commit: 798507a10e053a539d2d8bd47f24373f9722b5d9 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> AuthorDate: Sat Jan 17 12:52:57 2015 +0000 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> CommitDate: Sat Jan 17 12:52:57 2015 +0000 URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=798507a1
sys-apps/iproute2: fix headers Package-Manager: portage-2.2.14 RepoMan-Options: --force Manifest-Sign-Key: 0xF52D4BBA --- sys-apps/iproute2/files/iproute2-3.1.0-mtu.patch | 48 +++++++++ .../iproute2/files/iproute2-3.1.0-no-ipv6.patch | 41 +++++++ .../files/iproute2-3.8.0-musl-headers.patch | 81 ++++++++++++++ .../files/iproute2-3.8.0-old-mount-libc.patch | 38 +++++++ sys-apps/iproute2/iproute2-3.8.0-r99.ebuild | 118 +++++++++++++++++++++ sys-apps/iproute2/metadata.xml | 9 ++ 6 files changed, 335 insertions(+) diff --git a/sys-apps/iproute2/files/iproute2-3.1.0-mtu.patch b/sys-apps/iproute2/files/iproute2-3.1.0-mtu.patch new file mode 100644 index 0000000..fa12dad --- /dev/null +++ b/sys-apps/iproute2/files/iproute2-3.1.0-mtu.patch @@ -0,0 +1,48 @@ +http://bugs.gentoo.org/291907 + +This patch was merged from two patches extracted from this thread: +http://markmail.org/thread/qkd76gpdgefpjlfn + +tc_stab.c: small fixes to commandline help + + +tc_core.c: +As kernel part of things relies on cell align which is always set to -1, +I also added it to userspace computation stage. This way if someone +specified e.g. 2048 and 512 for mtu and tsize respectively, one wouldn't +end with tsize supporting mtu 4096 suddenly, New default mtu is also set +to 2048 (disregarding weirdness of setting mtu to such values). + + +Unless I missed something, this is harmless and feels cleaner, but if it's +not allowed, documentation will have to be changed back to 2047 + extra +explanation as well. + +--- iproute2/tc/tc_core.c ++++ iproute2/tc/tc_core.c +@@ -155,12 +155,12 @@ + } + + if (s->mtu == 0) +- s->mtu = 2047; ++ s->mtu = 2048; + if (s->tsize == 0) + s->tsize = 512; + + s->cell_log = 0; +- while ((s->mtu >> s->cell_log) > s->tsize - 1) ++ while ((s->mtu - 1 >> s->cell_log) > s->tsize - 1) + s->cell_log++; + + *stab = malloc(s->tsize * sizeof(__u16)); +--- iproute2/tc/tc_stab.c ++++ iproute2/tc/tc_stab.c +@@ -32,7 +32,7 @@ + fprintf(stderr, + "Usage: ... stab [ mtu BYTES ] [ tsize SLOTS ] [ mpu BYTES ] \n" + " [ overhead BYTES ] [ linklayer TYPE ] ...\n" +- " mtu : max packet size we create rate map for {2047}\n" ++ " mtu : max packet size we create size table for {2048}\n" + " tsize : how many slots should size table have {512}\n" + " mpu : minimum packet size used in rate computations\n" + " overhead : per-packet size overhead used in rate computations\n" diff --git a/sys-apps/iproute2/files/iproute2-3.1.0-no-ipv6.patch b/sys-apps/iproute2/files/iproute2-3.1.0-no-ipv6.patch new file mode 100644 index 0000000..1282a1b --- /dev/null +++ b/sys-apps/iproute2/files/iproute2-3.1.0-no-ipv6.patch @@ -0,0 +1,41 @@ +https://bugs.gentoo.org/326849 + +allow ipv6 to be disabled + +--- a/ip/iptunnel.c ++++ b/ip/iptunnel.c +@@ -456,13 +456,6 @@ int do_iptunnel(int argc, char **argv) + break; + case AF_INET: + break; +- /* +- * This is silly enough but we have no easy way to make it +- * protocol-independent because of unarranged structure between +- * IPv4 and IPv6. +- */ +- case AF_INET6: +- return do_ip6tunnel(argc, argv); + default: + fprintf(stderr, "Unsupported family:%d\n", preferred_family); + exit(-1); +--- a/ip/Makefile ++++ b/ip/Makefile +@@ -1,6 +1,6 @@ + IPOBJ=ip.o ipaddress.o ipaddrlabel.o iproute.o iprule.o ipnetns.o \ +- rtm_map.o iptunnel.o ip6tunnel.o tunnel.o ipneigh.o ipntable.o iplink.o \ +- ipmaddr.o ipmonitor.o ipmroute.o ipprefix.o iptuntap.o \ ++ rtm_map.o iptunnel.o tunnel.o ipneigh.o ipntable.o iplink.o \ ++ ipmaddr.o ipmonitor.o ipmroute.o iptuntap.o \ + ipxfrm.o xfrm_state.o xfrm_policy.o xfrm_monitor.o \ + iplink_vlan.o link_veth.o link_gre.o iplink_can.o \ + iplink_macvlan.o iplink_macvtap.o ipl2tp.o +--- a/ip/ipmonitor.c ++++ b/ip/ipmonitor.c +@@ -76,7 +76,6 @@ int accept_msg(const struct sockaddr_nl *who, + if (n->nlmsg_type == RTM_NEWPREFIX) { + if (prefix_banner) + fprintf(fp, "[PREFIX]"); +- print_prefix(who, n, arg); + return 0; + } + if (n->nlmsg_type == RTM_NEWRULE || n->nlmsg_type == RTM_DELRULE) { diff --git a/sys-apps/iproute2/files/iproute2-3.8.0-musl-headers.patch b/sys-apps/iproute2/files/iproute2-3.8.0-musl-headers.patch new file mode 100644 index 0000000..a0b2e45 --- /dev/null +++ b/sys-apps/iproute2/files/iproute2-3.8.0-musl-headers.patch @@ -0,0 +1,81 @@ +diff -Naur iproute2-3.8.0.orig/misc/arpd.c iproute2-3.8.0/misc/arpd.c +--- iproute2-3.8.0.orig/misc/arpd.c 2013-02-21 16:41:20.000000000 +0000 ++++ iproute2-3.8.0/misc/arpd.c 2015-01-17 12:23:52.251980551 +0000 +@@ -18,7 +18,7 @@ + #include <netdb.h> + #include <db_185.h> + #include <sys/ioctl.h> +-#include <sys/poll.h> ++#include <poll.h> + #include <errno.h> + #include <fcntl.h> + #include <sys/uio.h> +diff -Naur iproute2-3.8.0.orig/misc/ifstat.c iproute2-3.8.0/misc/ifstat.c +--- iproute2-3.8.0.orig/misc/ifstat.c 2013-02-21 16:41:20.000000000 +0000 ++++ iproute2-3.8.0/misc/ifstat.c 2015-01-17 12:23:42.795640740 +0000 +@@ -21,7 +21,7 @@ + #include <sys/file.h> + #include <sys/socket.h> + #include <sys/un.h> +-#include <sys/poll.h> ++#include <poll.h> + #include <sys/wait.h> + #include <sys/stat.h> + #include <signal.h> +diff -Naur iproute2-3.8.0.orig/misc/lnstat.h iproute2-3.8.0/misc/lnstat.h +--- iproute2-3.8.0.orig/misc/lnstat.h 2013-02-21 16:41:20.000000000 +0000 ++++ iproute2-3.8.0/misc/lnstat.h 2015-01-17 12:33:50.391207710 +0000 +@@ -2,6 +2,7 @@ + #define _LNSTAT_H + + #include <limits.h> ++#include <sys/time.h> + + #define LNSTAT_VERSION "0.02 041002" + +diff -Naur iproute2-3.8.0.orig/misc/nstat.c iproute2-3.8.0/misc/nstat.c +--- iproute2-3.8.0.orig/misc/nstat.c 2013-02-21 16:41:20.000000000 +0000 ++++ iproute2-3.8.0/misc/nstat.c 2015-01-17 12:23:27.683097666 +0000 +@@ -21,7 +21,7 @@ + #include <sys/file.h> + #include <sys/socket.h> + #include <sys/un.h> +-#include <sys/poll.h> ++#include <poll.h> + #include <sys/wait.h> + #include <sys/stat.h> + #include <signal.h> +diff -Naur iproute2-3.8.0.orig/misc/rtacct.c iproute2-3.8.0/misc/rtacct.c +--- iproute2-3.8.0.orig/misc/rtacct.c 2013-02-21 16:41:20.000000000 +0000 ++++ iproute2-3.8.0/misc/rtacct.c 2015-01-17 12:23:35.340372834 +0000 +@@ -22,7 +22,7 @@ + #include <sys/file.h> + #include <sys/socket.h> + #include <sys/un.h> +-#include <sys/poll.h> ++#include <poll.h> + #include <sys/wait.h> + #include <sys/stat.h> + #include <sys/mman.h> +diff -Naur iproute2-3.8.0.orig/tc/tc_stab.c iproute2-3.8.0/tc/tc_stab.c +--- iproute2-3.8.0.orig/tc/tc_stab.c 2015-01-17 12:19:44.001058119 +0000 ++++ iproute2-3.8.0/tc/tc_stab.c 2015-01-17 12:22:35.692229262 +0000 +@@ -21,6 +21,7 @@ + #include <arpa/inet.h> + #include <string.h> + #include <malloc.h> ++#include <sys/param.h> + + #include "utils.h" + #include "tc_util.h" +diff -Naur iproute2-3.8.0.orig/tc/tc_util.c iproute2-3.8.0/tc/tc_util.c +--- iproute2-3.8.0.orig/tc/tc_util.c 2013-02-21 16:41:20.000000000 +0000 ++++ iproute2-3.8.0/tc/tc_util.c 2015-01-17 12:21:57.785866923 +0000 +@@ -20,6 +20,7 @@ + #include <arpa/inet.h> + #include <string.h> + #include <math.h> ++#include <sys/param.h> + + #include "utils.h" + #include "tc_util.h" diff --git a/sys-apps/iproute2/files/iproute2-3.8.0-old-mount-libc.patch b/sys-apps/iproute2/files/iproute2-3.8.0-old-mount-libc.patch new file mode 100644 index 0000000..96280e0 --- /dev/null +++ b/sys-apps/iproute2/files/iproute2-3.8.0-old-mount-libc.patch @@ -0,0 +1,38 @@ +From 03fdb011dd661315a83998af8af779d8f089e3fe Mon Sep 17 00:00:00 2001 +From: Stephen Hemminger <[email protected]> +Date: Wed, 17 Apr 2013 13:33:26 -0700 +Subject: [PATCH] ipnetns: fix build on older systems + +Debian Squeeze has out of date <sys/mount.h> without the required flags. +--- + ip/ipnetns.c | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + +diff --git a/ip/ipnetns.c b/ip/ipnetns.c +index b047b97..c9bc20a 100644 +--- a/ip/ipnetns.c ++++ b/ip/ipnetns.c +@@ -29,6 +29,20 @@ + #define MNT_DETACH 0x00000002 /* Just detach from the tree */ + #endif /* MNT_DETACH */ + ++/* sys/mount.h may be out too old to have these */ ++#ifndef MS_REC ++#define MS_REC 16384 ++#endif ++ ++#ifndef MS_SLAVE ++#define MS_SLAVE (1 << 19) ++#endif ++ ++#ifndef MS_SHARED ++#define MS_SHARED (1 << 20) ++#endif ++ ++ + #ifndef HAVE_SETNS + static int setns(int fd, int nstype) + { +-- +1.8.2.1 + diff --git a/sys-apps/iproute2/iproute2-3.8.0-r99.ebuild b/sys-apps/iproute2/iproute2-3.8.0-r99.ebuild new file mode 100644 index 0000000..cae49ff --- /dev/null +++ b/sys-apps/iproute2/iproute2-3.8.0-r99.ebuild @@ -0,0 +1,118 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/iproute2/iproute2-3.8.0.ebuild,v 1.18 2014/01/18 11:02:22 vapier Exp $ + +EAPI="4" + +inherit eutils toolchain-funcs flag-o-matic multilib + +if [[ ${PV} == "9999" ]] ; then + EGIT_REPO_URI="git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git" + inherit git-2 +else + SRC_URI="mirror://kernel/linux/utils/net/${PN}/${P}.tar.xz" + KEYWORDS="amd64 arm ~mips ppc x86" +fi + +DESCRIPTION="kernel routing and traffic control utilities" +HOMEPAGE="http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2"; + +LICENSE="GPL-2" +SLOT="0" +IUSE="atm berkdb +iptables ipv6 minimal" + +RDEPEND="!net-misc/arpd + iptables? ( >=net-firewall/iptables-1.4.16 ) + !minimal? ( berkdb? ( sys-libs/db ) ) + atm? ( net-dialup/linux-atm )" +DEPEND="${RDEPEND} + app-arch/xz-utils + iptables? ( virtual/pkgconfig ) + sys-devel/bison + sys-devel/flex + >=sys-kernel/linux-headers-2.6.27 + elibc_glibc? ( >=sys-libs/glibc-2.7 )" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-3.1.0-mtu.patch #291907 + epatch "${FILESDIR}"/${P}-old-mount-libc.patch #468120 + epatch "${FILESDIR}"/${P}-musl-headers.patch + use ipv6 || epatch "${FILESDIR}"/${PN}-3.1.0-no-ipv6.patch #326849 + + sed -i \ + -e '/^CC =/d' \ + -e "/^LIBDIR/s:=.*:=/$(get_libdir):" \ + -e "s:-O2:${CFLAGS} ${CPPFLAGS}:" \ + -e "/^HOSTCC/s:=.*:= $(tc-getBUILD_CC):" \ + -e "/^WFLAGS/s:-Werror::" \ + -e "/^DBM_INCLUDE/s:=.*:=${T}:" \ + Makefile || die + + # build against system headers + rm -r include/netinet #include/linux include/ip{,6}tables{,_common}.h include/libiptc + sed -i 's:TCPI_OPT_ECN_SEEN:16:' misc/ss.c || die + + # don't build arpd if USE=-berkdb #81660 + use berkdb || sed -i '/^TARGETS=/s: arpd : :' misc/Makefile + + use minimal && sed -i -e '/^SUBDIRS=/s:=.*:=lib tc:' Makefile +} + +src_configure() { + tc-export AR CC PKG_CONFIG + + # This sure is ugly. Should probably move into toolchain-funcs at some point. + local setns + pushd "${T}" >/dev/null + echo 'main(){return setns();};' > test.c + ${CC} ${CFLAGS} ${LDFLAGS} test.c >&/dev/null && setns=y || setns=n + echo 'main(){};' > test.c + ${CC} ${CFLAGS} ${LDFLAGS} test.c -lresolv >&/dev/null || sed -i '/^LDLIBS/s:-lresolv::' "${S}"/Makefile + popd >/dev/null + + cat <<-EOF > Config + TC_CONFIG_ATM := $(usex atm y n) + TC_CONFIG_XT := $(usex iptables y n) + IP_CONFIG_SETNS := ${setns} + # Use correct iptables dir, #144265 #293709 + IPT_LIB_DIR := $(use iptables && ${PKG_CONFIG} xtables --variable=xtlibdir) + EOF +} + +src_install() { + if use minimal ; then + into / + dosbin tc/tc + return 0 + fi + + emake \ + DESTDIR="${D}" \ + LIBDIR="${EPREFIX}"/$(get_libdir) \ + SBINDIR="${EPREFIX}"/sbin \ + CONFDIR="${EPREFIX}"/etc/iproute2 \ + DOCDIR="${EPREFIX}"/usr/share/doc/${PF} \ + MANDIR="${EPREFIX}"/usr/share/man \ + ARPDDIR="${EPREFIX}"/var/lib/arpd \ + install + + rm "${ED}"/usr/share/doc/${PF}/*.{sgml,tex} || die #455988 + + dodir /bin + mv "${ED}"/{s,}bin/ip || die #330115 + + dolib.a lib/libnetlink.a + insinto /usr/include + doins include/libnetlink.h + # This local header pulls in a lot of linux headers it + # doesn't directly need. Delete this header that requires + # linux-headers-3.8 until that goes stable. #467716 + sed -i '/linux\/netconf.h/d' "${ED}"/usr/include/libnetlink.h || die + + if use berkdb ; then + dodir /var/lib/arpd + # bug 47482, arpd doesn't need to be in /sbin + dodir /usr/bin + mv "${ED}"/sbin/arpd "${ED}"/usr/bin/ || die + fi +} diff --git a/sys-apps/iproute2/metadata.xml b/sys-apps/iproute2/metadata.xml new file mode 100644 index 0000000..eab1d3a --- /dev/null +++ b/sys-apps/iproute2/metadata.xml @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd";> +<pkgmetadata> +<herd>base-system</herd> +<use> + <flag name='berkdb'>build programs that use berkdb (just arpd)</flag> + <flag name='iptables'>include support for iptables filtering</flag> +</use> +</pkgmetadata>
