| 1 |
On Mon, 02 Jan 2012 13:39:45 -0500 |
| 2 |
"Anthony G. Basile" <blueness@g.o> wrote: |
| 3 |
|
| 4 |
> On 01/02/2012 06:14 AM, pageexec@××××××××.hu wrote: |
| 5 |
> > On 2 Jan 2012 at 10:56, Hinnerk van Bruinehsen wrote: |
| 6 |
> > |
| 7 |
> >> - - with PAX_RANDKSTACK enabled I'm not able to sucessfully compile |
| 8 |
> >> glibc-2.14.1-r2 and glibc-2.14.1-r1 (gcc-4.6.2). I get an oops |
| 9 |
> >> (because auf the kernelstack - I think). |
| 10 |
> > |
| 11 |
> > that's interesting, i'd need the oops message (enable kernel |
| 12 |
> > symbols in your config) and your vmlinux (not bzImage) file. you |
| 13 |
> > could also try to apply PaX alone just to be sure it's not a grsec |
| 14 |
> > porting issue. |
| 15 |
> > |
| 16 |
> |
| 17 |
> Hinnerk, thanks for the report and don't worry, I'm not stabilizing |
| 18 |
> these chagnes anytime soon. |
| 19 |
> |
| 20 |
> The sysfs bug doesn't surprise me. Can you either open or bug or just |
| 21 |
> report here exactly what programs break and which work. The problem |
| 22 |
> is the way these programs were written and I'd rather patch them than |
| 23 |
> relax the sysfs restrictions, if possible. Otherwise I'll relax this |
| 24 |
> on the WORKSTATION profile. |
| 25 |
> |
| 26 |
> The randkstack <-> glibc is of concern. If you can open a bug for it |
| 27 |
> (or at least pass on your kernel config) I'll try to reproduce and |
| 28 |
> help to get pageexec the details he needs. |
| 29 |
> |
| 30 |
> |
| 31 |
|
| 32 |
I just GRKERNSEC_SYSFS_RESTRICT on the virtualization profile. Alsa is |
| 33 |
working fine for me. Can't test pulse though :| |
| 34 |
|
| 35 |
-- |
| 36 |
Matthew Thode (prometheanfire) |
Archives