1 |
commit: 355f57a7181769c610d7678fbbacc7f5b6b6335b |
2 |
Author: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Nov 18 06:17:48 2017 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Nov 18 08:28:15 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=355f57a7 |
7 |
|
8 |
sys-boot/tboot: snapshot to fix CVE-2017-16837 (bug 637942) |
9 |
|
10 |
Package-Manager: Portage-2.3.13, Repoman-2.3.3 |
11 |
|
12 |
sys-boot/tboot/Manifest | 1 + |
13 |
sys-boot/tboot/tboot-1.9.6_p20171118.ebuild | 71 +++++++++++++++++++++++++++++ |
14 |
2 files changed, 72 insertions(+) |
15 |
|
16 |
diff --git a/sys-boot/tboot/Manifest b/sys-boot/tboot/Manifest |
17 |
index 1248c973803..da65d9daa3e 100644 |
18 |
--- a/sys-boot/tboot/Manifest |
19 |
+++ b/sys-boot/tboot/Manifest |
20 |
@@ -1,2 +1,3 @@ |
21 |
DIST tboot-1.9.5.tar.gz 685460 SHA256 c7032e367ac0129493c9bb1fcd1437f400ff5533c970119ddce281ff4d58a13f SHA512 d806b692d3d57d0aaf4095ef514a2859b2b054ec695cb5589b3a6133eec7f7a9a0e76544e4b557df02add5ed67c3c15fb3ee5f17d6438252b659d6e5c7d17fe9 WHIRLPOOL 04843854b1a646d6126079a3b46bacf0c8191d5b5c322f8bc04ea39c0d5470bba2f7f2499761d42aa258552c1dfbeb626275e7473628b21719a6fe59bc05029c |
22 |
DIST tboot-1.9.6.tar.gz 693564 SHA256 1b55eed6ca8196b2a003936594248a242888ac34ff970eda651e7660c4772a39 SHA512 f53f5535f7ab031439514b43811cd2ec93efcb7614cb7bc7d1f3051d808d942e8a4942fd1d0ab6fe0c245740c2a10ba7adbcd44f2c42b2a577d9a20c0c5df90e WHIRLPOOL 889af09491c599d73976a0a4b456e9d01f44c47bffd047cb0f84ca786953b02c952a2d8c1fe873ac0390f6faffe7f41c0871e07f8c9466c9bc719f683dfc4a36 |
23 |
+DIST tboot-1.9.6_p20171118.tar.gz 691068 SHA256 729cb6ef75d1da7e258a544084fb36d87313a06300d30fef767d802cbc1cfd28 SHA512 6476b783516909bf9cf10915fc23e71dca03d521dcc7bf71fbd19684c996c2c588955bb8f896f02afe56feddf9c639b6349635651c852a90319429b2943ec950 WHIRLPOOL 0d98e303069a3fcf9e3706050b1325497c0e52b66e52f934a619962f2e6c2b4519ffef0627c41e38fd7924fdbb9b170a58f65f674f5be52a344322cdb8f2f307 |
24 |
|
25 |
diff --git a/sys-boot/tboot/tboot-1.9.6_p20171118.ebuild b/sys-boot/tboot/tboot-1.9.6_p20171118.ebuild |
26 |
new file mode 100644 |
27 |
index 00000000000..3da7e7525a7 |
28 |
--- /dev/null |
29 |
+++ b/sys-boot/tboot/tboot-1.9.6_p20171118.ebuild |
30 |
@@ -0,0 +1,71 @@ |
31 |
+# Copyright 1999-2017 Gentoo Foundation |
32 |
+# Distributed under the terms of the GNU General Public License v2 |
33 |
+ |
34 |
+EAPI=6 |
35 |
+ |
36 |
+inherit flag-o-matic mount-boot |
37 |
+ |
38 |
+DESCRIPTION="Performs a measured and verified boot using Intel Trusted Execution Technology" |
39 |
+HOMEPAGE="https://sourceforge.net/projects/tboot/" |
40 |
+SRC_URI="https://dev.gentoo.org/~perfinion/distfiles/${P}.tar.gz" |
41 |
+ |
42 |
+LICENSE="BSD" |
43 |
+SLOT="0" |
44 |
+KEYWORDS="~amd64 ~x86 -*" |
45 |
+IUSE="custom-cflags selinux" |
46 |
+ |
47 |
+# requires patching the kernel src |
48 |
+RESTRICT="test" |
49 |
+ |
50 |
+DEPEND="app-crypt/trousers |
51 |
+app-crypt/tpm-tools |
52 |
+dev-libs/openssl:0=[-bindist]" |
53 |
+ |
54 |
+RDEPEND="${DEPEND} |
55 |
+sys-boot/grub:2 |
56 |
+selinux? ( sec-policy/selinux-tboot )" |
57 |
+ |
58 |
+DOCS=( README COPYING CHANGELOG ) |
59 |
+PATCHES=( "${FILESDIR}/${PN}-1.9.5-genkernel-path.patch" ) |
60 |
+ |
61 |
+src_prepare() { |
62 |
+ sed -i 's/ -Werror//g' Config.mk || die |
63 |
+ sed -i 's/^INSTALL_STRIP = -s$//' Config.mk || die # QA Errors |
64 |
+ |
65 |
+ default |
66 |
+} |
67 |
+ |
68 |
+src_compile() { |
69 |
+ use custom-cflags && export TBOOT_CFLAGS=${CFLAGS} || unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS |
70 |
+ |
71 |
+ if use amd64; then |
72 |
+ export MAKEARGS="TARGET_ARCH=x86_64" |
73 |
+ else |
74 |
+ export MAKEARGS="TARGET_ARCH=i686" |
75 |
+ fi |
76 |
+ |
77 |
+ default |
78 |
+} |
79 |
+ |
80 |
+src_install() { |
81 |
+ emake DISTDIR="${D}" install |
82 |
+ |
83 |
+ dodoc "${DOCS[@]}" |
84 |
+ dodoc docs/*.txt lcptools/*.{txt,pdf} || die "docs failed" |
85 |
+ |
86 |
+ cd "${D}" |
87 |
+ mkdir -p usr/lib/tboot/ || die |
88 |
+ mv boot usr/lib/tboot/ || die |
89 |
+} |
90 |
+ |
91 |
+pkg_postinst() { |
92 |
+ mount-boot_mount_boot_partition |
93 |
+ |
94 |
+ cp ${ROOT%/}/usr/lib/tboot/boot/* ${ROOT%/}/boot/ |
95 |
+ |
96 |
+ mount-boot_pkg_postinst |
97 |
+ |
98 |
+ ewarn "Please remember to download the SINIT AC Module relevant" |
99 |
+ ewarn "for your platform from:" |
100 |
+ ewarn "http://software.intel.com/en-us/articles/intel-trusted-execution-technology/" |
101 |
+} |