[ptxdist] [PATCH] strongswan: update to 5.0.4

2013-05-02 Thread Jan Luebbe 
The security bug fixed in 5.0.4 affected only the openssl plugin,
which is disabled in this package.
---
 rules/strongswan.make |   13 ++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/rules/strongswan.make b/rules/strongswan.make
index 31b7221..6401832 100644
--- a/rules/strongswan.make
+++ b/rules/strongswan.make
@@ -17,8 +17,8 @@ PACKAGES-$(PTXCONF_STRONGSWAN) += strongswan
 #
 # Paths and names
 #
-STRONGSWAN_VERSION := 5.0.2
-STRONGSWAN_MD5 := 77dc16443fd141f46183d3a4f60986ef
+STRONGSWAN_VERSION := 5.0.4
+STRONGSWAN_MD5 := 0ab0397b44b197febfd0f89148344035
 STRONGSWAN := strongswan-$(STRONGSWAN_VERSION)
 STRONGSWAN_SUFFIX  := tar.bz2
 STRONGSWAN_URL := 
http://download.strongswan.org/$(STRONGSWAN).$(STRONGSWAN_SUFFIX)
@@ -34,6 +34,7 @@ STRONGSWAN_CONF_TOOL  := autoconf
 STRONGSWAN_CONF_OPT:= \
$(CROSS_AUTOCONF_USR) \
--$(call ptx/endis, PTXCONF_STRONGSWAN_LIBCURL)-curl \
+   --disable-unbound \
--disable-soup \
--disable-ldap \
--enable-aes \
@@ -57,6 +58,7 @@ STRONGSWAN_CONF_OPT   := \
--enable-pkcs8 \
--enable-pgp \
--enable-dnskey \
+   --disable-ipseckey \
--enable-pem \
--enable-hmac \
--enable-cmac \
@@ -95,6 +97,7 @@ STRONGSWAN_CONF_OPT   := \
--enable-xauth-generic \
--disable-xauth-eap \
--disable-xauth-pam \
+   --disable-xauth-noauth \
--disable-tnc-ifmap \
--disable-tnc-pdp \
--disable-tnc-imc \
@@ -146,7 +149,7 @@ STRONGSWAN_CONF_OPT := \
--disable-addrblock \
--disable-unity \
--disable-uci \
-   --disable-android \
+   --disable-android-dns \
--disable-android-log \
--disable-maemo \
--disable-nm \
@@ -155,6 +158,7 @@ STRONGSWAN_CONF_OPT := \
--disable-lookip \
--disable-error-notify \
--disable-certexpire \
+   --disable-systime-fix \
--disable-led \
--disable-duplicheck \
--disable-coupling \
@@ -162,6 +166,9 @@ STRONGSWAN_CONF_OPT := \
--disable-vstr \
--disable-monolithic \
--disable-bfd-backtraces \
+   --disable-unit-tests \
+   --disable-tkm \
+   --disable-defaults \
--enable-dependency-tracking \
--enable-shared \
--disable-static \
-- 
1.7.10.4


-- 
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] [PATCH] libkmod: avoid calling syscall() with -1

2013-05-02 Thread Jan Luebbe 
This fixes an illegal instruction error on qemu ARM.

Signed-off-by: Jan Luebbe j...@pengutronix.de
---
 ...0001-libkmod-Avoid-calling-syscall-with-1.patch |   32 
 patches/kmod-13/series |4 +++
 2 files changed, 36 insertions(+)
 create mode 100644 
patches/kmod-13/0001-libkmod-Avoid-calling-syscall-with-1.patch
 create mode 100644 patches/kmod-13/series

diff --git a/patches/kmod-13/0001-libkmod-Avoid-calling-syscall-with-1.patch 
b/patches/kmod-13/0001-libkmod-Avoid-calling-syscall-with-1.patch
new file mode 100644
index 000..bfeaf34
--- /dev/null
+++ b/patches/kmod-13/0001-libkmod-Avoid-calling-syscall-with-1.patch
@@ -0,0 +1,32 @@
+From: Jan Luebbe j...@pengutronix.de
+Date: Thu, 2 May 2013 16:40:22 +0200
+Subject: [PATCH] libkmod: Avoid calling syscall() with -1
+
+At least in qemu 1.4.1 for vexpress/arm-cortexa9, this resulted in an
+illegal instruction error. Solve that by returning an error when
+__NR_finit_module is -1.
+---
+ libkmod/missing.h |9 -
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/libkmod/missing.h b/libkmod/missing.h
+index edb88b9..ac24a35 100644
+--- a/libkmod/missing.h
 b/libkmod/missing.h
+@@ -20,8 +20,15 @@
+ #endif
+ 
+ #ifndef HAVE_FINIT_MODULE
++#include errno.h
++
+ static inline int finit_module(int fd, const char *uargs, int flags)
+ {
+-  return syscall(__NR_finit_module, fd, uargs, flags);
++  if (__NR_finit_module == -1) {
++  errno = ENOSYS;
++  return -1;
++  } else {
++  return syscall(__NR_finit_module, fd, uargs, flags);
++  }
+ }
+ #endif
diff --git a/patches/kmod-13/series b/patches/kmod-13/series
new file mode 100644
index 000..8f9a8ac
--- /dev/null
+++ b/patches/kmod-13/series
@@ -0,0 +1,4 @@
+# generated by git-ptx-patches
+#tag:base --start-number 1
+0001-libkmod-Avoid-calling-syscall-with-1.patch
+# 663dcc1cd4b4be9a3934dab348129c99  - git-ptx-patches magic
-- 
1.7.10.4


-- 
ptxdist mailing list
ptxdist@pengutronix.de

Re: [ptxdist] [PATCH] libkmod: avoid calling syscall() with -1

2013-05-02 Thread Jan Luebbe 
On Thu, May 02, 2013 at 04:54:30PM +0200, Jan Luebbe wrote:
 This fixes an illegal instruction error on qemu ARM.

Please do not apply this yet, there is still some discussion going on upstream:
http://bugs.funtoo.org/browse/FL-534
http://thread.gmane.org/gmane.linux.kernel.modules/1061

Jan
-- 
Pengutronix e.K.   | |
Industrial Linux Solutions | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0|
Amtsgericht Hildesheim, HRA 2686   | Fax:   +49-5121-206917- |

-- 
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] [PATCH] libkmod: avoid calling syscall() with -1

2013-05-02 Thread Jan Luebbe 
This fixes an illegal instruction error on qemu ARM.

Signed-off-by: Jan Luebbe j...@pengutronix.de
---

It seems this patch has been applied upstream:
http://thread.gmane.org/gmane.linux.kernel.modules/1061/focus=1064

 ...ssing-Don-t-call-syscall-with-syscallno-1.patch |   40 
 patches/kmod-13/series |4 ++
 2 files changed, 44 insertions(+)
 create mode 100644 
patches/kmod-13/0001-missing-Don-t-call-syscall-with-syscallno-1.patch
 create mode 100644 patches/kmod-13/series

diff --git 
a/patches/kmod-13/0001-missing-Don-t-call-syscall-with-syscallno-1.patch 
b/patches/kmod-13/0001-missing-Don-t-call-syscall-with-syscallno-1.patch
new file mode 100644
index 000..a385d63
--- /dev/null
+++ b/patches/kmod-13/0001-missing-Don-t-call-syscall-with-syscallno-1.patch
@@ -0,0 +1,40 @@
+From: Lucas De Marchi lucas.de.mar...@gmail.com
+Date: Thu, 2 May 2013 13:22:57 -0300
+Subject: [PATCH] missing: Don't call syscall() with syscallno == -1
+
+Reported-by: Jean-Francis Roy jeanfran...@funtoo.org
+Reported-by: Jan Luebbe j...@pengutronix.de
+---
+ libkmod/missing.h |   10 ++
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/libkmod/missing.h b/libkmod/missing.h
+index edb88b9..b31af84 100644
+--- a/libkmod/missing.h
 b/libkmod/missing.h
+@@ -1,5 +1,6 @@
+ #pragma once
+ 
++#include errno.h
+ #include unistd.h
+ #include sys/syscall.h
+ 
+@@ -15,13 +16,14 @@
+ # define MODULE_INIT_IGNORE_VERMAGIC 2
+ #endif
+ 
+-#ifndef __NR_finit_module
+-# define __NR_finit_module -1
+-#endif
+-
+ #ifndef HAVE_FINIT_MODULE
+ static inline int finit_module(int fd, const char *uargs, int flags)
+ {
++#ifndef __NR_finit_module
++  errno = ENOSYS;
++  return -1;
++#else
+   return syscall(__NR_finit_module, fd, uargs, flags);
++#endif
+ }
+ #endif
diff --git a/patches/kmod-13/series b/patches/kmod-13/series
new file mode 100644
index 000..3fc301f
--- /dev/null
+++ b/patches/kmod-13/series
@@ -0,0 +1,4 @@
+# generated by git-ptx-patches
+#tag:base --start-number 1
+0001-missing-Don-t-call-syscall-with-syscallno-1.patch
+# 0b7413dd7632441bc24225859a7d1866  - git-ptx-patches magic
-- 
1.7.10.4


-- 
ptxdist mailing list
ptxdist@pengutronix.de