[Bug 5759] glxgears killed on hardened system with DRI

Declan Moriarty junk_mail at iol.ie
Tue Feb 14 13:32:15 PST 2006

Recently, Somebody Somewhere wrote these words

The enclosed may be of interest to the list, as it seems to have
implications for the build of X

> https://bugs.freedesktop.org/show_bug.cgi?id=5759          
> ajax at nwnk.net changed:
>            What    |Removed                     |Added
> ------------------------------------------------------------------------
>              Status|NEW                         |RESOLVED
>          Resolution|                            |WONTFIX
> ------- Additional Comments From ajax at nwnk.net  2006-02-14 19:00 -------

> Hardened systems must use the generic 'linux-dri' profile when
> building Mesa instead of linux-dri-x86.  The asm optimizations
> enabled by the -x86 profile are probably prohibited by grsec.
> This has been discussed many times and won't be fixed unless a
> patch is provided that is both:
> - hardened-clean (for whatever that means this week)
> - an improvement in performance relative to linux-dri
> - ideally an improvement in performance relative to linux-dri-x86          

AFAICT, enabling all DRI options on an X build gives an x86 box 
linux-dri-x86 in Mesa. I am not the expert here.

I have not got dri to function without rebuilding Mesa after rebuilding 
X anyhow, although I don't know if it was 100% necessary.

paxctl -m /usr/bin/glxgears solved it locally here for me, and
glxgears compiled under hlfs works, as the pax flags have been 
modified on the binary.


	With best Regards,

	Declan Moriarty.

More information about the hlfs-dev mailing list