Xen devel - Jan 2005 - Compiling xenlinux 2.4.29 with grsec.. help needed

Hi list!

I''m trying to run 2.4.29-xenU with grsec. Jacob Gorm Hansen said couple
of
weeks ago, that grsec should work with xen when pax is disabled..

Well, to get the kernel compiling there''s some source hacking that
needs to
be done.. I''ll describe what I did and what error I got:

I downloaded xen-2.0-testing-src.tgz and extracted it. I edited the toplevel
Makefile to only compile 2.4.29-xenU. I ran "make world" and after a
while
xen and 2.4.29-xenU were built successfully.

Then I changed to 2.4.29-xenU directory, and patched the sourcetree with
grsec-patch[1] for linux 2.4.29 (patch -p1 < grsecuritypatch). 

Patching generated only one reject.. that being the toplevel Makefile and
the extraversion in it. I changed the extraversion manually from
"-xenU" to
"-grsec-xenU".

Then I copy&pasted the grsecurity configuration options from the end of 
arch/i386/config.in and pasted them to the end of 
xen-2.0-testing/linux-2.4.29-xen-sparse/arch/xen/config.in. I also added 
"define_bool CONFIG_X86_ALIGNMENT_16 y" to all the x86 processor
definitions.

next I ran "make clean" in linux-2.4.29-xenU directory, and "make
ARCH=xen
menuconfig" after it and enabled some grsec features.. I didn''t
enable PAX.

Then I ran "make" in the toplevel directory and after some compiling I
got
this error:

gcc -D__KERNEL__ -I/root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU/include
-Wall -Wstrict-prototypes -Wno-trigraphs -O2 -fno-strict-aliasing
-fno-common -fomit-frame-pointer -pipe -mpreferred-stack-boundary=2
-march=i686    -nostdinc -iwithprefix include -DKBUILD_BASENAME=fault  -c -o
fault.o fault.c
fault.c: In function o_page_fault'':
fault.c:135: warning: passing arg 1 of xpand_stack'' from incompatible
pointer type
fault.c:135: warning: passing arg 2 of xpand_stack'' makes pointer from
integer without a cast
fault.c:135: error: too few arguments to function xpand_stack''
make[5]: *** [fault.o] Error 1
make[5]: Leaving directory
/root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU/arch/xen/mm''
make[4]: *** [first_rule] Error 2
make[4]: Leaving directory
/root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU/arch/xen/mm''
make[3]: *** [_dir_arch/xen/mm] Error 2
make[3]: Leaving directory
/root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU''
make[2]: *** [build] Error 2
make[2]: Leaving directory /root/stuff/xen/xen-2.0-grsec''
make[1]: *** [linux-2.4-xenU-build] Error 2
make[1]: Leaving directory /root/stuff/xen/xen-2.0-grsec''
make: *** [kernels] Error 2

So it seems that some hacking is required in arch/xen/mm/fault.c .. I
don''t
have enough knowledge about linux memory management and/or grsec stuff so I
can''t do this.. If somebody is willing to take a look at this, it would
be
nice!

I also CC''d to the grsec developer.. just in case he has some time to
take a
look at this :)

[1]
http://www.grsecurity.net/~spender/grsecurity-2.1.1-2.4.29-200501231159.patch

-- Pasi Kärkkäinen
       
                                   ^
                                .     .
                                 Linux
                              /    -    \
                             Choice.of.the
                           .Next.Generation.


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xen-devel

On Tue, Jan 25, 2005 at 11:11:11PM -0500, Brad Spengler
wrote:
> > -Wall -Wstrict-prototypes -Wno-trigraphs -O2 -fno-strict-aliasing
> > -fno-common -fomit-frame-pointer -pipe -mpreferred-stack-boundary=2
> > -march=i686    -nostdinc -iwithprefix include -DKBUILD_BASENAME=fault 
-c -o
> > fault.o fault.c
> > fault.c: In function o_page_fault'':
> > fault.c:135: warning: passing arg 1 of xpand_stack'' from
incompatible
> > pointer type
> > fault.c:135: warning: passing arg 2 of xpand_stack'' makes
pointer from
> > integer without a cast
> > fault.c:135: error: too few arguments to function
xpand_stack''
> > make[5]: *** [fault.o] Error 1
> > make[5]: Leaving directory
> > /root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU/arch/xen/mm''
> > make[4]: *** [first_rule] Error 2
> > make[4]: Leaving directory
> > /root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU/arch/xen/mm''
> > make[3]: *** [_dir_arch/xen/mm] Error 2
> > make[3]: Leaving directory
/root/stuff/xen/xen-2.0-grsec/linux-2.4.29-xenU''
> > make[2]: *** [build] Error 2
> > make[2]: Leaving directory /root/stuff/xen/xen-2.0-grsec''
> > make[1]: *** [linux-2.4-xenU-build] Error 2
> > make[1]: Leaving directory /root/stuff/xen/xen-2.0-grsec''
> > make: *** [kernels] Error 2
> > 
> > So it seems that some hacking is required in arch/xen/mm/fault.c .. I
don''t
> > have enough knowledge about linux memory management and/or grsec stuff
so I
> > can''t do this.. If somebody is willing to take a look at
this, it would be
> > nice!
> 
> Most likely the change that has to be made is to add another argument to 
> the expand_stack calls in the file.  Change it so it looks like:
> expand_stack(current, <previous args here>);
> 
> Unless the function in which expand_stack is called has a task_struct * 
> argument passed to it.  In that case, use whatever variable name that is 
> instead of current.
> 
Thanks!

With this change, grsec patched xenlinux 2.4.29 compiles OK.
But.. the resulting kernel doesn''t work. it crashes during boot. 

Well, it seems this needs more work & debugging..

-- Pasi Kärkkäinen
       
                                   ^
                                .     .
                                 Linux
                              /    -    \
                             Choice.of.the
                           .Next.Generation.


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xen-devel