diff options
-rw-r--r-- | sys-boot/tboot/Manifest | 1 | ||||
-rw-r--r-- | sys-boot/tboot/files/tboot-1.10.3-disable-Werror.patch | 12 | ||||
-rw-r--r-- | sys-boot/tboot/files/tboot-1.10.3-disable-strip.patch | 14 | ||||
-rw-r--r-- | sys-boot/tboot/tboot-1.10.3.ebuild | 65 |
4 files changed, 92 insertions, 0 deletions
diff --git a/sys-boot/tboot/Manifest b/sys-boot/tboot/Manifest index e82f629d1eb6..377ec022f4d8 100644 --- a/sys-boot/tboot/Manifest +++ b/sys-boot/tboot/Manifest @@ -1 +1,2 @@ +DIST tboot-1.10.3.tar.gz 906732 BLAKE2B 4015ba84fbc273d1f1ea3f302dd11e62d1866049a31674b8967a9c1be645f88f2fdbc8614e1f7d824010e8280484885392b34aedb2d9f32654a3065e75e0bd42 SHA512 998501cfb23511adf63c0e2a70f203b3a92328cba39948a6be2e0dc6600aaaf9fcc18dc1ffcdd00c43a5d2c688c34c912c7525fd54a5c673a764c34141be4b77 DIST tboot-1.9.11.tar.gz 709092 BLAKE2B 97b6ea5a09e1adbf1fbdc36516e0e80d3acc67469f297603125542aed8235e6533afb96e6c38885b87e4584392da40d9f65d00eced2b8a87a2ecf61a17c3a985 SHA512 5c2466438ad3ab95ca66fe4d460f4e6b31ccd3c6ac79221b129883df4180fce4878dd07a5f180bb79fae13b59fa90c05aeda7339159d1d950011a59645024b8a diff --git a/sys-boot/tboot/files/tboot-1.10.3-disable-Werror.patch b/sys-boot/tboot/files/tboot-1.10.3-disable-Werror.patch new file mode 100644 index 000000000000..5285227713ad --- /dev/null +++ b/sys-boot/tboot/files/tboot-1.10.3-disable-Werror.patch @@ -0,0 +1,12 @@ +diff -r 5a30b6b09e77 Config.mk +--- a/Config.mk Fri Dec 10 15:35:42 2021 +0100 ++++ b/Config.mk Sun Dec 12 14:53:57 2021 -0600 +@@ -39,7 +39,7 @@ + /dev/null 2>&1`"; then echo "$(2)"; else echo "$(3)"; fi ;) + + +-CFLAGS_WARN = -Wall -Wformat-security -Werror -Wstrict-prototypes \ ++CFLAGS_WARN = -Wall -Wformat-security -Wstrict-prototypes \ + -Wextra -Winit-self -Wswitch-default -Wunused-parameter \ + -Wwrite-strings \ + $(call cc-option,$(CC),-Wlogical-op,) \ diff --git a/sys-boot/tboot/files/tboot-1.10.3-disable-strip.patch b/sys-boot/tboot/files/tboot-1.10.3-disable-strip.patch new file mode 100644 index 000000000000..c7a7fd04c7b5 --- /dev/null +++ b/sys-boot/tboot/files/tboot-1.10.3-disable-strip.patch @@ -0,0 +1,14 @@ +diff -r 5a30b6b09e77 Config.mk +--- a/Config.mk Fri Dec 10 15:35:42 2021 +0100 ++++ b/Config.mk Sun Dec 12 14:52:19 2021 -0600 +@@ -56,10 +56,6 @@ + OBJCOPY ?= objcopy + OBJDUMP ?= objdump + +-ifeq ($(debug),n) +-INSTALL_STRIP ?= -s +-endif +- + INSTALL ?= install + INSTALL_DIR = $(INSTALL) -d -m0755 -p + INSTALL_DATA = $(INSTALL) -m0644 -p diff --git a/sys-boot/tboot/tboot-1.10.3.ebuild b/sys-boot/tboot/tboot-1.10.3.ebuild new file mode 100644 index 000000000000..82f0b645458c --- /dev/null +++ b/sys-boot/tboot/tboot-1.10.3.ebuild @@ -0,0 +1,65 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit mount-boot toolchain-funcs + +DESCRIPTION="Performs a measured and verified boot using Intel Trusted Execution Technology" +HOMEPAGE="https://sourceforge.net/projects/tboot/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="-* ~amd64 ~x86" +IUSE="custom-cflags selinux" + +# requires patching the kernel src +RESTRICT="test" + +DEPEND="dev-libs/openssl:0=[-bindist(-)]" + +RDEPEND="${DEPEND} + sys-boot/grub:2 + selinux? ( sec-policy/selinux-tboot )" + +DOCS=( README.md COPYING CHANGELOG ) +PATCHES=( "${FILESDIR}/${PN}-1.10.3-disable-Werror.patch" + "${FILESDIR}/${PN}-1.10.3-disable-strip.patch" ) + +src_configure() { + tc-export AS LD CC CPP AR RANLIB NM OBJCOPY OBJDUMP + + default +} + +src_compile() { + use custom-cflags && export TBOOT_CFLAGS=${CFLAGS} || unset CCASFLAGS CFLAGS CPPFLAGS LDFLAGS + + if use amd64; then + export MAKEARGS="TARGET_ARCH=x86_64" + else + export MAKEARGS="TARGET_ARCH=i686" + fi + + default +} + +src_install() { + emake DISTDIR="${D}" install + + dodoc "${DOCS[@]}" + dodoc docs/*.{txt,md} + + cd "${ED}" || die + mkdir -p usr/lib/tboot/ || die + mv boot usr/lib/tboot/ || die +} + +pkg_postinst() { + cp "${ROOT}/usr/lib/tboot/boot/"* "${ROOT}/boot/" || die + + ewarn "Please remember to download the SINIT AC Module relevant" + ewarn "for your platform from:" + ewarn "http://software.intel.com/en-us/articles/intel-trusted-execution-technology/" +} |