$ uname -a
Linux debian 2.6.30.4 #1 Wed Aug 5 15:27:32 EEST 2009 i686 GNU/Linux
i wanted to test the kernel with paxtest-0.9.7-pre4
but it stuck on getstack2 and cpu work on 100%
$ ./paxtest blackhat
PaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@adamantix.org>
Released under the GNU Public Licence version 2 or later
Writing output to paxtest.log
It may take a while for the tests to complete
like this:
2568 0.7 3.7 4496 2496 pts/1 S+ 16:41 0:00 /bin/sh ./paxtest blackhat
2792 0.7 1.4 1920 948 pts/1 S+ 16:41 0:00 ./randstack2
2793 78.2 0.0 272 28 pts/1 R+ 16:41 0:03 ./getstack2
# strace -vf -p 2793
Process 2793 attached - interrupt to quit
no output
Any ideas ?
im with latest grsecurity patch
paxtest with 2.6.30.4 + grsec
7 posts
• Page 1 of 1
paxtest with 2.6.30.4 + grsec
by coderx » Wed Aug 05, 2009 9:46 am
- coderx
- Posts: 37
- Joined: Tue Mar 25, 2008 3:57 am
Re: paxtest with 2.6.30.4 + grsec
by spender » Wed Aug 05, 2009 11:23 am
Did you run the test within VMWare on an older processor without NX support (or with NX support disabled in the BIOS) with only PAGEEXEC enabled?
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: paxtest with 2.6.30.4 + grsec
by coderx » Wed Aug 05, 2009 11:33 am
its P4 and without grsecurity patch paxtest work as normal
- coderx
- Posts: 37
- Joined: Tue Mar 25, 2008 3:57 am
Re: paxtest with 2.6.30.4 + grsec
by spender » Wed Aug 05, 2009 1:06 pm
Was the test run within VMWare?
Can you paste your /proc/cpuinfo and your PaX config?
-Brad
Can you paste your /proc/cpuinfo and your PaX config?
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: paxtest with 2.6.30.4 + grsec
by coderx » Thu Aug 06, 2009 4:28 am
its not vmware
# cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 15
model : 6
model name : Intel(R) Pentium(R) 4 CPU 3.00GHz
stepping : 5
cpu MHz : 2999.995
cache size : 2048 KB
physical id : 0
siblings : 2
core id : 0
cpu cores : 1
apicid : 0
initial apicid : 0
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 6
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc pebs bts pni monitor ds_cpl est tm2 cid cx16 xtpr lahf_lm
bogomips : 5999.99
clflush size : 64
power management:
# grep PAX config-2.6.30.4
CONFIG_PAX=y
# CONFIG_PAX_SOFTMODE is not set
CONFIG_PAX_EI_PAX=y
CONFIG_PAX_PT_PAX_FLAGS=y
# CONFIG_PAX_NO_ACL_FLAGS is not set
CONFIG_PAX_HAVE_ACL_FLAGS=y
# CONFIG_PAX_HOOK_ACL_FLAGS is not set
CONFIG_PAX_NOEXEC=y
CONFIG_PAX_PAGEEXEC=y
CONFIG_PAX_SEGMEXEC=y
CONFIG_PAX_EMUTRAMP=y
CONFIG_PAX_MPROTECT=y
CONFIG_PAX_NOELFRELOCS=y
CONFIG_PAX_KERNEXEC=y
CONFIG_PAX_ASLR=y
CONFIG_PAX_RANDKSTACK=y
CONFIG_PAX_RANDUSTACK=y
CONFIG_PAX_RANDMMAP=y
CONFIG_PAX_MEMORY_SANITIZE=y
CONFIG_PAX_MEMORY_UDEREF=y
CONFIG_PAX_REFCOUNT=y
CONFIG_PAX_USERCOPY=y
# cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 15
model : 6
model name : Intel(R) Pentium(R) 4 CPU 3.00GHz
stepping : 5
cpu MHz : 2999.995
cache size : 2048 KB
physical id : 0
siblings : 2
core id : 0
cpu cores : 1
apicid : 0
initial apicid : 0
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 6
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc pebs bts pni monitor ds_cpl est tm2 cid cx16 xtpr lahf_lm
bogomips : 5999.99
clflush size : 64
power management:
# grep PAX config-2.6.30.4
CONFIG_PAX=y
# CONFIG_PAX_SOFTMODE is not set
CONFIG_PAX_EI_PAX=y
CONFIG_PAX_PT_PAX_FLAGS=y
# CONFIG_PAX_NO_ACL_FLAGS is not set
CONFIG_PAX_HAVE_ACL_FLAGS=y
# CONFIG_PAX_HOOK_ACL_FLAGS is not set
CONFIG_PAX_NOEXEC=y
CONFIG_PAX_PAGEEXEC=y
CONFIG_PAX_SEGMEXEC=y
CONFIG_PAX_EMUTRAMP=y
CONFIG_PAX_MPROTECT=y
CONFIG_PAX_NOELFRELOCS=y
CONFIG_PAX_KERNEXEC=y
CONFIG_PAX_ASLR=y
CONFIG_PAX_RANDKSTACK=y
CONFIG_PAX_RANDUSTACK=y
CONFIG_PAX_RANDMMAP=y
CONFIG_PAX_MEMORY_SANITIZE=y
CONFIG_PAX_MEMORY_UDEREF=y
CONFIG_PAX_REFCOUNT=y
CONFIG_PAX_USERCOPY=y
- coderx
- Posts: 37
- Joined: Tue Mar 25, 2008 3:57 am
Re: paxtest with 2.6.30.4 + grsec
by romain » Fri Nov 05, 2010 9:24 am
I have exactly the same issue with debian 5, kernel 2.6.32.25 and the grsecurity patch at the same level and the paxtest 0.9.7.pre5. My debian box runs like a full virtualiazed vm under xen.
If you need additionnal info please let me know
If you need additionnal info please let me know
- romain
- Posts: 1
- Joined: Thu Nov 04, 2010 10:07 pm
Re: paxtest with 2.6.30.4 + grsec
by PaX Team » Sat Nov 06, 2010 6:41 am
does your CPU support the NX bit? is it available in domU as well? did you enable PAE support in the domU config? as a quick test, what happens if you disable PAGEEXEC in your config?romain wrote:I have exactly the same issue with debian 5, kernel 2.6.32.25 and the grsecurity patch at the same level and the paxtest 0.9.7.pre5. My debian box runs like a full virtualiazed vm under xen.
If you need additionnal info please let me know
- PaX Team
- Posts: 2310
- Joined: Mon Mar 18, 2002 4:35 pm
7 posts
• Page 1 of 1