From cf55b2e446482d5b3a534fc87357d44f7d2c28a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20H=C3=A4rdeman?= <david@hardeman.nu>
Date: Fri, 5 Dec 2014 16:43:31 +0100
Subject: [PATCH] Add package keyutils
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The kernel hardcodes the path to the key instantiation callback binary
as /sbin/request-key, meaning that providing keyutils as a separate
binary in an addon is impossible. It might be possible to use a
dangling symlink, but the three binaries built from this package
are all around 20 - 30KiB. Additionally, the request-key binary
is useful for more than one protocol.

keyutils is the "new" way of handling both DNS name resolution
(necessary for e.g. cifs dfs referrals) and security credentials, thus
replacing e.g. the rpc.idmap daemon.

Signed-off-by: David Härdeman <david@hardeman.nu>
---
 packages/sysutils/keyutils/package.mk         |  42 +++++++
 ...-the-shared-library-to-be-suppressed.patch | 104 ++++++++++++++++++
 2 files changed, 146 insertions(+)
 create mode 100644 packages/sysutils/keyutils/package.mk
 create mode 100644 packages/sysutils/keyutils/patches/keyutils-01-allow-building-of-the-shared-library-to-be-suppressed.patch

diff --git a/packages/sysutils/keyutils/package.mk b/packages/sysutils/keyutils/package.mk
new file mode 100644
index 0000000000..a9b013d0d8
--- /dev/null
+++ b/packages/sysutils/keyutils/package.mk
@@ -0,0 +1,42 @@
+################################################################################
+#      This file is part of OpenELEC - http://www.openelec.tv
+#      Copyright (C) 2009-2014 Stephan Raue (stephan@openelec.tv)
+#
+#  OpenELEC is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  OpenELEC is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with OpenELEC.  If not, see <http://www.gnu.org/licenses/>.
+################################################################################
+
+PKG_NAME="keyutils"
+PKG_VERSION="1.5.9"
+PKG_REV="1"
+PKG_ARCH="any"
+PKG_LICENSE="GPL"
+PKG_SITE="http://people.redhat.com/~dhowells/keyutils/"
+PKG_URL="http://people.redhat.com/~dhowells/keyutils/$PKG_NAME-$PKG_VERSION.tar.bz2"
+PKG_DEPENDS_TARGET="toolchain"
+PKG_PRIORITY="optional"
+PKG_SECTION="system"
+PKG_SHORTDESC="keyutils: Linux Key Management Utilities"
+PKG_LONGDESC="Keyutils is a set of utilities for managing the key retention facility in the kernel."
+
+PKG_IS_ADDON="no"
+PKG_AUTORECONF="no"
+PKG_MAKE_OPTS_TARGET="NO_ARLIB=0 NO_SOLIB=1 LIBDIR=/lib USRLIBDIR=/usr/lib"
+PKG_MAKEINSTALL_OPTS_TARGET="$PKG_MAKE_OPTS_TARGET"
+
+post_makeinstall_target() {
+	rm -rf $INSTALL/usr
+	rmdir $INSTALL/etc/request-key.d
+	ln -sf /storage/.config/request-key.d $INSTALL/etc/request-key.d
+}
+
diff --git a/packages/sysutils/keyutils/patches/keyutils-01-allow-building-of-the-shared-library-to-be-suppressed.patch b/packages/sysutils/keyutils/patches/keyutils-01-allow-building-of-the-shared-library-to-be-suppressed.patch
new file mode 100644
index 0000000000..88d32b0cf0
--- /dev/null
+++ b/packages/sysutils/keyutils/patches/keyutils-01-allow-building-of-the-shared-library-to-be-suppressed.patch
@@ -0,0 +1,104 @@
+keyutils: Allow building of the shared library to be suppressed
+
+Upstream patch:
+  https://kernel.googlesource.com/pub/scm/linux/kernel/git/dhowells/keyutils/+/a4deb71ddc05e951c8be8d46615beed9d408a5c8
+
+Signed-off-by: Vicente Olivert Riera <vincent.riera@imgtec.com>
+
+LIB: Allow building of the shared library to be suppressed
+
+Allow building of the shared library to be suppressed by passing NO_SOLIB=1 to
+the Makefile.
+
+Reported-and-tested-by: Vicente Olivert Riera <vincent.riera@imgtec.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+diff --git a/Makefile b/Makefile
+index c904eaf..5dd2113 100644
+--- a/Makefile
++++ b/Makefile
+@@ -5,6 +5,7 @@
+ SPECFILE	:= keyutils.spec
+ NO_GLIBC_KEYERR	:= 0
+ NO_ARLIB	:= 0
++NO_SOLIB	:= 0
+ ETCDIR		:= /etc
+ BINDIR		:= /bin
+ SBINDIR		:= /sbin
+@@ -95,7 +96,7 @@
+ # Normal build rule
+ #
+ ###############################################################################
+-all: $(DEVELLIB) keyctl request-key key.dns_resolver
++all: keyctl request-key key.dns_resolver
+ 
+ ###############################################################################
+ #
+@@ -104,20 +105,23 @@
+ ###############################################################################
+ #RPATH = -Wl,-rpath,$(LIBDIR)
+ 
+-ifeq ($(NO_ARLIB),0)
+-all: $(ARLIB)
+-$(ARLIB): keyutils.o
+-	$(AR) rcs $@ $<
+-endif
+-
+ VCPPFLAGS	:= -DPKGBUILD="\"$(shell date -u +%F)\""
+ VCPPFLAGS	+= -DPKGVERSION="\"keyutils-$(VERSION)\""
+ VCPPFLAGS	+= -DAPIVERSION="\"libkeyutils-$(APIVERSION)\""
+ 
++ifeq ($(NO_ARLIB),0)
++all: $(ARLIB)
++$(ARLIB): keyutils.o
++	$(AR) rcs $@ $<
++
+ keyutils.o: keyutils.c keyutils.h Makefile
+ 	$(CC) $(CPPFLAGS) $(VCPPFLAGS) $(CFLAGS) -UNO_GLIBC_KEYERR -o $@ -c $<
++LIB_DEPENDENCY	:= libkeyutils.a
++endif
+ 
+ 
++ifeq ($(NO_SOLIB),0)
++all: $(DEVELLIB)
+ $(DEVELLIB): $(SONAME)
+ 	ln -sf $< $@
+ 
+@@ -131,6 +135,8 @@
+ 
+ keyutils.os: keyutils.c keyutils.h Makefile
+ 	$(CC) $(CPPFLAGS) $(VCPPFLAGS) $(CFLAGS) -fPIC -o $@ -c $<
++LIB_DEPENDENCY	:= $(DEVELLIB)
++endif
+ 
+ ###############################################################################
+ #
+@@ -140,13 +146,13 @@
+ %.o: %.c keyutils.h Makefile
+ 	$(CC) $(CPPFLAGS) $(CFLAGS) -o $@ -c $<
+ 
+-keyctl: keyctl.o $(DEVELLIB)
++keyctl: keyctl.o $(LIB_DEPENDENCY)
+ 	$(CC) -L. $(CFLAGS) $(LDFLAGS) $(RPATH) -o $@ $< -lkeyutils
+ 
+-request-key: request-key.o $(DEVELLIB)
++request-key: request-key.o $(LIB_DEPENDENCY)
+ 	$(CC) -L. $(CFLAGS) $(LDFLAGS) $(RPATH) -o $@ $< -lkeyutils
+ 
+-key.dns_resolver: key.dns_resolver.o $(DEVELLIB)
++key.dns_resolver: key.dns_resolver.o $(LIB_DEPENDENCY)
+ 	$(CC) -L. $(CFLAGS) $(LDFLAGS) $(RPATH) -o $@ $< -lkeyutils -lresolv
+ 
+ ###############################################################################
+@@ -158,10 +164,12 @@
+ ifeq ($(NO_ARLIB),0)
+ 	$(INSTALL) -D -m 0644 $(ARLIB) $(DESTDIR)$(USRLIBDIR)/$(ARLIB)
+ endif
++ifeq ($(NO_SOLIB),0)
+ 	$(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME)
+ 	$(LNS) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME)
+ 	mkdir -p $(DESTDIR)$(USRLIBDIR)
+ 	$(LNS) $(LIBDIR)/$(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB)
++endif
+ 	$(INSTALL) -D keyctl $(DESTDIR)$(BINDIR)/keyctl
+ 	$(INSTALL) -D request-key $(DESTDIR)$(SBINDIR)/request-key
+ 	$(INSTALL) -D request-key-debug.sh $(DESTDIR)$(SHAREDIR)/request-key-debug.sh