fixed CONFIG_PAX_MEMORY_STACKLEAK issue in xenserver guests, needed to

be disabled in order to boot or the dom0 would complain about an
incompatible kernel

1 files changed, 3 insertions, 3 deletions

diff --git a/3.3.3/4455_grsec-kconfig-gentoo.patch b/3.3.3/4455_grsec-kconfig-gentoo.patch
index 79f97da..b9dc3e5 100644
--- a/3.3.3/4455_grsec-kconfig-gentoo.patch
+++ b/3.3.3/4455_grsec-kconfig-gentoo.patch
@@ -95,7 +95,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
 +	select PAX_REFCOUNT if (X86 || SPARC64)
 +	select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB || SLOB))
 +	select PAX_MEMORY_SANITIZE
-+	select PAX_MEMORY_STACKLEAK
++	select PAX_MEMORY_STACKLEAK if (!XEN)
 +	help
 +	  If you say Y here, a configuration for grsecurity/PaX features
 +	  will be used that is endorsed by the Hardened Gentoo project.
@@ -180,7 +180,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
 +	select PAX_REFCOUNT if (X86 || SPARC64)
 +	select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB || SLOB))
 +	select PAX_MEMORY_SANITIZE
-+	select PAX_MEMORY_STACKLEAK
++	select PAX_MEMORY_STACKLEAK if (!XEN)
 +	help
 +	  If you say Y here, a configuration for grsecurity/PaX features
 +	  will be used that is endorsed by the Hardened Gentoo project.
@@ -263,7 +263,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
 +	select PAX_REFCOUNT if (X86 || SPARC64)
 +	select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB || SLOB))
 +	select PAX_MEMORY_SANITIZE
-+	select PAX_MEMORY_STACKLEAK
++	select PAX_MEMORY_STACKLEAK if (!XEN)
 +	help
 +	  If you say Y here, a configuration for grsecurity/PaX features
 +	  will be used that is endorsed by the Hardened Gentoo project.