|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xen-users] Xen with Grsecurity
Applying Brad's patch directly to the kernel doesn't work, since Xen then overwrites several of the patched files with it's own versions. I'm working on porting Brad's patch to Xen. Currently only X86-64 paravirutualized guests work. i386 still needs a little work before it will boot. I have a thread on the grsecurity forums that links to the patches as well as instructions on applying them. The grsec forums seem to be down right now. Let me know if you try to use this and if you have any luck. Also, if you do use x86_64 and try this out, please get the paxtest suite from the PAX team homepage and mail me the output of "paxtest blackhat". It's all development, so don't use it in production anywhere! Good luck -----Original Message----- From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Ugo PARSI Sent: Thursday, June 29, 2006 4:06 PM To: xen-users@xxxxxxxxxxxxxxxxxxx Subject: [Xen-users] Xen with Grsecurity Hello, Has someone ever tried matching Xen and Grsecurity ? It's a security patch for the linux kernel that I really appreciate... I could try to apply it on the Xen kernel, but I'm kinda scared that it could break a few things. Especially since Xen (in para-virtualization mode at least) is doing stuff with the memory / MMU and Grsecurity as far as I know is also doing stuff on the memory... So I don't know if it's 'safe' to use... Any feedback would be greatly appreciated :) Thanks a lot, Ugo PARSI -- An apple a day, keeps the doctor away _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |