grsecurity forums


https://forums.grsecurity.net./

2.6.30.5 / PAX: iptables attempted to modify kernel code

https://forums.grsecurity.net./viewtopic.php?f=3&t=2185

Page 1 of 1

2.6.30.5 / PAX: iptables attempted to modify kernel code

PostPosted: Thu Sep 03, 2009 5:58 am
by sfaerber
Hello,

i just tried 2.6.30.5 and the latest grsecurity patch (grsecurity-2.1.14-2.6.30.5-200909021910.patch) and got the following error/ kernel oops
after boot:
--
PAX: iptables:7709, uid/euid: 0/0, attempted to modify kernel code
BUG: unable to handle kernel paging request at c1696000
IP: [<000a1444>] 0x0a1444
*pdpt = 0000000001692001 *pde = 00000000016001e1
Oops: 0003 [#1] SMP
last sysfs file: /sys/class/i2c-adapter/i2c-0/name
--


full oops from dmesg: http://pastebin.com/m4574130b
.config: http://pastebin.com/m1efb23ca
readelf -ed vmlinux: http://pastebin.com/m79fe906e

Let me know if you need anything else /how i can assist you with debugging this.

Thanks,

Sebastian

Re: 2.6.30.5 / PAX: iptables attempted to modify kernel code

PostPosted: Thu Sep 03, 2009 8:32 am
by spender
Can you make your System.map and vmlinux (the file in your kernel source tree) file available somewhere?

-Brad

Re: 2.6.30.5 / PAX: iptables attempted to modify kernel code

PostPosted: Thu Sep 03, 2009 10:43 am
by sfaerber
Sure, no problem:

http://v6-net.de/grsec/vmlinux
http://v6-net.de/grsec/System.map

Thanks for your help,

Sebastian

Re: 2.6.30.5 / PAX: iptables attempted to modify kernel code

PostPosted: Fri Sep 04, 2009 10:44 am
by spender
The PaX team has determined the problem and is working on a fix.

-Brad

Re: 2.6.30.5 / PAX: iptables attempted to modify kernel code

PostPosted: Sun Sep 06, 2009 2:43 pm
by PaX Team
spender wrote:The PaX team has determined the problem and is working on a fix.
should be fixed in the latest test patches.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/