This patch adds support for a restricted user-controlled namespace on tmpfs filesystem used to house PaX flags. The namespace must be of the form user.pax.* and its value cannot exceed a size of 8 bytes. This is needed even on all Gentoo systems so that XATTR_PAX flags are preserved for users who might build packages using portage on a tmpfs system with a non-hardened kernel and then switch to a hardened kernel with XATTR_PAX enabled. The namespace is added to any user with Extended Attribute support enabled for tmpfs. Users who do not enable xattrs will not have the XATTR_PAX flags preserved. Reproducible: Always
Created attachment 348672 [details, diff] Adds user.pax.* namespace to tmpfs if tmpfs supports extended attributes
To be clear, I think this patch should be a permanent part of genpatches-3.X-Y.extras.tar.xz,
Will be part of 3.0, 3.2, 3.4, 3.9 released from now on.
