While compiling the kernel it complains about; grsecurity/grsec_sysctl.c:437: error: `grsec_enable_secure_kmem' undeclared here (not in a function) diff -u grsecurity/grsec_sysctl.c ../linux-2.6.4-hardened-r1/grsecurity/grsec_sysctl.c --- grsecurity/grsec_sysctl.c 2004-03-24 17:16:49.000000000 +0100 +++ ../linux-2.6.4-hardened-r1/grsecurity/grsec_sysctl.c 2004-03-24 17:10:32.000000000 +0100 @@ -26,7 +26,7 @@ GS_SOCKET_ALL, GS_SOCKET_ALL_GID, GS_SOCKET_CLIENT, GS_SOCKET_CLIENT_GID, GS_SOCKET_SERVER, GS_SOCKET_SERVER_GID, GS_TTY, GS_TTYS, GS_PTY, GS_GROUP, GS_GID, GS_ACHDIR, GS_AMOUNT, GS_AIPC, GS_DMSG, GS_RANDRPC, -GS_FINDTASK, GS_LOCK, GS_IO, GS_KMEM, GS_TEXTREL}; +GS_FINDTASK, GS_LOCK, GS_TEXTREL}; ctl_table grsecurity_table[] = { @@ -430,26 +430,6 @@ .proc_handler = &proc_dointvec, }, #endif -#ifdef CONFIG_GRKERNSEC_KMEM - { - .ctl_name = GS_KMEM, - .procname = "secure_kmem", - .data = &grsec_enable_secure_kmem, - .maxlen = sizeof(int), - .mode = 0600, - .proc_handler = &proc_dointvec, - }, -#endif -#ifdef CONFIG_GRKERNSEC_IO - { - .ctl_name = GS_IO, - .procname = "secure_io", - .data = &grsec_enable_secure_io, - .maxlen = sizeof(int), - .mode = 0600, - .proc_handler = &proc_dointvec, - }, -#endif #ifdef CONFIG_GRKERNSEC_AUDIT_TEXTREL { .ctl_name = GS_TEXTREL,
Masked -r2 for now, please use -r1 and report any issues. I am working on a new revision to solve this problem.
Is this still valid now that 2.6.5 is out?
2.6.4-r2 isn't even in portage anymore, either -r4 or 2.6.5 should be tested
This was valid 1 month ago when I reported the bug!
> This was valid 1 month ago when I reported the bug! I'm sure it was, but we're a month later, with several h-d-s releases since. Do you still have a problem? Please test.
I have been running a couple of the releases since without any problem. I will try the latest as soon as I find the time.
These features are fixed and merged into grsec, no longer valid.