Hardened Kernel

The Hardened Kernel Project is seeking to merge Grsecurity/PaX features into the upstream kernel.

Project Facilitators
This project does not have leaders per se. We are here to facilitate communication between different parties working on security features for the upstream Linux kernel.

Why?

 * Grsecurity is no longer providing public patches to the community. As such we wish to continue the tradition they inspired of a culture that emphasizes security first before stability.
 * In recognizing the issues that security centric architectures may provide to end users, we hope to bridge hardened configurations and the needs of the average user community so that all may benefit.

Project Goals
Our goals are:


 * Encourage and facilitate open source development of security features for the Linux kernel.
 * Track progress of development work.
 * Maintain a set of patches for security features that have not yet been merged into mainline.
 * Remain distribution agnostic. We want to focus on patches that affect Linux directly.
 * Work with the KSPP.

Philosophy
All are welcome!


 * We need all the help we can get. Think you're lacking the skills? Feel like there's nothing you could do with your current skillset? Let us prove you wrong!

Resources

 * Grsecurity archive: https://github.com/nmatt0/grsec-archive
 * Grsecurity documentation: https://en.wikibooks.org/wiki/Grsecurity
 * New to kernel development?: http://kernelnewbies.org/
 * Kernel-hardening mailing list: http://www.openwall.com/lists/kernel-hardening/

Code Repos and Patches

 * Unofficial forward ports of the last publicly available grsecurity patch
 * Unofficial and quick 4.9.25 unofficial grsecurity patch

Progress tracking
Porting grsecurity features: