summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Väth <martin@mvath.de>2011-08-26 02:09:45 +0200
committerMartin Väth <martin@mvath.de>2015-10-11 10:46:40 +0200
commit9f4cd8cc9540012e94436e32884208d39710015b (patch)
treec5570a2be9a711d8f2a14ca756b77d01616ccb80 /sys-fs/aufs
parentBump stylish (diff)
downloadmv-9f4cd8cc9540012e94436e32884208d39710015b.tar.gz
mv-9f4cd8cc9540012e94436e32884208d39710015b.tar.bz2
mv-9f4cd8cc9540012e94436e32884208d39710015b.zip
Bump aufs, aufs-util. Fix martian for grsecurity breakage
Diffstat (limited to 'sys-fs/aufs')
-rw-r--r--sys-fs/aufs/ChangeLog54
-rw-r--r--sys-fs/aufs/Manifest8
-rw-r--r--sys-fs/aufs/aufs-99999999.2.ebuild199
-rw-r--r--sys-fs/aufs/aufs-99999999.3.ebuild197
-rw-r--r--sys-fs/aufs/files/grsecurity-2.2.0.patch61
-rw-r--r--sys-fs/aufs/files/grsecurity-2.2.1.patch63
-rw-r--r--sys-fs/aufs/files/grsecurity-2.2.2.patch61
-rw-r--r--sys-fs/aufs/files/grsecurity-2.2.2.r1.patch11
-rw-r--r--sys-fs/aufs/metadata.xml13
9 files changed, 667 insertions, 0 deletions
diff --git a/sys-fs/aufs/ChangeLog b/sys-fs/aufs/ChangeLog
new file mode 100644
index 00000000..e121423e
--- /dev/null
+++ b/sys-fs/aufs/ChangeLog
@@ -0,0 +1,54 @@
+# ChangeLog for sys-fs/aufs
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
+# $Header $
+
+ 26 Aug 2011; Martin Väth <martin@mvath.de>
+ Rename aufs2-99999999->aufs-99999999.2, default to aufs2.2,
+ and treat GRSECURITYPATCHVER better.
+ Add aufs-99999999.3 for linux3.0 and aufs3.0
+
+ 09 Aug 2011; Martin Väth <martin@mvath.de>
+ Update patches for grsecurity.
+ Skip patches not named aufs* (unless USE=all-patches is set).
+ Only install the most current grsecurity patch by default.
+
+ 20 Jun 2011; Martin Väth <martin@mvath.de>
+ Update patches for grsecurity.
+
+ 21 Jan 2011; Martin Väth <martin@mvath.de>
+ Make git checkout more stable.
+ Apply patches conditionally and more stable (retry after failure).
+ Provide patches for grsecurity (hardened-sources).
+
+ 03 Jan 2011; Martin Väth <martin@mvath.de>
+ Bump to EAPI=4.
+
+ 21 Nov 2010; Martin Väth <martin@mvath.de>
+ Default to aufs2.1. Do not install broken Kbuild files.
+ Call epatch only once with collected list of patches.
+
+ 23 Aug 2010; Martin Väth <martin@mvath.de>
+ Fix treatment of EGIT_PRUNE. Bump EAPI.
+
+ 17 Mar 2010; Martin Väth <martin@mvath.de>
+ Update git dependency according to package move.
+
+ 04 Mar 2010; Martin Väth <martin@mvath.de>
+ Support ESCM_OFFLINE/EGIT_OFFLINE in the same sense as git.eclass.
+ Output corresponding message only if *_OFFLINE is nonempty.
+
+ 16 Jan 2010; Martin Väth <martin@mvath.de>
+ Remove patch again since git.eclass is now fixed:
+ http://bugs.gentoo.org/show_bug.cgi?id=299204
+
+ 29 Dec 2009; Martin Väth <martin@mvath.de>
+ Patch for broken git.eclass 1.33 2009/12/29
+
+ 17 Dec 2009; Martin Väth <martin@mvath.de>
+ Adapt for new git.eclass 1.32 2009/12/16
+
+ 14 Oct 2009; Martin Väth <martin@mvath.de>
+ Patch automatically instead of informing the user
+
+ 04 Apr 2009; Martin Väth <martin@mvath.de>
+ aufs2-99999999.ebuild: Initial ebuild.
diff --git a/sys-fs/aufs/Manifest b/sys-fs/aufs/Manifest
new file mode 100644
index 00000000..24d825b0
--- /dev/null
+++ b/sys-fs/aufs/Manifest
@@ -0,0 +1,8 @@
+AUX grsecurity-2.2.0.patch 2848 RMD160 61142a27036467d48a66d4b590171c5fb72192c3 SHA1 0e3c495007b9c054990aaa4c1f1811f35cce93b3 SHA256 af56dc71ffb54a765eacdcd471b0a875be675234dbd2cdaf92ecd8eda56edc54
+AUX grsecurity-2.2.1.patch 2925 RMD160 52e4ab7239584b1e9d2fd46d0e6c577c3d1033ef SHA1 bf2da73972f4b30bf5a256495470481f60c25fc2 SHA256 57aa9ec3bb8e7907f0fc3c060d7c4cee938a8f55770927138ba891a04877a321
+AUX grsecurity-2.2.2.patch 2900 RMD160 e1db89f795c55c8a672e05381df8ce4ca0e3c331 SHA1 61facafac814f5b4f64a7a4011ec56207a8340ca SHA256 d4d7b8e1db85f57f77218d705a1f2e9de77da1e3c5b991da2704a1a405a40cf8
+AUX grsecurity-2.2.2.r1.patch 316 RMD160 d580bf8eb45c1d00885094d19a69236f515422fd SHA1 95c8837f1482088d1e63d2dedea652e815f1f5b9 SHA256 c1d0d05b999d709702dbc20afffb818881f7dd8c6a4f6b7e286ff88cd742728e
+EBUILD aufs-99999999.2.ebuild 5253 RMD160 c663287733a274e12a9568715ef00b46c57844f7 SHA1 b2aaa9d747ac50df609713c11ea27b2573dd616f SHA256 fa9f6ea422b31fddcd4b336e43ebf0370802304489f453eb9b954a91eefc68c3
+EBUILD aufs-99999999.3.ebuild 5141 RMD160 beb1d3e47d427fad441fad9379fcc6425d886e18 SHA1 31daf8a3535495767e33e2c8b5a7142d305cc764 SHA256 89056108040bcd3587d5a81c0da48d8ceadab417b0b637a0363a47c8e38f4143
+MISC ChangeLog 2152 RMD160 61a1698818600f19688e4ba05f935d1381a3ca29 SHA1 1389678790fd0a928219fa67cc6b222fd3acfd41 SHA256 7d7b54520f11418da598455ad118d2d1519bd84c9e800858e5c3789a63816aa8
+MISC metadata.xml 464 RMD160 c246d8bfe5ee95703e61a5d5a764205aba8178ab SHA1 55b3b6c2ae1f41fe2f20493a3db6bb634b431336 SHA256 4e8e84f03c714b651854a39ffb5b6b487bed1d5dab7d32837e955675a40063a9
diff --git a/sys-fs/aufs/aufs-99999999.2.ebuild b/sys-fs/aufs/aufs-99999999.2.ebuild
new file mode 100644
index 00000000..f31f53ef
--- /dev/null
+++ b/sys-fs/aufs/aufs-99999999.2.ebuild
@@ -0,0 +1,199 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header $
+
+EAPI="4"
+EGIT_REPO_URI="http://git.c3sl.ufpr.br/pub/scm/aufs/aufs2-standalone.git"
+EGIT_PROJECT="aufs2"
+# BRANCH/COMMIT will be overridden in pkg_setup (according to kernel version)
+EGIT_BRANCH="aufs2.2"
+EGIT_COMMIT="${EGIT_BRANCH}"
+[ -n "${EGIT_OFFLINE:-${ESCM_OFFLINE}}" ] || EGIT_PRUNE=true
+EGIT_HAS_SUBMODULES=true
+inherit git linux-info eutils
+
+DESCRIPTION="An entirely re-designed and re-implemented Unionfs"
+HOMEPAGE="http://aufs.sourceforge.net/"
+
+LICENSE="GPL-2"
+SLOT="0"
+# Since this is a live ebuild with unstable versions in portage we require
+# that the user unmasks this ebuild with ACCEPT_KEYWORDS='**'
+#KEYWORDS="~amd64 ~x86"
+KEYWORDS=""
+IUSE="kernel-patch all-patches"
+PROPERTIES="live"
+
+RDEPEND=""
+DEPEND="dev-vcs/git[curl]"
+
+declare -a my_patchlist
+
+fill_my_patchlist() {
+ local i
+ my_patchlist=()
+ for i
+ do case "${i}" in
+ *.patch|*.diff) test -f "${i}" && my_patchlist+=("${i}")
+ ;;
+ esac
+ done
+ :
+}
+
+apply_my_patch() {
+ local r
+ r=''
+ if [ ${#} -gt 1 ]
+ then shift
+ r='-R'
+ fi
+ patch ${r} -p1 --dry-run --force <"${1}" >/dev/null || return
+ einfo "Applying kernel patch ${1}${r:+ reversely}"
+ patch ${r} -p1 --force --no-backup-if-mismatch <"${1}" >/dev/null || {
+ eerror "applying kernel patch ${1}${r:+ reversely} failed."
+ eerror "Since dry run succeeded this is probably a problem with write permissions."
+ die "With USE=-kernel-patch you avoid automatic patching attempts."
+ }
+}
+
+apply_my_patchlist() {
+ local r i
+ r=''
+ if [ "${#}" -gt 0 ]
+ then shift
+ r='-R'
+ fi
+ set --
+ for i in "${my_patchlist[@]}"
+ do if use all-patches || case "${i}" in
+ aufs*) :;;
+ *) false;;
+ esac
+ then apply_my_patch ${r} "${i}" || set -- "${@}" "${i}"
+ else einfo "Kernel patch ${i} - skipping as all-patches is not set"
+ fi
+ done
+ for i
+ do apply_my_patch ${r} "${i}" || \
+ ewarn "Kernel patch ${i} cannot be${r:+ reverse} applied - skipping."
+ done
+}
+
+pkg_setup() {
+ local msg
+ linux-info_pkg_setup
+
+ # kernel version check
+ if kernel_is lt 2 6 26
+ then
+ eerror "${PN} is being developed and tested on linux-2.6.26 and later."
+ eerror "Make sure you have a proper kernel version!"
+ die "Wrong kernel version"
+ fi
+
+ if [ -n "${AUFSBRANCH}" ]
+ then EGIT_BRANCH="${AUFSBRANCH}"
+ else if kernel_is lt 3 0
+ then [ -n "${KV_PATCH}" ] && EGIT_BRANCH="aufs2.2-${KV_PATCH}"
+ else [ -n "${KV_MINOR}" ] && EGIT_BRANCH="aufs2.2-${KV_MAJOR}.${KV_MINOR}"
+ fi
+ fi
+ elog
+ elog "Using aufs branch: ${EGIT_BRANCH}"
+ elog "If this guess for the branch is wrong, set AUFSBRANCH."
+ elog "For example, to use the aufs2.2 branch for kernel version 3.0, use:"
+ elog " AUFSBRANCH=aufs2.2-3.0 emerge -1 aufs"
+ elog "To use the aufs2.1 branch for kernel version 2.6.39 use:"
+ elog " AUFSBRANCH=aufs2.1-39 emerge -1 aufs"
+ msg=''
+ [ -n "${ESCM_OFFLINE}" ] && msg="${msg} ESCM_OFFLINE=''"
+ [ -n "${EGIT_OFFLINE}" ] && msg="${msg} EGIT_OFFLINE=''"
+ if [ -n "${msg}" ]
+ then
+ elog "Note that it might be necessary in addition to fetch the newest aufs:"
+ elog "Set ${msg# } and be sure to be online during emerge."
+ fi
+ elog
+ EGIT_COMMIT="${EGIT_BRANCH}"
+
+ use kernel-patch || return 0
+ (
+ set --
+ cd -- "${KV_DIR}" >/dev/null 2>&1 && \
+ fill_my_patchlist *.patch *.diff && apply_my_patchlist -R
+ )
+}
+
+src_prepare() {
+ local i j w v newest all
+ all="2.2.0 2.2.1 2.2.2 2.2.2.r1"
+ newest="${all##* }"
+ v=''
+ for i in ${GRSECURITYPATCHVER-+}
+ do case "${i}" in
+ '+') j="${newest}";;
+ '*') j="${all}";;
+ *) w=:
+ for j in ${all}
+ do [ "${i}" = "${j}" ] && w=false && continue
+ done
+ if ${w}
+ then warn "GRSECURITYPATCHVER contains bad version ${i}"
+ else j="${i}"
+ fi
+ ;;
+ esac
+ v="${v} ${j}"
+ done
+ v="${v# }"
+ elog
+ elog "Using GRSECURITYPATCHVER: ${v}"
+ elog "If you want other patches, set GRSECURITYPATCHVER to some or more of:"
+ elog "${all} +"
+ elog "The special value + means the newest version (${newest}) and is default."
+ elog "The special value * means all versions."
+ elog
+ for i in ${v}
+ do j="grsecurity-${i}.patch"
+ cp -p -- "${FILESDIR}/${j}" "aufs-${j}" || die "copying ${j} failed"
+ done
+}
+
+src_configure() {
+ :
+}
+
+src_compile() {
+ :
+}
+
+src_install() {
+ local i k dk
+ i="Documentation/filesystems/aufs/aufs.5"
+ test -e "${i}" && doman "${i}"
+ k="$(readlink -f -- "${KV_DIR}")" && [ -n "${k}" ] || k="${KV_DIR}"
+ dk="${D}/${k}"
+ dodir "${k}/fs/aufs"
+ cp -pPR -- fs/aufs/* "${dk}/fs/aufs"
+ cp -pPR -- include "${dk}"
+ find "${dk}"/include -name Kbuild -type f -exec rm -v -- '{}' ';'
+ fill_my_patchlist *.patch *.diff
+ cp -pPR -- "${my_patchlist[@]}" "${dk}"
+}
+
+pkg_postinst() {
+ [ "${#my_patchlist[@]}" -eq 0 ] && {
+ cd -- "${KV_DIR}" >/dev/null 2>&1 && fill_my_patchlist *.patch *.diff
+ }
+ if use kernel-patch
+ then cd -- "${KV_DIR}" >/dev/null 2>&1 || die "cannot cd to ${KV_DIR}"
+ apply_my_patchlist
+ elog "Your kernel has been patched. Cleanup and recompile it, selecting"
+ else elog "You will have to apply the following patch to your kernel:"
+ elog " cd ${KV_DIR} && cat ${my_patchlist[*]} | patch -p1 --no-backup-if-mismatch"
+ elog "Then cleanup and recompile your kernel, selecting"
+ fi
+ elog " Filesystems/Miscellaneous Filesystems/aufs"
+ elog "in the configuration phase."
+}
diff --git a/sys-fs/aufs/aufs-99999999.3.ebuild b/sys-fs/aufs/aufs-99999999.3.ebuild
new file mode 100644
index 00000000..4d6b8122
--- /dev/null
+++ b/sys-fs/aufs/aufs-99999999.3.ebuild
@@ -0,0 +1,197 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header $
+
+EAPI="4"
+EGIT_REPO_URI="git://aufs.git.sourceforge.net/gitroot/aufs/aufs3-standalone.git"
+EGIT_PROJECT="aufs3"
+# BRANCH/COMMIT will be overridden in pkg_setup (according to kernel version)
+EGIT_BRANCH="aufs3.0"
+EGIT_COMMIT="${EGIT_BRANCH}"
+[ -n "${EGIT_OFFLINE:-${ESCM_OFFLINE}}" ] || EGIT_PRUNE=true
+EGIT_HAS_SUBMODULES=true
+inherit git linux-info eutils
+
+DESCRIPTION="An entirely re-designed and re-implemented Unionfs"
+HOMEPAGE="http://aufs.sourceforge.net/"
+
+LICENSE="GPL-2"
+SLOT="0"
+# Since this is a live ebuild with unstable versions in portage we require
+# that the user unmasks this ebuild with ACCEPT_KEYWORDS='**'
+#KEYWORDS="~amd64 ~x86"
+KEYWORDS=""
+IUSE="kernel-patch all-patches"
+PROPERTIES="live"
+
+RDEPEND=""
+DEPEND="dev-vcs/git[curl]"
+
+declare -a my_patchlist
+
+fill_my_patchlist() {
+ local i
+ my_patchlist=()
+ for i
+ do case "${i}" in
+ *.patch|*.diff) test -f "${i}" && my_patchlist+=("${i}")
+ ;;
+ esac
+ done
+ :
+}
+
+apply_my_patch() {
+ local r
+ r=''
+ if [ ${#} -gt 1 ]
+ then shift
+ r='-R'
+ fi
+ patch ${r} -p1 --dry-run --force <"${1}" >/dev/null || return
+ einfo "Applying kernel patch ${1}${r:+ reversely}"
+ patch ${r} -p1 --force --no-backup-if-mismatch <"${1}" >/dev/null || {
+ eerror "applying kernel patch ${1}${r:+ reversely} failed."
+ eerror "Since dry run succeeded this is probably a problem with write permissions."
+ die "With USE=-kernel-patch you avoid automatic patching attempts."
+ }
+}
+
+apply_my_patchlist() {
+ local r i
+ r=''
+ if [ "${#}" -gt 0 ]
+ then shift
+ r='-R'
+ fi
+ set --
+ for i in "${my_patchlist[@]}"
+ do if use all-patches || case "${i}" in
+ aufs*) :;;
+ *) false;;
+ esac
+ then apply_my_patch ${r} "${i}" || set -- "${@}" "${i}"
+ else einfo "Kernel patch ${i} - skipping as all-patches is not set"
+ fi
+ done
+ for i
+ do apply_my_patch ${r} "${i}" || \
+ ewarn "Kernel patch ${i} cannot be${r:+ reverse} applied - skipping."
+ done
+}
+
+pkg_setup() {
+ local msg
+ linux-info_pkg_setup
+
+ # kernel version check
+ if kernel_is lt 2 6 26
+ then
+ eerror "${PN} is being developed and tested on linux-2.6.26 and later."
+ eerror "Make sure you have a proper kernel version!"
+ die "Wrong kernel version"
+ fi
+
+ if [ -n "${AUFSBRANCH}" ]
+ then EGIT_BRANCH="${AUFSBRANCH}"
+ else if kernel_is lt 3 0
+ then [ -n "${KV_PATCH}" ] && EGIT_BRANCH="aufs2.2-${KV_PATCH}"
+ else [ -n "${KV_MINOR}" ] && EGIT_BRANCH="aufs${KV_MAJOR}.${KV_MINOR}"
+ fi
+ fi
+ elog
+ elog "Using aufs branch: ${EGIT_BRANCH}"
+ elog "If this guess for the branch is wrong, set AUFSBRANCH."
+ elog "For example, to use the aufs3.0 branch for kernel version 3.0, use:"
+ elog " AUFSBRANCH=aufs3.0 emerge -1 aufs"
+ msg=''
+ [ -n "${ESCM_OFFLINE}" ] && msg="${msg} ESCM_OFFLINE=''"
+ [ -n "${EGIT_OFFLINE}" ] && msg="${msg} EGIT_OFFLINE=''"
+ if [ -n "${msg}" ]
+ then
+ elog "Note that it might be necessary in addition to fetch the newest aufs:"
+ elog "Set ${msg# } and be sure to be online during emerge."
+ fi
+ elog
+ EGIT_COMMIT="${EGIT_BRANCH}"
+
+ use kernel-patch || return 0
+ (
+ set --
+ cd -- "${KV_DIR}" >/dev/null 2>&1 && \
+ fill_my_patchlist *.patch *.diff && apply_my_patchlist -R
+ )
+}
+
+src_prepare() {
+ local i j w v newest all
+ all="2.2.0 2.2.1 2.2.2 2.2.2.r1"
+ newest="${all##* }"
+ v=''
+ for i in ${GRSECURITYPATCHVER-+}
+ do case "${i}" in
+ '+') j="${newest}";;
+ '*') j="${all}";;
+ *) w=:
+ for j in ${all}
+ do [ "${i}" = "${j}" ] && w=false && continue
+ done
+ if ${w}
+ then warn "GRSECURITYPATCHVER contains bad version ${i}"
+ else j="${i}"
+ fi
+ ;;
+ esac
+ v="${v} ${j}"
+ done
+ v="${v# }"
+ elog
+ elog "Using GRSECURITYPATCHVER: ${v}"
+ elog "If you want other patches, set GRSECURITYPATCHVER to some or more of:"
+ elog "${all} +"
+ elog "The special value + means the newest version (${newest}) and is default."
+ elog "The special value * means all versions."
+ elog
+ for i in ${v}
+ do j="grsecurity-${i}.patch"
+ cp -p -- "${FILESDIR}/${j}" "aufs-${j}" || die "copying ${j} failed"
+ done
+}
+
+src_configure() {
+ :
+}
+
+src_compile() {
+ :
+}
+
+src_install() {
+ local i k dk
+ i="Documentation/filesystems/aufs/aufs.5"
+ test -e "${i}" && doman "${i}"
+ k="$(readlink -f -- "${KV_DIR}")" && [ -n "${k}" ] || k="${KV_DIR}"
+ dk="${D}/${k}"
+ dodir "${k}/fs/aufs"
+ cp -pPR -- fs/aufs/* "${dk}/fs/aufs"
+ cp -pPR -- include "${dk}"
+ find "${dk}"/include -name Kbuild -type f -exec rm -v -- '{}' ';'
+ fill_my_patchlist *.patch *.diff
+ cp -pPR -- "${my_patchlist[@]}" "${dk}"
+}
+
+pkg_postinst() {
+ [ "${#my_patchlist[@]}" -eq 0 ] && {
+ cd -- "${KV_DIR}" >/dev/null 2>&1 && fill_my_patchlist *.patch *.diff
+ }
+ if use kernel-patch
+ then cd -- "${KV_DIR}" >/dev/null 2>&1 || die "cannot cd to ${KV_DIR}"
+ apply_my_patchlist
+ elog "Your kernel has been patched. Cleanup and recompile it, selecting"
+ else elog "You will have to apply the following patch to your kernel:"
+ elog " cd ${KV_DIR} && cat ${my_patchlist[*]} | patch -p1 --no-backup-if-mismatch"
+ elog "Then cleanup and recompile your kernel, selecting"
+ fi
+ elog " Filesystems/Miscellaneous Filesystems/aufs"
+ elog "in the configuration phase."
+}
diff --git a/sys-fs/aufs/files/grsecurity-2.2.0.patch b/sys-fs/aufs/files/grsecurity-2.2.0.patch
new file mode 100644
index 00000000..5c805ba7
--- /dev/null
+++ b/sys-fs/aufs/files/grsecurity-2.2.0.patch
@@ -0,0 +1,61 @@
+--- linux/include/linux/fs.h
++++ linux/include/linux/fs.h
+@@ -575,41 +575,41 @@
+ unsigned long, unsigned long);
+
+ struct address_space_operations {
+- int (* const writepage)(struct page *page, struct writeback_control *wbc);
+- int (* const readpage)(struct file *, struct page *);
+- void (* const sync_page)(struct page *);
++ int (*writepage)(struct page *page, struct writeback_control *wbc);
++ int (*readpage)(struct file *, struct page *);
++ void (*sync_page)(struct page *);
+
+ /* Write back some dirty pages from this mapping. */
+- int (* const writepages)(struct address_space *, struct writeback_control *);
++ int (*writepages)(struct address_space *, struct writeback_control *);
+
+ /* Set a page dirty. Return true if this dirtied it */
+- int (* const set_page_dirty)(struct page *page);
++ int (*set_page_dirty)(struct page *page);
+
+- int (* const readpages)(struct file *filp, struct address_space *mapping,
++ int (*readpages)(struct file *filp, struct address_space *mapping,
+ struct list_head *pages, unsigned nr_pages);
+
+- int (* const write_begin)(struct file *, struct address_space *mapping,
++ int (*write_begin)(struct file *, struct address_space *mapping,
+ loff_t pos, unsigned len, unsigned flags,
+ struct page **pagep, void **fsdata);
+- int (* const write_end)(struct file *, struct address_space *mapping,
++ int (*write_end)(struct file *, struct address_space *mapping,
+ loff_t pos, unsigned len, unsigned copied,
+ struct page *page, void *fsdata);
+
+ /* Unfortunately this kludge is needed for FIBMAP. Don't use it */
+- sector_t (* const bmap)(struct address_space *, sector_t);
+- void (* const invalidatepage) (struct page *, unsigned long);
+- int (* const releasepage) (struct page *, gfp_t);
+- ssize_t (* const direct_IO)(int, struct kiocb *, const struct iovec *iov,
++ sector_t (*bmap)(struct address_space *, sector_t);
++ void (*invalidatepage) (struct page *, unsigned long);
++ int (*releasepage) (struct page *, gfp_t);
++ ssize_t (*direct_IO)(int, struct kiocb *, const struct iovec *iov,
+ loff_t offset, unsigned long nr_segs);
+- int (* const get_xip_mem)(struct address_space *, pgoff_t, int,
++ int (*get_xip_mem)(struct address_space *, pgoff_t, int,
+ void **, unsigned long *);
+ /* migrate the contents of a page to the specified target */
+- int (* const migratepage) (struct address_space *,
++ int (*migratepage) (struct address_space *,
+ struct page *, struct page *);
+- int (* const launder_page) (struct page *);
+- int (* const is_partially_uptodate) (struct page *, read_descriptor_t *,
++ int (*launder_page) (struct page *);
++ int (*is_partially_uptodate) (struct page *, read_descriptor_t *,
+ unsigned long);
+- int (* const error_remove_page)(struct address_space *, struct page *);
++ int (*error_remove_page)(struct address_space *, struct page *);
+ };
+
+ /*
diff --git a/sys-fs/aufs/files/grsecurity-2.2.1.patch b/sys-fs/aufs/files/grsecurity-2.2.1.patch
new file mode 100644
index 00000000..8396dfd1
--- /dev/null
+++ b/sys-fs/aufs/files/grsecurity-2.2.1.patch
@@ -0,0 +1,63 @@
+--- linux/include/linux/fs.h
++++ linux/include/linux/fs.h
+@@ -583,42 +583,42 @@
+ unsigned long, unsigned long);
+
+ struct address_space_operations {
+- int (* const writepage)(struct page *page, struct writeback_control *wbc);
+- int (* const readpage)(struct file *, struct page *);
+- void (* const sync_page)(struct page *);
++ int (*writepage)(struct page *page, struct writeback_control *wbc);
++ int (*readpage)(struct file *, struct page *);
++ void (*sync_page)(struct page *);
+
+ /* Write back some dirty pages from this mapping. */
+- int (* const writepages)(struct address_space *, struct writeback_control *);
++ int (*writepages)(struct address_space *, struct writeback_control *);
+
+ /* Set a page dirty. Return true if this dirtied it */
+- int (* const set_page_dirty)(struct page *page);
++ int (*set_page_dirty)(struct page *page);
+
+- int (* const readpages)(struct file *filp, struct address_space *mapping,
++ int (*readpages)(struct file *filp, struct address_space *mapping,
+ struct list_head *pages, unsigned nr_pages);
+
+- int (* const write_begin)(struct file *, struct address_space *mapping,
++ int (*write_begin)(struct file *, struct address_space *mapping,
+ loff_t pos, unsigned len, unsigned flags,
+ struct page **pagep, void **fsdata);
+- int (* const write_end)(struct file *, struct address_space *mapping,
++ int (*write_end)(struct file *, struct address_space *mapping,
+ loff_t pos, unsigned len, unsigned copied,
+ struct page *page, void *fsdata);
+
+ /* Unfortunately this kludge is needed for FIBMAP. Don't use it */
+- sector_t (* const bmap)(struct address_space *, sector_t);
+- void (* const invalidatepage) (struct page *, unsigned long);
+- int (* const releasepage) (struct page *, gfp_t);
+- void (* const freepage)(struct page *);
+- ssize_t (* const direct_IO)(int, struct kiocb *, const struct iovec *iov,
++ sector_t (*bmap)(struct address_space *, sector_t);
++ void (*invalidatepage) (struct page *, unsigned long);
++ int (*releasepage) (struct page *, gfp_t);
++ void (*freepage)(struct page *);
++ ssize_t (*direct_IO)(int, struct kiocb *, const struct iovec *iov,
+ loff_t offset, unsigned long nr_segs);
+- int (* const get_xip_mem)(struct address_space *, pgoff_t, int,
++ int (*get_xip_mem)(struct address_space *, pgoff_t, int,
+ void **, unsigned long *);
+ /* migrate the contents of a page to the specified target */
+- int (* const migratepage) (struct address_space *,
++ int (*migratepage) (struct address_space *,
+ struct page *, struct page *);
+- int (* const launder_page) (struct page *);
+- int (* const is_partially_uptodate) (struct page *, read_descriptor_t *,
++ int (*launder_page) (struct page *);
++ int (*is_partially_uptodate) (struct page *, read_descriptor_t *,
+ unsigned long);
+- int (* const error_remove_page)(struct address_space *, struct page *);
++ int (*error_remove_page)(struct address_space *, struct page *);
+ };
+
+ /*
diff --git a/sys-fs/aufs/files/grsecurity-2.2.2.patch b/sys-fs/aufs/files/grsecurity-2.2.2.patch
new file mode 100644
index 00000000..9a38594d
--- /dev/null
+++ b/sys-fs/aufs/files/grsecurity-2.2.2.patch
@@ -0,0 +1,61 @@
+--- linux/include/linux/fs.h
++++ linux/include/linux/fs.h
+@@ -580,41 +580,41 @@
+ unsigned long, unsigned long);
+
+ struct address_space_operations {
+- int (* const writepage)(struct page *page, struct writeback_control *wbc);
+- int (* const readpage)(struct file *, struct page *);
++ int (*writepage)(struct page *page, struct writeback_control *wbc);
++ int (*readpage)(struct file *, struct page *);
+
+ /* Write back some dirty pages from this mapping. */
+- int (* const writepages)(struct address_space *, struct writeback_control *);
++ int (*writepages)(struct address_space *, struct writeback_control *);
+
+ /* Set a page dirty. Return true if this dirtied it */
+- int (* const set_page_dirty)(struct page *page);
++ int (*set_page_dirty)(struct page *page);
+
+- int (* const readpages)(struct file *filp, struct address_space *mapping,
++ int (*readpages)(struct file *filp, struct address_space *mapping,
+ struct list_head *pages, unsigned nr_pages);
+
+- int (* const write_begin)(struct file *, struct address_space *mapping,
++ int (*write_begin)(struct file *, struct address_space *mapping,
+ loff_t pos, unsigned len, unsigned flags,
+ struct page **pagep, void **fsdata);
+- int (* const write_end)(struct file *, struct address_space *mapping,
++ int (*write_end)(struct file *, struct address_space *mapping,
+ loff_t pos, unsigned len, unsigned copied,
+ struct page *page, void *fsdata);
+
+ /* Unfortunately this kludge is needed for FIBMAP. Don't use it */
+- sector_t (* const bmap)(struct address_space *, sector_t);
+- void (* const invalidatepage) (struct page *, unsigned long);
+- int (* const releasepage) (struct page *, gfp_t);
+- void (* const freepage)(struct page *);
+- ssize_t (* const direct_IO)(int, struct kiocb *, const struct iovec *iov,
++ sector_t (*bmap)(struct address_space *, sector_t);
++ void (*invalidatepage) (struct page *, unsigned long);
++ int (*releasepage) (struct page *, gfp_t);
++ void (*freepage)(struct page *);
++ ssize_t (*direct_IO)(int, struct kiocb *, const struct iovec *iov,
+ loff_t offset, unsigned long nr_segs);
+- int (* const get_xip_mem)(struct address_space *, pgoff_t, int,
++ int (*get_xip_mem)(struct address_space *, pgoff_t, int,
+ void **, unsigned long *);
+ /* migrate the contents of a page to the specified target */
+- int (* const migratepage) (struct address_space *,
++ int (*migratepage) (struct address_space *,
+ struct page *, struct page *);
+- int (* const launder_page) (struct page *);
+- int (* const is_partially_uptodate) (struct page *, read_descriptor_t *,
++ int (*launder_page) (struct page *);
++ int (*is_partially_uptodate) (struct page *, read_descriptor_t *,
+ unsigned long);
+- int (* const error_remove_page)(struct address_space *, struct page *);
++ int (*error_remove_page)(struct address_space *, struct page *);
+ };
+
+ extern const struct address_space_operations empty_aops;
diff --git a/sys-fs/aufs/files/grsecurity-2.2.2.r1.patch b/sys-fs/aufs/files/grsecurity-2.2.2.r1.patch
new file mode 100644
index 00000000..25e9a1ed
--- /dev/null
+++ b/sys-fs/aufs/files/grsecurity-2.2.2.r1.patch
@@ -0,0 +1,11 @@
+--- linux/include/linux/fs.h
++++ linux/include/linux/fs.h
+@@ -615,7 +615,7 @@
+ int (*is_partially_uptodate) (struct page *, read_descriptor_t *,
+ unsigned long);
+ int (*error_remove_page)(struct address_space *, struct page *);
+-};
++} __no_const;
+
+ extern const struct address_space_operations empty_aops;
+
diff --git a/sys-fs/aufs/metadata.xml b/sys-fs/aufs/metadata.xml
new file mode 100644
index 00000000..ff0d3bf7
--- /dev/null
+++ b/sys-fs/aufs/metadata.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>no-herd</herd>
+<maintainer>
+ <email>martin@mvath.de</email>
+ <name>Martin Väth</name>
+</maintainer>
+<use>
+ <flag name="kernel-patch">Apply the aufs2 kernel patches instead of just copying them</flag>
+ <flag name="all-patches">Apply all patches - also those which do not start with aufs</flag>
+</use>
+</pkgmetadata>