PaX patch + AppArmor - shouldn't this work?
Posted: Sat Jul 02, 2011 8:30 pm
2.6.39.2
patches:
http://www.kernel.org/pub/linux/securit ... 2.6.39.tgz
pax-linux-2.6.39.1-test16.patch
Result: PaX doesn't work, Kernel (and AA) work fine.
patches:
http://www.kernel.org/pub/linux/securit ... 2.6.39.tgz
pax-linux-2.6.39.1-test16.patch
Result: PaX doesn't work, Kernel (and AA) work fine.
- Code: Select all
# pspax
USER PID PAX MAPS ETYPE NAME CAPS ATTR
root 1 pemrs w^x ET_DYN init =ep cap_setpcap-e unconfined
root 93 pemrs w^x ET_DYN udevd =ep unconfined
- Code: Select all
CONFIG_PAX=y
# CONFIG_PAX_SOFTMODE is not set
# CONFIG_PAX_EI_PAX is not set
CONFIG_PAX_PT_PAX_FLAGS=y
CONFIG_PAX_NO_ACL_FLAGS=y
# CONFIG_PAX_HAVE_ACL_FLAGS is not set
# CONFIG_PAX_HOOK_ACL_FLAGS is not set
CONFIG_PAX_NOEXEC=y
CONFIG_PAX_PAGEEXEC=y
CONFIG_PAX_SEGMEXEC=y
CONFIG_PAX_EMUTRAMP=y
CONFIG_PAX_MPROTECT=y
# CONFIG_PAX_ELFRELOCS is not set
# CONFIG_PAX_KERNEXEC is not set
CONFIG_PAX_ASLR=y
CONFIG_PAX_RANDKSTACK=y
CONFIG_PAX_RANDUSTACK=y
CONFIG_PAX_RANDMMAP=y
# CONFIG_PAX_MEMORY_SANITIZE is not set
# CONFIG_PAX_MEMORY_STACKLEAK is not set
CONFIG_PAX_MEMORY_UDEREF=y
# CONFIG_PAX_REFCOUNT is not set
CONFIG_PAX_USERCOPY=y