--- media-video/nvidia-kernel/nvidia-kernel-1.0.2880-r1.ebuild~	Tue Apr 30 07:07:14 2002
+++ media-video/nvidia-kernel/nvidia-kernel-1.0.2880-r1.ebuild	Tue Apr 30 07:02:44 2002
@@ -18,6 +18,12 @@
 DEBUG="yes"
 RESTRICT="nostrip"
 
+src_unpack() {
+	unpack ${NV_PACKAGE}.tar.gz
+	cd ${S}
+	patch -p1 < ${FILESDIR}/nvidia-kernel-1.0.2880-grsecurity-gentoo.diff || die
+}
+
 src_compile() {
 	make KERNDIR="/usr/src/linux-${KV}" \
 		clean NVdriver || die
--- /dev/null	Tue Apr 30 00:34:45 2002
+++ media-video/nvidia-kernel/files/nvidia-kernel-1.0.2880-grsecurity-gentoo.diff	Tue Apr 30 07:03:26 2002
@@ -0,0 +1,18 @@
+--- NVIDIA_kernel-1.0-2880/nv.h~	Tue Mar 26 17:52:43 2002
++++ NVIDIA_kernel-1.0-2880/nv.h	Tue Apr 30 06:30:43 2002
+@@ -14,6 +14,15 @@
+ 
+ #include <nvtypes.h>
+ 
++#if defined(CONFIG_GRKERNSEC_PAX) || defined(CONFIG_GRKERNSEC_PAX_RANDMMAP)
++/* PAGE_SHARED won't be defined at if one of these is defined.  If these are
++ * not defined, the Grsecurity patch might not be applied, so we can't use
++ * PAGE_SHARED_NOEXEC then. PAGE_SHARED_NOEXEC won't have any effect without
++ * CONFIG_GRSECURITY_PAX, but if only CONFIG_GRSECURITY_PAX_RANDMMAP is
++ * defined, it will be the same as PAGE_SHARED_EXEC (the old PAGE_SHARED).  */
++#define PAGE_SHARED PAGE_SHARED_NOEXEC
++#endif
++
+ /* Nvidia's reserved major device number
+  * Set this to 0 to request dynamic major number allocation. */
+ #define NV_MAJOR_DEVICE_NUMBER 195