Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 460124

Summary: app-antivirus/clamav: bundles llvm
Product: Gentoo Linux Reporter: Michał Górny <mgorny>
Component: Current packagesAssignee: Antivirus Team <antivirus>
Severity: major CC: antivirus, devurandom, moixa, net-mail+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 548066    
Attachments: clamav-dynamic-llvm.patch

Description Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2013-03-03 12:20:28 UTC
Oh my... the build now takes ages and it's just that horrible I can't describe it :P.
Comment 1 Eray Aslan gentoo-dev 2013-03-15 12:48:48 UTC
Clamav upstream:

"LLVM allows our analyst team to write advanced detection logic.
Certain pieces of malware can't be detected by a simple hash. The
analyst team writes bytecode signatures that safely run in our LLVM
runtime. We bundle LLVM inside of ClamAV's source because we've made
heavy modifications to make it safe for our use. We've removed a lot
of instructions that could potentially harm machines in case a piece
of malware is somehow able to explain a weakness inside of LLVM while
ClamAV scans the sample. Due to the nature of our modifications, we
can't simply submit patches upstream. We've essentially forked LLVM's
source and included the fork within ClamAV's source code."

Basically, they want people to use the bundled llvm version.
Comment 2 Thomas Raschbacher gentoo-dev 2014-05-08 07:41:13 UTC
tbh I do not feel qualified to decide if we can / should make it use our system LLVM .. as  eras posted they seem to have made quite a few modifications..

CC'ing 2nd llvm maintainer

voyageur, mgorny: if you want to take this up feel free otherwise I will close this bug as WONTFIX/... at some point.
Comment 3 Bernard Cafarelli gentoo-dev 2014-05-21 12:44:42 UTC
Hmm also they use a 2.9 or 3.0 build of llvm, with option for an external one, but it has evolved a bit since 3.0 (ignoring the local modifications they made). I am not sure unbundling is possible/doable without a feature/performance cost :/
Comment 4 Thomas Raschbacher gentoo-dev 2014-06-17 08:15:27 UTC
Well I certainly don't have the time (nor am I qualified) for this..

Unless someone else (from the llvm team maybe) wants to have a go at this i will close this bug as UPSTREAM or WONTFIX in a while.
Comment 5 Thomas Raschbacher gentoo-dev 2016-05-29 19:51:48 UTC
closing this as WONTFIX - at least clamav doesn't release new versions too often.
Comment 6 Tobias Sager 2016-06-02 15:22:14 UTC
Created attachment 436194 [details, diff]

Adding a patch against 0.99.2 ebuild to enable using the system llvm as dynamic library. Not expecting this goes into the tree, but in case anyone wants to do this too.

This helps getting back some memory from clamd, however has the drawback to not use the bundled, optimized (more secure?) llvm.