Stability issues
Posted: Wed May 29, 2002 3:34 amI have kernel 2.4.18 and grsecurity installed on about 11 web servers - of the 11 servers about 6 have had a common problem.
I do not have the ACL system enabled. The most subtantial features enabled are:
CONFIG_GRKERNSEC_STACK=y
CONFIG_GRKERNSEC_STACK_GCC=y
CONFIG_GRKERNSEC_KMEM=y
And i have most of the networking features enabled as well as proc restrictions, ran pid's and a few other features here and their.
The error i get on all the servers is essentialy the same aside for the process noted in the error. Error is below:
May 28 04:02:06 www kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000028
May 28 04:02:06 www kernel: printing eip:
May 28 04:02:06 www kernel: c014138a
May 28 04:02:06 www kernel: *pde = 1d637067
May 28 04:02:06 www kernel: *pte = 00000000
May 28 04:02:06 www kernel: Oops: 0000
May 28 04:02:06 www kernel: CPU: 0
May 28 04:02:06 www kernel: EIP: 0010:[<c014138a>] Not tainted
May 28 04:02:06 www kernel: EFLAGS: 00010203
May 28 04:02:06 www kernel: eax: def80000 ebx: 00000000 ecx: 0000000f edx: 00002f78
May 28 04:02:06 www kernel: esi: 00000000 edi: 0003abad ebp: def97bc0 esp: dbd3de98
May 28 04:02:06 www kernel: ds: 0018 es: 0018 ss: 0018
May 28 04:02:06 www kernel: Process updatedb (pid: 17664, stackpage=dbd3d000)
May 28 04:02:06 www kernel: Stack: dd8c31c0 def97bc0 0003abad c17f6e00 c0141791 c17f6e00 0003abad def97bc0
May 28 04:02:06 www kernel: 00000000 00000000 00000000 d078a4c0 d078a4c0 d0b3bb40 dd8c31c0 d078a4c0
May 28 04:02:06 www kernel: d078a4c0 d0b3bb40 c0154062 c17f6e00 0003abad 00000000 00000000 583ce73f
May 28 04:02:06 www kernel: Call Trace: [<c0141791>] [<c0154062>] [<c013749d>] [<c0137c20>] [<c01371ed>]
May 28 04:02:06 www kernel: [<c0138303>] [<c0134e14>] [<c0106c9b>]
May 28 04:02:06 www kernel:
May 28 04:02:06 www kernel: Code: 39 7e 28 75 f1 8b 44 24 14 39 86 98 00 00 00 75 e5 8b 4c 24
If i boot the servers in question, to the default kernel - the errors stop appearing and stability greatly improves. My web servers are redhat linux 7.1 & 7.2.
Any insight into this would be of great help. It might also be worth noting i had these problems with the patch for 2.4.17 however it did not occur as much - with 2.4.18 and the updated grsec patch , the problem occurs 10 fold as much.
I do not have the ACL system enabled. The most subtantial features enabled are:
CONFIG_GRKERNSEC_STACK=y
CONFIG_GRKERNSEC_STACK_GCC=y
CONFIG_GRKERNSEC_KMEM=y
And i have most of the networking features enabled as well as proc restrictions, ran pid's and a few other features here and their.
The error i get on all the servers is essentialy the same aside for the process noted in the error. Error is below:
May 28 04:02:06 www kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000028
May 28 04:02:06 www kernel: printing eip:
May 28 04:02:06 www kernel: c014138a
May 28 04:02:06 www kernel: *pde = 1d637067
May 28 04:02:06 www kernel: *pte = 00000000
May 28 04:02:06 www kernel: Oops: 0000
May 28 04:02:06 www kernel: CPU: 0
May 28 04:02:06 www kernel: EIP: 0010:[<c014138a>] Not tainted
May 28 04:02:06 www kernel: EFLAGS: 00010203
May 28 04:02:06 www kernel: eax: def80000 ebx: 00000000 ecx: 0000000f edx: 00002f78
May 28 04:02:06 www kernel: esi: 00000000 edi: 0003abad ebp: def97bc0 esp: dbd3de98
May 28 04:02:06 www kernel: ds: 0018 es: 0018 ss: 0018
May 28 04:02:06 www kernel: Process updatedb (pid: 17664, stackpage=dbd3d000)
May 28 04:02:06 www kernel: Stack: dd8c31c0 def97bc0 0003abad c17f6e00 c0141791 c17f6e00 0003abad def97bc0
May 28 04:02:06 www kernel: 00000000 00000000 00000000 d078a4c0 d078a4c0 d0b3bb40 dd8c31c0 d078a4c0
May 28 04:02:06 www kernel: d078a4c0 d0b3bb40 c0154062 c17f6e00 0003abad 00000000 00000000 583ce73f
May 28 04:02:06 www kernel: Call Trace: [<c0141791>] [<c0154062>] [<c013749d>] [<c0137c20>] [<c01371ed>]
May 28 04:02:06 www kernel: [<c0138303>] [<c0134e14>] [<c0106c9b>]
May 28 04:02:06 www kernel:
May 28 04:02:06 www kernel: Code: 39 7e 28 75 f1 8b 44 24 14 39 86 98 00 00 00 75 e5 8b 4c 24
If i boot the servers in question, to the default kernel - the errors stop appearing and stability greatly improves. My web servers are redhat linux 7.1 & 7.2.
Any insight into this would be of great help. It might also be worth noting i had these problems with the patch for 2.4.17 however it did not occur as much - with 2.4.18 and the updated grsec patch , the problem occurs 10 fold as much.