diff options
Diffstat (limited to 'app-antivirus')
-rw-r--r-- | app-antivirus/lkrg/Manifest | 2 | ||||
-rw-r--r-- | app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch | 23 | ||||
-rw-r--r-- | app-antivirus/lkrg/lkrg-0.9.2.ebuild | 39 | ||||
-rw-r--r-- | app-antivirus/lkrg/metadata.xml | 11 |
4 files changed, 75 insertions, 0 deletions
diff --git a/app-antivirus/lkrg/Manifest b/app-antivirus/lkrg/Manifest new file mode 100644 index 000000000000..23ac54a2e6e6 --- /dev/null +++ b/app-antivirus/lkrg/Manifest @@ -0,0 +1,2 @@ +DIST lkrg-0.9.2.tar.gz 125976 BLAKE2B c3da2d4599c9dd5b7d6fbec426fd93d802715f6c8566471f82c8f1c7d31621ebb4a2cc4c285d076aad6a6ee6b1bb790debbb365cfc6220192df049ac1d3c67a9 SHA512 5fec807618817bcb516e1a6779def6979badbdac6fe9b38fcce8425a0c7ebe3fb55c05d3080d8cac2d67cac6e8b7d2d77b3a1be450227299e2a02a311e223331 +DIST lkrg-0.9.2.tar.gz.sign 801 BLAKE2B 0cd8b18c8a0fbcca61ffa868b406d048461ddf9189fb08f15faa45e01b8731906a6b14105dfcf92bb5124373860f6695594063ee8d138c94c70adf471bc15e0a SHA512 18b547ca84a7fd2957484857e17983408e92fd005d58b77b399c5156ecb09fc5e9e6c910337654a2655883d103098c1769b1993017eec753bd21e63d6491ad04 diff --git a/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch b/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch new file mode 100644 index 000000000000..438784aff16e --- /dev/null +++ b/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch @@ -0,0 +1,23 @@ +commit 7939aa03e00e7e48781d405743e2f2d31fca113b +Author: John Helmert III <ajak@gentoo.org> +Date: Fri Jan 7 01:46:35 2022 -0600 + + Add non-usr-merged systemd-coredump to UMH whitelist + + Some distributions haven't merged /usr yet, so add the alternative + path for systemd-coredump. + + Signed-off-by: John Helmert III <ajak@gentoo.org> + +diff --git a/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c b/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c +index ac2a737..7387135 100644 +--- a/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c ++++ b/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c +@@ -45,6 +45,7 @@ static const char * const p_umh_global[] = { + "/etc/acpi/events/RadioPower.sh", + "/etc/acpi/wireless-rtl-ac-dc-power.sh", + "/lib/systemd/systemd-cgroups-agent", ++ "/lib/systemd/systemd-coredump", + "/sbin/bridge-stp", + "/sbin/critical_overtemp", + "/sbin/drbdadm", diff --git a/app-antivirus/lkrg/lkrg-0.9.2.ebuild b/app-antivirus/lkrg/lkrg-0.9.2.ebuild new file mode 100644 index 000000000000..6ebde500879b --- /dev/null +++ b/app-antivirus/lkrg/lkrg-0.9.2.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit linux-mod linux-info verify-sig + +DESCRIPTION="Linux Kernel Runtime Guard" +HOMEPAGE="https://lkrg.org" +SRC_URI="https://lkrg.org/download/${P}.tar.gz + verify-sig? ( https://lkrg.org/download/${P}.tar.gz.sign )" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64" + +BDEPEND="verify-sig? ( sec-keys/openpgp-keys-openwall )" + +PATCHES=( "${FILESDIR}/${PN}-${PV}-systemd-coredump-umh-whitelist.patch" ) + +MODULE_NAMES="p_lkrg(misc:${S}:${S})" +VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openwall.asc" + +pkg_setup() { + local CONFIG_CHECK="MODULE_UNLOAD KALLSYMS_ALL JUMP_LABEL" + linux-mod_pkg_setup + + # compile against selected (not running) target + BUILD_PARAMS="P_KVER=${KV_FULL} P_KERNEL=${KERNEL_DIR}" + BUILD_TARGETS="all" +} + +src_unpack() { + if use verify-sig; then + verify-sig_verify_detached ${DISTDIR}/${P}.tar.gz{,.sign} + fi + + default +} diff --git a/app-antivirus/lkrg/metadata.xml b/app-antivirus/lkrg/metadata.xml new file mode 100644 index 000000000000..e9dbfa382604 --- /dev/null +++ b/app-antivirus/lkrg/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>ajak@gentoo.org</email> + <name>John Helmert III</name> + </maintainer> + <upstream> + <remote-id type="github">lkrg-org/lkrg</remote-id> + </upstream> +</pkgmetadata> |