grsec and xfs
Posted: Wed Sep 03, 2003 11:31 am
Hello i'm trying to patch my linux 2.4.22 with grsecurity and xfs.
firstly i applied the xfs patch and after that the grsecurity patch.
in sysctl.c i have a problem: this is the .rej file:
shall i put the grsecurity stuff after CONFIG_KDB or before it??
i heared that sysctl.c is hard coded, so do i need to adjust some assembly code too after the possition of the grsecurity stuff changed? (when i put the code after CONFIG_KDB)
firstly i applied the xfs patch and after that the grsecurity patch.
in sysctl.c i have a problem: this is the .rej file:
- Code: Select all
*** 272,280 ****
{KERN_EXCEPTION_TRACE,"exception-trace",
&exception_trace,sizeof(int),0644,NULL,&proc_dointvec},
#endif
{0}
};
static ctl_table vm_table[] = {
{VM_BDFLUSH, "bdflush", &bdf_prm, 9*sizeof(int), 0644, NULL,
&proc_dointvec_minmax, &sysctl_intvec, NULL,
--- 283,477 ----
{KERN_EXCEPTION_TRACE,"exception-trace",
&exception_trace,sizeof(int),0644,NULL,&proc_dointvec},
#endif
+ #ifdef CONFIG_GRKERNSEC
+ {KERN_GRSECURITY, "grsecurity", NULL, 0, 0500, grsecurity_table},
+ #endif
{0}
};
....
- Code: Select all
{KERN_EXCEPTION_TRACE,"exception-trace",
&exception_trace,sizeof(int),0644,NULL,&proc_dointvec},
#endif
#ifdef CONFIG_KDB
{KERN_KDB, "kdb", &kdb_on, sizeof(int),
0644, NULL, &proc_dointvec},
#endif /* CONFIG_KDB */
{0}
...
shall i put the grsecurity stuff after CONFIG_KDB or before it??
i heared that sysctl.c is hard coded, so do i need to adjust some assembly code too after the possition of the grsecurity stuff changed? (when i put the code after CONFIG_KDB)