Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-fs/aufs3
diff options
context:
space:
mode:
authorJustin Lecher <jlec@gentoo.org>2012-10-25 06:04:26 +0000
committerJustin Lecher <jlec@gentoo.org>2012-10-25 06:04:26 +0000
commit6cd8b2c4c926306578fa9931afcfa9a8abd8af08 (patch)
tree8dcd41e9a4b2d6531390371b8fbc3a10b46c4277 /sys-fs/aufs3
parentInitial import, borrowed from the hyves openstack-overlay (diff)
downloadgentoo-2-6cd8b2c4c926306578fa9931afcfa9a8abd8af08.tar.gz
gentoo-2-6cd8b2c4c926306578fa9931afcfa9a8abd8af08.tar.bz2
gentoo-2-6cd8b2c4c926306578fa9931afcfa9a8abd8af08.zip
sys-fs/aufs3: Add Arch linux patch for hardened kernels, #393559
(Portage version: 2.2.0_alpha141/cvs/Linux x86_64, signed Manifest commit with key 70EB7916)
Diffstat (limited to 'sys-fs/aufs3')
-rw-r--r--sys-fs/aufs3/ChangeLog8
-rw-r--r--sys-fs/aufs3/aufs3-3_p20121015-r1.ebuild148
-rw-r--r--sys-fs/aufs3/files/pax-2.patch85
3 files changed, 240 insertions, 1 deletions
diff --git a/sys-fs/aufs3/ChangeLog b/sys-fs/aufs3/ChangeLog
index 6a132a17898d..1155c259051f 100644
--- a/sys-fs/aufs3/ChangeLog
+++ b/sys-fs/aufs3/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sys-fs/aufs3
# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-fs/aufs3/ChangeLog,v 1.28 2012/10/18 20:31:21 jlec Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-fs/aufs3/ChangeLog,v 1.29 2012/10/25 06:04:25 jlec Exp $
+
+*aufs3-3_p20121015-r1 (25 Oct 2012)
+
+ 25 Oct 2012; Justin Lecher <jlec@gentoo.org> +files/pax-2.patch,
+ +aufs3-3_p20121015-r1.ebuild:
+ Add Arch linux patch for hardened kernels, #393559
18 Oct 2012; Justin Lecher <jlec@gentoo.org> aufs3-3_p20120813-r1.ebuild,
aufs3-3_p20121015.ebuild:
diff --git a/sys-fs/aufs3/aufs3-3_p20121015-r1.ebuild b/sys-fs/aufs3/aufs3-3_p20121015-r1.ebuild
new file mode 100644
index 000000000000..9ec1082df9cb
--- /dev/null
+++ b/sys-fs/aufs3/aufs3-3_p20121015-r1.ebuild
@@ -0,0 +1,148 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-fs/aufs3/aufs3-3_p20121015-r1.ebuild,v 1.1 2012/10/25 06:04:25 jlec Exp $
+
+EAPI=4
+
+inherit eutils flag-o-matic linux-mod multilib toolchain-funcs
+
+AUFS_VERSION="${PV%%_p*}"
+# highest branch version
+PATCH_MAX_VER=6
+# highest supported version
+KERN_MAX_VER=7
+# highest util branch version
+UTIL_MAX_VER=0
+
+DESCRIPTION="An entirely re-designed and re-implemented Unionfs"
+HOMEPAGE="http://aufs.sourceforge.net/"
+SRC_URI="http://dev.gentoo.org/~jlec/distfiles/${P}.tar.xz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="debug doc fuse pax_kernel hfs inotify kernel-patch nfs ramfs"
+
+DEPEND="dev-vcs/git"
+RDEPEND="
+ !sys-fs/aufs
+ !sys-fs/aufs2"
+
+S="${WORKDIR}"/${PN}-standalone
+
+MODULE_NAMES="aufs(misc:${S})"
+
+pkg_setup() {
+ CONFIG_CHECK="${CONFIG_CHECK} ~EXPERIMENTAL"
+ use inotify && CONFIG_CHECK="${CONFIG_CHECK} ~FSNOTIFY"
+ use nfs && CONFIG_CHECK="${CONFIG_CHECK} EXPORTFS"
+ use fuse && CONFIG_CHECK="${CONFIG_CHECK} ~FUSE_FS"
+ use hfs && CONFIG_CHECK="${CONFIG_CHECK} ~HFSPLUS_FS"
+
+ # this is needed so merging a binpkg ${PN} is possible w/out a kernel unpacked on the system
+ [ -n "$PKG_SETUP_HAS_BEEN_RAN" ] && return
+
+ get_version
+ kernel_is lt 3 0 0 && die "kernel too old, Please use sys-fs/aufs2"
+ kernel_is gt 3 ${KERN_MAX_VER} 99 && die "kernel too new"
+
+ linux-mod_pkg_setup
+
+ if [[ "${KV_MINOR}" -gt "${PATCH_MAX_VER}" ]]; then
+ PATCH_BRANCH="x-rcN"
+ else
+ PATCH_BRANCH="${KV_MINOR}"
+ fi
+
+ if [[ "${PATCH_BRANCH}" == "x-rcN" ]]; then
+ UTIL_BRANCH="x-rcN"
+ elif [[ "${KV_MINOR}" -gt "${UTIL_MAX_VER}" ]]; then
+ UTIL_BRANCH="${UTIL_MAX_VER}"
+ else
+ UTIL_BRANCH="${KV_MINOR}"
+ fi
+
+ if ! ( patch -p1 --dry-run --force -R -d ${KV_DIR} < "${FILESDIR}"/${PN}-standalone-${PATCH_BRANCH}.patch >/dev/null && \
+ patch -p1 --dry-run --force -R -d ${KV_DIR} < "${FILESDIR}"/${PN}-base-${PATCH_BRANCH}.patch >/dev/null ); then
+ if use kernel-patch; then
+ cd ${KV_DIR}
+ ewarn "Patching your kernel..."
+ patch --no-backup-if-mismatch --force -p1 -R -d ${KV_DIR} < "${FILESDIR}"/${PN}-standalone-${PATCH_BRANCH}.patch >/dev/null
+ patch --no-backup-if-mismatch --force -p1 -R -d ${KV_DIR} < "${FILESDIR}"/${PN}-base-${PATCH_BRANCH}.patch >/dev/null
+ epatch "${FILESDIR}"/${PN}-{base,standalone}-${PATCH_BRANCH}.patch
+ ewarn "You need to compile your kernel with the applied patch"
+ ewarn "to be able to load and use the aufs kernel module"
+ else
+ eerror "You need to apply a patch to your kernel to compile and run the ${PN} module"
+ eerror "Either enable the kernel-patch useflag to do it with this ebuild"
+ eerror "or apply ${FILESDIR}/${PN}-base-${PATCH_BRANCH}.patch and"
+ eerror "${FILESDIR}/${PN}-standalone-${PATCH_BRANCH}.patch by hand"
+ die "missing kernel patch, please apply it first"
+ fi
+ fi
+ export PKG_SETUP_HAS_BEEN_RAN=1
+}
+
+set_config() {
+ for option in $*; do
+ grep -q "^CONFIG_AUFS_${option} =" config.mk || die "${option} is not a valid config option"
+ sed "/^CONFIG_AUFS_${option}/s:=:= y:g" -i config.mk || die
+ done
+}
+
+src_prepare() {
+ local module_branch=origin/${PN}.${PATCH_BRANCH}
+ local util_branch=origin/${PN}.${UTIL_BRANCH}
+
+ einfo "Using for module creation branch ${module_branch}"
+ git checkout -q -b local-gentoo ${module_branch} || die
+
+ # All config options to off
+ sed "s:= y:=:g" -i config.mk || die
+
+ set_config RDU BRANCH_MAX_127 SBILIST
+
+ use debug && set_config DEBUG
+ use fuse && set_config BR_FUSE POLL
+ use hfs && set_config BR_HFSPLUS
+ use inotify && set_config HNOTIFY HFSNOTIFY
+ use nfs && set_config EXPORT
+ use nfs && ( use amd64 || use ppc64 ) && set_config INO_T_64
+ use ramfs && set_config BR_RAMFS
+
+ use pax_kernel && epatch "${FILESDIR}"/pax.patch "${FILESDIR}"/pax-2.patch
+
+ sed -i "s:aufs.ko usr/include/linux/aufs_type.h:aufs.ko:g" Makefile || die
+ sed -i "s:__user::g" include/linux/aufs_type.h || die
+
+ cd "${WORKDIR}"/${PN/3}-util
+
+ einfo "Using for utils building branch ${util_branch}"
+ git checkout -b local-gentoo ${util_branch} || die
+ sed -i "/LDFLAGS += -static -s/d" Makefile || die
+ sed -i -e "s:m 644 -s:m 644:g" -e "s:/usr/lib:/usr/$(get_libdir):g" libau/Makefile || die
+}
+
+src_compile() {
+ local ARCH=x86
+
+ emake CC=$(tc-getCC) LD=$(tc-getLD) LDFLAGS="$(raw-ldflags)" ARCH=$(tc-arch-kernel) CONFIG_AUFS_FS=m KDIR=${KV_OUT_DIR}
+
+ cd "${WORKDIR}"/${PN/3}-util
+ emake CC=$(tc-getCC) AR=$(tc-getAR) KDIR=${KV_OUT_DIR} C_INCLUDE_PATH="${S}"/include
+}
+
+src_install() {
+ linux-mod_src_install
+
+ insinto /usr/share/doc/${PF}
+
+ use doc && doins -r Documentation
+
+ dodoc Documentation/filesystems/aufs/README
+
+ cd "${WORKDIR}"/${PN/3}-util
+ emake DESTDIR="${D}" KDIR=${KV_OUT_DIR} install
+
+ newdoc README README-utils
+}
diff --git a/sys-fs/aufs3/files/pax-2.patch b/sys-fs/aufs3/files/pax-2.patch
new file mode 100644
index 000000000000..4d24c5e17971
--- /dev/null
+++ b/sys-fs/aufs3/files/pax-2.patch
@@ -0,0 +1,85 @@
+--- a/fs/aufs/dynop.c 2012-10-09 15:41:32.652989534 -0400
++++ b/fs/aufs/dynop.c 2012-10-09 15:41:58.562989820 -0400
+@@ -149,9 +149,11 @@
+ #define DySet(func, dst, src, h_op, h_sb) do { \
+ DyDbgInc(cnt); \
+ if (h_op->func) { \
+- if (src.func) \
+- dst.func = src.func; \
+- else \
++ if (src.func) { \
++ pax_open_kernel(); \
++ *(void **)&dst.func = src.func; \
++ pax_close_kernel(); \
++ } else \
+ AuDbg("%s %s\n", au_sbtype(h_sb), #func); \
+ } \
+ } while (0)
+@@ -159,7 +161,9 @@
+ #define DySetForce(func, dst, src) do { \
+ AuDebugOn(!src.func); \
+ DyDbgInc(cnt); \
+- dst.func = src.func; \
++ pax_open_kernel(); \
++ *(void **)&dst.func = src.func; \
++ pax_close_kernel(); \
+ } while (0)
+
+ #define DySetAop(func) \
+@@ -266,15 +270,17 @@
+ */
+ static void dy_adx(struct au_dyaop *dyaop, int do_dx)
+ {
++ pax_open_kernel();
+ if (!do_dx) {
+- dyaop->da_op.direct_IO = NULL;
+- dyaop->da_op.get_xip_mem = NULL;
++ *(void **)&dyaop->da_op.direct_IO = NULL;
++ *(void **)&dyaop->da_op.get_xip_mem = NULL;
+ } else {
+- dyaop->da_op.direct_IO = aufs_aop.direct_IO;
+- dyaop->da_op.get_xip_mem = aufs_aop.get_xip_mem;
++ *(void **)&dyaop->da_op.direct_IO = aufs_aop.direct_IO;
++ *(void **)&dyaop->da_op.get_xip_mem = aufs_aop.get_xip_mem;
+ if (!dyaop->da_get_xip_mem)
+- dyaop->da_op.get_xip_mem = NULL;
++ *(void **)&dyaop->da_op.get_xip_mem = NULL;
+ }
++ pax_close_kernel();
+ }
+
+ static struct au_dyaop *dy_aget(struct au_branch *br,
+--- a/fs/aufs/f_op_sp.c 2012-10-09 15:41:32.652989534 -0400
++++ b/fs/aufs/f_op_sp.c 2012-10-09 15:41:58.562989820 -0400
+@@ -104,7 +104,7 @@
+ static int aufs_open_sp(struct inode *inode, struct file *file);
+ static struct au_sp_fop {
+ int done;
+- struct file_operations fop; /* not 'const' */
++ file_operations_no_const fop; /* not 'const' */
+ spinlock_t spin;
+ } au_sp_fop[AuSp_Last] = {
+ [AuSp_FIFO] = {
+@@ -157,8 +157,10 @@
+ h_file = au_hf_top(file);
+ spin_lock(&p->spin);
+ if (!p->done) {
+- p->fop = *h_file->f_op;
++ pax_open_kernel();
++ memcpy((void *)&p->fop, h_file->f_op, sizeof(p->fop));
+ p->fop.owner = THIS_MODULE;
++ pax_close_kernel();
+ if (p->fop.aio_read)
+ p->fop.aio_read = aufs_aio_read_sp;
+ if (p->fop.aio_write)
+--- a/fs/aufs/branch.h 2012-10-09 15:41:32.652989534 -0400
++++ b/fs/aufs/branch.h 2012-10-09 15:41:58.562989820 -0400
+@@ -81,7 +81,7 @@
+
+ #ifdef CONFIG_AUFS_HFSNOTIFY
+ struct fsnotify_group *br_hfsn_group;
+- struct fsnotify_ops br_hfsn_ops;
++ fsnotify_ops_no_const br_hfsn_ops;
+ #endif
+
+ #ifdef CONFIG_SYSFS