Debian Bug report logs - #210762
kernel-patch-2.4-grsecurity: does not apply cleanly to kernel-source-2.4.22

version graph

Package: kernel-patch-2.4-grsecurity; Maintainer for kernel-patch-2.4-grsecurity is (unknown);

Reported by: "Martin-Éric Racine" <q-funk@pp.fishpool.fi>

Date: Sat, 13 Sep 2003 13:48:01 UTC

Severity: wishlist

Tags: confirmed, help, wontfix

Found in version 1.9.12-1

Done: "Martin-�ric Racine" <q-funk@pp.fishpool.fi>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, madduck@debian.org (martin f. krafft):
Bug#210762; Package kernel-patch-2.4-grsecurity. Full text and rfc822 format available.

Acknowledgement sent to "Martin-�ric Racine" <q-funk@pp.fishpool.fi>:
New Bug report received and forwarded. Copy sent to madduck@debian.org (martin f. krafft). Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: "Martin-Éric Racine" <q-funk@pp.fishpool.fi>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: kernel-patch-2.4-grsecurity: does not apply cleanly to kernel-source-2.4.22
Date: Sat, 13 Sep 2003 16:39:54 +0300
Package: kernel-patch-2.4-grsecurity
Version: 1.9.12-1
Severity: grave
Justification: renders package unusable

<root@share:/usr/src/kernel-source-2.4.22># /usr/src/kernel-patches/all/apply/grsecurity-2-4
Testing whether "Greater Security for Linux 2.4.x" patch for 2.4.22 applies (dry run):
1 out of 2 hunks FAILED -- saving rejects to file fs/proc/proc_misc.c.rej
1 out of 1 hunk FAILED -- saving rejects to file fs/proc/proc_tty.c.rej
1 out of 2 hunks FAILED -- saving rejects to file net/ipv4/ip_output.c.rej
2 out of 6 hunks FAILED -- saving rejects to file net/ipv4/tcp_ipv4.c.rej
1 out of 6 hunks FAILED -- saving rejects to file net/ipv4/udp.c.rej
"Greater Security for Linux 2.4.x" patch for 2.4.22 does not apply cleanly
<root@share:/usr/src/kernel-source-2.4.22># 


-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux share 2.4.19 #2 la elo    2 15:49:21 EEST 2003 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages kernel-patch-2.4-grsecurity depends on:
ii  bash                          2.05b-8.1  The GNU Bourne Again SHell
ii  grep-dctrl                    1.11       Grep Debian package information
ii  kernel-patch-scripts          0.99.27    Scripts to help dealing with packa
ii  patch                         2.5.9-1    Apply a diff file to an original

-- no debconf information




Information forwarded to debian-bugs-dist@lists.debian.org, madduck@debian.org (martin f. krafft):
Bug#210762; Package kernel-patch-2.4-grsecurity. Full text and rfc822 format available.

Acknowledgement sent to Martin-Éric Racine <q-funk@pp.fishpool.fi>:
Extra info received and forwarded to list. Copy sent to madduck@debian.org (martin f. krafft). Full text and rfc822 format available.

Message #10 received at 210762@bugs.debian.org (full text, mbox):

From: Martin-Éric Racine <q-funk@pp.fishpool.fi>
To: 210762@bugs.debian.org
Subject: but http://www.grsecurity.org/grsecurity-1.9.12-2.4.22.patch works!
Date: Sat, 13 Sep 2003 17:44:13 +0300 (EEST)
It should be mentionned that grsecurity-1.9.12-2.4.22.patch applies as such and
WORKS, while the one by Debian not only has a bunch of rejects, but also fails
to work completely, e.g. I don't even get GRSecurity menu in menuconfig with the
Debian package, but I get it with the above patch directly from grsecurity.org!

-- 
Martin-Éric Racine
http://www.pp.fishpool.fi/~q-funk/




Information forwarded to debian-bugs-dist@lists.debian.org, madduck@debian.org (martin f. krafft):
Bug#210762; Package kernel-patch-2.4-grsecurity. Full text and rfc822 format available.

Acknowledgement sent to martin f krafft <madduck@debian.org>:
Extra info received and forwarded to list. Copy sent to madduck@debian.org (martin f. krafft). Full text and rfc822 format available.

Message #15 received at 210762@bugs.debian.org (full text, mbox):

From: martin f krafft <madduck@debian.org>
To: Martin-Éric Racine <q-funk@pp.fishpool.fi>, 210762@bugs.debian.org
Subject: Re: Bug#210762: but http://www.grsecurity.org/grsecurity-1.9.12-2.4.22.patch works!
Date: Sat, 13 Sep 2003 20:48:21 +0200
[Message part 1 (text/plain, inline)]
also sprach Martin-Éric Racine <q-funk@pp.fishpool.fi> [2003.09.13.1644 +0200]:
> It should be mentionned that grsecurity-1.9.12-2.4.22.patch
> applies as such and WORKS, while the one by Debian not only has
> a bunch of rejects, but also fails to work completely, e.g.
> I don't even get GRSecurity menu in menuconfig with the Debian
> package, but I get it with the above patch directly from
> grsecurity.org!

Are you applying that patch to the Debian kernel source?

-- 
Please do not CC me when replying to lists; I read them!
 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
 
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, madduck@debian.org (martin f. krafft):
Bug#210762; Package kernel-patch-2.4-grsecurity. Full text and rfc822 format available.

Acknowledgement sent to Martin-Éric Racine <q-funk@pp.fishpool.fi>:
Extra info received and forwarded to list. Copy sent to madduck@debian.org (martin f. krafft). Full text and rfc822 format available.

Message #20 received at 210762@bugs.debian.org (full text, mbox):

From: Martin-Éric Racine <q-funk@pp.fishpool.fi>
To: martin f krafft <madduck@debian.org>
Cc: 210762@bugs.debian.org
Subject: Re: Bug#210762: but http://www.grsecurity.org/grsecurity-1.9.12-2.4.22.patch works!
Date: Sat, 13 Sep 2003 22:07:15 +0300 (EEST)
On Sat, 13 Sep 2003, martin f krafft wrote:

> also sprach Martin-Éric Racine <q-funk@pp.fishpool.fi> [2003.09.13.1644 +0200]:
> > It should be mentionned that grsecurity-1.9.12-2.4.22.patch
> > applies as such and WORKS, while the one by Debian not only has
> > a bunch of rejects, but also fails to work completely, e.g.
> > I don't even get GRSecurity menu in menuconfig with the Debian
> > package, but I get it with the above patch directly from
> > grsecurity.org!
> 
> Are you applying that patch to the Debian kernel source?

Yes.

However, the compilation fails about half-way, as it turns out.  

I guess that the main problem with the Debian kernel-source-2.4.22 package is
that it has more in common with a 2.5 kernel than with the original 2.4.22
tarball.  This makes it very difficult to apply any patch at all!  IMHO, the
kernel-source maintainer should stop backporting so many things that make the
Debian package almost completely incompatible with the vanilla kernel.

-- 
Martin-Éric Racine
http://www.pp.fishpool.fi/~q-funk/




Information forwarded to debian-bugs-dist@lists.debian.org, madduck@debian.org (martin f. krafft):
Bug#210762; Package kernel-patch-2.4-grsecurity. Full text and rfc822 format available.

Acknowledgement sent to martin f krafft <madduck@debian.org>:
Extra info received and forwarded to list. Copy sent to madduck@debian.org (martin f. krafft). Full text and rfc822 format available.

Message #25 received at 210762@bugs.debian.org (full text, mbox):

From: martin f krafft <madduck@debian.org>
To: Martin-Éric Racine <q-funk@pp.fishpool.fi>
Cc: 210762@bugs.debian.org
Subject: Re: Bug#210762: but http://www.grsecurity.org/grsecurity-1.9.12-2.4.22.patch works!
Date: Sat, 13 Sep 2003 21:29:58 +0200
[Message part 1 (text/plain, inline)]
also sprach Martin-Éric Racine <q-funk@pp.fishpool.fi> [2003.09.13.2107 +0200]:
> However, the compilation fails about half-way, as it turns out.  

Unless you tell me what's going wrong, I can't do anything about it.

> I guess that the main problem with the Debian kernel-source-2.4.22
> package is that it has more in common with a 2.5 kernel than with
> the original 2.4.22 tarball.  This makes it very difficult to
> apply any patch at all!  IMHO, the kernel-source maintainer should
> stop backporting so many things that make the Debian package
> almost completely incompatible with the vanilla kernel.

So file a bug against the kernel.

-- 
Please do not CC me when replying to lists; I read them!
 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
 
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, madduck@debian.org (martin f. krafft):
Bug#210762; Package kernel-patch-2.4-grsecurity. Full text and rfc822 format available.

Acknowledgement sent to cavok@filibusta.crema.unimi.it (Domenico Andreoli):
Extra info received and forwarded to list. Copy sent to madduck@debian.org (martin f. krafft). Full text and rfc822 format available.

Message #30 received at 210762@bugs.debian.org (full text, mbox):

From: cavok@filibusta.crema.unimi.it (Domenico Andreoli)
To: 194225@bugs.debian.org, 199519@bugs.debian.org, 210762@bugs.debian.org
Cc: debian-devel@lists.debian.org
Subject: kernel-patch-2.4-grsecurity: does not apply cleanly to kernel-source-2.4.20, 2.4.21 and 2.4.22
Date: Fri, 19 Sep 2003 04:44:07 +0200
hi martin,

i want to inform you that these bugs about grsecurity patch not applying
correctly to kernel-source-2.4.2x are all easily reproducible.

it suffices to install the kernel package and your grsecurity patch
and try to compile the kernel.

BTW i mostly converted the grsecurity patch for 2.4.22 (see bug #211213),
it was quite easy. with some (little) help from kernel maintainer i'm
sure it is possible to perform a full conversion. actually my patch
breaks randomization of IP IDs.

looking to other packaged patches, it seems possible to make two distinct
patches for both vanilla and debian kernel. this way you can support
both kind of kernel users.

IMHO your way to manage with these bug reports is insufficient, it
reminds me a ostrich with its head in the sand. sorry.

ciao
domenico

-----[ Domenico Andreoli, aka cavok
 --[ http://filibusta.crema.unimi.it/~cavok/gpgkey.asc
   ---[ 3A0F 2F80 F79C 678A 8936  4FEE 0677 9033 A20E BC50



Tags added: wontfix, help, confirmed Request was from madduck@piper.madduck.net (Martin F. Krafft) to control@bugs.debian.org. Full text and rfc822 format available.

Severity set to `wishlist'. Request was from madduck@piper.madduck.net (Martin F. Krafft) to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, madduck@debian.org (martin f. krafft):
Bug#210762; Package kernel-patch-2.4-grsecurity. Full text and rfc822 format available.

Acknowledgement sent to martin f krafft <madduck@debian.org>:
Extra info received and forwarded to list. Copy sent to madduck@debian.org (martin f. krafft). Full text and rfc822 format available.

Message #39 received at 210762@bugs.debian.org (full text, mbox):

From: martin f krafft <madduck@debian.org>
To: undisclosed-recipients: ;
Subject: grsecurity bugs
Date: Sun, 21 Sep 2003 14:01:29 +0200
[Message part 1 (text/plain, inline)]
I have uploaded a new version of grsecurity. However, it won't
support Debian kernels 2.4.20 and up. README.2.4.2x in the package
will tell you why. In addition:

  http://lists.debian.org/debian-devel/2003/debian-devel-200309/msg01133.html

I am sorry if this inconveniences you. I don't have a choice, not
only because I can't afford to put more time into this, but also
because I am not going to remove functionality from grsecurity,
which would be required to cater for the Debian kernels.

Please complain to the kernel maintainer(s) if you don't like this.
Or just use a vanilla kernel source tree.

-- 
Please do not CC me when replying to lists; I read them!
 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
 
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, madduck@debian.org (martin f. krafft):
Bug#210762; Package kernel-patch-2.4-grsecurity. Full text and rfc822 format available.

Acknowledgement sent to martin f krafft <madduck@debian.org>:
Extra info received and forwarded to list. Copy sent to madduck@debian.org (martin f. krafft). Full text and rfc822 format available.

Message #44 received at 210762@bugs.debian.org (full text, mbox):

From: martin f krafft <madduck@debian.org>
To: Martin-Éric Racine <q-funk@pp.fishpool.fi>, 210762@bugs.debian.org
Subject: Re: Bug#210762: but http://www.grsecurity.org/grsecurity-1.9.12-2.4.22.patch works!
Date: Sun, 21 Sep 2003 14:02:40 +0200
[Message part 1 (text/plain, inline)]
also sprach Martin-?ric Racine <q-funk@pp.fishpool.fi> [2003.09.13.1644 +0200]:
> It should be mentionned that grsecurity-1.9.12-2.4.22.patch
> applies as such and WORKS, while the one by Debian not only has
> a bunch of rejects, but also fails to work completely, e.g.
> I don't even get GRSecurity menu in menuconfig with the Debian
> package, but I get it with the above patch directly from
> grsecurity.org!

What do you mean with WORKS? It applies to the vanilla source tree,
right? Just not the Debian source tree...

-- 
Please do not CC me when replying to lists; I read them!
 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
 
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
[Message part 2 (application/pgp-signature, inline)]

Reply sent to "Martin-�ric Racine" <q-funk@pp.fishpool.fi>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to "Martin-�ric Racine" <q-funk@pp.fishpool.fi>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #49 received at 210762-done@bugs.debian.org (full text, mbox):

From: "Martin-Ãric Racine" <q-funk@pp.fishpool.fi>
To: 210762-done@bugs.debian.org
Subject: Patch can only be applied to vanilla kernel, understood, thanks
Date: Sat, 17 Apr 2004 15:11:56 +0300
Martin-Éric Racine, ICT Consultant
http://www.pp.fishpool.fi/~q-funk/



Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 20:55:55 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.