lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 9 Dec 2003 19:24:00 +0100 (CET)
From: Mariusz Woloszyn <emsi@...rtners.pl>
To: Pavel harry_x Palát <harry_x@...ylon5.cz>
Cc: bugtraq@...urityfocus.com
Subject: Re: Hot fix for do_brk bug


On Sat, 6 Dec 2003, Pavel harry_x Palát wrote:

> > It would be less intrusive to the kernel to supply a fixed do_brk()
> > and replace the do_brk with a jump to your version.
>
> I've written similar patch few days ago. The patch only modifies first
> instructions of do_brk() (it replaces them with jmp to function in LKM.
> It can be downloaded from http://wizard.ath.cx/fixbrk.tar.gz
>
> But beware, I wrote it in rush and it's pretty odly written :-) But it
> worked on my two servers (both were running 2.4.21 kernel with grsecurity
> patch).
>

Sometimes it might be valuable to patch your fixbrk.pl.
Your version does:

system("gcc -D__KERNEL__ -DMODULE -c -o _fixbrk.o fixbrk.c");

On some hosts, to compile this module you need to specify the path to
kernel header files. For example:

system("gcc -D__KERNEL__ -DMODULE -I/usr/src/linux/include -c -o _fixbrk.o
fixbrk.c");

Otherwise you might end up with something like:

/usr/include/asm/processor.h:56: error: `CONFIG_X86_L1_CACHE_SHIFT' undeclared here (not in a function)


Regards,

-- 
Mariusz Wołoszyn
Internet Security Specialist, GTS - Internet Partners

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ