From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1P9d8y-0001do-Qs for garchives@archives.gentoo.org; Sat, 23 Oct 2010 12:24:16 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AD111E06DF; Sat, 23 Oct 2010 12:21:47 +0000 (UTC) Received: from powerman.name (powerman.name [85.90.198.1]) by pigeon.gentoo.org (Postfix) with ESMTP id C7657E06DF for ; Sat, 23 Oct 2010 12:21:46 +0000 (UTC) Received: (qmail 32665 invoked by uid 1000); 23 Oct 2010 12:21:45 -0000 Date: Sat, 23 Oct 2010 15:21:45 +0300 From: Alex Efros To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] 2.6.28-hardened-r7 hangs before starting /sbin/init Message-ID: <20101023122145.GD3696@home.power> Mail-Followup-To: gentoo-hardened@lists.gentoo.org References: <20090402222227.GM32102@home.power> <49D53F8E.16661.386BDA57@pageexec.freemail.hu> <20090402230431.GN32102@home.power> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20090402230431.GN32102@home.power> Organization: http://powerman.name/ User-Agent: Mutt/1.5.20 (2009-06-14) X-Archives-Salt: 86e94466-c41d-48ba-baed-32154b301271 X-Archives-Hash: 3fe316c789c61b36948612ac1d6d762e Hi! On Fri, Apr 03, 2009 at 02:04:31AM +0300, Alex Efros wrote: > To resume, what we've now: > > Fact 1: previous kernel (2.6.27-hardened-r8) doesn't hangs > Fact 2: kernel hang after "Freeing unused kernel memory:" > * so I suppose it failed to start process N1 > Fact 3: kernel compiled without MPROTECT doesn't hangs > * so I suppose it's something related to PaX ... > * or some very unique hardware issue > Fact 4: kernel loaded with init=/bin/bash hangs in same way > * so it's unlikely issue with runit-init > Fact 5: paxctl -m for init command (/sbin/runit-init or /bin/bash) fix issue > * so there workaround exists which doesn't lower overall server security > Fact 6: /bin/bash works just fine without paxctl -m after boot > * so it has nothing with usual PaX work > Fact 7: this issue happens on one of several similar (if no equal) servers > * buggy hardware or some conflict (there IRQ differences between servers)? This just happens again: after upgrade from 2.6.32-hardened-r9 to 2.6.32-hardened-r22 kernel hangs after "Freeing unused kernel memory:". With init=/bin/bash it boots ok (bash flags: -------x-e--). With init=/sbin/runit-init it hangs (with flags: -------x-e--). paxctl -m /sbin/runit-init fixed this issue. Strange thing is: I've 4 HP servers with same hardware and same software, but this issue happens only on one of servers - three other boot new kernel without issues while their /sbin/runit-init has flags -------x-e--. -- WBR, Alex.