wok: linux/receipt annotate

wok annotate linux/receipt @ rev 14517

linux: fix local privilege escalation 0day, 2.6.37 - 3.8.10

author	Pascal Bellard <pascal.bellard@slitaz.org>
date	Thu May 16 16:02:27 2013 +0200 (2013-05-16)
parents	a62a3bf42fb0
children	ad59999b3fce

rev	line source
pankso@3	1 # SliTaz package receipt.
pankso@3	2
pankso@3	3 PACKAGE="linux"
pascal@14175	4 VERSION="3.2.40"
pankso@12812	5 KBASEVER="${VERSION:0:3}"
pankso@3	6 CATEGORY="base-system"
pankso@3	7 SHORT_DESC="The Linux kernel and modules."
pankso@3864	8 MAINTAINER="devel@slitaz.org"
pankso@12812	9 TARBALL="$PACKAGE-$KBASEVER.tar.xz"
pankso@3	10 WEB_SITE="http://www.kernel.org/"
pascal@14234	11 WGET_URL="ftp://ftp.kernel.org/pub/linux/kernel/v3.0/$TARBALL"
pankso@12803	12 HOST_ARCH="i486 arm x86_64"
pankso@12803	13
pankso@12812	14 DEPENDS="kmod"
pascal@14234	15 BUILD_DEPENDS="slitaz-toolchain perl git xz lzma patch uclibc-cross-compiler-x86_64"
pankso@12824	16
pankso@12824	17 # Use version patch so we dont dl full kernel source on each minor update
pascal@14351	18 [ "$KBASEVER" != "$VERSION" ] &&
pascal@14351	19 PATCH="$(dirname $WGET_URL)/patch-$VERSION.xz" &&
pascal@14351	20 EXTRA_SOURCE_FILES="$(basename $PATCH)"
pankso@12812	21
pankso@12803	22 # Aufs enable chroot
pascal@14223	23 AUFS_NOT_RAMFS="uclibc-cross-compiler-x86_64 is not compatible with aufs+tmpfs 8("
pankso@3	24
pankso@12824	25 # This will save/restore modules.dep but we want to regenerate it on
pankso@12824	26 # install or upgrade.
pankso@12803	27 #CONFIG_FILES="/lib/modules/$KBASEVER-slitaz/modules.dep"
pankso@12803	28
pankso@12824	29 # Handle multiarch compilation. Less bdeps when cross-compiling for ARM
pankso@12803	30 case "$ARCH" in
pankso@12824	31 arm) BUILD_DEPENDS="xz" TARBALL="$PACKAGE-$VERSION.tar.bz2" ;;
pankso@12824	32 x86_64) BUILD_DEPENDS="xz" ;;
pankso@12824	33 esac
pankso@12824	34
pankso@12824	35 # TODO: slitaz.conf provide SLITAZ_ARCH and must be handled by tazpkg/spk
pankso@12824	36 [ -f "$root/etc/slitaz/slitaz.conf" ] && . $root/etc/slitaz/slitaz.conf
pankso@12824	37
pankso@12824	38 # Handle multiarch installation. ARM use Busybox modutils, so avoid any
pankso@12824	39 # deps on kmod
pankso@12824	40 case "$SLITAZ_ARCH" in
pankso@12824	41 arm) DEPENDS="" ;;
pankso@12803	42 esac
pankso@9731	43
pankso@3	44 # Rules to configure and make the package.
pankso@3	45 compile_rules()
pankso@3	46 {
pankso@9731	47 cd $src
pankso@12803	48
pascal@14179	49 if [ "$KBASEVER" != "$VERSION" ]; then
pascal@14179	50 [ -s $SRC/$(basename $PATCH) ] \|\|
pascal@14234	51 wget $PATCH -O $SRC/$(basename $PATCH)
pascal@14179	52 xzcat $SRC/$(basename $PATCH) \| patch -Np1
pascal@14179	53 touch done.patch-$VERSION
pascal@14179	54 fi
pascal@14179	55
pankso@12803	56 case "$ARCH" in
pankso@12803	57 arm)
pankso@12803	58 echo "Compiling: ARM Kernel"
pascal@14178	59 if [ ! -s $SRC/$(basename $PATCH) ]; then
pascal@14234	60 wget $PATCH -O $SRC/$(basename $PATCH)
pankso@12812	61 fi
pankso@12824	62 make mrproper
pankso@12824	63 # Buggy: we got kernel panic about module not tinted 3.2.14
pankso@12824	64 #echo "Applying patch: $(basename $PATCH)"
pankso@12824	65 #xzcat $SRC/$(basename $PATCH) \| patch -Np1 >/dev/null
pankso@12824	66 patch -Np1 < $stuff/$ARCH/linux-arm.patch \|\| exit 1
pankso@12824	67 cp -f $stuff/$ARCH/linux-arm.config .config
pankso@12803	68 make ARCH=$ARCH CROSS_COMPILE=${HOST_SYSTEM}- bzImage &&
pankso@12803	69 make ARCH=$ARCH CROSS_COMPILE=${HOST_SYSTEM}- modules &&
pankso@12803	70 make ARCH=$ARCH CROSS_COMPILE=${HOST_SYSTEM}- \
pankso@12803	71 INSTALL_MOD_PATH=$DESTDIR modules_install &&
pankso@12803	72 mkdir -p $DESTDIR/boot &&
pankso@12824	73 cp -a arch/arm/boot/zImage \
pankso@12803	74 $DESTDIR/boot/linux-$VERSION-slitaz-$ARCH
pankso@12803	75 return 0 ;;
pankso@12803	76 x86_64)
pankso@12803	77 echo "TODO: Maybe use default ? But cross compile in x86_64 chroot"
pankso@12803	78 echo "so we can remove the 64 build by uclibc-cross-compiler-x86_64"
pankso@12803	79 return 0 ;;
pankso@12803	80 esac
pankso@12803	81
gokhlayeh@11395	82 [ ! -x /usr/bin/cook ] && report open-bloc
pankso@9731	83
pankso@9731	84 # Check for Aufs and cook it if unbuilt.
pankso@9731	85 echo "Checking for Aufs packages..."
pankso@12285	86 _AUFSVER=`grep ^VERSION= $WOK/aufs/receipt \| cut -d "=" -f2 \| sed -e 's/"//g'`
pankso@12285	87 if [ -x /usr/bin/cook ]; then
gokhlayeh@11395	88 # Give info an redirect to /dev/null since aufs got it own log.
gokhlayeh@11395	89 AUFSDIR=$WOK/aufs/source/aufs-${_AUFSVER}
pankso@12285	90 [ -d "$AUFSDIR" ] && rm -rf $AUFSDIR
pankso@12285	91 #echo "Cook: aufs $_AUFSVER"
pankso@12288	92 cook aufs --getsrc
pankso@12288	93 mkdir -p $WOK/aufs/source/
pankso@12289	94 tar xjf $SRC/aufs-${_AUFSVER}.tar.bz2 -C $WOK/aufs/source/
pankso@12285	95 elif [ -x /usr/bin/tazwok ]; then
pankso@12285	96 # we just need aufs source. Also cooking now is a bad idea since it
pankso@12285	97 # needs linux-module-headers. The one your cooking not the one from the web.
gokhlayeh@11395	98 AUFSDIR=$WOK/aufs/aufs-${_AUFSVER}
gokhlayeh@11395	99 [ -d "$AUFSDIR" ] && rm -rf $AUFSDIR
gokhlayeh@11395	100 tazwok get-src aufs --target=$AUFSDIR \|\| { report close-bloc; return 1; }
pankso@9731	101 fi
pankso@12285	102 echo "cook:linux" > $command
pankso@12285	103
pankso@9731	104 echo "Copying Aufs files and patches..."
slaxemulator@7297	105 cp -a $AUFSDIR/Documentation $AUFSDIR/fs $AUFSDIR/include $src
pankso@12285	106 cp -a $AUFSDIR/aufs3-*.patch $stuff
pankso@12285	107
pankso@4251	108 # SliTaz db
pankso@12285	109 [ -d $WOK/$PACKAGE/source/slitaz ] && rm -rf $WOK/$PACKAGE/source/slitaz 2> /dev/null
pankso@12285	110 mkdir -p $WOK/$PACKAGE/source/slitaz
pankso@12290	111 echo "$WGET_URL" > $WOK/$PACKAGE/source/slitaz/url
pankso@12285	112 cp $stuff/gztazmod.sh $stuff/list_modules.sh $WOK/$PACKAGE/source/slitaz
pankso@12285	113 cp $stuff/bootloader.sh $WOK/$PACKAGE/source/slitaz
pankso@12803	114
pankso@5640	115 # Apply patches
pankso@9731	116 echo "Applying patches..."
pascal@521	117 while read patch_file; do
pankso@12285	118 echo "$patch_file" >> $WOK/$PACKAGE/source/slitaz/patches
pankso@12285	119 cp $stuff/$patch_file $WOK/$PACKAGE/source/slitaz
pascal@1442	120 if [ -f done.$patch_file ]; then
pascal@1442	121 echo "Skipping $patch_file"
pascal@1442	122 continue
pascal@1442	123 fi
pascal@521	124 echo "Apply $patch_file"
pankso@12285	125 if [ -x /usr/bin/cook ]; then
pankso@12285	126 patch -p1 < $WOK/$PACKAGE/source/slitaz/$patch_file \|\| return 1
pankso@12285	127 elif [ -x /usr/bin/tazwok ]; then
pankso@12285	128 patch -p1 < $WOK/$PACKAGE/source/slitaz/$patch_file \|\| { report close-bloc; return 1; }
pankso@12285	129 fi
pascal@1442	130 touch done.$patch_file
pascal@521	131 done <<EOT
pankso@12285	132 $PACKAGE-diff.u
pankso@12285	133 $PACKAGE-header.u
pankso@12285	134 $PACKAGE-freeinitrd.u
pascal@14517	135 $PACKAGE-core.u
pankso@12285	136 aufs3-base.patch
pankso@12285	137 aufs3-standalone.patch
pankso@12285	138 aufs3-loopback.patch
pankso@12285	139 aufs3-proc_map.patch
pankso@12285	140 channel-negative-one-maxim.patch
pankso@12285	141 mac80211.compat08082009.wl_frag+ack_v1.patch
pascal@521	142 EOT
pankso@9731	143
pankso@12285	144 sed -i 's\|SUBLEVEL =.*\|SUBLEVEL =\|g' Makefile
pankso@12285	145
gokhlayeh@11395	146 [ ! -x /usr/bin/cook ] && report step "Make kernel proper and then build lguest"
pankso@12294	147 [ -x /usr/bin/cook ] && echo "Make kernel proper and then build lguest"
pankso@3864	148 make mrproper
pankso@12285	149 cd Documentation/virtual/lguest
pankso@12285	150 if [ -x /usr/bin/cook ]; then
pankso@12285	151 make lguest \|\| return 1
pankso@12285	152 elif [ -x /usr/bin/tazwok ]; then
pankso@12285	153 make lguest \|\| { report close-bloc; return 1; }
pankso@12285	154 fi
slaxemulator@8681	155 cd $src
pankso@12803	156
pascal@12570	157 case "$opt" in
pascal@12570	158 --no64);;
pascal@12570	159 *)
pankso@12294	160 #
pankso@12294	161 # Arch x86_64
pankso@12294	162 #
pankso@12294	163 [ ! -x /usr/bin/cook ] && report step "Make bzImage64 without modules first"
pankso@12294	164 [ -x /usr/bin/cook ] && echo "Building x86_64 Kernel"
pankso@12803	165
pankso@12285	166 # Build bzImage64 without modules first
pascal@12293	167 cp -f $stuff/$PACKAGE-slitaz.config64 .config
pankso@12285	168 sed -i 's/CONFIG_MODULES=y/# CONFIG_MODULES is not set/' .config
pankso@12803	169
pankso@12803	170 # We can't keep every driver in staging
pankso@12285	171 sed -i -e 's/^CONFIG_RTL8192/#&/' \
pankso@12285	172 -e 's/^CONFIG_R8187SE/#&/' \
pankso@12285	173 -e 's/^CONFIG_RT2870/#&/' .config
pankso@12285	174 yes '' \| make ARCH=x86_64 oldconfig
pankso@12285	175 if [ -x /usr/bin/cook ]; then
pankso@12285	176 make -j 4 ARCH=x86_64 CROSS_COMPILE=uclibc-x86_64- bzImage \|\| exit 1
pankso@12285	177 elif [ -x /usr/bin/tazwok ]; then
pankso@12285	178 make -j 4 ARCH=x86_64 CROSS_COMPILE=uclibc-x86_64- bzImage \|\| { report close-bloc; return 1; }
pankso@12285	179 fi
pankso@12285	180 [ -d $PWD/_pkg ] \|\| mkdir -p $DESTDIR/linux64
pankso@12285	181 mv arch/x86/boot/bzImage $DESTDIR/linux64
pankso@12285	182 mv System.map System.map-without-modules64
pankso@12285	183
pankso@12285	184 [ ! -x /usr/bin/cook ] && report step "Now build bzImage64 with modules"
pankso@12803	185
pankso@12285	186 # Build bzImage64 with modules
pascal@12293	187 cp -f $stuff/$PACKAGE-slitaz.config64 .config
pankso@12285	188 #make ARCH=x86_64 oldconfig
pankso@12285	189 make -j 4 ARCH=x86_64 CROSS_COMPILE=uclibc-x86_64- bzImage &&
pankso@12285	190 make -j 4 ARCH=x86_64 CROSS_COMPILE=uclibc-x86_64- modules &&
pankso@12285	191 make ARCH=x86_64 INSTALL_MOD_PATH=$DESTDIR/linux64 modules_install &&
pankso@12285	192 make ARCH=x86_64 INSTALL_HDR_PATH=$DESTDIR/linux64/usr headers_install &&
pascal@14180	193 ln .config $WOK/$PACKAGE/source/slitaz/config64
pankso@12285	194 if [ -x /usr/bin/cook ]; then
pankso@12285	195 [ -s arch/x86/boot/bzImage ] \|\| return 1
pankso@12285	196 elif [ -x /usr/bin/tazwok ]; then
pankso@12285	197 [ -s arch/x86/boot/bzImage ] \|\| { report close-bloc; return 1; }
pankso@12285	198 fi
pankso@12285	199 mkdir -p $DESTDIR/linux64/boot 2> /dev/null
pankso@12285	200 mv arch/x86/boot/bzImage $DESTDIR/linux64/boot/vmlinuz-$VERSION-slitaz
pankso@12285	201 ln System.map System.map-modules64
pankso@12285	202 ln Module.symvers Module.symvers-modules64
pascal@12570	203 esac
pankso@12803	204
pankso@12294	205 #
pankso@12294	206 # Standard kernel
pankso@12294	207 #
pankso@12294	208 [ ! -x /usr/bin/cook ] && report step "Make bzImage without modules first"
pankso@12294	209 [ -x /usr/bin/cook ] && echo "Building standard kernel..."
pankso@12803	210
pankso@12294	211 # Build bzImage without modules first
pankso@12294	212 cp -f $stuff/$PACKAGE-slitaz.config .config
pankso@12294	213 sed -i 's/CONFIG_MODULES=y/# CONFIG_MODULES is not set/' .config
pankso@12803	214
pankso@12803	215 # We can't keep every driver in staging
pankso@12294	216 sed -i -e 's/^CONFIG_RTL8192/#&/' \
pankso@12294	217 -e 's/^CONFIG_R8187SE/#&/' \
pankso@12294	218 -e 's/^CONFIG_RT2870/#&/' .config
pankso@12294	219 yes '' \| make oldconfig
pankso@12294	220 if [ -x /usr/bin/cook ]; then
pankso@12294	221 make -j 4 bzImage \|\| exit 1
pankso@12294	222 elif [ -x /usr/bin/tazwok ]; then
pankso@12294	223 make -j 4 bzImage \|\| { report close-bloc; return 1; }
pankso@12294	224 fi
pankso@12294	225 [ -d $DESTDIR ] \|\| mkdir -p $DESTDIR
pankso@12294	226 mv arch/x86/boot/bzImage $DESTDIR
pankso@12294	227 mv System.map System.map-without-modules
pankso@12294	228
pankso@12294	229 [ ! -x /usr/bin/cook ] && report step "Now build bzImage with modules"
pankso@12803	230
pankso@12294	231 # Build bzImage with modules
pankso@12294	232 cp -f $stuff/$PACKAGE-slitaz.config .config
pankso@12294	233 #make oldconfig
pankso@12294	234 ln .config $WOK/$PACKAGE/source/slitaz/config
pankso@12294	235 make -j 4 bzImage &&
pankso@12294	236 make -j 4 modules &&
pankso@12294	237 make INSTALL_MOD_PATH=$DESTDIR modules_install &&
pankso@12294	238 make INSTALL_HDR_PATH=$DESTDIR/usr headers_install &&
pankso@12294	239 if [ -x /usr/bin/cook ]; then
pankso@12294	240 [ -s arch/x86/boot/bzImage ] \|\| return 1
pankso@12294	241 elif [ -x /usr/bin/tazwok ]; then
pankso@12294	242 [ -s arch/x86/boot/bzImage ] \|\| { report close-bloc; return 1; }
pankso@12294	243 fi
pankso@12294	244 mkdir -p $DESTDIR/boot 2> /dev/null
pankso@12294	245 mv arch/x86/boot/bzImage $DESTDIR/boot/vmlinuz-$VERSION-slitaz
pankso@12803	246
gokhlayeh@11395	247 [ ! -x /usr/bin/cook ] && report step "Compressing all modules"
pankso@12803	248
slaxemulator@6719	249 # Compress all modules.
pankso@12285	250 $stuff/gztazmod.sh $DESTDIR/lib/modules/$KBASEVER-slitaz
pankso@12285	251 $stuff/gztazmod.sh $DESTDIR/linux64/lib/modules/$KBASEVER-slitaz
pascal@7667	252 ln System.map System.map-modules
pascal@7667	253 ln Module.symvers Module.symvers-modules
pankso@12803	254
gokhlayeh@11395	255 if [ ! -x /usr/bin/cook ]; then
gokhlayeh@11395	256 report close-bloc
gokhlayeh@11395	257 fi
pankso@3864	258 }
erjo@253	259
pankso@3	260 # Rules to gen a SliTaz package suitable for Tazpkg.
pankso@3	261 genpkg_rules()
pankso@3	262 {
pankso@12803	263 case "$ARCH" in
pankso@12803	264 arm)
pankso@12803	265 echo "Packing: ARM Kernel"
pankso@12803	266 cp -a $install/* $fs
pankso@12803	267 rm -f $fs/lib/modules//build $fs/lib/modules//source
pankso@12803	268 return 0 ;;
pankso@12803	269 x86_64)
pankso@12803	270 echo "TODO: use default or custom x86_64 packing"
pankso@12803	271 return 0 ;;
pankso@12803	272 esac
pankso@12803	273
pascal@12300	274 export PACKAGE VERSION
pascal@521	275 local path
pascal@7656	276 cp -a $_pkg/boot $fs
pankso@3	277 # Compress all modules.
pankso@12285	278 path=$fs/lib/modules/$KBASEVER-slitaz/kernel
pascal@521	279 mkdir -p $path
pankso@12285	280 cp -a $_pkg/lib/modules/$KBASEVER-slitaz/mo* \
pankso@12285	281 $fs/lib/modules/$KBASEVER-slitaz
pascal@14003	282 [ "$KBASEVER" != "$VERSION" ] &&
pascal@14003	283 ln -s $KBASEVER-slitaz $fs/lib/modules/$VERSION-slitaz
pankso@5640	284 # Get the base modules
pascal@886	285 export src
pascal@886	286 export _pkg
pankso@12285	287 mkdir -p $WOK/$PACKAGE/source/tmp
pascal@13577	288 # Warning stuff/list_modules.sh must find the generated modules.list
slaxemulator@9701	289 $stuff/list_modules.sh \
pankso@12285	290 $(cat $stuff/modules.list) > $WOK/$PACKAGE/source/tmp/modules.list
pankso@3864	291 while read module; do
pascal@521	292 dir=$(dirname $module)
pankso@535	293 [ -d $path/$dir ] \|\| mkdir -p $path/$dir
pankso@12285	294 cp -a $_pkg/lib/modules/$KBASEVER-slitaz/kernel/$module $path/$dir
pankso@12285	295 done < $WOK/$PACKAGE/source/tmp/modules.list
pascal@397	296 # Remove unresolved links
pankso@12285	297 rm -f $fs/lib/modules/$KBASEVER-slitaz/build
pankso@12285	298 rm -f $fs/lib/modules/$KBASEVER-slitaz/source
pankso@12285	299 # Cook all packages with a kernel module
pascal@13937	300 for i in $(cd $WOK; grep -l 'cook linux$' */receipt)
pankso@12285	301 do
pascal@13937	302 echo cook ${i%/receipt}
pankso@12285	303 done
pankso@12285	304 # Fixed modules.dep to use right path
pankso@12285	305 # saves 100kb of space too
pankso@12285	306 sed -i "s\|$_pkg\|\|g" $fs/lib/modules/$KBASEVER-slitaz/modules.dep
pankso@12285	307 sed -i "s\|99.98.$KBASEVER-slitaz\|$KBASEVER-slitaz\|g" $fs/lib/modules/$KBASEVER-slitaz/modules.dep
pankso@12803	308 # Check and echo any module in kernel .config that's not added to
pankso@5640	309 # one of linux-* pkgs
pankso@12803	310 $stuff/check_modules.sh
pankso@3	311 }
pankso@3	312
pankso@3	313 # Pre and post install commands for Tazpkg.
pankso@3	314 post_install()
pankso@3	315 {
pascal@521	316 echo "Processing post-install commands..."
pankso@12803	317 case "$ARCH" in
pankso@12803	318 arm)
pankso@12803	319 echo "Kernel : /boot/linux-$VERSION-slitaz-$ARCH"
pankso@12803	320 echo "Modules: /lib/modules/$VERSION-slitaz"
pankso@12803	321 return 0 ;;
pankso@12803	322 esac
pankso@12285	323 chroot "$1/" depmod -a $KBASEVER-slitaz
pankso@5640	324 # GRUB stuff.
pankso@1154	325 if [ -f "$1/boot/grub/menu.lst" ]; then
border@13797	326 root_dev="/dev/`lsblk \| grep '/$'\| grep -o '[a-z]d[a-z][0-9]*'`" # current root device
border@13797	327 grub_part="$(( `echo $root_dev \| grep -o '[0-9]*$'`-1 ))"
border@13797	328 grub_dev="`grep $(echo $root_dev \| grep -o '^/dev/.d.' ) $1/boot/grub/device.map \|\
border@13797	329 cut -f1 \| sed "s/)$/.$grub_part)/g"`" # use device.map to find grub device number
border@13797	330
border@13797	331 # Add and clean kernel entrys in case of upgrade for installed system.
border@13797	332 if ! grep -q vmlinuz-$VERSION-slitaz $1/boot/grub/menu.lst; then
border@13797	333
border@13797	334 #clean the old entry
border@13797	335 # TODO somewhere, the old vmlinuz file is removed.
border@13797	336 # but the entry is still there. this cause a grub error:15 when selected
border@13797	337 # see http://bugs.slitaz.org/?id=74
border@13797	338
border@13797	339 #add the new
border@13797	340 cat >> $1/boot/grub/menu.lst << EOT
pankso@4056	341
pankso@4056	342 title SliTaz GNU/Linux (Kernel $VERSION-slitaz)
border@13754	343 $grub_dev
border@13754	344 kernel /boot/vmlinuz-$VERSION-slitaz root=$root_dev quiet
pankso@4056	345 EOT
border@13754	346 # Make it the default entry
border@13754	347 last_entry=$(( $(grep -c '^title' $1/boot/grub/menu.lst)-1 ))
border@13754	348 sed -e "s/^default.*/default $last_entry/g" -i $1/boot/grub/menu.lst
pankso@4056	349 fi
pankso@4056	350 # Display information message.
border@13754	351 cat <<EOT
pankso@4056	352 ----
pankso@4056	353 GRUB is installed, these tree lines must be in your /boot/grub/menu.lst:
pankso@1154	354
pankso@1154	355 title SliTaz GNU/Linux (Kernel $VERSION-slitaz)
pankso@1154	356 $grub_dev
pankso@4056	357 kernel /boot/vmlinuz-$VERSION-slitaz root=$root_dev
pascal@886	358 ----
pascal@886	359 EOT
pankso@1154	360 fi
pankso@3	361 }

SliTaz Repositories

wok annotate linux/receipt @ rev 14517