upg php7

add linux6.1

linux6.0/PKGBUILD-arch

@@ -1,19 +1,12 @@
-#
-# Maintainer: Mikael Eriksson <mikael_eriksson@miffe.org>
-#
-# Based on the linux package by:
 # Maintainer: Jan Alexander Steffens (heftig) <heftig@archlinux.org>
-# Maintainer: Tobias Powalowski <tpowa@archlinux.org>
-# Maintainer: Thomas Baechler <thomas@archlinux.org>
 
-pkgbase=linux-mainline               # Build stock -ARCH kernel
-#pkgbase=linux-custom       # Build kernel with a different name
-_tag=v6.0
-pkgver=6.0
+pkgbase=linux
+pkgver=6.0.11.arch1
 pkgrel=1
-pkgdesc="Linux Mainline"
+pkgdesc='Linux'
+_srctag=v${pkgver%.*}-${pkgver##*.}
+url="https://github.com/archlinux/linux/commits/$_srctag"
 arch=(x86_64)
-url="https://kernel.org/"
 license=(GPL2)
 makedepends=(
   bc libelf pahole cpio perl tar xz
@@ -21,18 +14,19 @@ makedepends=(
   git
 )
 options=('!strip')
-_srcname=linux-mainline
+_srcname=archlinux-linux
 source=(
-  "$_srcname::git+https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git#tag=$_tag"
+  "$_srcname::git+https://github.com/archlinux/linux?signed#tag=$_srctag"
   config         # the main kernel config file
 )
 validpgpkeys=(
   'ABAF11C65A2970B130ABE3C479BE3E4300411886'  # Linus Torvalds
   '647F28654894E3BD457199BE38DBBDC86092693E'  # Greg Kroah-Hartman
   'A2FF3A36AAA56654109064AB19802F8B0D70FC30'  # Jan Alexander Steffens (heftig)
+  'C7E7849466FE2358343588377258734B41C31549'  # David Runge <dvzrv@archlinux.org>
 )
 sha256sums=('SKIP'
-            'e14a79f9d4f80190d8705e1f2477be51d6ddfa4e07267d941363f031954f2b7b')
+            'f66b82f4a99c99dedb128a027c7e23a70c2853984c44ecbd79d16bd76f1f5bac')
 
 export KBUILD_BUILD_HOST=archlinux
 export KBUILD_BUILD_USER=$pkgbase
@@ -74,8 +68,8 @@ _package() {
   depends=(coreutils kmod initramfs)
   optdepends=('wireless-regdb: to set the correct wireless channels of your country'
               'linux-firmware: firmware images needed for some devices')
-  provides=(VIRTUALBOX-GUEST-MODULES WIREGUARD-MODULE)
-  replaces=(virtualbox-guest-modules-mainline wireguard-mainline)
+  provides=(VIRTUALBOX-GUEST-MODULES WIREGUARD-MODULE KSMBD-MODULE)
+  replaces=(virtualbox-guest-modules-arch wireguard-arch)
 
   cd $_srcname
   local kernver="$(<version)"
@@ -159,7 +153,7 @@ _package-headers() {
   echo "Stripping build tools..."
   local file
   while read -rd '' file; do
-    case "$(file -bi "$file")" in
+    case "$(file -Sib "$file")" in
       application/x-sharedlib\;*)      # Libraries (.so)
         strip -v $STRIP_SHARED "$file" ;;
       application/x-archive\;*)        # Libraries (.a)

linux6.1/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch

@@ -0,0 +1,151 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
+Date: Mon, 16 Sep 2019 04:53:20 +0200
+Subject: [PATCH] ZEN: Add sysctl and CONFIG to disallow unprivileged
+ CLONE_NEWUSER
+
+Our default behavior continues to match the vanilla kernel.
+---
+ include/linux/user_namespace.h |  4 ++++
+ init/Kconfig                   | 16 ++++++++++++++++
+ kernel/fork.c                  | 14 ++++++++++++++
+ kernel/sysctl.c                | 12 ++++++++++++
+ kernel/user_namespace.c        |  7 +++++++
+ 5 files changed, 53 insertions(+)
+
+diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
+index 33a4240e6a6f..82213f9c4c17 100644
+--- a/include/linux/user_namespace.h
++++ b/include/linux/user_namespace.h
+@@ -139,6 +139,8 @@ static inline void set_rlimit_ucount_max(struct user_namespace *ns,
+ 
+ #ifdef CONFIG_USER_NS
+ 
++extern int unprivileged_userns_clone;
++
+ static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
+ {
+ 	if (ns)
+@@ -172,6 +174,8 @@ extern bool current_in_userns(const struct user_namespace *target_ns);
+ struct ns_common *ns_get_owner(struct ns_common *ns);
+ #else
+ 
++#define unprivileged_userns_clone 0
++
+ static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
+ {
+ 	return &init_user_ns;
+diff --git a/init/Kconfig b/init/Kconfig
+index d19ed66aba3b..a67689ca1929 100644
+--- a/init/Kconfig
++++ b/init/Kconfig
+@@ -1231,6 +1231,22 @@ config USER_NS
+ 
+ 	  If unsure, say N.
+ 
++config USER_NS_UNPRIVILEGED
++	bool "Allow unprivileged users to create namespaces"
++	default y
++	depends on USER_NS
++	help
++	  When disabled, unprivileged users will not be able to create
++	  new namespaces. Allowing users to create their own namespaces
++	  has been part of several recent local privilege escalation
++	  exploits, so if you need user namespaces but are
++	  paranoid^Wsecurity-conscious you want to disable this.
++
++	  This setting can be overridden at runtime via the
++	  kernel.unprivileged_userns_clone sysctl.
++
++	  If unsure, say Y.
++
+ config PID_NS
+ 	bool "PID Namespaces"
+ 	default y
+diff --git a/kernel/fork.c b/kernel/fork.c
+index 89475c994ca9..a00b3f26f241 100644
+--- a/kernel/fork.c
++++ b/kernel/fork.c
+@@ -98,6 +98,10 @@
+ #include <linux/io_uring.h>
+ #include <linux/bpf.h>
+ 
++#ifdef CONFIG_USER_NS
++#include <linux/user_namespace.h>
++#endif
++
+ #include <asm/pgalloc.h>
+ #include <linux/uaccess.h>
+ #include <asm/mmu_context.h>
+@@ -1950,6 +1954,10 @@ static __latent_entropy struct task_struct *copy_process(
+ 	if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS))
+ 		return ERR_PTR(-EINVAL);
+ 
++	if ((clone_flags & CLONE_NEWUSER) && !unprivileged_userns_clone)
++		if (!capable(CAP_SYS_ADMIN))
++			return ERR_PTR(-EPERM);
++
+ 	/*
+ 	 * Thread groups must share signals as well, and detached threads
+ 	 * can only be started up within the thread group.
+@@ -3066,6 +3074,12 @@ int ksys_unshare(unsigned long unshare_flags)
+ 	if (unshare_flags & CLONE_NEWNS)
+ 		unshare_flags |= CLONE_FS;
+ 
++	if ((unshare_flags & CLONE_NEWUSER) && !unprivileged_userns_clone) {
++		err = -EPERM;
++		if (!capable(CAP_SYS_ADMIN))
++			goto bad_unshare_out;
++	}
++
+ 	err = check_unshare_flags(unshare_flags);
+ 	if (err)
+ 		goto bad_unshare_out;
+diff --git a/kernel/sysctl.c b/kernel/sysctl.c
+index 23c08bf3db58..63ab60778e5d 100644
+--- a/kernel/sysctl.c
++++ b/kernel/sysctl.c
+@@ -105,6 +105,9 @@
+ #ifdef CONFIG_LOCKUP_DETECTOR
+ #include <linux/nmi.h>
+ #endif
++#ifdef CONFIG_USER_NS
++#include <linux/user_namespace.h>
++#endif
+ 
+ #if defined(CONFIG_SYSCTL)
+ 
+@@ -1953,6 +1956,15 @@ static struct ctl_table kern_table[] = {
+ 		.proc_handler	= proc_dointvec,
+ 	},
+ #endif
++#ifdef CONFIG_USER_NS
++	{
++		.procname	= "unprivileged_userns_clone",
++		.data		= &unprivileged_userns_clone,
++		.maxlen		= sizeof(int),
++		.mode		= 0644,
++		.proc_handler	= proc_dointvec,
++	},
++#endif
+ #ifdef CONFIG_PROC_SYSCTL
+ 	{
+ 		.procname	= "tainted",
+diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
+index 5481ba44a8d6..423ab2563ad7 100644
+--- a/kernel/user_namespace.c
++++ b/kernel/user_namespace.c
+@@ -21,6 +21,13 @@
+ #include <linux/bsearch.h>
+ #include <linux/sort.h>
+ 
++/* sysctl */
++#ifdef CONFIG_USER_NS_UNPRIVILEGED
++int unprivileged_userns_clone = 1;
++#else
++int unprivileged_userns_clone;
++#endif
++
+ static struct kmem_cache *user_ns_cachep __read_mostly;
+ static DEFINE_MUTEX(userns_state_mutex);
+ 

linux6.1/PKGBUILD

@@ -0,0 +1,218 @@
+#!/usr/bin/bash
+# JOBoRun		: Jwm OpenBox Obarun RUNit
+# Maintainer	: Joe Bo Run <joborun@disroot.org>
+# PkgSource		: url="https://gittea.disroot.org/joborun-pkg/jobcomm/$pkgname"
+# Website		: https://pozol.eu
+#-----------------------------------------| DESCRIPTION |---------------------------------------
+
+pkgbase=linux6.1
+#_tag=v6.1
+pkgver=6.1
+pkgrel=01
+pkgdesc="Linux 6.1 kernel w joborun config"
+##  In anticipation that this will be the next lts we are building it to replace our own linux 5.15 pkg
+##  linux-lts 5.10 will remain for a while as our default primary kernel 
+arch=(x86_64)
+url="https://kernel.org/"
+license=(GPL2)
+makedepends=(bc libelf pahole cpio perl tar xz xmlto python-sphinx python-sphinx_rtd_theme
+	graphviz imagemagick) # for docs pkg : texlive-latexextra git)
+options=('!strip')
+_srcname=linux-$pkgver
+source=(  https://cdn.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/${_srcname}.tar.{xz,sign}
+#  "$_srcname::git+https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git#tag=$_tag"
+  config         # the main kernel config file
+  0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
+  sha256sums::https://cdn.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc)
+
+export KBUILD_BUILD_HOST=joborunlinux
+export KBUILD_BUILD_USER=$pkgbase
+export KBUILD_BUILD_TIMESTAMP="$(date -Ru${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH})"
+
+prepare() {
+  cd $_srcname
+
+  echo "Setting version..."
+  scripts/setlocalversion --save-scmversion
+  echo "-$pkgrel" > localversion.10-pkgrel
+  echo "${pkgbase#linux}" > localversion.20-pkgname
+
+  local src
+  for src in "${source[@]}"; do
+    src="${src%%::*}"
+    src="${src##*/}"
+    [[ $src = *.patch ]] || continue
+    echo "Applying patch $src..."
+    patch -Np1 < "../$src"
+  done
+
+  echo "Setting config..."
+  cp ../config .config
+  make olddefconfig
+  diff -u ../config .config || :
+
+  make -s kernelrelease > version
+  echo "Prepared $pkgbase version $(<version)"
+}
+
+build() {
+  cd $_srcname
+  make all
+}
+#  make htmldocs all ##  Add this into the build to make docs and uncomment the package section
+
+_package() {
+  pkgdesc="The $pkgdesc kernel and modules"
+  depends=(coreutils kmod initramfs)
+  optdepends=('wireless-regdb: to set the correct wireless channels of your country'
+              'linux-firmware: firmware images needed for some devices')
+  provides=(VIRTUALBOX-GUEST-MODULES WIREGUARD-MODULE KSMBD-MODULE)
+  replaces=(virtualbox-guest-modules-mainline wireguard-mainline)
+
+  cd $_srcname
+  local kernver="$(<version)"
+  local modulesdir="$pkgdir/usr/lib/modules/$kernver"
+
+  echo "Installing boot image..."
+  # systemd expects to find the kernel here to allow hibernation
+  # https://github.com/systemd/systemd/commit/edda44605f06a41fb86b7ab8128dcf99161d2344
+  install -Dm644 "$(make -s image_name)" "$modulesdir/vmlinuz"
+
+  # Used by mkinitcpio to name the kernel
+  echo "$pkgbase" | install -Dm644 /dev/stdin "$modulesdir/pkgbase"
+
+  echo "Installing modules..."
+  make INSTALL_MOD_PATH="$pkgdir/usr" INSTALL_MOD_STRIP=1 \
+    DEPMOD=/doesnt/exist modules_install  # Suppress depmod
+
+  # remove build and source links
+  rm "$modulesdir"/{source,build}
+}
+
+_package-headers() {
+  pkgdesc="Headers and scripts for building modules for the $pkgdesc kernel"
+  depends=(pahole)
+
+  cd $_srcname
+  local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
+
+  echo "Installing build files..."
+  install -Dt "$builddir" -m644 .config Makefile Module.symvers System.map \
+    localversion.* version vmlinux
+  install -Dt "$builddir/kernel" -m644 kernel/Makefile
+  install -Dt "$builddir/arch/x86" -m644 arch/x86/Makefile
+  cp -t "$builddir" -a scripts
+
+  # required when STACK_VALIDATION is enabled
+  # add objtool for external module building and enabled VALIDATION_STACK option
+  install -Dt "$builddir/tools/objtool" tools/objtool/objtool
+
+  # required when DEBUG_INFO_BTF_MODULES is enabled
+  install -Dt "$builddir/tools/bpf/resolve_btfids" tools/bpf/resolve_btfids/resolve_btfids
+
+  echo "Installing headers..."
+  cp -t "$builddir" -a include
+  cp -t "$builddir/arch/x86" -a arch/x86/include
+  install -Dt "$builddir/arch/x86/kernel" -m644 arch/x86/kernel/asm-offsets.s
+
+  install -Dt "$builddir/drivers/md" -m644 drivers/md/*.h
+  install -Dt "$builddir/net/mac80211" -m644 net/mac80211/*.h
+
+  # https://bugs.archlinux.org/task/13146
+  install -Dt "$builddir/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h
+
+  # https://bugs.archlinux.org/task/20402
+  install -Dt "$builddir/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h
+  install -Dt "$builddir/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h
+  install -Dt "$builddir/drivers/media/tuners" -m644 drivers/media/tuners/*.h
+
+  # https://bugs.archlinux.org/task/71392
+  install -Dt "$builddir/drivers/iio/common/hid-sensors" -m644 drivers/iio/common/hid-sensors/*.h
+
+  echo "Installing KConfig files..."
+  find . -name 'Kconfig*' -exec install -Dm644 {} "$builddir/{}" \;
+
+  echo "Removing unneeded architectures..."
+  local arch
+  for arch in "$builddir"/arch/*/; do
+    [[ $arch = */x86/ ]] && continue
+    echo "Removing $(basename "$arch")"
+    rm -r "$arch"
+  done
+
+  echo "Removing documentation..."
+  rm -r "$builddir/Documentation"
+
+  echo "Removing broken symlinks..."
+  find -L "$builddir" -type l -printf 'Removing %P\n' -delete
+
+  echo "Removing loose objects..."
+  find "$builddir" -type f -name '*.o' -printf 'Removing %P\n' -delete
+
+  echo "Stripping build tools..."
+  local file
+  while read -rd '' file; do
+    case "$(file -Sib "$file")" in
+      application/x-sharedlib\;*)      # Libraries (.so)
+        strip -v $STRIP_SHARED "$file" ;;
+      application/x-archive\;*)        # Libraries (.a)
+        strip -v $STRIP_STATIC "$file" ;;
+      application/x-executable\;*)     # Binaries
+        strip -v $STRIP_BINARIES "$file" ;;
+      application/x-pie-executable\;*) # Relocatable binaries
+        strip -v $STRIP_SHARED "$file" ;;
+    esac
+  done < <(find "$builddir" -type f -perm -u+x ! -name vmlinux -print0)
+
+  echo "Stripping vmlinux..."
+  strip -v $STRIP_STATIC "$builddir/vmlinux"
+
+  echo "Adding symlink..."
+  mkdir -p "$pkgdir/usr/src"
+  ln -sr "$builddir" "$pkgdir/usr/src/$pkgbase"
+}
+
+#_package-docs() {
+#  pkgdesc="Documentation for the $pkgdesc kernel"
+#
+#  cd $_srcname
+#  local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
+#
+#  echo "Installing documentation..."
+#  local src dst
+#  while read -rd '' src; do
+#    dst="${src#Documentation/}"
+#    dst="$builddir/Documentation/${dst#output/}"
+#    install -Dm644 "$src" "$dst"
+#  done < <(find Documentation -name '.*' -prune -o ! -type d -print0)
+#
+#  echo "Adding symlink..."
+#  mkdir -p "$pkgdir/usr/share/doc"
+#  ln -sr "$builddir/Documentation" "$pkgdir/usr/share/doc/$pkgbase"
+#}
+
+pkgname=("$pkgbase" "$pkgbase-headers") # "$pkgbase-docs")
+for _p in "${pkgname[@]}"; do
+  eval "package_$_p() {
+    $(declare -f "_package${_p#$pkgbase}")
+    _package${_p#$pkgbase}
+  }"
+done
+
+#---- license gpg-key sha256sums ----
+
+license=(GPL2)
+
+validpgpkeys=(ABAF11C65A2970B130ABE3C479BE3E4300411886 # Linus Torvalds
+	647F28654894E3BD457199BE38DBBDC86092693E   # Greg Kroah-Hartman
+	A2FF3A36AAA56654109064AB19802F8B0D70FC30)  # Jan Alexander Steffens (heftig)
+
+# https://cdn.kernel.org/pub/linux/kernel/v6.x/sha256sums.asc  --> sha256sums
+# 2ca1f17051a430f6fed1196e4952717507171acfd97d96577212502703b25deb linux-6.1.tar.xz
+
+sha256sums=(2ca1f17051a430f6fed1196e4952717507171acfd97d96577212502703b25deb  # linux-6.1.tar.xz
+	9ec464e7fb4dc775b21d58bcb638c47f262b970cae31e92f281da7f9e8b981d1  # linux-6.1.tar.sign
+	e09e820d14d238e7dd95add60b8f17a84006782b07fe90f313fa110dfabd2f59  # config
+	7bd64ff894475b3415d792ba8466ba7e8f872af56dbf1aeed0d261fe4008b8b5  # 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
+	5ed461b6dc92ed642877a098c0e356be01a13bd94fbc0a036ff7986a5f77fa0b) # sha256sums
+

linux6.1/PKGBUILD-aur

@@ -0,0 +1,209 @@
+#
+# Maintainer: Mikael Eriksson <mikael_eriksson@miffe.org>
+#
+# Based on the linux package by:
+# Maintainer: Jan Alexander Steffens (heftig) <heftig@archlinux.org>
+# Maintainer: Tobias Powalowski <tpowa@archlinux.org>
+# Maintainer: Thomas Baechler <thomas@archlinux.org>
+
+pkgbase=linux-mainline               # Build stock -ARCH kernel
+#pkgbase=linux-custom       # Build kernel with a different name
+_tag=v6.1
+pkgver=6.1
+pkgrel=1
+pkgdesc="Linux Mainline"
+arch=(x86_64)
+url="https://kernel.org/"
+license=(GPL2)
+makedepends=(
+  bc libelf pahole cpio perl tar xz
+  xmlto python-sphinx python-sphinx_rtd_theme graphviz imagemagick texlive-latexextra
+  git
+)
+options=('!strip')
+_srcname=linux-mainline
+source=(
+  "$_srcname::git+https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git#tag=$_tag"
+  config         # the main kernel config file
+)
+validpgpkeys=(
+  'ABAF11C65A2970B130ABE3C479BE3E4300411886'  # Linus Torvalds
+  '647F28654894E3BD457199BE38DBBDC86092693E'  # Greg Kroah-Hartman
+  'A2FF3A36AAA56654109064AB19802F8B0D70FC30'  # Jan Alexander Steffens (heftig)
+)
+sha256sums=('SKIP'
+            '6ed43ed093ec7dcbbac286edc204873edfa77e380ac43c8cc2f40b2965ac1aa3')
+
+export KBUILD_BUILD_HOST=archlinux
+export KBUILD_BUILD_USER=$pkgbase
+export KBUILD_BUILD_TIMESTAMP="$(date -Ru${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH})"
+
+prepare() {
+  cd $_srcname
+
+  echo "Setting version..."
+  scripts/setlocalversion --save-scmversion
+  echo "-$pkgrel" > localversion.10-pkgrel
+  echo "${pkgbase#linux}" > localversion.20-pkgname
+
+  local src
+  for src in "${source[@]}"; do
+    src="${src%%::*}"
+    src="${src##*/}"
+    [[ $src = *.patch ]] || continue
+    echo "Applying patch $src..."
+    patch -Np1 < "../$src"
+  done
+
+  echo "Setting config..."
+  cp ../config .config
+  make olddefconfig
+  diff -u ../config .config || :
+
+  make -s kernelrelease > version
+  echo "Prepared $pkgbase version $(<version)"
+}
+
+build() {
+  cd $_srcname
+  make htmldocs all
+}
+
+_package() {
+  pkgdesc="The $pkgdesc kernel and modules"
+  depends=(coreutils kmod initramfs)
+  optdepends=('wireless-regdb: to set the correct wireless channels of your country'
+              'linux-firmware: firmware images needed for some devices')
+  provides=(VIRTUALBOX-GUEST-MODULES WIREGUARD-MODULE)
+  replaces=(virtualbox-guest-modules-mainline wireguard-mainline)
+
+  cd $_srcname
+  local kernver="$(<version)"
+  local modulesdir="$pkgdir/usr/lib/modules/$kernver"
+
+  echo "Installing boot image..."
+  # systemd expects to find the kernel here to allow hibernation
+  # https://github.com/systemd/systemd/commit/edda44605f06a41fb86b7ab8128dcf99161d2344
+  install -Dm644 "$(make -s image_name)" "$modulesdir/vmlinuz"
+
+  # Used by mkinitcpio to name the kernel
+  echo "$pkgbase" | install -Dm644 /dev/stdin "$modulesdir/pkgbase"
+
+  echo "Installing modules..."
+  make INSTALL_MOD_PATH="$pkgdir/usr" INSTALL_MOD_STRIP=1 \
+    DEPMOD=/doesnt/exist modules_install  # Suppress depmod
+
+  # remove build and source links
+  rm "$modulesdir"/{source,build}
+}
+
+_package-headers() {
+  pkgdesc="Headers and scripts for building modules for the $pkgdesc kernel"
+  depends=(pahole)
+
+  cd $_srcname
+  local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
+
+  echo "Installing build files..."
+  install -Dt "$builddir" -m644 .config Makefile Module.symvers System.map \
+    localversion.* version vmlinux
+  install -Dt "$builddir/kernel" -m644 kernel/Makefile
+  install -Dt "$builddir/arch/x86" -m644 arch/x86/Makefile
+  cp -t "$builddir" -a scripts
+
+  # required when STACK_VALIDATION is enabled
+  install -Dt "$builddir/tools/objtool" tools/objtool/objtool
+
+  # required when DEBUG_INFO_BTF_MODULES is enabled
+  install -Dt "$builddir/tools/bpf/resolve_btfids" tools/bpf/resolve_btfids/resolve_btfids
+
+  echo "Installing headers..."
+  cp -t "$builddir" -a include
+  cp -t "$builddir/arch/x86" -a arch/x86/include
+  install -Dt "$builddir/arch/x86/kernel" -m644 arch/x86/kernel/asm-offsets.s
+
+  install -Dt "$builddir/drivers/md" -m644 drivers/md/*.h
+  install -Dt "$builddir/net/mac80211" -m644 net/mac80211/*.h
+
+  # https://bugs.archlinux.org/task/13146
+  install -Dt "$builddir/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h
+
+  # https://bugs.archlinux.org/task/20402
+  install -Dt "$builddir/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h
+  install -Dt "$builddir/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h
+  install -Dt "$builddir/drivers/media/tuners" -m644 drivers/media/tuners/*.h
+
+  # https://bugs.archlinux.org/task/71392
+  install -Dt "$builddir/drivers/iio/common/hid-sensors" -m644 drivers/iio/common/hid-sensors/*.h
+
+  echo "Installing KConfig files..."
+  find . -name 'Kconfig*' -exec install -Dm644 {} "$builddir/{}" \;
+
+  echo "Removing unneeded architectures..."
+  local arch
+  for arch in "$builddir"/arch/*/; do
+    [[ $arch = */x86/ ]] && continue
+    echo "Removing $(basename "$arch")"
+    rm -r "$arch"
+  done
+
+  echo "Removing documentation..."
+  rm -r "$builddir/Documentation"
+
+  echo "Removing broken symlinks..."
+  find -L "$builddir" -type l -printf 'Removing %P\n' -delete
+
+  echo "Removing loose objects..."
+  find "$builddir" -type f -name '*.o' -printf 'Removing %P\n' -delete
+
+  echo "Stripping build tools..."
+  local file
+  while read -rd '' file; do
+    case "$(file -bi "$file")" in
+      application/x-sharedlib\;*)      # Libraries (.so)
+        strip -v $STRIP_SHARED "$file" ;;
+      application/x-archive\;*)        # Libraries (.a)
+        strip -v $STRIP_STATIC "$file" ;;
+      application/x-executable\;*)     # Binaries
+        strip -v $STRIP_BINARIES "$file" ;;
+      application/x-pie-executable\;*) # Relocatable binaries
+        strip -v $STRIP_SHARED "$file" ;;
+    esac
+  done < <(find "$builddir" -type f -perm -u+x ! -name vmlinux -print0)
+
+  echo "Stripping vmlinux..."
+  strip -v $STRIP_STATIC "$builddir/vmlinux"
+
+  echo "Adding symlink..."
+  mkdir -p "$pkgdir/usr/src"
+  ln -sr "$builddir" "$pkgdir/usr/src/$pkgbase"
+}
+
+_package-docs() {
+  pkgdesc="Documentation for the $pkgdesc kernel"
+
+  cd $_srcname
+  local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
+
+  echo "Installing documentation..."
+  local src dst
+  while read -rd '' src; do
+    dst="${src#Documentation/}"
+    dst="$builddir/Documentation/${dst#output/}"
+    install -Dm644 "$src" "$dst"
+  done < <(find Documentation -name '.*' -prune -o ! -type d -print0)
+
+  echo "Adding symlink..."
+  mkdir -p "$pkgdir/usr/share/doc"
+  ln -sr "$builddir/Documentation" "$pkgdir/usr/share/doc/$pkgbase"
+}
+
+pkgname=("$pkgbase" "$pkgbase-headers" "$pkgbase-docs")
+for _p in "${pkgname[@]}"; do
+  eval "package_$_p() {
+    $(declare -f "_package${_p#$pkgbase}")
+    _package${_p#$pkgbase}
+  }"
+done
+
+# vim:set ts=8 sts=2 sw=2 et:

linux6.1/clean

@@ -0,0 +1 @@
+rm -rf {src,pkg,linux*tar.*}

linux6.1/deps

@@ -0,0 +1,13 @@
+freetype2
+bc
+pahole
+cpio
+xmlto
+python-sphinx
+python-sphinx_rtd_theme
+graphviz
+imagemagick
+bison
+git
+ 
+libgit2 

linux6.1/key

@@ -0,0 +1 @@
+gpg -v --recv-key 38DBBDC86092693E

linux6.1/linux.install

@@ -0,0 +1,27 @@
+post_install () {
+  # updating module dependencies
+  echo ">>> Updating module dependencies. Please wait ..."
+  depmod 6.1
+}
+
+post_upgrade() {
+  if findmnt --fstab -uno SOURCE /boot &>/dev/null && ! mountpoint -q /boot; then
+    echo "WARNING: /boot appears to be a separate partition but is not mounted."
+  fi
+
+  # updating module dependencies
+  echo ">>> Updating module dependencies. Please wait ..."
+  depmod 6.1
+
+  if [ $(vercmp $2 3.13) -lt 0 ]; then
+    echo ">>> WARNING: AT keyboard support is no longer built into the kernel."
+    echo ">>>          In order to use your keyboard during early init, you MUST"
+    echo ">>>          include the 'keyboard' hook in your mkinitcpio.conf."
+  fi
+}
+
+post_remove() {
+  # also remove the compat symlinks
+  rm -f boot/initramfs-linux6.1.img
+  rm -f boot/initramfs-linux6.1-fallback.img
+}

linux6.1/linux.install.aur

@@ -0,0 +1,27 @@
+post_install () {
+  # updating module dependencies
+  echo ">>> Updating module dependencies. Please wait ..."
+  depmod %KERNVER%
+}
+
+post_upgrade() {
+  if findmnt --fstab -uno SOURCE /boot &>/dev/null && ! mountpoint -q /boot; then
+    echo "WARNING: /boot appears to be a separate partition but is not mounted."
+  fi
+
+  # updating module dependencies
+  echo ">>> Updating module dependencies. Please wait ..."
+  depmod %KERNVER%
+
+  if [ $(vercmp $2 3.13) -lt 0 ]; then
+    echo ">>> WARNING: AT keyboard support is no longer built into the kernel."
+    echo ">>>          In order to use your keyboard during early init, you MUST"
+    echo ">>>          include the 'keyboard' hook in your mkinitcpio.conf."
+  fi
+}
+
+post_remove() {
+  # also remove the compat symlinks
+  rm -f boot/initramfs-%PKGBASE%.img
+  rm -f boot/initramfs-%PKGBASE%-fallback.img
+}

linux6.1/sha256sums

@@ -0,0 +1,76 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+3f6690efe8dc49751e33fbcc45d35fa9048f75e03bfeaaa2a28e1037ca8d85cf  ChangeLog-6.0
+7eb504c0d87687a37753fbfe13e54ea979648b987e6f3f49c7f8f947bee7df3e  ChangeLog-6.0.1
+38a40e43b4daeb3de10ad21c414c5e969f600ed4105883cab885392ada0b24c2  ChangeLog-6.0.2
+1252dbe12a2bfc4320bc8721ffa6ac9755d21b355456189453949c3e34b40a30  ChangeLog-6.0.3
+ed8991c1d0c78cb907af07648eacd889a8d05ce2c752fefbac52faa7a5e76e3c  ChangeLog-6.0.4
+a135968b2ba483877b1e0d6c29f022df2ea2202b83b2d7a6367b1d218c402822  ChangeLog-6.0.5
+23982b4a283f50f9eff4cdfc5a92e3cf188373e928fdfbd529a0355b2f03e591  ChangeLog-6.0.6
+685098787f5099393813af01dbf42be53d4cf66439101819e9d6812f9ea18b0d  ChangeLog-6.0.7
+75ab6be0d282b450c847e4fd8d16a900c55b02dd1c2d4d367a0d72d6fa3ea6c0  ChangeLog-6.0.8
+40c049dfd11dea11d06d9fa38268e6a4f1c46168ff6afa374d8977db75e4bc15  ChangeLog-6.0.9
+ec14449d5d5f11d0c80cf1c1c33f2628333e1c4cf00779cd1dec66fcba934626  ChangeLog-6.0.10
+d1aec42501f371cb0d46e428c56fd1b9e785a3b7ad884f641505486a1721a517  ChangeLog-6.0.11
+5a7cc6b10574bf4ee627977173f6de69c150ed3a7ff039b1cc2ab2e9aea3045f  ChangeLog-6.0.12
+651fdf662eb33c5a230d99c2fcdf025d9e6840a0752cf50156eff1f0dc257dd6  ChangeLog-6.1
+3e7557f0de28c0e8cd2c858c6ff3726aeb778db91b9da14bfc79e6df4169f8bd  linux-6.0.tar.gz
+5c2443a5538de52688efb55c27ab0539c1f5eb58c0cfd16a2b9fbb08fd81788e  linux-6.0.tar.xz
+2a6c40299ea9c49d03a4ecea23d128d6cabc1735e2dec4ae83401fda7241ab42  linux-6.0.1.tar.gz
+8ede745a69351ea0f27fe0c48780d4efa37ff086135e129358ce09694957e8f9  linux-6.0.1.tar.xz
+167890eea2404098897f2a1c72c45c3e75d927d00fddc9b779597b46f9521568  linux-6.0.2.tar.gz
+a13c26388cacccb684cd9f51109596a280c8186b7e95174d31ee7c5718e95c9d  linux-6.0.2.tar.xz
+ce91b2173456b0de044d80b1d0f174158f8de38896d3deded9de54574fd9fbf0  linux-6.0.3.tar.gz
+b0d522241805794d8af3a67d331ba063a16496c6fb6d365d48f7ed78ee1c3dcf  linux-6.0.3.tar.xz
+3c84a1f6ee9d15fb019c91d0c54d3feee7a252ac0dd316f5ca61601cb94ccfbc  linux-6.0.4.tar.gz
+c8f103d0da604e61f898dd729e738abd55261823db42f2826d647b53b4a41ed8  linux-6.0.4.tar.xz
+e3577152dd9a6a1bb996ff6a8ca6780297ae48ba81bb11c6d097fd2c642c2c97  linux-6.0.5.tar.gz
+61332ef22b53c50c10faabfb965896a7d1ad4f3381f0f89643c820f28a60418e  linux-6.0.5.tar.xz
+757ffce79e7db71f01d9989ed53558222f0f8df4f73fb83224a9c2a125d72da4  linux-6.0.6.tar.gz
+864b05af2d869ba73d61a9c5959e4531a141ab2bd7b217483671f625f9747faa  linux-6.0.6.tar.xz
+b317cca799abab7e4d8e8d6adf7ca311c5f9b2fc1b746dc56a5e36d0db825576  linux-6.0.7.tar.gz
+67dacc2b78605a56e997f4c08d009be87c98ec66f1870220226c8b3cc676590f  linux-6.0.7.tar.xz
+462e2bb0f214e53504cf34b5fa4a5e70007fed1188ae04dd4d48ed0246a100be  linux-6.0.8.tar.gz
+0de4f83996951c6faf9b2225db4f645882c47b1a09198190f97bd46e5f5fa257  linux-6.0.8.tar.xz
+910c5b01fb3434df9eb2e6aa26aed06dcc19a8959310c31377fd86f66ed70a62  linux-6.0.9.tar.gz
+6114a208e82739b4a1ab059ace35262be2a83be34cd1ae23cb8a09337db831c7  linux-6.0.9.tar.xz
+0c7be3f76a2bc9cb8c0dbcaeefd78b1baaba7b1551b90837991944cbd19bab24  linux-6.0.10.tar.gz
+39e57fcd84cd70bfa3e1a4185d3aa0ed7f1432f24c6548d16326b0c3c9541dd0  linux-6.0.10.tar.xz
+fe08b012e725172efbb2f9afbc8755483fc442b95945ccb769dbc06641bd7847  linux-6.0.11.tar.gz
+2bae6131e64971e1e34ff395fa542971134c857bdb0b29069ab847c7c9a9c762  linux-6.0.11.tar.xz
+1ed4c4f14399ab216253f69de0e18568c8aa4ef9c36c73c9ea2eb936473fd0bf  linux-6.0.12.tar.gz
+89b730edf8942b49e02f9894244205886c9a214d629b35b88c4ff06ee9304f01  linux-6.0.12.tar.xz
+de4ee64f1e86da97c0c2974c02a77c01ea81eed0c04b6319fbc719810104de92  linux-6.1.tar.gz
+2ca1f17051a430f6fed1196e4952717507171acfd97d96577212502703b25deb  linux-6.1.tar.xz
+f978e069857d454f6a828137d87b63207dea6613cd02932ffd30d7b9b1644cd8  patch-6.0.xz
+483447baa17bb08dfeb1b966c9b93bd0a7cac096d8086b0bbd09fb0d4968fe1e  patch-6.0.1.xz
+a659e67693ded7c0968a10032f5b0fd9ec021ebf62d92a8fd256ae37f9b76408  patch-6.0.2.xz
+c2735c685dda548811190ecb1379f52cbdb866b198914a67030072a7d2191ca3  patch-6.0.3.xz
+04d984dccfc4ed6c5e2d131f1508bd1e480a48f90ec93e07f4119ff033d7640c  patch-6.0.4.xz
+80661d1323d6b743430f590063f18c76dbbbb211945910aee05e94402cd74c0c  patch-6.0.5.xz
+c4920a37259b5a479fd2d6e76aaa040d54cb4cbab2ea4e323e3e0f0adb09324c  patch-6.0.6.xz
+1445707f1792ba82045459ddf894c246b047bb89b04fba33a4838f3f9280b2cb  patch-6.0.7.xz
+680d40a44c223e8eeddc955288494dbfc8f15c61820b11538b40750b7ad6a502  patch-6.0.8.xz
+dc5704014e53dd661f78fd062facc3518242d3412bef6b9bea69089f53f10a78  patch-6.0.9.xz
+0b99d6baf13eef2852938008288bed942dd1d19a54d3de021b0d760bd7086c31  patch-6.0.10.xz
+1398bc1d9c56110929d0e28a1026f418385ab8c9895eaad437f3e79d610a4d42  patch-6.0.11.xz
+7d6222ec959ed7760385394c4f8bd859cac18109c677c91a89e61998aa4914c6  patch-6.0.12.xz
+7f3f6b9a6a7c27a37dc0f7e3d9ed140e61687d604b54ab2915611a9d8ccfdf44  patch-6.1.xz
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.22 (GNU/Linux)
+
+iQIcBAEBCAAGBQJjlsQGAAoJEGMtOgZYnaaxMhkQAKrQHd1MfG6x4uW7HcaKu92Z
+TV325qHKkWsAUmopM4N4aCJpqlTogwnI42q0hdGdhmO5XIKNrTLutZWmDXypqJ3e
+ts8ajOlhQL2VFke/YfSjnyrYW9Fe3BFnGCI81LE/IbqpYmyqB7r2sWPw66BMidDk
+rvXzepzHh75dwX77k7xuhQPxsLhaPTHZzEq5U9EQVsacUqw7cx2OHSeWjRA8gcAC
+r72lVJKJjxvxwS7dP22rNfM7T6wgV1xcBpTDWQ7RRZa0IOd6/g6Ug3RDmHOwHchB
+NM8gM9gX3ATpyLcqn8sh+8Kp1sc0w4moQjMJ7JhODWhIKj1q1Ql+Zh9IndLvJs/c
+gowEHTUayjkhWBHrGnnZ+IWl5/EDn4wztOcXNa9w41FkLY3F6IOlBs7QaM2uD4Rl
+Z32oRH0CIif61TMYeipt2qoB5zuRVm5SQYsdHVDN0EkhEHFns0DrhNCx1v0Pg1iO
+SJQLrFyH+ZQdWLOB8DYKfkc5h6y/Rd5D8tgQfPiT82bJdlBr6b9hLG2Ceqvl1VEK
+BKI9rKrCbyzcLT9l7uUIk0siRs3Krw2zTmY72BfapAshrhbb+ZIIUersKy91cRox
+PwnpPGFTQ19Pot//IfQyCYzhvfdeTR/RTQ4zmXeR6RxjhMWMAWowKRUGQn0AoCuE
+wI1Jm6sPEY6opiA28/p9
+=XhfE
+-----END PGP SIGNATURE-----

linux6.1/time

@@ -0,0 +1,6 @@
+linux6.1 time
+ 
+real     224m42,773s 
+user     210m37,234s 
+sys       15m37,684s 
+ 

php7/PKGBUILD

@@ -9,16 +9,18 @@ pkgbase=php7
 pkgname=(php7 php7-cgi php7-apache php7-fpm php7-embed php7-phpdbg php7-dblib php7-enchant
 	php7-gd php7-imap php7-intl php7-sodium php7-odbc php7-pgsql php7-pspell php7-snmp
 	php7-sqlite php7-tidy php7-xsl)
-pkgver=7.4.32
-pkgrel=02
+pkgver=7.4.33
+pkgrel=01
 arch=(x86_64)
 url='https://www.php.net/'
-makedepends=(apache aspell c-client db enchant gd gmp icu libsodium libxslt libzip net-snmp
+makedepends=(apache aspell c-client db enchant-pure gd gmp icu libsodium libxslt libzip net-snmp
      postgresql-libs sqlite tidy unixodbc curl libtool postfix freetds pcre2 libnsl
      oniguruma)
 checkdepends=(procps-ng)
 #options=(debug) ## uncomment this line to produce the php7-debug pkg
 source=("https://php.net/distributions/php-${pkgver}.tar.xz"{,.asc}
+        'php7-openssl3-eof.patch::https://github.com/php/php-src/commit/74f75db0c3665677ec006cd379fd561feacffdc6.patch'
+        'php7-openssl3.patch::https://github.com/php/php-src/commit/a0972deb0f441fc7991001cb51efc994b70a3b51.patch'
 	apache.patch apache.conf php-fpm.tmpfiles php.ini.patch
 	enchant-2.patch php7.patch)
 # systemd patch removed  'php-fpm.patch'
@@ -28,6 +30,9 @@ _interpreter=${pkgver%.*}
 prepare() {
 	cd "${srcdir}/php-${pkgver}"
 
+	patch -p1 -i "${srcdir}/php7-openssl3.patch"
+	patch -p1 -i "${srcdir}/php7-openssl3-eof.patch"
+
 	patch -p0 -i "${srcdir}/apache.patch"
 #	patch -p0 -i "${srcdir}/php-fpm.patch"
 	patch -p0 -i "${srcdir}/php.ini.patch"
@@ -241,7 +246,7 @@ package_php7-dblib() {
 
 package_php7-enchant() {
 	pkgdesc='enchant module for PHP w/o systemd'
-	depends=('php7' 'enchant')
+	depends=('php7' 'enchant-pure')
 
 	install -D -m755 "${srcdir}/build/modules/enchant.so" "${pkgdir}/usr/lib/php7/modules/enchant.so"
 }
@@ -334,13 +339,16 @@ license=(PHP)
 validpgpkeys=(5A52880781F755608BF815FC910DEB46F53EA312
 	  42670A7FE4D0441C8E4632349E4FDC074A4EF02D)
 
-sha256sums=(323332c991e8ef30b1d219cb10f5e30f11b5f319ce4c6642a5470d75ade7864a # php-7.4.32.tar.xz
-	8564f1c40c5598ec2761b28f1114a02fbd72c8888ca92dc969cff29d61de481b # php-7.4.32.tar.xz.asc
-	b4ea038f2863801175d6c4e74c685913feecdd5be3d49aff7d9b3fa92d8c4159 # apache.patch
-	ebc0af1ef3a6baccb013d0ccb29923895a7b22ff2d032e3bba802dc6328301ce # apache.conf
-	46c720063fa0def3ecc788c442a8fcc01c92edae2bd44eb45c2c946e3a1896c7 # php-fpm.tmpfiles
-	e02f657e2661ad01081835ded7fcdb0fbe9177b7d0acc4aeaae4164a593a991f # php.ini.patch
-	d94d22ad8bcd13829addda84e9de6b73fa04be9bc6da8622086c7e19c97ab724 # enchant-2.patch
+sha256sums=(924846abf93bc613815c55dd3f5809377813ac62a9ec4eb3778675b82a27b927  # php-7.4.33.tar.xz
+	569a01c7c605a4571fdf7dfadfff4215cc4a63ea5d474c7ec92bd7b4fecfffcb  # php-7.4.33.tar.xz.asc
+	c3e892a045e864dd9cce30a64e243e3516a51c9d3498137e5f8f2dce8cdd2b7f  # php7-openssl3-eof.patch
+	8ffecdd493e69b58b46fc278e4911ba79de382cfdd34734f8609c11aa489e8e8  # php7-openssl3.patch
+	b4ea038f2863801175d6c4e74c685913feecdd5be3d49aff7d9b3fa92d8c4159  # apache.patch
+	ebc0af1ef3a6baccb013d0ccb29923895a7b22ff2d032e3bba802dc6328301ce  # apache.conf
+	46c720063fa0def3ecc788c442a8fcc01c92edae2bd44eb45c2c946e3a1896c7  # php-fpm.tmpfiles
+	e02f657e2661ad01081835ded7fcdb0fbe9177b7d0acc4aeaae4164a593a991f  # php.ini.patch
+	d94d22ad8bcd13829addda84e9de6b73fa04be9bc6da8622086c7e19c97ab724  # enchant-2.patch
 	52d7d524ce54c73afde7ddc21b354e76578c8a83fbad0496a743c1ea4916bfe1) # php7.patch
- 
- 
+
+
+

php7/PKGBUILD-arch

@@ -21,21 +21,25 @@ pkgname=('php7'
          'php7-sqlite'
          'php7-tidy'
          'php7-xsl')
-pkgver=7.4.32
-pkgrel=2
+pkgver=7.4.33
+pkgrel=4
 arch=('x86_64')
 license=('PHP')
 url='https://www.php.net/'
-makedepends=('apache' 'aspell' 'c-client' 'db' 'enchant' 'gd' 'gmp' 'icu' 'libsodium' 'libxslt' 'libzip' 'net-snmp'
+makedepends=('apache' 'aspell' 'c-client' 'enchant' 'gd' 'gmp' 'icu' 'libsodium' 'libxslt' 'libzip' 'net-snmp'
              'postgresql-libs' 'sqlite' 'systemd' 'tidy' 'unixodbc' 'curl' 'libtool' 'postfix' 'freetds' 'pcre2' 'libnsl'
              'oniguruma')
 checkdepends=('procps-ng')
 options=(debug)
 source=("https://php.net/distributions/php-${pkgver}.tar.xz"{,.asc}
+        'php7-openssl3.patch::https://github.com/php/php-src/commit/a0972deb0f441fc7991001cb51efc994b70a3b51.patch'
+        'php7-openssl3-eof.patch::https://github.com/php/php-src/commit/74f75db0c3665677ec006cd379fd561feacffdc6.patch'
         'apache.patch' 'apache.conf' 'php-fpm.patch' 'php-fpm.tmpfiles' 'php.ini.patch'
         'enchant-2.patch' 'php7.patch')
-sha512sums=('052fbb6120b9943927685f736574871bc2b0c60d4ef18b54ec3f3d92398842286189fd426647c3c91eec38b11ce607090c4cd339040c92bda852574b96c36f67'
+sha512sums=('499b63b99e5d8e8082ff89d3a91b4cb9a593ea7553b96e48863414c13d2e50275904ed29070e2232e529ee91160f505e6060a4d129cb5bf098aa5b6ea0928d3d'
             'SKIP'
+            '07b9ba019221cce6f73ebf1fdc6124f0730e42d19b9e0f846d132423da3b820439d4cba61fff8e65937c955ba985889f0c57ed2f94f380213e7279b0531c6444'
+            '46112bf170c6f1772792c02d6cabd1219aa0d5e3123551cd2bbed480f7cf87743eece89539e3d62eacd312fd025235bb9f5ac1c771bd18ae5b606ae48a7bf222'
             '284e3c0fe3ded0ff3e7d53f2769ea207b4591ef42abeff2d8604e87fe379929bd3b19ff294a729834f339a9da85ae7d4a7d8605890677222f78601b4f2b22247'
             'eccbe1a0c7b2757ab3c982c871cc591a66ad70f085aaa0d44f93cacacedc7b8fd21b8d0c66471327ff070db1bab1ab83a802f6fa190f33bdd74c134975e3910e'
             'bf43a99b464a873986954233e2df4841eeab21a6d359a777b7514a4fa34462c9f0fd85243086122ed50c766d5b60fb83f9f181a9b43ae1b527672a4f3b8d8eed'
@@ -50,6 +54,9 @@ _interpreter=${pkgver%.*}
 prepare() {
 	cd "${srcdir}/php-${pkgver}"
 
+	patch -p1 -i "${srcdir}/php7-openssl3.patch"
+	patch -p1 -i "${srcdir}/php7-openssl3-eof.patch"
+
 	patch -p0 -i "${srcdir}/apache.patch"
 	patch -p0 -i "${srcdir}/php-fpm.patch"
 	patch -p0 -i "${srcdir}/php.ini.patch"
@@ -101,7 +108,6 @@ build() {
 		--enable-sysvshm=shared \
 		--with-bz2=shared \
 		--with-curl=shared \
-		--with-db4=/usr \
 		--with-enchant=shared \
 		--with-external-gd \
 		--with-external-pcre \

php7/deps

@@ -6,7 +6,7 @@ freetds
 autoconf
 aspell
 c-client
-enchant
+enchant-pure
 gd
 libsodium
 libxslt
@@ -17,4 +17,3 @@ libnsl
 oniguruma
 argon2
 
-

php7/php7-openssl3-eof.patch

@@ -0,0 +1,78 @@
+From 74f75db0c3665677ec006cd379fd561feacffdc6 Mon Sep 17 00:00:00 2001
+From: Jakub Zelenka <bukka@php.net>
+Date: Sun, 15 May 2022 13:49:17 +0100
+Subject: [PATCH] Fix bug #79589: ssl3_read_n:unexpected eof while reading
+
+The unexpected EOF failure was introduced in OpenSSL 3.0 to prevent
+truncation attack. However there are many non complaint servers and
+it is causing break for many users including potential majority
+of those where the truncation attack is not applicable. For that reason
+we try to keep behavior consitent with older OpenSSL versions which is
+also the path chosen by some other languages and web servers.
+
+Closes GH-8369
+---
+ NEWS                            |  4 ++++
+ ext/openssl/tests/bug79589.phpt | 21 +++++++++++++++++++++
+ ext/openssl/xp_ssl.c            |  5 +++++
+ 3 files changed, 30 insertions(+)
+ create mode 100644 ext/openssl/tests/bug79589.phpt
+
+diff --git a/NEWS b/NEWS
+index e270ad3f1821..83a891b47d06 100644
+--- a/NEWS
++++ b/NEWS
+@@ -11,6 +11,10 @@ PHP                                                                        NEWS
+   . Fixed bug GH-8461 (tracing JIT crash after function/method change).
+     (Arnaud, Dmitry)
+ 
++- OpenSSL:
++  . Fixed bug #79589 (error:14095126:SSL routines:ssl3_read_n:unexpected eof
++    while reading). (Jakub Zelenka)
++
+ - SPL:
+   . Fixed bug GH-8235 (iterator_count() may run indefinitely). (cmb)
+ 
+diff --git a/ext/openssl/tests/bug79589.phpt b/ext/openssl/tests/bug79589.phpt
+new file mode 100644
+index 000000000000..5d277e8c63ce
+--- /dev/null
++++ b/ext/openssl/tests/bug79589.phpt
+@@ -0,0 +1,21 @@
++--TEST--
++Bug #65538: TLS unexpected EOF failure
++--EXTENSIONS--
++openssl
++--SKIPIF--
++<?php
++if (getenv("SKIP_ONLINE_TESTS")) die("skip online test");
++?>
++--FILE--
++<?php
++
++$release = file_get_contents(
++    'https://chromedriver.storage.googleapis.com/LATEST_RELEASE',
++    false,
++    stream_context_create(['ssl' => ['verify_peer'=> false]])
++);
++echo gettype($release);
++
++?>
++--EXPECT--
++string
+diff --git a/ext/openssl/xp_ssl.c b/ext/openssl/xp_ssl.c
+index 918b3ca5b21d..ce23fb29f429 100644
+--- a/ext/openssl/xp_ssl.c
++++ b/ext/openssl/xp_ssl.c
+@@ -1639,6 +1639,11 @@ int php_openssl_setup_crypto(php_stream *stream,
+ 
+ 	ssl_ctx_options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
+ 
++#ifdef SSL_OP_IGNORE_UNEXPECTED_EOF
++	/* Only for OpenSSL 3+ to keep OpenSSL 1.1.1 behavior */
++	ssl_ctx_options |= SSL_OP_IGNORE_UNEXPECTED_EOF;
++#endif
++
+ 	if (!GET_VER_OPT("disable_compression") || zend_is_true(val)) {
+ 		ssl_ctx_options |= SSL_OP_NO_COMPRESSION;
+ 	}

php7/php7-openssl3.patch

@@ -0,0 +1,23 @@
+From a0972deb0f441fc7991001cb51efc994b70a3b51 Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi@php.net>
+Date: Sun, 8 Aug 2021 17:38:30 +0200
+Subject: [PATCH] minimal fix for openssl 3.0 (#7002)
+
+---
+ ext/openssl/openssl.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
+index de115dd9eb98..7a244f106fe0 100644
+--- a/ext/openssl/openssl.c
++++ b/ext/openssl/openssl.c
+@@ -1209,7 +1209,9 @@ PHP_MINIT_FUNCTION(openssl)
+ 	REGISTER_LONG_CONSTANT("OPENSSL_CMS_NOSIGS", CMS_NOSIGS, CONST_CS|CONST_PERSISTENT);
+ 
+ 	REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_PADDING", RSA_PKCS1_PADDING, CONST_CS|CONST_PERSISTENT);
++#ifdef RSA_SSLV23_PADDING
+ 	REGISTER_LONG_CONSTANT("OPENSSL_SSLV23_PADDING", RSA_SSLV23_PADDING, CONST_CS|CONST_PERSISTENT);
++#endif
+ 	REGISTER_LONG_CONSTANT("OPENSSL_NO_PADDING", RSA_NO_PADDING, CONST_CS|CONST_PERSISTENT);
+ 	REGISTER_LONG_CONSTANT("OPENSSL_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING, CONST_CS|CONST_PERSISTENT);
+