SPECS (Titanium): kernel-bare-grsecurity.spec - more up/smp cleanu...

hawk hawk at pld-linux.org
Sat Nov 10 21:53:25 CET 2007


Author: hawk                         Date: Sat Nov 10 20:53:25 2007 GMT
Module: SPECS                         Tag: Titanium
---- Log message:
- more up/smp cleanup
- added PaX support

---- Files affected:
SPECS:
   kernel-bare-grsecurity.spec (1.1.2.1 -> 1.1.2.2) 

---- Diffs:

================================================================
Index: SPECS/kernel-bare-grsecurity.spec
diff -u SPECS/kernel-bare-grsecurity.spec:1.1.2.1 SPECS/kernel-bare-grsecurity.spec:1.1.2.2
--- SPECS/kernel-bare-grsecurity.spec:1.1.2.1	Sat Nov 10 20:09:53 2007
+++ SPECS/kernel-bare-grsecurity.spec	Sat Nov 10 21:53:19 2007
@@ -5,6 +5,7 @@
 %bcond_with	verbose		# verbose build (V=1)
 %bcond_with	pae		# build PAE (HIGHMEM64G) support on uniprocessor
 %bcond_with	preempt-nort	# build preemptable no realtime kernel
+%bcond_with	pax		# build PaX
 
 %{?debug:%define with_verbose 1}
 
@@ -39,7 +40,11 @@
 %define		_oprofile_ver		0.9
 %define		_udev_ver		071
 
+%if %{with pax}
+%define		alt_kernel	bare-pax-grsecurity
+%else
 %define		alt_kernel	bare-grsecurity
+%endif
 
 %define		_basever	2.6.23
 %define		_postver	.1
@@ -79,8 +84,12 @@
 Source20:	kernel-bare-grsecurity-i386.config
 Source21:	kernel-bare-grsecurity-x86_64.config
 
+Source30:	kernel-bare-grsecurity-pax.config
+
 # from http://www.grsecurity.net/~spender/
 Patch100:	linux-2.6-grsecurity.patch
+# from squashfs: http://dl.sourceforge.net/sourceforge/squashfs/squashfs3.2-r2.tar.gz for linux-2.6.20
+Patch101:	squashfs3.2-patch
 
 URL:		http://www.kernel.org/
 BuildRequires:	binutils >= 3:2.14.90.0.7
@@ -385,6 +394,7 @@
 %endif
 
 %patch100 -p1
+%patch101 -p1
 
 # Fix EXTRAVERSION in main Makefile
 sed -i 's#EXTRAVERSION =.*#EXTRAVERSION = %{_postver}_%{alt_kernel}#g' Makefile
@@ -433,13 +443,25 @@
 %endif
 }
 
+PaXconfig () {
+	set -x
+	sed -i "s:# CONFIG_PAX is not set:CONFIG_PAX=y:" .config
+	%ifarch %{ix86}
+		sed -i 's:# CONFIG_PAX_SEGMEXEC is not set:CONFIG_PAX_SEGMEXEC=y:' $1
+	%endif
+	%ifarch %{ix8664}
+		sed -i 's:# CONFIG_PAX_MEMORY_UDEREF is not set:# CONFIG_PAX_MEMORY_UDEREF=y:' $1
+	%endif
+	return 0
+}
+
 rm -f .config
 BuildConfig() {
 	%{?debug:set -x}
 	Config="%{_target_base_arch}"
-	KernelVer=%{kernel_release}$1
+	KernelVer=%{kernel_release}
 
-	echo "Building config file [using $Config.conf] for KERNEL $1..."
+	echo "Building config file [using $Config.conf] for KERNEL ..."
 
 	echo "" > .config
 	cat $RPM_SOURCE_DIR/kernel-bare-grsecurity-$Config.config >> .config
@@ -453,6 +475,11 @@
 		sed -i "s:# CONFIG_PREEMPT_BKL is not set:CONFIG_PREEMPT_BKL=y:" .config
 	%endif
 
+	%if %{with pax}
+		cat %{SOURCE30} >> .config
+		PaXconfig .config
+	%endif
+
 %{?debug:sed -i "s:# CONFIG_DEBUG_SLAB is not set:CONFIG_DEBUG_SLAB=y:" .config}
 %{?debug:sed -i "s:# CONFIG_DEBUG_PREEMPT is not set:CONFIG_DEBUG_PREEMPT=y:" .config}
 %{?debug:sed -i "s:# CONFIG_RT_DEADLOCK_DETECT is not set:CONFIG_RT_DEADLOCK_DETECT=y:" .config}
@@ -470,7 +497,7 @@
 
 BuildKernel() {
 	%{?debug:set -x}
-	echo "Building kernel $1 ..."
+	echo "Building kernel ..."
 	%{__make} %{MakeOpts} mrproper \
 		RCS_FIND_IGNORE='-name build-done -prune -o'
 	install arch/%{_target_base_arch}/defconfig .config
@@ -835,6 +862,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.1.2.2  2007/11/10 20:53:19  hawk
+- more up/smp cleanup
+- added PaX support
+
 Revision 1.1.2.1  2007/11/10 19:09:53  hawk
 - started work on my own grsecurity kernel for PLD Titanium, if you want
   to add some patches/changes, ask me first or use kernel.spec
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SPECS/kernel-bare-grsecurity.spec?r1=1.1.2.1&r2=1.1.2.2&f=u



More information about the pld-cvs-commit mailing list