1 |
commit: 27b982cfc22ad4570cfcedb6bcdf8b6da71e54fb |
2 |
Author: Aisha Tammy <gentoo <AT> aisha <DOT> cc> |
3 |
AuthorDate: Thu Dec 23 14:54:47 2021 +0000 |
4 |
Commit: Aisha Tammy <gentoo <AT> aisha <DOT> cc> |
5 |
CommitDate: Thu Dec 23 14:54:47 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=27b982cf |
7 |
|
8 |
sys-kernel/uek-sources: unbreakable enterprise kernel from oracle |
9 |
|
10 |
Package-Manager: Portage-3.0.28, Repoman-3.0.3 |
11 |
Signed-off-by: Aisha Tammy <gentoo <AT> aisha.cc> |
12 |
|
13 |
sys-kernel/uek-sources/Manifest | 4 ++ |
14 |
...ces-5.4.17.2136.303.1-ip6_sock_set_v6only.patch | 77 ++++++++++++++++++++++ |
15 |
sys-kernel/uek-sources/metadata.xml | 12 ++++ |
16 |
.../uek-sources-5.4.17.2136.303.2.ebuild | 66 +++++++++++++++++++ |
17 |
4 files changed, 159 insertions(+) |
18 |
|
19 |
diff --git a/sys-kernel/uek-sources/Manifest b/sys-kernel/uek-sources/Manifest |
20 |
new file mode 100644 |
21 |
index 000000000..31399fb85 |
22 |
--- /dev/null |
23 |
+++ b/sys-kernel/uek-sources/Manifest |
24 |
@@ -0,0 +1,4 @@ |
25 |
+DIST genpatches-5.4-160.base.tar.xz 4078816 BLAKE2B 478bc44ce285e02c37b4452fae6948ca61d0ae841328444e91403a517d398c416cd91a232d057c27a2c3994df19626475566e832457310744d20b700a854ab43 SHA512 ab1500a95a8f9295a6f5ebb7f9c0beb24bf1d0f6d67ca03e1135dc6724e74fe33f5025fba96ba2fd1d96078a20e5099ba1c1e0f1be149d01ebcaa991ff5c2dae |
26 |
+DIST genpatches-5.4-160.experimental.tar.xz 16900 BLAKE2B 70a2f442ad7309b617b0dd98a00e35ec195674a3dbbb5b88afd404fe1672e32a0b28182f6646ef325166b8cc9fda570104045d96afcf316bf13bc80df0ed5d68 SHA512 3f8cc1082156159bb7100997de0f0ecaa440928a0eed9cf81e3ad93fe2b6e10f9f180acc501e9bbf816a8e05c07d15d94e5719dfe48b829f5045861a4a25e4ef |
27 |
+DIST genpatches-5.4-160.extras.tar.xz 1784 BLAKE2B 8184089c122bb794bc18181ed165b2d03b301f336730b3579c92780b8a551d75963051a0c3c2ce8015a8e7102fda224e7a069ddc5fb5ea90d313637879602270 SHA512 f304a0b349c1a2f42297595ef732a6e31a7babfc71031b56e7e81e14b030cbbcefc25b49429381b47bb60676f63a3ca86b24de333a4ca928825fb2fb59109839 |
28 |
+DIST linux-uek-5.4.17-2136.303.2.tar.gz 175372092 BLAKE2B f1ba14a01690c839ccf0a508cc899870d6c932fc081132f35cc5d35ce1dd3d083deb9e7d3d57f9ef11eef547d0511f83edee3e5003183321d2e4aec802e31509 SHA512 1f53296cac7d2f9e406947182cb7a1836669b1132b72ad551102a19bb3c21b62353381c7d5b6da39e9faf2c014b1860278ae51941af365447b6a8e409e40a118 |
29 |
|
30 |
diff --git a/sys-kernel/uek-sources/files/uek-sources-5.4.17.2136.303.1-ip6_sock_set_v6only.patch b/sys-kernel/uek-sources/files/uek-sources-5.4.17.2136.303.1-ip6_sock_set_v6only.patch |
31 |
new file mode 100644 |
32 |
index 000000000..c794320eb |
33 |
--- /dev/null |
34 |
+++ b/sys-kernel/uek-sources/files/uek-sources-5.4.17.2136.303.1-ip6_sock_set_v6only.patch |
35 |
@@ -0,0 +1,77 @@ |
36 |
+From 9b115749acb24d11083ded4fe947ddd654a940e3 Mon Sep 17 00:00:00 2001 |
37 |
+From: Christoph Hellwig <hch@×××.de> |
38 |
+Date: Thu, 28 May 2020 07:12:31 +0200 |
39 |
+Subject: [PATCH] ipv6: add ip6_sock_set_v6only |
40 |
+ |
41 |
+Add a helper to directly set the IPV6_V6ONLY sockopt from kernel space |
42 |
+without going through a fake uaccess. |
43 |
+ |
44 |
+Signed-off-by: Christoph Hellwig <hch@×××.de> |
45 |
+Signed-off-by: David S. Miller <davem@×××××××××.net> |
46 |
+--- |
47 |
+ include/net/ipv6.h | 11 +++++++++++ |
48 |
+ net/ipv6/ip6_udp_tunnel.c | 5 +---- |
49 |
+ net/sunrpc/svcsock.c | 6 +----- |
50 |
+ 3 files changed, 13 insertions(+), 9 deletions(-) |
51 |
+ |
52 |
+diff --git a/include/net/ipv6.h b/include/net/ipv6.h |
53 |
+index 39a00d3ef5e220..9b91188c9a74c7 100644 |
54 |
+--- a/include/net/ipv6.h |
55 |
++++ b/include/net/ipv6.h |
56 |
+@@ -1177,4 +1177,15 @@ int ipv6_sock_mc_join_ssm(struct sock *sk, int ifindex, |
57 |
+ const struct in6_addr *addr, unsigned int mode); |
58 |
+ int ipv6_sock_mc_drop(struct sock *sk, int ifindex, |
59 |
+ const struct in6_addr *addr); |
60 |
++ |
61 |
++static inline int ip6_sock_set_v6only(struct sock *sk) |
62 |
++{ |
63 |
++ if (inet_sk(sk)->inet_num) |
64 |
++ return -EINVAL; |
65 |
++ lock_sock(sk); |
66 |
++ sk->sk_ipv6only = true; |
67 |
++ release_sock(sk); |
68 |
++ return 0; |
69 |
++} |
70 |
++ |
71 |
+ #endif /* _NET_IPV6_H */ |
72 |
+diff --git a/net/ipv6/ip6_udp_tunnel.c b/net/ipv6/ip6_udp_tunnel.c |
73 |
+index 6523609516d25a..2e0ad1bc84a835 100644 |
74 |
+--- a/net/ipv6/ip6_udp_tunnel.c |
75 |
++++ b/net/ipv6/ip6_udp_tunnel.c |
76 |
+@@ -25,10 +25,7 @@ int udp_sock_create6(struct net *net, struct udp_port_cfg *cfg, |
77 |
+ goto error; |
78 |
+ |
79 |
+ if (cfg->ipv6_v6only) { |
80 |
+- int val = 1; |
81 |
+- |
82 |
+- err = kernel_setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, |
83 |
+- (char *) &val, sizeof(val)); |
84 |
++ err = ip6_sock_set_v6only(sock->sk); |
85 |
+ if (err < 0) |
86 |
+ goto error; |
87 |
+ } |
88 |
+diff --git a/net/sunrpc/svcsock.c b/net/sunrpc/svcsock.c |
89 |
+index 7a805d165689c3..a391892977cd27 100644 |
90 |
+--- a/net/sunrpc/svcsock.c |
91 |
++++ b/net/sunrpc/svcsock.c |
92 |
+@@ -1328,7 +1328,6 @@ static struct svc_xprt *svc_create_socket(struct svc_serv *serv, |
93 |
+ struct sockaddr *newsin = (struct sockaddr *)&addr; |
94 |
+ int newlen; |
95 |
+ int family; |
96 |
+- int val; |
97 |
+ RPC_IFDEBUG(char buf[RPC_MAX_ADDRBUFLEN]); |
98 |
+ |
99 |
+ dprintk("svc: svc_create_socket(%s, %d, %s)\n", |
100 |
+@@ -1364,11 +1363,8 @@ static struct svc_xprt *svc_create_socket(struct svc_serv *serv, |
101 |
+ * getting requests from IPv4 remotes. Those should |
102 |
+ * be shunted to a PF_INET listener via rpcbind. |
103 |
+ */ |
104 |
+- val = 1; |
105 |
+ if (family == PF_INET6) |
106 |
+- kernel_setsockopt(sock, SOL_IPV6, IPV6_V6ONLY, |
107 |
+- (char *)&val, sizeof(val)); |
108 |
+- |
109 |
++ ip6_sock_set_v6only(sock->sk); |
110 |
+ if (type == SOCK_STREAM) |
111 |
+ sock->sk->sk_reuse = SK_CAN_REUSE; /* allow address reuse */ |
112 |
+ error = kernel_bind(sock, sin, len); |
113 |
|
114 |
diff --git a/sys-kernel/uek-sources/metadata.xml b/sys-kernel/uek-sources/metadata.xml |
115 |
new file mode 100644 |
116 |
index 000000000..e0dd3f97b |
117 |
--- /dev/null |
118 |
+++ b/sys-kernel/uek-sources/metadata.xml |
119 |
@@ -0,0 +1,12 @@ |
120 |
+<?xml version="1.0" encoding="UTF-8"?> |
121 |
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> |
122 |
+<pkgmetadata> |
123 |
+ <maintainer type="person"> |
124 |
+ <email>gentoo@×××××.cc</email> |
125 |
+ <name>Aisha Tammy</name> |
126 |
+ </maintainer> |
127 |
+ <use> |
128 |
+ <flag name="gentoo">apply base gentoo genpatches</flag> |
129 |
+ <flag name="experimental">apply experimental gentoo genpatches</flag> |
130 |
+ </use> |
131 |
+</pkgmetadata> |
132 |
|
133 |
diff --git a/sys-kernel/uek-sources/uek-sources-5.4.17.2136.303.2.ebuild b/sys-kernel/uek-sources/uek-sources-5.4.17.2136.303.2.ebuild |
134 |
new file mode 100644 |
135 |
index 000000000..2688c1c44 |
136 |
--- /dev/null |
137 |
+++ b/sys-kernel/uek-sources/uek-sources-5.4.17.2136.303.2.ebuild |
138 |
@@ -0,0 +1,66 @@ |
139 |
+# Copyright 2021 Gentoo Authors |
140 |
+# Distributed under the terms of the GNU General Public License v2 |
141 |
+ |
142 |
+EAPI=7 |
143 |
+ |
144 |
+KERNEL_VERSION=$(ver_cut 1-3) |
145 |
+KERNEL_TRUNK=$(ver_cut 1-2) |
146 |
+UEK_PATCH_VERSION=$(ver_cut 4-6) |
147 |
+UEK_VERSION="${KERNEL_VERSION}-${UEK_PATCH_VERSION}" |
148 |
+ |
149 |
+ETYPE="sources" |
150 |
+ |
151 |
+K_GENPATCHES_VER="160" |
152 |
+K_SECURITY_UNSUPPORTED="1" |
153 |
+CKV="${KERNEL_VERSION}_p${UEK_PATCH_VERSION}" |
154 |
+ |
155 |
+inherit kernel-2 |
156 |
+detect_version |
157 |
+detect_arch |
158 |
+ |
159 |
+DESCRIPTION="Unbreakable Enterprise Kernel (UEK) sources built from Oracle" |
160 |
+HOMEPAGE="https://github.com/oracle/linux-uek" |
161 |
+SRC_URI=" |
162 |
+ https://github.com/oracle/linux-uek/archive/refs/tags/v${UEK_VERSION}.tar.gz |
163 |
+ -> linux-uek-${UEK_VERSION}.tar.gz |
164 |
+ https://dev.gentoo.org/~mpagano/genpatches/tarballs/genpatches-${KERNEL_TRUNK}-${K_GENPATCHES_VER}.base.tar.xz |
165 |
+ https://dev.gentoo.org/~mpagano/genpatches/tarballs/genpatches-${KERNEL_TRUNK}-${K_GENPATCHES_VER}.experimental.tar.xz |
166 |
+ https://dev.gentoo.org/~mpagano/genpatches/tarballs/genpatches-${KERNEL_TRUNK}-${K_GENPATCHES_VER}.extras.tar.xz |
167 |
+" |
168 |
+S="${WORKDIR}/linux-uek-${UEK_VERSION}" |
169 |
+ |
170 |
+LICENSE="GPL-2" |
171 |
+KEYWORDS="~amd64" |
172 |
+IUSE="+gentoo experimental" |
173 |
+ |
174 |
+PATCHES=( |
175 |
+ "${FILESDIR}"/uek-sources-5.4.17.2136.303.1-ip6_sock_set_v6only.patch |
176 |
+) |
177 |
+ |
178 |
+src_unpack() { |
179 |
+ default |
180 |
+ |
181 |
+ # remove all backup files |
182 |
+ find . -iname "*~" -print -exec rm {} \; 2>/dev/null |
183 |
+ |
184 |
+ unpack_set_extraversion |
185 |
+ unpack_fix_install_path |
186 |
+ |
187 |
+ env_setup_xmakeopts |
188 |
+} |
189 |
+ |
190 |
+src_prepare() { |
191 |
+ use gentoo && PATCHES+=( |
192 |
+ "${WORKDIR}"/1500_XATTR_USER_PREFIX.patch |
193 |
+ "${WORKDIR}"/1510_fs-enable-link-security-restrictions-by-default.patch |
194 |
+ "${WORKDIR}"/2000_BT-Check-key-sizes-only-if-Secure-Simple-Pairing-enabled.patch |
195 |
+ "${WORKDIR}"/2600_enable-key-swapping-for-apple-mac.patch |
196 |
+ "${WORKDIR}"/2920_sign-file-patch-for-libressl.patch |
197 |
+ "${WORKDIR}"/4567_distro-Gentoo-Kconfig.patch |
198 |
+ ) |
199 |
+ use experimental && PATCHES+=( |
200 |
+ "${WORKDIR}"/5000_shifts-ubuntu-20.04.patch |
201 |
+ "${WORKDIR}"/5010_enable-cpu-optimizations-universal.patch |
202 |
+ ) |
203 |
+ default |
204 |
+} |