PAX and tuxonice, or swsusp2 2.6.31.1

Discuss and suggest new grsecurity features

PAX and tuxonice, or swsusp2 2.6.31.1

Postby fonya » Thu Oct 01, 2009 6:40 am

Hi Folks,

I try to patch grsecurity, and tuxonice current /grsecurity-2.1.14-2.6.31.1-200909271949.patch, and
current-tuxonice-for-2.6.31.patch-20090911-v1.bz2/. Everything seems to be nice, but in include/linux/mm.h I got this conflict:

Code: Select all
#define VM_ATOMIC_COPY  0x80000000      /* TuxOnIce should atomically copy */

#ifdef CONFIG_PAX_PAGEEXEC
#define VM_PAGEEXEC     0x80000000      /* vma->vm_page_prot needs special handling */
#endif


What can i do this? How can i add different values for VM_ATOMIC_COPY and VM_PAGEEXEC?
I'd like to use pageexec features of course :)
fonya
 
Posts: 36
Joined: Thu Mar 28, 2002 11:22 am

Re: PAX and tuxonice, or swsusp2 2.6.31.1

Postby PaX Team » Sun Oct 04, 2009 5:38 am

fonya wrote:
Code: Select all
#define VM_ATOMIC_COPY  0x80000000      /* TuxOnIce should atomically copy */

#ifdef CONFIG_PAX_PAGEEXEC
#define VM_PAGEEXEC     0x80000000      /* vma->vm_page_prot needs special handling */
#endif


What can i do this? How can i add different values for VM_ATOMIC_COPY and VM_PAGEEXEC?
I'd like to use pageexec features of course :)
this is the case of running out of usable bits in the vma->vm_flags field (as you can see, it's bound to happen soon to both of these projects when the vanilla kernel will use this last bit itself), which in general cannot be resolved except by changing the type of this field which will then need a whole lot more code to be adjusted. for a quick resolution, you can redefine the VM_PAGEEXEC bit to 0 if you're using the hw NX bit (needs PAE/PAGEEXEC) or you don't want to use PAGEEXEC at all.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm

Re: PAX and tuxonice, or swsusp2 2.6.31.1

Postby spender » Sun Oct 04, 2009 8:27 am

Or wait till 2.6.32 -- I think they're fixing the flag exhaustion there.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Re: PAX and tuxonice, or swsusp2 2.6.31.1

Postby fonya » Sun Oct 04, 2009 8:54 am

Thank You, I think, I'll drop the tuxonice patch. :(
fonya
 
Posts: 36
Joined: Thu Mar 28, 2002 11:22 am


Return to grsecurity development