diff options
| author |   Ned Ludd <solar@gentoo.org> | 2004-10-10 22:44:47 +0000 |
|---|---|---|
| committer | Ned Ludd <solar@gentoo.org> | 2004-10-10 22:44:47 +0000 |
| commit | 1e53181696ebec0a1167e197b1ab9c5d936434fe (patch) | |
| tree | 0377961cfb37b6e12d718c69f1e0dbb91e691f0e /sys-apps/mkinitrd | |
| parent | version bump, removing pre7 (Manifest recommit) (diff) | |
| download | gentoo-2-1e53181696ebec0a1167e197b1ab9c5d936434fe.tar.gz gentoo-2-1e53181696ebec0a1167e197b1ab9c5d936434fe.tar.bz2 gentoo-2-1e53181696ebec0a1167e197b1ab9c5d936434fe.zip | |
added additional local diet and __guard functions support for mkinitrd. bug 35138
Diffstat (limited to 'sys-apps/mkinitrd')
| -rw-r--r-- | sys-apps/mkinitrd/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-apps/mkinitrd/Manifest | 11 | ||||
| -rw-r--r-- | sys-apps/mkinitrd/files/digest-mkinitrd-3.5.7-r3 | 1 | ||||
| -rw-r--r-- | sys-apps/mkinitrd/files/mkinitrd-3.5.7-dietssp.patch | 275 | ||||
| -rw-r--r-- | sys-apps/mkinitrd/mkinitrd-3.5.7-r3.ebuild | 54 |
5 files changed, 345 insertions, 5 deletions
diff --git a/sys-apps/mkinitrd/ChangeLog b/sys-apps/mkinitrd/ChangeLog index 2e5acf1a1a54..5feb9243bc82 100644 --- a/sys-apps/mkinitrd/ChangeLog +++ b/sys-apps/mkinitrd/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-apps/mkinitrd # Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/mkinitrd/ChangeLog,v 1.13 2004/09/03 21:03:24 pvdabeel Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/mkinitrd/ChangeLog,v 1.14 2004/10/10 22:44:47 solar Exp $ + +*mkinitrd-3.5.7-r3 (10 Oct 2004) + + 10 Oct 2004; <solar@gentoo.org> +files/mkinitrd-3.5.7-dietssp.patch, + +mkinitrd-3.5.7-r3.ebuild: + added additional local diet and __guard functions support for mkinitrd. bug + 35138 03 Sep 2004; Pieter Van den Abeele <pvdabeel@gentoo.org> mkinitrd-3.5.7-r2.ebuild: diff --git a/sys-apps/mkinitrd/Manifest b/sys-apps/mkinitrd/Manifest index cc3195a9a4f2..0de7d2e04de1 100644 --- a/sys-apps/mkinitrd/Manifest +++ b/sys-apps/mkinitrd/Manifest @@ -1,8 +1,11 @@ +MD5 ea40feefe67a6dced3fc93000b5fd0b3 mkinitrd-3.5.7.ebuild 953 +MD5 161de378f20454703aa05cfc3a4ad3cd mkinitrd-3.5.7-r2.ebuild 1195 +MD5 1b5f792f58f99c839ef74bce3b2625fd mkinitrd-3.5.7-r3.ebuild 1371 MD5 7997431cc1a7deff807954c6e65d910f ChangeLog 1784 MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164 -MD5 161de378f20454703aa05cfc3a4ad3cd mkinitrd-3.5.7-r2.ebuild 1195 -MD5 ea40feefe67a6dced3fc93000b5fd0b3 mkinitrd-3.5.7.ebuild 953 -MD5 1a8259233cb009f44a8fe20a8aa828b5 files/digest-mkinitrd-3.5.7 66 -MD5 1a8259233cb009f44a8fe20a8aa828b5 files/digest-mkinitrd-3.5.7-r2 66 MD5 4e09d06fedbff01e9e17219e50873694 files/mkinitrd-lvm_statics.diff 591 +MD5 1a8259233cb009f44a8fe20a8aa828b5 files/digest-mkinitrd-3.5.7-r2 66 +MD5 1a8259233cb009f44a8fe20a8aa828b5 files/digest-mkinitrd-3.5.7-r3 66 MD5 0bc4fe62070fcfc54254d0e8c636ef32 files/mkinitrd-selinux.diff 1007 +MD5 952fb942d902d11063542d68f4c99493 files/mkinitrd-3.5.7-dietssp.patch 8017 +MD5 1a8259233cb009f44a8fe20a8aa828b5 files/digest-mkinitrd-3.5.7 66 diff --git a/sys-apps/mkinitrd/files/digest-mkinitrd-3.5.7-r3 b/sys-apps/mkinitrd/files/digest-mkinitrd-3.5.7-r3 new file mode 100644 index 000000000000..23b2306d4721 --- /dev/null +++ b/sys-apps/mkinitrd/files/digest-mkinitrd-3.5.7-r3 @@ -0,0 +1 @@ +MD5 42d10a781554d8fda18b321f254e78c5 mkinitrd-3.5.7.tar.bz2 53233 diff --git a/sys-apps/mkinitrd/files/mkinitrd-3.5.7-dietssp.patch b/sys-apps/mkinitrd/files/mkinitrd-3.5.7-dietssp.patch new file mode 100644 index 000000000000..f2a0e5b1a31d --- /dev/null +++ b/sys-apps/mkinitrd/files/mkinitrd-3.5.7-dietssp.patch @@ -0,0 +1,275 @@ +diff -Nrup mkinitrd-3.5.7.orig/grubby/mount_by_label.c mkinitrd-3.5.7/grubby/mount_by_label.c +--- mkinitrd-3.5.7.orig/grubby/mount_by_label.c 2002-12-16 22:05:01.000000000 +0000 ++++ mkinitrd-3.5.7/grubby/mount_by_label.c 2004-08-07 09:14:40.000000000 +0000 +@@ -29,6 +29,15 @@ + + #define _(str) (str) + ++#ifndef gnu_dev_makedev ++unsigned long long int gnu_dev_makedev (unsigned int __major, unsigned int __minor) ++{ ++ return ((__minor & 0xff) | ((__major & 0xfff) << 8) ++ | (((unsigned long long int) (__minor & ~0xff)) << 12) ++ | (((unsigned long long int) (__major & ~0xfff)) << 32)); ++} ++#endif ++ + static struct uuidCache_s { + struct uuidCache_s *next; + char uuid[16]; +diff -Nrup mkinitrd-3.5.7.orig/nash/Makefile mkinitrd-3.5.7/nash/Makefile +--- mkinitrd-3.5.7.orig/nash/Makefile 2003-06-11 16:55:31.000000000 +0000 ++++ mkinitrd-3.5.7/nash/Makefile 2004-08-07 09:19:13.000000000 +0000 +@@ -1,23 +1,25 @@ + CFLAGS=-Wall -DVERSION=\"$(VERSION)\" -g + VERSION=$(shell awk -F= '/^VERSION=/ { print $$2 }' ../mkinitrd) ++OBJS = nash.o mount_by_label.o + + ARCH := $(patsubst i%86,i386,$(shell uname -m)) + ARCH := $(patsubst sparc%,sparc,$(ARCH)) + + ifeq (i386, $(ARCH)) + CC:=diet $(CC) +-CFLAGS += -DUSE_DIET=1 ++CFLAGS += -fno-stack-protector ++OBJS += $(shell gcc -fstack-protector -S -o /dev/null -xc /dev/null >/dev/null 2>&1 && echo "ssp.o") + else + STATIC=-static + endif + + mandir=usr/share/man + +-nash: nash.o mount_by_label.o +- $(CC) $(STATIC) -g $(LDFLAGS) -o $@ nash.o mount_by_label.o ++nash: $(OBJS) ++ $(CC) $(STATIC) -static -fno-stack-protector $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS) + + clean: +- rm -f nash $(MINILIBC) nash.o mount_by_label.o ++ rm -f nash $(MINILIBC) $(OBJS) + + install: + mkdir -p $(BUILDROOT)/sbin +diff -Nrup mkinitrd-3.5.7.orig/nash/mount_by_label.c mkinitrd-3.5.7/nash/mount_by_label.c +--- mkinitrd-3.5.7.orig/nash/mount_by_label.c 2002-12-16 22:05:01.000000000 +0000 ++++ mkinitrd-3.5.7/nash/mount_by_label.c 2004-08-07 09:14:40.000000000 +0000 +@@ -172,7 +172,7 @@ uuidcache_init(void) { + int mustRemoveDir = 0; + int i; + +- sprintf(device, "%s/%s", DEVLABELDIR, ptname); ++ snprintf(device, sizeof(device), "%s/%s", DEVLABELDIR, ptname); + if (access(device, F_OK)) { + ptr = device; + i = 0; +diff -Nrup mkinitrd-3.5.7.orig/nash/nash.c mkinitrd-3.5.7/nash/nash.c +--- mkinitrd-3.5.7.orig/nash/nash.c 2003-06-20 19:18:02.000000000 +0000 ++++ mkinitrd-3.5.7/nash/nash.c 2004-08-07 09:19:55.000000000 +0000 +@@ -72,7 +72,7 @@ + #define MS_REMOUNT 32 + #endif + +-#ifdef USE_DIET ++#if (defined(__dietlibc__) && !defined(__PIC__)) + static inline _syscall2(int,pivot_root,const char *,one,const char *,two) + #endif + +@@ -517,7 +517,7 @@ int raidautorunCommand(char * cmd, char + } + + static int my_pivot_root(char * one, char * two) { +-#ifdef USE_DIET ++#ifdef __dietlibc__ + return pivot_root(one, two); + #else + return syscall(__NR_pivot_root, one, two); +@@ -914,7 +914,7 @@ int findlodevCommand(char * cmd, char * + strcpy(separator, "/"); + + for (devNum = 0; devNum < 256; devNum++) { +- sprintf(devName, "/dev/loop%s%d", separator, devNum); ++ snprintf(devName, sizeof(devName), "/dev/loop%s%d", separator, devNum); + if ((fd = open(devName, O_RDONLY)) < 0) return 0; + + if (ioctl(fd, LOOP_GET_STATUS, &loopInfo)) { +@@ -1045,7 +1045,7 @@ int mkdevicesCommand(char * cmd, char * + char * ptr, * deviceDir; + int i; + +- sprintf(devName, "%s/%s", prefix, start); ++ snprintf(devName, sizeof(devName), "%s/%s", prefix, start); + unlink(devName); + + ptr = devName; +diff -Nrup mkinitrd-3.5.7.orig/nash/ssp.c mkinitrd-3.5.7/nash/ssp.c +--- mkinitrd-3.5.7.orig/nash/ssp.c 1970-01-01 00:00:00.000000000 +0000 ++++ mkinitrd-3.5.7/nash/ssp.c 2004-08-07 09:14:40.000000000 +0000 +@@ -0,0 +1,168 @@ ++/* ++ * Distributed under the terms of the GNU General Public License v2 ++ * $Header: /var/cvsroot/gentoo-x86/sys-apps/mkinitrd/files/mkinitrd-3.5.7-dietssp.patch,v 1.1 2004/10/10 22:44:47 solar Exp $ ++ * ++ * This is a modified version of Hiroaki Etoh's stack smashing routines ++ * implemented for glibc. ++ * ++ * The following people have contributed input to this code. ++ * Ned Ludd - <solar[@]gentoo.org> ++ * Alexander Gabert - <pappy[@]gentoo.org> ++ * The PaX Team - <pageexec[@]freemail.hu> ++ * Peter S. Mazinger - <ps.m[@]gmx.net> ++ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org> ++ * Robert Connolly - <robert[@]linuxfromscratch.org> ++ * Cory Visi <cory@visi.name> ++ * ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <string.h> ++#include <fcntl.h> ++#include <unistd.h> ++#include <signal.h> ++#include <sys/types.h> ++#include <sys/socket.h> ++#include <sys/un.h> ++#include <sys/syslog.h> ++#include <sys/time.h> ++#include <sys/sysctl.h> ++ ++#ifndef _PATH_LOG ++#define _PATH_LOG "/dev/log" ++#endif ++ ++#ifdef __PROPOLICE_BLOCK_SEGV__ ++#define SSP_SIGTYPE SIGSEGV ++#elif __PROPOLICE_BLOCK_KILL__ ++#define SSP_SIGTYPE SIGKILL ++#else ++#define SSP_SIGTYPE SIGABRT ++#endif ++ ++unsigned long __guard = 0UL; ++ ++void ++__guard_setup (void) ++{ ++ size_t size; ++#ifdef HAVE_DEV_ERANDOM ++ int mib[3]; ++#endif ++ ++ if (__guard != 0UL) ++ return; ++ ++#ifndef __SSP_QUICK_CANARY__ ++#ifdef HAVE_DEV_ERANDOM ++ /* Random is another depth in Linux, hence an array of 3. */ ++ mib[0] = CTL_KERN; ++ mib[1] = KERN_RANDOM; ++ mib[2] = RANDOM_ERANDOM; ++ ++ size = sizeof (unsigned long); ++ if (__sysctl (mib, 3, &__guard, &size, NULL, 0) != (-1)) ++ if (__guard != 0UL) ++ return; ++#endif ++ /* ++ * Attempt to open kernel pseudo random device if one exists before ++ * opening urandom to avoid system entropy depletion. ++ */ ++ { ++ int fd; ++#ifdef HAVE_DEV_ERANDOM ++ if ((fd = open ("/dev/erandom", O_RDONLY)) == (-1)) ++#endif ++ fd = open ("/dev/urandom", O_RDONLY); ++ if (fd != (-1)) ++ { ++ size = read (fd, (char *) &__guard, sizeof (__guard)); ++ close (fd); ++ if (size == sizeof (__guard)) ++ return; ++ } ++ } ++#endif ++ ++ /* If sysctl was unsuccessful, use the "terminator canary". */ ++ __guard = 0xFF0A0D00UL; ++ ++ { ++ /* Everything failed? Or we are using a weakened model of the ++ * terminator canary */ ++ struct timeval tv; ++ ++ gettimeofday (&tv, NULL); ++ __guard ^= tv.tv_usec ^ tv.tv_sec; ++ } ++} ++ ++void ++__stack_smash_handler (char func[], int damaged) ++{ ++#ifndef __dietlibc__ ++ struct sockaddr_un sock; /* AF_UNIX address of local logger */ ++#endif ++ struct sigaction sa; ++ const char message[] = ": stack smashing attack in function "; ++ char buf[512]; ++ int bufsz, len; ++#if !defined(__dietlibc__) ++ int log; ++ extern char *__progname; ++#else ++ static char *__progname = "dietapp"; ++#endif ++ ++ sigset_t mask; ++ sigfillset (&mask); ++ ++ sigdelset (&mask, SSP_SIGTYPE); /* Block all signal handlers */ ++ sigprocmask (SIG_BLOCK, &mask, NULL); /* except SIGABRT */ ++ ++ bufsz = sizeof (buf); ++ strcpy (buf, "<2>"); ++ len = 3; ++ ++ strncat (buf, __progname, sizeof (buf) - 4); ++ len = strlen (buf); ++ ++ if (bufsz > len) ++ { ++ strncat (buf, message, bufsz - len - 1); ++ len = strlen (buf); ++ } ++ if (bufsz > len) ++ { ++ strncat (buf, func, bufsz - len - 1); ++ len = strlen (buf); ++ } ++ ++ /* print error message */ ++ write (STDERR_FILENO, buf + 3, len - 3); ++ write (STDERR_FILENO, "()\n", 3); ++#ifndef __dietlibc__ ++ if ((log = socket (AF_UNIX, SOCK_DGRAM, 0)) != -1) ++ { ++ /* Send "found" message to the "/dev/log" path */ ++ sock.sun_family = AF_UNIX; ++ (void) strncpy (sock.sun_path, _PATH_LOG, sizeof (sock.sun_path) - 1); ++ sock.sun_path[sizeof (sock.sun_path) - 1] = '\0'; ++ sendto (log, buf, len, 0, (struct sockaddr *) &sock, sizeof (sock)); ++ } ++#endif ++ /* Make sure the default handler is associated with the our signal handler */ ++ ++ memset (&sa, 0, sizeof (struct sigaction)); ++ sigfillset (&sa.sa_mask); /* Block all signals */ ++ sa.sa_flags = 0; ++ sa.sa_handler = SIG_DFL; ++ sigaction (SSP_SIGTYPE, &sa, NULL); ++ // (void) kill (getpid (), SSP_SIGTYPE); ++ // _exit (127); ++} diff --git a/sys-apps/mkinitrd/mkinitrd-3.5.7-r3.ebuild b/sys-apps/mkinitrd/mkinitrd-3.5.7-r3.ebuild new file mode 100644 index 000000000000..8bf1c20ec14b --- /dev/null +++ b/sys-apps/mkinitrd/mkinitrd-3.5.7-r3.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/mkinitrd/mkinitrd-3.5.7-r3.ebuild,v 1.1 2004/10/10 22:44:47 solar Exp $ + +inherit eutils + +DESCRIPTION="Tools for creating initrd images" +HOMEPAGE="http://www.redhat.com" +SRC_URI="mirror://gentoo/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~ppc ~sparc ~amd64" +IUSE="diet selinux" + +DEPEND="dev-libs/popt + virtual/os-headers + x86? ( diet? ( dev-libs/dietlibc ) )" +RDEPEND="app-shells/bash" +PDEPEND="selinux? ( sys-apps/policycoreutils )" + +src_unpack() { + unpack ${A} + cd ${S} + + # Fix for coreutils tail behavior + sed -i -e 's/tail -1/tail -n 1/' mkinitrd || die "sed for tail -1 failed." + + # bug 29694 -- Change vgwrapper to static vgscan and vgchange + epatch ${FILESDIR}/mkinitrd-lvm_statics.diff + + # bug 35138 + epatch ${FILESDIR}/mkinitrd-3.5.7-dietssp.patch + + # SELinux policy load + use selinux && epatch ${FILESDIR}/mkinitrd-selinux.diff + + # we don't always need diet support. + use diet || sed -i -e s/'=diet '/=/g ${S}/nash/Makefile +} + +src_compile() { + cd ${S}/nash + emake || die "nash compile failed." + + cd ${S}/grubby + emake || die "grubby compile failed." +} + +src_install() { + into / + dosbin ${S}/grubby/grubby ${S}/nash/nash ${S}/mkinitrd + doman ${S}/grubby/grubby.8 ${S}/nash/nash.8 ${S}/mkinitrd.8 +} |