[rsbac] missing syscall on space
Jens Kasten
jens.kasten at kasten-edv.de
Mon Feb 19 20:18:45 CET 2018
Am 19.02.2018 19:51, schrieb Jens Kasten:
Btw.
cat /sys/devices/system/cpu/vulnerabilities/meltdown
Mitigation: PTI
cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
Mitigation: __user pointer sanitization
cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Mitigation: Full generic retpoline
gcc (Gentoo 7.3.0 p1.0) 7.3.0 with --enable-default-pie
--enable-default-ssp
> Yes this fixed the issue, thanks.
>
> In arch/arm/include/generated/uapi/asm/unistd-common.h there the
> "#define __NR_rsbac" can be deletet.
> Its already defined in arch/arm/include/uapi/asm/unistd.h.
>
> Am 19.02.2018 10:12, schrieb Amon Ott:
>> Am 18.02.2018 um 16:10 schrieb Jens Kasten:
>>> I got on latest linux-4.14.y this:
>>>
>>> cat /proc/rsbac-info/active
>>> Version: 1.5.2, API min: 1.4.0, API max: 1.5.0
>>> Mode: SOFTMODE
>>> Softmode: available
>>> Ind-Soft: available
>>> Switching off: available for FF AUTH CAP JAIL RES
>>> Switching on: available for FF AUTH CAP JAIL RES MPROTECT
>>> Module: FF on
>>> Module: AUTH on
>>> Module: CAP on
>>> Module: JAIL on
>>> Module: RES on
>>> Module: MPROTECT on
>>>
>>> but rsbac_version
>>> Error: Function not implemented
>>> Tools: 1.5.1, API: 1.4.10
>>> Kernel: 0.0.0, API min: 1.4.0, API max: 1.5.0
>>>
>>> The syscall on userspace is somehow missing on arm.
>>
>> Please pull --rebase and retry, just added the missing entry.
>>
>> Amon.
> _______________________________________________
> rsbac mailing list
> rsbac at rsbac.org
> http://www.rsbac.org/mailman/listinfo/rsbac
More information about the rsbac
mailing list