diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2014-10-08 07:47:56 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-10-08 08:28:44 +0000 |
| commit | d23044da766e13424f043bab6893be15203feb7d (patch) | |
| tree | 38be29061432f51f3c4308f1555cad6e8de99b6c | |
| parent | ffa401001641c338879c3d2a34f5618da393812d (diff) | |
| download | aports-d23044da766e13424f043bab6893be15203feb7d.tar.bz2 aports-d23044da766e13424f043bab6893be15203feb7d.tar.xz | |
main/linux-grsec: fix booting of xen dom0
| -rw-r--r-- | main/linux-grsec/APKBUILD | 6 | ||||
| -rw-r--r-- | main/linux-grsec/xen-mmu.patch | 20 |
2 files changed, 25 insertions, 1 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index 170c41af7..928390918 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD @@ -7,7 +7,7 @@ case $pkgver in *.*.*) _kernver=${pkgver%.*};; *.*) _kernver=${pkgver};; esac -pkgrel=0 +pkgrel=1 pkgdesc="Linux kernel with grsecurity" url=http://grsecurity.net depends="mkinitfs linux-firmware" @@ -18,6 +18,7 @@ install= source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz grsecurity-3.0-3.14.20-201410062037.patch + xen-mmu.patch fix-memory-map-for-PIE-applications.patch imx6q-no-unclocked-sleep.patch @@ -167,6 +168,7 @@ dev() { md5sums="b621207b3f6ecbb67db18b13258f8ea8 linux-3.14.tar.xz e581089540b747c39d528fc4c47b70b6 patch-3.14.20.xz 149cb0b654a5eb6122c7e47b0f113c98 grsecurity-3.0-3.14.20-201410062037.patch +c92f3c886f9d4f38346d34175615797d xen-mmu.patch c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch 1a307fc1d63231bf01d22493a4f14378 imx6q-no-unclocked-sleep.patch 48059b9613240d6ab8ca8f90049185e3 kernelconfig.x86 @@ -175,6 +177,7 @@ c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch sha256sums="61558aa490855f42b6340d1a1596be47454909629327c49a5e4e10268065dffa linux-3.14.tar.xz b01ba521cce12d3b9e8c25807567837dd88878b861f27c453c29cee80b6cb84b patch-3.14.20.xz 578f55546016f72c9ed3afedebb0cf6e74ab613f25c29d0a2f3a6b4bfbd1456f grsecurity-3.0-3.14.20-201410062037.patch +066f61143361b907529778a6edb889a43c79b388b4506ace35791362a2071e88 xen-mmu.patch 500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7 fix-memory-map-for-PIE-applications.patch 21179fbb22a5b74af0a609350ae1a170e232908572b201d02e791d2ce0a685d3 imx6q-no-unclocked-sleep.patch eb19ab30681185992cc8a382e2c0aaf5e81f35ab5464099eb38c9aef4504430c kernelconfig.x86 @@ -183,6 +186,7 @@ f7fddd997aeec29d1105bbc099b4c8b27f7a872379618a5df592697d6e1a281c kernelconfig.a sha512sums="5730d83a7a81134c1e77c0bf89e42dee4f8251ad56c1ac2be20c59e26fdfaa7bea55f277e7af156b637f22e1584914a46089af85039177cb43485089c74ac26e linux-3.14.tar.xz 91231ec4e8e10a09b407d8db123e29a87ef4bf03fa3707f7ed511f22248de7d7b9cfc5169de5e9630854c97166594d3a00293571529d9b7a529118e6d2295b4f patch-3.14.20.xz 2a515f7ef49df5ef1d1de725884f541438f980d364db94789eb8381bf10a7902c7a5647ef1d7e296952980e6918e6697d0212b61cc1b7e171137ca6abba56504 grsecurity-3.0-3.14.20-201410062037.patch +93b71c8100cf19dfd43cbc50191d9af700fe3f35a42d7ecd9afa42fde7e6eba568e6e835667e6bd52bd3b410b017621b35b9c5b08aaba7484525207f9e167f34 xen-mmu.patch 4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7 fix-memory-map-for-PIE-applications.patch 87d1ad59732f265a5b0db54490dc1762c14ea4b868e7eb1aedc3ce57b48046de7bbc08cf5cfcf6f1380fa84063b0edb16ba3d5e3c5670be9bbb229275c88b221 imx6q-no-unclocked-sleep.patch 9dcd44ce0210249871dfa928e797b034cdc8ea0e9a0bc9d2af75692320de039898af1eaf11af20c5ab5bb0e80763f6f4b05e2bc8f9aa16187a40bd6629f9936a kernelconfig.x86 diff --git a/main/linux-grsec/xen-mmu.patch b/main/linux-grsec/xen-mmu.patch new file mode 100644 index 000000000..34db92260 --- /dev/null +++ b/main/linux-grsec/xen-mmu.patch @@ -0,0 +1,20 @@ +--- ./arch/x86/xen/mmu.c.orig ++++ ./arch/x86/xen/mmu.c +@@ -1941,6 +1941,7 @@ + set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); + set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO); + set_page_prot(level1_fixmap_pgt, PAGE_KERNEL_RO); ++ set_page_prot(level1_vsyscall_pgt, PAGE_KERNEL_RO); + + /* Pin down new L4 */ + pin_pagetable_pfn(MMUEXT_PIN_L4_TABLE, +--- ./arch/x86/include/asm/pgtable_64.h.orig ++++ ./arch/x86/include/asm/pgtable_64.h +@@ -24,6 +24,7 @@ + extern pmd_t level2_fixmap_pgt[512]; + extern pmd_t level2_ident_pgt[512*2]; + extern pte_t level1_fixmap_pgt[512]; ++extern pte_t level1_vsyscall_pgt[512]; + extern pgd_t init_level4_pgt[512]; + + #define swapper_pg_dir init_level4_pgt |