SPECS (LINUX_2_6_20): kernel.spec - added (not yet ready) pax_seli...
mguevara
mguevara at pld-linux.org
Tue Mar 6 10:51:27 CET 2007
Author: mguevara Date: Tue Mar 6 09:51:27 2007 GMT
Module: SPECS Tag: LINUX_2_6_20
---- Log message:
- added (not yet ready) pax_selinux_hooks-2.6.20.patch
- some commented stuff for PAX_KERNEXEC testing
---- Files affected:
SPECS:
kernel.spec (1.441.2.1698.2.58 -> 1.441.2.1698.2.59)
---- Diffs:
================================================================
Index: SPECS/kernel.spec
diff -u SPECS/kernel.spec:1.441.2.1698.2.58 SPECS/kernel.spec:1.441.2.1698.2.59
--- SPECS/kernel.spec:1.441.2.1698.2.58 Fri Mar 2 13:32:39 2007
+++ SPECS/kernel.spec Tue Mar 6 10:51:21 2007
@@ -21,11 +21,13 @@
# - reiser4 builds
# - layer7 builds
# - TARPIT and ROUTE smp locking issues should be resolved
+# - pax & grsec_min builds on x86_64, fails on i686
#
# TODO 2.6.20.1
# - fine-tune the ppc configs and test build on ppc
# - test build on sparc, sparc64, alpha
# - grsec_full and pax
+# - pax hooks for selinux (experimental)
# - new alsa rc2 - 1.0.14rc2 is in 2.6.20-git10 tree
# - spec cleanup
# - test external modules
@@ -403,6 +405,8 @@
#wanpipe
#Patch3000: wanpipe-beta7-2.3.4.patch
+Patch9997: pax_selinux_hooks-2.6.20.patch
+
# TODO: http://www.grsecurity.net/~paxguy1/pax-linux-2.6.20.1-test5.patch
Patch9998: pax-linux-2.6.20.patch
@@ -1103,7 +1107,6 @@
%endif
%if %{with pax}
-%patch9998 -p1
# now we have an separate testing pax-only patch - in the future we
# could have single grsecurity patch and will have to prepare separate
# configs for grsec_minimal, grsec_full and pax to support such
@@ -1111,6 +1114,8 @@
# So, in a future there could be no patch9998, but only config
# would tell which options should be enabled.
# The second option is to maintain separate pax-only patch.
+%patch9998 -p1
+#patch9997 -p1 - needs update
%endif
%endif
@@ -1197,6 +1202,13 @@
%ifnarch i386 i486
sed -i 's:# CONFIG_PAX_NOVSYSCALL is not set:CONFIG_PAX_NOVSYSCALL=y:' $1
%endif
+
+ # Testing KERNEXEC
+
+ # sed -i 's:CONFIG_HOTPLUG_PCI_COMPAQ_NVRAM=y:# CONFIG_HOTPLUG_PCI_COMPAQ_NVRAM is not set:' $1
+ # sed -i 's:CONFIG_PCI_BIOS=y:# CONFIG_PCI_BIOS is not set:' $1
+ # sed -i 's:CONFIG_EFI=y:# CONFIG_EFI is not set:' $1
+
%endif
%ifarch ppc64
sed -i 's:CONFIG_PAX_NOELFRELOCS=y:# CONFIG_PAX_NOELFRELOCS is not set:' $1
@@ -2060,6 +2072,10 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.441.2.1698.2.59 2007/03/06 09:51:21 mguevara
+- added (not yet ready) pax_selinux_hooks-2.6.20.patch
+- some commented stuff for PAX_KERNEXEC testing
+
Revision 1.441.2.1698.2.58 2007/03/02 12:32:39 baggins
- apply quota fix
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SPECS/kernel.spec?r1=1.441.2.1698.2.58&r2=1.441.2.1698.2.59&f=u
More information about the pld-cvs-commit
mailing list