[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Xen-devel] Compiling xenlinux 2.4.29 with grsec.. help needed
Hi list!
I'm trying to run 2.4.29-xenU with grsec. Jacob Gorm Hansen said couple of
weeks ago, that grsec should work with xen when pax is disabled..
Well, to get the kernel compiling there's some source hacking that needs to
be done.. I'll describe what I did and what error I got:
I downloaded xen-2.0-testing-src.tgz and extracted it. I edited the toplevel
Makefile to only compile 2.4.29-xenU. I ran "make world" and after a while
xen and 2.4.29-xenU were built successfully.
Then I changed to 2.4.29-xenU directory, and patched the sourcetree with
grsec-patch[1] for linux 2.4.29 (patch -p1 < grsecuritypatch).
Patching generated only one reject.. that being the toplevel Makefile and
the extraversion in it. I changed the extraversion manually from "-xenU" to
"-grsec-xenU".
Then I copy&pasted the grsecurity configuration options from the end of
arch/i386/config.in and pasted them to the end of
xen-2.0-testing/linux-2.4.29-xen-sparse/arch/xen/config.in. I also added
"define_bool CONFIG_X86_ALIGNMENT_16 y" to all the x86 processor
definitions.
next I ran "make clean" in linux-2.4.29-xenU directory, and "make ARCH=xen
menuconfig" after it and enabled some grsec features.. I didn't enable PAX.
Then I ran "make" in the toplevel directory and after some compiling I got
this error:
gcc -D__KERNEL__ -I/root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU/include
-Wall -Wstrict-prototypes -Wno-trigraphs -O2 -fno-strict-aliasing
-fno-common -fomit-frame-pointer -pipe -mpreferred-stack-boundary=2
-march=i686 -nostdinc -iwithprefix include -DKBUILD_BASENAME=fault -c -o
fault.o fault.c
fault.c: In function �o_page_fault':
fault.c:135: warning: passing arg 1 of �xpand_stack' from incompatible
pointer type
fault.c:135: warning: passing arg 2 of �xpand_stack' makes pointer from
integer without a cast
fault.c:135: error: too few arguments to function �xpand_stack'
make[5]: *** [fault.o] Error 1
make[5]: Leaving directory
/root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU/arch/xen/mm'
make[4]: *** [first_rule] Error 2
make[4]: Leaving directory
/root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU/arch/xen/mm'
make[3]: *** [_dir_arch/xen/mm] Error 2
make[3]: Leaving directory /root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU'
make[2]: *** [build] Error 2
make[2]: Leaving directory /root/stuff/xen/xen-2.0-grsec'
make[1]: *** [linux-2.4-xenU-build] Error 2
make[1]: Leaving directory /root/stuff/xen/xen-2.0-grsec'
make: *** [kernels] Error 2
So it seems that some hacking is required in arch/xen/mm/fault.c .. I don't
have enough knowledge about linux memory management and/or grsec stuff so I
can't do this.. If somebody is willing to take a look at this, it would be
nice!
I also CC'd to the grsec developer.. just in case he has some time to take a
look at this :)
[1]
http://www.grsecurity.net/~spender/grsecurity-2.1.1-2.4.29-200501231159.patch
-- Pasi Kärkkäinen
^
. .
Linux
/ - \
Choice.of.the
.Next.Generation.
-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
|
