From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 25 Jun 2008 19:09:07 +0000 (+0000)
Subject: Introduced grsecurity into the linux kernel.
X-Git-Tag: v3.0-alpha1~924
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0f6feafbcb7caef20da3dc65e5f1a953c74186e6;p=ipfire-3.x.git

Introduced grsecurity into the linux kernel.
---

diff --git a/lfs/linux b/lfs/linux
index 7b2a5b4fd..3f4d09000 100644
--- a/lfs/linux
+++ b/lfs/linux
@@ -25,7 +25,7 @@
 include Config
 
 PKG_NAME   = linux
-VER        = 2.6.25
+VER        = 2.6.25.6
 
 THISAPP    = $(PKG_NAME)-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -35,18 +35,22 @@ CXXFLAGS   =
 
 TARGET     = $(DIR_INFO)/$(STAGE_ORDER)_$(STAGE)/$(THISAPP)
 
-FULLVER    = $(VER)-ipfire1
-EXTRAVERSION = $(shell echo "$(FULLVER)" | cut -c 7-)
+LOCALVERSION = -ipfire1
+FULLVER    = $(VER)$(LOCALVERSION)
 
 ###############################################################################
 # Top-level Rules
 ###############################################################################
 
-objects = $(DL_FILE) reiser4-for-$(VER).patch \
-	$(THISAPP)-lzma-init-3.patch \
-	$(THISAPP)-lzma-init-sdk-3.patch \
-	$(THISAPP)-lzma-vmlinuz-x86-3.patch \
-	$(THISAPP)-lzma-vmlinuz-x86-sdk-3.patch
+objects = $(DL_FILE) reiser4-for-2.6.25.patch
+
+ifeq "$(PAX)" "1"
+	objects += grsecurity-2.1.12-$(VER)-200806092111.patch
+endif
+
+ifeq "$(SSP)" "1"
+	objects += linux-2.6.25-frandom-1.patch
+endif
 
 install : $(TARGET)
 
@@ -62,17 +66,25 @@ $(objects) :
 $(TARGET) : 
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
-	
+
+	cd $(DIR_APP) && echo "$(LOCALVERSION)" > localversion-ipfire
+
+ifeq "$(SSP)" "1"
+	### frandom
+	#
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/linux-2.6.25-frandom-1.patch
+endif
+
 	### Reiser4
 	#
-	cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/reiser4-for-$(VER).patch
-	
-	### LZMA
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/reiser4-for-2.6.25.patch
+
+ifeq "$(PAX)" "1"
+	### GrSecurity
 	#
-	#cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/$(THISAPP)-lzma-init-3.patch
-	#cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/$(THISAPP)-lzma-init-sdk-3.patch
-	#cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/$(THISAPP)-lzma-vmlinuz-x86-3.patch
-	#cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/$(THISAPP)-lzma-vmlinuz-x86-sdk-3.patch
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_PATCHES)/grsecurity-2.1.12-$(VER)-200806092111.patch
+	rm -f $(DIR_APP)/localversion-grsec
+endif
 
 ifeq "$(STAGE)" "toolchain"
 	install -dv $(TOOLS_DIR)/include
@@ -98,16 +110,6 @@ ifeq "$(STAGE)" "ipfire"
 						-e "s/^# CONFIG_MPENTIUMIII is not set/CONFIG_MPENTIUMII=y/" \
 						< $(DIR_CONF)/kernel/kernel.config > $(DIR_APP)/.config
 	
-	-[ "$(TARGET)" == "i486" ] && \
-			sed 	-e "s/^CONFIG_M686=y/# CONFIG_686 is not set/" \
-						-e "s/^# CONFIG_M486 is not set/CONFIG_M486=y/" \
-						< $(DIR_CONF)/kernel/kernel.config > $(DIR_APP)/.config
-	
-	-[ "$(TARGET)" == "i386" ] && \
-			sed 	-e "s/^CONFIG_M686=y/# CONFIG_686 is not set/" \
-						-e "s/^# CONFIG_M386 is not set/CONFIG_M386=y/" \
-						< $(DIR_CONF)/kernel/kernel.config > $(DIR_APP)/.config
-	
 	-[ "$(TARGET)" == "i486" ] && \
 			sed 	-e "s/^CONFIG_M686=y/# CONFIG_686 is not set/" \
 						-e "s/^# CONFIG_M486 is not set/CONFIG_M486=y/" \
@@ -126,15 +128,11 @@ ifeq "$(STAGE)" "ipfire"
 	# if no $(TARGET) matched use the default
 	[ ! -e "$(DIR_APP)/.config" ] && cp -f $(DIR_CONF)/kernel/kernel.config \
 		$(DIR_APP)/.config
-	
-	cd $(DIR_APP) && \
-		sed -i -e "s/EXTRAVERSION\ =.*/EXTRAVERSION\ =\ $(EXTRAVERSION)/" \
-			Makefile
-	
+
 	cd $(DIR_APP) && yes "" | make oldconfig
 
 	# keep the source code in $(DIR_SRC)/$(PKG_NAME)-$(FULLVER)
-	cp -al $(DIR_APP) $(DIR_SRC)/$(PKG_NAME)-$(FULLVER)
+	cp -fal $(DIR_APP) $(DIR_SRC)/$(PKG_NAME)-$(FULLVER)
 	
 	cd $(DIR_APP) && make $(PARALLELISMFLAGS)
 	cd $(DIR_APP) && make modules_install