Created attachment 490868 [details, diff] nvidia-drivers-384.47-pax.patch >>> Preparing source in /var/tmp/portage/x11-drivers/nvidia-drivers-384.59-r1/work ... * Using PAX patches is not supported. You will be asked to * use a standard kernel should you have issues. Should you * need support with these patches, contact the PaX team. * Applying nvidia-drivers-375.20-pax.patch ... The text leading up to this was: -------------------------- |diff -urp work.orig/kernel/nvidia-uvm/uvm_full_fault_buffer.h work/kernel/nvidia-uvm/uvm_full_fault_buffer.h |--- work.orig/kernel/nvidia-uvm/uvm_full_fault_buffer.h 2016-11-27 21:56:50.399642330 +0100 |+++ work/kernel/nvidia-uvm/uvm_full_fault_buffer.h 2016-11-27 21:54:23.975709978 +0100 -------------------------- No file to patch. Skipping patch. 2 out of 2 hunks ignored [ !! ] * ERROR: x11-drivers/nvidia-drivers-384.59-r1::gentoo failed (prepare phase): * patch -p1 failed with /var/tmp/portage/x11-drivers/nvidia-drivers-384.59-r1/files/nvidia-drivers-375.20-pax.patch Updated patch (attached) was downloaded from upstream (https://www.grsecurity.net/~paxguy1/) - looks like even after closing source of GrSecurity/PaX kernel patch this nvidia-drivers patch is still publicly available. Only change required in nvidia-drivers-384.59-r1.ebuild and nvidia-drivers-384.69.ebuild is to replace patch version at line: - eapply "${FILESDIR}"/${PN}-375.20-pax.patch + eapply "${FILESDIR}"/${PN}-384.47-pax.patch
Created attachment 497794 [details, diff] Don't modify const struct. Adding this user patch makes it possible to emerge x11-drivers/nvidia-drivers-384.90 on 4.9.52-grsecurity. Note: this works with the modeset module; don't know if it will work without it.
Created attachment 500066 [details, diff] User patch for nvidia-drivers-387.12 For use with nvidia-drivers-387.12-pax.patch from https://www.grsecurity.net/~paxguy1/
Created attachment 505864 [details, diff] nvidia-drivers-387.22-pax.patch This patch is prepared from nvidia-drivers-387.12-pax.patch, only offsets and one context line was changed, so patch is actually the same.
Created attachment 506564 [details, diff] nvidia-drivers-387.22-pax.patch w/ uvm fix Thank you very much Alex, this helped me a great deal. I added an uvm fix to the patch you attached. source: https://forums.grsecurity.net/viewtopic.php?f=3&t=4654
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=421d7dc6fb791f8edde480dc6d989ade59c54710 commit 421d7dc6fb791f8edde480dc6d989ade59c54710 Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2019-01-16 10:24:43 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2019-01-16 10:32:11 +0000 x11-drivers/nvidia-drivers: Drop USE=pax_kernel Closes: https://bugs.gentoo.org/551366 Closes: https://bugs.gentoo.org/593624 Closes: https://bugs.gentoo.org/600156 Closes: https://bugs.gentoo.org/629062 Closes: https://bugs.gentoo.org/633738 Closes: https://bugs.gentoo.org/650482 Package-Manager: Portage-2.3.56, Repoman-2.3.12 Signed-off-by: Jeroen Roovers <jer@gentoo.org> .../files/nvidia-drivers-331.13-pax-usercopy.patch | 52 --- .../files/nvidia-drivers-337.12-pax-constify.patch | 25 -- .../files/nvidia-drivers-375.20-pax.patch | 406 --------------------- x11-drivers/nvidia-drivers/metadata.xml | 4 - .../nvidia-drivers/nvidia-drivers-340.107.ebuild | 12 +- .../nvidia-drivers/nvidia-drivers-390.87.ebuild | 11 +- .../nvidia-drivers/nvidia-drivers-410.93.ebuild | 9 +- .../nvidia-drivers/nvidia-drivers-415.25.ebuild | 9 +- .../nvidia-drivers/nvidia-drivers-415.27.ebuild | 9 +- 9 files changed, 7 insertions(+), 530 deletions(-)