[Buildroot] [git commit] paxtest: new package
Thomas Petazzoni
thomas.petazzoni at free-electrons.com
Sat Jul 22 13:29:14 UTC 2017
commit: https://git.buildroot.net/buildroot/commit/?id=68832249069dd96861a50bec602153dc65f9cf5b
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
PaX regression test suite
Signed-off-by: David Graziano <david.graziano at rockwellcollins.com>
Signed-off-by: Matthew Weber <matthew.weber at rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at free-electrons.com>
---
DEVELOPERS | 1 +
package/Config.in | 1 +
.../0001-genpaxtest-move-log-location.patch | 30 +++++++++++++
...paxtest-page-alignment-ARM-and-NIOS2-arch.patch | 49 ++++++++++++++++++++++
package/paxtest/Config.in | 11 +++++
package/paxtest/paxtest.hash | 2 +
package/paxtest/paxtest.mk | 25 +++++++++++
7 files changed, 119 insertions(+)
diff --git a/DEVELOPERS b/DEVELOPERS
index 7b7c5ab..0c22ffc 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -1146,6 +1146,7 @@ F: package/libsepol/
F: package/libqmi/
F: package/nginx-upload/
F: package/omniorb/
+F: package/paxtest/
F: package/policycoreutils/
F: package/python-ipy/
F: package/python-posix-ipc/
diff --git a/package/Config.in b/package/Config.in
index 7bb9471..618bcf5 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1795,6 +1795,7 @@ endmenu
menu "Security"
source "package/checkpolicy/Config.in"
+ source "package/paxtest/Config.in"
source "package/policycoreutils/Config.in"
source "package/refpolicy/Config.in"
source "package/sepolgen/Config.in"
diff --git a/package/paxtest/0001-genpaxtest-move-log-location.patch b/package/paxtest/0001-genpaxtest-move-log-location.patch
new file mode 100644
index 0000000..6447d53
--- /dev/null
+++ b/package/paxtest/0001-genpaxtest-move-log-location.patch
@@ -0,0 +1,30 @@
+From 623d99e4f557ef9cd771006e4f916c12d22a07a8 Mon Sep 17 00:00:00 2001
+From: David Graziano <david.graziano at rockwellcollins.com>
+Date: Mon, 12 Jun 2017 10:41:45 -0500
+Subject: [PATCH] genpaxtest: move log location
+
+Move log location to /var/log instead of local directory.
+(For read-only filesystems)
+
+Signed-off-by: David Graziano <david.graziano at rockwellcollins.com>
+---
+ genpaxtest | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/genpaxtest b/genpaxtest
+index 5a22e15..d62b15e 100644
+--- a/genpaxtest
++++ b/genpaxtest
+@@ -35,7 +35,7 @@
+ exit 1
+ fi
+
+-LOG=\$HOME/paxtest.log
++LOG=/var/log/paxtest.log
+ [ -n "\$1" ] && LOG=\$1
+ touch "\$LOG"
+ if [ ! -e "\$LOG" ]; then
+
+--
+1.9.1
+
diff --git a/package/paxtest/0002-paxtest-page-alignment-ARM-and-NIOS2-arch.patch b/package/paxtest/0002-paxtest-page-alignment-ARM-and-NIOS2-arch.patch
new file mode 100644
index 0000000..54e5e69
--- /dev/null
+++ b/package/paxtest/0002-paxtest-page-alignment-ARM-and-NIOS2-arch.patch
@@ -0,0 +1,49 @@
+From 70406ad5668a15fedce2ae1ed3bc4fad04d9f040 Mon Sep 17 00:00:00 2001
+From: Matt Weber <matthew.weber at rockwellcollins.com>
+Date: Wed, 5 Jul 2017 20:47:42 -0500
+Subject: [PATCH] paxtest: page alignment ARM and NIOS2 arch
+
+- Extended ARM range from ARMv6-v7 to also include anything below v7
+- Added NIOS2 arch to conditionally have smaller alignment
+
+Submitted Upstream to pageexec at freemail.hu. Also posted a
+bug to both (Hardened) Suse and Gentoo's bugtrackers.
+https://bugzilla.opensuse.org/show_bug.cgi?id=1047422
+https://bugs.gentoo.org/show_bug.cgi?id=623946
+
+Signed-off-by: Matthew Weber <matthew.weber at rockwellcollins.com>
+---
+ paxtest.h | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/paxtest.h b/paxtest.h
+index 8623bfb..a230c1a 100644
+--- a/paxtest.h
++++ b/paxtest.h
+@@ -5,13 +5,21 @@
+ #include <unistd.h>
+
+ /*
+- * ARMv6 and ARMv7 do not like 64k alignment, 32k is ok
++ * Earlier ARMv# through ARMv7 do not like 64k alignment, 32k is ok
+ */
+-#if defined(__arm__) && __ARM_ARCH >= 6 && __ARM_ARCH <= 7
++#if defined(__arm__) && __ARM_ARCH <= 7
+ #define PAGE_SIZE_MAX (32768)
+ #else
+ #define PAGE_SIZE_MAX 0x10000 /* 64k should cover most arches */
+ #endif
++
++/*
++ * NIOS2's assemblier doesn't like 64k alignment
++ */
++#if defined(__nios2_arch__)
++#define PAGE_SIZE_MAX (32768)
++#endif
++
+ #ifndef __aligned
+ #define __aligned(x) __attribute__((aligned(x)))
+ #endif
+--
+1.9.1
+
diff --git a/package/paxtest/Config.in b/package/paxtest/Config.in
new file mode 100644
index 0000000..1e09820
--- /dev/null
+++ b/package/paxtest/Config.in
@@ -0,0 +1,11 @@
+config BR2_PACKAGE_PAXTEST
+ bool "paxtest"
+ # No UCLIBC or MUSL because __NO_A_OUT_SUPPORT
+ depends on BR2_TOOLCHAIN_USES_GLIBC
+ help
+ PaX regression test suite
+
+ http://pax.grsecurity.net/docs
+
+comment "paxtest needs a glibc toolchain"
+ depends on !BR2_TOOLCHAIN_USES_GLIBC
diff --git a/package/paxtest/paxtest.hash b/package/paxtest/paxtest.hash
new file mode 100644
index 0000000..c10566c
--- /dev/null
+++ b/package/paxtest/paxtest.hash
@@ -0,0 +1,2 @@
+# Locally computed:
+sha256 d553848431fd8c2ab6c8361b62e5cedfed1cc1d60088241f4a33d2af15dd667f paxtest-0.9.15.tar.gz
diff --git a/package/paxtest/paxtest.mk b/package/paxtest/paxtest.mk
new file mode 100644
index 0000000..5eaee86
--- /dev/null
+++ b/package/paxtest/paxtest.mk
@@ -0,0 +1,25 @@
+################################################################################
+#
+# paxtest
+#
+################################################################################
+
+PAXTEST_VERSION = 0.9.15
+PAXTEST_SITE = https://www.grsecurity.net/~spender
+PAXTEST_LICENSE = GPL-2.0+
+PAXTEST_LICENSE_FILES = README
+
+define PAXTEST_BUILD_CMDS
+ $(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D) \
+ CC="$(TARGET_CC)" LD="$(TARGET_CC)" linux
+endef
+
+define PAXTEST_INSTALL_TARGET_CMDS
+ $(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D) \
+ CC="$(TARGET_CC)" LD="$(TARGET_CC)" \
+ DESTDIR=$(TARGET_DIR) \
+ BINDIR="usr/bin" \
+ RUNDIR="usr/lib" -f Makefile.psm install
+endef
+
+$(eval $(generic-package))
More information about the buildroot
mailing list