-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/09/2006 12:40 AM, Boyd Waters wrote: | On a Gentoo system yesterday, after installing loop-aes-3.1c I received | the warning that the loop.ko module has an executable stack. I think that was the issue after all (PaX was set to enforce non executable stack in the kernel), I now have that kernel working - I had another .config on another machine with the hardened kernel that worked out, and so I used that .config, did a make oldconfig, set up the hardware, and the diff between the .config I posted and one that is now working is below: Cheers, - ---Venkat. 4c4 < # Thu Feb 9 11:19:00 2006 - --- | # Thu Feb 9 20:19:24 2006 121c121 < # CONFIG_PREEMPT_BKL is not set - --- | CONFIG_PREEMPT_BKL=y 140c140 < CONFIG_DCDBAS=m - --- | # CONFIG_DCDBAS is not set 177c177 < CONFIG_ACPI_BATTERY=y - --- | # CONFIG_ACPI_BATTERY is not set 179,180c179,180 < CONFIG_ACPI_VIDEO=y < # CONFIG_ACPI_HOTKEY is not set - --- | CONFIG_ACPI_VIDEO=m | CONFIG_ACPI_HOTKEY=m 185c185 < CONFIG_ACPI_IBM=y - --- | # CONFIG_ACPI_IBM is not set 228,229c228,229 < # CONFIG_X86_SPEEDSTEP_SMI is not set < # CONFIG_X86_P4_CLOCKMOD is not set - --- | CONFIG_X86_SPEEDSTEP_SMI=y | CONFIG_X86_P4_CLOCKMOD=y 251c251 < # CONFIG_PCIEPORTBUS is not set - --- | CONFIG_PCIEPORTBUS=y 288a289,290 | CONFIG_XFRM=y | # CONFIG_XFRM_USER is not set 307,308c309 < CONFIG_NET_IPGRE=m < CONFIG_NET_IPGRE_BROADCAST=y - --- | # CONFIG_NET_IPGRE is not set 315c316 < # CONFIG_INET_TUNNEL is not set - --- | CONFIG_INET_TUNNEL=y 328c329,331 < # CONFIG_NETFILTER_NETLINK is not set - --- | CONFIG_NETFILTER_NETLINK=m | CONFIG_NETFILTER_NETLINK_QUEUE=m | CONFIG_NETFILTER_NETLINK_LOG=m 343c346 < CONFIG_IP_NF_PPTP=m - --- | # CONFIG_IP_NF_PPTP is not set 360c363 < # CONFIG_IP_NF_MATCH_STEALTH is not set - --- | CONFIG_IP_NF_MATCH_STEALTH=m 368c371 < CONFIG_IP_NF_MATCH_DCCP=m - --- | # CONFIG_IP_NF_MATCH_DCCP is not set 386c389 < # CONFIG_IP_NF_NAT_SNMP_BASIC is not set - --- | CONFIG_IP_NF_NAT_SNMP_BASIC=m 391d393 < CONFIG_IP_NF_NAT_PPTP=m 399,400c401,402 < # CONFIG_IP_NF_TARGET_CONNMARK is not set < # CONFIG_IP_NF_TARGET_CLUSTERIP is not set - --- | CONFIG_IP_NF_TARGET_CONNMARK=m | CONFIG_IP_NF_TARGET_CLUSTERIP=m 403,405c405,407 < CONFIG_IP_NF_ARPTABLES=y < CONFIG_IP_NF_ARPFILTER=y < CONFIG_IP_NF_ARP_MANGLE=y - --- | CONFIG_IP_NF_ARPTABLES=m | CONFIG_IP_NF_ARPFILTER=m | CONFIG_IP_NF_ARP_MANGLE=m 451,454c453,459 < # CONFIG_NET_CLS_FW is not set < # CONFIG_NET_CLS_U32 is not set < # CONFIG_NET_CLS_RSVP is not set < # CONFIG_NET_CLS_RSVP6 is not set - --- | CONFIG_NET_CLS_FW=m | CONFIG_NET_CLS_U32=m | CONFIG_CLS_U32_PERF=y | CONFIG_NET_CLS_IND=y | CONFIG_CLS_U32_MARK=y | CONFIG_NET_CLS_RSVP=m | CONFIG_NET_CLS_RSVP6=m 456,457c461,468 < # CONFIG_NET_CLS_ACT is not set < # CONFIG_NET_CLS_POLICE is not set - --- | CONFIG_NET_CLS_ACT=y | CONFIG_NET_ACT_POLICE=m | CONFIG_NET_ACT_GACT=m | CONFIG_GACT_PROB=y | CONFIG_NET_ACT_MIRRED=m | CONFIG_NET_ACT_IPT=m | CONFIG_NET_ACT_PEDIT=m | # CONFIG_NET_ACT_SIMP is not set 492,498c503 < CONFIG_PARPORT=y < CONFIG_PARPORT_PC=y < # CONFIG_PARPORT_SERIAL is not set < # CONFIG_PARPORT_PC_FIFO is not set < # CONFIG_PARPORT_PC_SUPERIO is not set < # CONFIG_PARPORT_GSC is not set < # CONFIG_PARPORT_1284 is not set - --- | # CONFIG_PARPORT is not set 509c514 < # CONFIG_ISAPNP is not set - --- | CONFIG_ISAPNP=y 518d522 < # CONFIG_PARIDE is not set 528c532 < # CONFIG_BLK_DEV_RAM is not set - --- | CONFIG_BLK_DEV_RAM=y 529a534,535 | CONFIG_BLK_DEV_RAM_SIZE=4096 | CONFIG_BLK_DEV_INITRD=y 619c625 < # CONFIG_CHR_DEV_ST is not set - --- | CONFIG_CHR_DEV_ST=m 635c641 < # CONFIG_SCSI_SPI_ATTRS is not set - --- | CONFIG_SCSI_SPI_ATTRS=y 684,685d689 < # CONFIG_SCSI_PPA is not set < # CONFIG_SCSI_IMM is not set 688,690c692 < CONFIG_SCSI_IPR=m < # CONFIG_SCSI_IPR_TRACE is not set < # CONFIG_SCSI_IPR_DUMP is not set - --- | # CONFIG_SCSI_IPR is not set 737,738c739,740 < CONFIG_DM_MULTIPATH_EMC=y < CONFIG_BLK_DEV_DM_BBR=y - --- | # CONFIG_DM_MULTIPATH_EMC is not set | # CONFIG_BLK_DEV_DM_BBR is not set 852d853 < # CONFIG_NET_POCKET is not set 894d894 < # CONFIG_PLIP is not set 957d956 < # CONFIG_SERIO_PARKBD is not set 988,991d986 < CONFIG_PRINTER=y < # CONFIG_LP_CONSOLE is not set < # CONFIG_PPDEV is not set < # CONFIG_TIPAR is not set 1002c997 < # CONFIG_HW_RANDOM is not set - --- | CONFIG_HW_RANDOM=y 1198d1192 < # CONFIG_USB_USS720 is not set 1250,1254c1244,1245 < CONFIG_EXT2_FS_XATTR=y < CONFIG_EXT2_FS_POSIX_ACL=y < CONFIG_EXT2_FS_SECURITY=y < CONFIG_EXT2_FS_XIP=y < CONFIG_FS_XIP=y - --- | # CONFIG_EXT2_FS_XATTR is not set | # CONFIG_EXT2_FS_XIP is not set 1264,1265c1255,1257 < # CONFIG_REISERFS_PROC_INFO is not set < # CONFIG_REISERFS_FS_XATTR is not set - --- | CONFIG_REISERFS_PROC_INFO=y | CONFIG_REISERFS_FS_XATTR=y | CONFIG_REISERFS_FS_POSIX_ACL=y 1283c1275,1276 < # CONFIG_ZISOFS is not set - --- | CONFIG_ZISOFS=y | CONFIG_ZISOFS_FS=y 1290,1294c1283,1284 < CONFIG_FAT_FS=y < CONFIG_MSDOS_FS=y < CONFIG_VFAT_FS=y < CONFIG_FAT_DEFAULT_CODEPAGE=437 < CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" - --- | # CONFIG_MSDOS_FS is not set | # CONFIG_VFAT_FS is not set 1329,1341c1319,1320 < CONFIG_NFS_FS=y < # CONFIG_NFS_V3 is not set < # CONFIG_NFS_V4 is not set < # CONFIG_NFS_DIRECTIO is not set < CONFIG_NFSD=y < # CONFIG_NFSD_V3 is not set < CONFIG_NFSD_TCP=y < CONFIG_LOCKD=y < CONFIG_EXPORTFS=y < CONFIG_NFS_COMMON=y < CONFIG_SUNRPC=y < # CONFIG_RPCSEC_GSS_KRB5 is not set < # CONFIG_RPCSEC_GSS_SPKM3 is not set - --- | # CONFIG_NFS_FS is not set | # CONFIG_NFSD is not set 1429,1430c1408,1409 < CONFIG_PAX_EI_PAX=y < CONFIG_PAX_PT_PAX_FLAGS=y - --- | # CONFIG_PAX_EI_PAX is not set | # CONFIG_PAX_PT_PAX_FLAGS is not set 1445,1446c1424,1425 < CONFIG_PAX_NOELFRELOCS=y < CONFIG_PAX_KERNEXEC=y - --- | # CONFIG_PAX_NOELFRELOCS is not set | # CONFIG_PAX_KERNEXEC is not set 1471c1450 < CONFIG_GRKERNSEC_PROC_MEMMAP=y - --- | # CONFIG_GRKERNSEC_PROC_MEMMAP is not set 1473c1452 < CONFIG_GRKERNSEC_MODSTOP=y - --- | # CONFIG_GRKERNSEC_MODSTOP is not set 1479c1458 < # CONFIG_GRKERNSEC_ACL_HIDEKERN is not set - --- | CONFIG_GRKERNSEC_ACL_HIDEKERN=y 1518,1519c1497,1498 < # CONFIG_GRKERNSEC_TIME is not set < # CONFIG_GRKERNSEC_PROC_IPADDR is not set - --- | CONFIG_GRKERNSEC_TIME=y | CONFIG_GRKERNSEC_PROC_IPADDR=y 1525c1504 < CONFIG_GRKERNSEC_EXECVE=y - --- | # CONFIG_GRKERNSEC_EXECVE is not set 1536,1539c1515 < CONFIG_GRKERNSEC_SOCKET=y < # CONFIG_GRKERNSEC_SOCKET_ALL is not set < # CONFIG_GRKERNSEC_SOCKET_CLIENT is not set < # CONFIG_GRKERNSEC_SOCKET_SERVER is not set - --- | # CONFIG_GRKERNSEC_SOCKET is not set 1552c1528,1529 < # CONFIG_KEYS is not set - --- | CONFIG_KEYS=y | CONFIG_KEYS_DEBUG_PROC_KEYS=y 1555c1532 < # CONFIG_SECURITY_CAPABILITIES is not set - --- | CONFIG_SECURITY_CAPABILITIES=y 1565c1542 < CONFIG_CRYPTO_NULL=m - --- | # CONFIG_CRYPTO_NULL is not set 1592,1593c1569 < CONFIG_CRYPTO_DEV_PADLOCK=m < CONFIG_CRYPTO_DEV_PADLOCK_AES=y - --- | # CONFIG_CRYPTO_DEV_PADLOCK is not set 1599c1575 < CONFIG_CRC16=m - --- | # CONFIG_CRC16 is not set 1602c1578 < CONFIG_ZLIB_INFLATE=m - --- | CONFIG_ZLIB_INFLATE=y - -- http://rayservers.com/ 607-546-7300 PGP/GPG: https://rayservers.com/keys/0x12430522.asc Skype: rayservers GDCA: http://www.gdcaonline.org/members/rayservers.htm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFD60D/WdkW/RJDBSIRAlKBAJ0ZBFKesVzLJ3KoNiqEGf5rOWiuLgCeOP8/ W+IShdL2dZ2WvW4qtX/HaDc= =uKGj -----END PGP SIGNATURE----- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
