grsecurity on alpha doesnt compile

Discuss and suggest new grsecurity features

grsecurity on alpha doesnt compile

Postby anthraxx » Mon Aug 12, 2002 9:42 am

i tried to compile grsecurity on my alpha (jensen)
with kernel 2.4.18 under debian 3.0r0,
but receive this error msgs:

<-->
make[2]: Entering directory `/usr/src/linux-2.4.18/fs'
gcc -D__KERNEL__ -I/usr/src/linux-2.4.18/include -Wall -Wstrict-prototypes -Wno-trigraphs -O2 -fomit-frame-pointer -fno-strict-aliasing -fno-common -pipe -mno-fp-regs -ffixed-8 -mcpu=ev4 -Wa,-mev6 -DKBUILD_BASENAME=exec -c -o exec.o exec.c
exec.c: In function `put_dirty_page':
exec.c:284: `PAGE_COPY_NOEXEC' undeclared (first use in this function)
exec.c:284: (Each undeclared identifier is reported only once
exec.c:284: for each function it appears in.)
exec.c: In function `setup_arg_pages':
exec.c:324: `PAGE_COPY_NOEXEC' undeclared (first use in this function)
make[2]: *** [exec.o] Error 1
make[2]: Leaving directory `/usr/src/linux-2.4.18/fs'
make[1]: *** [first_rule] Error 2
make[1]: Leaving directory `/usr/src/linux-2.4.18/fs'
make: *** [_dir_fs] Error 2
<-->

a short grep for PAGE_COPY_NOEXEC shows:
include/asm-i386/pgtable.h:#define PAGE_COPY_NOEXEC __pgprot(_PAGE_PRESENT | _PAGE_ACCESSED)
include/asm-i386/pgtable.h:#define PAGE_COPY_NOEXEC PAGE_COPY
include/asm-i386/pgtable.h:#define __P010 PAGE_COPY_NOEXEC
include/asm-i386/pgtable.h:#define __P011 PAGE_COPY_NOEXEC

hmm, that's only for i386-asm...

should the grsecurity patch work on non-intel systems?
Or, can i disble the no-exec patch?
didnt found an option in the kernel config...
anthraxx
 
Posts: 1
Joined: Mon Aug 12, 2002 9:30 am

Re: grsecurity on alpha doesnt compile

Postby PaX Team » Mon Aug 12, 2002 11:14 am

anthraxx wrote:a short grep for PAGE_COPY_NOEXEC shows:
include/asm-i386/pgtable.h:#define PAGE_COPY_NOEXEC __pgprot(_PAGE_PRESENT | _PAGE_ACCESSED)
include/asm-i386/pgtable.h:#define PAGE_COPY_NOEXEC PAGE_COPY
include/asm-i386/pgtable.h:#define __P010 PAGE_COPY_NOEXEC
include/asm-i386/pgtable.h:#define __P011 PAGE_COPY_NOEXEC

hmm, that's only for i386-asm...

should the grsecurity patch work on non-intel systems?
Or, can i disble the no-exec patch?
didnt found an option in the kernel config...

the non-exec page part comes from PaX which was originally written for i386 only. however alpha already has hardware support for this, so technically all of PaX could be 'simply' implemented for it (i think it's a matter of a few defines for the _NOEXEC values). the question is, would you be willing to test it or want something for production 'now'? in the latter case you can simply remove the _NOEXEC postfixes and you'll get a kernel that works as before (ie. no non-exec pages).
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm


Return to grsecurity development

cron