Hi All,
As a sort of 'prototype`' email for reporting back on one of the potential sources for 4.9 kernel fixes, I went trolling into the gentoo repo. (gentoo-sources to be exact, I didn't look at hardened tho I will)
For 4.9 it's a pretty short list of potential fixes. Being more verbose about this just because well first post as well get started, here's what I've whittled the list down to and recommendations for the two patches.
Patch: 1510_fs-enable-link-security-restrictions-by-default.patch From: http://sources.debian.net/src/linux/3.16.7-ckt4-3/debian/patches/debian/fs-e... Desc: Enable link security restrictions by default. Recommendation : Interesting but I have hard accepting this as a 'fix' as compared to a feature change.
Patch: 2900_dev-root-proc-mount-fix.patch From: https://bugs.gentoo.org/show_bug.cgi?id=438380 Desc: Ensure that /dev/root doesn't appear in /proc/mounts when bootint without an initramfs. Discussion: https://patchwork.kernel.org/patch/2076031/ (unresolved) Recommendation: no action