Author: robert
Date: 2011-02-03 23:39:47 -0700 (Thu, 03 Feb 2011)
New Revision: 1614
Modified:
trunk/BOOK/chapter01/changelog.xml
trunk/BOOK/chapter03/patches.xml
trunk/BOOK/chapter08/kernel.xml
trunk/BOOK/patches.ent
Log:
Added the Grsecurity patch.
Modified: trunk/BOOK/chapter01/changelog.xml
===================================================================
--- trunk/BOOK/chapter01/changelog.xml 2011-02-04 05:34:00 UTC (rev 1613)
+++ trunk/BOOK/chapter01/changelog.xml 2011-02-04 06:39:47 UTC (rev 1614)
@@ -41,6 +41,9 @@
<para>2011-02-04</para>
<itemizedlist>
<listitem>
+ <para>[robert] - Added the Grsecurity patch.</para>
+ </listitem>
+ <listitem>
<para>[robert] - Build Vim with -D_FORTIFY_SOURCE=1 only on the file
that needs it, not the entire package.</para>
</listitem>
Modified: trunk/BOOK/chapter03/patches.xml
===================================================================
--- trunk/BOOK/chapter03/patches.xml 2011-02-04 05:34:00 UTC (rev 1613)
+++ trunk/BOOK/chapter03/patches.xml 2011-02-04 06:39:47 UTC (rev 1614)
@@ -122,6 +122,14 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>Grsecurity Kernel Patch -
<token>&grsecurity-patch-size;</token>:</term>
+ <listitem>
+ <para>Download: <ulink
url="http://grsecurity.net/stable/&grsecurity-patch;"/></para>
+ <para>MD5 sum: <literal>&grsecurity-patch-md5;</literal></para>
+ </listitem>
+ </varlistentry>
+
<!--
<varlistentry>
<term>GRUB Disk Geometry Patch -
<token>&grub-geometry-patch-size;</token>:</term>
Modified: trunk/BOOK/chapter08/kernel.xml
===================================================================
--- trunk/BOOK/chapter08/kernel.xml 2011-02-04 05:34:00 UTC (rev 1613)
+++ trunk/BOOK/chapter08/kernel.xml 2011-02-04 06:39:47 UTC (rev 1614)
@@ -45,6 +45,10 @@
in the kernel source tree for alternative methods to the way this book
configures the kernel.</para>
+ <para>Apply the Grsecurity patch:</para>
+
+<screen><userinput remap="pre">patch -Np1 -i
../&grsecurity-patch;</userinput></screen>
+
<para>Prepare for compilation by running the following command:</para>
<screen><userinput remap="pre">make mrproper</userinput></screen>
@@ -98,8 +102,10 @@
<para>Compile the kernel image and modules:</para>
-<screen><userinput remap="make">make</userinput></screen>
+<screen><userinput remap="make">make
LDFLAGS_BUILD_ID="--build-id"</userinput></screen>
+ <para>FIXME: Why doesn't --build-id get detected properly?</para>
+
<para>If using kernel modules, module configuration in <filename
class="directory">/etc/modprobe.d</filename> may be required.
Information pertaining to modules and kernel configuration is
Modified: trunk/BOOK/patches.ent
===================================================================
--- trunk/BOOK/patches.ent 2011-02-04 05:34:00 UTC (rev 1613)
+++ trunk/BOOK/patches.ent 2011-02-04 06:39:47 UTC (rev 1614)
@@ -64,6 +64,9 @@
<!ENTITY glibc-gcc_fix-patch-md5 "d1f28cb98acb9417fe52596908bbb9fd">
<!ENTITY glibc-gcc_fix-patch-size "2.5 KB">
+<!ENTITY grsecurity-patch "grsecurity-2.2.1-2.6.32.28-201101272313.patch">
+<!ENTITY grsecurity-patch-md5 "7e81eca8f59be2fbd29773a32c54ac94">
+<!ENTITY grsecurity-patch-size "2.0 MB">
<!ENTITY grub-inode-patch "grub-&grub-version;-256byte_inode-1.patch">
<!ENTITY grub-inode-patch-md5 "2482bef9c1866b4045767a56268ba673">
--
http://linuxfromscratch.org/mailman/listinfo/hlfs-book
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
