> It would be less intrusive to the kernel to supply a fixed do_brk()
> and replace the do_brk with a jump to your version.
I've written similar patch few days ago. The patch only modifies first
instructions of do_brk() (it replaces them with jmp to function in LKM.
It can be downloaded from http://wizard.ath.cx/fixbrk.tar.gz
But beware, I wrote it in rush and it's pretty odly written :-) But it
worked on my two servers (both were running 2.4.21 kernel with grsecurity
patch).
Greetings
Pavel Palát
--
Pavel "harry_x" Palát
harry_x (at) babylon5 (dot) cz [email concealed]
irc: #mistral.cz on IRCnet
The only way of finding the limits to the possible is by going beyond them to the impossible
Arthur C. Clark
> and replace the do_brk with a jump to your version.
I've written similar patch few days ago. The patch only modifies first
instructions of do_brk() (it replaces them with jmp to function in LKM.
It can be downloaded from http://wizard.ath.cx/fixbrk.tar.gz
But beware, I wrote it in rush and it's pretty odly written :-) But it
worked on my two servers (both were running 2.4.21 kernel with grsecurity
patch).
Greetings
Pavel Palát
--
Pavel "harry_x" Palát
harry_x (at) babylon5 (dot) cz [email concealed]
irc: #mistral.cz on IRCnet
The only way of finding the limits to the possible is by going beyond them to the impossible
Arthur C. Clark
[ reply ]