diff options
author | Jason Zaman <jason@perfinion.com> | 2015-05-07 03:26:58 +0400 |
---|---|---|
committer | Jason Zaman <jason@perfinion.com> | 2015-05-07 03:27:46 +0400 |
commit | 3bf93797179b43e8d97a66356a9bddefe44d1ccf (patch) | |
tree | 0a6a992dcb956f9c239dec284d1f3e1853121018 | |
parent | sys-kernel/hardened-sources: testing patchset 20150504 (diff) | |
download | hardened-dev-3bf93797179b43e8d97a66356a9bddefe44d1ccf.tar.gz hardened-dev-3bf93797179b43e8d97a66356a9bddefe44d1ccf.tar.bz2 hardened-dev-3bf93797179b43e8d97a66356a9bddefe44d1ccf.zip |
tboot: add pcid disable patch
-rw-r--r-- | sys-boot/tboot/Manifest | 3 | ||||
-rw-r--r-- | sys-boot/tboot/files/tboot-1.8.2-disable-pcid.patch | 26 | ||||
-rw-r--r-- | sys-boot/tboot/tboot-1.8.2.ebuild | 9 |
3 files changed, 33 insertions, 5 deletions
diff --git a/sys-boot/tboot/Manifest b/sys-boot/tboot/Manifest index a6419b3f..536ad8b9 100644 --- a/sys-boot/tboot/Manifest +++ b/sys-boot/tboot/Manifest @@ -1,5 +1,6 @@ +AUX tboot-1.8.2-disable-pcid.patch 1004 SHA256 89db7965c60f6e269c10063500b940a2afbc8698efd6149acdab3954ed4c6016 SHA512 8ea33ca7d75089b09e4898d82fc0e6e8c93354acfb9908c5e62337158006d53e58cb75339c2efed750e55a2035a6b564995567cf6600fd3753dbabb003510a61 WHIRLPOOL 79cef14a0f6e57d00184767ee65d1323b7aa65acb185c53da8ddfa7937c345afbd710ba1d4f1bdb8468c58c308542110b7feee719a50af1992bf61d569373a13 AUX tboot-1.8.2-genkernel_arch.patch 2318 SHA256 bb30746f3bed4fc1a3a942938e98e3f47581b2065d0a634bf3854a9489ebae03 SHA512 02af1ee0c31000766d0266c501bd7d1eed2ac338e7e7ef9d825221ec8010d995e3a74ac45be5de636bf946ac63ad593f0a7144a93ba72c8beca7bb3b94d8a711 WHIRLPOOL 9fcedbcc861906a83bc0235a410f69759efc25b7e3e3d70b81c5b7d8df665e5c4e7153377ab5ab80b697211f7396a3e36a0176106824ece09eb620d8bead8dc9 AUX tboot-1.8.2-stack-check-no.patch 718 SHA256 ed3459b326957f709bc05dbc4de70215913faa74dc6342a1bef2878d8ea9481a SHA512 b7295f4d152e11eb49fa61085b42389e3edf063182ebd8c681e06e2025744516a3386dc5688ce53cd87c024d7fdcdcb54f0f1b04898704613137ed8eaaf7781f WHIRLPOOL afc4564cd6b25e73f26332e6cb436a5284e52622403405b33a605a412039173ee873e13f05cbbf6b551c08c6aa56d28a9e5579b13b5211b2711b0bfc1d2a4c8e DIST tboot-1.8.2.tar.gz 566048 SHA256 358c7b22412087927d6d04b130c1268e5d00252b4caef0fe3cdaa5194f652cd1 SHA512 d79c28085dea7f986054d3a564c56320c071c6d36ef6fcb63f85d4ee53da461539c773ab0b604396957c2f1e90646f3d432e2acf2e23f18e5280be48328ffcd8 WHIRLPOOL da12b01133919565eb868ec7a2ccd4cf4032048649a93d7c937fb0213f00d15a92aebac5960e776d4a02e3dfe5ead8beafc798acd3dfedffe2469c138210a918 -EBUILD tboot-1.8.2.ebuild 1773 SHA256 8e02fe11aa0e6132c3740f8ccd293e7c918dd1408ce736fee57a12bd318ca711 SHA512 21d5d5dbe4ee9463a5d39547996980c773cfd30f8779f3ffaf1bf5506f7173fadb165f60734397c8a2abec1178e6fcd54cc6defa6753aea0fa91a28d60578f18 WHIRLPOOL 022e628a0801cc8a8140f485e52053dc5763c9078d7a0691ff9e0278075018e537936f7e39cfd453257e4cdeab140eca576cd0bbab9f8954b60f73c71b1accc9 +EBUILD tboot-1.8.2.ebuild 1873 SHA256 6105c3970174435c290136d4ea5333ee95192118cdc687d2c998c63ccc1dc854 SHA512 4501ed6bd9c411ad87a9f19ffd5aca63b373adb4e10ac5dddff6c0d6059b09254a1c12cd1b1e8e816350c01a29b6167e3c708749b59db0594a4d7c2a61e456df WHIRLPOOL d9434f5db7fee3fe9c3b0a07d0cb2f9a38ab29dc23d9e3514ccd11ffdbc2b2984c4665fa55c036d4d3c9f721479ffc38f84d7cbdb9c22a4d47b56e519068c492 MISC metadata.xml 419 SHA256 776ffd511903ed035840f13b8a6b6245e6e2300b5a4463bc08679d34c05f23fb SHA512 15307c17ba26bc6db917dc50497115bddfd537d3c3919b1ab39da553379840729d596eed8cc8168bcb660fa292f55916edef3efa2c45a6c7ae65cf755fee3536 WHIRLPOOL 1ad2d3e6d626d4725c465eb96253454e29a55be235ef9e991b1c1c1f0be7f71ac367cede5a8a15f982d6e138859105e4f1b75e2c9cdc91544f07e4448aaeebde diff --git a/sys-boot/tboot/files/tboot-1.8.2-disable-pcid.patch b/sys-boot/tboot/files/tboot-1.8.2-disable-pcid.patch new file mode 100644 index 00000000..383338e6 --- /dev/null +++ b/sys-boot/tboot/files/tboot-1.8.2-disable-pcid.patch @@ -0,0 +1,26 @@ +diff -ur tboot-1.8.2.orig/tboot/common/shutdown.S tboot-1.8.2/tboot/common/shutdown.S +--- tboot-1.8.2.orig/tboot/common/shutdown.S 2014-07-28 12:24:22.000000000 +0400 ++++ tboot-1.8.2/tboot/common/shutdown.S 2015-05-07 03:05:47.300985413 +0400 +@@ -34,6 +34,11 @@ + */ + + compat_mode_entry: ++ /* Disable PCID */ ++ movl %cr4, %eax ++ andl $~CR4_PCIDE, %eax ++ movl %eax, %cr4 ++ + /* Disable paging and therefore leave 64 bit mode. */ + movl %cr0, %eax + andl $~CR0_PG, %eax +diff -ur tboot-1.8.2.orig/tboot/include/processor.h tboot-1.8.2/tboot/include/processor.h +--- tboot-1.8.2.orig/tboot/include/processor.h 2014-07-28 12:24:22.000000000 +0400 ++++ tboot-1.8.2/tboot/include/processor.h 2015-05-07 03:04:58.721244858 +0400 +@@ -92,6 +92,7 @@ + #define CR4_XMM 0x00000400 /* enable SIMD/MMX2 to use except 16 */ + #define CR4_VMXE 0x00002000/* enable VMX */ + #define CR4_SMXE 0x00004000/* enable SMX */ ++#define CR4_PCIDE 0x00020000/* enable PCID */ + + #ifndef __ASSEMBLY__ + diff --git a/sys-boot/tboot/tboot-1.8.2.ebuild b/sys-boot/tboot/tboot-1.8.2.ebuild index 389c93c1..bcfc0043 100644 --- a/sys-boot/tboot/tboot-1.8.2.ebuild +++ b/sys-boot/tboot/tboot-1.8.2.ebuild @@ -26,10 +26,11 @@ sys-boot/grub:2" DOCS=(README COPYING CHANGELOG) src_prepare() { - epatch "${FILESDIR}/${P}-genkernel_arch.patch" - epatch "${FILESDIR}/${P}-stack-check-no.patch" # breaks with ssp - sed -i 's/ -Werror//g' Config.mk - sed -i 's/^INSTALL_STRIP = -s$//' Config.mk # QA Errors + epatch "${FILESDIR}/tboot-1.8.2-genkernel_arch.patch" + epatch "${FILESDIR}/tboot-1.8.2-stack-check-no.patch" # breaks with ssp + epatch "${FILESDIR}/tboot-1.8.2-disable-pcid.patch" # PaX enables pcid + sed -i 's/ -Werror//g' Config.mk || die + sed -i 's/^INSTALL_STRIP = -s$//' Config.mk || die # QA Errors # the version number is wrong in the grub files sed -i 's/tboot_version="1.8.1"/tboot_version="1.8.2"/' tboot/20_linux*tboot |