[parisc-linux] parisc-linux.org kernel

Wed, 9 Apr 2003 09:54:36 +0200 (CEST)

hello from cold dark wet germany,

okay, after getting all the people together on one "desk", now here is the
essential question to Brad and his team:
when will we have a 2.5.* Patch for grsecurity?

background:
Alan Cox and Matthew Wilcox wouldn`t mind if someone tries to merge both
2.4.*.
but i don`t mind if it takes 2 months or more until we have a kernel.org
2.5 patch that
a) the grsec patch applies without hunks on unified 2.5 parisc source
b) parisc-linux.org is then mainstreamed in 2.5 and will discontinue
"split development"c) parisc-linux kernel _boots_ and _works_ and is _continued_ to be
developed in _MAINSTREAM_ not in parisc-linux.org CVS
i want that to happen anyway.  not just for grsec patches.
it is a sad joke that parisc-linux.org kernels are good and the kernel.org
parisc source is just a silly excuse for not having the parisc-linux.org
sources melt in.  sorry for that.
Grant Grundler said:
> On Tue, Apr 08, 2003 at 06:08:39PM +0100, Matthew Wilcox wrote:
>> bits and pieces are being merged from the parisc tree into marcelo's
>> tree, but it's just not worth fighting to get this stuff merged.

right, in this stadium i can "oversee" the necessary patches:

i strip the nonparisc, multiplatform support away with a perl script,
fiddle with about 3-4 hunks that have to be taken out because they already
exist in parisc source (for example latest ptrace kernel exploit), another
6-10 "look at it and try to intelligently put it into the slightly
different parisc source" and the rest is "make up" like double insertions,
typos and the like :-)
> If anyone is interested in "fighting" to merge the outstanding
> parisc linux changes, I can help a bit. I just don't have as much time
> these days...hopefully more this summer.

okay, i get you.

> To willy's credit, he's attempted to merge 2.4 parisc changes upstream
> at least twice but was torpedo'd both times.

i don`t want to know ;-)

>> we're mostly
>> merged for 2.5 and i'd rather spend my time working on that.

okay, this basically means to wait for a 2.5.* grsec patch and in the
meantime continue hacking in the grsec patches by hand, which is just what
i would prefer as the way to go for the next months.
> me too - I'd rather see you working on something you care about.
> I'm very happy to see you (and several others) taking good care of 2.5.
> And I think it's a bit much for anyone to do both - that's mostly why I
> *haven't* been doing much with 2.5.
>
> thanks,
> grant

with the help of the PaX team, yesterday i managed to get the 199f patch
going on my 712, with all GRKERNSEC* options enabled but just a little
PAGEEXEC "brute disabled routine" in binfmt_elf.c that inverses the
behaviour of chpax -p, i will get into that later today when i come home.
http://nikita.ath.cx/users/pappy/grsec/199f/parisc-linux-2.4.20-pa32-grsecurity-1.9.9f-parisc-only.patch
thanks for your support and that you are dealing with this issue so
friendly and open minded.

bye,

Alex