grsecurity & skas3

Discuss and suggest new grsecurity features

Postby phil » Sat Apr 09, 2005 6:16 pm

kaio wrote:In order to have a kernel 2.4.28 with uml and grsec supports, what patches must i apply?

This patch contains grsecurity, skas3 and devicemapper for kernel 2.4.28.
You'll need to apply this one, nothing else.
phil
 
Posts: 16
Joined: Sun Aug 08, 2004 5:58 am

Postby phil » Sat Apr 09, 2005 7:17 pm

phil
 
Posts: 16
Joined: Sun Aug 08, 2004 5:58 am

Postby kaio » Sun Apr 10, 2005 3:33 am

These patches add only grsec support, and for uml support?

When i type
Code: Select all
make menuconfig ARCH=um
the result is
Code: Select all
rs1 linux-2.4.28 # make menuconfig ARCH=um
Makefile:262: arch/um/Makefile: No such file or directory
make: *** No rule to make target `arch/um/Makefile'.  Stop.


What can i do?
Thanks!
kaio
 
Posts: 9
Joined: Fri Apr 08, 2005 5:02 pm

Postby phil » Sun Apr 10, 2005 5:05 am

Oh okay, misunderstanding. This patch is for the host system (see this page), not for the uml-kernel.
I haven't tried yet applying the grsecurity patch on a uml-kernel. Steps are: untar the kernel sources, apply grsecurity patch, apply uml patch (and not skas3, sorry again), if there are patch conflicts, try to resolve them.
phil
 
Posts: 16
Joined: Sun Aug 08, 2004 5:58 am

Postby kaio » Sun Apr 10, 2005 7:26 am

There is'nt uml patch in the uml repository for 2.4.30, and i downloaded 2.4.27 kernel.
After i downloaded your patch for 2.4.27 and uml patch for 2.4.27

I apply uml patch:
Code: Select all
rs1 linux-2.4.27 # cat uml-patch-2.4.27-1 | patch -p1


and then your grsec patch:
Code: Select all
rs1 linux-2.4.27 # cat 2.4.27-secyc-3.patch | patch -p1


but there are some conflicts:
Code: Select all
patching file Documentation/Configure.help
Hunk #2 succeeded at 23660 (offset 258 lines).
patching file Makefile
Hunk #1 succeeded at 134 (offset 8 lines).
Hunk #2 succeeded at 281 (offset 8 lines).
Hunk #3 succeeded at 300 (offset 8 lines).
patching file arch/alpha/config.in
patching file arch/alpha/kernel/osf_sys.c
patching file arch/alpha/kernel/ptrace.c
patching file arch/alpha/mm/fault.c
patching file arch/arm/config.in
patching file arch/cris/config.in
patching file arch/i386/Makefile
patching file arch/i386/boot/bootsect.S
patching file arch/i386/boot/setup.S
patching file arch/i386/config.in
patching file arch/i386/kernel/apm.c
patching file arch/i386/kernel/entry.S
patching file arch/i386/kernel/head.S
patching file arch/i386/kernel/i386_ksyms.c
patching file arch/i386/kernel/init_task.c
patching file arch/i386/kernel/ioport.c
patching file arch/i386/kernel/ldt.c
patching file arch/i386/kernel/pci-pc.c
patching file arch/i386/kernel/process.c
patching file arch/i386/kernel/ptrace.c
patching file arch/i386/kernel/setup.c
patching file arch/i386/kernel/sys_i386.c
patching file arch/i386/kernel/trampoline.S
patching file arch/i386/kernel/traps.c
patching file arch/i386/kernel/vm86.c
patching file arch/i386/mm/fault.c
patching file arch/i386/mm/init.c
patching file arch/i386/mm/ioremap.c
patching file arch/i386/vmlinux.lds
patching file arch/i386/vmlinux.lds.S
patching file arch/ia64/config.in
patching file arch/ia64/kernel/ptrace.c
patching file arch/ia64/kernel/sys_ia64.c
patching file arch/m68k/config.in
patching file arch/mips/config.in
patching file arch/mips/mm/fault.c
patching file arch/mips64/config.in
patching file arch/mips64/mm/fault.c
patching file arch/parisc/config.in
patching file arch/parisc/kernel/ioctl32.c
patching file arch/parisc/kernel/ptrace.c
patching file arch/parisc/kernel/sys_parisc.c
patching file arch/parisc/kernel/sys_parisc32.c
patching file arch/parisc/kernel/traps.c
patching file arch/parisc/mm/fault.c
patching file arch/ppc/config.in
patching file arch/ppc/kernel/head_4xx.S
patching file arch/ppc/kernel/ptrace.c
patching file arch/ppc/kernel/syscalls.c
patching file arch/ppc/mm/fault.c
patching file arch/ppc64/kernel/ioctl32.c
patching file arch/s390/config.in
patching file arch/s390x/config.in
patching file arch/sh/config.in
patching file arch/sparc/boot/Makefile
patching file arch/sparc/config.in
patching file arch/sparc/kernel/ptrace.c
patching file arch/sparc/kernel/sys_sparc.c
patching file arch/sparc/kernel/sys_sunos.c
patching file arch/sparc/mm/fault.c
patching file arch/sparc/mm/init.c
patching file arch/sparc/mm/srmmu.c
patching file arch/sparc64/config.in
patching file arch/sparc64/kernel/ioctl32.c
patching file arch/sparc64/kernel/itlb_base.S
patching file arch/sparc64/kernel/ptrace.c
patching file arch/sparc64/kernel/sys_sparc.c
patching file arch/sparc64/kernel/sys_sparc32.c
patching file arch/sparc64/kernel/sys_sunos32.c
patching file arch/sparc64/mm/fault.c
patching file arch/sparc64/solaris/misc.c
patching file arch/x86_64/ia32/ia32_ioctl.c
patching file arch/x86_64/ia32/sys_ia32.c
patching file drivers/char/keyboard.c
patching file drivers/char/mem.c
Hunk #6 succeeded at 425 (offset 2 lines).
Hunk #7 succeeded at 564 (offset 2 lines).
Hunk #8 succeeded at 630 (offset 2 lines).
Hunk #9 succeeded at 670 (offset 2 lines).
Hunk #10 succeeded at 750 with fuzz 2 (offset 7 lines).
Hunk #11 FAILED at 781.
1 out of 11 hunks FAILED -- saving rejects to file drivers/char/mem.c.rej
patching file drivers/char/random.c
patching file drivers/char/tty_io.c
Hunk #1 succeeded at 1436 (offset 32 lines).
Hunk #2 succeeded at 1547 (offset 37 lines).
Hunk #3 succeeded at 1589 (offset 37 lines).
Hunk #4 succeeded at 1645 (offset 37 lines).
patching file drivers/char/vt.c
patching file drivers/pci/proc.c
patching file drivers/video/vesafb.c
patching file fs/Makefile
patching file fs/binfmt_aout.c
patching file fs/binfmt_elf.c
patching file fs/binfmt_misc.c
patching file fs/buffer.c
patching file fs/exec.c
patching file fs/fcntl.c
patching file fs/namei.c
patching file fs/namespace.c
patching file fs/open.c
patching file fs/proc/array.c
patching file fs/proc/base.c
patching file fs/proc/generic.c
patching file fs/proc/inode.c
patching file fs/proc/proc_misc.c
patching file fs/proc/proc_tty.c
patching file fs/proc/root.c
patching file fs/readdir.c
patching file grsecurity/Config.in
patching file grsecurity/Makefile
patching file grsecurity/gracl.c
patching file grsecurity/gracl_alloc.c
patching file grsecurity/gracl_cap.c
patching file grsecurity/gracl_fs.c
patching file grsecurity/gracl_ip.c
patching file grsecurity/gracl_learn.c
patching file grsecurity/gracl_res.c
patching file grsecurity/gracl_segv.c
patching file grsecurity/gracl_shm.c
patching file grsecurity/grsec_chdir.c
patching file grsecurity/grsec_chroot.c
patching file grsecurity/grsec_disabled.c
patching file grsecurity/grsec_exec.c
patching file grsecurity/grsec_fifo.c
patching file grsecurity/grsec_fork.c
patching file grsecurity/grsec_init.c
patching file grsecurity/grsec_ipc.c
patching file grsecurity/grsec_link.c
patching file grsecurity/grsec_mem.c
patching file grsecurity/grsec_mount.c
patching file grsecurity/grsec_rand.c
patching file grsecurity/grsec_sig.c
patching file grsecurity/grsec_sock.c
patching file grsecurity/grsec_sysctl.c
patching file grsecurity/grsec_textrel.c
patching file grsecurity/grsec_time.c
patching file grsecurity/grsec_tpe.c
patching file grsecurity/grsum.c
patching file grsecurity/obsd_rand.c
patching file include/asm-alpha/a.out.h
patching file include/asm-alpha/elf.h
patching file include/asm-alpha/mman.h
patching file include/asm-alpha/pgtable.h
patching file include/asm-i386/a.out.h
patching file include/asm-i386/desc.h
patching file include/asm-i386/elf.h
patching file include/asm-i386/hw_irq.h
patching file include/asm-i386/mman.h
patching file include/asm-i386/page.h
patching file include/asm-i386/pgalloc.h
patching file include/asm-i386/pgtable.h
patching file include/asm-i386/processor.h
patching file include/asm-i386/system.h
patching file include/asm-parisc/a.out.h
patching file include/asm-parisc/elf.h
patching file include/asm-parisc/mman.h
patching file include/asm-parisc/pgtable.h
patching file include/asm-ppc/a.out.h
patching file include/asm-ppc/elf.h
patching file include/asm-ppc/mman.h
patching file include/asm-ppc/pgtable.h
patching file include/asm-sparc/a.out.h
patching file include/asm-sparc/elf.h
patching file include/asm-sparc/mman.h
patching file include/asm-sparc/pgtable.h
patching file include/asm-sparc/pgtsrmmu.h
patching file include/asm-sparc/uaccess.h
patching file include/asm-sparc64/a.out.h
patching file include/asm-sparc64/elf.h
patching file include/asm-sparc64/mman.h
patching file include/asm-sparc64/pgtable.h
patching file include/linux/a.out.h
patching file include/linux/binfmts.h
patching file include/linux/elf.h
patching file include/linux/fs.h
Hunk #1 succeeded at 1096 (offset 6 lines).
patching file include/linux/gracl.h
patching file include/linux/gralloc.h
patching file include/linux/grdefs.h
patching file include/linux/grinternal.h
patching file include/linux/grmsg.h
patching file include/linux/grsecurity.h
patching file include/linux/kernel.h
patching file include/linux/mm.h
Hunk #3 succeeded at 535 (offset 12 lines).
Hunk #4 succeeded at 604 with fuzz 2 (offset 16 lines).
Hunk #5 succeeded at 637 (offset 17 lines).
Hunk #6 succeeded at 696 (offset 17 lines).
Hunk #7 succeeded at 721 (offset 17 lines).
patching file include/linux/proc_fs.h
patching file include/linux/sched.h
patching file include/linux/sysctl.h
patching file include/net/inetpeer.h
patching file include/net/ip.h
patching file init/main.c
patching file ipc/msg.c
patching file ipc/sem.c
patching file ipc/shm.c
patching file kernel/capability.c
patching file kernel/exit.c
patching file kernel/fork.c
patching file kernel/ksyms.c
patching file kernel/module.c
patching file kernel/printk.c
patching file kernel/sched.c
patching file kernel/signal.c
patching file kernel/sys.c
patching file kernel/sysctl.c
patching file kernel/time.c
patching file kernel/timer.c
patching file mm/filemap.c
patching file mm/memory.c
patching file mm/mlock.c
patching file mm/mmap.c
Hunk #4 FAILED at 399.
Hunk #5 succeeded at 446 (offset 1 line).
Hunk #6 succeeded at 505 (offset 1 line).
Hunk #7 succeeded at 578 (offset 1 line).
Hunk #8 succeeded at 591 (offset 1 line).
Hunk #9 succeeded at 624 (offset 1 line).
Hunk #10 succeeded at 659 (offset 1 line).
Hunk #11 succeeded at 702 (offset 1 line).
Hunk #12 succeeded at 740 (offset 1 line).
Hunk #13 succeeded at 933 (offset 1 line).
Hunk #14 succeeded at 1061 (offset 1 line).
Hunk #15 succeeded at 1147 (offset 1 line).
Hunk #16 FAILED at 1183.
Hunk #17 succeeded at 1259 (offset 6 lines).
Hunk #18 succeeded at 1277 (offset 6 lines).
Hunk #19 succeeded at 1312 (offset 6 lines).
Hunk #20 succeeded at 1328 (offset 6 lines).
Hunk #21 succeeded at 1345 (offset 6 lines).
Hunk #22 succeeded at 1358 (offset 6 lines).
Hunk #23 succeeded at 1384 (offset 6 lines).
2 out of 23 hunks FAILED -- saving rejects to file mm/mmap.c.rej
patching file mm/mprotect.c
Hunk #4 succeeded at 388 with fuzz 1 (offset 73 lines).
Hunk #5 FAILED at 463.
Hunk #6 FAILED at 486.
Hunk #7 FAILED at 508.
Hunk #8 FAILED at 546.
4 out of 8 hunks FAILED -- saving rejects to file mm/mprotect.c.rej
patching file mm/mremap.c
patching file mm/vmalloc.c
patching file net/ipv4/af_inet.c
patching file net/ipv4/ip_output.c
patching file net/ipv4/netfilter/Config.in
patching file net/ipv4/netfilter/Makefile
patching file net/ipv4/netfilter/ipt_stealth.c
patching file net/ipv4/tcp_ipv4.c
patching file net/ipv4/udp.c
patching file net/netlink/af_netlink.c
patching file net/netsyms.c
patching file net/socket.c
patching file net/sunrpc/xprt.c
patching file net/unix/af_unix.c
patching file arch/mips64/kernel/ioctl32.c
patching file arch/parisc/kernel/ioctl32.c
patching file arch/ppc64/kernel/ioctl32.c
patching file arch/s390x/kernel/ioctl32.c
patching file arch/sparc64/kernel/ioctl32.c
patching file arch/x86_64/ia32/ia32_ioctl.c
patching file Documentation/Configure.help
patching file drivers/md/Config.in
patching file drivers/md/dm.c
patching file drivers/md/dm-daemon.c
patching file drivers/md/dm-daemon.h
patching file drivers/md/dm-exception-store.c
patching file drivers/md/dm.h
patching file drivers/md/dm-io.c
patching file drivers/md/dm-ioctl.c
patching file drivers/md/dm-io.h
patching file drivers/md/dm-linear.c
patching file drivers/md/dm-log.c
patching file drivers/md/dm-log.h
patching file drivers/md/dm-raid1.c
patching file drivers/md/dm-snapshot.c
patching file drivers/md/dm-snapshot.h
patching file drivers/md/dm-stripe.c
patching file drivers/md/dm-table.c
patching file drivers/md/dm-target.c
patching file drivers/md/kcopyd.c
patching file drivers/md/kcopyd.h
patching file drivers/md/Makefile
patching file fs/buffer.c
patching file fs/jbd/journal.c
patching file include/linux/device-mapper.h
patching file include/linux/dm-ioctl.h
patching file include/linux/fs.h
patching file include/linux/jbd.h
patching file include/linux/mempool.h
patching file include/linux/vmalloc.h
patching file kernel/ksyms.c
patching file MAINTAINERS
patching file mm/filemap.c
patching file mm/Makefile
Hunk #1 succeeded at 9 with fuzz 1.
patching file mm/mempool.c
patching file mm/vmalloc.c
patching file arch/i386/kernel/entry.S
patching file arch/i386/kernel/ldt.c
patching file arch/i386/kernel/ptrace.c
patching file arch/i386/kernel/sys_i386.c
patching file fs/binfmt_elf.c
patching file include/asm-i386/mmu_context.h
patching file include/asm-i386/processor.h
patching file include/asm-i386/ptrace.h
patching file include/linux/mm.h
Hunk #1 succeeded at 552 with fuzz 2 (offset 15 lines).
Hunk #2 FAILED at 602.
Hunk #3 FAILED at 620.
2 out of 3 hunks FAILED -- saving rejects to file include/linux/mm.h.rej
The next patch would create the file include/linux/proc_mm.h,
which already exists!  Assume -R? [n]


What can i do?

Thanks in advice, you are great!
kaio
 
Posts: 9
Joined: Fri Apr 08, 2005 5:02 pm

Postby phil » Sun Apr 10, 2005 7:35 am

kaio wrote:After i downloaded your patch for 2.4.27 and uml patch for 2.4.27

Don't use my patch. Use the original grsecurity. My patch includes skas3 which is intended for the host kernel.
Try again and post your results, please.
phil
 
Posts: 16
Joined: Sun Aug 08, 2004 5:58 am

Postby kaio » Sun Apr 10, 2005 7:41 am

Where is grsec official patch for 2.4.27? On official website i cannot find it!
kaio
 
Posts: 9
Joined: Fri Apr 08, 2005 5:02 pm

Postby phil » Sun Apr 10, 2005 8:35 am

kaio wrote:Where is grsec official patch for 2.4.27? On official website i cannot find it!

http://www.grsecurity.net/grsecurity-2.0.1-2.4.27.patch
phil
 
Posts: 16
Joined: Sun Aug 08, 2004 5:58 am

Postby kaio » Sun Apr 10, 2005 9:33 am

I downloaded the patch that you suggest, the results are the following:

Code: Select all
rs1 linux-2.4.27 # cat uml-patch-2.4.27-1  | patch -p1


then

Code: Select all
rs1 linux-2.4.27 # cat grsecurity-2.0.1-2.4.27.patch  | patch -p1
patching file Documentation/Configure.help
Hunk #2 succeeded at 23660 (offset 258 lines).
patching file Makefile
Hunk #2 succeeded at 134 (offset 8 lines).
Hunk #3 succeeded at 281 (offset 8 lines).
Hunk #4 succeeded at 300 (offset 8 lines).
patching file arch/alpha/config.in
patching file arch/alpha/kernel/osf_sys.c
patching file arch/alpha/kernel/ptrace.c
patching file arch/alpha/mm/fault.c
patching file arch/arm/config.in
patching file arch/cris/config.in
patching file arch/i386/Makefile
patching file arch/i386/boot/bootsect.S
patching file arch/i386/boot/setup.S
patching file arch/i386/config.in
patching file arch/i386/kernel/apm.c
patching file arch/i386/kernel/entry.S
patching file arch/i386/kernel/head.S
patching file arch/i386/kernel/i386_ksyms.c
patching file arch/i386/kernel/init_task.c
patching file arch/i386/kernel/ioport.c
patching file arch/i386/kernel/ldt.c
patching file arch/i386/kernel/pci-pc.c
patching file arch/i386/kernel/process.c
patching file arch/i386/kernel/ptrace.c
patching file arch/i386/kernel/setup.c
patching file arch/i386/kernel/sys_i386.c
patching file arch/i386/kernel/trampoline.S
patching file arch/i386/kernel/traps.c
patching file arch/i386/kernel/vm86.c
patching file arch/i386/mm/fault.c
patching file arch/i386/mm/init.c
patching file arch/i386/mm/ioremap.c
patching file arch/i386/vmlinux.lds
patching file arch/i386/vmlinux.lds.S
patching file arch/ia64/config.in
patching file arch/ia64/kernel/ptrace.c
patching file arch/ia64/kernel/sys_ia64.c
patching file arch/m68k/config.in
patching file arch/mips/config.in
patching file arch/mips/mm/fault.c
patching file arch/mips64/config.in
patching file arch/mips64/mm/fault.c
patching file arch/parisc/config.in
patching file arch/parisc/kernel/ioctl32.c
patching file arch/parisc/kernel/ptrace.c
patching file arch/parisc/kernel/sys_parisc.c
patching file arch/parisc/kernel/sys_parisc32.c
patching file arch/parisc/kernel/traps.c
patching file arch/parisc/mm/fault.c
patching file arch/ppc/config.in
patching file arch/ppc/kernel/head_4xx.S
patching file arch/ppc/kernel/ptrace.c
patching file arch/ppc/kernel/syscalls.c
patching file arch/ppc/mm/fault.c
patching file arch/ppc64/kernel/ioctl32.c
patching file arch/s390/config.in
patching file arch/s390x/config.in
patching file arch/sh/config.in
patching file arch/sparc/boot/Makefile
patching file arch/sparc/config.in
patching file arch/sparc/kernel/ptrace.c
patching file arch/sparc/kernel/sys_sparc.c
patching file arch/sparc/kernel/sys_sunos.c
patching file arch/sparc/mm/fault.c
patching file arch/sparc/mm/init.c
patching file arch/sparc/mm/srmmu.c
patching file arch/sparc64/config.in
patching file arch/sparc64/kernel/ioctl32.c
patching file arch/sparc64/kernel/itlb_base.S
patching file arch/sparc64/kernel/ptrace.c
patching file arch/sparc64/kernel/sys_sparc.c
patching file arch/sparc64/kernel/sys_sparc32.c
patching file arch/sparc64/kernel/sys_sunos32.c
patching file arch/sparc64/mm/fault.c
patching file arch/sparc64/solaris/misc.c
patching file arch/x86_64/ia32/ia32_ioctl.c
patching file arch/x86_64/ia32/sys_ia32.c
patching file drivers/char/keyboard.c
patching file drivers/char/mem.c
Hunk #6 succeeded at 425 (offset 2 lines).
Hunk #7 succeeded at 564 (offset 2 lines).
Hunk #8 succeeded at 630 (offset 2 lines).
Hunk #9 succeeded at 670 (offset 2 lines).
Hunk #10 succeeded at 750 with fuzz 2 (offset 7 lines).
Hunk #11 FAILED at 781.
1 out of 11 hunks FAILED -- saving rejects to file drivers/char/mem.c.rej
patching file drivers/char/random.c
patching file drivers/char/tty_io.c
Hunk #1 succeeded at 1436 (offset 32 lines).
Hunk #2 succeeded at 1547 (offset 37 lines).
Hunk #3 succeeded at 1589 (offset 37 lines).
Hunk #4 succeeded at 1645 (offset 37 lines).
patching file drivers/char/vt.c
patching file drivers/pci/proc.c
patching file drivers/video/vesafb.c
patching file fs/Makefile
patching file fs/binfmt_aout.c
patching file fs/binfmt_elf.c
patching file fs/binfmt_misc.c
patching file fs/buffer.c
patching file fs/exec.c
patching file fs/fcntl.c
patching file fs/namei.c
patching file fs/namespace.c
patching file fs/open.c
patching file fs/proc/array.c
patching file fs/proc/base.c
patching file fs/proc/generic.c
patching file fs/proc/inode.c
patching file fs/proc/proc_misc.c
patching file fs/proc/proc_tty.c
patching file fs/proc/root.c
patching file fs/readdir.c
patching file grsecurity/Config.in
patching file grsecurity/Makefile
patching file grsecurity/gracl.c
patching file grsecurity/gracl_alloc.c
patching file grsecurity/gracl_cap.c
patching file grsecurity/gracl_fs.c
patching file grsecurity/gracl_ip.c
patching file grsecurity/gracl_learn.c
patching file grsecurity/gracl_res.c
patching file grsecurity/gracl_segv.c
patching file grsecurity/gracl_shm.c
patching file grsecurity/grsec_chdir.c
patching file grsecurity/grsec_chroot.c
patching file grsecurity/grsec_disabled.c
patching file grsecurity/grsec_exec.c
patching file grsecurity/grsec_fifo.c
patching file grsecurity/grsec_fork.c
patching file grsecurity/grsec_init.c
patching file grsecurity/grsec_ipc.c
patching file grsecurity/grsec_link.c
patching file grsecurity/grsec_mem.c
patching file grsecurity/grsec_mount.c
patching file grsecurity/grsec_rand.c
patching file grsecurity/grsec_sig.c
patching file grsecurity/grsec_sock.c
patching file grsecurity/grsec_sysctl.c
patching file grsecurity/grsec_textrel.c
patching file grsecurity/grsec_time.c
patching file grsecurity/grsec_tpe.c
patching file grsecurity/grsum.c
patching file grsecurity/obsd_rand.c
patching file include/asm-alpha/a.out.h
patching file include/asm-alpha/elf.h
patching file include/asm-alpha/mman.h
patching file include/asm-alpha/pgtable.h
patching file include/asm-i386/a.out.h
patching file include/asm-i386/desc.h
patching file include/asm-i386/elf.h
patching file include/asm-i386/hw_irq.h
patching file include/asm-i386/mman.h
patching file include/asm-i386/page.h
patching file include/asm-i386/pgalloc.h
patching file include/asm-i386/pgtable.h
patching file include/asm-i386/processor.h
patching file include/asm-i386/system.h
patching file include/asm-parisc/a.out.h
patching file include/asm-parisc/elf.h
patching file include/asm-parisc/mman.h
patching file include/asm-parisc/pgtable.h
patching file include/asm-ppc/a.out.h
patching file include/asm-ppc/elf.h
patching file include/asm-ppc/mman.h
patching file include/asm-ppc/pgtable.h
patching file include/asm-sparc/a.out.h
patching file include/asm-sparc/elf.h
patching file include/asm-sparc/mman.h
patching file include/asm-sparc/pgtable.h
patching file include/asm-sparc/pgtsrmmu.h
patching file include/asm-sparc/uaccess.h
patching file include/asm-sparc64/a.out.h
patching file include/asm-sparc64/elf.h
patching file include/asm-sparc64/mman.h
patching file include/asm-sparc64/pgtable.h
patching file include/linux/a.out.h
patching file include/linux/binfmts.h
patching file include/linux/elf.h
patching file include/linux/fs.h
Hunk #1 succeeded at 1096 (offset 6 lines).
patching file include/linux/gracl.h
patching file include/linux/gralloc.h
patching file include/linux/grdefs.h
patching file include/linux/grinternal.h
patching file include/linux/grmsg.h
patching file include/linux/grsecurity.h
patching file include/linux/kernel.h
patching file include/linux/mm.h
Hunk #3 succeeded at 535 (offset 12 lines).
Hunk #4 succeeded at 604 with fuzz 2 (offset 16 lines).
Hunk #5 succeeded at 637 (offset 17 lines).
Hunk #6 succeeded at 696 (offset 17 lines).
Hunk #7 succeeded at 721 (offset 17 lines).
patching file include/linux/proc_fs.h
patching file include/linux/sched.h
patching file include/linux/sysctl.h
patching file include/net/inetpeer.h
patching file include/net/ip.h
patching file init/main.c
patching file ipc/msg.c
patching file ipc/sem.c
patching file ipc/shm.c
patching file kernel/capability.c
patching file kernel/exit.c
patching file kernel/fork.c
patching file kernel/ksyms.c
patching file kernel/module.c
patching file kernel/printk.c
patching file kernel/sched.c
patching file kernel/signal.c
patching file kernel/sys.c
patching file kernel/sysctl.c
patching file kernel/time.c
patching file kernel/timer.c
patching file mm/filemap.c
patching file mm/memory.c
patching file mm/mlock.c
patching file mm/mmap.c
Hunk #4 FAILED at 399.
Hunk #5 succeeded at 446 (offset 1 line).
Hunk #6 succeeded at 505 (offset 1 line).
Hunk #7 succeeded at 578 (offset 1 line).
Hunk #8 succeeded at 591 (offset 1 line).
Hunk #9 succeeded at 624 (offset 1 line).
Hunk #10 succeeded at 659 (offset 1 line).
Hunk #11 succeeded at 702 (offset 1 line).
Hunk #12 succeeded at 740 (offset 1 line).
Hunk #13 succeeded at 933 (offset 1 line).
Hunk #14 succeeded at 1061 (offset 1 line).
Hunk #15 succeeded at 1147 (offset 1 line).
Hunk #16 FAILED at 1183.
Hunk #17 succeeded at 1259 (offset 6 lines).
Hunk #18 succeeded at 1277 (offset 6 lines).
Hunk #19 succeeded at 1312 (offset 6 lines).
Hunk #20 succeeded at 1328 (offset 6 lines).
Hunk #21 succeeded at 1345 (offset 6 lines).
Hunk #22 succeeded at 1358 (offset 6 lines).
Hunk #23 succeeded at 1384 (offset 6 lines).
2 out of 23 hunks FAILED -- saving rejects to file mm/mmap.c.rej
patching file mm/mprotect.c
Hunk #4 succeeded at 388 with fuzz 1 (offset 73 lines).
Hunk #5 FAILED at 463.
Hunk #6 FAILED at 486.
Hunk #7 FAILED at 508.
Hunk #8 FAILED at 546.
4 out of 8 hunks FAILED -- saving rejects to file mm/mprotect.c.rej
patching file mm/mremap.c
patching file mm/vmalloc.c
patching file net/ipv4/af_inet.c
patching file net/ipv4/ip_output.c
patching file net/ipv4/netfilter/Config.in
patching file net/ipv4/netfilter/Makefile
patching file net/ipv4/netfilter/ipt_stealth.c
patching file net/ipv4/tcp_ipv4.c
patching file net/ipv4/udp.c
patching file net/netlink/af_netlink.c
patching file net/netsyms.c
patching file net/socket.c
patching file net/sunrpc/xprt.c
patching file net/unix/af_unix.c


but in the

Code: Select all
make menuconfig ARCH=um


there is'nt any grsecurity options !!!!!!!!
kaio
 
Posts: 9
Joined: Fri Apr 08, 2005 5:02 pm

Postby phil » Sun Apr 10, 2005 12:36 pm

kaio wrote:there is'nt any grsecurity options !!!!!!!!

The patches conflict.
I installed the 2.4.30 sources, applied the uml-patch for 2.4.27 (no major conflicts) but when patching the resulting source tree with grsecurity I get some conflicts. Most of them are easy to resolve, but the conflicts in mm/mmap.c are quite tricky.
Look at what has to be done in those *.rej files and try to resolve the conflicts. That's all I can tell you about it as I'm not using grsecurity on virtual machines.
phil
 
Posts: 16
Joined: Sun Aug 08, 2004 5:58 am

Postby kaio » Sun Apr 10, 2005 1:15 pm

mmmm ok, if there are any news about this problem, reply this post!

Thanks!
kaio
 
Posts: 9
Joined: Fri Apr 08, 2005 5:02 pm

Previous

Return to grsecurity development

cron