|Summary:||app-antivirus/clamav: bundles llvm|
|Product:||Gentoo Linux||Reporter:||Michał Górny <mgorny>|
|Component:||Current packages||Assignee:||Antivirus Team <antivirus>|
|Severity:||major||CC:||antivirus, devurandom, moixa, net-mail+disabled|
|Package list:||Runtime testing required:||---|
|Bug Depends on:|
Description Michał Górny 2013-03-03 12:20:28 UTC
Oh my... the build now takes ages and it's just that horrible I can't describe it :P.
Comment 1 Eray Aslan 2013-03-15 12:48:48 UTC
Clamav upstream: "LLVM allows our analyst team to write advanced detection logic. Certain pieces of malware can't be detected by a simple hash. The analyst team writes bytecode signatures that safely run in our LLVM runtime. We bundle LLVM inside of ClamAV's source because we've made heavy modifications to make it safe for our use. We've removed a lot of instructions that could potentially harm machines in case a piece of malware is somehow able to explain a weakness inside of LLVM while ClamAV scans the sample. Due to the nature of our modifications, we can't simply submit patches upstream. We've essentially forked LLVM's source and included the fork within ClamAV's source code." Basically, they want people to use the bundled llvm version.
Comment 2 Thomas Raschbacher 2014-05-08 07:41:13 UTC
tbh I do not feel qualified to decide if we can / should make it use our system LLVM .. as eras posted they seem to have made quite a few modifications.. CC'ing 2nd llvm maintainer voyageur, mgorny: if you want to take this up feel free otherwise I will close this bug as WONTFIX/... at some point.
Comment 3 Bernard Cafarelli 2014-05-21 12:44:42 UTC
Hmm also they use a 2.9 or 3.0 build of llvm, with option for an external one, but it has evolved a bit since 3.0 (ignoring the local modifications they made). I am not sure unbundling is possible/doable without a feature/performance cost :/
Comment 4 Thomas Raschbacher 2014-06-17 08:15:27 UTC
Well I certainly don't have the time (nor am I qualified) for this.. Unless someone else (from the llvm team maybe) wants to have a go at this i will close this bug as UPSTREAM or WONTFIX in a while.
Comment 5 Thomas Raschbacher 2016-05-29 19:51:48 UTC
closing this as WONTFIX - at least clamav doesn't release new versions too often.
Comment 6 Tobias Sager 2016-06-02 15:22:14 UTC
Created attachment 436194 [details, diff] clamav-dynamic-llvm.patch Adding a patch against 0.99.2 ebuild to enable using the system llvm as dynamic library. Not expecting this goes into the tree, but in case anyone wants to do this too. This helps getting back some memory from clamd, however has the drawback to not use the bundled, optimized (more secure?) llvm.