Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 513324 - sys-kernel/hardened-sources-{3.2.59-r5,3.14.5-r2,3.14.6} with grsec, virtio_net and CONFIG_GRKERNSEC_KSTACKOVERFLOW=y crashes KVM qemu host process
Summary: sys-kernel/hardened-sources-{3.2.59-r5,3.14.5-r2,3.14.6} with grsec, virtio_n...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Hardened (show other bugs)
Hardware: Other Linux
: Normal critical
Assignee: The Gentoo Linux Hardened Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-06-15 10:23 UTC by nosys
Modified: 2014-07-21 15:32 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description nosys 2014-06-15 10:23:31 UTC 
linux-hardened-[3.14.5-r2 | 3.14.6] with grsec, virtio_net and CONFIG_GRKERNSEC_KSTACKOVERFLOW=y as qemu-guest crashes the qemu-host process. As i have no direct access to the host itself, I can not provide further information.

Setting CONFIG_GRKERNSEC_KSTACKOVERFLOW=n fixes this for me for both kernels.

Further references:
https://bugs.archlinux.org/task/40627
http://forums.grsecurity.net/viewtopic.php?t=3977&p=14081



Reproducible: Always

Steps to Reproduce:
1
2.
3.
Comment 1 Agostino Sarubbo gentoo-dev 2014-06-19 15:43:42 UTC 
I can reproduce it also with 3.2.59-r5
Comment 2 Anthony Basile gentoo-dev 2014-06-19 17:06:03 UTC 
Yes, this is a known issue.  Let me make sure upstream knows too.
Comment 3 Anthony Basile gentoo-dev 2014-07-01 11:26:29 UTC 
(In reply to Anthony Basile from comment #2)
> Yes, this is a known issue.  Let me make sure upstream knows too.

Can you test the latest hardened sources that are in the tree and see if this is still an issue.
Comment 4 Anthony Basile gentoo-dev 2014-07-19 13:27:38 UTC 
(In reply to Anthony Basile from comment #3)
> (In reply to Anthony Basile from comment #2)
> > Yes, this is a known issue.  Let me make sure upstream knows too.
> 
> Can you test the latest hardened sources that are in the tree and see if
> this is still an issue.

This is fixed.  I just tested it.
Comment 5 Agostino Sarubbo gentoo-dev 2014-07-21 15:32:20 UTC 
(In reply to Anthony Basile from comment #4)
> This is fixed.  I just tested it.

I can confirm. It works for me too.