Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
Suspicious error messages started to show up yesterday, while I gave a try to the latest hardened gentoo kernel (2.6.21-hardened). The machine is an IBM ThinkPad R50e. I'm using the hardened profile with pie-ssp enabled. The first instance of the error showed up just right after the grsec system was enabled. The second one appeared a few seconds later. I decided to reboot with the last stable kernel to avoid any possible data corruption. The rest of the error messages were generated during the shutdown process. Please see attached kern.log, pax.log log, kernel config and dmesg. I hope that the information will help to trace back and eliminate this problem. I can provide more information upon request. Reproducible: Always Steps to Reproduce: Actual Results: May 4 19:19:40 hostname PAX: suspicious general protection fault: 0000 [#1] May 4 19:19:40 hostname Modules linked in: hdaps eeprom sn9c102 i915 drm tulip capability commoncap yenta_socket rsrc_nonstatic i2c_i801 ipw2200 May 4 19:19:40 hostname CPU: 0 May 4 19:19:40 hostname EIP: 0060:[<001815b0>] Not tainted VLI May 4 19:19:40 hostname EFLAGS: 00010203 (2.6.21-hardened #2) May 4 19:19:40 hostname EIP is at gr_handle_sysctl+0x70/0x3a0 May 4 19:19:40 hostname eax: 00000002 ebx: 00000000 ecx: 00000006 edx: ffffffff May 4 19:19:40 hostname esi: 00000000 edi: c087da02 ebp: 0000000f esp: e809fe60 May 4 19:19:40 hostname ds: 0068 es: 0068 fs: 00d8 gs: 0033 ss: 0068 May 4 19:19:40 hostname Process touch (pid: 7087, ti=e809e000 task=ee06ca90 task.ti=e809e000) May 4 19:19:40 hostname Stack: 4b09d750 c169cec0 e5f2a274 00000000 eef2b3e4 00051e85 c10066a0 00000000 May 4 19:19:40 hostname 00000000 00000000 ab12f3b0 00000001 eef2b3e4 00000002 ef23ab58 ef17f000 May 4 19:19:40 hostname c10063d8 0005233d e5f2a274 c169e100 e26c04bc 0002f388 ee2293c0 e5f2a4bc May 4 19:19:40 hostname Call Trace: May 4 19:19:40 hostname ======================= May 4 19:19:40 hostname Code: 83 c8 04 89 5c 24 2c 85 c9 8b 5c 24 40 0f 44 44 24 2c 81 fb c0 4a 00 c1 89 44 24 2c 74 37 31 f6 ba ff ff ff ff 8d b6 00 00 00 00 <8b> 7b 04 89 d1 89 f0 f2 ae f7 d1 49 8d 44 0d 01 0f b7 e8 8b 44 May 4 19:19:40 hostname EIP: [<001815b0>] gr_handle_sysctl+0x70/0x3a0 SS:ESP 0068:e809fe60 Portage 2.1.2.2 (hardened/x86/2.6, gcc-3.4.6, glibc-2.3.6-r5, 2.6.20-hardened-r2 i686) ================================================================= System uname: 2.6.20-hardened-r2 i686 Intel(R) Celeron(R) M processor 1.40GHz Gentoo Base System release 1.12.9 Timestamp of tree: Sat, 05 May 2007 17:29:01 +0000 ccache version 2.4 [disabled] dev-java/java-config: 1.3.7, 2.0.31-r5 dev-lang/python: 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r7 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.60 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=i686 -mtune=pentium-m -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-O2 -march=i686 -mtune=pentium-m -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig distlocks metadata-transfer sandbox sfperms strict" GENTOO_MIRRORS="http://gentoo.inf.elte.hu/ http://gentoo.inode.at/" LANG="hu_HU" LC_ALL="hu_HU" LINGUAS="hu en" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="7zip X X509 Xaw3d a52 aac aalib acl acpi aiglx alsa amr aotuv apache2 asf audiofile bash-completion bcmath bdf berkdb bidi binfilter bitmap-fonts bittorrent blas bluetooth branding browserplugin bzip2 cairo caps cdda cddb cdparanoia cdr cdrom chardet checkpath cli crypt css cups curl d dba dbm dbus dga dhcp discard-path divx divx4linux djbfft djvu dlloader dmi dri dts dv dvd dvdnav dvdr dvdread dvi eds encode evo exif expat extensions fam fame ffmpeg fftw finger firefox flac flash flatfile fontconfig foomaticdb force-cgi-redirect fortran fpx ftp gd gdl gif gimp gimpprint gmedia gmp gnet gnome gopher gphoto2 gpm graphviz gs gsm gstreamer gtk gtk2 gtkhtml hal hardened hub i8x0 iconv idea idn imagemagick imap imlib irda jabber java javascript jingle jpeg jpeg2k ladspa lapack latin1 lcms libburn libcaca libnotify libplot lm_sensors log4j logitech-mouse lzo lzw mad matroska mbox mcal md5sum memlimit midi mikmod mjpeg mmap mmx mng mode-owner motif mozbranding mozcalendar mp2 mp3 mp4 mpeg musepack mysql mysqli nautilus ncurses network nls nopop3d nsplugin ntfs oav ofx ogg oggvorbis onaccess openexr opengl pam pam_chroot pam_console pam_timestamp pango pccts pcmcia pda pdf pear perl php pic plotutils png pnm posix ppds python quicktime quotas rar rc5 readline real realmedia reiserfs remote rle rtc samba sasl scanner scenarios screen sdl sensord session sftplogging sharedext sharedmem sid skins slang smp sms sndfile soap sockets sound speex spell spf srt sse sse2 ssl svg syslog sysvipc t1lib tagwriting tcl tcltk tcpd tetex tga theora tiff timidity tk tlen tokenizer toolbar tools totem transcode truetype truetype-fonts type1-fonts udev underscores unicode urandom usb userlocales v4l v4l2 vcd vidix virus-scan visualization vlm vorbis webdav wifi win32codecs wma wmf wmp wxwindows x264 x86 xattr xforms xine xml xml2 xmlrpc xorg xpm xsl xv xvid yahoo zip zlib zvbi" ALSA_CARDS="intel8x0" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="hu en" USERLAND="GNU" VIDEO_CARDS="i810 i830 v4l" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Created an attachment (id=118284) [details] kern.log showing the symptoms kern.log showing the symptoms
Created an attachment (id=118285) [details] pax.log pax.log
(From update of attachment 118284 [details]) kern.log
Created an attachment (id=118286) [details] dmesg dmesg
Created an attachment (id=118288) [details] config config
http://forums.grsecurity.net/viewtopic.php?t=1723
(In reply to comment #6) > http://forums.grsecurity.net/viewtopic.php?t=1723 According to Brad in http://forums.grsecurity.net/viewtopic.php?t=1722, it should be fixed w/ his latest snapshot (that being 200705041939). I'm currently committing the necessary changes for 2.6.21 and they should be on your favorite gentoo-portage mirror in about an hour. Just remerge hardened-sources and this problem should be fixed.
did you also fix the GRSECURITY/GRKERNSEC mixup?
*** Bug 177387 has been marked as a duplicate of this bug. ***
(In reply to comment #8) > did you also fix the GRSECURITY/GRKERNSEC mixup? > Can you give a short hint on this one? Just to avoid spending my time unecessary on an erroneus version. Dw.
(In reply to comment #10) > (In reply to comment #8) > > did you also fix the GRSECURITY/GRKERNSEC mixup? > > > > Can you give a short hint on this one? Just to avoid spending my time > unecessary on an erroneus version. http://forums.grsecurity.net/viewtopic.php?t=1719&start=15
Should be fixed now.
