Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 200557 - hardened-sources-2.6.23-r1 weird proc/cmdline issue
Summary: hardened-sources-2.6.23-r1 weird proc/cmdline issue
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Hardened (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: The Gentoo Linux Hardened Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-11-27 22:03 UTC by barthek
Modified: 2008-02-13 17:42 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description barthek 2007-11-27 22:03:01 UTC 
barthek



Joined: 27 Nov 2007
Posts: 1

	
PostPosted: Tue Nov 27, 2007 9:08 pm    Post subject: kernel 2.6.23 really weird proc/cmdline issue 	Reply with quote Edit/Delete this post Delete this post
Hi,

I'm running gentoo's 2.6.23-hardened-r1 with grsec patches.
Only some features of the grsec/pax are enabled.

Recently I've started to get this problem - - machine seems to be running fine, but:
- i/o load is extremely high - vmstat shows 99 all the time
- proc utilities (ps,top etc) stop working

strace of ps/top shows this:

stat64("/proc/9463", {st_mode=S_IFDIR|0550, st_size=0, ...}) = 0
open("/proc/9463/stat", O_RDONLY) = 6
read(6, "9463 (httpd) D 1 5407 5407 0 -1 "..., 1023) = 151
close(6) = 0
open("/proc/9463/status", O_RDONLY) = 6
read(6, "Name:\thttpd\nState:\tD (disk sleep"..., 1023) = 655
close(6) = 0
open("/proc/9463/cmdline", O_RDONLY) = 6
read(6,

and thats it. it just waits there.

killing httpd process with -9 does not make any change. hard button reset is required.

any idea to whats causing this ? I havent experienced that before moving to 2.6.23.

additional note: this httpd process is run within a chroot environment.

emerge info:
Portage 2.1.3.19 (hardened/x86/2.6, gcc-3.4.6, glibc-2.6.1-r0, 2.6.23-hardened-r1 i686)
=================================================================
System uname: 2.6.23-hardened-r1 i686 Pentium II (Deschutes)
Timestamp of tree: Tue, 27 Nov 2007 05:46:01 +0000
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
app-shells/bash:     3.2_p17-r1
dev-lang/python:     2.4.4-r4, 2.5.1-r4
dev-python/pycrypto: 2.0.1-r6
sys-apps/baselayout: 1.12.10-r5
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.61-r1
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.18-r1
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   1.5.24
virtual/os-headers:  2.6.23-r2
ACCEPT_KEYWORDS="x86 ~x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-march=pentium2 -O3 -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /var/bind"
CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-march=pentium2 -O3 -pipe"
DISTDIR="/opt/distfiles"
FEATURES="collision-protect distlocks metadata-transfer sandbox sfperms strict unmerge-orphans userfetch userpriv usersandbox"
GENTOO_MIRRORS="http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror http://gentoo.mirror.solnet.ch http://trumpetti.atm.tut.fi/gentoo/"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/home/portagetmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync4.pl.gentoo.org/gentoo-portage"
USE="bashlogger berkdb bzip2 caps chroot clearpasswd cracklib crypt elf ftp glibc-omitfp hardened hpn mbox midi minimal ncurses nptl nptlonly pam pam_chroot pam_timestamp pic png pwdb readline sasl sendfile sftplogging symlink tcpd threads urandom userlocales x86 xinetd xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 i810 imstt mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, MAKEOPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY

i've also submitted this to grsec's forum:
http://forums.grsecurity.net/viewtopic.php?p=7395

thanks
Comment 1 Christian Heim (RETIRED) gentoo-dev 2007-12-27 15:27:46 UTC 
As pipacs already mentioned to you, could you please try the latest stable revision (that'd be 2.6.23-r4) ? If the error still presists, could you also try switching to the vanilla gcc-specs and see whether or not a `make clean && make' (after installing the kernel / modules) fixes it.
Comment 2 barthek 2007-12-27 15:35:27 UTC 
i followed his suggestion and tried the latest stable including his latest patches ( the latest was -r3 ).

its been working fine for 5 days now will see how much longer before it breaks :)
Comment 3 kfm 2008-02-13 17:39:28 UTC 
Assumed to be fixed. Feel free to re-open if you encounter the same problem again.
Comment 4 barthek 2008-02-13 17:42:52 UTC 
it hasnt failed one since last report so i guess its a good sign.
will reopen as advised if necessary.
cheers