summaryrefslogtreecommitdiff
blob: cdd48b295a0d21622bf3377d723932f43dd2ed7f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
Patch:	1012_linux-3.2.13.patch
From:	http://www.kernel.org
Desc:	Linux 3.2.13

Patch:	4420_grsecurity-2.9-3.2.13-201203251921.patch
From:	http://www.grsecurity.net
Desc:	hardened-sources base patch from upstream grsecurity

Patch:	4430_grsec-remove-localversion-grsec.patch
From:	Kerin Millar <kerframil@gmail.com>
Desc:	Removes grsecurity's localversion-grsec file

Patch:	4435_grsec-mute-warnings.patch
From:	Alexander Gabert <gaberta@fh-trier.de>
	Gordon Malm <gengor@gentoo.org>
Desc:	Removes verbose compile warning settings from grsecurity, restores
	mainline Linux kernel behavior

Patch:	4440_grsec-remove-protected-paths.patch
From:	Anthony G. Basile <blueness@gentoo.org>
Desc:	Removes chmod statements from grsecurity/Makefile

Patch:	4445_grsec-pax-without-grsec.patch
From:	Gordon Malm <gengor@gentoo.org>
Desc:	Allows PaX features to be selected without enabling GRKERNSEC

Patch:	4450_grsec-kconfig-default-gids.patch
From:	Kerin Millar <kerframil@gmail.com>
Desc:	Sets sane(r) default GIDs on various grsecurity group-dependent
	features

Patch:	4455_grsec-kconfig-gentoo.patch
From:	Gordon Malm <gengor@gentoo.org>
	Kerin Millar <kerframil@gmail.com>
	Anthony G. Basile <blueness@gentoo.org>
Desc:	Adds Hardened Gentoo [server/workstation/virtualization] security levels,
	sets Hardened Gentoo [workstation] as default

Patch:	4460-grsec-kconfig-proc-user.patch
From:	Anthony G. Basile <blueness@gentoo.org>
Desc:	Make GRKERNSEC_PROC_USER, and GRKERNSEC_PROC_USERGROUP mutually
	exclusive to avoid bug #366019.

Patch:	4465_selinux-avc_audit-log-curr_ip.patch
From:	Gordon Malm <gengor@gentoo.org>
	Anthony G. Basile <blueness@gentoo.org>
Desc:	Configurable option to add src IP address to SELinux log messages

Patch:	4470_disable-compat_vdso.patch
From:	Gordon Malm <gengor@gentoo.org>
	Kerin Millar <kerframil@gmail.com>
Desc:	Disables VDSO_COMPAT operation completely