# gentoo hardened + Closed source driver

## kipibenkipod

Hi,

I'm running a hardened-sources kernel, and have a closed source module. 

Trying to use the driver, I get a crash of the module from PAX. 

Is there anything I can do to tell pax to ignore this module?

Thanks,

Kfir

----------

## Sven Vermeulen

You can't tell pax to ignore a module, but you can tell it to ignore a particular check it does. You can finetune any ELF binary with paxctl (or chpax).

Do you happen to know which check is causing the issue? Most of the time, it's mprotect (paxctl -m <bin> should fix that).

----------

## kipibenkipod

 *Sven Vermeulen wrote:*   

> You can't tell pax to ignore a module, but you can tell it to ignore a particular check it does. You can finetune any ELF binary with paxctl (or chpax).
> 
> Do you happen to know which check is causing the issue? Most of the time, it's mprotect (paxctl -m <bin> should fix that).

 

I have this:

my_prog using closed source library libxxx.so using closed source kernel module xxx.ko . 

I did the -m and when I'm able to run my_prog, I get a segmentation fault. 

Pid: 1494, comm: my_prog Tainted: P      D  

and then all the crash details...

I also applied -m on libxxx.so but it didn't help. 

Where should I go from here?

Regards,

Kfir

----------

## Suicidal

It is probably pax memory restrictions, what does dmesg say?

----------

