This is the logentry: Feb 13 03:49:46 host PAX: suspicious general protection fault: 0000 [#3] Feb 13 03:49:46 host PREEMPT Feb 13 03:49:46 host Modules linked in: Feb 13 03:49:46 host CPU: 0 Feb 13 03:49:46 host EIP: 0060:[<00046ca1>] Tainted: G D VLI Feb 13 03:49:46 host EFLAGS: 00010202 (2.6.23-hardened-r7 #3) Feb 13 03:49:46 host eax: 00000000 ebx: 00000001 ecx: 00000000 edx: 00000000 Feb 13 03:49:46 host esi: 00000001 edi: 00000000 ebp: 00000064 esp: d1563e30 Feb 13 03:49:46 host ds: 0068 es: 0068 fs: 0000 gs: 0000 ss: 0068 Feb 13 03:49:46 host Process khelper (pid: 9435, ti=d1562000 task=f2896550 task.ti=d1562000) Feb 13 03:49:46 host Stack: f2889f24 00002000 c5c3b040 00000001 00044d3e 00000001 d38aa0cc 00000001 Feb 13 03:49:46 host d38aa0cc 00000000 bfffe000 00044f2a 00000000 bfffe000 00000001 00000000 Feb 13 03:49:46 host cc262c60 bfffefff 00000001 00000001 00056ee2 00000000 00000001 00000001 Feb 13 03:49:46 host Call Trace: Feb 13 03:49:46 host [<00002000>] <0> [<00044d3e>] <0> [<00044f2a>] <0> [<00056ee2>] <0> [<0005702f>] <0> [<0005889b>] <0> [<0000f205>] <0> [<0000f5eb>] <0> [<0000f1c3>] <0> [<0005b3ef>] <0> [<00001d50>] <0> [<000038f2>] <0> [<00006d20>] <0> [<0001fb91>] <0> [<0001fc86>] <0> [<0001fb91>] <0> [<00003cd7>] <0> ======================= Feb 13 03:49:46 host Code: 8d 04 11 39 d8 76 3a eb 47 a1 d4 34 03 c1 ba 64 00 00 00 0f af 05 dc 6b 00 c1 89 d5 31 d2 f7 f5 85 f6 89 c1 75 05 c1 e8 05 29 c1 <8b> 47 58 03 0d 44 d0 04 c1 c1 e8 05 29 c1 39 0d f4 cf 04 c1 7c Feb 13 03:49:46 host EIP: [<00046ca1>] SS:ESP 0068:d1563e30 Feb 13 03:49:46 host note: khelper[9435] exited with preempt_count 1 Here is the code from maintainer to fix it: --- linux-2.6.24-pax/mm/mmap.c 2008-01-25 15:28:01.000000000 +0100 +++ linux-2.6.24-pax/mm/mmap.c 2008-01-28 18:59:27.000000000 +0100 @@ -1736,7 +1736,7 @@ * Overcommit.. This must be the final test, as it will * update security statistics. */ - if (security_vm_enough_memory(grow)) + if (security_vm_enough_memory_mm(mm, grow)) return -ENOMEM; See: http://forums.grsecurity.net/viewtopic.php?f=3&t=1873 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git;a=commitdiff;h=34b4e4aa3c470ce8fa2bd78abb1741b4b58baad7
Reassigning to hardened.
Another pair of eyes here... have reviewed this issue and proposed fix is accurate. I would like to see this go into -r8.
Fixed in rsbac-sources-2.6.23-r1 2.6.23 patch with correct offsets: --- mm/mmap.c.ori 2008-02-20 16:23:25.000000000 +0100 +++ mm/mmap.c 2008-02-20 16:23:43.000000000 +0100 @@ -1773,7 +1773,7 @@ static int acct_stack_growth(struct vm_a * Overcommit.. This must be the final test, as it will * update security statistics. */ - if (security_vm_enough_memory(grow)) + if (security_vm_enough_memory_mm(mm, grow)) return -ENOMEM; /* Ok, everything looks good - let it rip */
Fixed in 2.6.23-r8.