grsecurity forums

MY server crash with new kernel 2.4.26+grsec 2.0 this is logs:

Unable to handle kernel NULL pointer dereference at virtual address 0000000c
printing eip:
c03c3eae
*pde = 00000000
Oops: 0000
CPU: 2
EIP: 0010:[<c03c3eae>] Not tainted
EFLAGS: 00010286
eax: 00000000 ebx: 00000000 ecx: f72b8d00 edx: da32c000
esi: 00000000 edi: 00001f59 ebp: 00000000 esp: e8f81e28
ds: 0018 es: 0018 ss: 0018
Process zipscript-c (pid: 24592, stackpage=e8f81000)
Stack: 2f849480 8f849480 c03e32bd c0104858 00000002 f6985148 c024f505 c1c38330
c4077b80 c1c41720 8f849480 2f849480 dc0ff480 c1c370d0 c4077b80 2f7b2000
c02409b5 dc0ff480 2f7b2000 00891100 f5810700 f4681258 00000000 c4077b80
Call Trace: [<c03e32bd>] [<c024f505>] [<c02409b5>] [<c024145f>] [<c023db53>]
[<c028fe2e>] [<c029468f>] [<c0223d41>] [<c021c593>] [<c022a330>] [<c021c5ad>]

Code: 8b 40 0c 8b 50 08 0f b7 42 30 66 39 41 30 0f 84 2b 05 00 00


So i check it what is that c03c3eae using ksymoops:

ksymoops 2.4.9 on i686 2.4.26-grsec-wset. Options used
-V (default)
-k /proc/ksyms (default)
-l /proc/modules (default)
-o /lib/modules/2.4.26-grsec-wset/ (default)
-m /boot/2.4.26-grsec-wset/System.map (specified)

Error (expand_objects): cannot stat(/lib/pti_st.o) for pti_st
ksymoops: No such file or directory
Unable to handle kernel NULL pointer dereference at virtual address 0000000c
c03c3eae
*pde = 00000000
Oops: 0000
CPU: 2
EIP: 0010:[<c03c3eae>] Not tainted
Using defaults from ksymoops -t elf32-i386 -a i386
EFLAGS: 00010286
eax: 00000000 ebx: 00000000 ecx: f72b8d00 edx: da32c000
esi: 00000000 edi: 00001f59 ebp: 00000000 esp: e8f81e28
ds: 0018 es: 0018 ss: 0018
Process zipscript-c (pid: 24592, stackpage=e8f81000)
Stack: 2f849480 8f849480 c03e32bd c0104858 00000002 f6985148 c024f505 c1c38330
c4077b80 c1c41720 8f849480 2f849480 dc0ff480 c1c370d0 c4077b80 2f7b2000
c02409b5 dc0ff480 2f7b2000 00891100 f5810700 f4681258 00000000 c4077b80
Call Trace: [<c03e32bd>] [<c024f505>] [<c02409b5>] [<c024145f>] [<c023db53>]
[<c028fe2e>] [<c029468f>] [<c0223d41>] [<c021c593>] [<c022a330>] [<c021c5ad>]
Code: 8b 40 0c 8b 50 08 0f b7 42 30 66 39 41 30 0f 84 2b 05 00 00


>>EIP; c03c3eae <gr_chroot_shmat+19e/bf0> <=====

>>ecx; f72b8d00 <_end+36e6b800/383edb60>
>>edx; da32c000 <_end+19edeb00/383edb60>
>>esp; e8f81e28 <_end+28b34928/383edb60>

Trace; c03e32bd <gr_handle_shmat+1d/6a9>
Trace; c024f505 <__alloc_pages+65/290>
Trace; c02409b5 <pax_mirror_fault+55/180>
Trace; c024145f <do_no_page+11f/2b0>
Trace; c023db53 <in_group_p+23/30>
Trace; c028fe2e <ipcperms+be/d0>
Trace; c029468f <sys_shmat+14f/450>
Trace; c0223d41 <sys_ipc+1b1/260>
Trace; c021c593 <system_call+33/50>
Trace; c022a330 <do_page_fault+0/560>
Trace; c021c5ad <system_call+4d/50>

Code; c03c3eae <gr_chroot_shmat+19e/bf0>
00000000 <_EIP>:
Code; c03c3eae <gr_chroot_shmat+19e/bf0> <=====
0: 8b 40 0c mov 0xc(%eax),%eax <=====
Code; c03c3eb1 <gr_chroot_shmat+1a1/bf0>
3: 8b 50 08 mov 0x8(%eax),%edx
Code; c03c3eb4 <gr_chroot_shmat+1a4/bf0>
6: 0f b7 42 30 movzwl 0x30(%edx),%eax
Code; c03c3eb8 <gr_chroot_shmat+1a8/bf0>
a: 66 39 41 30 cmp %ax,0x30(%ecx)
Code; c03c3ebc <gr_chroot_shmat+1ac/bf0>
e: 0f 84 2b 05 00 00 je 53f <_EIP+0x53f>


1 error issued. Results may not be reliable.


Anybody know what is wrong in new grsec ???

adminwset wrote:MY server crash with new kernel 2.4.26+grsec 2.0 this is logs:
[ Lots of stuff cutted ]
Anybody know what is wrong in new grsec ???

Could you please try out grsec2 for 2.4.26 from cvs?

Password is: anonymous

cvs -d :pserver:anonymous@grsecurity.net:/home/cvs login
cvs -d :pserver:anonymous@grsecurity.net:/home/cvs rdiff -u -D "38 days ago" -r HEAD grsecurity2 >grsec-2.0-CVS-`date +%d.%m.%G`-2.4.26.patch

That will give you a diff from what has changed from final grsec2 for 2.4.26 to today. Apply as usual ontop of your 2.4.26+grsec2 kernel tree.

Please let us know if it fixes your problem. I'm almost sure it will

ciao, Marc