main/linux-grsec: enable CGROUPS and NAMESPACES on x86_64

2 files changed, 25 insertions, 33 deletions

diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index 7bdbc1c33c..f8612b1c69 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -4,7 +4,7 @@ _flavor=grsec
 pkgname=linux-${_flavor}
 pkgver=2.6.37
 _kernver=2.6.37
-pkgrel=0
+pkgrel=1
 pkgdesc="Linux kernel with grsecurity"
 url=http://grsecurity.net
 depends="mkinitfs linux-firmware"
@@ -140,4 +140,4 @@ firmware() {
 md5sums="c8ee37b4fdccdb651e0603d35350b434  linux-2.6.37.tar.bz2
 f56bdcd16fa540cddf075be6842edaaa  grsecurity-2.2.1-2.6.37-201102121148.patch
 bbfcd2974479c027c08c729f3ac3bf95  kernelconfig.x86
-95cfa445a67cf52deee65bf85611e325  kernelconfig.x86_64"
+582fd6e2e33bd4fc1f0b14f2909e4637  kernelconfig.x86_64"
diff --git a/main/linux-grsec/kernelconfig.x86_64 b/main/linux-grsec/kernelconfig.x86_64
index a0c75d0c45..d52c6fdaf1 100644
--- a/main/linux-grsec/kernelconfig.x86_64
+++ b/main/linux-grsec/kernelconfig.x86_64
@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
 # Linux/x86_64 2.6.37 Kernel Configuration
-# Tue Feb 15 18:52:34 2011
+# Thu Feb 17 18:39:42 2011
 #
 CONFIG_64BIT=y
 # CONFIG_X86_32 is not set
@@ -114,8 +114,22 @@ CONFIG_IKCONFIG=m
 CONFIG_IKCONFIG_PROC=y
 CONFIG_LOG_BUF_SHIFT=14
 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
-# CONFIG_CGROUPS is not set
-# CONFIG_NAMESPACES is not set
+CONFIG_CGROUPS=y
+# CONFIG_CGROUP_DEBUG is not set
+# CONFIG_CGROUP_NS is not set
+# CONFIG_CGROUP_FREEZER is not set
+# CONFIG_CGROUP_DEVICE is not set
+# CONFIG_CPUSETS is not set
+# CONFIG_CGROUP_CPUACCT is not set
+# CONFIG_RESOURCE_COUNTERS is not set
+# CONFIG_CGROUP_SCHED is not set
+# CONFIG_BLK_CGROUP is not set
+CONFIG_NAMESPACES=y
+CONFIG_UTS_NS=y
+CONFIG_IPC_NS=y
+CONFIG_USER_NS=y
+CONFIG_PID_NS=y
+CONFIG_NET_NS=y
 # CONFIG_SYSFS_DEPRECATED is not set
 # CONFIG_RELAY is not set
 CONFIG_BLK_DEV_INITRD=y
@@ -257,13 +271,8 @@ CONFIG_X86_EXTENDED_PLATFORM=y
 # CONFIG_X86_VSMP is not set
 CONFIG_SCHED_OMIT_FRAME_POINTER=y
 CONFIG_PARAVIRT_GUEST=y
-CONFIG_XEN=y
-CONFIG_XEN_DOM0=y
-CONFIG_XEN_PRIVILEGED_GUEST=y
-CONFIG_XEN_PVHVM=y
-CONFIG_XEN_MAX_DOMAIN_MEMORY=128
-CONFIG_XEN_SAVE_RESTORE=y
-# CONFIG_XEN_DEBUG_FS is not set
+# CONFIG_XEN is not set
+# CONFIG_XEN_PRIVILEGED_GUEST is not set
 CONFIG_KVM_CLOCK=y
 CONFIG_KVM_GUEST=y
 CONFIG_PARAVIRT=y
@@ -466,7 +475,6 @@ CONFIG_I7300_IDLE=m
 CONFIG_PCI=y
 CONFIG_PCI_DIRECT=y
 CONFIG_PCI_MMCONFIG=y
-CONFIG_PCI_XEN=y
 CONFIG_PCI_DOMAINS=y
 CONFIG_PCI_CNB20LE_QUIRK=y
 # CONFIG_DMAR is not set
@@ -479,7 +487,6 @@ CONFIG_PCIEASPM=y
 CONFIG_ARCH_SUPPORTS_MSI=y
 CONFIG_PCI_MSI=y
 CONFIG_PCI_STUB=m
-CONFIG_XEN_PCIDEV_FRONTEND=y
 CONFIG_HT_IRQ=y
 # CONFIG_PCI_IOV is not set
 CONFIG_PCI_IOAPIC=y
@@ -946,6 +953,7 @@ CONFIG_CLS_U32_MARK=y
 CONFIG_NET_CLS_RSVP=m
 CONFIG_NET_CLS_RSVP6=m
 CONFIG_NET_CLS_FLOW=m
+# CONFIG_NET_CLS_CGROUP is not set
 CONFIG_NET_EMATCH=y
 CONFIG_NET_EMATCH_STACK=32
 CONFIG_NET_EMATCH_CMP=m
@@ -1153,7 +1161,7 @@ CONFIG_STANDALONE=y
 CONFIG_FW_LOADER=m
 # CONFIG_FIRMWARE_IN_KERNEL is not set
 CONFIG_EXTRA_FIRMWARE=""
-CONFIG_SYS_HYPERVISOR=y
+# CONFIG_SYS_HYPERVISOR is not set
 CONFIG_CONNECTOR=m
 CONFIG_MTD=m
 # CONFIG_MTD_DEBUG is not set
@@ -1343,7 +1351,6 @@ CONFIG_CDROM_PKTCDVD=m
 CONFIG_CDROM_PKTCDVD_BUFFERS=8
 # CONFIG_CDROM_PKTCDVD_WCACHE is not set
 CONFIG_ATA_OVER_ETH=m
-CONFIG_XEN_BLKDEV_FRONTEND=m
 CONFIG_VIRTIO_BLK=m
 # CONFIG_BLK_DEV_HD is not set
 # CONFIG_BLK_DEV_RBD is not set
@@ -2127,7 +2134,6 @@ CONFIG_IEEE802154_FAKEHARD=m
 CONFIG_CAIF_TTY=m
 CONFIG_CAIF_SPI_SLAVE=m
 # CONFIG_CAIF_SPI_SYNC is not set
-CONFIG_XEN_NETDEV_FRONTEND=m
 CONFIG_FDDI=y
 CONFIG_DEFXX=m
 # CONFIG_DEFXX_MMIO is not set
@@ -2233,7 +2239,6 @@ CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
 CONFIG_INPUT_JOYDEV=m
 CONFIG_INPUT_EVDEV=m
 CONFIG_INPUT_EVBUG=m
-CONFIG_XEN_KBDDEV_FRONTEND=m
 
 #
 # Input Device Drivers
@@ -2430,8 +2435,6 @@ CONFIG_PRINTER=m
 # CONFIG_LP_CONSOLE is not set
 CONFIG_PPDEV=m
 CONFIG_HVC_DRIVER=y
-CONFIG_HVC_IRQ=y
-CONFIG_HVC_XEN=y
 CONFIG_VIRTIO_CONSOLE=m
 CONFIG_IPMI_HANDLER=m
 # CONFIG_IPMI_PANIC_EVENT is not set
@@ -3474,7 +3477,6 @@ CONFIG_FB_TMIO=m
 CONFIG_FB_TMIO_ACCELL=y
 CONFIG_FB_SM501=m
 # CONFIG_FB_VIRTUAL is not set
-CONFIG_XEN_FBDEV_FRONTEND=m
 CONFIG_FB_METRONOME=m
 CONFIG_FB_MB862XX=m
 # CONFIG_FB_MB862XX_PCI_GDC is not set
@@ -4195,18 +4197,6 @@ CONFIG_UIO_AEC=m
 CONFIG_UIO_SERCOS3=m
 # CONFIG_UIO_PCI_GENERIC is not set
 CONFIG_UIO_NETX=m
-
-#
-# Xen driver support
-#
-CONFIG_XEN_BALLOON=y
-CONFIG_XEN_SCRUB_PAGES=y
-CONFIG_XEN_DEV_EVTCHN=y
-CONFIG_XENFS=m
-CONFIG_XEN_COMPAT_XENFS=y
-CONFIG_XEN_SYS_HYPERVISOR=y
-CONFIG_XEN_PLATFORM_PCI=m
-CONFIG_SWIOTLB_XEN=y
 CONFIG_STAGING=y
 # CONFIG_STAGING_EXCLUDE_BUILD is not set
 # CONFIG_ET131X is not set
@@ -4795,6 +4785,7 @@ CONFIG_PAX_EMUTRAMP=y
 CONFIG_PAX_MPROTECT=y
 # CONFIG_PAX_MPROTECT_COMPAT is not set
 # CONFIG_PAX_ELFRELOCS is not set
+# CONFIG_PAX_KERNEXEC is not set
 
 #
 # Address Space Layout Randomization
@@ -4807,6 +4798,7 @@ CONFIG_PAX_RANDMMAP=y
 # Miscellaneous hardening features
 #
 # CONFIG_PAX_MEMORY_SANITIZE is not set
+# CONFIG_PAX_MEMORY_UDEREF is not set
 CONFIG_PAX_REFCOUNT=y
 # CONFIG_PAX_USERCOPY is not set
 CONFIG_KEYS=y