From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RWLVd-00075Y-Kv for garchives@archives.gentoo.org; Fri, 02 Dec 2011 05:18:05 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D942021C04D; Fri, 2 Dec 2011 05:17:49 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 10F7021C042 for ; Fri, 2 Dec 2011 05:17:06 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 9BAC71B4012 for ; Fri, 2 Dec 2011 05:17:06 +0000 (UTC) X-Virus-Scanned: by amavisd-new using ClamAV at gentoo.org X-Spam-Flag: NO X-Spam-Score: -4.152 X-Spam-Level: X-Spam-Status: No, score=-4.152 tagged_above=-999 required=5.5 tests=[AWL=1.251, BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.201, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0CJYg6_QDMb7 for ; Fri, 2 Dec 2011 05:16:57 +0000 (UTC) Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) by smtp.gentoo.org (Postfix) with ESMTP id 482E41B400A for ; Fri, 2 Dec 2011 05:16:57 +0000 (UTC) Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1RWLUV-0003eF-46 for gentoo-dev@gentoo.org; Fri, 02 Dec 2011 06:16:55 +0100 Received: from ip68-231-22-224.ph.ph.cox.net ([68.231.22.224]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 02 Dec 2011 06:16:54 +0100 Received: from 1i5t5.duncan by ip68-231-22-224.ph.ph.cox.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 02 Dec 2011 06:16:54 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-dev@lists.gentoo.org From: Duncan <1i5t5.duncan@cox.net> Subject: [gentoo-dev] Re: Bleeding edge hardened-sources: move PaX markings from ELF to Extended Attributes Date: Fri, 2 Dec 2011 05:16:43 +0000 (UTC) Message-ID: References: <4ED7A685.40108@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: ip68-231-22-224.ph.ph.cox.net User-Agent: Pan/0.135 (Tomorrow I'll Wake Up and Scald Myself with Tea; GIT 72c8148 /st/portage/src/egit-src/pan2) Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 109cb0e8-f011-4cd1-83f0-889a43a5e151 X-Archives-Hash: 43bf7b6f2693da40dcb70eabf596951a Anthony G. Basile posted on Thu, 01 Dec 2011 11:08:37 -0500 as excerpted: > I've been doing some experimental work with PaX enabled kernels > The disadvantage is that xattrs is not supported on all filesystems > b) Kernels 3.0 and above support xattrs in tmpfs, squashfs and other > filesystems. [I debated sending this offlist as my interest isn't entirely on-topic,=20 but as I wrote it up, it became apparent that the question itself isn't=20 as off-topic as I thought, so on-list it stayed.] TL;DR: reiserfs (v3), for both caps and XT_PAX ?? Longer: Does reiserfs (v3) support xattrs and thus, presumably caps and=20 XT_PAX? Kernel reiserfs options suggest yes, but everything I've read=20 elsewhere (including gentoo-dev caps project discussions) seems to=20 indicate no. Is the "no" simply outdated, since reiserfs xattrs support=20 was added relatively late in the game, or is it still correct and I have=20 the purpose of those kernel options all wrong, or ??? If both reiserfs and tmpfs (my $PORTAGE_TMPDIR) support xattrs, both caps= =20 and XT_PAX should be good to go, correct? Ignorable background: I've been running reiserfs since early in the=20 kernel 2.4 era, before switching to gentoo, and have had quite a good=20 experience on it since it got ordered journals by default (before that,=20 let's not talk about), despite a period with bad RAM that was hard- crashing the system frequently, no UPS, and apparently missing barriers=20 until quite recently. I've even been stable when others had problems=20 with ext3 due to its writeback-by-default period. I intend to eventually= =20 switch to btrfs but there's still more kernel churn there than I'm=20 comfortable with, especially running live-git kernels as I normally do,=20 and of course, it's still lacking a proper fsck (tho arguably reiserfs'=20 fsck support has always been "interesting" as well, and that's not such a= =20 big deal given the backups I already keep based on pre-ordered era=20 experience). My interest is therefore in whether USE=3Dcaps does people on reiserfs an= y=20 good or not, but the same concerns would appear to apply to XT_PAX on=20 reiserfs, as well. --=20 Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman