SPECS (LINUX_2_6_17): kernel.spec - rel 4 - pax prepared for SEGME...

Fri Sep 29 16:53:49 CEST 2006

Author: mguevara                     Date: Fri Sep 29 14:53:49 2006 GMT
Module: SPECS                         Tag: LINUX_2_6_17
---- Log message:
- rel 4 - pax prepared for SEGMEXEC (ix86) and PAGEEXEC (the rest) archs
  pax bcond changes in conf - enabled NOELFRELOCS (all but ppc64) and UDEREF 
  (ix86_64), EMUTRAMP disabled on ix86 

---- Files affected:
SPECS:
   kernel.spec (1.441.2.1613.2.3 -> 1.441.2.1613.2.4) 

---- Diffs:

================================================================
Index: SPECS/kernel.spec
diff -u SPECS/kernel.spec:1.441.2.1613.2.3 SPECS/kernel.spec:1.441.2.1613.2.4

--- SPECS/kernel.spec:1.441.2.1613.2.3	Wed Sep 27 23:15:09 2006
+++ SPECS/kernel.spec	Fri Sep 29 16:53:43 2006
@@ -2,7 +2,6 @@
 #
 # TODO:
 # - all netfilter patches needs update (API changed again)
-# - PaX support cleanup
 # - separate PaX and grsecurity support
 #
 # WARNING: Kernels from 2.6.16.X series not work under OldWorldMac
@@ -104,7 +103,7 @@
 %define		_udev_ver		071
 %define		_mkvmlinuz_ver		1.3
 
-%define		_rel			3
+%define		_rel			4
 
 %define		_old_netfilter_snap	20060504
 %define		_netfilter_snap		20060829
@@ -383,6 +382,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -399,6 +399,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -415,6 +416,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -430,6 +432,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -578,6 +581,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -594,6 +598,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -609,6 +614,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -624,6 +630,7 @@
 %{!?without_old_netfilter:Old netfilter module dated: %{_old_netfilter_snap}}
 %{?with_abi:Linux ABI suppor - enabled}
 %{?with_grsec_full:Grsecurity full support - enabled}
+%{?with_pax:PaX and Grsecurity full support - enabled}
 %{?with_xen0:Xen 0 - enabled}
 %{?with_xenU:Xen U - enabled}
 %{?with_fbsplash:Fbsplash - enabled }
@@ -997,6 +1004,27 @@
 %endif
 }
 
+PaXconfig () {
+	set -x
+	%ifarch %{ix86}
+		sed -i 's:# CONFIG_PAX_SEGMEXEC is not set:CONFIG_PAX_SEGMEXEC=y:' $1
+		sed -i 's:# CONFIG_PAX_DEFAULT_SEGMEXEC is not set:CONFIG_PAX_DEFAULT_SEGMEXEC=y:' $1
+		%ifnarch i386 i486
+			sed -i 's:# CONFIG_PAX_NOVSYSCALL is not set:CONFIG_PAX_NOVSYSCALL=y:' $1
+		%endif
+	%endif
+	%ifarch ppc64
+		sed -i 's:CONFIG_PAX_NOELFRELOCS=y:# CONFIG_PAX_NOELFRELOCS is not set:' $1
+	%endif
+	%ifarch ppc
+		sed -i 's:# CONFIG_PAX_EMUTRAMP is not set:CONFIG_PAX_EMUTRAMP=y:' $1
+	%endif
+	%ifarch %{ix8664}
+		sed -i 's:# CONFIG_PAX_MEMORY_UDEREF is not set:# CONFIG_PAX_MEMORY_UDEREF=y:' $1
+	%endif
+	return 0
+}
+
 %if "%{_target_base_arch}" != "%{_arch}"
 	CrossOpts="ARCH=%{_target_base_arch} CROSS_COMPILE=%{_target_cpu}-pld-linux-"
 	DepMod=/bin/true
@@ -1061,6 +1089,7 @@
 
 %if %{with pax}
 	cat %{SOURCE49} >> arch/%{_target_base_arch}/defconfig
+	PaXconfig arch/%{_target_base_arch}/defconfig
 %else
 	cat %{SOURCE50} >> arch/%{_target_base_arch}/defconfig
 %endif
@@ -1814,6 +1843,11 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.441.2.1613.2.4  2006/09/29 14:53:43  mguevara
+- rel 4 - pax prepared for SEGMEXEC (ix86) and PAGEEXEC (the rest) archs
+  pax bcond changes in conf - enabled NOELFRELOCS (all but ppc64) and UDEREF
+  (ix86_64), EMUTRAMP disabled on ix86
+
 Revision 1.441.2.1613.2.3  2006/09/27 21:15:09  mguevara
 - 2.6.17.13-3 - initial PaX support (bcond), separate configs for grsecurity
   and pax,
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SPECS/kernel.spec?r1=1.441.2.1613.2.3&r2=1.441.2.1613.2.4&f=u

