main/linux-grsec: enable XEN and XEN_DOM0 [x86_64 only]

2 files changed, 37 insertions, 25 deletions

diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index 45ff957ad9..d3e9a3d661 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -4,7 +4,7 @@ _flavor=grsec
 pkgname=linux-${_flavor}
 pkgver=2.6.37
 _kernver=2.6.37
-pkgrel=1
+pkgrel=2
 pkgdesc="Linux kernel with grsecurity"
 url=http://grsecurity.net
 depends="mkinitfs linux-firmware"
@@ -140,4 +140,4 @@ firmware() {
 md5sums="c8ee37b4fdccdb651e0603d35350b434  linux-2.6.37.tar.bz2
 f56bdcd16fa540cddf075be6842edaaa  grsecurity-2.2.1-2.6.37-201102121148.patch
 5d3fee9fda0762c1366fd1aca81ac1b9  kernelconfig.x86
-582fd6e2e33bd4fc1f0b14f2909e4637  kernelconfig.x86_64"
+abdfbef1635ddc88b3a53626aec09eb8  kernelconfig.x86_64"
diff --git a/main/linux-grsec/kernelconfig.x86_64 b/main/linux-grsec/kernelconfig.x86_64
index d52c6fdaf1..807c93990c 100644
--- a/main/linux-grsec/kernelconfig.x86_64
+++ b/main/linux-grsec/kernelconfig.x86_64
@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
 # Linux/x86_64 2.6.37 Kernel Configuration
-# Thu Feb 17 18:39:42 2011
+# Thu Feb 17 18:59:09 2011
 #
 CONFIG_64BIT=y
 # CONFIG_X86_32 is not set
@@ -142,7 +142,6 @@ CONFIG_CC_OPTIMIZE_FOR_SIZE=y
 CONFIG_SYSCTL=y
 CONFIG_ANON_INODES=y
 CONFIG_EMBEDDED=y
-CONFIG_UID16=y
 CONFIG_SYSCTL_SYSCALL=y
 CONFIG_KALLSYMS=y
 # CONFIG_KALLSYMS_EXTRA_PASS is not set
@@ -214,7 +213,6 @@ CONFIG_STOP_MACHINE=y
 CONFIG_BLOCK=y
 CONFIG_BLK_DEV_BSG=y
 # CONFIG_BLK_DEV_INTEGRITY is not set
-CONFIG_BLOCK_COMPAT=y
 
 #
 # IO Schedulers
@@ -271,8 +269,13 @@ CONFIG_X86_EXTENDED_PLATFORM=y
 # CONFIG_X86_VSMP is not set
 CONFIG_SCHED_OMIT_FRAME_POINTER=y
 CONFIG_PARAVIRT_GUEST=y
-# CONFIG_XEN is not set
-# CONFIG_XEN_PRIVILEGED_GUEST is not set
+CONFIG_XEN=y
+CONFIG_XEN_DOM0=y
+CONFIG_XEN_PRIVILEGED_GUEST=y
+CONFIG_XEN_PVHVM=y
+CONFIG_XEN_MAX_DOMAIN_MEMORY=128
+CONFIG_XEN_SAVE_RESTORE=y
+# CONFIG_XEN_DEBUG_FS is not set
 CONFIG_KVM_CLOCK=y
 CONFIG_KVM_GUEST=y
 CONFIG_PARAVIRT=y
@@ -304,13 +307,11 @@ CONFIG_HPET_TIMER=y
 CONFIG_HPET_EMULATE_RTC=y
 CONFIG_DMI=y
 CONFIG_GART_IOMMU=y
-CONFIG_CALGARY_IOMMU=y
-CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y
-CONFIG_AMD_IOMMU=y
-# CONFIG_AMD_IOMMU_STATS is not set
+# CONFIG_CALGARY_IOMMU is not set
+# CONFIG_AMD_IOMMU is not set
 CONFIG_SWIOTLB=y
 CONFIG_IOMMU_HELPER=y
-CONFIG_IOMMU_API=y
+# CONFIG_IOMMU_API is not set
 CONFIG_NR_CPUS=8
 CONFIG_SCHED_SMT=y
 CONFIG_SCHED_MC=y
@@ -466,8 +467,7 @@ CONFIG_INTEL_IDLE=y
 #
 # Memory power savings
 #
-CONFIG_I7300_IDLE_IOAT_CHANNEL=y
-CONFIG_I7300_IDLE=m
+# CONFIG_I7300_IDLE is not set
 
 #
 # Bus options (PCI etc.)
@@ -475,6 +475,7 @@ CONFIG_I7300_IDLE=m
 CONFIG_PCI=y
 CONFIG_PCI_DIRECT=y
 CONFIG_PCI_MMCONFIG=y
+CONFIG_PCI_XEN=y
 CONFIG_PCI_DOMAINS=y
 CONFIG_PCI_CNB20LE_QUIRK=y
 # CONFIG_DMAR is not set
@@ -487,6 +488,7 @@ CONFIG_PCIEASPM=y
 CONFIG_ARCH_SUPPORTS_MSI=y
 CONFIG_PCI_MSI=y
 CONFIG_PCI_STUB=m
+CONFIG_XEN_PCIDEV_FRONTEND=y
 CONFIG_HT_IRQ=y
 # CONFIG_PCI_IOV is not set
 CONFIG_PCI_IOAPIC=y
@@ -522,18 +524,13 @@ CONFIG_HOTPLUG_PCI_SHPC=m
 # Executable file formats / Emulations
 #
 CONFIG_BINFMT_ELF=y
-CONFIG_COMPAT_BINFMT_ELF=y
 # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set
 # CONFIG_HAVE_AOUT is not set
 CONFIG_BINFMT_MISC=m
-CONFIG_IA32_EMULATION=y
-# CONFIG_IA32_AOUT is not set
-CONFIG_COMPAT=y
-CONFIG_COMPAT_FOR_U64_ALIGNMENT=y
-CONFIG_SYSVIPC_COMPAT=y
+# CONFIG_IA32_EMULATION is not set
+# CONFIG_COMPAT_FOR_U64_ALIGNMENT is not set
 CONFIG_HAVE_TEXT_POKE_SMP=y
 CONFIG_NET=y
-CONFIG_COMPAT_NETLINK_MESSAGES=y
 
 #
 # Networking options
@@ -1161,7 +1158,7 @@ CONFIG_STANDALONE=y
 CONFIG_FW_LOADER=m
 # CONFIG_FIRMWARE_IN_KERNEL is not set
 CONFIG_EXTRA_FIRMWARE=""
-# CONFIG_SYS_HYPERVISOR is not set
+CONFIG_SYS_HYPERVISOR=y
 CONFIG_CONNECTOR=m
 CONFIG_MTD=m
 # CONFIG_MTD_DEBUG is not set
@@ -1351,6 +1348,7 @@ CONFIG_CDROM_PKTCDVD=m
 CONFIG_CDROM_PKTCDVD_BUFFERS=8
 # CONFIG_CDROM_PKTCDVD_WCACHE is not set
 CONFIG_ATA_OVER_ETH=m
+CONFIG_XEN_BLKDEV_FRONTEND=y
 CONFIG_VIRTIO_BLK=m
 # CONFIG_BLK_DEV_HD is not set
 # CONFIG_BLK_DEV_RBD is not set
@@ -2134,6 +2132,7 @@ CONFIG_IEEE802154_FAKEHARD=m
 CONFIG_CAIF_TTY=m
 CONFIG_CAIF_SPI_SLAVE=m
 # CONFIG_CAIF_SPI_SYNC is not set
+CONFIG_XEN_NETDEV_FRONTEND=y
 CONFIG_FDDI=y
 CONFIG_DEFXX=m
 # CONFIG_DEFXX_MMIO is not set
@@ -2239,6 +2238,7 @@ CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
 CONFIG_INPUT_JOYDEV=m
 CONFIG_INPUT_EVDEV=m
 CONFIG_INPUT_EVBUG=m
+CONFIG_XEN_KBDDEV_FRONTEND=m
 
 #
 # Input Device Drivers
@@ -2435,6 +2435,8 @@ CONFIG_PRINTER=m
 # CONFIG_LP_CONSOLE is not set
 CONFIG_PPDEV=m
 CONFIG_HVC_DRIVER=y
+CONFIG_HVC_IRQ=y
+CONFIG_HVC_XEN=y
 CONFIG_VIRTIO_CONSOLE=m
 CONFIG_IPMI_HANDLER=m
 # CONFIG_IPMI_PANIC_EVENT is not set
@@ -3477,6 +3479,7 @@ CONFIG_FB_TMIO=m
 CONFIG_FB_TMIO_ACCELL=y
 CONFIG_FB_SM501=m
 # CONFIG_FB_VIRTUAL is not set
+CONFIG_XEN_FBDEV_FRONTEND=m
 CONFIG_FB_METRONOME=m
 CONFIG_FB_MB862XX=m
 # CONFIG_FB_MB862XX_PCI_GDC is not set
@@ -4197,6 +4200,18 @@ CONFIG_UIO_AEC=m
 CONFIG_UIO_SERCOS3=m
 # CONFIG_UIO_PCI_GENERIC is not set
 CONFIG_UIO_NETX=m
+
+#
+# Xen driver support
+#
+CONFIG_XEN_BALLOON=y
+CONFIG_XEN_SCRUB_PAGES=y
+CONFIG_XEN_DEV_EVTCHN=y
+CONFIG_XENFS=y
+CONFIG_XEN_COMPAT_XENFS=y
+CONFIG_XEN_SYS_HYPERVISOR=y
+CONFIG_XEN_PLATFORM_PCI=m
+CONFIG_SWIOTLB_XEN=y
 CONFIG_STAGING=y
 # CONFIG_STAGING_EXCLUDE_BUILD is not set
 # CONFIG_ET131X is not set
@@ -4389,7 +4404,6 @@ CONFIG_QUOTA_TREE=m
 CONFIG_QFMT_V1=m
 CONFIG_QFMT_V2=m
 CONFIG_QUOTACTL=y
-CONFIG_QUOTACTL_COMPAT=y
 CONFIG_AUTOFS4_FS=m
 CONFIG_FUSE_FS=m
 # CONFIG_CUSE is not set
@@ -4785,7 +4799,6 @@ CONFIG_PAX_EMUTRAMP=y
 CONFIG_PAX_MPROTECT=y
 # CONFIG_PAX_MPROTECT_COMPAT is not set
 # CONFIG_PAX_ELFRELOCS is not set
-# CONFIG_PAX_KERNEXEC is not set
 
 #
 # Address Space Layout Randomization
@@ -4798,7 +4811,6 @@ CONFIG_PAX_RANDMMAP=y
 # Miscellaneous hardening features
 #
 # CONFIG_PAX_MEMORY_SANITIZE is not set
-# CONFIG_PAX_MEMORY_UDEREF is not set
 CONFIG_PAX_REFCOUNT=y
 # CONFIG_PAX_USERCOPY is not set
 CONFIG_KEYS=y