grsecurity forums

Posted: **Thu Jun 09, 2005 12:08 am**

In file included from kernel/power/suspend2_core/atomic_copy.c:29:
include/asm/suspend2.h: In function `fix_processor_context':
include/asm/suspend2.h:128: error: `per_cpu__init_tss' undeclared (first use in this function)
include/asm/suspend2.h:128: error: (Each undeclared identifier is reported only once
include/asm/suspend2.h:128: error: for each function it appears in.)
include/asm/suspend2.h:128: error: invalid type argument of `unary *'
include/asm/suspend2.h:131: error: `per_cpu__cpu_gdt_table' undeclared (first use in this function)
include/asm/suspend2.h:131: error: invalid type argument of `unary *'
make[3]: *** [kernel/power/suspend2_core/atomic_copy.o] Error 1
make[2]: *** [kernel/power/suspend2_core] Error 2
make[1]: *** [kernel/power] Error 2
make: *** [kernel] Error 2

Grsec patch is reverting the per-cpu changes to these variables that were made around 2.6.9.

Posted: **Thu Jun 09, 2005 11:54 am**

I got the following error during make with grsecurity-2.1.6-2.6.11.11 applied

Code: Select all: CC fs/proc/array.o fs/proc/array.c: In Funktion Â»proc_pid_ipaddrÂ«: fs/proc/array.c:528: error: structure has no member named `curr_ip' fs/proc/array.c:528: error: structure has no member named `curr_ip' fs/proc/array.c:528: error: structure has no member named `curr_ip' fs/proc/array.c:528: error: structure has no member named `curr_ip'

Posted: **Thu Jun 09, 2005 1:24 pm**

removing in menuconfig, what causes the #ifdef to activate, there's more that would require me to disable the main CONFIG_GRSKERNELSOMETHING

Posted: **Fri Jun 10, 2005 8:13 pm**

where did u actually got grsecurity-2.1.6-2.6.11.11 ???

Posted: **Sat Jun 11, 2005 9:42 am**

http://www.grsecurity.net/~spender/

Posted: **Sat Jun 11, 2005 4:26 pm**

ok thanks

Posted: **Thu Jun 16, 2005 6:16 am**

Hi,

I got the same problem here (at least since 2.6.10). It would be nice to get this fixed.

Kind regards,
Robert

Posted: **Fri Jun 17, 2005 12:20 pm**

katt wrote:Grsec patch is reverting the per-cpu changes to these variables that were made around 2.6.9.

this is due to PaX and is necessary for some features. on the other hand, updating other patches should not be hard (as far as GDT/TSS access is concerned at least), just look at the conversion that PaX does.

Posted: **Tue Aug 09, 2005 6:37 am**

PaX Team wrote:
katt wrote:Grsec patch is reverting the per-cpu changes to these variables that were made around 2.6.9.
this is due to PaX and is necessary for some features. on the other hand, updating other patches should not be hard (as far as GDT/TSS access is concerned at least), just look at the conversion that PaX does.

Just in case someone else is interested in using software suspend with grsecurity/pax:
Changing two lines in include/asm/suspend2.h fixes the compile errors (for swsusp2.1.9):
Change line 128:
struct tss_struct * t = &per_cpu(init_tss,nr);
To:
struct tss_struct * t = init_tss + nr;
and (a few lines below):
per_cpu(cpu_gdt_table,nr)[GDT_ENTRY_TSS].b &= 0xfffffdff;
to:
cpu_gdt_table[nr][GDT_ENTRY_TSS].b &= 0xfffffdff;

no warranty that this doesnt eat your data...

grsecurity forums

grsecurity-2.1.6-2.6.11.11 & software suspend 2

grsecurity-2.1.6-2.6.11.11 & software suspend 2

Re: grsecurity-2.1.6-2.6.11.11 & software suspend 2

Re: grsecurity-2.1.6-2.6.11.11 & software suspend 2