diff -Nrup linux-2.6.4-hardened.orig/grsecurity/Kconfig linux-2.6.4-hardened/grsecurity/Kconfig
--- linux-2.6.4-hardened.orig/grsecurity/Kconfig	2004-03-14 21:05:08.000000000 -0500
+++ linux-2.6.4-hardened/grsecurity/Kconfig	2004-03-14 21:51:03.000000000 -0500
@@ -602,7 +602,14 @@ config GRKERNSEC_PROC_IPADDR
 	  to a local attack.  The entry is readable by only the owner of the
 	  process (and root if he has CAP_DAC_OVERRIDE, which can be removed via
 	  the RBAC system), and thus does not create privacy concerns.
-
+config GRKERNSEC_AUDIT_TEXTREL
+	bool "ELF text relocation logging"
+	help
+	  If you say Y here, a new entry will be added to enable the auditing
+	  of ELF text relocations. This is only mainly useful while your in the
+	  the transision process of getting your system to become PIC/ET_DYN 
+	  aware. A sysctl entry kernel.grsecurity.audit_textrel is created 
+	  when enabled.
 endmenu
 
 menu "Executable Protections"
diff -Nrup linux-2.6.4-hardened.orig/grsecurity/Makefile linux-2.6.4-hardened/grsecurity/Makefile
--- linux-2.6.4-hardened.orig/grsecurity/Makefile	2004-03-14 21:05:08.000000000 -0500
+++ linux-2.6.4-hardened/grsecurity/Makefile	2004-03-14 21:10:50.000000000 -0500
@@ -19,3 +19,4 @@ ifndef CONFIG_GRKERNSEC
 obj-y += grsec_disabled.o
 endif
 
+obj-y += grsec_textrel.o
diff -Nrup linux-2.6.4-hardened.orig/grsecurity/grsec_init.c linux-2.6.4-hardened/grsecurity/grsec_init.c
--- linux-2.6.4-hardened.orig/grsecurity/grsec_init.c	2004-03-14 21:05:08.000000000 -0500
+++ linux-2.6.4-hardened/grsecurity/grsec_init.c	2004-03-14 21:13:31.000000000 -0500
@@ -7,6 +7,7 @@
 #include <linux/vmalloc.h>
 #include <linux/percpu.h>
 
+int grsec_enable_audit_textrel;
 int grsec_enable_link;
 int grsec_enable_dmesg;
 int grsec_enable_fifo;
@@ -108,6 +109,9 @@ grsecurity_init(void)
 	grsec_enable_group = 1;
 	grsec_audit_gid = CONFIG_GRKERNSEC_AUDIT_GID;
 #endif
+#ifdef	CONFIG_GRKERNSEC_AUDIT_TEXTREL
+	grsec_enable_audit_textrel = 1;
+#endif
 #ifdef CONFIG_GRKERNSEC_AUDIT_CHDIR
 	grsec_enable_chdir = 1;
 #endif
diff -Nrup linux-2.6.4-hardened.orig/grsecurity/grsec_sysctl.c linux-2.6.4-hardened/grsecurity/grsec_sysctl.c
--- linux-2.6.4-hardened.orig/grsecurity/grsec_sysctl.c	2004-03-14 21:05:08.000000000 -0500
+++ linux-2.6.4-hardened/grsecurity/grsec_sysctl.c	2004-03-14 21:23:11.000000000 -0500
@@ -26,7 +26,7 @@ GS_RANDPID, GS_RANDID, GS_RANDSRC, GS_RA
 GS_SOCKET_ALL, GS_SOCKET_ALL_GID, GS_SOCKET_CLIENT,
 GS_SOCKET_CLIENT_GID, GS_SOCKET_SERVER, GS_SOCKET_SERVER_GID, GS_TTY, GS_TTYS,
 GS_PTY, GS_GROUP, GS_GID, GS_ACHDIR, GS_AMOUNT, GS_AIPC, GS_DMSG, GS_RANDRPC,
-GS_FINDTASK, GS_LOCK};
+GS_FINDTASK, GS_LOCK, GS_TEXTREL};
 
 
 ctl_table grsecurity_table[] = {
@@ -430,6 +430,16 @@ ctl_table grsecurity_table[] = {
 		.proc_handler	= &proc_dointvec,
 	},
 #endif
+#ifdef CONFIG_GRKERNSEC_AUDIT_TEXTREL
+	{
+		.ctl_name	= GS_TEXTREL,
+		.procname	= "audit_textrel",
+		.data		= &grsec_enable_audit_textrel,
+		.maxlen		= sizeof(int),
+		.mode		= 0600,
+		.proc_handler	= &proc_dointvec,
+	},
+#endif
 	{
 		.ctl_name	= GS_LOCK,
 		.procname	= "grsec_lock",
diff -Nrup linux-2.6.4-hardened.orig/grsecurity/grsec_textrel.c linux-2.6.4-hardened/grsecurity/grsec_textrel.c
--- linux-2.6.4-hardened.orig/grsecurity/grsec_textrel.c	1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.4-hardened/grsecurity/grsec_textrel.c	2004-03-14 21:14:48.000000000 -0500
@@ -0,0 +1,17 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
+#include <linux/mm.h>
+#include <linux/grinternal.h>
+#include <linux/grsecurity.h>
+
+void
+gr_log_textrel(struct vm_area_struct * vma)
+{
+#ifdef CONFIG_GRKERNSEC_AUDIT_TEXTREL
+	if (grsec_enable_audit_textrel)
+		security_audit(GR_TEXTREL_AUDIT_MSG, 
+		vma->vm_start, vma->vm_pgoff, 
+		DEFAULTSECARGS);
+#endif
+	return;
+}
diff -Nrup linux-2.6.4-hardened.orig/include/linux/grmsg.h linux-2.6.4-hardened/include/linux/grmsg.h
--- linux-2.6.4-hardened.orig/include/linux/grmsg.h	2004-03-14 21:05:08.000000000 -0500
+++ linux-2.6.4-hardened/include/linux/grmsg.h	2004-03-14 21:16:57.000000000 -0500
@@ -12,6 +12,7 @@
 #define GR_MEM_MMAP_MSG "attempted mmap write of /dev/[k]mem by " DEFAULTSECMSG
 #define GR_SYMLINK_MSG "not following symlink %.950s owned by %d.%d by " DEFAULTSECMSG
 #define GR_LEARN_AUDIT_MSG "%s\t%u\t%u\t%u\t%.4095s\t%.4095s\t%lu\t%lu\t%.4095s\t%lu\t%u.%u.%u.%u"
+#define GR_TEXTREL_AUDIT_MSG "textrel VMA:0x%08lx 0x%08lx in " DEFAULTSECMSG
 #define GR_HIDDEN_ACL_MSG "%s access to hidden file %.950s by " DEFAULTSECMSG
 #define GR_OPEN_ACL_MSG "%s open of %.950s for%s%s by " DEFAULTSECMSG
 #define GR_CREATE_ACL_MSG "%s create of %.950s for%s%s by " DEFAULTSECMSG
diff -Nrup linux-2.6.4-hardened.orig/include/linux/grsecurity.h linux-2.6.4-hardened/include/linux/grsecurity.h
--- linux-2.6.4-hardened.orig/include/linux/grsecurity.h	2004-03-14 21:05:08.000000000 -0500
+++ linux-2.6.4-hardened/include/linux/grsecurity.h	2004-03-14 21:17:50.000000000 -0500
@@ -181,6 +181,7 @@ extern int grsec_enable_randid;
 extern int grsec_enable_randisn;
 extern int grsec_enable_randsrc;
 extern int grsec_enable_randrpc;
+extern int grsec_enable_audit_textrel;
 #endif
 
 #endif
diff -Nrup linux-2.6.4-hardened.orig/mm/mprotect.c linux-2.6.4-hardened/mm/mprotect.c
--- linux-2.6.4-hardened.orig/mm/mprotect.c	2004-03-14 21:05:08.000000000 -0500
+++ linux-2.6.4-hardened/mm/mprotect.c	2004-03-14 21:25:01.000000000 -0500
@@ -328,6 +328,7 @@ static inline void pax_handle_maywrite(s
 			return;
 		if (dyn.d_tag == DT_TEXTREL || (dyn.d_tag == DT_FLAGS && (dyn.d_un.d_val & DF_TEXTREL))) {
 			vma->vm_flags |= VM_MAYWRITE | VM_MAYNOTWRITE;
+			gr_log_textrel(vma);
 			return;
 		}
 		i++;