1 |
> With the before mentioned pax features enabled, init exits with: "must |
2 |
> be superuser", and kernel panics right after. |
3 |
|
4 |
the following chunk should fix it, will be in the next PaX release. |
5 |
disabling the vsyscall page would also fix (avoid) this bug. |
6 |
|
7 |
--- linux-2.6.7-pax/arch/i386/kernel/entry.S 2004-06-19 15:57:00.000000000 +0200 |
8 |
+++ linux-2.6.7-bug/arch/i386/kernel/entry.S 2004-11-06 12:35:02.000000000 +0100 |
9 |
@@ -268,7 +268,9 @@ sysenter_past_esp: |
10 |
jne syscall_exit_work |
11 |
|
12 |
#ifdef CONFIG_PAX_RANDKSTACK |
13 |
+ pushl %eax |
14 |
call pax_randomize_kstack |
15 |
+ popl %eax |
16 |
#endif |
17 |
|
18 |
/* if something modifies registers it must also disable sysexit */ |
19 |
|
20 |
|
21 |
|
22 |
-- |
23 |
gentoo-hardened@g.o mailing list |