diff options
author | Jason Zaman <perfinion@gentoo.org> | 2017-11-18 14:17:48 +0800 |
---|---|---|
committer | Jason Zaman <perfinion@gentoo.org> | 2017-11-18 16:28:15 +0800 |
commit | 355f57a7181769c610d7678fbbacc7f5b6b6335b (patch) | |
tree | e3af316c2d62e732b03119ac204fe8c2ffe088b8 | |
parent | ruby-ng.eclass: Fix eclass doc warnings (diff) | |
download | gentoo-355f57a7181769c610d7678fbbacc7f5b6b6335b.tar.gz gentoo-355f57a7181769c610d7678fbbacc7f5b6b6335b.tar.bz2 gentoo-355f57a7181769c610d7678fbbacc7f5b6b6335b.zip |
sys-boot/tboot: snapshot to fix CVE-2017-16837 (bug 637942)
Package-Manager: Portage-2.3.13, Repoman-2.3.3
-rw-r--r-- | sys-boot/tboot/Manifest | 1 | ||||
-rw-r--r-- | sys-boot/tboot/tboot-1.9.6_p20171118.ebuild | 71 |
2 files changed, 72 insertions, 0 deletions
diff --git a/sys-boot/tboot/Manifest b/sys-boot/tboot/Manifest index 1248c9738036..da65d9daa3e7 100644 --- a/sys-boot/tboot/Manifest +++ b/sys-boot/tboot/Manifest @@ -1,2 +1,3 @@ DIST tboot-1.9.5.tar.gz 685460 SHA256 c7032e367ac0129493c9bb1fcd1437f400ff5533c970119ddce281ff4d58a13f SHA512 d806b692d3d57d0aaf4095ef514a2859b2b054ec695cb5589b3a6133eec7f7a9a0e76544e4b557df02add5ed67c3c15fb3ee5f17d6438252b659d6e5c7d17fe9 WHIRLPOOL 04843854b1a646d6126079a3b46bacf0c8191d5b5c322f8bc04ea39c0d5470bba2f7f2499761d42aa258552c1dfbeb626275e7473628b21719a6fe59bc05029c DIST tboot-1.9.6.tar.gz 693564 SHA256 1b55eed6ca8196b2a003936594248a242888ac34ff970eda651e7660c4772a39 SHA512 f53f5535f7ab031439514b43811cd2ec93efcb7614cb7bc7d1f3051d808d942e8a4942fd1d0ab6fe0c245740c2a10ba7adbcd44f2c42b2a577d9a20c0c5df90e WHIRLPOOL 889af09491c599d73976a0a4b456e9d01f44c47bffd047cb0f84ca786953b02c952a2d8c1fe873ac0390f6faffe7f41c0871e07f8c9466c9bc719f683dfc4a36 +DIST tboot-1.9.6_p20171118.tar.gz 691068 SHA256 729cb6ef75d1da7e258a544084fb36d87313a06300d30fef767d802cbc1cfd28 SHA512 6476b783516909bf9cf10915fc23e71dca03d521dcc7bf71fbd19684c996c2c588955bb8f896f02afe56feddf9c639b6349635651c852a90319429b2943ec950 WHIRLPOOL 0d98e303069a3fcf9e3706050b1325497c0e52b66e52f934a619962f2e6c2b4519ffef0627c41e38fd7924fdbb9b170a58f65f674f5be52a344322cdb8f2f307 diff --git a/sys-boot/tboot/tboot-1.9.6_p20171118.ebuild b/sys-boot/tboot/tboot-1.9.6_p20171118.ebuild new file mode 100644 index 000000000000..3da7e7525a77 --- /dev/null +++ b/sys-boot/tboot/tboot-1.9.6_p20171118.ebuild @@ -0,0 +1,71 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit flag-o-matic mount-boot + +DESCRIPTION="Performs a measured and verified boot using Intel Trusted Execution Technology" +HOMEPAGE="https://sourceforge.net/projects/tboot/" +SRC_URI="https://dev.gentoo.org/~perfinion/distfiles/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~x86 -*" +IUSE="custom-cflags selinux" + +# requires patching the kernel src +RESTRICT="test" + +DEPEND="app-crypt/trousers +app-crypt/tpm-tools +dev-libs/openssl:0=[-bindist]" + +RDEPEND="${DEPEND} +sys-boot/grub:2 +selinux? ( sec-policy/selinux-tboot )" + +DOCS=( README COPYING CHANGELOG ) +PATCHES=( "${FILESDIR}/${PN}-1.9.5-genkernel-path.patch" ) + +src_prepare() { + sed -i 's/ -Werror//g' Config.mk || die + sed -i 's/^INSTALL_STRIP = -s$//' Config.mk || die # QA Errors + + default +} + +src_compile() { + use custom-cflags && export TBOOT_CFLAGS=${CFLAGS} || unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS + + if use amd64; then + export MAKEARGS="TARGET_ARCH=x86_64" + else + export MAKEARGS="TARGET_ARCH=i686" + fi + + default +} + +src_install() { + emake DISTDIR="${D}" install + + dodoc "${DOCS[@]}" + dodoc docs/*.txt lcptools/*.{txt,pdf} || die "docs failed" + + cd "${D}" + mkdir -p usr/lib/tboot/ || die + mv boot usr/lib/tboot/ || die +} + +pkg_postinst() { + mount-boot_mount_boot_partition + + cp ${ROOT%/}/usr/lib/tboot/boot/* ${ROOT%/}/boot/ + + mount-boot_pkg_postinst + + ewarn "Please remember to download the SINIT AC Module relevant" + ewarn "for your platform from:" + ewarn "http://software.intel.com/en-us/articles/intel-trusted-execution-technology/" +} |