| 1 |
On Wed, 11 Sep 2013 19:57:03 +0300 |
| 2 |
Balint Szente <balint@×××××××××.ro> wrote: |
| 3 |
|
| 4 |
> Hello! |
| 5 |
> |
| 6 |
> |
| 7 |
> I have a Dell Inspiron N5110 laptop with Optimus. I used Xorg with the |
| 8 |
> Intel driver only until now, but I was thinking to start using the |
| 9 |
> nVidia card as well, because the HDMI output is connected directly to |
| 10 |
> the nVidia GPU. |
| 11 |
> |
| 12 |
> My kernel: |
| 13 |
> Linux 3.10.1-hardened-r1 #4 SMP PREEMPT Sat Sep 7 17:26:02 EEST 2013 |
| 14 |
> x86_64 Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz GenuineIntel |
| 15 |
> GNU/Linux |
| 16 |
> |
| 17 |
> Please find at the and of the mail the relevant kernel config part. |
| 18 |
> |
| 19 |
> I emerged =nvidia-drivers-325.15 successfully, but I cannot load the |
| 20 |
> nvidia module: |
| 21 |
> |
| 22 |
> # modprobe nvidia |
| 23 |
> modprobe: ERROR: could not insert 'nvidia': Exec format error |
| 24 |
> |
| 25 |
> The kernel log does not contain any information about this. I tried |
| 26 |
> also with the stable 319.49 as well, but the error is the same. |
| 27 |
> |
| 28 |
> Do you know whether this is a (known) bug in the driver/ebuild or is a |
| 29 |
> problematic GRSEC/PAX option in my kernel config? |
| 30 |
> |
| 31 |
> Regards, |
| 32 |
> Balint |
| 33 |
> |
| 34 |
> Relevant log: |
| 35 |
> CONFIG_PAX_KERNEXEC_PLUGIN=y |
| 36 |
> CONFIG_PAX_PER_CPU_PGD=y |
| 37 |
> CONFIG_PAX_USERCOPY_SLABS=y |
| 38 |
> CONFIG_GRKERNSEC=y |
| 39 |
> CONFIG_GRKERNSEC_CONFIG_CUSTOM=y |
| 40 |
> CONFIG_GRKERNSEC_PROC_GID=10 |
| 41 |
> CONFIG_PAX=y |
| 42 |
> CONFIG_PAX_PT_PAX_FLAGS=y |
| 43 |
> CONFIG_PAX_NO_ACL_FLAGS=y |
| 44 |
> CONFIG_PAX_NOEXEC=y |
| 45 |
> CONFIG_PAX_PAGEEXEC=y |
| 46 |
> CONFIG_PAX_EMUTRAMP=y |
| 47 |
> CONFIG_PAX_MPROTECT=y |
| 48 |
> CONFIG_PAX_KERNEXEC=y |
| 49 |
> CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR=y |
| 50 |
> CONFIG_PAX_KERNEXEC_PLUGIN_METHOD="or" |
| 51 |
CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR: |
| 52 |
This method is incompatible with binary only modules but |
| 53 |
has a lower runtime overhead. |
| 54 |
|
| 55 |
Try using bts |
| 56 |
|
| 57 |
> CONFIG_PAX_ASLR=y |
| 58 |
> CONFIG_PAX_RANDKSTACK=y |
| 59 |
> CONFIG_PAX_RANDUSTACK=y |
| 60 |
> CONFIG_PAX_RANDMMAP=y |
| 61 |
> CONFIG_PAX_MEMORY_STACKLEAK=y |
| 62 |
> CONFIG_PAX_MEMORY_STRUCTLEAK=y |
| 63 |
> CONFIG_PAX_MEMORY_UDEREF=y |
| 64 |
> CONFIG_PAX_REFCOUNT=y |
| 65 |
> CONFIG_PAX_CONSTIFY_PLUGIN=y |
| 66 |
> CONFIG_PAX_USERCOPY=y |
| 67 |
> CONFIG_PAX_SIZE_OVERFLOW=y |
| 68 |
> CONFIG_PAX_LATENT_ENTROPY=y |
| 69 |
> CONFIG_GRKERNSEC_KMEM=y |
| 70 |
> CONFIG_GRKERNSEC_RAND_THREADSTACK=y |
| 71 |
> CONFIG_GRKERNSEC_PROC_MEMMAP=y |
| 72 |
> CONFIG_GRKERNSEC_BRUTE=y |
| 73 |
> CONFIG_GRKERNSEC_MODHARDEN=y |
| 74 |
> CONFIG_GRKERNSEC_HIDESYM=y |
| 75 |
> CONFIG_GRKERNSEC_ACL_HIDEKERN=y |
| 76 |
> CONFIG_GRKERNSEC_ACL_MAXTRIES=3 |
| 77 |
> CONFIG_GRKERNSEC_ACL_TIMEOUT=30 |
| 78 |
> CONFIG_GRKERNSEC_PROC=y |
| 79 |
> CONFIG_GRKERNSEC_PROC_USERGROUP=y |
| 80 |
> CONFIG_GRKERNSEC_PROC_ADD=y |
| 81 |
> CONFIG_GRKERNSEC_LINK=y |
| 82 |
> CONFIG_GRKERNSEC_FIFO=y |
| 83 |
> CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL=y |
| 84 |
> CONFIG_GRKERNSEC_CHROOT=y |
| 85 |
> CONFIG_GRKERNSEC_CHROOT_MOUNT=y |
| 86 |
> CONFIG_GRKERNSEC_CHROOT_DOUBLE=y |
| 87 |
> CONFIG_GRKERNSEC_CHROOT_PIVOT=y |
| 88 |
> CONFIG_GRKERNSEC_CHROOT_CHDIR=y |
| 89 |
> CONFIG_GRKERNSEC_CHROOT_CHMOD=y |
| 90 |
> CONFIG_GRKERNSEC_CHROOT_FCHDIR=y |
| 91 |
> CONFIG_GRKERNSEC_CHROOT_MKNOD=y |
| 92 |
> CONFIG_GRKERNSEC_CHROOT_SHMAT=y |
| 93 |
> CONFIG_GRKERNSEC_CHROOT_UNIX=y |
| 94 |
> CONFIG_GRKERNSEC_CHROOT_FINDTASK=y |
| 95 |
> CONFIG_GRKERNSEC_CHROOT_NICE=y |
| 96 |
> CONFIG_GRKERNSEC_CHROOT_SYSCTL=y |
| 97 |
> CONFIG_GRKERNSEC_CHROOT_CAPS=y |
| 98 |
> CONFIG_GRKERNSEC_RESLOG=y |
| 99 |
> CONFIG_GRKERNSEC_CHROOT_EXECLOG=y |
| 100 |
> CONFIG_GRKERNSEC_AUDIT_PTRACE=y |
| 101 |
> CONFIG_GRKERNSEC_AUDIT_MOUNT=y |
| 102 |
> CONFIG_GRKERNSEC_SIGNAL=y |
| 103 |
> CONFIG_GRKERNSEC_FORKFAIL=y |
| 104 |
> CONFIG_GRKERNSEC_TIME=y |
| 105 |
> CONFIG_GRKERNSEC_PROC_IPADDR=y |
| 106 |
> CONFIG_GRKERNSEC_RWXMAP_LOG=y |
| 107 |
> CONFIG_GRKERNSEC_DMESG=y |
| 108 |
> CONFIG_GRKERNSEC_HARDEN_PTRACE=y |
| 109 |
> CONFIG_GRKERNSEC_PTRACE_READEXEC=y |
| 110 |
> CONFIG_GRKERNSEC_RANDNET=y |
| 111 |
> CONFIG_GRKERNSEC_BLACKHOLE=y |
| 112 |
> CONFIG_GRKERNSEC_NO_SIMULT_CONNECT=y |
| 113 |
> CONFIG_GRKERNSEC_FLOODTIME=10 |
| 114 |
> CONFIG_GRKERNSEC_FLOODBURST=6 |
| 115 |
> |
Archives