patch for hardened

(Portage version: 2.1.10.49/cvs/Linux x86_64)

4 files changed, 178 insertions, 82 deletions

diff --git a/app-emulation/vmware-modules/ChangeLog b/app-emulation/vmware-modules/ChangeLog
index e107a0a9e80d..6365aadbe3f6 100644
--- a/app-emulation/vmware-modules/ChangeLog
+++ b/app-emulation/vmware-modules/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for app-emulation/vmware-modules
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/vmware-modules/ChangeLog,v 1.89 2012/03/12 13:36:34 vadimk Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/vmware-modules/ChangeLog,v 1.90 2012/03/24 12:37:01 vadimk Exp $
+
+  24 Mar 2012; Vadim Kuznetsov <vadimk@gentoo.org> +files/hardened.patch,
+  -vmware-modules-264.1.ebuild, vmware-modules-264.2.ebuild:
+  patch for hardened
 
   12 Mar 2012; Vadim Kuznetsov <vadimk@gentoo.org> +files/264.2-3.2.0.patch:
   missing patch
diff --git a/app-emulation/vmware-modules/files/hardened.patch b/app-emulation/vmware-modules/files/hardened.patch
new file mode 100644
index 000000000000..ea1b0f300751
--- /dev/null
+++ b/app-emulation/vmware-modules/files/hardened.patch
@@ -0,0 +1,170 @@
+diff --git a/vmci-only/linux/driver.c b/vmci-only/linux/driver.c
+index 921f25c..41a39e3 100644
+--- a/vmci-only/linux/driver.c
++++ b/vmci-only/linux/driver.c
+@@ -241,7 +241,24 @@ static unsigned int LinuxDriverPoll(struct file *file, poll_table *wait);
+ #define LinuxDriverUnlockIoctlPerFD(mutex) do {} while (0)
+ #endif
+ 
+-static struct file_operations vmuser_fops;
++/*
++ * Moved file operations initialize here because of incompatibilites
++ * with Gentoo hardened profile/hardend Linux 3.
++ */
++static struct file_operations vmuser_fops = {
++    .owner = THIS_MODULE,
++    .poll = LinuxDriverPoll,
++#ifdef HAVE_UNLOCKED_IOCTL
++    .unlocked_ioctl = LinuxDriver_UnlockedIoctl,
++#else
++    .ioctl = LinuxDriver_Ioctl,
++#endif
++#ifdef HAVE_COMPAT_IOCTL
++    .compat_ioctl = LinuxDriver_UnlockedIoctl,
++#endif
++    .open = LinuxDriver_Open,
++    .release = LinuxDriver_Close
++};
+ 
+ 
+ /*
+@@ -378,26 +395,6 @@ vmci_host_init(void)
+       return -ENOMEM;
+    }
+ 
+-   /*
+-    * Initialize the file_operations structure. Because this code is always
+-    * compiled as a module, this is fine to do it here and not in a static
+-    * initializer.
+-    */
+-
+-   memset(&vmuser_fops, 0, sizeof vmuser_fops);
+-   vmuser_fops.owner = THIS_MODULE;
+-   vmuser_fops.poll = LinuxDriverPoll;
+-#ifdef HAVE_UNLOCKED_IOCTL
+-   vmuser_fops.unlocked_ioctl = LinuxDriver_UnlockedIoctl;
+-#else
+-   vmuser_fops.ioctl = LinuxDriver_Ioctl;
+-#endif
+-#ifdef HAVE_COMPAT_IOCTL
+-   vmuser_fops.compat_ioctl = LinuxDriver_UnlockedIoctl;
+-#endif
+-   vmuser_fops.open = LinuxDriver_Open;
+-   vmuser_fops.release = LinuxDriver_Close;
+-
+    sprintf(linuxState.deviceName, "vmci");
+    linuxState.major = 10;
+    linuxState.misc.minor = MISC_DYNAMIC_MINOR;
+diff --git a/vmmon-only/linux/driver.c b/vmmon-only/linux/driver.c
+index b21dd44..960c2aa 100644
+--- a/vmmon-only/linux/driver.c
++++ b/vmmon-only/linux/driver.c
+@@ -178,7 +178,22 @@ static struct vm_operations_struct vmuser_mops = {
+ #endif
+ };
+ 
+-static struct file_operations vmuser_fops;
++static struct file_operations vmuser_fops = {
++   .owner = THIS_MODULE,
++   .poll = LinuxDriverPoll,
++#ifdef HAVE_UNLOCKED_IOCTL
++   .unlocked_ioctl = LinuxDriver_UnlockedIoctl,
++#else
++   .ioctl = LinuxDriver_Ioctl,
++#endif
++#ifdef HAVE_COMPAT_IOCTL
++   .compat_ioctl = LinuxDriver_UnlockedIoctl,
++#endif
++   .open = LinuxDriver_Open,
++   .release = LinuxDriver_Close,
++   .mmap = LinuxDriverMmap
++};
++
+ static struct timer_list tscTimer;
+ 
+ /*
+@@ -357,27 +372,6 @@ init_module(void)
+    spin_lock_init(&linuxState.pollListLock);
+ #endif
+ 
+-   /*
+-    * Initialize the file_operations structure. Because this code is always
+-    * compiled as a module, this is fine to do it here and not in a static
+-    * initializer.
+-    */
+-
+-   memset(&vmuser_fops, 0, sizeof vmuser_fops);
+-   vmuser_fops.owner = THIS_MODULE;
+-   vmuser_fops.poll = LinuxDriverPoll;
+-#ifdef HAVE_UNLOCKED_IOCTL
+-   vmuser_fops.unlocked_ioctl = LinuxDriver_UnlockedIoctl;
+-#else
+-   vmuser_fops.ioctl = LinuxDriver_Ioctl;
+-#endif
+-#ifdef HAVE_COMPAT_IOCTL
+-   vmuser_fops.compat_ioctl = LinuxDriver_UnlockedIoctl;
+-#endif
+-   vmuser_fops.open = LinuxDriver_Open;
+-   vmuser_fops.release = LinuxDriver_Close;
+-   vmuser_fops.mmap = LinuxDriverMmap;
+-
+ #ifdef VMX86_DEVEL
+    devel_init_module();
+    linuxState.minor = 0;
+diff --git a/vmnet-only/driver.c b/vmnet-only/driver.c
+index b12b982..40bd4cf 100644
+--- a/vmnet-only/driver.c
++++ b/vmnet-only/driver.c
+@@ -165,7 +165,22 @@ static long  VNetFileOpUnlockedIoctl(struct file * filp,
+                                      unsigned int iocmd, unsigned long ioarg);
+ #endif
+ 
+-static struct file_operations vnetFileOps;
++static struct file_operations vnetFileOps = {
++   .owner = THIS_MODULE,
++   .read = VNetFileOpRead,
++   .write = VNetFileOpWrite,
++   .poll = VNetFileOpPoll,
++#ifdef HAVE_UNLOCKED_IOCTL
++   .unlocked_ioctl = VNetFileOpUnlockedIoctl,
++#else
++   .ioctl = VNetFileOpIoctl,
++#endif
++#ifdef HAVE_COMPAT_IOCTL
++   .compat_ioctl = VNetFileOpUnlockedIoctl,
++#endif
++   .open = VNetFileOpOpen,
++   .release = VNetFileOpClose
++};
+ 
+ /*
+  * Utility functions
+@@ -476,28 +491,6 @@ init_module(void)
+       goto err_proto;
+    }
+ 
+-   /*
+-    * Initialize the file_operations structure. Because this code is always
+-    * compiled as a module, this is fine to do it here and not in a static
+-    * initializer.
+-    */
+-
+-   memset(&vnetFileOps, 0, sizeof vnetFileOps);
+-   vnetFileOps.owner = THIS_MODULE;
+-   vnetFileOps.read = VNetFileOpRead;
+-   vnetFileOps.write = VNetFileOpWrite;
+-   vnetFileOps.poll = VNetFileOpPoll;
+-#ifdef HAVE_UNLOCKED_IOCTL
+-   vnetFileOps.unlocked_ioctl = VNetFileOpUnlockedIoctl;
+-#else
+-   vnetFileOps.ioctl = VNetFileOpIoctl;
+-#endif
+-#ifdef HAVE_COMPAT_IOCTL
+-   vnetFileOps.compat_ioctl = VNetFileOpUnlockedIoctl;
+-#endif
+-   vnetFileOps.open = VNetFileOpOpen;
+-   vnetFileOps.release = VNetFileOpClose;
+-
+    retval = register_chrdev(VNET_MAJOR_NUMBER, "vmnet", &vnetFileOps);
+    if (retval) {
+       LOG(0, (KERN_NOTICE "/dev/vmnet: could not register major device %d\n",
diff --git a/app-emulation/vmware-modules/vmware-modules-264.1.ebuild b/app-emulation/vmware-modules/vmware-modules-264.1.ebuild
deleted file mode 100644
index a35a17403423..000000000000
--- a/app-emulation/vmware-modules/vmware-modules-264.1.ebuild
+++ /dev/null
@@ -1,79 +0,0 @@
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/vmware-modules/vmware-modules-264.1.ebuild,v 1.2 2012/01/06 14:30:38 vadimk Exp $
-
-EAPI="2"
-
-inherit eutils flag-o-matic linux-info linux-mod versionator
-
-PV_MAJOR=$(get_major_version)
-PV_MINOR=$(get_version_component_range 2)
-
-DESCRIPTION="VMware kernel modules"
-HOMEPAGE="http://www.vmware.com/"
-
-SRC_URI=""
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-
-RDEPEND=""
-DEPEND="${RDEPEND}
-	|| ( =app-emulation/vmware-player-4.0.${PV_MINOR}*
-	=app-emulation/vmware-workstation-8.0.${PV_MINOR}* )"
-
-S=${WORKDIR}
-
-pkg_setup() {
-	CONFIG_CHECK="~HIGH_RES_TIMERS"
-	if kernel_is ge 2 6 37 && kernel_is lt 2 6 39; then
-		CONFIG_CHECK="${CONFIG_CHECK} BKL"
-	fi
-
-	linux-info_pkg_setup
-
-	linux-mod_pkg_setup
-
-	VMWARE_GROUP=${VMWARE_GROUP:-vmware}
-
-	VMWARE_MODULE_LIST="vmblock vmci vmmon vmnet vsock"
-	VMWARE_MOD_DIR="${PN}-${PVR}"
-
-	BUILD_TARGETS="auto-build KERNEL_DIR=${KERNEL_DIR} KBUILD_OUTPUT=${KV_OUT_DIR}"
-
-	enewgroup "${VMWARE_GROUP}"
-	filter-flags -mfpmath=sse
-
-	for mod in ${VMWARE_MODULE_LIST}; do
-		MODULE_NAMES="${MODULE_NAMES} ${mod}(misc:${S}/${mod}-only)"
-	done
-}
-
-src_unpack() {
-	cd "${S}"
-	for mod in ${VMWARE_MODULE_LIST}; do
-		tar -xf /opt/vmware/lib/vmware/modules/source/${mod}.tar
-	done
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PV_MAJOR}-makefile-kernel-dir.patch"
-	epatch "${FILESDIR}/${PV_MAJOR}-makefile-include.patch"
-	epatch "${FILESDIR}/${PV_MAJOR}-jobserver.patch"
-	epatch "${FILESDIR}/${PV_MAJOR}-netdevice.patch"
-	epatch "${FILESDIR}/${PV_MAJOR}-3.2.0.patch"
-}
-
-src_install() {
-	linux-mod_src_install
-	local udevrules="${T}/60-vmware.rules"
-	cat > "${udevrules}" <<-EOF
-		KERNEL=="vmci",  GROUP="vmware", MODE=660
-		KERNEL=="vmmon", GROUP="vmware", MODE=660
-		KERNEL=="vsock", GROUP="vmware", MODE=660
-	EOF
-	insinto /etc/udev/rules.d/
-	doins "${udevrules}"
-}
diff --git a/app-emulation/vmware-modules/vmware-modules-264.2.ebuild b/app-emulation/vmware-modules/vmware-modules-264.2.ebuild
index bf691eca924d..48f13ceaa9f7 100644
--- a/app-emulation/vmware-modules/vmware-modules-264.2.ebuild
+++ b/app-emulation/vmware-modules/vmware-modules-264.2.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/vmware-modules/vmware-modules-264.2.ebuild,v 1.1 2012/03/10 14:17:50 vadimk Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/vmware-modules/vmware-modules-264.2.ebuild,v 1.2 2012/03/24 12:37:01 vadimk Exp $
 
 EAPI="2"
 
@@ -17,7 +17,7 @@ SRC_URI=""
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~amd64 ~x86"
-IUSE=""
+IUSE="hardened"
 
 RDEPEND=""
 DEPEND="${RDEPEND}
@@ -64,6 +64,7 @@ src_prepare() {
 	epatch "${FILESDIR}/${PV_MAJOR}-jobserver.patch"
 	epatch "${FILESDIR}/${PV_MAJOR}-netdevice.patch"
 	epatch "${FILESDIR}/${PV}-3.2.0.patch"
+	use hardened && epatch "${FILESDIR}/hardened.patch"
 }
 
 src_install() {