grsecurity forums

by **pwadas** » Mon Sep 10, 2007 4:03 pm

Hello,

Just to annouce successful compilation & installation
of:

grsecurity-2.1.11-2.6.22.6-200709071800.patch
gradm-2.1.11-200708011700.tar.gz

at debian sid, with kernel patched and compiled
from linux-source-2.6.22 package.
(package version 2.6.22-4)

arch: i686
gcc: 4.2.1 (package gcc-4.2=4.2.1-5)

Regards,
Piotr

by **amdfanatyk** » Tue Sep 11, 2007 10:43 am

and Xorg server works?

by **pwadas** » Tue Sep 11, 2007 3:52 pm

No, but this server is hosting server, it doesn't have X
at all. Anyway it's just to announce succesful installation,
not successful policy and usage.
On other machine with current stable grsec I noticed
Xorg working with

GRKERNSEC_IO=n (disable priviledged IO turned OFF)

Regards,
Piotr

by **amdfanatyk** » Thu Sep 13, 2007 5:45 am

pwadas wrote:No

lol and poor devs cannot fix this lol lol lol.

by **specs** » Thu Sep 13, 2007 2:25 pm

Only problem with X.org and grsecurity is a freezing mouse pointer. It might be a problem with X / xfce. It only started with the 2.6.21-grsec patches but then I also had an X.org-update.

I found no clue what causes the problem. It is however pretty irritating since many programs work better with a mouse. Increasing the reserved memory for the display did help to extend the time until the next freeze.

Linux version 2.6.22.6-grsec200709071800-2 (gcc version 4.1.3 20070718 (prerelease) (Debian 4.1.2-14))
CPU-model: VIA Nehemiah
VIA VT8623 [CLE266] integrated graphics

Snce I never used 2.6.19.2 with grsecurity on this pc I have little comparison. The version before 2.6.22.6 worked still with CONFIG_PAX_NOELFRELOCS=y and CONFIG_GRKERNSEC_IO=y. It seems that some patches have been reimplemented.

by **spender** » Thu Sep 20, 2007 6:19 pm

To help track down the Xorg problem, can you reproduce it with the PaX patch alone?

-Brad

by **spender** » Thu Sep 20, 2007 6:24 pm

Also, please try with a vanilla kernel since you mentioned that you had upgraded Xorg.

-Brad

by **amdfanatyk** » Fri Sep 21, 2007 5:07 am

spender wrote:To help track down the Xorg problem, can you reproduce it with the PaX patch alone?

-Brad

I cannot check this because PaX patch is broken and I cannot compile kernel.

by **specs** » Sun Sep 23, 2007 4:27 am

spender wrote:To help track down the Xorg problem, can you reproduce it with the PaX patch alone?

-Brad

spender wrote:Also, please try with a vanilla kernel since you mentioned that you had upgraded Xorg.

-Brad

I hate vague problems:
Somehow the problem seemed triggered by the amount of video RAM.
Since I ran into the problem I changed the amount of memory reserved for the Video adapter (Both in BIOS and xorg.conf) and the AGP Apperture size.

I can't reproduce it right now (at one time I could reproduce it within 2 minutes (including reboot). I haven't been able to find many clues on the internet either.

To pinpoint the problem I have a kernel with grsec-patch and a vanilla kernel installed. When I run into problems again I will look further into it. I tried to change the settings to the settings I remembered as most likely to trigger the problem. Since I could not trigger the problem without fail in grssec I don't see a direct reason to test it with the vanilla kernel (or the PAX-kernel).

In short I'm missing some factor which triggers the problem.

Please regard this problem as not grsec related.

by **amdfanatyk** » Sun Sep 23, 2007 8:38 am

spender wrote:To help track down the Xorg problem, can you reproduce it with the PaX patch alone?

-Brad

That's PaX fault. With only PaX patch applied it also crashes Xorg.

by **specs** » Sun Sep 23, 2007 12:23 pm

amdfanatyk wrote:That's PaX fault. With only PaX patch applied it also crashes Xorg.

Can you support your opinion for example with gdb output?

grsecurity forums

proudly confirm test patches working on debian sid 2.6.22

proudly confirm test patches working on debian sid 2.6.22

xorg

Re: xorg