diff options
Diffstat (limited to 'sys-boot')
| -rw-r--r-- | sys-boot/tboot/Manifest | 4 | ||||
| -rw-r--r-- | sys-boot/tboot/files/1.8.2-genkernel_arch.patch | 57 | ||||
| -rw-r--r-- | sys-boot/tboot/metadata.xml | 13 | ||||
| -rw-r--r-- | sys-boot/tboot/tboot-1.8.2.ebuild | 66 |
4 files changed, 140 insertions, 0 deletions
diff --git a/sys-boot/tboot/Manifest b/sys-boot/tboot/Manifest new file mode 100644 index 00000000..d4680d65 --- /dev/null +++ b/sys-boot/tboot/Manifest @@ -0,0 +1,4 @@ +AUX 1.8.2-genkernel_arch.patch 2318 SHA256 bb30746f3bed4fc1a3a942938e98e3f47581b2065d0a634bf3854a9489ebae03 SHA512 02af1ee0c31000766d0266c501bd7d1eed2ac338e7e7ef9d825221ec8010d995e3a74ac45be5de636bf946ac63ad593f0a7144a93ba72c8beca7bb3b94d8a711 WHIRLPOOL 9fcedbcc861906a83bc0235a410f69759efc25b7e3e3d70b81c5b7d8df665e5c4e7153377ab5ab80b697211f7396a3e36a0176106824ece09eb620d8bead8dc9 +DIST tboot-1.8.2.tar.gz 566048 SHA256 358c7b22412087927d6d04b130c1268e5d00252b4caef0fe3cdaa5194f652cd1 SHA512 d79c28085dea7f986054d3a564c56320c071c6d36ef6fcb63f85d4ee53da461539c773ab0b604396957c2f1e90646f3d432e2acf2e23f18e5280be48328ffcd8 WHIRLPOOL da12b01133919565eb868ec7a2ccd4cf4032048649a93d7c937fb0213f00d15a92aebac5960e776d4a02e3dfe5ead8beafc798acd3dfedffe2469c138210a918 +EBUILD tboot-1.8.2.ebuild 1539 SHA256 3dd8b6cd636736ecb5171163a26f86fdb86dc076891a868b60c2d8365f43a2a3 SHA512 6bf19903da7f34c6d160ecd4f50ffd39c2164170bfd93520e64836a556bc2549759530743e82c3367bedef7a2cc7f3c8e992cc992e10da3cb4df040b7a24b77e WHIRLPOOL 4911ec52f0068d919a7c64644a30a686e467417683fd5e90004330648fdc11ac74b8b856b388cccb617beccef6983e0635725dd42b7c3c7c7cceb4888fd5331c +MISC metadata.xml 441 SHA256 557e1e60e74b36596f3dc85fc0cb0523685c32c26ec8f6444a2bb305e935e2f4 SHA512 c644649a998b901a33cd7e3452e20813b96e4331211d3d6a702237f4ca55e7bab2ad11cef80656e8097768ec3e8f1fbf1b01f3f07efa6b3b1c032787a25da38b WHIRLPOOL 501641a2c2dd5aa374bc09e2bb58bd1a3d1a7eef78c6f8e4fe15fe7ffc89ec086577697aa5d73ae145f5433e8d321e964ce78c41a7143b399d7b075204e850d7 diff --git a/sys-boot/tboot/files/1.8.2-genkernel_arch.patch b/sys-boot/tboot/files/1.8.2-genkernel_arch.patch new file mode 100644 index 00000000..7fdcad65 --- /dev/null +++ b/sys-boot/tboot/files/1.8.2-genkernel_arch.patch @@ -0,0 +1,57 @@ +diff -ru tboot-1.8.2.orig/tboot/20_linux_tboot tboot-1.8.2/tboot/20_linux_tboot +--- tboot-1.8.2.orig/tboot/20_linux_tboot 2014-08-02 00:18:58.397147454 +0400 ++++ tboot-1.8.2/tboot/20_linux_tboot 2014-08-02 00:20:09.766700748 +0400 +@@ -121,6 +121,15 @@ + EOF + } + ++machine=`uname -m` ++case "$machine" in ++ i?86) GENKERNEL_ARCH="x86" ;; ++ mips|mips64) GENKERNEL_ARCH="mips" ;; ++ mipsel|mips64el) GENKERNEL_ARCH="mipsel" ;; ++ arm*) GENKERNEL_ARCH="arm" ;; ++ *) GENKERNEL_ARCH="$machine" ;; ++esac ++ + linux_list=`for i in /boot/vmlinu[xz]-* /vmlinu[xz]-* ; do + basename=$(basename $i) + version=$(echo $basename | sed -e "s,^[^0-9]*-,,g") +@@ -159,6 +168,8 @@ + "initrd-${version}" "initramfs-${version}.img" \ + "initrd.img-${alt_version}" "initrd-${alt_version}.img" \ + "initrd-${alt_version}" "initramfs-${alt_version}.img" \ ++ "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \ ++ "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}" \ + "initramfs-genkernel-${version}" \ + "initramfs-genkernel-${alt_version}"; do + if test -e "${dirname}/${i}" ; then +diff -ru tboot-1.8.2.orig/tboot/20_linux_xen_tboot tboot-1.8.2/tboot/20_linux_xen_tboot +--- tboot-1.8.2.orig/tboot/20_linux_xen_tboot 2014-08-02 00:18:58.397147454 +0400 ++++ tboot-1.8.2/tboot/20_linux_xen_tboot 2014-08-02 00:21:12.840438230 +0400 +@@ -147,6 +147,16 @@ + if [ "x${linux_list}" = "x" ] ; then + exit 0 + fi ++ ++machine=`uname -m` ++case "$machine" in ++ i?86) GENKERNEL_ARCH="x86" ;; ++ mips|mips64) GENKERNEL_ARCH="mips" ;; ++ mipsel|mips64el) GENKERNEL_ARCH="mipsel" ;; ++ arm*) GENKERNEL_ARCH="arm" ;; ++ *) GENKERNEL_ARCH="$machine" ;; ++esac ++ + xen_list=`for i in /boot/xen*; do + if grub_file_is_not_garbage "$i" ; then echo -n "$i " ; fi + done` +@@ -188,6 +198,8 @@ + for i in "initrd.img-${version}" "initrd-${version}.img" \ + "initrd-${version}" "initrd.img-${alt_version}" \ + "initrd-${alt_version}.img" "initrd-${alt_version}" \ ++ "initramfs-genkernel-${GENKERNEL_ARCH}-${version}" \ ++ "initramfs-genkernel-${GENKERNEL_ARCH}-${alt_version}" \ + "initramfs-genkernel-${version}" \ + "initramfs-genkernel-${alt_version}" ; do + if test -e "${dirname}/${i}" ; then diff --git a/sys-boot/tboot/metadata.xml b/sys-boot/tboot/metadata.xml new file mode 100644 index 00000000..690f61c3 --- /dev/null +++ b/sys-boot/tboot/metadata.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>hardened</herd> + <maintainer> + <email>jason@perfinion.com</email> + <name>Jason Zaman</name> + </maintainer> + + <longdescription lang="en"> + A pre-kernel/VMM module that uses Intel(R) Trusted Execution Technology to perform a measured and verified launch of an OS kernel/VMM. + </longdescription> +</pkgmetadata> diff --git a/sys-boot/tboot/tboot-1.8.2.ebuild b/sys-boot/tboot/tboot-1.8.2.ebuild new file mode 100644 index 00000000..5ec44e0c --- /dev/null +++ b/sys-boot/tboot/tboot-1.8.2.ebuild @@ -0,0 +1,66 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +EAPI=5 + +inherit flag-o-matic mount-boot + +DESCRIPTION="A module that uses Intel(R) Trusted Execution Technology to perform a measured and verified boot" +HOMEPAGE="http://sourceforge.net/projects/tboot/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~x86 -*" +IUSE="custom-cflags" + +RESTRICT="test" # test is restricted because it requires patching the kernel src + +DEPEND="app-crypt/trousers sys-boot/grub:2" +RDEPEND="${DEPEND}" +DOCS=(README COPYING CHANGELOG) + +src_prepare() { + epatch "${FILESDIR}/1.8.2-genkernel_arch.patch" + + epatch_user + + sed -i 's/ -Werror//g' Config.mk + sed -i 's/^INSTALL_STRIP = -s$//' Config.mk +} + +src_compile() { + use custom-cflags && export TBOOT_CFLAGS=${CFLAGS} || unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS + + if use amd64; then + MAKEARGS="TARGET_ARCH=x86_64" + else + MAKEARGS="TARGET_ARCH=i686" + fi + + emake ${MAKEARGS} build +} + +src_install() { + emake DISTDIR="${D}" install + + dodoc "${DOCS[@]}" + dodoc docs/*.txt lcptools/*.{txt,pdf} || die "docs failed" + + cd "${D}" + mkdir -p usr/lib/tboot/ || die + mv boot usr/lib/tboot/ || die +} + +pkg_postinst() { + mount-boot_mount_boot_partition + + cp ${ROOT%/}/usr/lib/tboot/boot/* ${ROOT%/}/boot/ + + mount-boot_pkg_postinst + + ewarn "Please remember to download the SINIT AC Module relevant" + ewarn "for your platform from:" + ewarn "http://software.intel.com/en-us/articles/intel-trusted-execution-technology/" +} |