On Jan 21, 2005, at 12:32, Gerrit Pape wrote:

>> One of the features of openwall is stack protection.  I'm getting this
>> when I try to boot into a 2.4.29 kernel with openwall hardening
>> enabled:
>>
>> Security: return onto stack from 0x0804812c to 0xbffffea0 running as
>> UID 0, EUID 0, process runit:1
>> Security more returns onto stack, logging disabled for a minute
>>
>> I can manage to make the kernel boot, but runit isn't running and it's
>> consuming 100% cpu in my vmware test machine.
>
> Hm, I don't know the openwall patch and what in runit.c could cause
> this.

I have a feeling it's the stack protection, but why is the trick 
question.

>> I'd like to be able to have both runit and this feature together; I
>> think it should be possible because the traditional init works with 
>> it.
>>  Any ideas on how to go about this?
>
> Did you link the runit program statically with the dietlibc?  If so, 
> you
> could try to compile it the same way as the working /sbin/init, to be
> sure it's not the compiler or libc causing the problem.

That's a good idea.  I did compile it statically with dietlibc.  I'll 
try without dietlibc and see what happens.  I haven't had a chance to 
dive back into it yet, but when I get a second I'll rebuild it and see 
if that clears it up.  If not, I'll recompile the kernel without the 
stack protection option enabled, just to make sure that it is what I 
think it is.

-- 
Annvix - Secure Linux Server: http://annvix.org/
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FEE30AD4 : 7F6C A60C 06C2 4811 FA1C  A2BC 2EBC 5E32 FEE3 0AD4}