I've just got kernel panic on two servers when tried to upgrade from 4.0.8-hardened to 4.1.4-hardened. Hardware on these servers is very different, but both servers are 32-bit. Same kernel with nearly same .config works ok on 64-bit server. Panic message looks like related to hardened: Linux version 4.1.4-hardened (root@cruncher) (gcc version 4.8.4 (Gentoo Hardened 4.8.4 p1.6, pie-0.5 e820: BIOS-provided physical RAM map: BIOS-e820: [mem 0x0000000000000000-0x000000000009ffff] usable BIOS-e820: [mem 0x0000000000100000-0x00000000cf678fff] usable BIOS-e820: [mem 0x00000000cf679000-0x00000000cf68efff] reserved BIOS-e820: [mem 0x00000000cf68f000-0x00000000cf6cdfff] ACPI data BIOS-e820: [mem 0x00000000cf6ce000-0x00000000cfffffff] reserved BIOS-e820: [mem 0x00000000e0000000-0x00000000efffffff] reserved BIOS-e820: [mem 0x00000000fe000000-0x00000000ffffffff] reserved BIOS-e820: [mem 0x0000000100000000-0x000000042fffffff] usable NX (Execute Disable) protection: active SMBIOS 2.6 present. e820: last_pfn = 0x430000 max_arch_pfn = 0x1000000 PAT configuration [0-7]: WB WC UC- UC WB WC UC- UC found SMP MP-table at [mem 0x000fe710-0x000fe71f] mapped at [c00fe710] init_memory_mapping: [mem 0x00000000-0x000fffff] init_memory_mapping: [mem 0x37400000-0x375fffff] init_memory_mapping: [mem 0x20000000-0x373fffff] init_memory_mapping: [mem 0x00100000-0x1fffffff] init_memory_mapping: [mem 0x37600000-0x377fdfff] ACPI: Early table checksum verification disabled ACPI: RSDP 0x00000000000F0CD0 000024 (v02 DELL ) ACPI: XSDT 0x00000000000F0DD4 00009C (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: FACP 0x00000000CF6B3F9C 0000F4 (v03 DELL PE_SC3 00000001 DELL 00000001) ACPI: DSDT 0x00000000CF68F000 003D5A (v01 DELL PE_SC3 00000001 INTL 20050624) ACPI: FACS 0x00000000CF6B6000 000040 ACPI: FACS 0x00000000CF6B6000 000040 ACPI: APIC 0x00000000CF6B3478 00015E (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: SPCR 0x00000000CF6B35D8 000050 (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: HPET 0x00000000CF6B362C 000038 (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: DM__ 0x00000000CF6B3668 000198 (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: MCFG 0x00000000CF6B38C4 00003C (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: WD__ 0x00000000CF6B3904 000134 (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: SLIC 0x00000000CF6B3A3C 000176 (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: ERST 0x00000000CF692EDC 000270 (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: HEST 0x00000000CF69314C 0003A8 (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: BERT 0x00000000CF692D5C 000030 (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: EINJ 0x00000000CF692D8C 000150 (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: SRAT 0x00000000CF6B3BC0 000370 (v01 DELL PE_SC3 00000001 DELL 00000001) ACPI: TCPA 0x00000000CF6B3F34 000064 (v02 DELL PE_SC3 00000001 DELL 00000001) ACPI: SSDT 0x00000000CF6B7000 007B84 (v01 INTEL PPM RCM 80000001 INTL 20061109) 16264MB HIGHMEM available. 887MB LOWMEM available. mapped low ram: 0 - 377fe000 low ram: 0 - 377fe000 Zone ranges: DMA [mem 0x0000000000001000-0x0000000000ffffff] Normal [mem 0x0000000001000000-0x00000000377fdfff] HighMem [mem 0x00000000377fe000-0x000000042fffffff] Movable zone start for each node Early memory node ranges node 0: [mem 0x0000000000001000-0x000000000009ffff] node 0: [mem 0x0000000000100000-0x00000000cf678fff] node 0: [mem 0x0000000100000000-0x000000042fffffff] Initmem setup node 0 [mem 0x0000000000001000-0x000000042fffffff] Using APIC driver default ACPI: PM-Timer IO Port: 0x808 ACPI: LAPIC_NMI (acpi_id[0xff] high edge lint[0x1]) IOAPIC[0]: apic_id 0, version 32, address 0xfec00000, GSI 0-23 IOAPIC[1]: apic_id 1, version 32, address 0xfec80000, GSI 32-55 ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) Using ACPI (MADT) for SMP configuration information ACPI: HPET id: 0x8086a301 base: 0xfed00000 smpboot: Allowing 24 CPUs, 0 hotplug CPUs e820: [mem 0xd0000000-0xdfffffff] available for PCI devices clocksource refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000s setup_percpu: NR_CPUS:64 nr_cpumask_bits:64 nr_cpu_ids:24 nr_node_ids:1 PERCPU: Embedded 12 pages/cpu @ef0ca000 s27020 r0 d22132 u49152 Built 1 zonelists in Zone order, mobility grouping on. Total pages: 4189992 Kernel command line: BOOT_IMAGE=/vmlinuz-4.1.4-hardened root=/dev/sda4 ro init=/sbin/runit-init con0 PID hash table entries: 4096 (order: 2, 16384 bytes) Dentry cache hash table entries: 131072 (order: 7, 524288 bytes) Inode-cache hash table entries: 65536 (order: 6, 262144 bytes) Initializing CPU#0 Initializing HighMem for node 0 (000377fe:00430000) Initializing Movable for node 0 (00000000:00000000) Memory: 16609588K/16767072K available (10235K kernel code, 789K rwdata, 2072K rodata, 788K init, 55) virtual kernel memory layout: fixmap : 0xffa77000 - 0xfffff000 (5664 kB) pkmap : 0xff800000 - 0xffa00000 (2048 kB) vmalloc : 0xf7ffe000 - 0xff7fe000 ( 120 MB) lowmem : 0xc0000000 - 0xf77fe000 ( 887 MB) .init : 0xd2c00000 - 0xd2c8c000 ( 560 kB) .data : 0xd2a00000 - 0xd2ac5700 ( 789 kB) .text : 0xd1c00000 - 0xd2600000 (10240 kB) Checking if this processor honours the WP bit even in supervisor mode...Ok. SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=24, Nodes=1 Hierarchical RCU implementation. RCU restricting CPUs from NR_CPUS=64 to nr_cpu_ids=24. RCU: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=24 NR_IRQS:4352 nr_irqs:1160 16 Console: colour VGA+ 80x25 console [ttyS1] enabled clocksource hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 133484882848 ns tsc: Fast TSC calibration using PIT tsc: Detected 3325.201 MHz processor Calibrating delay loop (skipped), value calculated using timer frequency.. 6650.40 BogoMIPS (lpj=33) pid_max: default: 32768 minimum: 501 ACPI: Core revision 20150410 ACPI: All ACPI Tables successfully acquired Security Framework initialized Mount-cache hash table entries: 2048 (order: 1, 8192 bytes) Mountpoint-cache hash table entries: 2048 (order: 1, 8192 bytes) Initializing cgroup subsys freezer Initializing cgroup subsys net_cls Initializing cgroup subsys net_prio CPU: Physical Processor ID: 1 CPU: Processor Core ID: 0 mce: CPU supports 9 MCE banks CPU0: Thermal monitoring enabled (TM1) process: using mwait in idle threads Last level iTLB entries: 4KB 512, 2MB 7, 4MB 7 Last level dTLB entries: 4KB 512, 2MB 32, 4MB 32, 1GB 0 PAX: suspicious general protection fault: 0000 [#1] SMP CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.1.4-hardened #1 Hardware name: Dell Inc. PowerEdge R610/01W9FG, BIOS 2.0.11 02/26/2010 task: d2a07100 ti: d2a0749c task.ti: d2a0749c EIP: 0060:[<002b8d5f>] EFLAGS: 00210002 CPU: 0 EAX: 10c02281 EBX: 00000005 ECX: 00000001 EDX: d2a01e86 ESI: d2a01e86 EDI: 10c02281 EBP: d2a01e2c ESP: d2a01e20 DS: 0068 ES: 0068 FS: 00d8 GS: 0068 SS: 0068 CR0: 8005003b CR2: ff7ff000 CR3: 12604000 CR4: 000006f0 Stack: d2c7d3e0 3f002281 00200207 d2a01e40 00009248 d2c7d3e0 3f002281 d1c00283 d2a01f90 0100c876 d2a01e50 002b8249 d2a01e58 002b826d d2a01e6c 00353221 d2d0fe90 00000001 00200046 d2a01ec8 ef400000 d2c89005 00000005 d2c89005 Call Trace: [<00200207>] ? cifs_get_inode_info+0x187/0x460 [<00009248>] text_poke_early+0x28/0x50 [<0100c876>] apply_alternatives+0x514/0x527 [<002b8249>] ? __delay+0x9/0x10 [<002b826d>] ? __const_udelay+0x1d/0x20 [<00353221>] ? wait_for_xmitr+0x31/0x90 [<00200046>] ? cifs_get_inode_info_unix+0x166/0x1a0 [<002b6443>] ? number.isra.12+0x353/0x360 [<000819c5>] ? msg_print_text+0xc5/0x190 [<00355080>] ? serial8250_modem_status+0xd0/0xd0 [<00200086>] ? cifs_get_inode_info+0x6/0x460 [<00200086>] ? cifs_get_inode_info+0x6/0x460 [<0007ebe5>] ? up+0x25/0x40 [<00200246>] ? cifs_get_inode_info+0x1c6/0x460 [<00200246>] ? cifs_get_inode_info+0x1c6/0x460 [<00082f7a>] ? console_unlock+0x2ea/0x4c0 [<00200246>] ? cifs_get_inode_info+0x1c6/0x460 [<00011f14>] ? show_cpuinfo+0xb4/0x470 [<0008333f>] ? vprintk_emit+0x1ef/0x490 [<0054ced7>] ? printk+0x12/0x14 [<00200246>] ? cifs_get_inode_info+0x1c6/0x460 [<0008f800>] ? __hrtimer_start_range_ns+0x2c0/0x360 [<00083752>] ? vprintk_default+0x32/0x40 [<0008f800>] ? __hrtimer_start_range_ns+0x2c0/0x360 [<0100c9df>] alternative_instructions+0x1a/0xab [<0100d9dd>] check_bugs+0x35/0xa5 [<00040000>] ? flush_tlb_mm_range+0x120/0x160 [<01007c24>] start_kernel+0x3d2/0x3f6 [<01007671>] ? set_init_arg+0x49/0x49 [<0100736f>] i386_start_kernel+0x137/0x13a Code: 58 2b 43 50 88 43 4e 5b 5d c3 66 90 e8 db fc ff ff eb eb 90 90 90 90 90 90 90 90 90 55 89 e5 7 EIP: [<002b8d5f>] memcpy+0xf/0x20 SS:ESP 0068:d2a01e20 ---[ end trace 8b3efa4c2dcefbe7 ]--- Kernel panic - not syncing: Attempted to kill the idle task! ---[ end Kernel panic - not syncing: Attempted to kill the idle task!
Created attachment 409672 [details] .config
*** Bug 558280 has been marked as a duplicate of this bug. ***
this should already be fixed in the latest patches.
(In reply to PaX Team from comment #3) > this should already be fixed in the latest patches. hardened-sources-4.1.6 has the latest grsecurity patches. I'm going to close this as fixed but please reopen it if it still happens with 4.1.6.
(In reply to Anthony Basile from comment #4) > hardened-sources-4.1.6 has the latest grsecurity patches. I'm going to > close this as fixed but please reopen it if it still happens with 4.1.6. Thanks! 4.1.6 works ok on all my systems. Probably 4.1.4 should be removed from tree, or at least marked ~arch.
(In reply to Alex Efros from comment #5) > (In reply to Anthony Basile from comment #4) > > hardened-sources-4.1.6 has the latest grsecurity patches. I'm going to > > close this as fixed but please reopen it if it still happens with 4.1.6. > > Thanks! 4.1.6 works ok on all my systems. > > Probably 4.1.4 should be removed from tree, or at least marked ~arch. not yet. you're just focusing on one issue.
(In reply to Anthony Basile from comment #6) > (In reply to Alex Efros from comment #5) > > (In reply to Anthony Basile from comment #4) > > > hardened-sources-4.1.6 has the latest grsecurity patches. I'm going to > > > close this as fixed but please reopen it if it still happens with 4.1.6. > > > > Thanks! 4.1.6 works ok on all my systems. > > > > Probably 4.1.4 should be removed from tree, or at least marked ~arch. > > not yet. you're just focusing on one issue. FWIW this just got me too. I've been doing a round of updates to 4.1.4 and the first x86 machine that I upgraded never came back up.
(In reply to Michael Orlitzky from comment #7) > (In reply to Anthony Basile from comment #6) > > (In reply to Alex Efros from comment #5) > > > (In reply to Anthony Basile from comment #4) > > > > hardened-sources-4.1.6 has the latest grsecurity patches. I'm going to > > > > close this as fixed but please reopen it if it still happens with 4.1.6. > > > > > > Thanks! 4.1.6 works ok on all my systems. > > > > > > Probably 4.1.4 should be removed from tree, or at least marked ~arch. > > > > not yet. you're just focusing on one issue. > > FWIW this just got me too. I've been doing a round of updates to 4.1.4 and > the first x86 machine that I upgraded never came back up. is 4.1.6 working okay for everyone, because if this bug is catching people i'll rapid stabilize 4.1.6.
(In reply to Anthony Basile from comment #8) > > is 4.1.6 working okay for everyone, because if this bug is catching people > i'll rapid stabilize 4.1.6. Yep, 4.1.6 works fine on the same box.
