[gentoo-hardened] hardened & ati-drivers

[gentoo-hardened] hardened & ati-drivers

[Alex Efros]

[-- Attachment #1: Type: text/plain, Size: 910 bytes --]

Hi!

Am I right what only way to have TV-out working on my Radeon 9800 Pro is:

    gcc-config 5 && source /etc/profile		# switch to vanilla gcc
    cd /usr/src/linux && make && ...		# recompile 2.6.11-hardened-r13
						# with vanilla gcc (agpgart
						# should be enabled, dri
						# disabled)
    USE="-dlloader -hardened" emerge xorg-x11
    paxctl -pemrxs /usr/bin/X
    emerge ati-drivers
    gcc-config 1

As far as I understand this way Xorg will not be protected by PaX, PIE
and SSP, ati-drivers and kernel will not be protected by PIE and SSP.
Everything else, including all other X-clients, will be protected by PaX,
PIE and SSP.

I got TV-out working this way yesterday, but I dislike switching to
vanilla-gcc for these three because I must remember to continue
switching between hardened/vanilla gcc each time xorg-x11, ati-drivers
or kernel will be upgraded/recompiled... :(

-- 
			WBR, Alex.

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-hardened] hardened & ati-drivers

[pageexec]

> I got TV-out working this way yesterday, but I dislike switching to
> vanilla-gcc for these three because I must remember to continue
> switching between hardened/vanilla gcc each time xorg-x11, ati-drivers
> or kernel will be upgraded/recompiled... :(

why don't you describe the failure in more details instead? without
having any specific info it's kinda hard to tell why a hardened xorg
and tv-out fail.

-- 
gentoo-hardened@gentoo.org mailing list

Re: [OBORONA-SPAM] Re: [gentoo-hardened] hardened & ati-drivers

[Alex Efros]

Hi!

On Fri, Jun 03, 2005 at 12:37:09PM +0100, pageexec@freemail.hu wrote:
> why don't you describe the failure in more details instead? without
> having any specific info it's kinda hard to tell why a hardened xorg
> and tv-out fail.

Because I think this issue is well-know. Here is a quote from
http://www.gentoo.org/proj/en/hardened/hardenedxorg.xml :

    Binary Drivers

    This is a known issue that can only be resolved by upstream vendors.
    Most notably, neither the binary Nvidia nor ATI drivers work currently
    with the dlloader.

-- 
			WBR, Alex.
-- 
gentoo-hardened@gentoo.org mailing list

Re: [OBORONA-SPAM] Re: [gentoo-hardened] hardened & ati-drivers

[pageexec]

On 3 Jun 2005 at 19:41, Alex Efros wrote:
> Because I think this issue is well-know. Here is a quote from
> http://www.gentoo.org/proj/en/hardened/hardenedxorg.xml :
> 
>     Binary Drivers
> 
>     This is a known issue that can only be resolved by upstream vendors.
>     Most notably, neither the binary Nvidia nor ATI drivers work currently
>     with the dlloader.

ok, so the 'details' i was asking for is the dlloader and the
.so drivers (or lack thereof, rather)? in that case you could
try linking the binary .o driver into a .so and see if it works.
something like 'ld -shared driver.o -o driver.so'. if that
complains about missing symbols, you will have to add -lxxx to
the ld command line until all symbols are resolved (xxx is a
library that provides the missing symbols, most likely some
other xorg driver, nm/readelf can help in tracking them down).
note that even if you get a working driver this way, it will
most likely have textrelocs (from past experience at least,
maybe these days vendors have more clue and compile their code
as PIC).

-- 
gentoo-hardened@gentoo.org mailing list