SPECS (LINUX_2_6): kernel.spec - todo update (see which patches ne...

mguevara mguevara at pld-linux.org
Tue Dec 12 16:02:22 CET 2006 

Author: mguevara                     Date: Tue Dec 12 15:02:22 2006 GMT
Module: SPECS                         Tag: LINUX_2_6
---- Log message:
- todo update (see which patches need update)
- pax bcond introduced (default off)
- ide_acpi bcond introduced (default on)
- pax related config files added
- patch75 linux-2.6.17-ide-acpi-support.patch added
- patch80 linux-2.6.19-cx88-tvaudio.patch added
- patch85 hostap-kernel-2.6.18.patch added
- package desc update - PaX related
- PaXconfig function tunes up per architecture PaX config options

---- Files affected:
SPECS:
   kernel.spec (1.441.2.1671 -> 1.441.2.1672) 

---- Diffs:

================================================================
Index: SPECS/kernel.spec
diff -u SPECS/kernel.spec:1.441.2.1671 SPECS/kernel.spec:1.441.2.1672
--- SPECS/kernel.spec:1.441.2.1671	Mon Dec 11 23:47:50 2006
+++ SPECS/kernel.spec	Tue Dec 12 16:02:16 2006
@@ -14,14 +14,7 @@
 # - all above todos ???
 # - (patch 1) linux-2.6-sata-promise-pata-ports.patch - test second alternative 
 # - (patch 4) fbsplash-0.9.2-r5-2.6.18-rc4.patch - untested (bcond)
-# - (patch 60) linux-2.6-sk98lin-8.36.1.3.patch - needs update
-# - use p75 from LINUX_2_6_17 - linux-2.6.17-ide-acpi-support.patch
-# - use p80 from LINUX_2_6_17 - linux-2.6.17-cx88-tvaudio.patch
-# - use p85 from LINUX_2_6_17 - hostap-kernel-2.6.17.patch
-# - (patch 100) linux-2.6-vs2.1.patch - untested
-# - (patch 101) linux-2.6-vs2.1-suspend2.patch - untested
-# - (patch 102) linux-2.6-vs2.1-128IPs.patch - untested
-# - (patch 130) linux-2.6-forcedeth-WON.patch - untested
+# - (patch 130) linux-2.6-forcedeth-WON.patch - needs update
 # - (patch 1000) linux-2.6-grsec-minimal.patch - untested
 # - (patch 9999) grsecurity-2.1.9-2.6.18.patch - use spender snapshot
 # - (patch 200) linux-2.6-ppc-ICE-hacks.patch - untested
@@ -41,6 +34,7 @@
 
 %bcond_with	abi		# build ABI support only ix86 !!
 %bcond_with	grsec_full	# build full grsecurity
+%bcond_with	pax		# build PaX and full grsecurity (todo: separate)
 %bcond_with	verbose		# verbose build (V=1)
 %bcond_with	xen0		# added Xen0 support
 %bcond_with	xenU		# added XenU support
@@ -54,21 +48,31 @@
 %bcond_with	pae		# build PAE (HIGHMEM64G) support on uniprocessor
 %bcond_with	nfsroot		# build with root on NFS support
 
+%bcond_without	ide_acpi	# support for ide-acpi from SuSE (instead of previous hack)
+
 %{?debug:%define with_verbose 1}
 
-%if !%{with grsecurity}
+%if %{without grsecurity}
 %undefine	with_grsec_full
 %undefine	with_grsec_minimal
+%undefine	with_pax
 %endif
 
-%if %{with grsec_full}
+%if %{with pax}
 %undefine	with_grsec_minimal
+%undefine	with_grsec_full
 %define		with_grsecurity		1
 %endif
 
-%if %{with grsec_minimal}
+%if %{with grsec_full}
+%undefine	with_grsec_minimal
+%define		with_grsecurity		1
+%endif
+																						     
+%if %{with grsec_minimal}																			    
 %undefine	with_grsec_full
 %define		with_grsecurity		1
+%undefine	with_pax
 %endif
 
 %ifarch ia64
@@ -138,7 +142,7 @@
 Summary(de):	Der Linux-Kernel (Kern des Linux-Betriebssystems)
 Summary(fr):	Le Kernel-Linux (La partie centrale du systeme)
 Summary(pl):	Jądro Linuksa
-Name:		kernel%{?with_grsec_full:-grsecurity}%{?with_xen0:-xen0}%{?with_xenU:-xenU}
+Name:		kernel%{?with_pax:-pax}%{?with_grsec_full:-grsecurity}%{?with_xen0:-xen0}%{?with_xenU:-xenU}
 %define		_basever	2.6.19
 %define		_postver	.1
 Version:	%{_basever}%{_postver}
@@ -192,6 +196,9 @@
 Source46:	kernel-xen0.config
 Source47:	kernel-xenU.config
 
+Source49:	kernel-pax.config
+Source50:	kernel-no-pax.config
+
 ###
 #	Patches
 ###
@@ -283,7 +290,19 @@
 # Fix for pcie cards against 2.6.18.1 from ftp://lwfinger.dynalias.org/patches
 Patch73:	kernel-bcm43xx-patch_2.6.18.1_for_PCI-E.patch
 
-# vserver from: http://vserver.13thfloor.at/Experimental/patch-2.6.18-vs2.1.1-rc35-t1.diff
+# ide-acpi instead of nx8220 s3 suspend/resume hack
+# http://svn.uludag.org.tr/pardus/devel/kernel/kernel/files/suse/ide-acpi-support.patch
+Patch75:	linux-2.6.17-ide-acpi-support.patch
+
+# cx88-blackbird based tv tuner card audio fix
+Patch80:	linux-2.6.19-cx88-tvaudio.patch
+
+# adds some ids for hostap suported cards and monitor_enable from/for aircrack-ng
+# http://patches.aircrack-ng.org/hostap-kernel-2.6.18.patch 
+Patch85:	hostap-kernel-2.6.18.patch
+
+# http://ftp.linux-vserver.org/pub/kernel/vs2.1/patch-2.6.19-vs2.1.1.5.diff.bz2
+# same as http://vserver.13thfloor.at/Experimental/patch-2.6.19-vs2.1.1.5.diff
 Patch100:	linux-2.6-vs2.1.patch
 Patch101:	linux-2.6-vs2.1-suspend2.patch
 Patch102:	linux-2.6-vs2.1-128IPs.patch
@@ -306,8 +325,7 @@
 #wanpipe
 #Patch3000:	wanpipe-beta7-2.3.4.patch
 
-# official grsecurity for 2.6.18
-# based on http://www.grsecurity.net/grsecurity-2.1.9-2.6.18-200610021833.patch.gz
+# use http://www.grsecurity.net/~spender/grsecurity-2.1.9-2.6.19-200612102128.patch
 Patch9999:	grsecurity-2.1.9-2.6.18.patch
 
 URL:		http://www.kernel.org/
@@ -404,6 +422,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -420,6 +439,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -436,6 +456,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -451,6 +472,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -600,6 +622,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -616,6 +639,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -631,6 +655,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -646,6 +671,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -927,6 +953,17 @@
 
 %patch60 -p1
 
+%if %{with ide_acpi}
+# ide-acpi instead of nx8220 s3 suspend/resume hack
+%patch75 -p1
+%endif
+
+# cx88-tvaudio
+%patch80 -p1
+
+# hostap enhancements from/for aircrack-ng 
+%patch85 -p1
+
 # vserver:
 %patch100 -p1
 %ifarch %{ix86} %{x8664} ia64
@@ -946,10 +983,16 @@
 %if %{with grsec_minimal}
 %patch1000 -p1
 %endif
+
 %if %{with grsec_full}
 %patch9999 -p1
 %endif
 
+%if %{with pax}
+%patch9999 -p1
+%endif
+
+
 %ifarch ppc ppc64
 %patch200 -p1
 %endif
@@ -1017,6 +1060,28 @@
 %endif
 }
 
+PaXconfig () {
+	set -x
+	%ifarch %{ix86}
+		sed -i 's:# CONFIG_PAX_SEGMEXEC is not set:CONFIG_PAX_SEGMEXEC=y:' $1
+		sed -i 's:# CONFIG_PAX_DEFAULT_SEGMEXEC is not set:CONFIG_PAX_DEFAULT_SEGMEXEC=y:' $1
+		%ifnarch i386 i486
+			sed -i 's:# CONFIG_PAX_NOVSYSCALL is not set:CONFIG_PAX_NOVSYSCALL=y:' $1
+		%endif
+	%endif
+	%ifarch ppc64
+		sed -i 's:CONFIG_PAX_NOELFRELOCS=y:# CONFIG_PAX_NOELFRELOCS is not set:' $1
+	%endif
+	%ifarch ppc
+		sed -i 's:# CONFIG_PAX_EMUTRAMP is not set:CONFIG_PAX_EMUTRAMP=y:' $1
+	%endif
+	%ifarch %{ix8664}
+		sed -i 's:# CONFIG_PAX_MEMORY_UDEREF is not set:# CONFIG_PAX_MEMORY_UDEREF=y:' $1
+	%endif
+	return 0
+}
+
+
 BuildConfig() {
 	%{?debug:set -x}
 	# is this a special kernel we want to build?
@@ -1064,6 +1129,18 @@
 	cat %{SOURCE45} >> arch/%{_target_base_arch}/defconfig
 %endif
 
+%if %{with pax}
+	cat %{SOURCE49} >> arch/%{_target_base_arch}/defconfig
+	PaXconfig arch/%{_target_base_arch}/defconfig
+%else   
+	cat %{SOURCE50} >> arch/%{_target_base_arch}/defconfig
+%endif
+
+%if %{with ide_acpi}
+	echo "CONFIG_BLK_DEV_IDEACPI=y" >> arch/%{_target_base_arch}/defconfig
+%endif
+
+
 %if %{with xen0}
 	cat %{SOURCE46} >> arch/%{_target_base_arch}/defconfig
 %endif
@@ -1344,7 +1421,7 @@
 		title='PLD Linux'
 	fi
 
-	ext='%{?with_grsec_full:grsecurity}%{?with_xen0:Xen0}%{?with_xenU:XenU}'
+	ext='%{?with_pax:pax}%{?with_grsec_full:grsecurity}%{?with_xen0:Xen0}%{?with_xenU:XenU}'
 	if [ "$ext" ]; then
 		title="$title $ext"
 	fi
@@ -1416,7 +1493,7 @@
 		title='PLD Linux'
 	fi
 
-	ext='%{?with_grsec_full:grsecurity}%{?with_xen0:Xen0}%{?with_xenU:XenU}'
+	ext='%{?with_pax:pax}%{?with_grsec_full:grsecurity}%{?with_xen0:Xen0}%{?with_xenU:XenU}'
 	if [ "$ext" ]; then
 		title="$title $ext"
 	fi
@@ -1775,6 +1852,17 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.441.2.1672  2006/12/12 15:02:16  mguevara
+- todo update (see which patches need update)
+- pax bcond introduced (default off)
+- ide_acpi bcond introduced (default on)
+- pax related config files added
+- patch75 linux-2.6.17-ide-acpi-support.patch added
+- patch80 linux-2.6.19-cx88-tvaudio.patch added
+- patch85 hostap-kernel-2.6.18.patch added
+- package desc update - PaX related
+- PaXconfig function tunes up per architecture PaX config options
+
 Revision 1.441.2.1671  2006/12/11 22:47:50  mguevara
 - 2.6.19.1 update, not ready yet btw.
 
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SPECS/kernel.spec?r1=1.441.2.1671&r2=1.441.2.1672&f=u

More information about the pld-cvs-commit mailing list