aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2016-04-04 15:00:31 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2016-04-04 15:12:45 +0000
commit0a23087c37c69e961f07801890d334cb50971f76 (patch)
treef4468cd9266ba2721fa48baad9f55117e050c72a
parente660373bfaabb5f313a99b32303edf6d9f088e4b (diff)
downloadaports-0a23087c37c69e961f07801890d334cb50971f76.tar.bz2
aports-0a23087c37c69e961f07801890d334cb50971f76.tar.xz
main/linux-grsec: enable features useful for containers
-rw-r--r--main/linux-grsec/APKBUILD14
-rw-r--r--main/linux-grsec/config-grsec.x86_6412
-rw-r--r--main/linux-grsec/config-virtgrsec.x86_6412
3 files changed, 21 insertions, 17 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index e6e1375320..9a8086fc83 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -7,7 +7,7 @@ case $pkgver in
*.*.*) _kernver=${pkgver%.*};;
*.*) _kernver=${pkgver};;
esac
-pkgrel=0
+pkgrel=1
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs"
@@ -208,27 +208,27 @@ d48f09bf61f2500d70f839e190dc7c5a patch-4.4.6.xz
c32f1d7517a095a2645fc1c7dec5db8f fix-spi-nor-namespace-clash.patch
b11c29ee88f7f537973191036d48bee7 imx6q-no-unclocked-sleep.patch
af91f128ddf9407bb212cbaebca79354 config-grsec.x86
-cc8ab1ec3ec89db081b0ca3cc0955fd1 config-grsec.x86_64
+503656217c0cfb0c481b3804285f0166 config-grsec.x86_64
a453b5ddc5ce5b1ed487747ae785d615 config-grsec.armhf
ff753181afb1538d9d3d14fe65f834c8 config-virtgrsec.x86
-b9f90c5027200c95d4415bb8255766c3 config-virtgrsec.x86_64"
+807a5cc9253c26d96243cc3188f7ea8c config-virtgrsec.x86_64"
sha256sums="401d7c8fef594999a460d10c72c5a94e9c2e1022f16795ec51746b0d165418b2 linux-4.4.tar.xz
efea93ff30955d445344a83c36678fa8e64111219eeafea2a41fd4ee11f79d68 patch-4.4.6.xz
c32ae8d117b28b51cfacae007a36d735e3d6b02cd9420a4c4f75f60fa7747a7d grsecurity-3.1-4.4.6-201603171922.patch
b8ce28c61663dbd92f7e1c862c042c88c4d0459ce15f6e6ea121e20705b66212 fix-spi-nor-namespace-clash.patch
7e8a954750139a421a76e414e19a3b57645c9ec70e6c14a6b7708a3fa0cfd5e4 imx6q-no-unclocked-sleep.patch
c247a003fb358f611d801277f89a13393d1620ad804553ada97433ef52a7706b config-grsec.x86
-419eeeb3b553aeb4ce337bad95f12ab975bbc05f8daaff51ad4c8f01b3137bb5 config-grsec.x86_64
+d2b771f67eecad71745956dc0dea40fc702f39e4caee195b11877307d5ab2622 config-grsec.x86_64
ac8407f225ff6cb6be9ccd69729262241e61455f816cdea3070e30ddf453f7db config-grsec.armhf
8b4a1927b831e94f65ec1b08f9e3bf3f64cea1e6e85e3b6b3dc1a8796e0f206d config-virtgrsec.x86
-66a5eacb7f65cf8898c023a638859139126b5b374a57765d26ba6b833e79b9ae config-virtgrsec.x86_64"
+5d46d80c811d6d321569f3f4550769cd4f68b46b8fa5406e7b0f350e00eec1a6 config-virtgrsec.x86_64"
sha512sums="13c8459933a8b80608e226a1398e3d1848352ace84bcfb7e6a4a33cb230bbe1ab719d4b58e067283df91ce5311be6d2d595fc8c19e2ae6ecc652499415614b3e linux-4.4.tar.xz
73da057476eb31d818eed4b66c883f5ceec65f18ec8ea60d64e48334c7681af4ed4cf7eb8684481f705446a59fd124de9449d22e28805bc9617b6608ecec491d patch-4.4.6.xz
663f3b46db37c33a4d11302104365d5a59d42164187f7278496e9ae7b011dbf6b28a71179529b2e97904ab67228fdc45444fc2e9040a14a6e0fcae17386eb687 grsecurity-3.1-4.4.6-201603171922.patch
410fe7dae27cb4998d17a441a5b2a19dd350636ead2de97d4ef5317501d9e82e2550bfca0f022c9be6296907c076c381e1e13060d1900ff26ee7d47f234fb104 fix-spi-nor-namespace-clash.patch
9980eb10f529bc5ce482ab0a0037febbc982b528c3e4d02fc4547e6dd45dc529a7b1711d0c89f942b1ae27842c3794b68a6b8959ef80f6fd00183d3a591cea07 imx6q-no-unclocked-sleep.patch
d7cb2b8600bd95c25aba5fc21f27a89eb1257d003c6e98bc81989a6027536c15c4c4abbcdc16fadd84383d3e29c6814ddf0c4f8524b53b69eed8763cc2c14e92 config-grsec.x86
-a01357a4653c1d1f13a6b1eec13cc4ad9ac1d8978d2613ea3b4bc1b5a6351c9374ca5d4469ed75767552995291a13b9aece26208074b2cea5dea5fd0f37283fb config-grsec.x86_64
+900d18cb27b99ca91cb48fa8fc27a74f1b700eb826ef26fcfa18a379e9b7521ddac65edc57757de766e76d1c576a4d6e80a6778afc3c34394b165ab9a707cba0 config-grsec.x86_64
97de0656bbf99b66431587fda8c914aa08950c1865de018ed7a1b5f99b98f91e2e935d2341dbab44af1ca8c2370953fbbeca58c00e201f97e1b15bbec41d52d6 config-grsec.armhf
fdfdb0600ac79a08d1cd3bd54a70e0bb6ba714f9b1680336d51b64a8a007abae15adb3ce4f94ffc76f0744c4a8ffe553d0cc9a15c3e4e1629935ce50a533e798 config-virtgrsec.x86
-fa0127850364dcb2f8ddf6ba06e722992ae8c0ce3dc9a1c9cb2dcc9f179c5e3d07becd383efc7ca56a8087a13a6fb20a8255a3e06f90f1f96c4ff0359d0b4a6f config-virtgrsec.x86_64"
+815498782a00d2d3137390961dbf7bd2c0f06f110a4e593418b7edb5497a543a0ace225509cda90af6dd6ec1e9e4584c7a602fabd03e274bc29f27e176e5bb45 config-virtgrsec.x86_64"
diff --git a/main/linux-grsec/config-grsec.x86_64 b/main/linux-grsec/config-grsec.x86_64
index 9374f4c694..2011bab9a1 100644
--- a/main/linux-grsec/config-grsec.x86_64
+++ b/main/linux-grsec/config-grsec.x86_64
@@ -153,7 +153,8 @@ CONFIG_MEMCG=y
CONFIG_MEMCG_SWAP=y
# CONFIG_MEMCG_SWAP_ENABLED is not set
CONFIG_MEMCG_KMEM=y
-# CONFIG_CGROUP_PERF is not set
+CONFIG_CGROUP_HUGETLB=y
+CONFIG_CGROUP_PERF=y
CONFIG_CGROUP_SCHED=y
CONFIG_FAIR_GROUP_SCHED=y
CONFIG_CFS_BANDWIDTH=y
@@ -306,7 +307,7 @@ CONFIG_BLOCK=y
CONFIG_BLK_DEV_BSG=y
CONFIG_BLK_DEV_BSGLIB=y
CONFIG_BLK_DEV_INTEGRITY=y
-# CONFIG_BLK_DEV_THROTTLING is not set
+CONFIG_BLK_DEV_THROTTLING=y
# CONFIG_BLK_CMDLINE_PARSER is not set
#
@@ -462,6 +463,7 @@ CONFIG_MEMORY_BALLOON=y
CONFIG_BALLOON_COMPACTION=y
CONFIG_COMPACTION=y
CONFIG_MIGRATION=y
+CONFIG_ARCH_ENABLE_HUGEPAGE_MIGRATION=y
CONFIG_PHYS_ADDR_T_64BIT=y
CONFIG_ZONE_DMA_FLAG=1
CONFIG_BOUNCE=y
@@ -1278,7 +1280,7 @@ CONFIG_CLS_U32_MARK=y
CONFIG_NET_CLS_RSVP=m
CONFIG_NET_CLS_RSVP6=m
CONFIG_NET_CLS_FLOW=m
-# CONFIG_NET_CLS_CGROUP is not set
+CONFIG_NET_CLS_CGROUP=m
CONFIG_NET_CLS_BPF=m
CONFIG_NET_CLS_FLOWER=m
CONFIG_NET_EMATCH=y
@@ -5876,8 +5878,8 @@ CONFIG_SYSFS=y
CONFIG_TMPFS=y
CONFIG_TMPFS_POSIX_ACL=y
CONFIG_TMPFS_XATTR=y
-# CONFIG_HUGETLBFS is not set
-# CONFIG_HUGETLB_PAGE is not set
+CONFIG_HUGETLBFS=y
+CONFIG_HUGETLB_PAGE=y
CONFIG_CONFIGFS_FS=m
CONFIG_EFIVAR_FS=m
CONFIG_MISC_FILESYSTEMS=y
diff --git a/main/linux-grsec/config-virtgrsec.x86_64 b/main/linux-grsec/config-virtgrsec.x86_64
index 355237601f..354a8a1531 100644
--- a/main/linux-grsec/config-virtgrsec.x86_64
+++ b/main/linux-grsec/config-virtgrsec.x86_64
@@ -152,7 +152,8 @@ CONFIG_MEMCG=y
CONFIG_MEMCG_SWAP=y
# CONFIG_MEMCG_SWAP_ENABLED is not set
CONFIG_MEMCG_KMEM=y
-# CONFIG_CGROUP_PERF is not set
+CONFIG_CGROUP_HUGETLB=y
+CONFIG_CGROUP_PERF=y
CONFIG_CGROUP_SCHED=y
CONFIG_FAIR_GROUP_SCHED=y
CONFIG_CFS_BANDWIDTH=y
@@ -304,7 +305,7 @@ CONFIG_BLOCK=y
CONFIG_BLK_DEV_BSG=y
CONFIG_BLK_DEV_BSGLIB=y
CONFIG_BLK_DEV_INTEGRITY=y
-# CONFIG_BLK_DEV_THROTTLING is not set
+CONFIG_BLK_DEV_THROTTLING=y
# CONFIG_BLK_CMDLINE_PARSER is not set
#
@@ -457,6 +458,7 @@ CONFIG_MEMORY_BALLOON=y
CONFIG_BALLOON_COMPACTION=y
CONFIG_COMPACTION=y
CONFIG_MIGRATION=y
+CONFIG_ARCH_ENABLE_HUGEPAGE_MIGRATION=y
CONFIG_PHYS_ADDR_T_64BIT=y
CONFIG_ZONE_DMA_FLAG=1
CONFIG_BOUNCE=y
@@ -1175,7 +1177,7 @@ CONFIG_CLS_U32_MARK=y
CONFIG_NET_CLS_RSVP=m
CONFIG_NET_CLS_RSVP6=m
CONFIG_NET_CLS_FLOW=m
-# CONFIG_NET_CLS_CGROUP is not set
+CONFIG_NET_CLS_CGROUP=m
CONFIG_NET_CLS_BPF=m
CONFIG_NET_CLS_FLOWER=m
CONFIG_NET_EMATCH=y
@@ -3099,8 +3101,8 @@ CONFIG_SYSFS=y
CONFIG_TMPFS=y
CONFIG_TMPFS_POSIX_ACL=y
CONFIG_TMPFS_XATTR=y
-# CONFIG_HUGETLBFS is not set
-# CONFIG_HUGETLB_PAGE is not set
+CONFIG_HUGETLBFS=y
+CONFIG_HUGETLB_PAGE=y
CONFIG_CONFIGFS_FS=m
CONFIG_MISC_FILESYSTEMS=y
# CONFIG_ADFS_FS is not set