grsecurity forums

I've been running the grsec testing kernel for a few months without anything I cannot understand/resolve, but when I updated to 4.5.3.201605060852-1, I started getting the following warning error at boot:

Code: Select all

May 11 09:09:44 archer kernel: grsec: denied access of range af7e3000 -> af7e3008 in /dev/mem by /usr/lib/systemd/systemd[systemd:1] uid/euid:0/0 gid/egid:0/0, parent /[swapper/0:0] uid/euid:0/0 gid/egid:0/0

I'm currently running 4.5.3.201605080858-1-grsec on arch linux.

I'm trying to figure out what's causing this and how I can resolve it. Everything seems to work fine but I'd still like to figure out what's behind it.

Any advice on where/how to troubleshoot this would be very much appreciated.

Cheers,
Jules

Can you first try disabling GRKERNSEC_KMEM, but make sure CONFIG_STRICT_DEVMEM is enabled? If that still produces an error (though it won't have grsec listed in it), could you try a vanilla kernel of the same version with CONFIG_STRICT_DEVMEM enabled? I've looked at our checks for this, and I don't see any reason why it would differ from an upstream kernel for this particular range.

-Brad

Many thanks for this - will recompile this weekend and see what I get - again, much appreciated!

Jules