Pb with 2.4.20 and 1.9.8-rc1

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

Pb with 2.4.20 and 1.9.8-rc1

Postby jnilo » Wed Jan 01, 2003 11:25 am

I have been making some experiments with the 2.4.20 kernel and the 1.9.8-rc1 grsecurity patch for
inclusion in the next release of Bering, a single floppy based router.
See:
http://leaf.sourceforge.net/article.php?sid=65

I have found the solution for all the problems mentionned in the threads.
There is only one remaining pb which I do not understand:
When I issue df on the router console, I get:
# df
Filesystem 1k-blocks Used Available Use% Mounted on
rootfs 6144 4436 1708 72% /
/dev/root 6144 4436 1708 72% /
tmpfs 15288 60 15228 0% /tmp
tmpfs 2048 208 1840 10% /var/log

I do not understand why the /dev/root entry is showing up in this output.
My kernel config file is available here:
http://leaf.sf.net/devel/jnilo/bering/l ... .20.config

Any clue ?
Thanks for the great work !
Jacques
jnilo
 
Posts: 8
Joined: Sun Jul 14, 2002 4:41 am

Postby spender » Wed Jan 01, 2003 11:40 pm

your copy of df might not be parsing /proc/mounts properly. If you cat /proc/mounts, you'll see that /dev/root line in there as well. This isn't related to grsecurity, but I don't know why df would do that.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Postby jnilo » Thu Jan 02, 2003 5:51 am

That is what I though to begin with but it is not the case. I do not have this pb with the original Bering which uses 2.4.18 kernel + grsecurity 1.9.5-2.4.18.
The df is the same in both cases from Busybox 0.60.3
When I cat /proc/mounts in the original version I get:
# cat /proc/mounts
/dev/root / tmpfs rw 0 0
/proc /proc proc rw 0 0
tmpfs /tmp tmpfs rw 0 0
tmpfs /var/log tmpfs rw 0 0

When I cat /proc/mounts in the 2.4.20/1.9.8 version I get:
# cat /proc/mounts
rootfs / rootfs rw 0 0
/dev/root / tmpfs rw 0 0
/proc /proc proc rw 0 0
tmpfs /tmp tmpfs rw 0 0
tmpfs /var/log tmpfs rw 0 0

Also I noticed that /proc/mounts now points to:
firewall: -root-
# ls -la /proc/mounts
lrwxrwxrwx 1 root procgrp 11 Jan 2 09:54 /proc/mounts -> self/mounts

whereas I get with the 1.9.5 version:
firewall: -root-
# ls -la /proc/mounts
-r--r--r-- 1 root wheel 11 Jan 2 09:39 /proc/mounts

So there is one more entry (rootfs / rootfs rw 0 0) in the new version and apparently something which was "self mounted".
Once again the two distro only differ by the patched kernel version.
Jacques
jnilo
 
Posts: 8
Joined: Sun Jul 14, 2002 4:41 am

Postby PaX Team » Thu Jan 02, 2003 7:14 am

jnilo wrote:Once again the two distro only differ by the patched kernel version.
almost ;-). more importantly, they differ in the kernel version which is the cause of the changes you see. check out how the initial rootfs is mounted (fs/super.c, init/do_mounts.c, etc), or rather, how it changed between 2.4.18 and 2.4.19.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm


Return to grsecurity support