1 files changed, 69 insertions, 43 deletions
diff --git a/libre/linux-libre-grsec/PKGBUILD b/libre/linux-libre-grsec/PKGBUILD
index 576441ea3..6f7e20edf 100644
--- a/libre/linux-libre-grsec/PKGBUILD
+++ b/libre/linux-libre-grsec/PKGBUILD
@@ -1,24 +1,24 @@
-# Maintainer: Daniel Micay <danielmicay@gmail.com>
-# Contributor: Tobias Powalowski <tpowa@archlinux.org>
-# Contributor: Thomas Baechler <thomas@archlinux.org>
-# Contributor: henning mueller <henning@orgizm.net>
-# Contributor: Thomas Dwyer http://tomd.tel
-# Maintainer (Parabola): André Silva <emulatorman@parabola.nu>
-# Contributor (Parabola): Nicolás Reynolds <fauno@kiwwwi.com.ar>
-# Contributor (Parabola): Sorin-Mihai Vârgolici <smv@yobicore.org>
-# Contributor (Parabola): Michał Masłowski <mtjm@mtjm.eu>
-# Contributor (Parabola): Márcio Silva <coadde@parabola.nu>
+# Maintainer (Arch): Daniel Micay <danielmicay@gmail.com>
+# Contributor (Arch): Tobias Powalowski <tpowa@archlinux.org>
+# Contributor (Arch): Thomas Baechler <thomas@archlinux.org>
+# Contributor (Arch): henning mueller <henning@orgizm.net>
+# Contributor (Arch): Thomas Dwyer http://tomd.tel
+# Maintainer: André Silva <emulatorman@parabola.nu>
+# Contributor: Nicolás Reynolds <fauno@kiwwwi.com.ar>
+# Contributor: Sorin-Mihai Vârgolici <smv@yobicore.org>
+# Contributor: Michał Masłowski <mtjm@mtjm.eu>
+# Contributor: Márcio Silva <coadde@parabola.nu>
 
 pkgbase=linux-libre-grsec   # Build stock -LIBRE-GRSEC kernel
 #pkgbase=linux-libre-custom # Build kernel with a different name
 _basekernel=3.14
-_sublevel=1
+_sublevel=4
 _grsecver=3.0
-_timestamp=201404201132
+_timestamp=201405141623
 _pkgver=${_basekernel}.${_sublevel}
 pkgver=${_basekernel}.${_sublevel}.${_timestamp}
 pkgrel=1
-_lxopkgver=${_basekernel}.0 # nearly always the same as pkgver
+_lxopkgver=${_basekernel}.4 # nearly always the same as pkgver
 arch=('i686' 'x86_64' 'mips64el')
 url="https://grsecurity.net/"
 license=('GPL2')
@@ -42,35 +42,41 @@ source=("http://linux-libre.fsfla.org/pub/linux-libre/releases/${_basekernel}-gn
         '0004-fs-Don-t-return-0-from-get_anon_bdev.patch'
         '0005-Revert-Bluetooth-Enable-autosuspend-for-Intel-Blueto.patch'
         '0006-genksyms-fix-typeof-handling.patch'
-        '0007-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch'
         '0010-iwlwifi-mvm-delay-enabling-smart-FIFO-until-after-be.patch'
+        '0011-kernfs-fix-removed-error-check.patch'
+        '0012-fix-saa7134.patch'
+        '0013-net-Start-with-correct-mac_len-in-skb_network_protocol.patch'
+        '0015-fix-xsdt-validation.patch'
         'sysctl.conf'
         "http://www.linux-libre.fsfla.org/pub/linux-libre/lemote/gnewsense/pool/debuginfo/linux-patches-${_lxopkgver}-gnu_0loongsonlibre_mipsel.tar.xz")
-md5sums=('c108ec52eeb2a9b9ddbb8d12496ff25f'
-         '2b4862b3c76011e66e536f18fbf0fb27'
-         'db16c597af55a82da6fbe1059377c5cd'
-         'SKIP'
-         '51ead958a4bb74ca5f5702b97740719b'
-         '0822a5655cef86bb6f449692d8b3f3d2'
-         '5f66bed97a5c37e48eb2f71b2d354b9a'
-         '2967cecc3af9f954ccc822fd63dca6ff'
-         '8267264d9a8966e57fdacd1fa1fc65c4'
-         '14bb375a8a1d86d2875f72fcbaa03f3e'
-         '98beb36f9b8cf16e58de2483ea9985e3'
-         '6839ddec74a5300beff1709a81b0e4f3'
-         '706549e8a05f33f7fc697f28c0ca71d2'
-         'd23fc66be93ebce698bd7da844789de1'
-         'b240cc8ebb4b5d74e94b4c72d033f726'
-         'a89d593774ccb955eb8368d3bc87ce26'
-         '16a161979f846b049e90daea907c35dd'
-         '00727251b0d337a25d3ca392218afdf4'
-         '353b553d69da810ef954618aca60e1e2'
-         '7a052645280da78a98bfe8cf805ddab5'
-         '385f03abf27baa73731d27721eafd1c1')
+sha256sums=('477555c709b9407fe37dbd70d3331ff9dde1f9d874aba2741f138d07ae6f281b'
+            '01de5e15a2081197859e617c441de5cac9ddf60bed6fcf4dcff7a54e210e7815'
+            'e41e5dea54db4311655ccc68b371ac15dcc48f8767ca0a02150af70e831d2e4d'
+            'SKIP'
+            '0b6dbdf4d1677a39b9a0d55e8d7c66fe644fa77d769e3b673064181222b17467'
+            '8207a533f4fbad05ad26061f924957a7a92436d44a5dd7ca10e61d730c5e0ef9'
+            '9d2f34f1a8c514a7117b9b017a1f7312fb351f4d0b079eed102f89361534d486'
+            'c5451d5e1eafc4f8d28b1a2958ec3102c124433a414a86450fc32058e004156b'
+            '55bf07738a3286168a7929ae16dbca29defd14e77b9d24c487ae4c3d12bb9eb9'
+            'f913384dd6dbafca476fcf4ccd35f0f497dda5f3074866022facdb92647771f6'
+            'faced4eb4c47c4eb1a9ee8a5bf8a7c4b49d6b4d78efbe426e410730e6267d182'
+            '6d72e14552df59e6310f16c176806c408355951724cd5b48a47bf01591b8be02'
+            '52dec83a8805a8642d74d764494acda863e0aa23e3d249e80d4b457e20a3fd29'
+            '65d58f63215ee3c5f9c4fc6bce36fc5311a6c7dbdbe1ad29de40647b47ff9c0d'
+            '1e1ae0f31f722e80da083ecada1f1be57f9ddad133941820c4483b0240e494c1'
+            '3fffb01cf97a5a7ab9601cb277d2468c0fb1e1cceba4225915f3ffae3a5694ec'
+            'cf2e7a2d00787f754028e7459688c2755a406e632ce48b60952fa4ff7ed6f4b7'
+            'c0af4622f75c89fef62183e18b7d49998228d4eaa906c6accaf4aa4ff0134f85'
+            '04f44bf5c181d6dc31905937c1bdccb0f5aecaad3a579e99b302502b9cbe0f7a'
+            '79359454c9d8446eb55add2b1cdbf8332bd67dafb01fefb5b1ca090225f64d18'
+            'f2a5e22c1ba6e9b8a32a7bd4a5327ee95538aa10edcee3cd12578f8ff49bf6be'
+            '384dd13fd4248fd6809da8c6ae29ced55d4a5cacc33ac2ae7522093ec0fb26d4'
+            'a37823f0cdf3f318ec3f486f6e4035a7a8f887522d3a563d4dfe155f143ba24f'
+            '3cd53473e049a4809d9dde8ebef73307ce87076d707f3fd5c100844d4a9e8255')
 if [ "$CARCH" != "mips64el" ]; then
     # don't use the Loongson-specific patches on non-mips64el arches.
     unset source[${#source[@]}-1]
-    unset md5sums[${#md5sums[@]}-1]
+    unset sha256sums[${#sha256sums[@]}-1]
 fi
 
 _kernelname=${pkgbase#linux-libre}
@@ -118,15 +124,29 @@ prepare() {
   # http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dc53324060f324e8af6867f57bf4891c13c6ef18
   patch -p1 -i "${srcdir}/0006-genksyms-fix-typeof-handling.patch"
 
-  # Fix the use of code32_start in the EFI boot stub
-  # http://permalink.gmane.org/gmane.linux.kernel/1679881
-  # https://git.kernel.org/cgit/linux/kernel/git/mfleming/efi.git/commit/?h=urgent&id=7e8213c1f3acc064aef37813a39f13cbfe7c3ce7
-  patch -p1 -i "${srcdir}/0007-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch"
-
   # https://git.kernel.org/cgit/linux/kernel/git/iwlwifi/iwlwifi-fixes.git/commit/?id=12f853a89e29f50b17698e17e73c328a35f1498d
   # FS#39815
   patch -p1 -i "${srcdir}/0010-iwlwifi-mvm-delay-enabling-smart-FIFO-until-after-be.patch"
 
+  # fix Xorg crash with i810 chipset due to wrong removed error check
+  # References: http://lkml.kernel.org/g/533D01BD.1010200@googlemail.com
+  patch -Np1 -i "${srcdir}/0011-kernfs-fix-removed-error-check.patch"
+
+  # fix saa7134 video
+  # https://bugs.archlinux.org/task/39904
+  # https://bugzilla.kernel.org/show_bug.cgi?id=73361
+  patch -Np1 -i "${srcdir}/0012-fix-saa7134.patch"
+
+  # fix tun/openvpn performance
+  # https://bugs.archlinux.org/task/40089
+  # https://bugzilla.kernel.org/show_bug.cgi?id=74051
+  patch -Np1 -i "${srcdir}/0013-net-Start-with-correct-mac_len-in-skb_network_protocol.patch"
+
+  # fix xsdt validation bug
+  # https://bugs.archlinux.org/task/39811
+  # https://bugzilla.kernel.org/show_bug.cgi?id=73911
+  patch -Np1 -i "${srcdir}/0015-fix-xsdt-validation.patch"
+
   if [ "$CARCH" == "mips64el" ]; then
     sed -i "s|^EXTRAVERSION.*|EXTRAVERSION =-libre-grsec|" Makefile
     sed -r "s|^( SUBLEVEL = ).*|\1$_sublevel|" \
@@ -155,7 +175,7 @@ prepare() {
   fi
 
   # set extraversion to pkgrel
-  sed -ri "s|^(EXTRAVERSION =).*|\1 -${pkgrel}|" Makefile
+  sed -ri "s|^(EXTRAVERSION =).*|\1 .${_timestamp}-${pkgrel}|" Makefile
 
   # don't run depmod on 'make install'. We'll do this ourselves in packaging
   sed -i '2iexit 0' scripts/depmod.sh
@@ -215,7 +235,7 @@ _package() {
   # get kernel version
   _kernver="$(make LOCALVERSION= kernelrelease)"
   _basekernel=${_kernver%%-*}
-  _basekernel=${_basekernel%.*}
+  _basekernel=${_basekernel%.*.*}
 
   mkdir -p "${pkgdir}"/{lib/modules,lib/firmware,boot}
   make LOCALVERSION= INSTALL_MOD_PATH="${pkgdir}" modules_install
@@ -272,6 +292,12 @@ _package() {
   # add vmlinux
   install -D -m644 vmlinux "${pkgdir}/usr/lib/modules/${_kernver}/build/vmlinux" 
 
+  # add grsecurity gcc plugins
+  mkdir -p "$pkgdir/usr/lib/modules/${_kernver}/build/tools/gcc"
+  cp -a tools/gcc/*.h "$pkgdir/usr/lib/modules/${_kernver}/build/tools/gcc/"
+  cp -a tools/gcc/Makefile "$pkgdir/usr/lib/modules/${_kernver}/build/tools/gcc/"
+  install -m644 tools/gcc/*.so "$pkgdir/usr/lib/modules/${_kernver}/build/tools/gcc/"
+
   # install sysctl configuration for grsecurity switches
   install -Dm600 "${srcdir}/sysctl.conf" "${pkgdir}/etc/sysctl.d/05-grsecurity.conf"
 }