| 1 |
Thanks for the fast reply and correction, allready applying patch and |
| 2 |
compiled kernel, and rebooted, working fine. |
| 3 |
|
| 4 |
I'm also going to try out pax on ppc, (ibook), to see if it compiles.. |
| 5 |
and i'll report back to you. |
| 6 |
|
| 7 |
once more, TIA |
| 8 |
|
| 9 |
gentoo-guys, please apply this one-liner to gentoo-hardened :) |
| 10 |
|
| 11 |
|
| 12 |
On Sat, 06 Nov 2004 12:21:13 +0100, pageexec@××××××××.hu |
| 13 |
<pageexec@××××××××.hu> wrote: |
| 14 |
> > With the before mentioned pax features enabled, init exits with: "must |
| 15 |
> > be superuser", and kernel panics right after. |
| 16 |
> |
| 17 |
> the following chunk should fix it, will be in the next PaX release. |
| 18 |
> disabling the vsyscall page would also fix (avoid) this bug. |
| 19 |
> |
| 20 |
> --- linux-2.6.7-pax/arch/i386/kernel/entry.S 2004-06-19 15:57:00.000000000 +0200 |
| 21 |
> +++ linux-2.6.7-bug/arch/i386/kernel/entry.S 2004-11-06 12:35:02.000000000 +0100 |
| 22 |
> @@ -268,7 +268,9 @@ sysenter_past_esp: |
| 23 |
> jne syscall_exit_work |
| 24 |
> |
| 25 |
> #ifdef CONFIG_PAX_RANDKSTACK |
| 26 |
> + pushl %eax |
| 27 |
> call pax_randomize_kstack |
| 28 |
> + popl %eax |
| 29 |
> #endif |
| 30 |
> |
| 31 |
> /* if something modifies registers it must also disable sysexit */ |
| 32 |
> |
| 33 |
> |
| 34 |
|
| 35 |
|
| 36 |
-- |
| 37 |
Miguel Sousa Filipe |
| 38 |
|
| 39 |
-- |
| 40 |
gentoo-hardened@g.o mailing list |
Archives