| 1 |
Hi Brad, |
| 2 |
|
| 3 |
Am 13.11.2006 um 12:12 schrieb Brad Plant: |
| 4 |
|
| 5 |
> Hi Andreas, |
| 6 |
> |
| 7 |
> Andreas Philipp wrote: |
| 8 |
>> I've tried enabling all of pax/grsec while disabling selinux but |
| 9 |
>> without |
| 10 |
>> success. As long as I've enabled |
| 11 |
>> PAX -> |
| 12 |
>> Miscellaneous hardening features -> |
| 13 |
>> Sanitize all freed memory |
| 14 |
>> I even get another error in mm/page_allac.c: |
| 15 |
>> CC mm/page_alloc.o |
| 16 |
>> GZIP kernel/config_data.gz |
| 17 |
>> mm/page_alloc.c: In function '__free_one_page': |
| 18 |
>> mm/page_alloc.c:333: error: 'index' undeclared (first use in this |
| 19 |
>> function) |
| 20 |
>> mm/page_alloc.c:333: error: (Each undeclared identifier is |
| 21 |
>> reported only |
| 22 |
>> once |
| 23 |
>> mm/page_alloc.c:333: error: for each function it appears in.) |
| 24 |
>> IKCFG kernel/config_data.h |
| 25 |
>> make[1]: *** [mm/page_alloc.o] Error 1 |
| 26 |
>> make: *** [mm] Error 2 CC kernel/configs.o |
| 27 |
> |
| 28 |
> I managed to get this error too when I enabled the PAX_MEMORY_SANITIZE |
| 29 |
> option. But the fix was simple... just a missing 'int index;' at the |
| 30 |
> start of the function call. I have added this into the patch |
| 31 |
> (attached). |
| 32 |
> |
| 33 |
> As for your first compile error: I copied the config you sent me |
| 34 |
> into my |
| 35 |
> kernel sources directory and it compiled fine. I then reread your |
| 36 |
> original email and noticed that you were using xen-3.0.2 which I |
| 37 |
> missed |
| 38 |
> initially. This patch is for xen-3.0.3. The ebuilds haven't quite hit |
| 39 |
> the main tree yet, but they're already in an overlay: |
| 40 |
> |
| 41 |
> http://overlays.gentoo.org/dev/aross/browser |
| 42 |
> |
| 43 |
> I actually created my sources manually by performing the commands |
| 44 |
> listed |
| 45 |
> in the 3.0.2 xen-sources ebuild, but it shouldn't matter which way you |
| 46 |
> do it. They're both going to give you the same result. |
| 47 |
> |
| 48 |
> Cheers, |
| 49 |
> |
| 50 |
> Brad |
| 51 |
> <grsec-2.1.9-2.6.16.29-xen-3.0.3.patch.gz> |
| 52 |
|
| 53 |
I was already working with the overlays. For me it made no difference |
| 54 |
whether I compiled a kernel compatible with xen-3.0.2/3.0.3 or only |
| 55 |
with xen-3.0.3. |
| 56 |
This time I took a closer look at the error itself and finally I |
| 57 |
found the references to arch_align_stack which have caused my |
| 58 |
troubles. The patch is for a kernel with your patch already aplied. |
| 59 |
Now I can compile and link my kernel (I just guessed the changes so |
| 60 |
they can be really garbage.) |
| 61 |
|
| 62 |
Cheers, |
| 63 |
|
| 64 |
Andreas |
Archives