[gentoo-commits] repo/gentoo:master commit in: app-antivirus/lkrg/, app-antivirus/lkrg/files/

Sun, 13 Mar 2022 12:45:40 -0700 

commit:     a3de812e6add378ff4dc3c5b3354e52989652099
Author:     John Helmert III <ajak <AT> gentoo <DOT> org>
AuthorDate: Sun Mar 13 19:33:09 2022 +0000
Commit:     John Helmert III <ajak <AT> gentoo <DOT> org>
CommitDate: Sun Mar 13 19:39:38 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a3de812e

app-antivirus/lkrg: initial import

Signed-off-by: John Helmert III <ajak <AT> gentoo.org>

 app-antivirus/lkrg/Manifest                        |  2 ++
 ...lkrg-0.9.2-systemd-coredump-umh-whitelist.patch | 23 +++++++++++++
 app-antivirus/lkrg/lkrg-0.9.2.ebuild               | 39 ++++++++++++++++++++++
 app-antivirus/lkrg/metadata.xml                    | 11 ++++++
 4 files changed, 75 insertions(+)

diff --git a/app-antivirus/lkrg/Manifest b/app-antivirus/lkrg/Manifest
new file mode 100644
index 000000000000..23ac54a2e6e6
--- /dev/null
+++ b/app-antivirus/lkrg/Manifest
@@ -0,0 +1,2 @@
+DIST lkrg-0.9.2.tar.gz 125976 BLAKE2B 
c3da2d4599c9dd5b7d6fbec426fd93d802715f6c8566471f82c8f1c7d31621ebb4a2cc4c285d076aad6a6ee6b1bb790debbb365cfc6220192df049ac1d3c67a9
 SHA512 
5fec807618817bcb516e1a6779def6979badbdac6fe9b38fcce8425a0c7ebe3fb55c05d3080d8cac2d67cac6e8b7d2d77b3a1be450227299e2a02a311e223331
+DIST lkrg-0.9.2.tar.gz.sign 801 BLAKE2B 
0cd8b18c8a0fbcca61ffa868b406d048461ddf9189fb08f15faa45e01b8731906a6b14105dfcf92bb5124373860f6695594063ee8d138c94c70adf471bc15e0a
 SHA512 
18b547ca84a7fd2957484857e17983408e92fd005d58b77b399c5156ecb09fc5e9e6c910337654a2655883d103098c1769b1993017eec753bd21e63d6491ad04

diff --git 
a/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch 
b/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch
new file mode 100644
index 000000000000..438784aff16e
--- /dev/null
+++ b/app-antivirus/lkrg/files/lkrg-0.9.2-systemd-coredump-umh-whitelist.patch
@@ -0,0 +1,23 @@
+commit 7939aa03e00e7e48781d405743e2f2d31fca113b
+Author: John Helmert III <a...@gentoo.org>
+Date:   Fri Jan 7 01:46:35 2022 -0600
+
+    Add non-usr-merged systemd-coredump to UMH whitelist
+    
+    Some distributions haven't merged /usr yet, so add the alternative
+    path for systemd-coredump.
+    
+    Signed-off-by: John Helmert III <a...@gentoo.org>
+
+diff --git 
a/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c
 
b/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c
+index ac2a737..7387135 100644
+--- 
a/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c
++++ 
b/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c
+@@ -45,6 +45,7 @@ static const char * const p_umh_global[] = {
+    "/etc/acpi/events/RadioPower.sh",
+    "/etc/acpi/wireless-rtl-ac-dc-power.sh",
+    "/lib/systemd/systemd-cgroups-agent",
++   "/lib/systemd/systemd-coredump",
+    "/sbin/bridge-stp",
+    "/sbin/critical_overtemp",
+    "/sbin/drbdadm",

diff --git a/app-antivirus/lkrg/lkrg-0.9.2.ebuild 
b/app-antivirus/lkrg/lkrg-0.9.2.ebuild
new file mode 100644
index 000000000000..6ebde500879b
--- /dev/null
+++ b/app-antivirus/lkrg/lkrg-0.9.2.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit linux-mod linux-info verify-sig
+
+DESCRIPTION="Linux Kernel Runtime Guard"
+HOMEPAGE="https://lkrg.org";
+SRC_URI="https://lkrg.org/download/${P}.tar.gz
+       verify-sig? ( https://lkrg.org/download/${P}.tar.gz.sign )"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64"
+
+BDEPEND="verify-sig? ( sec-keys/openpgp-keys-openwall )"
+
+PATCHES=( "${FILESDIR}/${PN}-${PV}-systemd-coredump-umh-whitelist.patch" )
+
+MODULE_NAMES="p_lkrg(misc:${S}:${S})"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/openwall.asc"
+
+pkg_setup() {
+       local CONFIG_CHECK="MODULE_UNLOAD KALLSYMS_ALL JUMP_LABEL"
+       linux-mod_pkg_setup
+
+       # compile against selected (not running) target
+       BUILD_PARAMS="P_KVER=${KV_FULL} P_KERNEL=${KERNEL_DIR}"
+       BUILD_TARGETS="all"
+}
+
+src_unpack() {
+       if use verify-sig; then
+               verify-sig_verify_detached ${DISTDIR}/${P}.tar.gz{,.sign}
+       fi
+
+       default
+}

diff --git a/app-antivirus/lkrg/metadata.xml b/app-antivirus/lkrg/metadata.xml
new file mode 100644
index 000000000000..e9dbfa382604
--- /dev/null
+++ b/app-antivirus/lkrg/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd";>
+<pkgmetadata>
+       <maintainer type="person">
+               <email>a...@gentoo.org</email>
+               <name>John Helmert III</name>
+       </maintainer>
+       <upstream>
+               <remote-id type="github">lkrg-org/lkrg</remote-id>
+       </upstream>
+</pkgmetadata>

Reply via email to