| 1 |
On Tue, 22 Jun 2021 10:35:12 +0100 |
| 2 |
Marek Szuba <marecki@g.o> wrote: |
| 3 |
|
| 4 |
> Dear everyone, |
| 5 |
> |
| 6 |
> Seeing as in the end this USE flag is not going anywhere in spite of |
| 7 |
> Gentoo no longer providing PaX-capable kernel sources, could we please |
| 8 |
> rename it (e.g. to 'pax-kernel') so that it no longer contains a |
| 9 |
> disallowed character. I understand the main reason this hasn't been done |
| 10 |
> yet is that we expected it might disappear altogether. |
| 11 |
|
| 12 |
Just renaming pax_kernel to pax-kernel for dev-libs/libffi will likely |
| 13 |
brick a system on W^X kernel on first world update. python will |
| 14 |
probably start crashing instantly. Unless user explicitly notices that |
| 15 |
they need to enable a new flag. |
| 16 |
|
| 17 |
Other packages should be less problematic to just switch over. |
| 18 |
|
| 19 |
One of the steps forward for libffi would be to add extra USE=pax-kernel |
| 20 |
with REQUIRED_USE="pax_kernel? ( pax-kernel )" or 'die' equivalent. |
| 21 |
|
| 22 |
The specifics should ideally be handled by hardened@ team. Otherwise we |
| 23 |
can do 'use pax_kernel || die' libffi experiment if nobody objects. Say, |
| 24 |
in a few days. |
| 25 |
|
| 26 |
-- |
| 27 |
|
| 28 |
Sergei |
Archives