grsecurity forums

Hi,
I have grsec-rc1 for 2.4.20 kernel. When i use Mozilla 1.2.1 and i open page that includes java applet i got this problem: sometimes java applets works fine but sometimes Mozillla crashes and in /var/log/messages i have this:
kernel: grsec: signal 11 sent to (java_vm:17519) UID (501) EUID(501), parent (java_vm:21523) UID (501) EUID(501)
kernel: grsec: signal 11 sent to (java_vm:27757) UID (501) EUID(501), parent (mozilla-bin:10123) UID (501) EUID(501)
last message repeated 2 times

What's wrong with applets? Interesting is that i don't have problemms with compiling and running my own java programms (not applets).
I have Sun java v1.4.1

Without grsecurity everthing works fine. When i was using 2.4.19 kernel with grsecurity, applets were (sometimes) crashing too.

Any suggestion?

download chpax.c from http://pageexec.virtualave.net/chpax.c

compile it, then find the location of java_vm, and chpax -sp java_vm

The reason it's crashing is because it's trying to execute code in a non-executable region, which PaX won't allow.

-Brad

It didn't help...
Mozilla still sometimes 'crash' when java applets are loaded...
And it puts into /var/log/messages the same informations as above.

marcin_1 wrote:Mozilla still sometimes 'crash' when java applets are loaded...
And it puts into /var/log/messages the same informations as above.

can you post or email us the result of 'grep PAX /var/log/messages' please?

It shows nothing...

marcin_1 wrote:It shows nothing...

unless you're logging KERN_ERR level messages elsewhere, all i can say is that your problem is at least not caused by the non-executable page feature. the next thing you should try is to disable randomization (chpax -r) on the java VM and see if that helps (also could you post the chpax -v output please?).

i've checked /var/log/kernel/error.log - and there are only lines with kernel: grsec: signal 11 sent to.... (as quoted above).
Strange thing is that when i've tried running mozilla as root everything looked fine. No crashing when loading java applets.

I've tried chpax on java_vm in many ways, but none of them helped.
Any ideas?

marcin_1 wrote:i've checked /var/log/kernel/error.log - and there are only lines with kernel: grsec: signal 11 sent to.... (as quoted above).
Strange thing is that when i've tried running mozilla as root everything looked fine. No crashing when loading java applets.

well, i'm pretty sure that PaX itself has no uid sensitive code in it, so your problems must come from somewhere else. you can either debug the crashes or try to disable various grsec kernel options one by one and see at which point the problems disappear.

I've the same problem. After some experimenting with chpax, I got it working

My setting is:

----[ chpax 0.2 : Current flags for /usr/j2re1.4.1/bin/java_vm ]----

* Paging based PAGE_EXEC : disabled
* Trampolines : not emulated
* mprotect() : restricted
* mmap() base : not randomized
* ET_EXEC base : randomized
* Segmentation based PAGE_EXEC : enabled

hardigunawan wrote: * mmap() base : not randomized
* ET_EXEC base : randomized

well, having RANDEXEC enabled without RANDMMAP does not do much except slow down the given app, so you may as well disable it as well . btw, what features did you enable in your kernel config?

kernel: grsec: signal 11 sent to (java_vm:17519) UID (501) EUID(501), parent (java_vm:21523) UID (501) EUID(501)
kernel: grsec: signal 11 sent to (java_vm:27757) UID (501) EUID(501), parent (mozilla-bin:10123) UID (501) EUID(501)
last message repeated 2 times

Take a probe: start your mozilla-bin (sitting in /usr/lib/mozilla*/mozilla-bin)
type a java url, if you get en error from java, like this:
GetGlobalServiceManager__16nsServiceManagerPP17nsIServiceManager
You must recompile mozilla with gcc 2.95, or similar.
If not, ignore this
/Java re, and sdk was compiling whit 'older' gcc, and don't like gcc 3.x/

An my chpax settings:

----[ chpax 0.2 : Current flags for /home/java/j2sdk1.4.0_03/bin/java_vm ]----

* Paging based PAGE_EXEC : disabled
* Trampolines : not emulated
* mprotect() : not restricted
* mmap() base : not randomized
* ET_EXEC base : not randomized
* Segmentation based PAGE_EXEC : disabled

----[ chpax 0.2 : Current flags for /usr/lib/mozilla-1.2.1/mozilla-bin ]----

* Paging based PAGE_EXEC : enabled (overridden)
* Trampolines : not emulated
* mprotect() : restricted
* mmap() base : randomized
* ET_EXEC base : not randomized
* Segmentation based PAGE_EXEC : enabled