1 |
commit: 930876df6026badd280a3c2e2ffe5305155c18d4 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Jul 30 13:03:34 2011 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Jul 30 13:03:34 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=930876df |
7 |
|
8 |
Cleaned up line numbers |
9 |
|
10 |
--- |
11 |
2.6.32/4435_grsec-kconfig-gentoo.patch | 6 +++--- |
12 |
1 files changed, 3 insertions(+), 3 deletions(-) |
13 |
|
14 |
diff --git a/2.6.32/4435_grsec-kconfig-gentoo.patch b/2.6.32/4435_grsec-kconfig-gentoo.patch |
15 |
index 9db4e1d..33ebf0c 100644 |
16 |
--- a/2.6.32/4435_grsec-kconfig-gentoo.patch |
17 |
+++ b/2.6.32/4435_grsec-kconfig-gentoo.patch |
18 |
@@ -27,7 +27,7 @@ diff -Naur linux-2.6.32-hardened-r44.orig/grsecurity/Kconfig linux-2.6.32-harden |
19 |
|
20 |
config GRKERNSEC_LOW |
21 |
bool "Low" |
22 |
-@@ -195,6 +195,258 @@ |
23 |
+@@ -193,6 +193,258 @@ |
24 |
- Restricted sysfs/debugfs |
25 |
- Active kernel exploit response |
26 |
|
27 |
@@ -289,7 +289,7 @@ diff -Naur linux-2.6.32-hardened-r44.orig/grsecurity/Kconfig linux-2.6.32-harden |
28 |
diff -Naur linux-2.6.32-hardened-r44.orig/security/Kconfig linux-2.6.32-hardened-r44/security/Kconfig |
29 |
--- linux-2.6.32-hardened-r44.orig/security/Kconfig 2011-04-17 18:36:55.000000000 -0400 |
30 |
+++ linux-2.6.32-hardened-r44/security/Kconfig 2011-04-17 18:42:14.000000000 -0400 |
31 |
-@@ -319,8 +319,9 @@ |
32 |
+@@ -305,8 +305,9 @@ |
33 |
|
34 |
config PAX_KERNEXEC |
35 |
bool "Enforce non-executable kernel pages" |
36 |
@@ -300,7 +300,7 @@ diff -Naur linux-2.6.32-hardened-r44.orig/security/Kconfig linux-2.6.32-hardened |
37 |
help |
38 |
This is the kernel land equivalent of PAGEEXEC and MPROTECT, |
39 |
that is, enabling this option will make it harder to inject |
40 |
-@@ -483,8 +484,9 @@ |
41 |
+@@ -469,8 +470,9 @@ |
42 |
|
43 |
config PAX_MEMORY_UDEREF |
44 |
bool "Prevent invalid userland pointer dereference" |