x86_64 HLFS

Valter Douglas Lisbôa Jr. douglas at trenix.com.br
Thu Jul 31 06:53:31 PDT 2008


On Thursday 31 July 2008 04:06:20 Jan Dvorak wrote:
> Hi,
Hi

>  have anyone tried CLFS with HLFS patches any recently? 
It's not a easy task. I try only try some things.

> Is it buildable? 
Yes, it is. 

But I think you will neeed change and/or create some patches. 

I'm just a month to start try build a new version of my LFS, which have some 
portions of the HLFS user space hardennings (Stack Guard). I want to put 
regparm on system and, to me, it's appear to be necessary to do some arcane 
stuffs to enable this on non regparm, so I'm studing CLFS to undestand how to 
build a system with diferents arch and get some tip (perhaps the glibc "no 
link with libgcc_s" patch &-) )

I'll do some test in 64 bits and add others hardenings from HLFS, too. 

> How less hardened would that be? 
So hardened than a HLFS. :-) 

It's mainly depend the hardenings you can port to CLFS. I think you must start 
with a CLFS stable and after be well succeed here (if you have not been 
succeed) and than port step-by-step some features of HLFS. 

Remeber HLFS is not considered stable so, I suggest do it in parts, I could 
start applying stack guard, then Fortify Code, then strl* patches , etc. 
Saving a whole grsecurity/RSBAC/PaX hardening to the end.

I hope this can help you, it's only suggestions.

>
>         Thanks for opinions.
>
> PS. Sorry for the wrong Subject.
No problem

-- 
Valter Douglas Lisbôa Jr.
Sócio-Diretor
Trenix - IT Solutions
"Nossas Idéias, suas Soluções!"
www.trenix.com.br
contato at trenix.com.br
Tel. +55 19 3402.2957
Cel. +55 19 9183.4244



More information about the hlfs-dev mailing list