On Sun, 30 Apr 2017 16:16:46 +0300 Alex Efros wrote: > Hi! > > On Sun, Apr 30, 2017 at 04:00:39PM +0300, Andrew Savchenko wrote: > > The only way to preserve this functionality in the long run is to > > port it to the mainline kernel. This will not be easy, most likely > > not everything will be accepted, some stuff will have to be > > reimplemented using another approaches, etc. > > We had 16 years to do this with help of GrSec/PaX developers. It wasn't > happened, and it's unlikely happens now unless some huge company decide to > spend a lot of resources for this.
There was not enough motivation for this. Why to invest resources into porting if it works the way it is? Now situation is different, so we'll see what follows. BTW a number of features were ported to or reimplemented in the mainline kernel: ASLR, MAC, auditing, ptrace snooping protection. Probably many more, I haven't studies this in detail. Best regards, Andrew Savchenko
pgpMq7e9AEIOP.pgp
Description: PGP signature
