Hi,
Is grsec compatible with guest kernel 2.6 ?
 
tested with (same guest kernel without grsec patch work):
HOST  2.6.20.9 skas3
GUEST 2.6.19.7 + grsecurity-2.1.10-2.6.19.2-200701222307.patch.gz
GUEST 2.6.21.5 + grsecurity-2.1.10-2.6.21.5-200706182032.patch
 
-> patch guest uml kernel: OK
 
(only for testing if build and kernel uml start)
Security options  --->
 Grsecurity  --->[ ] Grsecurity
 PaX  ---> Miscellaneous hardening features  ---> [ ] Sanitize all freed memory
 [ ] Enable access key retention support
 [ ] Enable different security models
 
-> build guest uml kernel: OK

-> start guest uml kernel : OUT
Hang after:
...
kjournald starting.  Commit interval 5 seconds
EXT3-fs: mounted filesystem with ordered data mode.
VFS: Mounted root (ext3 filesystem) readonly.
 
 
gdb linux
(gdb) b start_kernel
(gdb) r mem=128M ubd0=fs-fedoraC4 ubd1=swap64 con=null con0=fd:0,fd:1
...
Checking for the skas3 patch in the host:
  - /proc/mm...found
  - PTRACE_FAULTINFO...Detaching after fork from child process 25266.
found
  - PTRACE_LDT...Detaching after fork from child process 25267.
found
UML running in SKAS3 mode
Detaching after fork from child process 25268.
Checking that ptrace can change system call numbers...Detaching after fork from child process 25269.
OK
Checking syscall emulation patch for ptrace...Detaching after fork from child process 25270.
OK
Checking advanced syscall emulation patch for ptrace...Detaching after fork from child process 25271.
OK
Detaching after fork from child process 25272.
Program received signal SIGSEGV, Segmentation fault.
nf_nat_init () at list.h:32
32      list.h: Aucun fichier ou répertoire de ce type.
        in list.h
 

Regards,
leo.


Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail