Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: pageexec@××××××××.hu
To: Andrea Zuccherelli <andrea.zuccherelli@×××××.com>
Cc: aufs-users@×××××××××××××××××.net, gentoo-hardened@l.g.o, re.emese@×××××.com
Subject: [gentoo-hardened] Re: aufs3.0 fails to emerge on Gentoo hardened and kernel 3.0.4
Date: Thu, 05 Jan 2012 19:08:47
Message-Id: 4F05F51B.15800.149889A7@pageexec.freemail.hu
1 On 5 Jan 2012 at 19:13, Andrea Zuccherelli wrote:
2
3 > zrouter aufs # cat kernel-aufs3-no-const-grsec.patch
4 > --- /usr/src/linux/include/linux/fsnotify_backend.h
5 > +++ /usr/src/linux/include/linux/fsnotify_backend.h
6 > @@ -105,6 +105,7 @@ struct fsnotify_ops {
7 > void (*freeing_mark)(struct fsnotify_mark *mark, struct
8 > fsnotify_group *group);
9 > void (*free_event_priv)(struct fsnotify_event_private_data *priv);
10 > };
11 > +typedef struct fsnotify_ops __no_const fsnotify_ops_no_const;
12 >
13 > /*
14 > * A group is a "thing" that wants to receive notification about filesystem
15
16 i've added this to PaX now.
17
18 > --- fs/aufs/branch.h
19 > +++ fs/aufs/branch.h
20 > @@ -83,7 +83,7 @@ struct au_branch {
21 >
22 > #ifdef CONFIG_AUFS_HFSNOTIFY
23 > struct fsnotify_group *br_hfsn_group;
24 > - struct fsnotify_ops br_hfsn_ops;
25 > + fsnotify_ops_no_const br_hfsn_ops;
26 > #endif
27 >
28 > #ifdef CONFIG_SYSFS
29 >
30 >
31 > This should be integrated in Gentoo Hardened aufs3 ebuild, right?
32
33 for current/older versions yes, future ones will have the first chunk
34 in PaX itself. and maybe in some distant future the plugin will be smart
35 enough to figure this case out at compile time...
36
37 > If #1 could be confirmed then the patch would be in grsec,
38
39 both the __no_const and the new typedef would be in PaX in any case, aufs
40 would always only have to make use of the old/new types.
41
42 > but looking for fsnotify_ops use cases I have found only static const initializers
43 > (inotify for instance).
44
45 yes, that's why there was no extra no_const typedef for it so far, but now
46 there is. i could of course proactively add such typedefs to all otherwise
47 constified ops types but i'd rather not make my own life harder when it comes
48 to porting to a new version ;).
Report Message
Find on MARC Find on Google Groups