summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'app-antivirus')
-rw-r--r--app-antivirus/lkrg/Manifest2
-rw-r--r--app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch23
-rw-r--r--app-antivirus/lkrg/lkrg-0.9.2.ebuild39
-rw-r--r--app-antivirus/lkrg/metadata.xml11
4 files changed, 75 insertions, 0 deletions
diff --git a/app-antivirus/lkrg/Manifest b/app-antivirus/lkrg/Manifest
new file mode 100644
index 000000000000..23ac54a2e6e6
--- /dev/null
+++ b/app-antivirus/lkrg/Manifest
@@ -0,0 +1,2 @@
+DIST lkrg-0.9.2.tar.gz 125976 BLAKE2B c3da2d4599c9dd5b7d6fbec426fd93d802715f6c8566471f82c8f1c7d31621ebb4a2cc4c285d076aad6a6ee6b1bb790debbb365cfc6220192df049ac1d3c67a9 SHA512 5fec807618817bcb516e1a6779def6979badbdac6fe9b38fcce8425a0c7ebe3fb55c05d3080d8cac2d67cac6e8b7d2d77b3a1be450227299e2a02a311e223331
+DIST lkrg-0.9.2.tar.gz.sign 801 BLAKE2B 0cd8b18c8a0fbcca61ffa868b406d048461ddf9189fb08f15faa45e01b8731906a6b14105dfcf92bb5124373860f6695594063ee8d138c94c70adf471bc15e0a SHA512 18b547ca84a7fd2957484857e17983408e92fd005d58b77b399c5156ecb09fc5e9e6c910337654a2655883d103098c1769b1993017eec753bd21e63d6491ad04
diff --git a/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch b/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch
new file mode 100644
index 000000000000..438784aff16e
--- /dev/null
+++ b/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch
@@ -0,0 +1,23 @@
+commit 7939aa03e00e7e48781d405743e2f2d31fca113b
+Author: John Helmert III <ajak@gentoo.org>
+Date: Fri Jan 7 01:46:35 2022 -0600
+
+ Add non-usr-merged systemd-coredump to UMH whitelist
+
+ Some distributions haven't merged /usr yet, so add the alternative
+ path for systemd-coredump.
+
+ Signed-off-by: John Helmert III <ajak@gentoo.org>
+
+diff --git a/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c b/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c
+index ac2a737..7387135 100644
+--- a/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c
++++ b/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c
+@@ -45,6 +45,7 @@ static const char * const p_umh_global[] = {
+ "/etc/acpi/events/RadioPower.sh",
+ "/etc/acpi/wireless-rtl-ac-dc-power.sh",
+ "/lib/systemd/systemd-cgroups-agent",
++ "/lib/systemd/systemd-coredump",
+ "/sbin/bridge-stp",
+ "/sbin/critical_overtemp",
+ "/sbin/drbdadm",
diff --git a/app-antivirus/lkrg/lkrg-0.9.2.ebuild b/app-antivirus/lkrg/lkrg-0.9.2.ebuild
new file mode 100644
index 000000000000..6ebde500879b
--- /dev/null
+++ b/app-antivirus/lkrg/lkrg-0.9.2.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit linux-mod linux-info verify-sig
+
+DESCRIPTION="Linux Kernel Runtime Guard"
+HOMEPAGE="https://lkrg.org"
+SRC_URI="https://lkrg.org/download/${P}.tar.gz
+ verify-sig? ( https://lkrg.org/download/${P}.tar.gz.sign )"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64"
+
+BDEPEND="verify-sig? ( sec-keys/openpgp-keys-openwall )"
+
+PATCHES=( "${FILESDIR}/${PN}-${PV}-systemd-coredump-umh-whitelist.patch" )
+
+MODULE_NAMES="p_lkrg(misc:${S}:${S})"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openwall.asc"
+
+pkg_setup() {
+ local CONFIG_CHECK="MODULE_UNLOAD KALLSYMS_ALL JUMP_LABEL"
+ linux-mod_pkg_setup
+
+ # compile against selected (not running) target
+ BUILD_PARAMS="P_KVER=${KV_FULL} P_KERNEL=${KERNEL_DIR}"
+ BUILD_TARGETS="all"
+}
+
+src_unpack() {
+ if use verify-sig; then
+ verify-sig_verify_detached ${DISTDIR}/${P}.tar.gz{,.sign}
+ fi
+
+ default
+}
diff --git a/app-antivirus/lkrg/metadata.xml b/app-antivirus/lkrg/metadata.xml
new file mode 100644
index 000000000000..e9dbfa382604
--- /dev/null
+++ b/app-antivirus/lkrg/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>ajak@gentoo.org</email>
+ <name>John Helmert III</name>
+ </maintainer>
+ <upstream>
+ <remote-id type="github">lkrg-org/lkrg</remote-id>
+ </upstream>
+</pkgmetadata>