Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 470644

Summary: sys-kernel/gentoo-sources: needs support for namespace user.pax.* on tmpfs
Product: Gentoo Linux Reporter: Anthony Basile <blueness>
Component: [OLD] Core systemAssignee: Gentoo Kernel Bug Wranglers and Kernel Maintainers <kernel>
Status: RESOLVED FIXED    
Severity: enhancement CC: alexander, hardened-kernel+disabled, hardened, nikoli, pageexec
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 427888    
Attachments: Adds user.pax.* namespace to tmpfs if tmpfs supports extended attributes

Description Anthony Basile gentoo-dev 2013-05-19 13:31:26 UTC 
This patch adds support for a restricted user-controlled namespace on tmpfs filesystem used to house PaX flags.  The namespace must be of the form user.pax.* and its value cannot exceed a size of 8 bytes.

This is needed even on all Gentoo systems so that XATTR_PAX flags are preserved for users who might build packages using portage on a tmpfs system with a non-hardened kernel and then switch to a hardened kernel with XATTR_PAX enabled.

The namespace is added to any user with Extended Attribute support enabled for tmpfs.  Users who do not enable xattrs will not have the XATTR_PAX flags preserved.


Reproducible: Always
Comment 1 Anthony Basile gentoo-dev 2013-05-19 14:05:05 UTC 
Created attachment 348672 [details, diff]
Adds user.pax.* namespace to tmpfs if tmpfs supports extended attributes
Comment 2 Anthony Basile gentoo-dev 2013-05-19 14:07:15 UTC 
To be clear, I think this patch should be a permanent part of genpatches-3.X-Y.extras.tar.xz,
Comment 3 Tom Wijsman (TomWij) (RETIRED) gentoo-dev 2013-05-20 16:44:01 UTC 
Will be part of 3.0, 3.2, 3.4, 3.9 released from now on.