[grsec] grsecurity 2.1.7 2.4.31/2.6.13 test patches
Jaakko Heinonen
jheinonen at users.sourceforge.net
Mon Sep 12 11:52:59 EDT 2005
Hi,
On 2005-09-10, Jaakko Heinonen wrote:
> On 2005-09-09, pageexec at freemail.hu wrote:
> > > Call Trace:<ffffffff8013333d>{__might_sleep+189}
> > > <ffffffff801781d2>{kmem_cache_alloc+34}
> > > <ffffffff802228d0>{gr_update_task_in_ip_table+352}
> >
> > the GFP_KERNEL under a spinlock is not a good idea indeed (i bet
Even the latest patch (grsecurity-2.1.7-2.6.13.1-200509102142.patch)
doesn't fix this.
Here's a patch that fixes the problem for me:
--- grsecurity/grsec_sock.c.orig 2005-09-12 18:46:10.000000000 +0300
+++ grsecurity/grsec_sock.c 2005-09-12 18:46:55.000000000 +0300
@@ -137,7 +137,7 @@
struct signal_struct *sig = task->signal;
struct conn_table_entry *newent;
- newent = kmalloc(GFP_KERNEL, sizeof(struct conn_table_entry));
+ newent = kmalloc(sizeof(struct conn_table_entry), GFP_ATOMIC);
if (newent == NULL)
return;
--
Jaakko
More information about the grsecurity
mailing list