I'm getting this error when I'm compiling 2.6.29.3 with grsecurity-2.1.14-2.6.29.3-200905131918.patch:
LD vmlinux
ld: vmlinux: section .rodata vma 0xffffffff8060b000 overlaps previous sections
ld: vmlinux: section __bug_table vma 0xffffffff806e8840 overlaps previous sections
ld: vmlinux: section .pci_fixup vma 0xffffffff806ef630 overlaps previous sections
ld: vmlinux: section __param vma 0xffffffff806f0bd0 overlaps previous sections
ld: vmlinux: section `.rodata' can't be allocated in segment 2
LOAD: .vsyscall_0 .vsyscall_fn .vsyscall_gtod_data .vsyscall_1 .vsyscall_2 .vgetcpu_mode .jiffies .rodata __bug_table .pci_fixup __param
ld: final link failed: Bad value
make: *** [vmlinux] Error 1
On Gentoo hardened with gcc-4.3.3.
Edit: x86_64 aswell
2.6.29.3 compilation problem
9 posts
• Page 1 of 1
2.6.29.3 compilation problem
by forsaken » Fri May 15, 2009 3:32 am
Last edited by forsaken on Fri May 15, 2009 11:56 am, edited 1 time in total.
- forsaken
- Posts: 74
- Joined: Tue May 18, 2004 3:04 am
Re: 2.6.29.3 compilation problem
by joshuapl » Fri May 15, 2009 10:25 am
Hi,
I'm experiencing the same problem.
First I thought that it was something about my .config (copied from 2.6.27.5+grsecurity), but then I tried to compile the raw kernel with few grsecurity and PAX options enabled (make mrproper && make menuconfig && make bzImage)
Ah, one thing worth mentioning - this system is on x86_64.
Greetings,
--
Jacek
Poland
I'm experiencing the same problem.
First I thought that it was something about my .config (copied from 2.6.27.5+grsecurity), but then I tried to compile the raw kernel with few grsecurity and PAX options enabled (make mrproper && make menuconfig && make bzImage)
Ah, one thing worth mentioning - this system is on x86_64.
Greetings,
--
Jacek
Poland
- joshuapl
- Posts: 2
- Joined: Fri May 15, 2009 10:22 am
Re: 2.6.29.3 compilation problem
by spender » Fri May 15, 2009 2:49 pm
Hang in there, the PaX team is aware of the problem and will have a fix for it soon hopefully.
And when it's all over with, modifying the vsyscall table with a single write to reliably transfer from interrupt to process context (like in the remote root exploit at http://kernelbof.blogspot.com/) won't be possible anymore.
-Brad
And when it's all over with, modifying the vsyscall table with a single write to reliably transfer from interrupt to process context (like in the remote root exploit at http://kernelbof.blogspot.com/) won't be possible anymore.
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: 2.6.29.3 compilation problem
by hanno » Sat May 16, 2009 6:45 am
Ping?
The 2.6.29.3 update is a security update with real-world exploits floating around on milw0rm. Not the kind of update you wanna keep back.
The 2.6.29.3 update is a security update with real-world exploits floating around on milw0rm. Not the kind of update you wanna keep back.
- hanno
- Posts: 26
- Joined: Thu Dec 16, 2004 4:37 am
Re: 2.6.29.3 compilation problem
by spender » Sat May 16, 2009 10:46 am
The vsyscall patch still needs more work, so for now I've reverted it and uploaded a new patch.
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: 2.6.29.3 compilation problem
by forsaken » Sat May 16, 2009 6:02 pm
The new patch works fine, thanks.
- forsaken
- Posts: 74
- Joined: Tue May 18, 2004 3:04 am
Re: 2.6.29.3 compilation problem
by spender » Sat May 16, 2009 10:09 pm
I've uploaded new patches that have the read-only vsyscall shadow map on x64 kernels. I also added /proc/<pid>/cmdline as one of the things protected (along with /proc/<pid>/fd and /proc/<pid>/mem) by the "d" subject flag in the RBAC system.
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: 2.6.29.3 compilation problem
by joshuapl » Sun May 17, 2009 7:57 am
Works for me too, after rebooting everything seems go run smoothly. Thanks!
- joshuapl
- Posts: 2
- Joined: Fri May 15, 2009 10:22 am
9 posts
• Page 1 of 1