2.4.22-grsec

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

2.4.22-grsec

Postby Sleight of Mind » Tue Aug 26, 2003 5:04 am

since there were no active changes in the CVS in the past few days/weeks i guess 1.9.12 against 2.4.22-rc2 should be quite the same as 1.9.12 against 2.4.22 final. I took the beta patch and applied it against 2.4.22. The 2 FAILs were very easy to fix.

grsecurity-1.9.12-2.4.22.patch.gz

NOTE: this is not an official patch, but the final 1.9.12 will probably not differ much/at all to this one.
Sleight of Mind
 
Posts: 92
Joined: Tue Apr 08, 2003 10:41 am

Postby ranganc » Tue Aug 26, 2003 12:11 pm

I used the patch to rebuild a kernel for AMD Athlon based system and everything went fine.. seems to working great. I didn't face any issues.

Thanks for the patch
ranganc
 
Posts: 1
Joined: Tue Aug 26, 2003 12:03 pm

Postby p00p » Fri Aug 29, 2003 7:54 am

i couldn't get the patch to apply as per the grsec documentation...
cd /usr/src
patch -p0 grsec-etc-etc-etc.patch


this is after extracting linux-2.4.22 and creating a symbolic link "linux" pointing to linux-2.4.22

it will just sit there for a long time, doesn't appear to be doing anything. mem and cpu usage are very low (1.1ghz box, so it shouldn't take so long) and there is no disk access. what gives?

system: slackware linux 9.0, athlon 1.1ghz, 512mb sdram
p00p
 
Posts: 7
Joined: Fri Aug 29, 2003 7:51 am

Postby maynard » Fri Aug 29, 2003 8:46 am

i think you are missing a <
patch -p0 < blabla.patch

regards
maynard
maynard
 
Posts: 6
Joined: Sat Aug 10, 2002 8:38 am

Postby Sleight of Mind » Fri Aug 29, 2003 9:22 am

the patch is in gzip format, so i suggest:
Code: Select all
cd /usr/src/linux
zcat  /path/to/grsecurity-1.9.12-2.4.22.patch.gz|patch -p1
Sleight of Mind
 
Posts: 92
Joined: Tue Apr 08, 2003 10:41 am

Postby p00p » Fri Aug 29, 2003 4:20 pm

thanks for responding so quickly, both of you.

i'm about to try the first suggestion.
about the second one, i guess i failed to mention that yes i did gunzip it. thanks though.
p00p
 
Posts: 7
Joined: Fri Aug 29, 2003 7:51 am

Postby p00p » Fri Aug 29, 2003 4:23 pm

maynard wrote:i think you are missing a <
patch -p0 < blabla.patch

regards
maynard


wow, that worked INSTANTLY. thanks a lot!

as they say.. KISS.. keep it simple, stupid.

thanks again.
p00p
 
Posts: 7
Joined: Fri Aug 29, 2003 7:51 am

Postby lowde » Sat Aug 30, 2003 5:57 pm

hi.

this patch seems to work great. but i get fail messages when i patch the source in the /usr/src/linux/Makefile. it seem that the kernelinformation not change (also KERNELVERSION,...). is this so ok? or have i done something wrong?

thx for the patch.

ps.: sorry for my bad english.
lowde
 
Posts: 2
Joined: Sat Aug 30, 2003 5:39 pm

Postby Sleight of Mind » Sun Aug 31, 2003 11:09 am

if you apply to a vanilla 2.4.22 tree it will not give a reject on the Makefile. Usually a FAIL on the Makefile is caused by the EXTRAVERSION already being set to some value while the patch expects it to be empty (as it is empty on a vanilla tree)
Sleight of Mind
 
Posts: 92
Joined: Tue Apr 08, 2003 10:41 am

Postby lowde » Sun Aug 31, 2003 3:13 pm

hi
you're right. sorry for the reply. it seems that my distro package management installed a light modified version of the kernelsources
but they call them selves vanilla sources.


thx for the fast reply

keep on workin =)
lowde
 
Posts: 2
Joined: Sat Aug 30, 2003 5:39 pm

Postby fallen_angel » Mon Sep 01, 2003 11:18 am

any comment to this patch from a grsecurity developer would be helpfull, a negative comment would be better than no comment.

Unix is no windows, reboots are things which should be prevent and security for sure
fallen_angel
 
Posts: 2
Joined: Mon Sep 01, 2003 11:15 am

Postby fallen_angel » Tue Sep 02, 2003 10:26 am

official release out :D
fallen_angel
 
Posts: 2
Joined: Mon Sep 01, 2003 11:15 am

Postby Sleight of Mind » Tue Sep 02, 2003 6:03 pm

I killed the patch in my homedir now that the official release is out. My patch and the official one don't differ much, only some minor changes to PAX afaik.

*Thread closed* :)
Sleight of Mind
 
Posts: 92
Joined: Tue Apr 08, 2003 10:41 am

Postby p00p » Thu Sep 04, 2003 4:29 pm

is there a chance you still have it?

i just copied my .config back over after i had re-extracted the linux sources and patched with the official grsec patch.. and now my kernel doesn't work. so i tried redoing the .config via make menuconfig, and still no luck.

if possible i'd like to try yours again-- that worked. thanks. :(
p00p
 
Posts: 7
Joined: Fri Aug 29, 2003 7:51 am

Postby spender » Thu Sep 04, 2003 7:02 pm

what didn't work? What was your config?

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Next

Return to grsecurity support

cron