grsecurity forums

Posted: **Wed Jun 01, 2016 6:45 pm**

I'm not sure whether some systemd crashes actually related to grsecurity or I'm just see more information because of the capabilities of grsec.
I have an unsuccessful upgrade from systemd-228-r1 to systemd-229 because of crashes. Now I'm experiencing crashes while tried to upgrade to systemd-230-r1.
After crash bruteforce logic is activated. System acts slowly. It was more serious by the time of -229, but it is still noticeable in case of -230-r1.
Some log messages I could capture related to the issue:

Code: Select all: grsec: denied resource overstep by requesting 8392704 for RLIMIT_STACK against limit 8388608 for /usr/lib64/systemd/systemd[systemd:2735] uid/euid:0/0 gid/egid:0/0, parent /usr/lib64/systemd/systemd[systemd:1] uid/euid:0/0 gid/egid:0/0 systemd[2735]: segfault at 39f8d01cf00 ip 00000368d4caa2e4 sp 0000039f8d01cf00 error 6 in libc-2.23.so[368d4c62000+19a000] grsec: Segmentation fault occurred at 0000039f8d01cf00 in /usr/lib64/systemd/systemd[systemd:2735] uid/euid:0/0 gid/egid:0/0, parent /usr/lib64/systemd/systemd[systemd:1] uid/euid:0/0 gid/egid:0/0 grsec: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/lib64/systemd/systemd[systemd:2735] uid/euid:0/0 gid/egid:0/0, parent /usr/lib64/systemd/systemd[systemd:1] uid/euid:0/0 gid/egid:0/0 systemd-coredump[2747]: Process 2735 (systemd) of user 0 dumped core. Stack trace of thread 2735: #0 0x00000368d4caa2e4 _IO_vfprintf (libc.so.6) #1 0x00000368d4d5e852 __vsnprintf_chk (libc.so.6) #2 0x00000368d4d5e7a4 __snprintf_chk (libc.so.6) #3 0x00000000df8db344 n/a (systemd) #4 0x00000000df8db9aa n/a (systemd) #5 0x00000000df8da72f n/a (systemd) #6 0x00000000df8db314 n/a (systemd) #7 0x00000000df8db9aa n/a (systemd) #8 0x00000000df8da72f n/a (systemd) #9 0x00000000df8db314 n/a (systemd) #10 0x00000000df8db9aa n/a (systemd) #11 0x00000000df8da72f n/a (systemd) #12 0x00000000df8db314 n/a (systemd) #13 0x00000000df8db9aa n/a (systemd) #14 0x00000000df8da72f n/a (systemd) #15 0x00000000df8db314 n/a (systemd) #16 0x00000000df8db9aa n/a (systemd) #17 0x00000000df8da72f n/a (systemd) #18 0x00000000df8db314 n/a (systemd) #19 0x00000000df8db9aa n/a (systemd) #20 0x00000000df8da72f n/a (systemd) #21 0x00000000df8db314 n/a (systemd) #22 0x00000000df8db9aa n/a (systemd) #23 0x00000000df8da72f n/a (systemd) #24 0x00000000df8db314 n/a (systemd) #25 0x00000000df8db9aa n/a (systemd) #26 0x00000000df8da72f n/a (systemd) #27 0x00000000df8db314 n/a (systemd) #28 0x00000000df8db9aa n/a (systemd) #29 0x00000000df8da72f n/a (systemd) #30 0x00000000df8db314 n/a (systemd) #31 0x00000000df8db9aa n/a (systemd) #32 0x00000000df8da72f n/a (systemd) #33 0x00000000df8db314 n/a (systemd) #34 0x00000000df8db9aa n/a (systemd) #35 0x00000000df8da72f n/a (systemd) #36 0x00000000df8db314 n/a (systemd) #37 0x00000000df8db9aa n/a (systemd) #38 0x00000000df8da72f n/a (systemd) #39 0x00000000df8db314 n/a (systemd) #40 0x00000000df8db9aa n/a (systemd) #41 0x00000000df8da72f n/a (systemd) #42 0x00000000df8db314 n/a (systemd) #43 0x00000000df8db9aa n/a (systemd) #44 0x00000000df8da72f n/a (systemd) #45 0x00000000df8db314 n/a (systemd) #46 0x00000000df8db9aa n/a (systemd) #47 0x00000000df8da72f n/a (systemd) #48 0x00000000df8db314 n/a (systemd) #49 0x00000000df8db9aa n/a (systemd) #50 0x00000000df8da72f n/a (systemd) #51 0x00000000df8db314 n/a (systemd) #52 0x00000000df8db9aa n/a (systemd) #53 0x00000000df8da72f n/a (systemd) #54 0x00000000df8db314 n/a (systemd) #55 0x00000000df8db9aa n/a (systemd) #56 0x00000000df8da72f n/a (systemd) #57 0x00000000df8db314 n/a (systemd) #58 0x00000000df8db9aa n/a (systemd) #59 0x00000000df8da72f n/a (systemd) #60 0x00000000df8db314 n/a (systemd) #61 0x00000000df8db9aa n/a (systemd) #62 0x00000000df8da72f n/a (systemd) #63 0x00000000df8db314 n/a (systemd) systemd-logind[897]: Failed to abandon session scope: Connection timed out

Any ideas on this problem persisting since systemd-229?

Thx: Dw.

Posted: **Thu Jun 02, 2016 3:42 pm**

Code: Select all: cat /proc/1/limits Limit Soft Limit Hard Limit Units Max stack size 8388608 unlimited bytes

So while exceeding stack soft limit systemd segfaults and tries to dump core. This is not what I would expect from a process. I'll try to increase stack soft limit in order to check what happens and report back.

Posted: **Sun Jun 05, 2016 3:00 pm**

Dwokfur wrote:
Code: Select all
cat /proc/1/limits Limit Soft Limit Hard Limit Units Max stack size 8388608 unlimited bytes

So while exceeding stack soft limit systemd segfaults and tries to dump core. This is not what I would expect from a process. I'll try to increase stack soft limit in order to check what happens and report back.

Increasing stack soft limit - not surprisingly - doesn't fix the problem.

I did a bisect and the symptoms can be tied to this commit:
tree-wide: use xsprintf() where applicable

I try to contact the developer involved.

grsecurity forums

systemd-229/230 crashes

systemd-229/230 crashes

Re: systemd-229/230 crashes

Re: systemd-229/230 crashes