Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 416637 - >=sys-kernel/hardened-sources-3.2.11 bug in i915 with PAX_MEMORY_UDEREF
Summary: >=sys-kernel/hardened-sources-3.2.11 bug in i915 with PAX_MEMORY_UDEREF
Status: RESOLVED OBSOLETE
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Hardened (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: The Gentoo Linux Hardened Kernel Team (OBSOLETE)
URL: http://archives.gentoo.org/gentoo-har...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-05-19 15:01 UTC by RB
Modified: 2012-09-18 13:02 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
hardened-sources-3.3.6 config that produces breakage (config,89.87 KB, text/plain)
2012-05-19 15:01 UTC, RB
Details

Note You need to log in before you can comment on or make changes to this bug.
Description RB 2012-05-19 15:01:33 UTC
Created attachment 312277 [details]
hardened-sources-3.3.6 config that produces breakage

As documented in the linked gentoo-hardened thread, there is a bug in hardened-sources above version 3.2.2-r1 that when PAX_MEMORY_UDEREF is enabled and PAX_KERNEXEC is not, starting X.org on an Intel core2 platform with an i965 video chipset produces an oops that typically hard-locks the machine in the 3.2 kernels and leaves video unusable in the latest hardened-sources-3.3.6.  The oops output is pasted in the linked message.

Portage 2.2.0_alpha105 (hardened/linux/amd64/desktop, gcc-4.5.3, glibc-2.15-r1, 3.3.6-hardened x86_64)
=================================================================
System uname: Linux-3.3.6-hardened-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T7300_@_2.00GHz-with-gentoo-2.1
Timestamp of tree: Fri, 18 May 2012 16:00:01 +0000
app-shells/bash:          4.2_p28
dev-java/java-config:     2.1.11-r3
dev-lang/python:          2.7.3-r2, 3.2.3-r1
dev-util/cmake:           2.8.8-r2
dev-util/pkgconfig:       0.26
sys-apps/baselayout:      2.1
sys-apps/openrc:          0.9.9.3
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.13, 2.69
sys-devel/automake:       1.11.5
sys-devel/binutils:       2.21.1-r1
sys-devel/gcc:            4.5.3-r2
sys-devel/gcc-config:     1.7.1
sys-devel/libtool:        2.4.2
sys-devel/make:           3.82-r3
sys-kernel/linux-headers: 3.3 (virtual/os-headers)
sys-libs/glibc:           2.15-r1
Repositories: gentoo gcpan sunrise pentoo
Installed sets: 
ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="*"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -march=core2 -pipe -fomit-frame-pointer"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /usr/share/openvpn/easy-rsa"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/env.d/java/ /etc/fonts /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/init.d /etc/privoxy/templates /etc/revdep-rebuild /etc/sandbox.d /etc/ssl /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-O2 -march=core2 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
EMERGE_DEFAULT_OPTS="--misspell-suggestions=n --quiet-build=n --with-bdeps=y"
FEATURES="assume-digests binpkg-logs buildsyspkg distlocks ebuild-locks fakeroot fixlafiles news parallel-fetch parse-eapi-ebuild-head preserve-libs protect-owned sandbox sfperms strict suidctl unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox xattr"
FFLAGS=""
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LANG="en_US.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en en_GB"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_EXTRA_OPTS="-P"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage /var/lib/layman/sunrise /var/lib/layman/pentoo"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="X a52 aac aalib acl acpi addns adns ads aff aio alsa amd64 amr ao archive async atm audit avx bash-completion battery berkdb bittorrent bluetooth branding btrfs bzip2 cairo caps cdda cddb cdr chroot cli consolekit cracklib crypt cryptsetup cups curl cvs cxx dbus dc1394 device-mapper dga dhcp dhcpcd dirac disk-partition dmraid dmx docbook dot dri dts dv dvd dvdr egl emboss encode ewf exif expat extra-ciphers extra-tools extras faac fam fat fbcon fcoe fcp fdt ffmpeg fftw firefox flac fontconfig fpx ftp fuse gconf gcrypt gd gdbm ggi gif gimp git gmp gnome gnome-keyring gnutls gpg gpm gpu graphviz gsm gtk gtk3 hal hardened hddtemp hdri hfs hipe hpn html iconv icu id3tag idn ieee1394 imagemagick imap injection inotify ios ipod iproute2 ipv6 iscsi ithreads jack java jbig jfs jpeg jpeg2k justify keyscrub kvm ladspa lame laptop latex lcms ldap libedit libnl libnotify libproxy libssh2 libwww lm_sensors lqr lua lvm lzma lzo macvtap mad madwifi matroska mbox mdadm meanwhile mikmod minizip mktemp mmx mng mod modemmanager modules motif mp3 mp3rtp mp4 mpeg mtp mudflap multilib musepack natspec ncurses networkmanager nfs nls nodot nodrm nptl nsplugin ntfs ntp offensive ogg openexr opengl openmp openssl openvg pam pango parted passwdqc pax_kernel pcap pcapnav pcre pdf pdfimport perl plugins png policykit pop postproc ppds pppd pulseaudio pvr python q32 q64 qcow qemu qt4 rar raw rawio readline reiser4 reiserfs relp resolvconf rle rtf rtmp rtsp s3 samba sasl screen sctp sdl serial server session silc smime smp smtp sndfile socks5 sound spell spice sqlite sqlite3 sse sse2 sse3 ssh ssl ssse3 startup-notification stream subversion svg syslog system-sqlite taglib tcl tcpd tcpreplay theora threads threadsafe thunar tiff tools tordns tpm truetype udev udisks uml unicode upower urandom usb usbredir utils v4l2 vaapi vde vim-syntax vix vlm vnc vorbis vpx wavpack winbind wma wmf wps wxwidgets x264 xattr xcb xcomposite xetex xfs xinerama xml xmlrpc xmp xorg xosd xpm xscreensaver xulrunner xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="en en_GB" PHP_TARGETS="php5-3" PYTHON_TARGETS="python3_2 python2_7" QEMU_SOFTMMU_TARGETS="i386 mips mips64 mips64el mipsel ppc ppc64 x86_64" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="fbdev intel vesa i965 i915" XFCE_PLUGINS="brightness menu logout trash" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, USE_PYTHON
Comment 1 Matthew Thode ( prometheanfire ) archtester Gentoo Infrastructure gentoo-dev Security 2012-05-19 16:15:47 UTC
Can you lspci? i965 is the driver, not the chipset :D
Comment 2 RB 2012-05-19 16:28:17 UTC
Actually, no - i915.ko is the driver and GM965 is the actual chipset, let's both be correct.

00:00.0 Host bridge: Intel Corporation Mobile PM965/GM965/GL960 Memory Controller Hub (rev 0c)
00:02.0 VGA compatible controller: Intel Corporation Mobile GM965/GL960 Integrated Graphics Controller (primary) (rev 0c)
00:02.1 Display controller: Intel Corporation Mobile GM965/GL960 Integrated Graphics Controller (secondary) (rev 0c)
00:19.0 Ethernet controller: Intel Corporation 82566MM Gigabit Network Connection (rev 03)
00:1a.0 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #4 (rev 03)
00:1a.1 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #5 (rev 03)
00:1a.7 USB controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI Controller #2 (rev 03)
00:1b.0 Audio device: Intel Corporation 82801H (ICH8 Family) HD Audio Controller (rev 03)
00:1c.0 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 1 (rev 03)
00:1c.1 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 2 (rev 03)
00:1c.2 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 3 (rev 03)
00:1c.3 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 4 (rev 03)
00:1c.4 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 5 (rev 03)
00:1d.0 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #1 (rev 03)
00:1d.1 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #2 (rev 03)
00:1d.2 USB controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #3 (rev 03)
00:1d.7 USB controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI Controller #1 (rev 03)
00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev f3)
00:1f.0 ISA bridge: Intel Corporation 82801HEM (ICH8M-E) LPC Interface Controller (rev 03)
00:1f.1 IDE interface: Intel Corporation 82801HM/HEM (ICH8M/ICH8M-E) IDE Controller (rev 03)
00:1f.2 SATA controller: Intel Corporation 82801HM/HEM (ICH8M/ICH8M-E) SATA Controller [AHCI mode] (rev 03)
00:1f.3 SMBus: Intel Corporation 82801H (ICH8 Family) SMBus Controller (rev 03)
03:00.0 Network controller: Intel Corporation PRO/Wireless 4965 AG or AGN [Kedron] Network Connection (rev 61)
15:00.0 CardBus bridge: Ricoh Co Ltd RL5c476 II (rev ba)
15:00.1 FireWire (IEEE 1394): Ricoh Co Ltd R5C832 IEEE 1394 Controller (rev 04)
15:00.2 SD Host controller: Ricoh Co Ltd R5C822 SD/SDIO/MMC/MS/MSPro Host Adapter (rev 21)
15:00.4 System peripheral: Ricoh Co Ltd R5C592 Memory Stick Bus Host Adapter (rev 11)
15:00.5 System peripheral: Ricoh Co Ltd xD-Picture Card Controller (rev 11)
Comment 3 Matthew Thode ( prometheanfire ) archtester Gentoo Infrastructure gentoo-dev Security 2012-05-19 16:49:17 UTC
hmm, I was going to test this, but I don't have that chipset :(
Comment 4 RB 2012-05-19 16:55:58 UTC
If you have any graphics chipset that uses the i915 driver, I think it would be worth testing.  Knowing whether the problem is specific to the GM965 chipset would be rather useful, I'd think.
Comment 5 PaX Team 2012-09-18 11:42:14 UTC
is this still a problem?
Comment 6 RB 2012-09-18 13:02:04 UTC
It would appear it is no longer an issue; I'm running with (PAX_MEMORY_UDEREF && !PAX_KERNEXEC) on hardened-sources-3.5.3-r1.  Not sure when that changed, and I apologize for not noting that more quickly.