From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1GDSFT-0001WI-Qq for garchives@archives.gentoo.org; Wed, 16 Aug 2006 20:44:24 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.7/8.13.6) with SMTP id k7GKhtBr014211; Wed, 16 Aug 2006 20:43:55 GMT Received: from skinny.southernlinux.net (ns2.rednecks.net [64.192.52.5]) by robin.gentoo.org (8.13.7/8.13.6) with ESMTP id k7GKhstr017703 for ; Wed, 16 Aug 2006 20:43:54 GMT Received: (qmail 4078 invoked by uid 210); 16 Aug 2006 16:43:10 -0400 Received: from 64.192.55.166 by skinny (envelope-from , uid 201) with qmail-scanner-1.25st (clamdscan: 0.88.4/1664. f-prot: 4.4.2/3.14.11. spamassassin: 3.1.3. perlscan: 1.25st. Clear:RC:1(64.192.55.166):. Processed in 0.064471 secs); 16 Aug 2006 20:43:10 -0000 Received: from unknown (HELO ?10.99.99.10?) (64.192.55.166) by 0 with SMTP; 16 Aug 2006 16:43:09 -0400 Subject: Re: [gentoo-kernel] [ANNOUNCE] hardened-patches-2.6.17-1 Released From: Ned Ludd To: gentoo-kernel@lists.gentoo.org In-Reply-To: <200608162155.37882.phreak@gentoo.org> References: <20060816190812.078DB6477C@smtp.gentoo.org> <200608162155.37882.phreak@gentoo.org> Content-Type: text/plain Organization: Gentoo Linux Date: Wed, 16 Aug 2006 16:43:08 -0400 Message-Id: <1155760989.24186.8.camel@localhost> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-kernel@gentoo.org Reply-to: gentoo-kernel@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.6.2 Content-Transfer-Encoding: 7bit X-Archives-Salt: 07bfcece-ec5b-4a37-b8fb-d248556ecafd X-Archives-Hash: c690ed8a7bd99a8e1175e8854b960a16 On Wed, 2006-08-16 at 21:55 +0200, Christian Heim wrote: > On Wednesday 16 August 2006 21:08, Christian Heim wrote: > > This is an automated email to say that hardened-patches-2.6.17-1 > > has just been released. > > > > You can find a shortlog, broken out patches and release tarballs at: > > http://dev.gentoo.org/~phreak/ > > Hrm, seems like the script needs some work ... that should have been: > > You can find a shortlog, broken out patches and release tarballs at: > > http://dev.gentoo.org/~phreak/hardened-sources/ > > > > > Changes since 2.6.17- are as follows: > Changes since 2.6.16-8 are as follows: > > r597 (phreak): > M /hardened/2.6/.release > > Updating the .release file > > r592 (phreak): > A /hardened/2.6/trunk/2.6.17/4450_grsec-2.1.9-2.6.17-2006080121035.patch > D /hardened/2.6/trunk/2.6.17/4450_grsec-2.1.9-2.6.17.7-2006080121035.patch > > Dropping the EXTRAVERSION from the patchname. > > r591 (phreak): > M /hardened/2.6/trunk/2.6.17/4450_grsec-2.1.9-2.6.17.7-200608012135.patch > > Hrm, missed a '0' after renaming the patch. > > r590 (phreak): > M /hardened/2.6/trunk/2.6.17/4450_grsec-2.1.9-2.6.17.7-200608012135.patch > > Updating the headers > > r581 (phreak): > M /hardened/2.6/trunk/2.6.17/4450_grsec-2.1.9-2.6.17.7-200608012135.patch > > Removing the localversion-grsec for real! > > r580 (phreak): > M /hardened/2.6/trunk/2.6.17/4455_linux-2.6.16-reslog.patch Just talked with spender and he already pushed this patch but in a slightly diff way. notice in hunk #3 int grsec_resource_logging; int grsec_lock; +int grsec_resource_logging; The addition of this patch adds the symbol a second time. And in hunk #4 we would end up with 2 sysctl entries. #ifdef CONFIG_GRKERNSEC_RESLOG grsec_resource_logging = 1; #endif +#ifdef CONFIG_GRKERNSEC_RELOG + grsec_resource_logging = 1; +#endif So... This extra patch can simply be dropped. The systrace stuff can also be dropped as it's known to open holes where no holes existed before. -- Ned Ludd Gentoo Linux -- gentoo-kernel@gentoo.org mailing list