Gentoo Archives: gentoo-dev

From: Duncan <1i5t5.duncan@×××.net>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] Re: Bleeding edge hardened-sources: move PaX markings from ELF to Extended Attributes
Date: Fri, 02 Dec 2011 05:18:05
In Reply to: [gentoo-dev] Bleeding edge hardened-sources: move PaX markings from ELF to Extended Attributes by "Anthony G. Basile"
1 Anthony G. Basile posted on Thu, 01 Dec 2011 11:08:37 -0500 as excerpted:
3 > I've been doing some experimental work with PaX enabled kernels
5 > The disadvantage is that xattrs is not supported on all filesystems
7 > b) Kernels 3.0 and above support xattrs in tmpfs, squashfs and other
8 > filesystems.
10 [I debated sending this offlist as my interest isn't entirely on-topic,
11 but as I wrote it up, it became apparent that the question itself isn't
12 as off-topic as I thought, so on-list it stayed.]
15 TL;DR: reiserfs (v3), for both caps and XT_PAX ??
18 Longer: Does reiserfs (v3) support xattrs and thus, presumably caps and
19 XT_PAX? Kernel reiserfs options suggest yes, but everything I've read
20 elsewhere (including gentoo-dev caps project discussions) seems to
21 indicate no. Is the "no" simply outdated, since reiserfs xattrs support
22 was added relatively late in the game, or is it still correct and I have
23 the purpose of those kernel options all wrong, or ???
25 If both reiserfs and tmpfs (my $PORTAGE_TMPDIR) support xattrs, both caps
26 and XT_PAX should be good to go, correct?
29 Ignorable background: I've been running reiserfs since early in the
30 kernel 2.4 era, before switching to gentoo, and have had quite a good
31 experience on it since it got ordered journals by default (before that,
32 let's not talk about), despite a period with bad RAM that was hard-
33 crashing the system frequently, no UPS, and apparently missing barriers
34 until quite recently. I've even been stable when others had problems
35 with ext3 due to its writeback-by-default period. I intend to eventually
36 switch to btrfs but there's still more kernel churn there than I'm
37 comfortable with, especially running live-git kernels as I normally do,
38 and of course, it's still lacking a proper fsck (tho arguably reiserfs'
39 fsck support has always been "interesting" as well, and that's not such a
40 big deal given the backups I already keep based on pre-ordered era
41 experience).
43 My interest is therefore in whether USE=caps does people on reiserfs any
44 good or not, but the same concerns would appear to apply to XT_PAX on
45 reiserfs, as well.
47 --
48 Duncan - List replies preferred. No HTML msgs.
49 "Every nonfree program has a lord, a master --
50 and if you use the program, he is your master." Richard Stallman