grsecurity forums

Was just wondering if anyone has managed to get random pids to take effect with the initial tasks (such as init, keventd, kswapd, kupdated, bdflush...etc)?

For example, a sample from my current process list:
root 1 0 0 Mar04 ? 00:00:04 init
root 2 1 0 Mar04 ? 00:00:01 [keventd]
root 3 1 0 Mar04 ? 00:11:30 [kapm-idled]
root 4 0 0 Mar04 ? 00:00:00 [ksoftirqd_CPU0]
root 5 0 0 Mar04 ? 00:00:09 [kswapd]
root 6 0 0 Mar04 ? 00:00:00 [bdflush]
root 7 0 0 Mar04 ? 00:00:01 [kupdated]
root 8 1 0 Mar04 ? 00:00:00 [khubd]
root 9 1 0 Mar04 ? 00:00:00 [kjournald]
root 27442 1 0 Mar04 ? 00:00:00 [kjournald]
root 26101 1 0 Mar04 ? 00:00:01 [kjournald]
root 16067 1 0 Mar04 ? 00:00:00 /usr/sbin/syslog-ng
root 6981 1 0 Mar04 ? 00:00:00 /usr/sbin/klogd -c 3

Not knowing the PIDs for these would add some additional security through obscurity.

Just asking before I duplicate any effort in trying to enable this.

Thanks
Mike

the initial processes are different than regular processes. Those are kernel threads, and do not use regular pid handing code. It's not necessary that grsecurity randomize those pids anyway, as the code is really just meant to add greater randomness to programs that use getpid() as a random seed or for writing to /tmp.

also, init's pid always has to be one...the kernel and many programs count on that. swapper (which you don't see) has a pid of 0.

-Brad