wiki:experiences:igraltist:patches:2.6.33.4
=>  Releases

Current version
Git/Latestdiff: 1.5.5

Latest Snapshots
Produced after each commit or rebase to new upstream version

GIT
RSBAC source code, can be unstable sometimes

=>  Events

No events planned

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

wiki:experiences:igraltist:patches:2.6.33.4 [2010/05/21 19:33] (current)
igraltist created
Line 1: Line 1:
 +[[wiki:​experiences/​igraltist|Back to igraltist'​s experiences]]
  
 +====== Patch for kernel rsbac-pax 2.6.33.4 =====
 +
 +The follow source have to download and the patches have to apply like the links are.
 +
 +  * [[http://​www.kernel.org/​pub/​linux/​kernel/​v2.6/​linux-2.6.33.4.tar.bz2|linux-kernel]]
 +  * [[http://​download.rsbac.org/​pre/​rsbac-1.4.4-2.6.33.4.diff.bz2|rsbac-patch]]
 +  * [[http://​www.grsecurity.net/​~paxguy1/​pax-linux-2.6.33.4-test19.patch|pax-patch]]
 +
 +At least apply this patch.
 +<code bash>
 +diff -urN rsbac/​fs/​exec.c rsbac_pax/​fs/​exec.c
 +--- rsbac/​fs/​exec.c 2010-05-21 19:​28:​14.857432899 +0200
 ++++ rsbac_pax/​fs/​exec.c 2010-05-21 19:​22:​59.209432986 +0200
 +@@ -56,11 +56,24 @@
 + #​include <​linux/​fs_struct.h>​
 + #​include <​linux/​pipe_fs_i.h>​
 + 
 ++#include <​linux/​random.h>​
 ++#include <​linux/​seq_file.h>​
 +
 ++#ifdef CONFIG_PAX_REFCOUNT
 ++#include <​linux/​kallsyms.h>​
 ++#include <​linux/​kdebug.h>​
 ++#endif
 ++
 + #​include <​asm/​uaccess.h>​
 + #​include <​asm/​mmu_context.h>​
 + #​include <​asm/​tlb.h>​
 + #​include "​internal.h"​
 + 
 ++#ifdef CONFIG_PAX_HOOK_ACL_FLAGS
 ++void (*pax_set_initial_flags_func)(struct linux_binprm *bprm);
 ++EXPORT_SYMBOL(pax_set_initial_flags_func);​
 ++#endif
 ++
 + #​include <​rsbac/​hooks.h>​
 + 
 + int core_uses_pid;​
 +diff -urN rsbac/​fs/​pipe.c rsbac_pax/​fs/​pipe.c
 +--- rsbac/​fs/​pipe.c 2010-05-21 19:​28:​15.686723267 +0200
 ++++ rsbac_pax/​fs/​pipe.c 2010-05-21 19:​24:​15.815558034 +0200
 +@@ -776,10 +776,10 @@
 + 
 + ​ mutex_lock(&​inode->​i_mutex);​
 +  pipe = inode->​i_pipe;​
 +- pipe->​readers -= decr;
 +- pipe->​writers -= decw;
 +-
 +- if (!pipe->​readers && !pipe->​writers) {
 ++    atomic_sub(decr,​ &​pipe->​readers);​
 ++    atomic_sub(decw,​ &​pipe->​writers);​
 ++  ​
 ++    if (!atomic_read(&​pipe->​readers) && !atomic_read(&​pipe->​writers)) {
 + 
 + #​ifdef CONFIG_RSBAC
 + ​ union rsbac_target_id_t rsbac_target_id;​
 +diff -urN rsbac/​init/​do_mounts.c rsbac_pax/​init/​do_mounts.c
 +--- rsbac/​init/​do_mounts.c 2010-05-21 19:​28:​17.787434819 +0200
 ++++ rsbac_pax/​init/​do_mounts.c 2010-05-21 19:​25:​19.909433034 +0200
 +@@ -424,8 +424,8 @@
 + ​ mount_root();​
 + out:
 + ​ devtmpfs_mount("​dev"​);​
 +- sys_mount("​.",​ "/",​ NULL, MS_MOVE, NULL);
 +- sys_chroot("​."​);​
 ++ sys_mount((__force char __user *)"​.",​ (__force char __user *)"/",​ NULL, MS_MOVE, NULL);
 ++ sys_chroot((__force char __user *)"​."​);​
 + 
 +         /* RSBAC: OK, most stuff initialized and root mounted: Init RSBAC. */
 + #​ifdef CONFIG_RSBAC
 +diff -urN rsbac/​mm/​mprotect.c rsbac_pax/​mm/​mprotect.c
 +--- rsbac/​mm/​mprotect.c 2010-05-21 19:​28:​19.243441467 +0200
 ++++ rsbac_pax/​mm/​mprotect.c 2010-05-21 19:​26:​14.384557886 +0200
 +@@ -24,10 +24,17 @@
 + #​include <​linux/​mmu_notifier.h>​
 + #​include <​linux/​migrate.h>​
 + #​include <​linux/​perf_event.h>​
 ++
 ++#ifdef CONFIG_PAX_MPROTECT
 ++#include <​linux/​elf.h>​
 ++#endif
 ++
 + #​include <​asm/​uaccess.h>​
 + #​include <​asm/​pgtable.h>​
 + #​include <​asm/​cacheflush.h>​
 + #​include <​asm/​tlbflush.h>​
 ++#include <​asm/​mmu_context.h>​
 ++
 + #​include <​rsbac/​hooks.h>​
 + 
 + #​ifndef pgprot_modify
 +</​code>​
//
wiki/experiences/igraltist/patches/2.6.33.4.txt · Last modified: 2010/05/21 19:33 by igraltist

wiki/experiences/igraltist/patches/2.6.33.4.txt · Last modified: 2010/05/21 19:33 by igraltist
This website is kindly hosted by m-privacy