grsecurity (never mind!)
Then I tried the 2.6.27.4-linode14 sources and the config that is used when that kernel is selected on the Dashboard. Without applying any patches, I was at least able to get that kernel to compile and boot. I used incremental patches to upgrade to 2.6.27.10 (the kernel version grsecurity patches against), and it still booted. Then I applied the grsecurity patch, compiled (no config changes), and the kernel pagefaulted immediately. Obviously, after that, I didn't try enabling grsecurity or PaX in the kernel config.
Has anyone gotten this to work? Any ideas how?