* [gentoo-commits] proj/hardened-patchset:master commit in: 3.3.5/
@ 2012-05-14 0:30 Anthony G. Basile
0 siblings, 0 replies; only message in thread
From: Anthony G. Basile @ 2012-05-14 0:30 UTC (permalink / raw
To: gentoo-commits
commit: d61f951df186c6e3d7c2c4950268fd547f876228
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Mon May 14 00:30:36 2012 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Mon May 14 00:30:36 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=d61f951d
Grsec: fix Kconfig patch, add proper constraints
---
3.3.5/4455_grsec-kconfig-gentoo.patch | 14 +++++++-------
1 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/3.3.5/4455_grsec-kconfig-gentoo.patch b/3.3.5/4455_grsec-kconfig-gentoo.patch
index 1ce4ccf..b9dc3e5 100644
--- a/3.3.5/4455_grsec-kconfig-gentoo.patch
+++ b/3.3.5/4455_grsec-kconfig-gentoo.patch
@@ -77,7 +77,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
+ select GRKERNSEC_SYSCTL_ON
+ select PAX
+ select PAX_ASLR
-+ select PAX_RANDKSTACK
++ select PAX_RANDKSTACK if (X86_TSC && X86)
+ select PAX_RANDUSTACK
+ select PAX_RANDMMAP
+ select PAX_NOEXEC
@@ -85,8 +85,8 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
+ select PAX_EI_PAX
+ select PAX_PT_PAX_FLAGS
+ select PAX_HAVE_ACL_FLAGS
-+ select PAX_KERNEXEC
-+ select PAX_MEMORY_UDEREF
++ select PAX_KERNEXEC if ((PPC || X86) && (!X86_32 || X86_WP_WORKS_OK) && !XEN)
++ select PAX_MEMORY_UDEREF if (X86 && !XEN)
+ select PAX_SEGMEXEC if (X86_32)
+ select PAX_PAGEEXEC
+ select PAX_EMUPLT if (ALPHA || PARISC || SPARC)
@@ -162,7 +162,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
+ select GRKERNSEC_SYSCTL_ON
+ select PAX
+ select PAX_ASLR
-+ select PAX_RANDKSTACK
++ select PAX_RANDKSTACK if (X86_TSC && X86)
+ select PAX_RANDUSTACK
+ select PAX_RANDMMAP
+ select PAX_NOEXEC
@@ -170,8 +170,8 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
+ select PAX_EI_PAX
+ select PAX_PT_PAX_FLAGS
+ select PAX_HAVE_ACL_FLAGS
-+ select PAX_KERNEXEC
-+ select PAX_MEMORY_UDEREF
++ select PAX_KERNEXEC if ((PPC || X86) && (!X86_32 || X86_WP_WORKS_OK) && !XEN)
++ select PAX_MEMORY_UDEREF if (X86 && !XEN)
+ select PAX_SEGMEXEC if (X86_32)
+ select PAX_PAGEEXEC
+ select PAX_EMUPLT if (ALPHA || PARISC || SPARC)
@@ -247,7 +247,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
+ select GRKERNSEC_SYSCTL_ON
+ select PAX
+ select PAX_ASLR
-+ select PAX_RANDKSTACK
++ select PAX_RANDKSTACK if (X86_TSC && X86)
+ select PAX_RANDUSTACK
+ select PAX_RANDMMAP
+ select PAX_NOEXEC
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2012-05-14 0:30 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-05-14 0:30 [gentoo-commits] proj/hardened-patchset:master commit in: 3.3.5/ Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox