From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-commits+bounces-333285-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1Q7B9X-00058K-PX
	for garchives@archives.gentoo.org; Tue, 05 Apr 2011 18:39:00 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id A8FF31C046;
	Tue,  5 Apr 2011 18:38:51 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	by pigeon.gentoo.org (Postfix) with ESMTP id 758D31C046
	for <gentoo-commits@lists.gentoo.org>; Tue,  5 Apr 2011 18:38:49 +0000 (UTC)
Received: from pelican.gentoo.org (unknown [66.219.59.40])
	(using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 9EF1D1B4045
	for <gentoo-commits@lists.gentoo.org>; Tue,  5 Apr 2011 18:38:48 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by pelican.gentoo.org (Postfix) with ESMTP id 04C6080065
	for <gentoo-commits@lists.gentoo.org>; Tue,  5 Apr 2011 18:38:48 +0000 (UTC)
From: "Matthew Thode" <mthode@mthode.org>
To: gentoo-commits@lists.gentoo.org
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Matthew Thode" <mthode@mthode.org>
Message-ID: <23dda4bdfebfe697e5dca3dcac505d705a5c71c9.prometheanfire@gentoo>
Subject: [gentoo-commits] proj/hardened-docs:master commit in: xml/
X-VCS-Repository: proj/hardened-docs
X-VCS-Files: xml/hardened-virtualization.xml
X-VCS-Directories: xml/
X-VCS-Committer: prometheanfire
X-VCS-Committer-Name: Matthew Thode
X-VCS-Revision: 23dda4bdfebfe697e5dca3dcac505d705a5c71c9
Date: Tue,  5 Apr 2011 18:38:48 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 
X-Archives-Hash: f7520a96c996e569e8932b25ae79e209

commit:     23dda4bdfebfe697e5dca3dcac505d705a5c71c9
Author:     Matthew Thode <mthode <AT> mthode <DOT> org>
AuthorDate: Tue Apr  5 18:26:50 2011 +0000
Commit:     Matthew Thode <mthode <AT> mthode <DOT> org>
CommitDate: Tue Apr  5 18:26:50 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=3Dproj/hardened-docs=
.git;a=3Dcommit;h=3D23dda4bd

added a table to the hardened-virt guide for kernel options on guests

---
 xml/hardened-virtualization.xml |   23 +++++++++++++++++++++++
 1 files changed, 23 insertions(+), 0 deletions(-)

diff --git a/xml/hardened-virtualization.xml b/xml/hardened-virtualizatio=
n.xml
index 606c6fd..916b798 100644
--- a/xml/hardened-virtualization.xml
+++ b/xml/hardened-virtualization.xml
@@ -83,6 +83,29 @@ virtio, with all hardening features, including CONFIG_=
PAX_KERNEXEC and
 CONFIG_PAX_MEMORY_UDEREF, have been successfull.
 </p>
=20
+<table>
+	<tr>
+		<th>guest kerel config breakout</th>
+	</tr>
+	<tr>
+		<th rowspan=3D2></th>
+		<th colspan=3D2>CPU</th>
+		<th>AMD</th>
+		<th>INTEL</th>
+	</tr>
+	<tr>
+		<th>CONFIG_PAX_KERNEXEC</th>
+		<ti>Y</ti>
+		<ti>Y</ti>
+	</tr>
+	<tr>
+		<th>CONFIG_PAX_MEMORY_UDEREF</th>
+		<ti>Y</ti>
+		<ti>N</ti>
+	</tr>  =20
+</table>
+
+
 <p>
 For the host, however, one must disable both CONFIG_PAX_KERNEXEC and
 CONFIG_PAX_MEMORY_UDEREF. Either of these will set an invisible kernel