updpkg: libre/linux-libre-hardened 5.10.19.hardened1-1

Signed-off-by: David P <megver83@parabola.nu>

2 files changed, 17 insertions, 15 deletions

diff --git a/libre/linux-libre-hardened/PKGBUILD b/libre/linux-libre-hardened/PKGBUILD
index 4c2059148..1e3a4405f 100644
--- a/libre/linux-libre-hardened/PKGBUILD
+++ b/libre/linux-libre-hardened/PKGBUILD
@@ -9,7 +9,7 @@ _replacesoldkernels=() # '%' gets replaced with kernel suffix
 _replacesoldmodules=() # '%' gets replaced with kernel suffix
 
 pkgbase=linux-libre-hardened
-pkgver=5.10.7.a
+pkgver=5.10.19.hardened1
 pkgrel=1
 pkgdesc='Security-Hardened Linux-libre'
 url='https://linux-libre.fsfla.org/'
@@ -21,10 +21,11 @@ makedepends=(
 )
 options=('!strip')
 _srcname=linux-5.10
+_srctag=${pkgver%.*}-${pkgver##*.}
 source=(
   "https://linux-libre.fsfla.org/pub/linux-libre/releases/${_srcname##*-}-gnu/linux-libre-${_srcname##*-}-gnu.tar.xz"{,.sign}
   "https://linux-libre.fsfla.org/pub/linux-libre/releases/${pkgver%.*}-gnu/patch-${_srcname##*-}-gnu-${pkgver%.*}-gnu.xz"{,.sign}
-  "https://github.com/anthraxx/linux-hardened/releases/download/$pkgver/linux-hardened-$pkgver.patch"{,.sig}
+  "https://github.com/anthraxx/linux-hardened/releases/download/${_srctag}/linux-hardened-${_srctag}.patch"{,.sig}
   "https://repo.parabola.nu/other/linux-libre/logos/logo_linux_"{clut224.ppm,vga16.ppm,mono.pbm}{,.sig}
   config         # the main kernel config file
 
@@ -45,9 +46,9 @@ validpgpkeys=(
 )
 sha512sums=('ccc52db049a66ff146d9fc84fb00e783f2d04211156233a382f87589fec7631b8fbb3e76bfd94279607b883d25f9745e6c7d2bd62b13311dc6b425002bd42ec0'
             'SKIP'
-            'f3e5ee9ef33eaf2a15de39b99a2a01b88681df0519f1b03dc19fa8db63120096dbddcbce9c00f8b7515b55161d3d440a9439954fc2356a35f7da5f878b5dfedb'
+            'ed4bf87f5b9f4bcc3cdaa3aa7e4fb1e39d5182157d96c49aaff4d54f9454922330b1a47c74f40af62869ee81ff5e3cb78abcfe883af5463084180c556961f068'
             'SKIP'
-            '66ab8e0e8338fe446a31a107b5c7acab97f37f432c95f6bf5142c097643043c1345acf96114479fdd0ee4b387ca182c4907e9f883e405e7a3564a1912eb5a7e1'
+            '4bea351580ebe3e52e18a1b5e82b9a40855b77fc0c6e6581c5f3fc9e0a2ac5df8274d29b6907e7ac4e7f20df9b74749fb97317d68f111f88ebd6907966d3d04b'
             'SKIP'
             '13cb5bc42542e7b8bb104d5f68253f6609e463b6799800418af33eb0272cc269aaa36163c3e6f0aacbdaaa1d05e2827a4a7c4a08a029238439ed08b89c564bb3'
             'SKIP'
@@ -55,7 +56,7 @@ sha512sums=('ccc52db049a66ff146d9fc84fb00e783f2d04211156233a382f87589fec7631b8fb
             'SKIP'
             '267295aa0cea65684968420c68b32f1a66a22d018b9d2b2c1ef14267bcf4cb68aaf7099d073cbfefe6c25c8608bdcbbd45f7ac8893fdcecbf1e621abdfe9ecc1'
             'SKIP'
-            'da78994e8c265b4fd3130180c194c28c2709545dcc2e51555ef5db5222254a1623bf43454eb931b57fffd8157b14927029618ce9e020e73858c3e7bbd8259716'
+            '77092070fdfd8dba9f497b2a7ae8f779e177846209f602918fadb946e43fa11578a04b55123294756bc1de5ff5ca750d34e824ae32190ed94a3692345630c7d3'
             '02af4dd2a007e41db0c63822c8ab3b80b5d25646af1906dc85d0ad9bb8bbf5236f8e381d7f91cf99ed4b0978c50aee37cb9567cdeef65b7ec3d91b882852b1af'
             'b8fe56e14006ab866970ddbd501c054ae37186ddc065bb869cf7d18db8c0d455118d5bda3255fb66a0dde38b544655cfe9040ffe46e41d19830b47959b2fb168')
   
@@ -80,7 +81,7 @@ prepare() {
     ../logo_linux_{clut224.ppm,vga16.ppm,mono.pbm}
 
   echo "Setting version..."
-  sed -e "/^-EXTRAVERSION =/s/=/= -gnu/" -i "../linux-hardened-$pkgver.patch"
+  sed -e "/^-EXTRAVERSION =/s/=/= -gnu/" -i "../linux-hardened-$_srctag.patch"
   scripts/setlocalversion --save-scmversion
   echo "-$pkgrel" > localversion.10-pkgrel
   echo "${pkgbase#linux-libre}" > localversion.20-pkgname
diff --git a/libre/linux-libre-hardened/config b/libre/linux-libre-hardened/config
index d776b4028..797e9c9e4 100644
--- a/libre/linux-libre-hardened/config
+++ b/libre/linux-libre-hardened/config
@@ -1,11 +1,11 @@
 #
 # Automatically generated file; DO NOT EDIT.
-# Linux/x86 5.10.7-gnu Kernel Configuration
+# Linux/x86 5.10.19-gnu Kernel Configuration
 #
 CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.2.0"
 CONFIG_CC_IS_GCC=y
 CONFIG_GCC_VERSION=100200
-CONFIG_LD_VERSION=235010000
+CONFIG_LD_VERSION=236010000
 CONFIG_CLANG_VERSION=0
 CONFIG_LLD_VERSION=0
 CONFIG_CC_CAN_LINK=y
@@ -2890,7 +2890,7 @@ CONFIG_B53_SRAB_DRIVER=m
 CONFIG_B53_SERDES=m
 CONFIG_NET_DSA_BCM_SF2=m
 CONFIG_NET_DSA_LOOP=m
-CONFIG_NET_DSA_LANTIQ_GSWIP=m
+# CONFIG_NET_DSA_LANTIQ_GSWIP is not set
 CONFIG_NET_DSA_MT7530=m
 CONFIG_NET_DSA_MV88E6060=m
 CONFIG_NET_DSA_MICROCHIP_KSZ_COMMON=m
@@ -3285,7 +3285,7 @@ CONFIG_AT803X_PHY=m
 CONFIG_QSEMI_PHY=m
 CONFIG_REALTEK_PHY=m
 CONFIG_RENESAS_PHY=m
-CONFIG_ROCKCHIP_PHY=m
+# CONFIG_ROCKCHIP_PHY is not set
 CONFIG_SMSC_PHY=m
 CONFIG_STE10XP=m
 CONFIG_TERANETICS_PHY=m
@@ -4110,7 +4110,7 @@ CONFIG_SERIAL_UARTLITE_NR_UARTS=1
 CONFIG_SERIAL_CORE=y
 CONFIG_SERIAL_CORE_CONSOLE=y
 CONFIG_SERIAL_JSM=m
-CONFIG_SERIAL_LANTIQ=m
+# CONFIG_SERIAL_LANTIQ is not set
 CONFIG_SERIAL_SCCNXP=m
 CONFIG_SERIAL_SC16IS7XX_CORE=m
 CONFIG_SERIAL_SC16IS7XX=m
@@ -4350,11 +4350,11 @@ CONFIG_SPI_DLN2=m
 CONFIG_SPI_NXP_FLEXSPI=m
 CONFIG_SPI_GPIO=m
 CONFIG_SPI_LM70_LLP=m
-CONFIG_SPI_LANTIQ_SSC=m
+# CONFIG_SPI_LANTIQ_SSC is not set
 CONFIG_SPI_OC_TINY=m
 CONFIG_SPI_PXA2XX=m
 CONFIG_SPI_PXA2XX_PCI=m
-CONFIG_SPI_ROCKCHIP=m
+# CONFIG_SPI_ROCKCHIP is not set
 CONFIG_SPI_SC18IS602=m
 CONFIG_SPI_SIFIVE=m
 CONFIG_SPI_MXIC=m
@@ -9314,7 +9314,8 @@ CONFIG_SECURITY_APPARMOR=y
 CONFIG_SECURITY_APPARMOR_HASH=y
 CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
 # CONFIG_SECURITY_APPARMOR_DEBUG is not set
-# CONFIG_SECURITY_LOADPIN is not set
+CONFIG_SECURITY_LOADPIN=y
+CONFIG_SECURITY_LOADPIN_ENFORCE=y
 CONFIG_SECURITY_YAMA=y
 CONFIG_SECURITY_SAFESETID=y
 CONFIG_SECURITY_LOCKDOWN_LSM=y
@@ -9329,7 +9330,7 @@ CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
 # CONFIG_DEFAULT_SECURITY_TOMOYO is not set
 # CONFIG_DEFAULT_SECURITY_APPARMOR is not set
 CONFIG_DEFAULT_SECURITY_DAC=y
-CONFIG_LSM="lockdown,yama"
+CONFIG_LSM="lockdown,yama,bpf"
 
 #
 # Kernel hardening options