1 |
hi, i'm running gentoo-sources-2.4.20-r5 |
2 |
|
3 |
all ok , but if i enable grsecurity in my kernel config my system hangs at |
4 |
|
5 |
Freeing kernel memory: 144k freed |
6 |
my grsecurty section in .config is |
7 |
|
8 |
# |
9 |
# Grsecurity |
10 |
# |
11 |
CONFIG_GRKERNSEC=y |
12 |
# CONFIG_GRKERNSEC_LOW is not set |
13 |
# CONFIG_GRKERNSEC_MID is not set |
14 |
# CONFIG_GRKERNSEC_HI is not set |
15 |
CONFIG_GRKERNSEC_CUSTOM=y |
16 |
|
17 |
# |
18 |
# Address Space Protection |
19 |
# |
20 |
CONFIG_GRKERNSEC_PAX_NOEXEC=y |
21 |
# CONFIG_GRKERNSEC_PAX_PAGEEXEC is not set |
22 |
CONFIG_GRKERNSEC_PAX_SEGMEXEC=y |
23 |
# CONFIG_GRKERNSEC_PAX_EMUTRAMP is not set |
24 |
CONFIG_GRKERNSEC_PAX_MPROTECT=y |
25 |
# CONFIG_GRKERNSEC_PAX_NOELFRELOCS is not set |
26 |
CONFIG_GRKERNSEC_PAX_ASLR=y |
27 |
CONFIG_GRKERNSEC_PAX_RANDKSTACK=y |
28 |
CONFIG_GRKERNSEC_PAX_RANDUSTACK=y |
29 |
CONFIG_GRKERNSEC_PAX_RANDMMAP=y |
30 |
CONFIG_GRKERNSEC_PAX_RANDEXEC=y |
31 |
# CONFIG_GRKERNSEC_KMEM is not set |
32 |
# CONFIG_GRKERNSEC_IO is not set |
33 |
CONFIG_GRKERNSEC_PROC_MEMMAP=y |
34 |
CONFIG_GRKERNSEC_HIDESYM=y |
35 |
|
36 |
... |
37 |
|
38 |
i use prelink |
39 |
i have tried (before prelink) a vanilla kernel patched with grsecurity 2.0pre4 |
40 |
and it worked |
41 |
before gentoo i was using slackware with grsec ALL options enabled expect |
42 |
CONFIG_GRKERNSEC_PAX_PAGEEXEC and it worked fine |
43 |
|
44 |
any ideas ? |
45 |
|
46 |
tomorrow i'll try gentoo-sources with grsec in a system not-prelinked... |
47 |
|
48 |
|
49 |
-- |
50 |
gentoo-hardened@g.o mailing list |