drivers/media/tuners/" - - # add xfs and shmem for aufs building - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/fs/xfs" - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build/mm" - cp fs/xfs/xfs_sb.h "${pkgdir}/usr/lib/modules/${_kernver}/build/fs/xfs/xfs_sb.h" - - # copy in Kconfig files - for i in $(find . -name "Kconfig*"); do - mkdir -p "${pkgdir}"/usr/lib/modules/${_kernver}/build/`echo ${i} | sed 's|/Kconfig.*||'` - cp ${i} "${pkgdir}/usr/lib/modules/${_kernver}/build/${i}" - done - - chown -R root.root "${pkgdir}/usr/lib/modules/${_kernver}/build" - find "${pkgdir}/usr/lib/modules/${_kernver}/build" -type d -exec chmod 755 {} \; - - # strip scripts directory - find "${pkgdir}/usr/lib/modules/${_kernver}/build/scripts" -type f -perm -u+w 2>/dev/null | while read binary ; do - case "$(file -bi "${binary}")" in - *application/x-sharedlib*) # Libraries (.so) - /usr/bin/strip ${STRIP_SHARED} "${binary}";; - *application/x-archive*) # Libraries (.a) - /usr/bin/strip ${STRIP_STATIC} "${binary}";; - *application/x-executable*) # Binaries - /usr/bin/strip ${STRIP_BINARIES} "${binary}";; - esac - done - - # remove unneeded architectures - find "${pkgdir}"/usr/lib/modules/${_kernver}/build/arch -mindepth 1 -maxdepth 1 -type d -not -name "$KARCH" -exec rm -rf {} + -} - -_package-docs() { - pkgdesc="Kernel hackers manual - HTML documentation that comes with the ${pkgbase^} kernel" - provides=("${_replacesarchkernel[@]/%/-docs=${_archpkgver}}") - conflicts=("${_replacesarchkernel[@]/%/-docs}" "${_replacesoldkernels[@]/%/-docs}") - replaces=("${_replacesarchkernel[@]/%/-docs}" "${_replacesoldkernels[@]/%/-docs}") - - cd "${srcdir}/${_srcname}" - - mkdir -p "${pkgdir}/usr/lib/modules/${_kernver}/build" - cp -al Documentation "${pkgdir}/usr/lib/modules/${_kernver}/build" - find "${pkgdir}" -type f -exec chmod 444 {} \; - find "${pkgdir}" -type d -exec chmod 755 {} \; - - # remove a file already in linux package - rm -f "${pkgdir}/usr/lib/modules/${_kernver}/build/Documentation/DocBook/Makefile" -} - -pkgname=("${pkgbase}" "${pkgbase}-headers" "${pkgbase}-docs") -for _p in ${pkgname[@]}; do - eval "package_${_p}() { - $(declare -f "_package${_p#${pkgbase}}") - _package${_p#${pkgbase}} - }" -done - -# vim:set ts=8 sts=2 sw=2 et: -- cgit v1.2.3-2-g168b