1 |
commit: 90e6c06fd6e6d9d72616afee06b8f53b9eeab2d1 |
2 |
Author: Matthew Thode <prometheanfire <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Apr 27 03:52:48 2012 +0000 |
4 |
Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Apr 27 03:52:48 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=90e6c06f |
7 |
|
8 |
fixed CONFIG_PAX_MEMORY_STACKLEAK issue in xenserver guests, needed to |
9 |
be disabled in order to boot or the dom0 would complain about an |
10 |
incompatible kernel |
11 |
|
12 |
--- |
13 |
3.3.3/4455_grsec-kconfig-gentoo.patch | 6 +++--- |
14 |
1 files changed, 3 insertions(+), 3 deletions(-) |
15 |
|
16 |
diff --git a/3.3.3/4455_grsec-kconfig-gentoo.patch b/3.3.3/4455_grsec-kconfig-gentoo.patch |
17 |
index 79f97da..b9dc3e5 100644 |
18 |
--- a/3.3.3/4455_grsec-kconfig-gentoo.patch |
19 |
+++ b/3.3.3/4455_grsec-kconfig-gentoo.patch |
20 |
@@ -95,7 +95,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
21 |
+ select PAX_REFCOUNT if (X86 || SPARC64) |
22 |
+ select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB || SLOB)) |
23 |
+ select PAX_MEMORY_SANITIZE |
24 |
-+ select PAX_MEMORY_STACKLEAK |
25 |
++ select PAX_MEMORY_STACKLEAK if (!XEN) |
26 |
+ help |
27 |
+ If you say Y here, a configuration for grsecurity/PaX features |
28 |
+ will be used that is endorsed by the Hardened Gentoo project. |
29 |
@@ -180,7 +180,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
30 |
+ select PAX_REFCOUNT if (X86 || SPARC64) |
31 |
+ select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB || SLOB)) |
32 |
+ select PAX_MEMORY_SANITIZE |
33 |
-+ select PAX_MEMORY_STACKLEAK |
34 |
++ select PAX_MEMORY_STACKLEAK if (!XEN) |
35 |
+ help |
36 |
+ If you say Y here, a configuration for grsecurity/PaX features |
37 |
+ will be used that is endorsed by the Hardened Gentoo project. |
38 |
@@ -263,7 +263,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
39 |
+ select PAX_REFCOUNT if (X86 || SPARC64) |
40 |
+ select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB || SLOB)) |
41 |
+ select PAX_MEMORY_SANITIZE |
42 |
-+ select PAX_MEMORY_STACKLEAK |
43 |
++ select PAX_MEMORY_STACKLEAK if (!XEN) |
44 |
+ help |
45 |
+ If you say Y here, a configuration for grsecurity/PaX features |
46 |
+ will be used that is endorsed by the Hardened Gentoo project. |