As per new Kernel Security Guidelines, unsupported kernel sources should have an ewarn triggered upon emerge warning users that they are installing a kernel not supported by Gentoo Security. My idea about what the language should be is below: The kernel source XXX you are installing is not supported by the Gentoo Security Team. The maintainer YYYY of this kernel source is responsible for security updates and patches. Use at your own risk.
H_SECURITY_SUPPORTED should be set to true for the following -sources: ck-sources gentoo-sources hardened-sources hppa-sources mips-sources openvz-sources rsbac-sources sparc-sources suspend2-sources systrace-sources usermode-sources vserver-sources xen-sources The following are unsupported due to hardmask: cell-sources openblocks-sources openmosix-sources The following are unsupported due to maintainer decision or direct copies from upstream: freebsd-sources git-sources mm-sources xbox-sources vanilla-sources
I can't decide which message to use, I can't think of any which fit all of the kernels listed there. I'd much prefer we document this on the website first, then we can just add a URL, which would list reasons for not supporting each of those kernels.
http://www.gentoo.org/proj/en/security/kernel.xml I'll get to this soon.
created K_SECURITY_UNSUPPORTED flag and set it on: git-sources kurobox-sources mm-sources openblocks-sources openmosix-sources sh-sources xbox-sources vanilla-sources
