summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNed Ludd <solar@gentoo.org>2005-08-05 22:44:33 +0000
committerNed Ludd <solar@gentoo.org>2005-08-05 22:44:33 +0000
commitd2f844b670153533a2020040fa93569714e0c3ae (patch)
tree2ef16af58807ed4ed75770dcd826a2f3f7311314 /sys-kernel
parentMerge soft-float support by Yuri Vasilevski #75585. (diff)
downloadhistorical-d2f844b670153533a2020040fa93569714e0c3ae.tar.gz
historical-d2f844b670153533a2020040fa93569714e0c3ae.tar.bz2
historical-d2f844b670153533a2020040fa93569714e0c3ae.zip
- removing obsolete package from the tree. bug 101437
Diffstat (limited to 'sys-kernel')
-rw-r--r--sys-kernel/grsec-sources/ChangeLog305
-rw-r--r--sys-kernel/grsec-sources/Manifest19
-rw-r--r--sys-kernel/grsec-sources/files/2.4.24-x86.config107
-rw-r--r--sys-kernel/grsec-sources/files/CAN-2004-1056.patch321
-rw-r--r--sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.30.2.1.53
-rw-r--r--sys-kernel/grsec-sources/files/linux-2.4.28-random-poolsize.patch12
-rw-r--r--sys-kernel/grsec-sources/metadata.xml14
7 files changed, 0 insertions, 781 deletions
diff --git a/sys-kernel/grsec-sources/ChangeLog b/sys-kernel/grsec-sources/ChangeLog
deleted file mode 100644
index 1d6efbb98c2b..000000000000
--- a/sys-kernel/grsec-sources/ChangeLog
+++ /dev/null
@@ -1,305 +0,0 @@
-# ChangeLog for sys-kernel/grsec-sources
-# Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.55 2005/04/29 12:36:37 solar Exp $
-
- 29 Apr 2005; <solar@gentoo.org> -files/2.4.26-CAN-2004-0394.patch,
- -files/2.4.27-cmdline-race.patch, -files/2.4.28-binfmt_a.out.patch,
- -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
- -files/2.4.28-uselib4pax.patch, -files/2.4.29-CAN-2005-0001.patch,
- -files/CAN-2004-1016.patch, -files/CAN-2004-1074.patch,
- -files/CAN-2004-1335.patch, -files/gentoo-sources-2.4.CAN-2004-1137.patch,
- -grsec-sources-2.4.29.2.1.3.ebuild, -grsec-sources-2.4.29.2.1.4.ebuild:
- - ebuild and filesdir cleanup. This is the last planned grsec-sources, see
- http://marc.theaimsgroup.com/?l=gentoo-hardened&m=111419177808622&w=2 for more
- info
-
- 28 Apr 2005; Gustavo Zacarias <gustavoz@gentoo.org>
- grsec-sources-2.4.30.2.1.5.ebuild:
- Sparc stable
-
- 22 Apr 2005; <solar@gentoo.org> grsec-sources-2.4.30.2.1.5.ebuild:
- - stable x86
-
-*grsec-sources-2.4.30.2.1.5 (12 Apr 2005)
-
- 12 Apr 2005; <solar@gentoo.org> -grsec-sources-2.4.28.2.1.0-r3.ebuild,
- grsec-sources-2.4.29.2.1.3.ebuild, grsec-sources-2.4.29.2.1.4.ebuild,
- +grsec-sources-2.4.30.2.1.5.ebuild:
- - version bump. added CPV/MYPV to every ebuild now due to k2 changes
-
-*grsec-sources-2.4.29.2.1.4 (23 Mar 2005)
-
- 23 Mar 2005; <solar@gentoo.org> +grsec-sources-2.4.29.2.1.4.ebuild:
- - minor version bump
-
- 11 Mar 2005; <solar@gentoo.org> grsec-sources-2.4.29.2.1.3.ebuild:
- - marking 2.1.3 stable for all supporting arches
-
-*grsec-sources-2.4.29.2.1.3 (07 Mar 2005)
-
- 07 Mar 2005; <solar@gentoo.org> +grsec-sources-2.4.29.2.1.3.ebuild:
- - version bump grsec to 2.4.29.2.1.3 to fix bug in RBAC system
-
-*grsec-sources-2.4.28.2.1.0-r3 (05 Mar 2005)
-
- 05 Mar 2005; <solar@gentoo.org>
- +files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
- -grsec-sources-2.4.28.2.0.2-r3.ebuild,
- -grsec-sources-2.4.28.2.1.0-r1.ebuild,
- -grsec-sources-2.4.28.2.1.0-r2.ebuild,
- +grsec-sources-2.4.28.2.1.0-r3.ebuild, -grsec-sources-2.4.28.2.1.0.ebuild:
- - security bump for SEGMEXEC/RANDEXEC handling
-
-*grsec-sources-2.4.28.2.1.0-r2 (04 Feb 2005)
-
- 04 Feb 2005; <solar@gentoo.org> +files/CAN-2004-1335.patch,
- grsec-sources-2.4.28.2.1.0-r1.ebuild, +grsec-sources-2.4.28.2.1.0-r2.ebuild:
- - rev bump for CAN-2004-1335
-
-*grsec-sources-2.4.28.2.1.0-r1 (18 Jan 2005)
-
- 18 Jan 2005; <solar@gentoo.org> +files/2.4.29-CAN-2005-0001.patch,
- -grsec-sources-2.4.28.2.0.2-r1.ebuild,
- -grsec-sources-2.4.28.2.0.2-r2.ebuild,
- +grsec-sources-2.4.28.2.1.0-r1.ebuild:
- - version bump for security bug #77666 and removed some older unneeded ebuilds.
-
- 11 Jan 2005; <solar@gentoo.org> grsec-sources-2.4.28.2.1.0.ebuild:
- - marking grsec-sources stable
-
- 09 Jan 2005; <solar@gentoo.org> grsec-sources-2.4.28.2.1.0.ebuild:
- - removing masking and put ebuild in ~arch
-
- 08 Jan 2005; <solar@gentoo.org> +files/2.4.28-uselib4pax.patch,
- +files/gentoo-sources-2.4.CAN-2004-1137.patch,
- grsec-sources-2.4.28.2.1.0.ebuild:
- - Adds CAN-2004-1137.patch.
- - Adds 2.4.x uselib patch with extra semaphore locking for PaX enabled kernels.
- - Adds back 2.4.27-cmdline-race.patch.
-
- 08 Jan 2005; <solar@gentoo.org> :
- - digest update from plasmaroo for new CAN-2004-0814 patch
-
-*grsec-sources-2.4.28.2.1.0 (08 Jan 2005)
-
- 08 Jan 2005; <solar@gentoo.org> +files/linux-2.4.28-random-poolsize.patch,
- +grsec-sources-2.4.28.2.1.0.ebuild:
- - Added patch that fixes CAN-2004-0814 - Linux terminal layer races.
- - Added random poolsize from Brad Spengler. (CAN pending?)
-
-*grsec-sources-2.4.28.2.0.2-r3 (25 Dec 2004)
-
- 25 Dec 2004; <plasmaroo@gentoo.org> +grsec-sources-2.4.28.2.0.2-r3.ebuild,
- +files/CAN-2004-1056.patch, +files/CAN-2004-1074.patch:
- Security bump for bugs #72452 and #74464; please thank tocharian for the
- ebuild.
-
-*grsec-sources-2.4.28.2.0.2-r2 (15 Dec 2004)
-
- 15 Dec 2004; <solar@gentoo.org> +files/CAN-2004-1016.patch,
- -grsec-sources-2.4.27.2.0.1-r4.ebuild,
- +grsec-sources-2.4.28.2.0.2-r2.ebuild, -grsec-sources-2.4.28.2.0.2.ebuild:
- - local kernel DoS CAN-2004-1016
-
-*grsec-sources-2.4.28.2.0.2-r1 (13 Dec 2004)
-
- 13 Dec 2004; <solar@gentoo.org> metadata.xml,
- +files/2.4.28-binfmt_a.out.patch, +grsec-sources-2.4.28.2.0.2-r1.ebuild:
- - update from tocharian, adds binfmt_aout patch back to 2.4.28
-
- 26 Nov 2004; Daniel Drake <dsd@gentoo.org>
- -files/2.4.26-pax-binfmt_elf-page-size.patch,
- -files/2.4.26-signal-race.patch,
- -files/gentoo-sources-2.4.CAN-2004-0495.patch,
- -files/gentoo-sources-2.4.CAN-2004-0535.patch,
- -files/openmosix-sources.CAN-2004-0497.patch,
- grsec-sources-2.4.27.2.0.1-r4.ebuild, grsec-sources-2.4.28.2.0.2.ebuild:
- Convert to kernel-2. Clean up.
-
- 24 Nov 2004; <solar@gentoo.org> :
- redigest
-
-*grsec-sources-2.4.28.2.0.2 (23 Nov 2004)
-
- 23 Nov 2004; <solar@gentoo.org> +grsec-sources-2.4.28.2.0.2.ebuild:
- security bump - Linux Kernel AF_UNIX Arbitrary Kernel Memory Modification
- Vulnerability. http://www.securityfocus.com/bid/11715
-
-*grsec-sources-2.4.27.2.0.1-r4 (17 Nov 2004)
-
- 17 Nov 2004; <solar@gentoo.org> -grsec-sources-2.4.27.2.0.1-r2.ebuild,
- -grsec-sources-2.4.27.2.0.1-r3.ebuild,
- +grsec-sources-2.4.27.2.0.1-r4.ebuild:
- last fixes before 2.4.28 - fixes binfmt_elf+JJ and fixes binfmt_aout
-
-*grsec-sources-2.4.27.2.0.1-r3 (11 Nov 2004)
-
- 11 Nov 2004; <solar@gentoo.org> +grsec-sources-2.4.27.2.0.1-r3.ebuild:
- security bump again fixes tty io DoS - CAN-2004-0814 and binfmt_elf (CAN-???)
-
-*grsec-sources-2.4.27.2.0.1-r2 (10 Nov 2004)
-
- 10 Nov 2004; <solar@gentoo.org> -grsec-sources-2.4.26.2.0-r7.ebuild,
- -grsec-sources-2.4.27.2.0.1-r1.ebuild,
- +grsec-sources-2.4.27.2.0.1-r2.ebuild, -grsec-sources-2.4.27.2.0.1.ebuild:
- fix for remote denial-of-service in nfs3 xdr handling code. bug #62524
-
-*grsec-sources-2.4.27.2.0.1-r1 (09 Aug 2004)
-
- 09 Aug 2004; <solar@gentoo.org> grsec-sources-2.4.27.2.0.1-r1.ebuild,
- files/2.4.27-cmdline-race.patch:
- Potential security issue in /proc/cmdline bug 59905
-
-*grsec-sources-2.4.27.2.0.1 (08 Aug 2004)
-
- 08 Aug 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r3.ebuild,
- grsec-sources-2.4.26.2.0-r4.ebuild, grsec-sources-2.4.26.2.0-r5.ebuild,
- grsec-sources-2.4.26.2.0-r6.ebuild, grsec-sources-2.4.27.2.0.1.ebuild,
- files/2.4.26-i2cproc_bus_read.patch:
- version bump. Removed all older versions
-
-*grsec-sources-2.4.26.2.0-r7 (04 Aug 2004)
-
- 04 Aug 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r7.ebuild:
- security bump - file offset pointer handling vulnerability - bug 59378
-
- 11 Jul 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r6.ebuild,
- files/2.4.26-fchown-attr.patch, files/openmosix-sources.CAN-2004-0497.patch:
- using openmosix-sources.CAN-2004-0497.patch vs the 2.4.26-fchown-attr.patch
-
-*grsec-sources-2.4.26.2.0-r6 (11 Jul 2004)
-
- 11 Jul 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r6.ebuild,
- files/2.4.26-fchown-attr.patch:
- added modified security patch from bug 56479
-
-*grsec-sources-2.4.26.2.0-r5 (26 Jun 2004)
-
- 26 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r5.ebuild,
- files/gentoo-sources-2.4.CAN-2004-0495.patch,
- files/gentoo-sources-2.4.CAN-2004-0535.patch:
- Privilege escalation bugs revealed by Sparse tool. bug 54976
-
- 17 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r4.ebuild:
- #commented out the i2c-proc_bus_read.patch as it's unneeded as pointed out in
- the bug.
-
-*grsec-sources-2.4.26.2.0-r4 (17 Jun 2004)
-
- 17 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r2.ebuild,
- grsec-sources-2.4.26.2.0-r4.ebuild, files/2.4.26-i2cproc_bus_read.patch,
- files/2.4.26-pax-binfmt_elf-page-size.patch:
- fix i2c integer overflow vulnerability during the allocation of memory. bug
- #54164. PaX force randomization to always at least PAGE_SIZE big. Allows glibc
- to be compiled with binutils-2.15 and USE=hardened
-
-*grsec-sources-2.4.26.2.0-r3 (15 Jun 2004)
-
- 15 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r3.ebuild,
- files/2.4.26-signal-race.patch:
- revision bump for security bug 53804
-
-*grsec-sources-2.4.26.2.0-r2 (02 Jun 2004)
-
- 02 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r1.ebuild,
- grsec-sources-2.4.26.2.0-r2.ebuild, files/2.4.26-CAN-2004-0394.patch:
- update to fix format string problem in panic() handler
-
- 18 Apr 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0.ebuild:
- upstream fixed an idt_table bug in PaX that effected i386/i586 users without
- rolling a new patch, so we gentoo fetched new version and bz2 it to avoid
- md5sum conflicts.. removed old ebuild as well
-
-*grsec-sources-2.4.26.2.0 (18 Apr 2004)
-*grsec-sources-2.4.26.2.0-r1 (18 Apr 2004)
-
- 18 Apr 2004; <solar@gentoo.org> grsec-sources-2.4.24.1.9.13-r1.ebuild,
- grsec-sources-2.4.24.1.9.13.ebuild, grsec-sources-2.4.25.1.9.14.ebuild,
- grsec-sources-2.4.25.2.0_rc5.ebuild, grsec-sources-2.4.26.2.0.ebuild,
- metadata.xml, files/do_brk_fix.patch,
- files/grsec-sources-2.4.23.CAN-2003-0985.patch,
- files/grsec-sources-2.4.23.rtc_fix.patch,
- files/grsec-sources-2.4.24.1.9.13.munmap.patch:
- grsec2 has gone stable upstream, removing old portage cruft from tree to make
- life for security@gentoo easier.
-
- 11 Mar 2004; <solar@gentoo.org> grsec-sources-2.4.24.1.9.13-r1.ebuild,
- grsec-sources-2.4.24.1.9.13.ebuild, grsec-sources-2.4.25.1.9.14.ebuild,
- grsec-sources-2.4.25.2.0_rc5.ebuild:
- fix slotting to use KV vs OKV
-
-*grsec-sources-2.4.25.1.9.14 (21 Feb 2004)
-
- 21 Feb 2004; <solar@gentoo.org> grsec-sources-2.4.25.1.9.14.ebuild,
- grsec-sources-2.4.25.2.0_rc5.ebuild:
- dual headed version bumps to the 2.4.25 series
-
-*grsec-sources-2.4.24.1.9.13-r1 (19 Feb 2004)
-
- 19 Feb 2004; <plasmaroo@gentoo.org> grsec-sources-2.4.24.1.9.13-r1.ebuild,
- files/grsec-sources-2.4.24.1.9.13.munmap.patch:
- Added the patch for the mremap/munmap vulnerability. Bug #42024.
-
-*grsec-sources-2.4.24.1.9.13 (11 Jan 2004)
-
- 11 Jan 2004; <solar@gentoo.org> grsec-sources-2.4.24.1.9.13.ebuild,
- files/2.4.24-x86.config:
- version bump and a clean up of the src code for dealing with hppa
-
- 05 Jan 2004; <plasmaroo@gentoo.org> grsec-sources-2.4.23.1.9.13-r1.ebuild,
- grsec-sources-2.4.23.2.0_rc4-r1.ebuild, files/grsec-sources-2.4.23.*.patch:
- Added the 2.4.24 security patches. Please see bugs #37292 and #37317.
-
- 05 Jan 2004; <solar@gentoo.org> grsec-sources-2.4.21.1.9.11.ebuild,
- grsec-sources-2.4.21.2.0_rc2.ebuild, grsec-sources-2.4.22.1.9.12-r1.ebuild,
- grsec-sources-2.4.22.1.9.12.ebuild, grsec-sources-2.4.22.2.0_rc3-r1.ebuild,
- grsec-sources-2.4.22.2.0_rc3.ebuild:
- Removed old versions of kernels...
-
-*grsec-sources-2.4.23.2.0_rc4 (02 Jan 2004)
-
- 02 Jan 2004; <solar@gentoo.org> grsec-sources-2.4.23.2.0_rc4.ebuild:
- grsecurity II kernel sources version bump
-
- 02 Dec 2003; Alexander Gabert <pappy@gentoo.org>
- grsec-sources-2.4.23.1.9.13.ebuild:
- Created linux2423grsec1913 patch and added '~hppa' keywords.
-
-*grsec-sources-2.4.22.1.9.12-r1 (02 Dec 2003)
-
- 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
- grsec-sources-2.4.22.1.9.12-r1.ebuild,
- grsec-sources-2.4.22.2.0_rc3-r1.ebuild:
- Version bump for the 'do_brk' vulnerability.
-
-*grsec-sources-2.4.23.1.9.13 (01 Dec 2003)
-
- 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
- grsec-sources-2.4.21.1.9.11.ebuild, grsec-sources-2.4.21.2.0_rc2.ebuild,
- grsec-sources-2.4.22.1.9.12.ebuild, grsec-sources-2.4.22.2.0_rc3.ebuild,
- files/do_brk_fix.patch: Fix the 'do_brk' vulnerability.
-
- 01 Dec 2003; <solar@gentoo.org> grsec-sources-2.4.23.1.9.13.ebuild:
- Performance enhancements, PaX updates including PT_GNU_STACK and PT_GNU_HEAP
- support, documentation updates, a fix for an initrd problem.
-
- 05 Nov 2003; <solar@gentoo.org> grsec-sources-2.4.21.1.9.11.ebuild,
- grsec-sources-2.4.21.2.0_rc2.ebuild, grsec-sources-2.4.22.2.0_rc3.ebuild,
- metadata.xml: Fixed typo pointed out by frogger
-
- 17 Sep 2003; Alexander Gabert <pappy@gentoo.org>
- grsec-sources-2.4.22.1.9.12.ebuild: Added hppa support and custom
- grsec patch.
-
-*grsec-sources-2.4.22.2.0_rc3 (04 Sep 2003)
-
- 04 Sep 2003; <solar@gentoo.org> grsec-sources-2.4.22.1.9.12.ebuild,
- grsec-sources-2.4.22.2.0_rc3.ebuild:
- Version bumps.
-
-*grsec-sources-2.4.21.2.0_rc2 (14 Aug 2003)
-
- 14 Aug 2003; <solar@gentoo.org> grsec-sources-2.4.21.1.9.11.ebuild,
- grsec-sources-2.4.21.2.0_rc2.ebuild, metadata.xml:
- Initial import of grsec-sources.
-
diff --git a/sys-kernel/grsec-sources/Manifest b/sys-kernel/grsec-sources/Manifest
deleted file mode 100644
index c043ba36b647..000000000000
--- a/sys-kernel/grsec-sources/Manifest
+++ /dev/null
@@ -1,19 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
-MD5 a7207fc0f80889ad23137af4c81bee97 grsec-sources-2.4.30.2.1.5.ebuild 1589
-MD5 79a9a050f20a8d4de550993d73cc43c8 ChangeLog 12363
-MD5 0b2ea9b53b5d526e39afbdc5040ff07a metadata.xml 487
-MD5 0adbefda5e0d752b23dd2f930e6f6bbf files/linux-2.4.28-random-poolsize.patch 452
-MD5 2c122c506c654e3af5e7053232319eaa files/digest-grsec-sources-2.4.30.2.1.5 234
-MD5 757ee1239c3f14645ccea3640d551e11 files/CAN-2004-1056.patch 11249
-MD5 b293289df61d6f42ff54e4e0ceae53cf files/2.4.24-x86.config 2397
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.0 (GNU/Linux)
-
-iQCVAwUBQnIqFZ4WFLgrx1GWAQLUnwP+Lld0nDFVeeDapAu0uO43OECmXz6i8nv4
-6zM9vSGyZGI3ack5mxjXhMn//M1tNbqoaaGDWIv8gYG/x3jQq/1ZDg7DvZPdD5eq
-MDx99KgJH7vR/QWZPSq2HSnfdjOIQ83deW1fUISKpVDp3VFYqOhofo/TDEF7dABb
-Q3SO6FkXkyE=
-=ksre
------END PGP SIGNATURE-----
diff --git a/sys-kernel/grsec-sources/files/2.4.24-x86.config b/sys-kernel/grsec-sources/files/2.4.24-x86.config
deleted file mode 100644
index f85800874a1b..000000000000
--- a/sys-kernel/grsec-sources/files/2.4.24-x86.config
+++ /dev/null
@@ -1,107 +0,0 @@
-#
-# Grsecurity
-#
-CONFIG_GRKERNSEC=y
-CONFIG_CRYPTO=y
-CONFIG_CRYPTO_SHA256=y
-# CONFIG_GRKERNSEC_LOW is not set
-# CONFIG_GRKERNSEC_MID is not set
-# CONFIG_GRKERNSEC_HI is not set
-CONFIG_GRKERNSEC_CUSTOM=y
-
-#
-# Address Space Protection
-#
-CONFIG_GRKERNSEC_PAX_NOEXEC=y
-CONFIG_GRKERNSEC_PAX_PAGEEXEC=y
-CONFIG_GRKERNSEC_PAX_SEGMEXEC=y
-CONFIG_GRKERNSEC_PAX_EMUTRAMP=y
-# CONFIG_GRKERNSEC_PAX_EMUSIGRT is not set
-CONFIG_GRKERNSEC_PAX_MPROTECT=y
-# CONFIG_GRKERNSEC_PAX_NOELFRELOCS is not set
-CONFIG_GRKERNSEC_PAX_ASLR=y
-CONFIG_GRKERNSEC_PAX_RANDKSTACK=y
-CONFIG_GRKERNSEC_PAX_RANDUSTACK=y
-CONFIG_GRKERNSEC_PAX_RANDMMAP=y
-CONFIG_GRKERNSEC_PAX_RANDEXEC=y
-CONFIG_GRKERNSEC_KMEM=y
-# CONFIG_GRKERNSEC_IO is not set
-CONFIG_GRKERNSEC_PROC_MEMMAP=y
-CONFIG_GRKERNSEC_HIDESYM=y
-
-#
-# ACL options
-#
-CONFIG_GRKERNSEC_ACL_HIDEKERN=y
-CONFIG_GRKERNSEC_ACL_MAXTRIES=3
-CONFIG_GRKERNSEC_ACL_TIMEOUT=30
-
-#
-# Filesystem Protections
-#
-CONFIG_GRKERNSEC_PROC=y
-# CONFIG_GRKERNSEC_PROC_USER is not set
-CONFIG_GRKERNSEC_PROC_USERGROUP=y
-CONFIG_GRKERNSEC_PROC_GID=10
-CONFIG_GRKERNSEC_PROC_ADD=y
-CONFIG_GRKERNSEC_LINK=y
-CONFIG_GRKERNSEC_FIFO=y
-CONFIG_GRKERNSEC_CHROOT=y
-CONFIG_GRKERNSEC_CHROOT_MOUNT=y
-CONFIG_GRKERNSEC_CHROOT_DOUBLE=y
-CONFIG_GRKERNSEC_CHROOT_PIVOT=y
-CONFIG_GRKERNSEC_CHROOT_CHDIR=y
-CONFIG_GRKERNSEC_CHROOT_CHMOD=y
-CONFIG_GRKERNSEC_CHROOT_FCHDIR=y
-CONFIG_GRKERNSEC_CHROOT_MKNOD=y
-CONFIG_GRKERNSEC_CHROOT_SHMAT=y
-CONFIG_GRKERNSEC_CHROOT_UNIX=y
-CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
-CONFIG_GRKERNSEC_CHROOT_NICE=y
-CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
-CONFIG_GRKERNSEC_CHROOT_CAPS=y
-
-#
-# Kernel Auditing
-#
-# CONFIG_GRKERNSEC_AUDIT_GROUP is not set
-CONFIG_GRKERNSEC_EXECLOG=y
-CONFIG_GRKERNSEC_RESLOG=y
-CONFIG_GRKERNSEC_CHROOT_EXECLOG=y
-CONFIG_GRKERNSEC_AUDIT_CHDIR=y
-CONFIG_GRKERNSEC_AUDIT_MOUNT=y
-CONFIG_GRKERNSEC_AUDIT_IPC=y
-CONFIG_GRKERNSEC_SIGNAL=y
-CONFIG_GRKERNSEC_FORKFAIL=y
-CONFIG_GRKERNSEC_TIME=y
-
-#
-# Executable Protections
-#
-CONFIG_GRKERNSEC_EXECVE=y
-CONFIG_GRKERNSEC_DMESG=y
-CONFIG_GRKERNSEC_RANDPID=y
-CONFIG_GRKERNSEC_TPE=y
-CONFIG_GRKERNSEC_TPE_ALL=y
-CONFIG_GRKERNSEC_TPE_GID=100
-
-#
-# Network Protections
-#
-# CONFIG_GRKERNSEC_RANDNET is not set
-CONFIG_GRKERNSEC_RANDISN=y
-CONFIG_GRKERNSEC_RANDID=y
-CONFIG_GRKERNSEC_RANDSRC=y
-CONFIG_GRKERNSEC_RANDRPC=y
-# CONFIG_GRKERNSEC_SOCKET is not set
-
-#
-# Sysctl support
-#
-CONFIG_GRKERNSEC_SYSCTL=y
-
-#
-# Logging options
-#
-CONFIG_GRKERNSEC_FLOODTIME=10
-CONFIG_GRKERNSEC_FLOODBURST=4
diff --git a/sys-kernel/grsec-sources/files/CAN-2004-1056.patch b/sys-kernel/grsec-sources/files/CAN-2004-1056.patch
deleted file mode 100644
index 53b777acaac5..000000000000
--- a/sys-kernel/grsec-sources/files/CAN-2004-1056.patch
+++ /dev/null
@@ -1,321 +0,0 @@
-diff -ur linux-2.4.28/drivers/char/drm/i810.h linux-2.4.28.plasmaroo/drivers/char/drm/i810.h
---- linux-2.4.28/drivers/char/drm/i810.h 2003-11-28 18:26:20.000000000 +0000
-+++ linux-2.4.28.plasmaroo/drivers/char/drm/i810.h 2004-12-23 16:26:31.000000000 +0000
-@@ -114,4 +114,14 @@
- #define DRIVER_AGP_BUFFERS_MAP( dev ) \
- ((drm_i810_private_t *)((dev)->dev_private))->buffer_map
-
-+#define LOCK_TEST_WITH_RETURN( dev ) \
-+do { \
-+ if ( !_DRM_LOCK_IS_HELD( dev->lock.hw_lock->lock ) || \
-+ dev->lock.pid != current->pid ) { \
-+ DRM_ERROR( "%s called without lock held\n", \
-+ __FUNCTION__ ); \
-+ return -EINVAL; \
-+ } \
-+} while (0)
-+
- #endif
-diff -ur linux-2.4.28/drivers/char/drm/i810_dma.c linux-2.4.28.plasmaroo/drivers/char/drm/i810_dma.c
---- linux-2.4.28/drivers/char/drm/i810_dma.c 2004-02-18 13:36:31.000000000 +0000
-+++ linux-2.4.28.plasmaroo/drivers/char/drm/i810_dma.c 2004-12-23 16:27:16.000000000 +0000
-@@ -948,10 +948,7 @@
- drm_file_t *priv = filp->private_data;
- drm_device_t *dev = priv->dev;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_flush_ioctl called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- i810_flush_queue(dev);
- return 0;
-@@ -973,10 +970,7 @@
- if (copy_from_user(&vertex, (drm_i810_vertex_t *)arg, sizeof(vertex)))
- return -EFAULT;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_dma_vertex called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- if(vertex.idx < 0 || vertex.idx > dma->buf_count) return -EINVAL;
-
-@@ -1004,10 +998,7 @@
- if (copy_from_user(&clear, (drm_i810_clear_t *)arg, sizeof(clear)))
- return -EFAULT;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_clear_bufs called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- /* GH: Someone's doing nasty things... */
- if (!dev->dev_private) {
-@@ -1026,10 +1017,7 @@
- drm_file_t *priv = filp->private_data;
- drm_device_t *dev = priv->dev;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_swap_buf called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- i810_dma_dispatch_swap( dev );
- return 0;
-@@ -1064,10 +1052,7 @@
- if (copy_from_user(&d, (drm_i810_dma_t *)arg, sizeof(d)))
- return -EFAULT;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_dma called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- d.granted = 0;
-
-@@ -1174,11 +1159,7 @@
- if (copy_from_user(&mc, (drm_i810_mc_t *)arg, sizeof(mc)))
- return -EFAULT;
-
--
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_dma_mc called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- i810_dma_dispatch_mc(dev, dma->buflist[mc.idx], mc.used,
- mc.last_render );
-@@ -1223,10 +1204,7 @@
- drm_device_t *dev = priv->dev;
- drm_i810_private_t *dev_priv = (drm_i810_private_t *)dev->dev_private;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_fstatus called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
- return I810_READ(0x30008);
- }
-
-@@ -1237,10 +1215,7 @@
- drm_device_t *dev = priv->dev;
- drm_i810_private_t *dev_priv = (drm_i810_private_t *)dev->dev_private;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_ov0_flip called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- //Tell the overlay to update
- I810_WRITE(0x30000,dev_priv->overlay_physical | 0x80000000);
-diff -ur linux-2.4.28/drivers/char/drm/i830.h linux-2.4.28.plasmaroo/drivers/char/drm/i830.h
---- linux-2.4.28/drivers/char/drm/i830.h 2003-11-28 18:26:20.000000000 +0000
-+++ linux-2.4.28.plasmaroo/drivers/char/drm/i830.h 2004-12-23 16:31:33.000000000 +0000
-@@ -154,4 +154,14 @@
- #define DRIVER_AGP_BUFFERS_MAP( dev ) \
- ((drm_i830_private_t *)((dev)->dev_private))->buffer_map
-
-+#define LOCK_TEST_WITH_RETURN( dev ) \
-+do { \
-+ if ( !_DRM_LOCK_IS_HELD( dev->lock.hw_lock->lock ) || \
-+ dev->lock.pid != current->pid ) { \
-+ DRM_ERROR( "%s called without lock held\n", \
-+ __FUNCTION__ ); \
-+ return -EINVAL; \
-+ } \
-+} while (0)
-+
- #endif
-diff -ur linux-2.4.28/drivers/char/drm/i830_dma.c linux-2.4.28.plasmaroo/drivers/char/drm/i830_dma.c
---- linux-2.4.28/drivers/char/drm/i830_dma.c 2004-02-18 13:36:31.000000000 +0000
-+++ linux-2.4.28.plasmaroo/drivers/char/drm/i830_dma.c 2004-12-23 16:32:08.000000000 +0000
-@@ -1330,10 +1330,7 @@
- drm_file_t *priv = filp->private_data;
- drm_device_t *dev = priv->dev;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i830_flush_ioctl called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- i830_flush_queue(dev);
- return 0;
-@@ -1354,10 +1351,7 @@
- if (copy_from_user(&vertex, (drm_i830_vertex_t *)arg, sizeof(vertex)))
- return -EFAULT;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i830_dma_vertex called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- DRM_DEBUG("i830 dma vertex, idx %d used %d discard %d\n",
- vertex.idx, vertex.used, vertex.discard);
-@@ -1384,10 +1378,7 @@
- if (copy_from_user(&clear, (drm_i830_clear_t *)arg, sizeof(clear)))
- return -EFAULT;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i830_clear_bufs called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- /* GH: Someone's doing nasty things... */
- if (!dev->dev_private) {
-@@ -1409,10 +1400,7 @@
-
- DRM_DEBUG("i830_swap_bufs\n");
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i830_swap_buf called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- i830_dma_dispatch_swap( dev );
- return 0;
-@@ -1453,10 +1441,7 @@
-
- DRM_DEBUG("%s\n", __FUNCTION__);
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i830_flip_buf called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- if (!dev_priv->page_flipping)
- i830_do_init_pageflip( dev );
-@@ -1495,10 +1480,7 @@
- if (copy_from_user(&d, (drm_i830_dma_t *)arg, sizeof(d)))
- return -EFAULT;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i830_dma called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- d.granted = 0;
-
-diff -ur linux-2.4.28/drivers/char/drm/i830_irq.c linux-2.4.28.plasmaroo/drivers/char/drm/i830_irq.c
---- linux-2.4.28/drivers/char/drm/i830_irq.c 2003-11-28 18:26:20.000000000 +0000
-+++ linux-2.4.28.plasmaroo/drivers/char/drm/i830_irq.c 2004-12-23 16:39:47.000000000 +0000
-@@ -130,10 +130,7 @@
- drm_i830_irq_emit_t emit;
- int result;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i830_irq_emit called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- if ( !dev_priv ) {
- DRM_ERROR( "%s called with no initialization\n", __FUNCTION__ );
-diff -ur linux-2.4.28/drivers/char/drm-4.0/drmP.h linux-2.4.28.plasmaroo/drivers/char/drm-4.0/drmP.h
---- linux-2.4.28/drivers/char/drm-4.0/drmP.h 2004-02-18 13:36:31.000000000 +0000
-+++ linux-2.4.28.plasmaroo/drivers/char/drm-4.0/drmP.h 2004-12-23 16:21:30.000000000 +0000
-@@ -294,6 +294,16 @@
- #define DRM_BUFCOUNT(x) ((x)->count - DRM_LEFTCOUNT(x))
- #define DRM_WAITCOUNT(dev,idx) DRM_BUFCOUNT(&dev->queuelist[idx]->waitlist)
-
-+#define LOCK_TEST_WITH_RETURN( dev ) \
-+do { \
-+ if ( !_DRM_LOCK_IS_HELD( dev->lock.hw_lock->lock ) || \
-+ dev->lock.pid != current->pid ) { \
-+ DRM_ERROR( "%s called without lock held\n", \
-+ __FUNCTION__ ); \
-+ return -EINVAL; \
-+ } \
-+} while (0)
-+
- typedef int drm_ioctl_t(struct inode *inode, struct file *filp,
- unsigned int cmd, unsigned long arg);
-
-diff -ur linux-2.4.28/drivers/char/drm-4.0/i810_dma.c linux-2.4.28.plasmaroo/drivers/char/drm-4.0/i810_dma.c
---- linux-2.4.28/drivers/char/drm-4.0/i810_dma.c 2004-02-18 13:36:31.000000000 +0000
-+++ linux-2.4.28.plasmaroo/drivers/char/drm-4.0/i810_dma.c 2004-12-23 16:21:30.000000000 +0000
-@@ -1249,10 +1249,7 @@
- drm_device_t *dev = priv->dev;
-
- DRM_DEBUG("i810_flush_ioctl\n");
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_flush_ioctl called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- i810_flush_queue(dev);
- return 0;
-@@ -1274,10 +1271,7 @@
- if (copy_from_user(&vertex, (drm_i810_vertex_t *)arg, sizeof(vertex)))
- return -EFAULT;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_dma_vertex called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- DRM_DEBUG("i810 dma vertex, idx %d used %d discard %d\n",
- vertex.idx, vertex.used, vertex.discard);
-@@ -1308,10 +1302,7 @@
- if (copy_from_user(&clear, (drm_i810_clear_t *)arg, sizeof(clear)))
- return -EFAULT;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_clear_bufs called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- i810_dma_dispatch_clear( dev, clear.flags,
- clear.clear_color,
-@@ -1327,10 +1318,7 @@
-
- DRM_DEBUG("i810_swap_bufs\n");
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_swap_buf called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- i810_dma_dispatch_swap( dev );
- return 0;
-@@ -1366,10 +1354,7 @@
- if (copy_from_user(&d, (drm_i810_dma_t *)arg, sizeof(d)))
- return -EFAULT;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_dma called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- d.granted = 0;
-
-@@ -1399,10 +1384,7 @@
- drm_i810_buf_priv_t *buf_priv;
- drm_device_dma_t *dma = dev->dma;
-
-- if(!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock)) {
-- DRM_ERROR("i810_dma called without lock held\n");
-- return -EINVAL;
-- }
-+ LOCK_TEST_WITH_RETURN(dev);
-
- if (copy_from_user(&d, (drm_i810_copy_t *)arg, sizeof(d)))
- return -EFAULT;
diff --git a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.30.2.1.5 b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.30.2.1.5
deleted file mode 100644
index 942a79eb2662..000000000000
--- a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.30.2.1.5
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 fe2d358354da987e5b49fed88736ae59 grsecurity-2.1.5-2.4.30-200504082027.patch.gz 147732
-MD5 75d8ce40a3668603017cd186909efe8d linux-2.4.30.tar.bz2 31136728
-MD5 3fa09a0d8ea8def546b840bde027d61b linux-2.4.28-CAN-2004-0814.patch 145009
diff --git a/sys-kernel/grsec-sources/files/linux-2.4.28-random-poolsize.patch b/sys-kernel/grsec-sources/files/linux-2.4.28-random-poolsize.patch
deleted file mode 100644
index 6d153e2cd061..000000000000
--- a/sys-kernel/grsec-sources/files/linux-2.4.28-random-poolsize.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -ur linux-2.4.28/drivers/char/random.c.orig linux-2.4.28.orig/drivers/char/random.c
---- linux-2.4.28.orig/drivers/char/random.c.orig 2004-11-17 11:54:21.000000000 +0000
-+++ linux-2.4.28/drivers/char/random.c 2005-01-08 02:54:49.198635736 +0000
-@@ -1787,7 +1787,7 @@
- void *oldval, size_t *oldlenp,
- void *newval, size_t newlen, void **context)
- {
-- int len;
-+ size_t len;
-
- sysctl_poolsize = random_state->poolinfo.POOLBYTES;
-
diff --git a/sys-kernel/grsec-sources/metadata.xml b/sys-kernel/grsec-sources/metadata.xml
deleted file mode 100644
index eeb0b7d80cf7..000000000000
--- a/sys-kernel/grsec-sources/metadata.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
-<pkgmetadata>
- <herd>no-herd</herd>
- <maintainer>
- <email>solar@gentoo.org</email>
- <description>Primary Maintainer</description>
- </maintainer>
- <maintainer>
- <email>tocharian@tocharian.org</email>
- <description>Backup Maintainer</description>
- </maintainer>
- <longdescription>Vanilla sources of the linux kernel with the grsecurity patch</longdescription>
-</pkgmetadata>