[gentoo-commits] dev/blueness:master commit in: sys-kernel/hardened-sources/ - gentoo-commits

From:	"Anthony G. Basile" <blueness@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] dev/blueness:master commit in: sys-kernel/hardened-sources/
Date:	Sun, 05 Feb 2012 18:03:16
Message-Id:	`1f4c512494c5b7c8ffb04c3ea2ff7fac58e6cf3b.blueness@gentoo`

1

commit:     1f4c512494c5b7c8ffb04c3ea2ff7fac58e6cf3b

2

Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

3

AuthorDate: Sun Feb  5 18:02:46 2012 +0000

4

Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

5

CommitDate: Sun Feb  5 18:02:46 2012 +0000

6

URL:        http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=1f4c5124

7

8

sys-kernel/hardened-sources: testing patchset 20120203, adds USE=xtpax

9

10

(Portage version: 2.1.10.44/git/Linux x86_64, signed Manifest commit with key 0xD0455535)

11

12

---

13

 sys-kernel/hardened-sources/ChangeLog              |    8 +++

14

 sys-kernel/hardened-sources/Manifest               |   24 +++++++--

15

 .../hardened-sources-2.6.32-r90.ebuild             |   52 ++++++++++++++++++++

16

 .../hardened-sources/hardened-sources-3.2.4.ebuild |   51 +++++++++++++++++++

17

 sys-kernel/hardened-sources/metadata.xml           |    3 +-

18

 5 files changed, 132 insertions(+), 6 deletions(-)

19

20

diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog

21

index ea7da15..48abacb 100644

22

--- a/sys-kernel/hardened-sources/ChangeLog

23

+++ b/sys-kernel/hardened-sources/ChangeLog

24

@@ -1,5 +1,13 @@

25

26

27

+*hardened-sources-3.2.4 (05 Feb 2012)

28

+*hardened-sources-2.6.32-r90 (05 Feb 2012)

29

+

30

+  05 Feb 2012; Anthony G. Basile <blueness@g.o>

31

+  +hardened-sources-2.6.32-r90.ebuild, +hardened-sources-3.2.4.ebuild,

32

+  metadata.xml:

33

+  testing patchset 20120203, adds USE=xtpax

34

+

35

   28 Jan 2012; Anthony G. Basile <blueness@g.o>

36

   -hardened-sources-2.6.32-r89.ebuild, -hardened-sources-3.2.2-r1.ebuild:

37

   moved to tree

38

39

diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest

40

index 975bb45..db1a565 100644

41

--- a/sys-kernel/hardened-sources/Manifest

42

+++ b/sys-kernel/hardened-sources/Manifest

43

@@ -1,12 +1,26 @@

44

 -----BEGIN PGP SIGNED MESSAGE-----

45

 Hash: SHA256

46

47

-MISC ChangeLog 14463 RMD160 f16c681899b732235fdfc0743086e34e48e48ff7 SHA1 9e2778be387c60910621f0a99651a579d2941db2 SHA256 35a6c72df3c9efa674b504550c9e5fbe4cd882aaa3bfb0ec7324d560b3f3b4fd

48

-MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SHA1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8fcfd351f2f39ed63da68af3a5751fc2058d0d03813

49

+DIST deblob-2.6.32 84094 RMD160 394f46ec5b869638a7bc2e87beb118167c9bd6cb SHA1 1a2a1efb72126609d9e3b9be99ae5be2751efd06 SHA256 de625f0bd221c9c38d4453f1b709622f222d86a0ae9350d2b7b0e17795e6de6d

50

+DIST deblob-3.2 107602 RMD160 56f1dfe4f0254c802b49ea5220c4f67e56649852 SHA1 83421184d88d02e24de2adbc5debfb03454a7f4b SHA256 5db88405af6d51a77d84354afc3b2bdf673b1a5dcff37bb8db4ccbd12d91db20

51

+DIST deblob-check-2.6.32 247608 RMD160 840bf8a229ea79810519eee6241edb85b78a6562 SHA1 d45a24eb16e5ac956c0fcddbc1ac4d67e326c7b8 SHA256 da1aecdf3ab7f1207b90642d303e52262ccc2ed9e49739b729512b88950d17f3

52

+DIST deblob-check-3.2 423268 RMD160 8cb0c1b4a289db94543396c4445c4c7a35d2ba70 SHA1 01e50f824a577d15749f24643fdd136180342808 SHA256 9e67dd0885aa8ef356dbc15d487c8dea5a54f74c5b03a5d7946b65ee43f12638

53

+DIST genpatches-2.6.32-48.base.tar.bz2 1033142 RMD160 c42b6a5edbb9965391bbcf6ee40bb79c2080f497 SHA1 95e90447ecd875228121fa32e8cf89eaabde5fa6 SHA256 7438e7b7c0ef32e0c639cf89c4f53a3bc7917ca466b1fcf3931adb65ad05b583

54

+DIST genpatches-2.6.32-48.extras.tar.bz2 24939 RMD160 055706793fb532caeb3d364c5e1bd0ad46aff4b2 SHA1 2a966a4d5f9a718a0d43c25df563d0377154996f SHA256 ee714d14310fd5242ce2e28a8f8e5fda63ba18957960814876506f8754b9d2a0

55

+DIST genpatches-3.2-6.base.tar.bz2 84773 RMD160 cd3c6e712dc806879bc7db457948a6d8a8a1035b SHA1 09ae718822fd99eb6c0a1c34e2b37604fd8a60db SHA256 cbde89d0aab03aafa925af320fc4f65e7ed56cf98c02dee0f58a9c8c90a454ec

56

+DIST genpatches-3.2-6.extras.tar.bz2 17208 RMD160 8324da51ce71afb0d375f34b0dd05209079bd7a3 SHA1 c2f4e029aebbc0ae82221aa2643de06a2d08cbd8 SHA256 7f60ab18e2965d024b7a36327577bcc771061f2cfac221ed475a6fd6b2ab89c7

57

+DIST hardened-patches-2.6.32-92.extras.tar.bz2 568992 RMD160 26bed4cfb7763a26e0d9f6d49752c86e5dc8865b SHA1 20da9ac7d625dd4961b66264660851a5babf3ac7 SHA256 39196f8a4d25fc1b31f3f2db474c165cb5ff5540c0d0d3634254acba7b66ea46

58

+DIST hardened-patches-3.2.4-1.extras.tar.bz2 525150 RMD160 740c8d0a5e69e7c802d11f1677abcaa9163af323 SHA1 035e1561693ab0ab930c41df7f64ee70f4bc8a5b SHA256 1f40a610c54a0c42b5eaaaa4123def0d4fb6fe0a561778b1891129da7d28b65d

59

+DIST linux-2.6.32.tar.bz2 64424138 RMD160 b93742cbaf8174f2200d2dbef0d47a26c618039c SHA1 410b4fc818023bfef60064e973ff0ab46d3bfb19 SHA256 5099786d80b8407d98a619df00209c2353517f22d804fdd9533b362adcb4504e

60

+DIST linux-3.2.tar.bz2 78147838 RMD160 15eb022305dfc8b0e1d59e396911fa86eb9c3bdf SHA1 3460afa971049aa79b8f914e1bfd619eedd19f55 SHA256 c881fc2b53cf0da7ca4538aa44623a7de043a41f76fd5d0f51a31f6ed699d463

61

+EBUILD hardened-sources-2.6.32-r90.ebuild 1891 RMD160 fc22b227346b660b55716842af9d94a06d5b883c SHA1 c080daa2c08705db93ab0ed890448808803d8e3e SHA256 0c6d4110dcdff9df7f8fd67b46ae2171de5cde561a798873c95d9d94f57117ae

62

+EBUILD hardened-sources-3.2.4.ebuild 1887 RMD160 bac69fa49947f452d4046ef58b260b59dc49f845 SHA1 6ff173241f598dfb6500a365bac139a9827cf72f SHA256 d5bca11bf754ec9bd44f57c59e9a19fc0039e378c67c5831e82bae9681f4091c

63

+MISC ChangeLog 14732 RMD160 3382c73e83bbb6a4dc7e20f261ea73495147dc57 SHA1 08af21abd7245cbb5f079472b5702d58fa72d21f SHA256 ce189e3326793b2b84fa379e28f9ec52167eec71f32b8a14b831c0fd8aec7dac

64

+MISC metadata.xml 651 RMD160 bd2f856b7c5aea29652610491cd60135e1e9b9f1 SHA1 1741d5fc80ad8f934fa7ad177b4662d1993d8584 SHA256 614ce0d6e8cfcf0b4dbf344b2758f25375afdaadccbfa4f68c3f8f058218f0a6

65

 -----BEGIN PGP SIGNATURE-----

66

 Version: GnuPG v2.0.17 (GNU/Linux)

67

68

-iEYEAREIAAYFAk8jip8ACgkQl5yvQNBFVTXLygCfTC8Q8zBodwW/xhs0qE+0lyy/

69

-ygEAoKWEVnyTzNNKrN63XF45vL2GddM7

70

-=Ka0T

71

+iEYEAREIAAYFAk8uxEYACgkQl5yvQNBFVTWGDQCfTEWMqfoQppkmoLUgCxZncnDN

72

+bCIAnRUX33At9qTIgkHrELURi1Bj1Flb

73

+=5TjY

74

 -----END PGP SIGNATURE-----

75

76

diff --git a/sys-kernel/hardened-sources/hardened-sources-2.6.32-r90.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r90.ebuild

77

new file mode 100644

78

index 0000000..332907f

79

--- /dev/null

80

+++ b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r90.ebuild

81

@@ -0,0 +1,52 @@

82

+# Copyright 1999-2012 Gentoo Foundation

83

+# Distributed under the terms of the GNU General Public License v2

84

+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.6.32-r89.ebuild,v 1.2 2012/01/29 14:34:15 blueness Exp $

85

+

86

+EAPI="4"

87

+

88

+ETYPE="sources"

89

+K_WANT_GENPATCHES="base extras"

90

+K_GENPATCHES_VER="48"

91

+K_DEBLOB_AVAILABLE="1"

92

+

93

+inherit kernel-2

94

+detect_version

95

+

96

+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-92"

97

+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2"

98

+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}"

99

+

100

+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2"

101

+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch"

102

+! use xtpax && UNIPATCH_EXCLUDE+=" 4425_grsec_enable_xtpax.patch"

103

+

104

+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})"

105

+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/"

106

+IUSE="deblob -xtpax"

107

+

108

+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"

109

+

110

+RDEPEND=">=sys-devel/gcc-4.5"

111

+

112

+pkg_postinst() {

113

+	kernel-2_pkg_postinst

114

+

115

+	local GRADM_COMPAT="sys-apps/gradm-2.2.2*"

116

+

117

+	ewarn

118

+	ewarn "Hardened Gentoo provides three different predefined grsecurity level:"

119

+	ewarn "[server], [workstation], and [virtualization]."

120

+	ewarn

121

+	ewarn "Those who intend to use one of these predefined grsecurity levels"

122

+	ewarn "should read the help associated with the level.  Users importing a"

123

+	ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32,"

124

+	ewarn "should review their selected grsecurity/PaX options carefully."

125

+	ewarn

126

+	ewarn "Users of grsecurity's RBAC system must ensure they are using"

127

+	ewarn "${GRADM_COMPAT}, which is compatible with ${PF}."

128

+	ewarn "It is strongly recommended that the following command is issued"

129

+	ewarn "prior to booting a ${PF} kernel for the first time:"

130

+	ewarn

131

+	ewarn "emerge -na =${GRADM_COMPAT}"

132

+	ewarn

133

+}

134

135

diff --git a/sys-kernel/hardened-sources/hardened-sources-3.2.4.ebuild b/sys-kernel/hardened-sources/hardened-sources-3.2.4.ebuild

136

new file mode 100644

137

index 0000000..a86f1d7

138

--- /dev/null

139

+++ b/sys-kernel/hardened-sources/hardened-sources-3.2.4.ebuild

140

@@ -0,0 +1,51 @@

141

+# Copyright 1999-2012 Gentoo Foundation

142

+# Distributed under the terms of the GNU General Public License v2

143

+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.2.2-r1.ebuild,v 1.2 2012/01/29 14:34:15 blueness Exp $

144

+

145

+EAPI="4"

146

+

147

+ETYPE="sources"

148

+K_WANT_GENPATCHES="base extras"

149

+K_GENPATCHES_VER="6"

150

+K_DEBLOB_AVAILABLE="1"

151

+

152

+inherit kernel-2

153

+detect_version

154

+

155

+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1"

156

+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2"

157

+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}"

158

+

159

+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2"

160

+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch"

161

+! use xtpax && UNIPATCH_EXCLUDE+=" 4425_grsec_enable_xtpax.patch"

162

+

163

+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})"

164

+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/"

165

+IUSE="deblob -xtpax"

166

+

167

+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"

168

+

169

+RDEPEND=">=sys-devel/gcc-4.5"

170

+

171

+pkg_postinst() {

172

+	kernel-2_pkg_postinst

173

+

174

+	local GRADM_COMPAT="sys-apps/gradm-2.2.2*"

175

+

176

+	ewarn

177

+	ewarn "Hardened Gentoo provides three different predefined grsecurity level:"

178

+	ewarn "[server], [workstation], and [virtualization].  Those who intend to"

179

+	ewarn "use one of these predefined grsecurity levels should read the help"

180

+	ewarn "associated with the level.  Because some options require >=gcc-4.5,"

181

+	ewarn "users with more, than one version of gcc installed should use gcc-config"

182

+	ewarn "to select a compatible version."

183

+	ewarn

184

+	ewarn "Users of grsecurity's RBAC system must ensure they are using"

185

+	ewarn "${GRADM_COMPAT}, which is compatible with ${PF}."

186

+	ewarn "It is strongly recommended that the following command is issued"

187

+	ewarn "prior to booting a ${PF} kernel for the first time:"

188

+	ewarn

189

+	ewarn "emerge -na =${GRADM_COMPAT}"

190

+	ewarn

191

+}

192

193

diff --git a/sys-kernel/hardened-sources/metadata.xml b/sys-kernel/hardened-sources/metadata.xml

194

index 6fa414d..c3372a9 100644

195

--- a/sys-kernel/hardened-sources/metadata.xml

196

+++ b/sys-kernel/hardened-sources/metadata.xml

197

@@ -13,5 +13,6 @@

198

 	</longdescription>

199

 	<use>

200

 		<flag name='deblob'>Remove binary blobs from kernel sources to provide libre license compliance.</flag>

201

-  	</use>

202

+		<flag name='xtpax'>Enable XATTR_PAX_FLAGS support (EXPERIMENTAL).</flag>

203

+	</use>

204

 </pkgmetadata>

1	commit: 1f4c512494c5b7c8ffb04c3ea2ff7fac58e6cf3b
2	Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3	AuthorDate: Sun Feb 5 18:02:46 2012 +0000
4	Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5	CommitDate: Sun Feb 5 18:02:46 2012 +0000
6	URL: http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=commit;h=1f4c5124
7
8	sys-kernel/hardened-sources: testing patchset 20120203, adds USE=xtpax
9
10	(Portage version: 2.1.10.44/git/Linux x86_64, signed Manifest commit with key 0xD0455535)
11
12	---
13	sys-kernel/hardened-sources/ChangeLog \| 8 +++
14	sys-kernel/hardened-sources/Manifest \| 24 +++++++--
15	.../hardened-sources-2.6.32-r90.ebuild \| 52 ++++++++++++++++++++
16	.../hardened-sources/hardened-sources-3.2.4.ebuild \| 51 +++++++++++++++++++
17	sys-kernel/hardened-sources/metadata.xml \| 3 +-
18	5 files changed, 132 insertions(+), 6 deletions(-)
19
20	diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog
21	index ea7da15..48abacb 100644
22	--- a/sys-kernel/hardened-sources/ChangeLog
23	+++ b/sys-kernel/hardened-sources/ChangeLog
24	@@ -1,5 +1,13 @@
25
26
27	+*hardened-sources-3.2.4 (05 Feb 2012)
28	+*hardened-sources-2.6.32-r90 (05 Feb 2012)
29	+
30	+ 05 Feb 2012; Anthony G. Basile <blueness@g.o>
31	+ +hardened-sources-2.6.32-r90.ebuild, +hardened-sources-3.2.4.ebuild,
32	+ metadata.xml:
33	+ testing patchset 20120203, adds USE=xtpax
34	+
35	28 Jan 2012; Anthony G. Basile <blueness@g.o>
36	-hardened-sources-2.6.32-r89.ebuild, -hardened-sources-3.2.2-r1.ebuild:
37	moved to tree
38
39	diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest
40	index 975bb45..db1a565 100644
41	--- a/sys-kernel/hardened-sources/Manifest
42	+++ b/sys-kernel/hardened-sources/Manifest
43	@@ -1,12 +1,26 @@
44	-----BEGIN PGP SIGNED MESSAGE-----
45	Hash: SHA256
46
47	-MISC ChangeLog 14463 RMD160 f16c681899b732235fdfc0743086e34e48e48ff7 SHA1 9e2778be387c60910621f0a99651a579d2941db2 SHA256 35a6c72df3c9efa674b504550c9e5fbe4cd882aaa3bfb0ec7324d560b3f3b4fd
48	-MISC metadata.xml 578 RMD160 7ea189a37d0f863ae9c52170bb85df27d21686fb SHA1 4765c25d7770a69f7b9dda2b1accc8ff27b74ad0 SHA256 64140e091b51002a5355d8fcfd351f2f39ed63da68af3a5751fc2058d0d03813
49	+DIST deblob-2.6.32 84094 RMD160 394f46ec5b869638a7bc2e87beb118167c9bd6cb SHA1 1a2a1efb72126609d9e3b9be99ae5be2751efd06 SHA256 de625f0bd221c9c38d4453f1b709622f222d86a0ae9350d2b7b0e17795e6de6d
50	+DIST deblob-3.2 107602 RMD160 56f1dfe4f0254c802b49ea5220c4f67e56649852 SHA1 83421184d88d02e24de2adbc5debfb03454a7f4b SHA256 5db88405af6d51a77d84354afc3b2bdf673b1a5dcff37bb8db4ccbd12d91db20
51	+DIST deblob-check-2.6.32 247608 RMD160 840bf8a229ea79810519eee6241edb85b78a6562 SHA1 d45a24eb16e5ac956c0fcddbc1ac4d67e326c7b8 SHA256 da1aecdf3ab7f1207b90642d303e52262ccc2ed9e49739b729512b88950d17f3
52	+DIST deblob-check-3.2 423268 RMD160 8cb0c1b4a289db94543396c4445c4c7a35d2ba70 SHA1 01e50f824a577d15749f24643fdd136180342808 SHA256 9e67dd0885aa8ef356dbc15d487c8dea5a54f74c5b03a5d7946b65ee43f12638
53	+DIST genpatches-2.6.32-48.base.tar.bz2 1033142 RMD160 c42b6a5edbb9965391bbcf6ee40bb79c2080f497 SHA1 95e90447ecd875228121fa32e8cf89eaabde5fa6 SHA256 7438e7b7c0ef32e0c639cf89c4f53a3bc7917ca466b1fcf3931adb65ad05b583
54	+DIST genpatches-2.6.32-48.extras.tar.bz2 24939 RMD160 055706793fb532caeb3d364c5e1bd0ad46aff4b2 SHA1 2a966a4d5f9a718a0d43c25df563d0377154996f SHA256 ee714d14310fd5242ce2e28a8f8e5fda63ba18957960814876506f8754b9d2a0
55	+DIST genpatches-3.2-6.base.tar.bz2 84773 RMD160 cd3c6e712dc806879bc7db457948a6d8a8a1035b SHA1 09ae718822fd99eb6c0a1c34e2b37604fd8a60db SHA256 cbde89d0aab03aafa925af320fc4f65e7ed56cf98c02dee0f58a9c8c90a454ec
56	+DIST genpatches-3.2-6.extras.tar.bz2 17208 RMD160 8324da51ce71afb0d375f34b0dd05209079bd7a3 SHA1 c2f4e029aebbc0ae82221aa2643de06a2d08cbd8 SHA256 7f60ab18e2965d024b7a36327577bcc771061f2cfac221ed475a6fd6b2ab89c7
57	+DIST hardened-patches-2.6.32-92.extras.tar.bz2 568992 RMD160 26bed4cfb7763a26e0d9f6d49752c86e5dc8865b SHA1 20da9ac7d625dd4961b66264660851a5babf3ac7 SHA256 39196f8a4d25fc1b31f3f2db474c165cb5ff5540c0d0d3634254acba7b66ea46
58	+DIST hardened-patches-3.2.4-1.extras.tar.bz2 525150 RMD160 740c8d0a5e69e7c802d11f1677abcaa9163af323 SHA1 035e1561693ab0ab930c41df7f64ee70f4bc8a5b SHA256 1f40a610c54a0c42b5eaaaa4123def0d4fb6fe0a561778b1891129da7d28b65d
59	+DIST linux-2.6.32.tar.bz2 64424138 RMD160 b93742cbaf8174f2200d2dbef0d47a26c618039c SHA1 410b4fc818023bfef60064e973ff0ab46d3bfb19 SHA256 5099786d80b8407d98a619df00209c2353517f22d804fdd9533b362adcb4504e
60	+DIST linux-3.2.tar.bz2 78147838 RMD160 15eb022305dfc8b0e1d59e396911fa86eb9c3bdf SHA1 3460afa971049aa79b8f914e1bfd619eedd19f55 SHA256 c881fc2b53cf0da7ca4538aa44623a7de043a41f76fd5d0f51a31f6ed699d463
61	+EBUILD hardened-sources-2.6.32-r90.ebuild 1891 RMD160 fc22b227346b660b55716842af9d94a06d5b883c SHA1 c080daa2c08705db93ab0ed890448808803d8e3e SHA256 0c6d4110dcdff9df7f8fd67b46ae2171de5cde561a798873c95d9d94f57117ae
62	+EBUILD hardened-sources-3.2.4.ebuild 1887 RMD160 bac69fa49947f452d4046ef58b260b59dc49f845 SHA1 6ff173241f598dfb6500a365bac139a9827cf72f SHA256 d5bca11bf754ec9bd44f57c59e9a19fc0039e378c67c5831e82bae9681f4091c
63	+MISC ChangeLog 14732 RMD160 3382c73e83bbb6a4dc7e20f261ea73495147dc57 SHA1 08af21abd7245cbb5f079472b5702d58fa72d21f SHA256 ce189e3326793b2b84fa379e28f9ec52167eec71f32b8a14b831c0fd8aec7dac
64	+MISC metadata.xml 651 RMD160 bd2f856b7c5aea29652610491cd60135e1e9b9f1 SHA1 1741d5fc80ad8f934fa7ad177b4662d1993d8584 SHA256 614ce0d6e8cfcf0b4dbf344b2758f25375afdaadccbfa4f68c3f8f058218f0a6
65	-----BEGIN PGP SIGNATURE-----
66	Version: GnuPG v2.0.17 (GNU/Linux)
67
68	-iEYEAREIAAYFAk8jip8ACgkQl5yvQNBFVTXLygCfTC8Q8zBodwW/xhs0qE+0lyy/
69	-ygEAoKWEVnyTzNNKrN63XF45vL2GddM7
70	-=Ka0T
71	+iEYEAREIAAYFAk8uxEYACgkQl5yvQNBFVTWGDQCfTEWMqfoQppkmoLUgCxZncnDN
72	+bCIAnRUX33At9qTIgkHrELURi1Bj1Flb
73	+=5TjY
74	-----END PGP SIGNATURE-----
75
76	diff --git a/sys-kernel/hardened-sources/hardened-sources-2.6.32-r90.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r90.ebuild
77	new file mode 100644
78	index 0000000..332907f
79	--- /dev/null
80	+++ b/sys-kernel/hardened-sources/hardened-sources-2.6.32-r90.ebuild
81	@@ -0,0 +1,52 @@
82	+# Copyright 1999-2012 Gentoo Foundation
83	+# Distributed under the terms of the GNU General Public License v2
84	+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.6.32-r89.ebuild,v 1.2 2012/01/29 14:34:15 blueness Exp $
85	+
86	+EAPI="4"
87	+
88	+ETYPE="sources"
89	+K_WANT_GENPATCHES="base extras"
90	+K_GENPATCHES_VER="48"
91	+K_DEBLOB_AVAILABLE="1"
92	+
93	+inherit kernel-2
94	+detect_version
95	+
96	+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-92"
97	+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2"
98	+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}"
99	+
100	+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2"
101	+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch"
102	+! use xtpax && UNIPATCH_EXCLUDE+=" 4425_grsec_enable_xtpax.patch"
103	+
104	+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})"
105	+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/"
106	+IUSE="deblob -xtpax"
107	+
108	+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
109	+
110	+RDEPEND=">=sys-devel/gcc-4.5"
111	+
112	+pkg_postinst() {
113	+ kernel-2_pkg_postinst
114	+
115	+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*"
116	+
117	+ ewarn
118	+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:"
119	+ ewarn "[server], [workstation], and [virtualization]."
120	+ ewarn
121	+ ewarn "Those who intend to use one of these predefined grsecurity levels"
122	+ ewarn "should read the help associated with the level. Users importing a"
123	+ ewarn "kernel configuration from a kernel prior to ${PN}-2.6.32,"
124	+ ewarn "should review their selected grsecurity/PaX options carefully."
125	+ ewarn
126	+ ewarn "Users of grsecurity's RBAC system must ensure they are using"
127	+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}."
128	+ ewarn "It is strongly recommended that the following command is issued"
129	+ ewarn "prior to booting a ${PF} kernel for the first time:"
130	+ ewarn
131	+ ewarn "emerge -na =${GRADM_COMPAT}"
132	+ ewarn
133	+}
134
135	diff --git a/sys-kernel/hardened-sources/hardened-sources-3.2.4.ebuild b/sys-kernel/hardened-sources/hardened-sources-3.2.4.ebuild
136	new file mode 100644
137	index 0000000..a86f1d7
138	--- /dev/null
139	+++ b/sys-kernel/hardened-sources/hardened-sources-3.2.4.ebuild
140	@@ -0,0 +1,51 @@
141	+# Copyright 1999-2012 Gentoo Foundation
142	+# Distributed under the terms of the GNU General Public License v2
143	+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-3.2.2-r1.ebuild,v 1.2 2012/01/29 14:34:15 blueness Exp $
144	+
145	+EAPI="4"
146	+
147	+ETYPE="sources"
148	+K_WANT_GENPATCHES="base extras"
149	+K_GENPATCHES_VER="6"
150	+K_DEBLOB_AVAILABLE="1"
151	+
152	+inherit kernel-2
153	+detect_version
154	+
155	+HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1"
156	+HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2"
157	+SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}"
158	+
159	+UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2"
160	+UNIPATCH_EXCLUDE="4200_fbcondecor-0.9.6.patch"
161	+! use xtpax && UNIPATCH_EXCLUDE+=" 4425_grsec_enable_xtpax.patch"
162	+
163	+DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})"
164	+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/"
165	+IUSE="deblob -xtpax"
166	+
167	+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
168	+
169	+RDEPEND=">=sys-devel/gcc-4.5"
170	+
171	+pkg_postinst() {
172	+ kernel-2_pkg_postinst
173	+
174	+ local GRADM_COMPAT="sys-apps/gradm-2.2.2*"
175	+
176	+ ewarn
177	+ ewarn "Hardened Gentoo provides three different predefined grsecurity level:"
178	+ ewarn "[server], [workstation], and [virtualization]. Those who intend to"
179	+ ewarn "use one of these predefined grsecurity levels should read the help"
180	+ ewarn "associated with the level. Because some options require >=gcc-4.5,"
181	+ ewarn "users with more, than one version of gcc installed should use gcc-config"
182	+ ewarn "to select a compatible version."
183	+ ewarn
184	+ ewarn "Users of grsecurity's RBAC system must ensure they are using"
185	+ ewarn "${GRADM_COMPAT}, which is compatible with ${PF}."
186	+ ewarn "It is strongly recommended that the following command is issued"
187	+ ewarn "prior to booting a ${PF} kernel for the first time:"
188	+ ewarn
189	+ ewarn "emerge -na =${GRADM_COMPAT}"
190	+ ewarn
191	+}
192
193	diff --git a/sys-kernel/hardened-sources/metadata.xml b/sys-kernel/hardened-sources/metadata.xml
194	index 6fa414d..c3372a9 100644
195	--- a/sys-kernel/hardened-sources/metadata.xml
196	+++ b/sys-kernel/hardened-sources/metadata.xml
197	@@ -13,5 +13,6 @@
198	</longdescription>
199	<use>
200	<flag name='deblob'>Remove binary blobs from kernel sources to provide libre license compliance.</flag>
201	- </use>
202	+ <flag name='xtpax'>Enable XATTR_PAX_FLAGS support (EXPERIMENTAL).</flag>
203	+ </use>
204	</pkgmetadata>

Gentoo Archives: gentoo-commits