Copperhead's linux-hardened can be a suitable replacement for grsec in due time. However, AFAIK that is not the intent. Fot those unfamiliar with Copperhead, they did (and do) an awesome job on hardening Android. They have forked AOSP, hardened it. The fork is called CopperheadOS.
This is also the reason why their linux-hardened project exists. Android is based on Linux, they want to have a solid foundation for new Google devices going forward (eg, Pixel 3). Their patchset is still in the works. It's not Copperhead's main focus and they seem to have a constant lack of time [1]. But AFAIK, it is a whole lot better than the vanilla Linux kernel. For click 'n play fun, Arch Linux does have it available in a binary package, a mere 'pacman -S linux-hardened linux-hardened-headers' is enough to install it. The headers package is needed whenever a DKMS driver is used for ugly, closed hardware. -J. [1] = eg: https://twitter.com/CopperheadOS/status/962966669931962368 On Sun, 2018-02-11 at 12:55 +0200, Dumitru Mișu Moldovan wrote: > Hardened Linux kernel sources were dropped from the official Gentoo > repo > in August 2017.¹ However, for now there is an alternative for Gentoo > users,² which started³ with the unofficial forward ports of the last > publicly available grsecurity patches.⁴ For how long, it remains to > be > seen… At the moment the only way forward seems to be > https://github.com/copperhead/linux-hardened. > > Not affiliated to any of these projects, just a former Hardened > Gentoo > user, still have it installed on a stashed-away HDD, just in case… > > 1. https://www.gentoo.org/news/2017/08/19/hardened-sources-removal.h > tml > 2. https://gitweb.gentoo.org/dev/ago.git/tree/sys-kernel/grsecurity- > sources > 3. > https://blogs.gentoo.org/ago/2017/08/21/sys-kernel-grsecurity-sources > -available/ > 4. https://github.com/minipli/linux-unofficial_grsec > >
