Building and Installing the CryptoMark kernel module
You will need: a clean 2.2.18 kernel tree and the patch utility. Vendor modified
kernels (such as RedHat's) will probably be okay, as they mostly update drivers.
The process is as follows:
- untar the 2.2.18 tarball.
- cd into the linux directory.
- apply the combined Openwall and CryptoMark patch:
`patch -p1 < $PATH_TO_PATCH/cryptomark-openwall-2.2.18.diff'
- Configure the kernel. Both the Openwall and CryptoMark configuration
items are located in the Security section. It is not necessary to enable
the non-executable stack option if it is not desired. Answer 'y' to the CryptoMark
option. It works strictly as a module currently, even though that's not how
the configuration option is set. This will likely change in the future.
- Build and install your new kernel and modules, see the
Kernel HOWTO if necessary. Ensure that your includes are pointing at
the patched kernel, making /usr/src/linux a symlink to the patched
kernel tree works for most distributions. Make sure to update the boot loader
(lilo or whatever).
- Build the CryptoMark module:
- cd into the module directory from the expanded cryptomark
tarball and type
make
- If your <linux/*.h> include directory path
is not set up to point to the kernel that you just patched, run make with
the following option:
make INCLUDEDIR=$PATH_TO_KERNEL_INCLUDEDIR
- Install the CryptoMark module (cryptomark.o
) by running 'make install' as root. This will install the
module into the misc subdirectory of the module tree for the current
kernel pointed to by /usr/include/linux or the INCLUDEDIR
directory if you override it.
- Build the Immunix MD5 module:
- cd into the md5 directory from the expanded
cryptomark tarball and type
make
- If your <linux/*.h> include
directory path is not set up to point to the kernel that you just patched,
run make with the following option
make INCLUDEDIR=$PATH_TO_KERNEL_INCLUDEDIR
- Install the Immunix MD5 module (immunix-md5.o
) by running 'make install' as root. This will install the module
into the misc subdirectory of the module tree for the current kernel
pointed to by /usr/include/linux or the INCLUDEDIR directory
if you override it.
- Reboot into the new kernel.
- Load the CryptoMark module by running
modprobe cryptomark