* [gentoo-hardened] Kernel related bug?
@ 2005-12-09 1:49 JM
2005-12-09 10:44 ` pageexec
0 siblings, 1 reply; 2+ messages in thread
From: JM @ 2005-12-09 1:49 UTC (permalink / raw
To: gentoo-hardened
I am attaching inline a log appeared on my system while it was a bit loaded.
I looked at it because the program "w" segfaulted two times.
After than this, the system remained up and running without any problem.
Here it is the kernel I use:
Linux praisenet 2.6.13-rsbac-rsbac #2 Mon Dec 5 17:06:35 CET 2005 i686 Pentium
III (Katmai) GenuineIntel GNU/Linux
I have Pax and some RSBAC modules compiled in, if requested I may attach my
configuration.
Should I send someone else this log too?
Dec 9 02:35:01 hostname Unable to handle kernel paging request at virtual
address 4b00c08a
Dec 9 02:35:01 hostname printing eip:
Dec 9 02:35:01 hostname c048eecd
Dec 9 02:35:01 hostname *pgd = 0
Dec 9 02:35:01 hostname *pmd = 0
Dec 9 02:35:01 hostname Oops: 0000 [#1]
Dec 9 02:35:01 hostname PREEMPT
Dec 9 02:35:01 hostname Modules linked in: sch_sfq sch_htb imq sch_tbf
Dec 9 02:35:01 hostname CPU: 0
Dec 9 02:35:01 hostname EIP: 0060:[<c048eecd>] Not tainted VLI
Dec 9 02:35:01 hostname EFLAGS: 00010a83 (2.6.13-rsbac-rsbac)
Dec 9 02:35:01 hostname EIP is at 0xc048eecd
Dec 9 02:35:01 hostname eax: 3c363056 ebx: c3ff4a8c ecx: c048ee57 edx:
c87c3ea8
Dec 9 02:35:01 hostname esi: c87c3d5e edi: 4b00c01e ebp: c87c3db4 esp:
c87c3cb2
Dec 9 02:35:01 hostname ds: 007b es: 007b ss: 0068
Dec 9 02:35:01 hostname Process w (pid: 9828, threadinfo=c87c2000
task=c7be15c0)
Dec 9 02:35:01 hostname Stack: 1b68cffe 3db400db 1006c87c 100acfae 7548cfae
0003c01e 00010000 16b40000
Dec 9 02:35:01 hostname 0002cffe 00020000 007e0000 00000000 000c0000
00002086 00020000 00020000
Dec 9 02:35:01 hostname 00020000 00020000 00010000 00000000 00000000
26640000 00010000 00000000
Dec 9 02:35:01 hostname Call Trace:
Dec 9 02:35:01 hostname Code: 65 78 00 5f 5f 64 65 76 5f 67 65 74 5f 62 79
5f 6e 61 6d 65 00 5f 5f 64 65 76 5f 72 65 6d 6f 76 65 5f 70 61 63 6b 00 5f 5f
73 6b <62> 5f 6c 69 6e 65 61 72 69 7a 65 00 64 65 76 5f 61 64 64 5f 70
Dec 9 02:35:03 hostname <1>Unable to handle kernel paging request at virtual
address 4b00c08a
Dec 9 02:35:03 hostname printing eip:
Dec 9 02:35:03 hostname c048eecd
Dec 9 02:35:03 hostname *pgd = 0
Dec 9 02:35:03 hostname *pmd = 0
Dec 9 02:35:03 hostname Oops: 0000 [#2]
Dec 9 02:35:03 hostname PREEMPT
Dec 9 02:35:03 hostname Modules linked in: sch_sfq sch_htb imq sch_tbf
Dec 9 02:35:03 hostname CPU: 0
Dec 9 02:35:03 hostname EIP: 0060:[<c048eecd>] Not tainted VLI
Dec 9 02:35:03 hostname EFLAGS: 00010a83 (2.6.13-rsbac-rsbac)
Dec 9 02:35:03 hostname EIP is at 0xc048eecd
Dec 9 02:35:03 hostname eax: a59d95c8 ebx: c3ff4a8c ecx: c048ee57 edx:
ca243e9c
Dec 9 02:35:03 hostname esi: ca243d52 edi: 4b00c01e ebp: ca243da8 esp:
ca243ca6
Dec 9 02:35:03 hostname ds: 007b es: 007b ss: 0068
Dec 9 02:35:03 hostname Process w (pid: 9829, threadinfo=ca242000
task=c39f2520)
Dec 9 02:35:03 hostname Stack: 1b68cffe 3da800db 8006ca24 800acfc2 7548cfc2
0003c01e 00010000 16b40000
Dec 9 02:35:03 hostname 2665cffe 00070000 007e0000 00000000 f4dc0000
0000c9f0 416d0000 00010000
Dec 9 02:35:03 hostname ffe90000 3f3cffff 0000ca24 00020000 00020000
00020000 00010000 000d0000
Dec 9 02:35:03 hostname Call Trace:
Dec 9 02:35:03 hostname Code: 65 78 00 5f 5f 64 65 76 5f 67 65 74 5f 62 79
5f 6e 61 6d 65 00 5f 5f 64 65 76 5f 72 65 6d 6f 76 65 5f 70 61 63 6b 00 5f 5f
73 6b <62> 5f 6c 69 6e 65 61 72 69 7a 65 00 64 65 76 5f 61 64 64 5f 70
--
gentoo-hardened@gentoo.org mailing list
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [gentoo-hardened] Kernel related bug?
2005-12-09 1:49 [gentoo-hardened] Kernel related bug? JM
@ 2005-12-09 10:44 ` pageexec
0 siblings, 0 replies; 2+ messages in thread
From: pageexec @ 2005-12-09 10:44 UTC (permalink / raw
To: gentoo-hardened
On 9 Dec 2005 at 2:49, JM wrote:
> Linux praisenet 2.6.13-rsbac-rsbac #2 Mon Dec 5 17:06:35 CET 2005 i686 Pentium
> III (Katmai) GenuineIntel GNU/Linux
as far as PaX is concerned, 2.6.14 is the last 'supported' version,
as in, i fix stuff only in there, and i'm sure i did do so since the
2.6.13 port was abandoned. so if you can give that a try and reproduce
this, it'll help confirm/eliminate PaX bug at least.
> I have Pax and some RSBAC modules compiled in, if requested I may attach my
> configuration.
> Should I send someone else this log too?
Amon Ott probably would be interested as well.
> Dec 9 02:35:01 hostname PREEMPT
can you try without preempt? i never really audited PaX for such use,
even if i think most of the code is not sensitive to it, it's better
to leave it off.
> Dec 9 02:35:01 hostname Call Trace:
> Dec 9 02:35:01 hostname Code: 65 78 00 5f 5f 64 65 76 5f 67 65 74 5f 62 79
> 5f 6e 61 6d 65 00 5f 5f 64 65 76 5f 72 65 6d 6f 76 65 5f 70 61 63 6b 00 5f 5f
> 73 6b <62> 5f 6c 69 6e 65 61 72 69 7a 65 00 64 65 76 5f 61 64 64 5f 70
this points to something royally hosed. the above 'code' resolves to
a plain ascii string, eip fell into the middle of '__skb_linearize',
hardly valid machine code ;-). but short of a valid stacktrace, it's
hard to tell what the kernel was doing. maybe if you disabled module
support and enabled KERNEXEC you'd get a better stacktrace, but that's
just a guess. if you can reproduce it reliably, you could also just
try PaX (on 2.6.14 as well) and RSBAC alone.
--
gentoo-hardened@gentoo.org mailing list
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-12-09 11:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-12-09 1:49 [gentoo-hardened] Kernel related bug? JM
2005-12-09 10:44 ` pageexec
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox