Comfirmed that it worked on vanilla-sources-2.6.36.2, and <=hardened-sources-2.6.35-r7. After the crash the system becomes non-responsive, and I get messages about how a soft lockup stucks my CPU-cores. This is what I was able to fetch over netconsole of the backtrace. [ 684.117361] grsec: From 192.168.1.148: mount of /dev/md124p1 to /var/lib/os-prober/mount by /bin/ntfs-3g[mount.ntfs-3g:7156] uid/euid:0/0 gid/egid:0/0, parent /bin/mount[mount:7155] uid/euid:0/0 gid/egid:0/0 [ 684.213780] grsec: From 192.168.1.148: unmount of /dev/md124p1 by /bin/umount[umount:7191] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/os-probes/50mounted-tests[50mounted-tests:7150] uid/euid:0/0 gid/egid:0/0 [ 684.481498] grsec: From 192.168.1.148: mount of /dev/md124p2 to /var/lib/os-prober/mount by /bin/ntfs-3g[mount.ntfs-3g:7205] uid/euid:0/0 gid/egid:0/0, parent /bin/mount[mount:7204] uid/euid:0/0 gid/egid:0/0 [ 684.585122] grsec: From 192.168.1.148: unmount of /dev/md124p2 by /bin/umount[umount:7254] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/os-probes/50mounted-tests[50mounted-tests:7199] uid/euid:0/0 gid/egid:0/0 [ 684.933354] grsec: From 192.168.1.148: mount of /dev/sdf2 to /var/lib/os-prober/mount by /bin/ntfs-3g[mount.ntfs-3g:7326] uid/euid:0/0 gid/egid:0/0, parent /bin/mount[mount:7325] uid/euid:0/0 gid/egid:0/0 [ 685.009024] grsec: From 192.168.1.148: unmount of /dev/sdf2 by /bin/umount[umount:7370] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/os-probes/50mounted-tests[50mounted-tests:7320] uid/euid:0/0 gid/egid:0/0 [ 685.098938] EXT4-fs (dm-5): mounted filesystem with ordered data mode. Opts: (null) [ 685.098963] grsec: From 192.168.1.148: mount of /dev/mapper/lillen-boot to /var/lib/os-prober/mount by /bin/mount[mount:7396] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/os-probes/50mounted-tests[50mounted-tests:7391] uid/euid:0/0 gid/egid:0/0 [ 685.165461] grsec: From 192.168.1.148: unmount of /dev/mapper/lillen-boot by /bin/umount[umount:7431] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/os-probes/50mounted-tests[50mounted-tests:7391] uid/euid:0/0 gid/egid:0/0 [ 685.743597] BUG: unable to handle kernel NULL pointer dereference at 0000000000000008 [ 685.743634] IP: [<ffffffff8117b67f>] umount_tree+0x2f/0x190 [ 685.743655] PGD 0 [ 685.743664] Oops: 0002 [#1] PREEMPT SMP [ 685.743680] last sysfs file: /sys/devices/virtual/bdi/8:82-fuseblk/uevent [ 685.743691] CPU 1 [ 685.743696] Modules linked in: netconsole scsi_wait_scan [ 685.743718] [ 685.743725] Pid: 6977, comm: os-prober Tainted: G W 2.6.36-hardened-r7 #1 Rampage II Extreme/System Product Name [ 685.743739] RIP: 0010:[<ffffffff8117b67f>] [<ffffffff8117b67f>] umount_tree+0x2f/0x190 [ 685.743756] RSP: 0018:ffff8801acba9e18 EFLAGS: 00010286 [ 685.743765] RAX: ffff8801b8c35900 RBX: ffff8801acba9e38 RCX: 0000000000000000 [ 685.743775] RDX: ffff8801b8c35900 RSI: 0000000000000000 RDI: ffff8801b8c35900 [ 685.743785] RBP: ffff8801acba9e28 R08: ffffffff81c4c540 R09: 0000000000000000 [ 685.743795] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801acba9e38 [ 685.743805] R13: ffff88019c5b9760 R14: ffff8801b8c88000 R15: ffff88019c5b9a08 [ 685.743816] FS: 00006c99ee78e700(0000) GS:ffff880002680000(0000) knlGS:0000000000000000 [ 685.743827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 685.743836] CR2: 0000000000000008 CR3: 0000000001846000 CR4: 00000000000006f0 [ 685.743846] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 685.743857] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 685.743868] Process os-prober (pid: 6977, threadinfo ffff8801acba8000, task ffff88019c5b9770) [ 685.743880] Stack: [ 685.743886] ffff8801b899bac0 ffff8801acba9e38 ffff8801acba9e58 ffffffff8117b82f [ 685.743906] <0> ffff8801acba9e38 ffff8801acba9e38 ffff8801a89e9000 ffff8801acba9c40 [ 685.744347] <0> ffff8801acba9e78 ffffffff810b2eba ffff8801acba9e68 ffff8801a89e9000 [ 685.744374] Call Trace: [ 685.744383] [<ffffffff8117b82f>] put_mnt_ns+0x4f/0x80 [ 685.744395] [<ffffffff810b2eba>] free_nsproxy+0x1a/0x90 [ 685.744406] [<ffffffff810b310a>] switch_task_namespaces+0x3a/0x50 [ 685.744418] [<ffffffff810b312b>] exit_task_namespaces+0xb/0x10 [ 685.744429] [<ffffffff8108e82c>] do_exit+0x4ac/0x8b0 [ 685.744441] [<ffffffff810e192f>] ? audit_syscall_entry+0x27f/0x2b0 [ 685.744453] [<ffffffff8108ef6f>] do_group_exit+0x4f/0xb0 [ 685.744463] [<ffffffff8108efe2>] sys_exit_group+0x12/0x20 [ 685.744476] [<ffffffff8103a01b>] system_call_fastpath+0x16/0x1b [ 685.744486] Code: 48 89 e5 41 54 53 48 89 d3 74 52 48 89 f8 eb 14 0f 1f 40 00 48 89 d0 48 83 e8 40 74 40 0f 1f 80 00 00 00 00 48 8b 08 48 8b 50 08 <48> 89 51 08 48 89 0a 48 8d 48 30 48 8b 13 48 89 42 08 48 89 10 [ 685.744714] RIP [<ffffffff8117b67f>] umount_tree+0x2f/0x190 [ 685.744729] RSP <ffff8801acba9e18> [ 685.744735] CR2: 0000000000000008 [ 685.748751] ---[ end trace 35e2525189642fdc ]--- [ 685.748762] Fixing recursive fault but reboot is needed! [ 685.748772] BUG: scheduling while atomic: os-prober/6977/0x00000002 [ 685.748781] Modules linked in: netconsole scsi_wait_scan [ 685.748804] Pid: 6977, comm: os-prober Tainted: G D W 2.6.36-hardened-r7 #1 [ 685.748816] Call Trace: [ 685.748827] [<ffffffff8107822c>] __schedule_bug+0x5c/0x60 [ 685.748841] [<ffffffff8181782c>] schedule+0x90c/0xbc0 [ 685.748853] [<ffffffff8108eb44>] do_exit+0x7c4/0x8b0 [ 685.748865] [<ffffffff8108ef6f>] do_group_exit+0x4f/0xb0 [ 685.748878] [<ffffffff8103e975>] oops_end+0x75/0xa0 [ 685.748895] [<ffffffff81062fa0>] no_context+0xf0/0x270 [ 685.748907] [<ffffffff810631bb>] __bad_area_nosemaphore+0x9b/0x560 [ 685.748921] [<ffffffff8106368e>] bad_area_nosemaphore+0xe/0x10 [ 685.748933] [<ffffffff81063ce4>] do_page_fault+0x364/0x420 [ 685.748947] [<ffffffff81818035>] ? schedule_timeout+0x1e5/0x310 [ 685.748960] [<ffffffff8107d431>] ? get_parent_ip+0x11/0x50 [ 685.748973] [<ffffffff8107d5dd>] ? add_preempt_count+0x9d/0xd0 [ 685.748985] [<ffffffff8181a834>] page_fault+0x24/0x30 [ 685.748998] [<ffffffff8117b67f>] ? umount_tree+0x2f/0x190 [ 685.749011] [<ffffffff8117b82f>] put_mnt_ns+0x4f/0x80 [ 685.749023] [<ffffffff810b2eba>] free_nsproxy+0x1a/0x90 [ 685.749035] [<ffffffff810b310a>] switch_task_namespaces+0x3a/0x50 [ 685.749048] [<ffffffff810b312b>] exit_task_namespaces+0xb/0x10 [ 685.749656] [<ffffffff8108e82c>] do_exit+0x4ac/0x8b0 [ 685.749660] [<ffffffff810e192f>] ? audit_syscall_entry+0x27f/0x2b0 [ 685.749663] [<ffffffff8108ef6f>] do_group_exit+0x4f/0xb0 [ 685.749667] [<ffffffff8108efe2>] sys_exit_group+0x12/0x20 [ 685.749670] [<ffffffff8103a01b>] system_call_fastpath+0x16/0x1b If something is missing or you need further info, ping me.
(Sorry it took me a while to see this bug report. When filing a kernel bug, start the summary with sys-kernel/hardened-sources-2.6.x and assign to hardened-kernel@gentoo.org. I'll catch it faster.) Okay I tried to reproduce this and didn't hit it --- yet. Give me your kernel config file and emerge --info as both will help me figure out what's different about our systems. I should alert upstream because its an interesting oops: BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
Created attachment 259536 [details] kernel configuration Forgot to mention that this crashes the io-subsystem so hard that emergency sync is not possible... $ emerge --info Portage 2.2.0_alpha14 (hardened/linux/amd64, gcc-4.5.2, glibc-2.12.1-r3, 2.6.36-hardened-r8 x86_64) ================================================================= System uname: Linux-2.6.36-hardened-r8-x86_64-Intel-R-_Core-TM-_i7_CPU_920_@_2.67GHz-with-gentoo-2.0.1 Timestamp of tree: Mon, 10 Jan 2011 02:00:01 +0000 distcc 3.1 x86_64-pc-linux-gnu [disabled] ccache version 3.1.3 [disabled] app-shells/bash: 4.1_p9 dev-java/java-config: 2.1.11-r3 dev-lang/python: 2.6.6-r1, 2.7.1::Mine, 3.1.3 dev-util/ccache: 3.1.3 dev-util/cmake: 2.8.1-r2 sys-apps/baselayout: 2.0.1-r1 sys-apps/openrc: 0.6.8 sys-apps/sandbox: 2.4 sys-devel/autoconf: 2.13, 2.68 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.21 sys-devel/gcc: 4.5.2 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.4-r1 sys-devel/make: 3.82 virtual/os-headers: 2.6.36.1 (sys-kernel/linux-headers) Repositories: gentoo gamerlay-stable x11 mozilla Mine ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -pipe -ggdb -mtune=native" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=native -O2 -pipe -ggdb -mtune=native" DISTDIR="/var/portage/distfiles" FEATURES="assume-digests binpkg-logs buildpkg distlocks fixlafiles fixpackages metadata-transfer news parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict test unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox" GENTOO_MIRRORS="ftp://ftp.sunet.se/pub/os/Linux/distributions/gentoo" INSTALL_MASK="*.la" LANG="sv_SE.UTF-8" LC_ALL="C" LDFLAGS="-Wl,--as-needed -Wl,-O1 -Wl,--sort-common -Wl,--warn-once,--hash-style=gnu" LINGUAS="sv en" MAKEOPTS="-j16 -l15" PKGDIR="/var/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/var/portage" PORTDIR_OVERLAY="/var/overlays/layman/gamerlay /var/overlays/layman/x11 /var/overlays/layman/mozilla /var/overlays/mine" SYNC="rsync://liten.csbnet.se/gentoo-portage" USE="X a52 aac accessibility acl acpi alsa amd64 amr amrnb amrwb applet archive asyncns autoipd avahi bash-completion bluetooth branding bzip2 cairo caps ccache cdaudio cdda cdr cleartype cli clutter connection-sharing consolekit coverart cracklib crypt cups cxx dbus device-mapper devicekit devkit dhcpcd digitalradio djvu dri dts dvd dvdr dvi eds enca encode eselect evo exif faac faad fat fbcondecor ffmpeg fftw flac fluidsynth fontconfig fuse gdbm gdm gdu gif gimp glib gmp gnome gnome-keyring gphoto2 gpm grammar graphite gsf gsm gstreamer gtk gudev hardened hpn ical iconv iconvacl icq icu id3tag idn ieee1394 iptc ipv6 jabber jack java6 jingle jpeg jpeg2k justify kate kvm lcms libffi libnotify libsamplerate logrotate lvm lvm2 lzma mad maps math matroska md mdadm midi mms mmx mmxext mng moonlight mp2 mp3 mpeg mpi msn mtp mudflap multilib musepack musicbrainz natspec nautilus ncurses network-cron networkmanager nfs nls nntp nptl nptlonly ntfs ntp nut offensive ogg openal opencore-amr opengl openmp openntpd ots pam pango parted pcre pdf perl pic pidgin playlist png policykit pppd pulseaudio python qt3support quicktime raw readline rrdcgi rtmp samba schroedinger seed sensord session smp sms speex spell sse sse2 sse3 ssl ssse3 startup-notification subversion svg sysfs test tex theora thesaurus threads tiff totem truetype udev unicode upnp urandom usb userlocales v4l2 vaapi vhook videos vim-syntax vorbis webkit wmf x264 xattr xcb xcomposite xml xmp xmpp xorg xrandr xscreensaver xulrunner xv xvid xvmc zeroconf zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="sv en" PHP_TARGETS="php5-3" QEMU_SOFTMMU_TARGETS="i386 x86_64" QEMU_USER_TARGETS="i386 x86_64" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="nouveau" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Hit it with linux-boot-prober. This was using the latest grsec patches: grsecurity-2.2.1-2.6.36.2-201101052002.patch I'll try the 2.6.32 patches and report. Jan 11 07:49:33 yellowness Pid: 14642, comm: newns Not tainted 2.6.36-hardened-r8 #1 P6T/System Product Name Jan 11 07:49:33 yellowness RIP: 0010:[<ffffffff811248dd>] Jan 11 07:49:33 yellowness [<ffffffff811248dd>] clone_mnt+0x25d/0x270 Jan 11 07:49:33 yellowness RSP: 0018:ffff88010b0c7dc8 EFLAGS: 00010246 Jan 11 07:49:33 yellowness RAX: 0000000000000000 RBX: ffff88033245ad80 RCX: 0000000000000010 Jan 11 07:49:33 yellowness RDX: 0000000000000010 RSI: 0000000000000040 RDI: ffffffff819e6060 Jan 11 07:49:33 yellowness RBP: ffff880332001b00 R08: ffffffff81a2dc58 R09: 0000000000000040 Jan 11 07:49:33 yellowness R10: 0000000000000097 R11: 0000000000000004 R12: ffff88032e94f080 Jan 11 07:49:33 yellowness R13: 0000000000000005 R14: ffff880332458800 R15: 0000000000000000 Jan 11 07:49:33 yellowness FS: 00006e47ab3b3700(0000) GS:ffff880001ec0000(0000) knlGS:0000000000000000 Jan 11 07:49:33 yellowness CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Jan 11 07:49:33 yellowness CR2: 00006e47aaf44560 CR3: 0000000146a06000 CR4: 00000000000026f0 Jan 11 07:49:33 yellowness DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 Jan 11 07:49:33 yellowness DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Jan 11 07:49:33 yellowness Process newns (pid: 14642, threadinfo ffff88010b0c6000, task ffff8802931e11a0) Jan 11 07:49:33 yellowness Stack: Jan 11 07:49:33 yellowness ffff88033055a0c0 Jan 11 07:49:33 yellowness ffff88033245ad80 Jan 11 07:49:33 yellowness ffff88006f5d25c0 Jan 11 07:49:33 yellowness ffff88033fc26900 Jan 11 07:49:33 yellowness Jan 11 07:49:33 yellowness kernel: Jan 11 07:49:33 yellowness 0000000000000004 Jan 11 07:49:33 yellowness 0000000000000005 Jan 11 07:49:33 yellowness 0000000000000000 Jan 11 07:49:33 yellowness ffffffff81124926 Jan 11 07:49:33 yellowness Jan 11 07:49:33 yellowness kernel: Jan 11 07:49:33 yellowness 00000000000412d0 Jan 11 07:49:33 yellowness ffff880330586c00 Jan 11 07:49:33 yellowness ffff880330a67340 Jan 11 07:49:33 yellowness 0000000000000000 Jan 11 07:49:33 yellowness Jan 11 07:49:33 yellowness Call Trace: Jan 11 07:49:33 yellowness [<ffffffff81124926>] ? copy_tree+0x36/0x250 Jan 11 07:49:33 yellowness [<ffffffff810f81c1>] ? cache_alloc_refill+0x1c1/0x2b0 Jan 11 07:49:33 yellowness [<ffffffff81124bab>] ? copy_mnt_ns+0x6b/0x290 Jan 11 07:49:33 yellowness [<ffffffff8108d662>] ? create_new_namespaces+0x62/0x1b0 Jan 11 07:49:33 yellowness [<ffffffff8108d828>] ? unshare_nsproxy_namespaces+0x78/0xe0 Jan 11 07:49:33 yellowness [<ffffffff81067c9a>] ? sys_unshare+0x16a/0x310 Jan 11 07:49:33 yellowness [<ffffffff8102e89b>] ? system_call_fastpath+0x16/0x1b Jan 11 07:49:33 yellowness Code: Jan 11 07:49:33 yellowness ff Jan 11 07:49:33 yellowness 0f Jan 11 07:49:33 yellowness 1f Jan 11 07:49:33 yellowness 44 Jan 11 07:49:33 yellowness 00 Jan 11 07:49:33 yellowness 00 Jan 11 07:49:33 yellowness 4c Jan 11 07:49:33 yellowness 89 Jan 11 07:49:33 yellowness e7 Jan 11 07:49:33 yellowness 0f Jan 11 07:49:33 yellowness 1f Jan 11 07:49:33 yellowness 44 Jan 11 07:49:33 yellowness 00 Jan 11 07:49:33 yellowness 00 Jan 11 07:49:33 yellowness e8 Jan 11 07:49:33 yellowness 0b Jan 11 07:49:33 yellowness dd Jan 11 07:49:33 yellowness ff Jan 11 07:49:33 yellowness ff Jan 11 07:49:33 yellowness 85 Jan 11 07:49:33 yellowness c0 Jan 11 07:49:33 yellowness 0f Jan 11 07:49:33 yellowness 84 Jan 11 07:49:33 yellowness 28 Jan 11 07:49:33 yellowness fe Jan 11 07:49:33 yellowness ff Jan 11 07:49:33 yellowness ff Jan 11 07:49:33 yellowness 4c Jan 11 07:49:33 yellowness 89 Jan 11 07:49:33 yellowness e7 Jan 11 07:49:33 yellowness 45 Jan 11 07:49:33 yellowness 31 Jan 11 07:49:33 yellowness e4 Jan 11 07:49:33 yellowness e8 Jan 11 07:49:33 yellowness 48 Jan 11 07:49:33 yellowness ed Jan 11 07:49:33 yellowness ff Jan 11 07:49:33 yellowness ff Jan 11 07:49:33 yellowness e9 Jan 11 07:49:33 yellowness f2 Jan 11 07:49:33 yellowness fe Jan 11 07:49:33 yellowness ff Jan 11 07:49:33 yellowness ff Jan 11 07:49:33 yellowness syslog-ng[17616]: Error processing log message: <0f> Jan 11 07:49:33 yellowness 0b Jan 11 07:49:33 yellowness eb Jan 11 07:49:33 yellowness fe Jan 11 07:49:33 yellowness 66 Jan 11 07:49:33 yellowness 66 Jan 11 07:49:33 yellowness 66 Jan 11 07:49:33 yellowness 66 Jan 11 07:49:33 yellowness 66 Jan 11 07:49:33 yellowness 66 Jan 11 07:49:33 yellowness 2e Jan 11 07:49:33 yellowness 0f Jan 11 07:49:33 yellowness 1f Jan 11 07:49:33 yellowness 84 Jan 11 07:49:33 yellowness 00 Jan 11 07:49:33 yellowness 00 Jan 11 07:49:33 yellowness 00 Jan 11 07:49:33 yellowness 00 Jan 11 07:49:33 yellowness 00 Jan 11 07:49:33 yellowness 41 Jan 11 07:49:33 yellowness 57 Jan 11 07:49:33 yellowness Jan 11 07:49:33 yellowness RIP Jan 11 07:49:33 yellowness [<ffffffff811248dd>] clone_mnt+0x25d/0x270 Jan 11 07:49:33 yellowness RSP <ffff88010b0c7dc8> Jan 11 07:49:33 yellowness ---[ end trace 8f4a9ee5a22e9189 ]---
Created attachment 259564 [details] OOPS on a amd64 virtual machine I tried all 4 possibilities of settings of KERNEXEC/UDEREF on a 64-bit virtual machine. Always the same OOPS.
Created attachment 259565 [details] 32-bit OOPS This is the OOPS on a 32-bit virtual machine.
Have the same issue. Distro: Ubuntu Maverick 10.10 amd64 Kernel source: linux-2.6.36.2.tar.bz2 (kernels.org) Grsec patch: grsecurity-2.2.1-2.6.36.2-201101052002.patch When installing another kernel package from repo, the dpkg system calls os-prober (to generate new grub.cfg etc) and the system dies hard. paxctl commands settings on different executables do not help afaik. I did chmod 000 /usr/bin/os-prober and that prevents the crash. Will attach my kernel config. As you can tell i am a noob, but just thought id way in...
Created attachment 259577 [details] remote-console-dump this is screen cap from remote console, am not able to scroll back as the screen froze
Created attachment 259579 [details] kernel-config my running kernel config, nevermind the '9.9.01-liberta' thats a BS name i gave it. The source is as mentioned
(In reply to comment #8) > Created an attachment (id=259579) [details] > kernel-config > > my running kernel config, nevermind the '9.9.01-liberta' thats a BS name i gave > it. The source is as mentioned > Different distro, same kernel and same bug. (You should consider switching to gentoo :) BTW, this OOPS does not affect 2.6.32-r33 based on grsecurity-2.2.1-2.6.32.27-201101052002.patch
this is not a PaX issue per se but something in grsec and only in .36+ related to namespace handling it seems, spender's looking into it.
(In reply to comment #10) > this is not a PaX issue per se but something in grsec and only in .36+ related > to namespace handling it seems, spender's looking into it. > It is fixed by 4420_grsecurity-2.2.1-2.6.36.3-201101120010.patch which will be in 2.6.36-hardened-r9. Thanks guys :)
I can confirm the problem is fixed using 'grsecurity-2.2.1-2.6.36.3-201101131705.patch' and corresponding kernel source! Thanks a lot!
I just marked 2.6.36-hardened-r9 stable. Closing this one.
