1 |
Thanks for the fast reply and correction, allready applying patch and |
2 |
compiled kernel, and rebooted, working fine. |
3 |
|
4 |
I'm also going to try out pax on ppc, (ibook), to see if it compiles.. |
5 |
and i'll report back to you. |
6 |
|
7 |
once more, TIA |
8 |
|
9 |
gentoo-guys, please apply this one-liner to gentoo-hardened :) |
10 |
|
11 |
|
12 |
On Sat, 06 Nov 2004 12:21:13 +0100, pageexec@××××××××.hu |
13 |
<pageexec@××××××××.hu> wrote: |
14 |
> > With the before mentioned pax features enabled, init exits with: "must |
15 |
> > be superuser", and kernel panics right after. |
16 |
> |
17 |
> the following chunk should fix it, will be in the next PaX release. |
18 |
> disabling the vsyscall page would also fix (avoid) this bug. |
19 |
> |
20 |
> --- linux-2.6.7-pax/arch/i386/kernel/entry.S 2004-06-19 15:57:00.000000000 +0200 |
21 |
> +++ linux-2.6.7-bug/arch/i386/kernel/entry.S 2004-11-06 12:35:02.000000000 +0100 |
22 |
> @@ -268,7 +268,9 @@ sysenter_past_esp: |
23 |
> jne syscall_exit_work |
24 |
> |
25 |
> #ifdef CONFIG_PAX_RANDKSTACK |
26 |
> + pushl %eax |
27 |
> call pax_randomize_kstack |
28 |
> + popl %eax |
29 |
> #endif |
30 |
> |
31 |
> /* if something modifies registers it must also disable sysexit */ |
32 |
> |
33 |
> |
34 |
|
35 |
|
36 |
-- |
37 |
Miguel Sousa Filipe |
38 |
|
39 |
-- |
40 |
gentoo-hardened@g.o mailing list |