Hello, I downloaded the latest stable kernel from kernel.org and used the fedora 21 kernel configuration located in the kernel-devel package: After compiling the kernel, I put the appropriate files (kernel, modules, config) in a tarball file and distribute this to Gentoo users. While our package management installs binary files, it checks these files on the fly to see if their are any security concerns. It seems that the following files have writable/executable sections: * QA Notice: The following files contain writable and executable sections * Files with such sections will not work properly (or at all!) on some * architectures/operating systems. A bug should be filed at * http://bugs.gentoo.org/ to make sure the issue is fixed. * For more information, see http://hardened.gentoo.org/gnu-stack.xml * Please include the following list of files in your report: * Note: Bugs should be filed for the respective maintainers * of the package in question and not hardened@g.o. * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/camellia-aesni-avx2.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/sha1-ssse3.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/cast5-avx-x86_64.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/crc32c-intel.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/serpent-avx2.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/blowfish-x86_64.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/camellia-aesni-avx-x86_64.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/salsa20-x86_64.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/crct10dif-pclmul.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/twofish-avx-x86_64.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/sha512-ssse3.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/camellia-x86_64.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/cast6-avx-x86_64.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/crc32-pclmul.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/des3_ede-x86_64.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/sha256-ssse3.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/ghash-clmulni-intel.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/serpent-sse2-x86_64.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/twofish-x86_64-3way.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/twofish-x86_64.ko * --X --- --- lib/modules/3.19.2-FC.01/kernel/arch/x86/crypto/serpent-avx-x86_64.ko When I had these modules built into the kernel (with a different kernel config), these errors didn't appear, however as modules, they have now become visible. This doesn't just happen with 3.19.2, also happens with 3.18.X and probably earlier versions.
Forgot to mention the kernel config url for: kernel-devel-3.18.9-200.fc21.x86_64.rpm (in the amd64 section) http://koji.fedoraproject.org/koji/buildinfo?buildID=619142
And the 3.19.2 kernel config: kernel-devel-3.19.2-201.fc21.x86_64.rpm http://koji.fedoraproject.org/koji/buildinfo?buildID=623012