Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Matt Thode <prometheanfire@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:prometheanfire commit in: 3.3.3/
Date: Fri, 27 Apr 2012 03:54:22
Message-Id: 1335498768.90e6c06fd6e6d9d72616afee06b8f53b9eeab2d1.prometheanfire@gentoo
1 commit: 90e6c06fd6e6d9d72616afee06b8f53b9eeab2d1
2 Author: Matthew Thode <prometheanfire <AT> gentoo <DOT> org>
3 AuthorDate: Fri Apr 27 03:52:48 2012 +0000
4 Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org>
5 CommitDate: Fri Apr 27 03:52:48 2012 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=90e6c06f
7
8 fixed CONFIG_PAX_MEMORY_STACKLEAK issue in xenserver guests, needed to
9 be disabled in order to boot or the dom0 would complain about an
10 incompatible kernel
11
12 ---
13 3.3.3/4455_grsec-kconfig-gentoo.patch | 6 +++---
14 1 files changed, 3 insertions(+), 3 deletions(-)
15
16 diff --git a/3.3.3/4455_grsec-kconfig-gentoo.patch b/3.3.3/4455_grsec-kconfig-gentoo.patch
17 index 79f97da..b9dc3e5 100644
18 --- a/3.3.3/4455_grsec-kconfig-gentoo.patch
19 +++ b/3.3.3/4455_grsec-kconfig-gentoo.patch
20 @@ -95,7 +95,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
21 + select PAX_REFCOUNT if (X86 || SPARC64)
22 + select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB || SLOB))
23 + select PAX_MEMORY_SANITIZE
24 -+ select PAX_MEMORY_STACKLEAK
25 ++ select PAX_MEMORY_STACKLEAK if (!XEN)
26 + help
27 + If you say Y here, a configuration for grsecurity/PaX features
28 + will be used that is endorsed by the Hardened Gentoo project.
29 @@ -180,7 +180,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
30 + select PAX_REFCOUNT if (X86 || SPARC64)
31 + select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB || SLOB))
32 + select PAX_MEMORY_SANITIZE
33 -+ select PAX_MEMORY_STACKLEAK
34 ++ select PAX_MEMORY_STACKLEAK if (!XEN)
35 + help
36 + If you say Y here, a configuration for grsecurity/PaX features
37 + will be used that is endorsed by the Hardened Gentoo project.
38 @@ -263,7 +263,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
39 + select PAX_REFCOUNT if (X86 || SPARC64)
40 + select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB || SLOB))
41 + select PAX_MEMORY_SANITIZE
42 -+ select PAX_MEMORY_STACKLEAK
43 ++ select PAX_MEMORY_STACKLEAK if (!XEN)
44 + help
45 + If you say Y here, a configuration for grsecurity/PaX features
46 + will be used that is endorsed by the Hardened Gentoo project.
Report Message
Find on MARC Find on Google Groups