| 1 |
hi, i'm running gentoo-sources-2.4.20-r5 |
| 2 |
|
| 3 |
all ok , but if i enable grsecurity in my kernel config my system hangs at |
| 4 |
|
| 5 |
Freeing kernel memory: 144k freed |
| 6 |
my grsecurty section in .config is |
| 7 |
|
| 8 |
# |
| 9 |
# Grsecurity |
| 10 |
# |
| 11 |
CONFIG_GRKERNSEC=y |
| 12 |
# CONFIG_GRKERNSEC_LOW is not set |
| 13 |
# CONFIG_GRKERNSEC_MID is not set |
| 14 |
# CONFIG_GRKERNSEC_HI is not set |
| 15 |
CONFIG_GRKERNSEC_CUSTOM=y |
| 16 |
|
| 17 |
# |
| 18 |
# Address Space Protection |
| 19 |
# |
| 20 |
CONFIG_GRKERNSEC_PAX_NOEXEC=y |
| 21 |
# CONFIG_GRKERNSEC_PAX_PAGEEXEC is not set |
| 22 |
CONFIG_GRKERNSEC_PAX_SEGMEXEC=y |
| 23 |
# CONFIG_GRKERNSEC_PAX_EMUTRAMP is not set |
| 24 |
CONFIG_GRKERNSEC_PAX_MPROTECT=y |
| 25 |
# CONFIG_GRKERNSEC_PAX_NOELFRELOCS is not set |
| 26 |
CONFIG_GRKERNSEC_PAX_ASLR=y |
| 27 |
CONFIG_GRKERNSEC_PAX_RANDKSTACK=y |
| 28 |
CONFIG_GRKERNSEC_PAX_RANDUSTACK=y |
| 29 |
CONFIG_GRKERNSEC_PAX_RANDMMAP=y |
| 30 |
CONFIG_GRKERNSEC_PAX_RANDEXEC=y |
| 31 |
# CONFIG_GRKERNSEC_KMEM is not set |
| 32 |
# CONFIG_GRKERNSEC_IO is not set |
| 33 |
CONFIG_GRKERNSEC_PROC_MEMMAP=y |
| 34 |
CONFIG_GRKERNSEC_HIDESYM=y |
| 35 |
|
| 36 |
... |
| 37 |
|
| 38 |
i use prelink |
| 39 |
i have tried (before prelink) a vanilla kernel patched with grsecurity 2.0pre4 |
| 40 |
and it worked |
| 41 |
before gentoo i was using slackware with grsec ALL options enabled expect |
| 42 |
CONFIG_GRKERNSEC_PAX_PAGEEXEC and it worked fine |
| 43 |
|
| 44 |
any ideas ? |
| 45 |
|
| 46 |
tomorrow i'll try gentoo-sources with grsec in a system not-prelinked... |
| 47 |
|
| 48 |
|
| 49 |
-- |
| 50 |
gentoo-hardened@g.o mailing list |
Archives