Hardened Kernel

The Hardened Kernel Project is seeking to merge Grsecurity/PaX features into the upstream kernel.

Project Facilitators
This project does not have leaders per se. We are here to facilitate communication between different parties working on security features for the upstream Linux kernel.

Why?

 * Grsecurity is no longer providing public patches to the community. As such we wish to continue the tradition they inspired of a culture that emphasizes security first before stability.
 * In recognizing the issues that security centric architectures may provide to end users, we hope to bridge hardened configurations and the needs of the average user community so that all may benefit.

Project Goals
Our goals are:


 * Encourage and facilitate open source development of security features for the Linux kernel.
 * Track progress of development work.
 * Maintain a set of patches for security features that have not yet been merged into mainline.
 * Remain distribution agnostic. We want to focus on patches that affect Linux directly.
 * Work with the KSPP.

Philosophy
All are welcome!


 * We need all the help we can get. Think you're lacking the skills? Feel like there's nothing you could do with your current skillset? Let us prove you wrong!

Resources

 * Grsecurity archive: https://github.com/nmatt0/grsec-archive
 * Grsecurity documentation: https://en.wikibooks.org/wiki/Grsecurity
 * New to kernel development?: http://kernelnewbies.org/
 * Kernel-hardening mailing list: http://www.openwall.com/lists/kernel-hardening/

Get Involved
Want to contribute to the project? Here is how to get started.

Communication
We do not have our own irc channel or mailing list. However we hangout/communicate in the following ways
 * irc
 * #pax on irc.oftc.net
 * #gentoo-hardened on freenode
 * kernel hardening mailing list

Contribute
We welcome the following help
 * Testing
 * Grab the most recent patch and tell us if it works or not: https://github.com/thestinger/linux-hardened/releases
 * Feature Merges
 * We are currently working adding features to our out-of-tree patchset. Talk to one of us and let us know if there is a feature you want to work on.
 * Upstreaming
 * The long term goal is to get all security features from this project into the linux kernel itself.

Progress tracking
Porting grsecurity features: