Page 1 of 1

[Solved] Grsec patch conflicts with Xen

PostPosted: Sun Feb 19, 2017 2:50 pm
by bugmenot
Previously, it was possible to use Xen + Grsec patches on i686. This is no longer possible due to incompatible-pointer-type bugs.

Complete log of compile errors: https://dpaste.de/i0Tg/raw

Re: Grsec patch conflicts with Xen

PostPosted: Sun Feb 19, 2017 3:57 pm
by PaX Team
can you test the following patch please:
Code: Select all
--- a/arch/x86/xen/xen-ops.h    2017-01-01 23:08:10.879089161 +0100
+++ b/arch/x86/xen/xen-ops.h      2017-02-19 20:54:25.263588399 +0100
@@ -131,9 +131,9 @@
        extern char name##_end[] __visible;     \
        extern char name##_reloc[] __visible

-DECL_ASM(void, xen_irq_enable_direct, void);
-DECL_ASM(void, xen_irq_disable_direct, void);
-DECL_ASM(unsigned long, xen_save_fl_direct, void);
+DECL_ASM(asmlinkage void, xen_irq_enable_direct, void);
+DECL_ASM(asmlinkage void, xen_irq_disable_direct, void);
+DECL_ASM(asmlinkage unsigned long, xen_save_fl_direct, void);
 DECL_ASM(void, xen_restore_fl_direct, unsigned long);

 /* These are not functions, and cannot be called normally */

Re: Grsec patch conflicts with Xen

PostPosted: Mon Feb 20, 2017 8:08 pm
by bugmenot
Gets further, but then crashes again.

Code: Select all
 AS      arch/x86/xen/xen-asm.o
  AS      arch/x86/xen/xen-asm_32.o   
arch/x86/xen/xen-asm_32.S: Assembler messages:
arch/x86/xen/xen-asm_32.S:31: Error: no such instruction: `pax_direct_call xen_force_evtchn_callback'
make[2]: *** [scripts/Makefile.build:393: arch/x86/xen/xen-asm_32.o] Error 1
make[1]: *** [scripts/Makefile.build:544: arch/x86/xen] Error 2
make: *** [Makefile:990: arch/x86] Error 2
make: *** Waiting for unfinished jobs....

Re: Grsec patch conflicts with Xen

PostPosted: Mon Feb 20, 2017 8:23 pm
by PaX Team
ah yeah, i forgot about this hunk:
Code: Select all
--- a/arch/x86/xen/xen-asm_32.S 2017-02-01 01:37:19.489257092 +0100
+++ b/arch/x86/xen/xen-asm_32.S   2017-02-19 20:51:37.900221416 +0100
@@ -15,6 +15,7 @@
 #include <asm/processor-flags.h>
 #include <asm/segment.h>
 #include <asm/asm.h>
+#include <asm/alternative-asm.h>

 #include <xen/interface/xen.h>


Re: Grsec patch conflicts with Xen [solved]

PostPosted: Tue Feb 21, 2017 7:44 pm
by bugmenot
Just wanted you to know this issue is now fixed. Thanks!