grsecurity forums

by **lsgroup** » Tue May 22, 2012 8:44 pm

Hello,
Have been working with GRSecurity for a few months now and it's working great. Recently have had problems with this combination:
CentOS 6.2
GRSecurity grsecurity-2.9-2.6.32.57-201202232125.patch
linux kernel 2.6.32.57
configuration: GRSecurity set to "High", PaX with Support Soft Mode, legacy ELF, ELF program headers
RBAC disabled

When trying to run jdk1.7.0_04, java hangs with no error messages in /var/log/messages and cannot be killed leaving CPU at 100% forever, OS unable to shutdown. Only solution is to pull the power plug!

I don't think this is a PaX related issue...

1. chpax and paxctl were used (chpax -pemxrs).
2. java -version -verbose produces no output at all
3. It hangs with or without using chpax.
4. Tried with a kernel recompile with PaX turned off completely - same exact behavior

top output ...
================================================================
top - 10:12:40 up 5:05, 2 users, load average: 42.93, 42.56, 41.41
Tasks: 190 total, 5 running, 184 sleeping, 0 stopped, 1 zombie
Cpu(s): 0.0%us, 22.4%sy, 0.0%ni, 33.1%id, 44.5%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 8139472k total, 1675248k used, 6464224k free, 24488k buffers
Swap: 10289144k total, 0k used, 10289144k free, 1327228k cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1753 testu 20 0 0 0 0 Z 101.2 0.0 274:19.18 java <defunct>
================================================================

This happens even when PaX is not enabled at the kernel compile level.
When I boot with the CentOS 6.2 kernel, java 1.7 runs fine.
So I'm thinking this has to do with some GRSecurity parameter configuration. But at 1 hour compile times, I don't have the luxury to try one at a time.

This same instance runs jdk 1.6 and jrockit 1.6 just fine after using chpax or paxctl of course:

================================================================
(jrockit-jdk1.6.0_31-R28.2.3-4.1.0-linux-x64.bin)
# chpax -PEMrXS java
# ./java -version
java version "1.6.0_31"
Java(TM) SE Runtime Environment (build 1.6.0_31-b05)
Oracle JRockit(R) (build R28.2.3-13-149708-1.6.0_31-20120327-1523-linux-x86_64, compiled mode)

# chpax -v java
----[ chpax 0.7 : Current flags for java (peMRxs) ]----
* Paging based PAGE_EXEC : disabled
* Trampolines : not emulated
* mprotect() : restricted
* mmap() base : randomized
* ET_EXEC base : not randomized
* Segmentation based PAGE_EXEC : disabled

(jdk-6u25-linux-x64.bin)
# ./java -version
java version "1.6.0_25"
Java(TM) SE Runtime Environment (build 1.6.0_25-b06)
Java HotSpot(TM) 64-Bit Server VM (build 20.0-b11, mixed mode)
================================================================

JDK 1.6 is fine for now, but sooner or later, the server will need to run JDK 1.7. Wondering if anyone has come across this or if someone might have an idea what would get jdk 1.7 working. Or what other info I might supply to try to figure this out.

Thanks!

Not sure if it helps, but I straced the command...

================================================================
# chpax -pemrxs java
# strace ./java -verbose -version
execve("./java", ["./java", "-verbose", "-version"], [/* 22 vars */]) = 0
brk(0) = 0x600b18
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0bb7044000
readlink("/proc/self/exe", "/root/store/jdk1.7.0_04/bin/java", 4096) = 32
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/x86_64", 0x7fffffffcd70) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls", 0x7fffffffcd70) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/x86_64", 0x7fffffffcd70) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli", 0x7fffffffcd70) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/x86_64", 0x7fffffffcd70) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls", 0x7fffffffcd70) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/x86_64", 0x7fffffffcd70) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f0bb7035000
close(3) = 0
open("/lib64/libpthread.so.0", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \\\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=138328, ...}) = 0
mmap(NULL, 2208672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0bb6c0b000
mprotect(0x7f0bb6c22000, 2093056, PROT_NONE) = 0
mmap(0x7f0bb6e21000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7f0bb6e21000
mmap(0x7f0bb6e23000, 13216, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f0bb6e23000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libjli.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=103718, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0bb7034000
mmap(NULL, 2187192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0bb69f5000
mprotect(0x7f0bb6a0b000, 2093056, PROT_NONE) = 0
mmap(0x7f0bb6c0a000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15000) = 0x7f0bb6c0a000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib64/libdl.so.2", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=19536, ...}) = 0
mmap(NULL, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0bb67f1000
mprotect(0x7f0bb67f3000, 2097152, PROT_NONE) = 0
mmap(0x7f0bb69f3000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f0bb69f3000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib64/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\355\1\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1973416, ...}) = 0
mmap(NULL, 3803304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0bb6450000
mprotect(0x7f0bb65e7000, 2097152, PROT_NONE) = 0
mmap(0x7f0bb67e7000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x197000) = 0x7f0bb67e7000
mmap(0x7f0bb67ec000, 18600, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f0bb67ec000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0bb7033000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0bb7032000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0bb7031000
arch_prctl(ARCH_SET_FS, 0x7f0bb7032700) = 0
mprotect(0x7f0bb67e7000, 16384, PROT_READ) = 0
mprotect(0x7f0bb69f3000, 4096, PROT_READ) = 0
mprotect(0x7f0bb6e21000, 4096, PROT_READ) = 0
mprotect(0x7f0bb7046000, 4096, PROT_READ) = 0
munmap(0x7f0bb7035000, 57891) = 0
set_tid_address(0x7f0bb70329d0) = 1688
set_robust_list(0x7f0bb70329e0, 0x18) = 0
futex(0x7fffffffd67c, FUTEX_WAKE_PRIVATE, 1) = 0
futex(0x7fffffffd67c, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 1, NULL, 7f0bb7032700) = -1 EAGAIN (Resource temporarily unavailable)
rt_sigaction(SIGRTMIN, {0x7f0bb6c10aa0, [], SA_RESTORER|SA_SIGINFO, 0x7f0bb6c1a4a0}, NULL,

= 0
rt_sigaction(SIGRT_1, {0x7f0bb6c10b30, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x7f0bb6c1a4a0}, NULL,

= 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL,

= 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
brk(0) = 0x600b18
brk(0x621b18) = 0x621b18
brk(0x622000) = 0x622000
readlink("/proc/self/exe", "/root/store/jdk1.7.0_04/bin/java", 4096) = 32
access("/root/store/jdk1.7.0_04/lib/amd64/libjava.so", F_OK) = -1 ENOENT (No such file or directory)
access("/root/store/jdk1.7.0_04/jre/lib/amd64/libjava.so", F_OK) = 0
open("/root/store/jdk1.7.0_04/jre/lib/amd64/jvm.cfg", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=677, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0bb7043000
read(3, "# Copyright (c) 2003, Oracle and"..., 4096) = 677
read(3, "", 4096) = 0
close(3) = 0
munmap(0x7f0bb7043000, 4096) = 0
stat("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
futex(0x7f0bb69f40ec, FUTEX_WAKE_PRIVATE, 2147483647) = 0
open("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\223\31\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
mmap(NULL, 13757672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0bb5731000
mprotect(0x7f0bb6172000, 2093056, PROT_NONE) = 0
mmap(0x7f0bb6371000, 671744, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa40000) = 0x7f0bb6371000
mmap(0x7f0bb6415000, 240872, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f0bb6415000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f0bb7035000
close(3) = 0
open("/lib64/libm.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240>\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=595800, ...}) = 0
mmap(NULL, 2633944, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0bb54ad000
mprotect(0x7f0bb5530000, 2093056, PROT_NONE) = 0
mmap(0x7f0bb572f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x82000) = 0x7f0bb572f000
close(3) = 0
mprotect(0x7f0bb572f000, 4096, PROT_READ) = 0
munmap(0x7f0bb7035000, 57891) = 0
mmap(NULL, 1052672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f0bb6f30000
mprotect(0x7f0bb6f30000, 4096, PROT_NONE) = 0
clone(child_stack=0x7f0bb702fff0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f0bb70309d0, tls=0x7f0bb7030700, child_tidptr=0x7f0bb70309d0) = 1689
futex(0x7f0bb70309d0, FUTEX_WAIT, 1689, NULL
================================================================

by **spender** » Wed May 23, 2012 8:44 pm

You should start with retesting against the latest grsecurity patch.

-Brad

by **lsgroup** » Wed May 23, 2012 10:21 pm

Hi Brad,
Thanks for the response - I did start with the latest patch, but I get that dl2k.c problem:

================================================================
ISSUE IN grsecurity.2.9-2.6.32.59
================================================================
drivers/net/dl2k.c: In function ‘rio_ioctl’:
drivers/net/dl2k.c:1282: error: implicit declaration of function ‘if_mii’
drivers/net/dl2k.c:1282: warning: initialization makes pointer from integer without a cast
drivers/net/dl2k.c:1287: error: dereferencing pointer to incomplete type
drivers/net/dl2k.c:1290: error: dereferencing pointer to incomplete type
drivers/net/dl2k.c:1290: error: dereferencing pointer to incomplete type
drivers/net/dl2k.c:1295: error: dereferencing pointer to incomplete type
drivers/net/dl2k.c:1295: error: dereferencing pointer to incomplete type
make[2]: *** [drivers/net/dl2k.o] Error 1
make[1]: *** [drivers/net] Error 2
make: *** [drivers] Error 2

It looks like someone else got this as well: "dl2k.c build errors w/grsecurity-2.9-2.6.32.59-201205131656"

But I've compiled grsecurity successfully before, so I went looking for an earlier patch and kernel version.

Thanks.

by **spender** » Thu May 24, 2012 7:24 am

I will double-check it tonight, but that should have been fixed in the latest patch (05/19) as I compiled with that driver myself.

commit 1cbffe423ace08507c18ddac980078066ace5195
Author: Brad Spengler <spender@grsecurity.net>
Date: Mon May 14 18:30:19 2012 -0400

Fix dl2k driver compilation error reported by mnalis on the forums

It's unlikely you need that driver anyway and could just disable it in the configuration if there is still a problem compiling.

EDIT: please also check your dmesg -- an OOPS is likely accompanying the freeze.

-Brad

by **PaX Team** » Thu May 24, 2012 6:59 pm

lsgroup wrote:4. Tried with a kernel recompile with PaX turned off completely - same exact behavior

what happens on a vanilla kernel?

# strace ./java -verbose -version

can you try strace -f instead? probably the last syscall that triggers the problem is issued by another process/thread.

by **lsgroup** » Thu May 24, 2012 11:43 pm

I've pasted the strace -f output below. Will compile just the vanilla kernel and try tomorrow... Thanks for replying.

# strace -f ./java -verbose -version
execve("./java", ["./java", "-verbose", "-version"], [/* 22 vars */]) = 0
brk(0) = 0x600b18
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0302b42000
readlink("/proc/self/exe", "/root/store/jdk1.7.0_04/bin/java", 4096) = 32
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/x86_64", 0x7fffffffd530) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls", 0x7fffffffd530) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/x86_64", 0x7fffffffd530) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli", 0x7fffffffd530) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/x86_64", 0x7fffffffd530) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls", 0x7fffffffd530) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/x86_64", 0x7fffffffd530) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f0302b33000
close(3) = 0
open("/lib64/libpthread.so.0", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \\\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=138328, ...}) = 0
mmap(NULL, 2208672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0302709000
mprotect(0x7f0302720000, 2093056, PROT_NONE) = 0
mmap(0x7f030291f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7f030291f000
mmap(0x7f0302921000, 13216, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f0302921000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libjli.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=103718, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0302b32000
mmap(NULL, 2187192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f03024f3000
mprotect(0x7f0302509000, 2093056, PROT_NONE) = 0
mmap(0x7f0302708000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15000) = 0x7f0302708000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib64/libdl.so.2", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=19536, ...}) = 0
mmap(NULL, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f03022ef000
mprotect(0x7f03022f1000, 2097152, PROT_NONE) = 0
mmap(0x7f03024f1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f03024f1000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib64/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\355\1\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1973416, ...}) = 0
mmap(NULL, 3803304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0301f4e000
mprotect(0x7f03020e5000, 2097152, PROT_NONE) = 0
mmap(0x7f03022e5000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x197000) = 0x7f03022e5000
mmap(0x7f03022ea000, 18600, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f03022ea000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0302b31000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0302b30000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0302b2f000
arch_prctl(ARCH_SET_FS, 0x7f0302b30700) = 0
mprotect(0x7f03022e5000, 16384, PROT_READ) = 0
mprotect(0x7f03024f1000, 4096, PROT_READ) = 0
mprotect(0x7f030291f000, 4096, PROT_READ) = 0
mprotect(0x7f0302b44000, 4096, PROT_READ) = 0
munmap(0x7f0302b33000, 57891) = 0
set_tid_address(0x7f0302b309d0) = 1650
set_robust_list(0x7f0302b309e0, 0x18) = 0
futex(0x7fffffffde3c, FUTEX_WAKE_PRIVATE, 1) = 0
futex(0x7fffffffde3c, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 1, NULL, 7f0302b30700) = -1 EAGAIN (Resource temporarily unavailable)
rt_sigaction(SIGRTMIN, {0x7f030270eaa0, [], SA_RESTORER|SA_SIGINFO, 0x7f03027184a0}, NULL,

= 0
rt_sigaction(SIGRT_1, {0x7f030270eb30, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x7f03027184a0}, NULL,

= 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL,

= 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
brk(0) = 0x600b18
brk(0x621b18) = 0x621b18
brk(0x622000) = 0x622000
readlink("/proc/self/exe", "/root/store/jdk1.7.0_04/bin/java", 4096) = 32
access("/root/store/jdk1.7.0_04/lib/amd64/libjava.so", F_OK) = -1 ENOENT (No such file or directory)
access("/root/store/jdk1.7.0_04/jre/lib/amd64/libjava.so", F_OK) = 0
open("/root/store/jdk1.7.0_04/jre/lib/amd64/jvm.cfg", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=677, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0302b41000
read(3, "# Copyright (c) 2003, Oracle and"..., 4096) = 677
read(3, "", 4096) = 0
close(3) = 0
munmap(0x7f0302b41000, 4096) = 0
stat("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
futex(0x7f03024f20ec, FUTEX_WAKE_PRIVATE, 2147483647) = 0
open("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\223\31\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
mmap(NULL, 13757672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f030122f000
mprotect(0x7f0301c70000, 2093056, PROT_NONE) = 0
mmap(0x7f0301e6f000, 671744, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa40000) = 0x7f0301e6f000
mmap(0x7f0301f13000, 240872, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f0301f13000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f0302b33000
close(3) = 0
open("/lib64/libm.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240>\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=595800, ...}) = 0
mmap(NULL, 2633944, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0300fab000
mprotect(0x7f030102e000, 2093056, PROT_NONE) = 0
mmap(0x7f030122d000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x82000) = 0x7f030122d000
close(3) = 0
mprotect(0x7f030122d000, 4096, PROT_READ) = 0
munmap(0x7f0302b33000, 57891) = 0
mmap(NULL, 1052672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f0302a2e000
mprotect(0x7f0302a2e000, 4096, PROT_NONE) = 0
clone(Process 1651 attached (waiting for parent)
Process 1651 resumed (parent 1650 ready)
child_stack=0x7f0302b2dff0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f0302b2e9d0, tls=0x7f0302b2e700, child_tidptr=0x7f0302b2e9d0) = 1651
[pid 1651] set_robust_list(0x7f0302b2e9e0, 0x18 <unfinished ...>
[pid 1650] futex(0x7f0302b2e9d0, FUTEX_WAIT, 1651, NULL <unfinished ...>
[pid 1651] <... set_robust_list resumed> ) = 0
[pid 1651] mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) = 0x7f02f8fab000
[pid 1651] munmap(0x7f02f8fab000, 50679808) = 0
[pid 1651] munmap(0x7f0300000000, 16429056) = 0
[pid 1651] mprotect(0x7f02fc000000, 135168, PROT_READ|PROT_WRITE) = 0
[pid 1651] open("/sys/devices/system/cpu", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3
[pid 1651] fcntl(3, F_GETFD) = 0x1 (flags FD_CLOEXEC)
[pid 1651] getdents(3, /* 15 entries */, 32768) = 448
[pid 1651] getdents(3, /* 0 entries */, 32768) = 0
[pid 1651] close(3) = 0
[pid 1651] open("/proc/meminfo", O_RDONLY) = 3
[pid 1651] fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
[pid 1651] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0302b41000
[pid 1651] read(3, "MemTotal: 8139472 kB\nMemF"..., 1024) = 1024
[pid 1651] close(3) = 0
[pid 1651] munmap(0x7f0302b41000, 4096) = 0
[pid 1651] open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/librt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid 1651] open("/etc/ld.so.cache", O_RDONLY) = 3
[pid 1651] fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
[pid 1651] mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f0302b33000
[pid 1651] close(3) = 0
[pid 1651] open("/lib64/librt.so.1", O_RDONLY) = 3
[pid 1651] read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@!\0\0\0\0\0\0"..., 832) = 832
[pid 1651] fstat(3, {st_mode=S_IFREG|0755, st_size=43832, ...}) = 0
[pid 1651] mmap(NULL, 2128816, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0300da3000
[pid 1651] mprotect(0x7f0300daa000, 2093056, PROT_NONE) = 0
[pid 1651] mmap(0x7f0300fa9000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f0300fa9000
[pid 1651] close(3) = 0
[pid 1651] mprotect(0x7f0300fa9000, 4096, PROT_READ) = 0
[pid 1651] munmap(0x7f0302b33000, 57891) = 0
[pid 1651] clock_getres(CLOCK_MONOTONIC, {0, 1}) = 0
[pid 1651] lstat("/root", {st_mode=S_IFDIR|0550, st_size=4096, ...}) = 0
[pid 1651] lstat("/root/store", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1651] lstat("/root/store/jdk1.7.0_04", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1651] lstat("/root/store/jdk1.7.0_04/jre", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1651] lstat("/root/store/jdk1.7.0_04/jre/lib", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1651] lstat("/root/store/jdk1.7.0_04/jre/lib/amd64", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1651] lstat("/root/store/jdk1.7.0_04/jre/lib/amd64/server", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1651] lstat("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
[pid 1651] open("/root/store/jdk1.7.0_04/jre/lib/amd64/libverify.so", O_RDONLY) = 3
[pid 1651] read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@B\0\0\0\0\0\0"..., 832) = 832
[pid 1651] fstat(3, {st_mode=S_IFREG|0755, st_size=71436, ...}) = 0
[pid 1651] mmap(NULL, 2160392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0300b93000
[pid 1651] mprotect(0x7f0300ba2000, 2093056, PROT_NONE) = 0
[pid 1651] mmap(0x7f0300da1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7f0300da1000
[pid 1651] close(3) = 0
[pid 1651] open("/root/store/jdk1.7.0_04/jre/lib/amd64/libjava.so", O_RDONLY) = 3
[pid 1651] read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\320\0\0\0\0\0\0"..., 832) = 832
[pid 1651] fstat(3, {st_mode=S_IFREG|0755, st_size=219826, ...}) = 0
[pid 1651] mmap(NULL, 2271568, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0300968000
[pid 1651] mprotect(0x7f0300991000, 2097152, PROT_NONE) = 0
[pid 1651] mmap(0x7f0300b91000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x29000) = 0x7f0300b91000
[pid 1651] close(3) = 0
[pid 1651] open(".hotspotrc", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid 1651] open("/root/store/jdk1.7.0_04/jre/lib/endorsed", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid 1651] stat("/root/store/jdk1.7.0_04/jre/lib/amd64/xawt/libmawt.so", {st_mode=S_IFREG|0755, st_size=426053, ...}) = 0
[pid 1651] open("/proc/stat", O_RDONLY|O_CLOEXEC) = 3
[pid 1651] read(3, "cpu 112 0 226 24711 1717 1 1 0 "..., 8192) = 1217
[pid 1651] close(3) = 0
[pid 1651] open("/proc/stat", O_RDONLY|O_CLOEXEC) = 3
[pid 1651] read(3, "cpu 112 0 226 24712 1717 1 1 0 "..., 8192) = 1217
[pid 1651] close(3) = 0
[pid 1651] clock_getres(0xffffcc66 /* CLOCK_??? */, {0, 1}) = 0
[pid 1651] mmap(NULL, 4096, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0302b41000
[pid 1651] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0302b40000
[pid 1651] open("/proc/meminfo", O_RDONLY) = 3
[pid 1651] fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
[pid 1651] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0302b3f000
[pid 1651] read(3, "MemTotal: 8139472 kB\nMemF"..., 1024) = 1024
[pid 1651] read(3, " 0\nHugePages_Surp: "..., 1024) = 146
[pid 1651] close(3) = 0
[pid 1651] munmap(0x7f0302b3f000, 4096) = 0
[pid 1651] mmap(NULL, 2097152, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x40000, -1, 0

by **PaX Team** » Fri May 25, 2012 5:17 am

lsgroup wrote:[pid 1651] mmap(NULL, 2097152, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x40000, -1, 0

this is probably the hugetlbfs problem i fixed already, so you should definitely move to a newer grsec version.

by **lsgroup** » Fri May 25, 2012 10:25 pm

Hi,

Thanks for the response. Recompiled with latest grsecurity patch (grsecurity-2.9-2.6.32.57-201202232125.patch)
same thing. JDK 1.6 works fine with chpax, but jdk 1.7 exhibits same behaviour. strace -f output below...

Thanks in advance!

# strace -f ./java -version
execve("./java", ["./java", "-version"], [/* 22 vars */]) = 0
brk(0) = 0x3cfcc10
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x6273b9dea000
readlink("/proc/self/exe", "/root/store/jdk1.7.0_04/bin/java", 4096) = 32
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/x86_64", 0x718059775440) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls", 0x718059775440) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/x86_64", 0x718059775440) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli", 0x718059775440) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/x86_64", 0x718059775440) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls", 0x718059775440) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/x86_64", 0x718059775440) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x6273b9ddb000
close(3) = 0
open("/lib64/libpthread.so.0", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \\\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=138328, ...}) = 0
mmap(NULL, 2208672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x6273b99b1000
mprotect(0x6273b99c8000, 2093056, PROT_NONE) = 0
mmap(0x6273b9bc7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x6273b9bc7000
mmap(0x6273b9bc9000, 13216, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x6273b9bc9000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libjli.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=103718, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x6273b9dda000
mmap(NULL, 2187192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x6273b979b000
mprotect(0x6273b97b1000, 2093056, PROT_NONE) = 0
mmap(0x6273b99b0000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15000) = 0x6273b99b0000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib64/libdl.so.2", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=19536, ...}) = 0
mmap(NULL, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x6273b9597000
mprotect(0x6273b9599000, 2097152, PROT_NONE) = 0
mmap(0x6273b9799000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x6273b9799000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib64/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\355\1\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1973416, ...}) = 0
mmap(NULL, 3803304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x6273b91f6000
mprotect(0x6273b938d000, 2097152, PROT_NONE) = 0
mmap(0x6273b958d000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x197000) = 0x6273b958d000
mmap(0x6273b9592000, 18600, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x6273b9592000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x6273b9dd9000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x6273b9dd8000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x6273b9dd7000
arch_prctl(ARCH_SET_FS, 0x6273b9dd8700) = 0
mprotect(0x6273b958d000, 16384, PROT_READ) = 0
mprotect(0x6273b9799000, 4096, PROT_READ) = 0
mprotect(0x6273b9bc7000, 4096, PROT_READ) = 0
mprotect(0x6273b9dec000, 4096, PROT_READ) = 0
munmap(0x6273b9ddb000, 57891) = 0
set_tid_address(0x6273b9dd89d0) = 1742
set_robust_list(0x6273b9dd89e0, 0x18) = 0
futex(0x718059775d4c, FUTEX_WAKE_PRIVATE, 1) = 0
futex(0x718059775d4c, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 1, NULL, 6273b9dd8700) = -1 EAGAIN (Resource temporarily unavailable)
rt_sigaction(SIGRTMIN, {0x6273b99b6aa0, [], SA_RESTORER|SA_SIGINFO, 0x6273b99c04a0}, NULL,

= 0
rt_sigaction(SIGRT_1, {0x6273b99b6b30, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x6273b99c04a0}, NULL,

= 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL,

= 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
brk(0) = 0x3cfcc10
brk(0x3d1dc10) = 0x3d1dc10
brk(0x3d1e000) = 0x3d1e000
readlink("/proc/self/exe", "/root/store/jdk1.7.0_04/bin/java", 4096) = 32
access("/root/store/jdk1.7.0_04/lib/amd64/libjava.so", F_OK) = -1 ENOENT (No such file or directory)
access("/root/store/jdk1.7.0_04/jre/lib/amd64/libjava.so", F_OK) = 0
open("/root/store/jdk1.7.0_04/jre/lib/amd64/jvm.cfg", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=677, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x6273b9de9000
read(3, "# Copyright (c) 2003, Oracle and"..., 4096) = 677
read(3, "", 4096) = 0
close(3) = 0
munmap(0x6273b9de9000, 4096) = 0
stat("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
futex(0x6273b979a0ec, FUTEX_WAKE_PRIVATE, 2147483647) = 0
open("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\223\31\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
mmap(NULL, 13757672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x6273b84d7000
mprotect(0x6273b8f18000, 2093056, PROT_NONE) = 0
mmap(0x6273b9117000, 671744, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa40000) = 0x6273b9117000
mmap(0x6273b91bb000, 240872, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x6273b91bb000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x6273b9ddb000
close(3) = 0
open("/lib64/libm.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240>\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=595800, ...}) = 0
mmap(NULL, 2633944, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x6273b8253000
mprotect(0x6273b82d6000, 2093056, PROT_NONE) = 0
mmap(0x6273b84d5000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x82000) = 0x6273b84d5000
close(3) = 0
mprotect(0x6273b84d5000, 4096, PROT_READ) = 0
munmap(0x6273b9ddb000, 57891) = 0
mmap(NULL, 1052672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x6273b9cd6000
mprotect(0x6273b9cd6000, 4096, PROT_NONE) = 0
clone(Process 1743 attached (waiting for parent)
Process 1743 resumed (parent 1742 ready)
child_stack=0x6273b9dd5ff0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x6273b9dd69d0, tls=0x6273b9dd6700, child_tidptr=0x6273b9dd69d0) = 1743
[pid 1743] set_robust_list(0x6273b9dd69e0, 0x18 <unfinished ...>
[pid 1742] futex(0x6273b9dd69d0, FUTEX_WAIT, 1743, NULL <unfinished ...>
[pid 1743] <... set_robust_list resumed> ) = 0
[pid 1743] mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) = 0x6273b0253000
[pid 1743] munmap(0x6273b0253000, 64671744) = 0
[pid 1743] munmap(0x6273b8000000, 2437120) = 0
[pid 1743] mprotect(0x6273b4000000, 135168, PROT_READ|PROT_WRITE) = 0
[pid 1743] open("/sys/devices/system/cpu", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3
[pid 1743] fcntl(3, F_GETFD) = 0x1 (flags FD_CLOEXEC)
[pid 1743] getdents(3, /* 15 entries */, 32768) = 448
[pid 1743] getdents(3, /* 0 entries */, 32768) = 0
[pid 1743] close(3) = 0
[pid 1743] open("/proc/meminfo", O_RDONLY) = 3
[pid 1743] fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
[pid 1743] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x6273b9de9000
[pid 1743] read(3, "MemTotal: 8139456 kB\nMemF"..., 1024) = 1024
[pid 1743] close(3) = 0
[pid 1743] munmap(0x6273b9de9000, 4096) = 0
[pid 1743] open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/librt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid 1743] open("/etc/ld.so.cache", O_RDONLY) = 3
[pid 1743] fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
[pid 1743] mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x6273b9ddb000
[pid 1743] close(3) = 0
[pid 1743] open("/lib64/librt.so.1", O_RDONLY) = 3
[pid 1743] read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@!\0\0\0\0\0\0"..., 832) = 832
[pid 1743] fstat(3, {st_mode=S_IFREG|0755, st_size=43832, ...}) = 0
[pid 1743] mmap(NULL, 2128816, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x6273b804b000
[pid 1743] mprotect(0x6273b8052000, 2093056, PROT_NONE) = 0
[pid 1743] mmap(0x6273b8251000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x6273b8251000
[pid 1743] close(3) = 0
[pid 1743] mprotect(0x6273b8251000, 4096, PROT_READ) = 0
[pid 1743] munmap(0x6273b9ddb000, 57891) = 0
[pid 1743] clock_getres(CLOCK_MONOTONIC, {0, 1}) = 0
[pid 1743] lstat("/root", {st_mode=S_IFDIR|0550, st_size=4096, ...}) = 0
[pid 1743] lstat("/root/store", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1743] lstat("/root/store/jdk1.7.0_04", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1743] lstat("/root/store/jdk1.7.0_04/jre", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1743] lstat("/root/store/jdk1.7.0_04/jre/lib", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1743] lstat("/root/store/jdk1.7.0_04/jre/lib/amd64", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1743] lstat("/root/store/jdk1.7.0_04/jre/lib/amd64/server", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1743] lstat("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
[pid 1743] open("/root/store/jdk1.7.0_04/jre/lib/amd64/libverify.so", O_RDONLY) = 3
[pid 1743] read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@B\0\0\0\0\0\0"..., 832) = 832
[pid 1743] fstat(3, {st_mode=S_IFREG|0755, st_size=71436, ...}) = 0
[pid 1743] mmap(NULL, 2160392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x6273b3df0000
[pid 1743] mprotect(0x6273b3dff000, 2093056, PROT_NONE) = 0
[pid 1743] mmap(0x6273b3ffe000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x6273b3ffe000
[pid 1743] close(3) = 0
[pid 1743] open("/root/store/jdk1.7.0_04/jre/lib/amd64/libjava.so", O_RDONLY) = 3
[pid 1743] read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\320\0\0\0\0\0\0"..., 832) = 832
[pid 1743] fstat(3, {st_mode=S_IFREG|0755, st_size=219826, ...}) = 0
[pid 1743] mmap(NULL, 2271568, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x6273b3bc5000
[pid 1743] mprotect(0x6273b3bee000, 2097152, PROT_NONE) = 0
[pid 1743] mmap(0x6273b3dee000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x29000) = 0x6273b3dee000
[pid 1743] close(3) = 0
[pid 1743] open(".hotspotrc", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid 1743] open("/root/store/jdk1.7.0_04/jre/lib/endorsed", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid 1743] stat("/root/store/jdk1.7.0_04/jre/lib/amd64/xawt/libmawt.so", {st_mode=S_IFREG|0755, st_size=426053, ...}) = 0
[pid 1743] open("/proc/stat", O_RDONLY|O_CLOEXEC) = 3
[pid 1743] read(3, "cpu 121 0 237 775342 1877 1 1 0"..., 8192) = 1226
[pid 1743] close(3) = 0
[pid 1743] open("/proc/stat", O_RDONLY|O_CLOEXEC) = 3
[pid 1743] read(3, "cpu 121 0 237 775342 1877 1 1 0"..., 8192) = 1226
[pid 1743] close(3) = 0
[pid 1743] clock_getres(0xffffc986 /* CLOCK_??? */, {0, 1}) = 0
[pid 1743] mmap(NULL, 4096, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x6273b9de9000
[pid 1743] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x6273b9de8000
[pid 1743] open("/proc/meminfo", O_RDONLY) = 3
[pid 1743] fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
[pid 1743] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x6273b9de7000
[pid 1743] read(3, "MemTotal: 8139456 kB\nMemF"..., 1024) = 1024
[pid 1743] read(3, " 0\nHugePages_Surp: "..., 1024) = 146
[pid 1743] close(3) = 0
[pid 1743] munmap(0x6273b9de7000, 4096) = 0
[pid 1743] mmap(NULL, 2097152, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x40000, -1, 0

by **PaX Team** » Sat May 26, 2012 4:31 am

lsgroup wrote:Recompiled with latest grsecurity patch (grsecurity-2.9-2.6.32.57-201202232125.patch)

that's not the latest version but something a few months old

. check out http://grsecurity.net/download_stable.php .

by **lsgroup** » Sat May 26, 2012 3:15 pm

Hi,

Sorry, copy and pasted the wrong line. I patched 2.6.32.59 with:
grsecurity-2.9-2.6.32.59-201205191123.patch

At that time, it was the latest. But I see that a new patch was uploaded today. I will try and re-post...

FYI -
I also re-compiled without grsecurity patch (plain vanilla 2.6.32.59) and jdk 7 runs.

# uname -a
LinuxTrust 2.6.32.59 #1 SMP Sat May 26 04:42:14 PDT 2012 x86_64 x86_64 x86_64 GNU/Linux
# ./java -version
java version "1.7.0_04"
Java(TM) SE Runtime Environment (build 1.7.0_04-b20)
Java HotSpot(TM) 64-Bit Server VM (build 23.0-b21, mixed mode)

But with grsecurity-2.9-2.6.32.59-201205191123.patch, I get the above strace output and it hangs.

Any ideas?

Thanks.

by **lsgroup** » Sat May 26, 2012 4:22 pm

Hi Again,

Just tried the latest May 26 patch (grsecurity-2.9-2.6.32.59-201205261258.patch) - same results.

Although, if I use paxctl -ps java so the pax flags:
- PaX flags: -p-s---x-e-- [java]
PAGEEXEC is disabled
SEGMEXEC is disabled
RANDEXEC is disabled
EMUTRAMP is disabled

Then the system kills the java process. I'm assuming this is correct because I didn't disable the other flags.
When I do paxctl -pemrsx java, I get that hanging thing again.

As mentioned in previous post, vanilla kernel 2.6.32.59 runs java 1.7 just fine. So the issue is either in PaX or GRSecurity.

Thanks!

================================================================================

# paxctl -v java
PaX control v0.7
Copyright 2004,2005,2006,2007,2009,2010,2011,2012 PaX Team <pageexec@freemail.hu>

- PaX flags: -p-s---x-e-- [java]
PAGEEXEC is disabled
SEGMEXEC is disabled
RANDEXEC is disabled
EMUTRAMP is disabled

# strace -f ./java -version -verbose
execve("./java", ["./java", "-version", "-verbose"], [/* 22 vars */] <unfinished ...>
+++ killed by SIGKILL +++
Killed

# paxctl -pemrsx java
# strace -f ./java -version -verbose
execve("./java", ["./java", "-version", "-verbose"], [/* 22 vars */]) = 0
brk(0) = 0x600b18
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f360cc43000
readlink("/proc/self/exe", "/root/store/jdk1.7.0_04/bin/java", 4096) = 32
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/x86_64", 0x7fffffffdbd0) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/tls", 0x7fffffffdbd0) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/x86_64", 0x7fffffffdbd0) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../lib/amd64/jli", 0x7fffffffdbd0) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/x86_64", 0x7fffffffdbd0) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/tls", 0x7fffffffdbd0) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/x86_64/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/x86_64", 0x7fffffffdbd0) = -1 ENOENT (No such file or directory)
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f360cc34000
close(3) = 0
open("/lib64/libpthread.so.0", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \\\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=138328, ...}) = 0
mmap(NULL, 2208672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f360c80a000
mprotect(0x7f360c821000, 2093056, PROT_NONE) = 0
mmap(0x7f360ca20000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7f360ca20000
mmap(0x7f360ca22000, 13216, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f360ca22000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libjli.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=103718, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f360cc33000
mmap(NULL, 2187192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f360c5f4000
mprotect(0x7f360c60a000, 2093056, PROT_NONE) = 0
mmap(0x7f360c809000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15000) = 0x7f360c809000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib64/libdl.so.2", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=19536, ...}) = 0
mmap(NULL, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f360c3f0000
mprotect(0x7f360c3f2000, 2097152, PROT_NONE) = 0
mmap(0x7f360c5f2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f360c5f2000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib64/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\355\1\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1973416, ...}) = 0
mmap(NULL, 3803304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f360c04f000
mprotect(0x7f360c1e6000, 2097152, PROT_NONE) = 0
mmap(0x7f360c3e6000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x197000) = 0x7f360c3e6000
mmap(0x7f360c3eb000, 18600, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f360c3eb000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f360cc32000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f360cc31000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f360cc30000
arch_prctl(ARCH_SET_FS, 0x7f360cc31700) = 0
mprotect(0x7f360c3e6000, 16384, PROT_READ) = 0
mprotect(0x7f360c5f2000, 4096, PROT_READ) = 0
mprotect(0x7f360ca20000, 4096, PROT_READ) = 0
mprotect(0x7f360cc45000, 4096, PROT_READ) = 0
munmap(0x7f360cc34000, 57891) = 0
set_tid_address(0x7f360cc319d0) = 1849
set_robust_list(0x7f360cc319e0, 0x18) = 0
futex(0x7fffffffe4dc, FUTEX_WAKE_PRIVATE, 1) = 0
futex(0x7fffffffe4dc, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 1, NULL, 7f360cc31700) = -1 EAGAIN (Resource temporarily unavailable)
rt_sigaction(SIGRTMIN, {0x7f360c80faa0, [], SA_RESTORER|SA_SIGINFO, 0x7f360c8194a0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0x7f360c80fb30, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x7f360c8194a0}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
brk(0) = 0x600b18
brk(0x621b18) = 0x621b18
brk(0x622000) = 0x622000
readlink("/proc/self/exe", "/root/store/jdk1.7.0_04/bin/java", 4096) = 32
access("/root/store/jdk1.7.0_04/lib/amd64/libjava.so", F_OK) = -1 ENOENT (No such file or directory)
access("/root/store/jdk1.7.0_04/jre/lib/amd64/libjava.so", F_OK) = 0
open("/root/store/jdk1.7.0_04/jre/lib/amd64/jvm.cfg", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=677, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f360cc42000
read(3, "# Copyright (c) 2003, Oracle and"..., 4096) = 677
read(3, "", 4096) = 0
close(3) = 0
munmap(0x7f360cc42000, 4096) = 0
stat("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
futex(0x7f360c5f30ec, FUTEX_WAKE_PRIVATE, 2147483647) = 0
open("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\223\31\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
mmap(NULL, 13757672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f360b330000
mprotect(0x7f360bd71000, 2093056, PROT_NONE) = 0
mmap(0x7f360bf70000, 671744, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa40000) = 0x7f360bf70000
mmap(0x7f360c014000, 240872, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f360c014000
close(3) = 0
open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f360cc34000
close(3) = 0
open("/lib64/libm.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240>\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=595800, ...}) = 0
mmap(NULL, 2633944, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f360b0ac000
mprotect(0x7f360b12f000, 2093056, PROT_NONE) = 0
mmap(0x7f360b32e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x82000) = 0x7f360b32e000
close(3) = 0
mprotect(0x7f360b32e000, 4096, PROT_READ) = 0
munmap(0x7f360cc34000, 57891) = 0
mmap(NULL, 1052672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f360cb2f000
mprotect(0x7f360cb2f000, 4096, PROT_NONE) = 0
clone(Process 1850 attached (waiting for parent)
Process 1850 resumed (parent 1849 ready)
child_stack=0x7f360cc2eff0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f360cc2f9d0, tls=0x7f360cc2f700, child_tidptr=0x7f360cc2f9d0) = 1850
[pid 1850] set_robust_list(0x7f360cc2f9e0, 0x18 <unfinished ...>
[pid 1849] futex(0x7f360cc2f9d0, FUTEX_WAIT, 1850, NULL <unfinished ...>
[pid 1850] <... set_robust_list resumed> ) = 0
[pid 1850] mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) = 0x7f36030ac000
[pid 1850] munmap(0x7f36030ac000, 16072704) = 0
[pid 1850] munmap(0x7f3608000000, 51036160) = 0
[pid 1850] mprotect(0x7f3604000000, 135168, PROT_READ|PROT_WRITE) = 0
[pid 1850] open("/sys/devices/system/cpu", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3
[pid 1850] fcntl(3, F_GETFD) = 0x1 (flags FD_CLOEXEC)
[pid 1850] getdents(3, /* 15 entries */, 32768) = 448
[pid 1850] getdents(3, /* 0 entries */, 32768) = 0
[pid 1850] close(3) = 0
[pid 1850] open("/proc/meminfo", O_RDONLY) = 3
[pid 1850] fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
[pid 1850] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f360cc42000
[pid 1850] read(3, "MemTotal: 8139456 kB\nMemF"..., 1024) = 1024
[pid 1850] close(3) = 0
[pid 1850] munmap(0x7f360cc42000, 4096) = 0
[pid 1850] open("/root/store/jdk1.7.0_04/bin/../jre/lib/amd64/jli/librt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid 1850] open("/etc/ld.so.cache", O_RDONLY) = 3
[pid 1850] fstat(3, {st_mode=S_IFREG|0644, st_size=57891, ...}) = 0
[pid 1850] mmap(NULL, 57891, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f360cc34000
[pid 1850] close(3) = 0
[pid 1850] open("/lib64/librt.so.1", O_RDONLY) = 3
[pid 1850] read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@!\0\0\0\0\0\0"..., 832) = 832
[pid 1850] fstat(3, {st_mode=S_IFREG|0755, st_size=43832, ...}) = 0
[pid 1850] mmap(NULL, 2128816, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f360aea4000
[pid 1850] mprotect(0x7f360aeab000, 2093056, PROT_NONE) = 0
[pid 1850] mmap(0x7f360b0aa000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f360b0aa000
[pid 1850] close(3) = 0
[pid 1850] mprotect(0x7f360b0aa000, 4096, PROT_READ) = 0
[pid 1850] munmap(0x7f360cc34000, 57891) = 0
[pid 1850] clock_getres(CLOCK_MONOTONIC, {0, 1}) = 0
[pid 1850] lstat("/root", {st_mode=S_IFDIR|0550, st_size=4096, ...}) = 0
[pid 1850] lstat("/root/store", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1850] lstat("/root/store/jdk1.7.0_04", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1850] lstat("/root/store/jdk1.7.0_04/jre", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1850] lstat("/root/store/jdk1.7.0_04/jre/lib", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1850] lstat("/root/store/jdk1.7.0_04/jre/lib/amd64", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1850] lstat("/root/store/jdk1.7.0_04/jre/lib/amd64/server", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
[pid 1850] lstat("/root/store/jdk1.7.0_04/jre/lib/amd64/server/libjvm.so", {st_mode=S_IFREG|0755, st_size=13498274, ...}) = 0
[pid 1850] open("/root/store/jdk1.7.0_04/jre/lib/amd64/libverify.so", O_RDONLY) = 3
[pid 1850] read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@B\0\0\0\0\0\0"..., 832) = 832
[pid 1850] fstat(3, {st_mode=S_IFREG|0755, st_size=71436, ...}) = 0
[pid 1850] mmap(NULL, 2160392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f360ac94000
[pid 1850] mprotect(0x7f360aca3000, 2093056, PROT_NONE) = 0
[pid 1850] mmap(0x7f360aea2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7f360aea2000
[pid 1850] close(3) = 0
[pid 1850] open("/root/store/jdk1.7.0_04/jre/lib/amd64/libjava.so", O_RDONLY) = 3
[pid 1850] read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\320\0\0\0\0\0\0"..., 832) = 832
[pid 1850] fstat(3, {st_mode=S_IFREG|0755, st_size=219826, ...}) = 0
[pid 1850] mmap(NULL, 2271568, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f360aa69000
[pid 1850] mprotect(0x7f360aa92000, 2097152, PROT_NONE) = 0
[pid 1850] mmap(0x7f360ac92000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x29000) = 0x7f360ac92000
[pid 1850] close(3) = 0
[pid 1850] open(".hotspotrc", O_RDONLY) = -1 ENOENT (No such file or directory)
[pid 1850] open("/root/store/jdk1.7.0_04/jre/lib/endorsed", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
[pid 1850] stat("/root/store/jdk1.7.0_04/jre/lib/amd64/xawt/libmawt.so", {st_mode=S_IFREG|0755, st_size=426053, ...}) = 0
[pid 1850] open("/proc/stat", O_RDONLY|O_CLOEXEC) = 3
[pid 1850] read(3, "cpu 3664 231 456 46865 3193 4 5"..., 8192) = 1241
[pid 1850] close(3) = 0
[pid 1850] open("/proc/stat", O_RDONLY|O_CLOEXEC) = 3
[pid 1850] read(3, "cpu 3664 231 456 46866 3193 4 5"..., 8192) = 1241
[pid 1850] close(3) = 0
[pid 1850] clock_getres(0xffffc62e /* CLOCK_??? */, {0, 1}) = 0
[pid 1850] mmap(NULL, 4096, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f360cc42000
[pid 1850] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f360cc41000
[pid 1850] open("/proc/meminfo", O_RDONLY) = 3
[pid 1850] fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
[pid 1850] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f360cc40000
[pid 1850] read(3, "MemTotal: 8139456 kB\nMemF"..., 1024) = 1024
[pid 1850] read(3, " 0\nHugePages_Surp: "..., 1024) = 146
[pid 1850] close(3) = 0
[pid 1850] munmap(0x7f360cc40000, 4096) = 0
[pid 1850] mmap(NULL, 2097152, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x40000, -1, 0

================================================================================

by **spender** » Sat May 26, 2012 4:43 pm

Could you try removing the line:

Code: Select all: spin_unlock(&hugetlb_lock);

in mm/hugetlb.c, just above the comment:

Code: Select all: /* Free unnecessary surplus pages to the buddy allocator */

Thanks,
-Brad

by **lsgroup** » Sat May 26, 2012 7:38 pm

IT WORKS!!! Thanks for being persistent in solving this!

Per your instructions, I modified the hugetlb.c file:

File: mm/hugetlb.c
Line: 872
//spin_unlock(&hugetlb_lock);
/* Free unnecessary surplus pages to the buddy allocator */
...

Quick questions:

1. What is the correct / recommended PaX setting for running java?
I was able to run java by disabling mprotect only (-m).

2. Also, what is the difference between using paxctl and chpax?

3. Do you anticipate the possibility of the bug showing itself after the jvm has started (like under load)? Since the bug basically renders the machine unresponsive after a while, it's a lot more dangerous than say crashing the jvm. Is there anything I can do in terms of testing to help out?

For the benefit of others, here's what was done:
For CentOS 6.2
use vanilla kernel: linux-2.6.32.59
use grsec patch: grsecurity-2.9-2.6.32.59-201205261258.patch
modify file "mm/hugetlb.c"
# make clean && make mrproper
# cp /boot/config-2.6.32-220.el6.x86_64 .config

# make menuconfig
> Load existing config file: .config
> Disable SELinux
> Enable GRSecurity, Level=High
> Enable PaX, [*] Support soft mode, -*- Use legacy ELF header marking, -*- Use ELF program header marking, [*] Use filesystem extended attributes marking

# make dep bzImage modules modules_install
# make install

# chpax -m java
# ./java -version
java version "1.7.0_04"
Java(TM) SE Runtime Environment (build 1.7.0_04-b20)
Java HotSpot(TM) 64-Bit Server VM (build 23.0-b21, mixed mode)

by **spender** » Sat May 26, 2012 8:16 pm

Hi sir,

No problem, thank you for your persistence in following up to a fix

Only the 2.6.32 patch was affected by this problem, which seems to be due to patch improperly applying a backport that has existed in PaX since January. The PaX team will release an updated patch, and I'll also have it fixed in the patch available on the website in a few minutes.

Java should operate with just -m.

Chpax is the old method which uses previously unreserved e_ident fields in an ELF header for PaX marking. Its use has been deprecated (and future glibc's seem to include some unnecessary checks to make sure those fields which have been unused for a decade are zeroed, serving to do nothing other than break PaX) and replaced with paxctl, which uses PT_PAX_FLAG support. If your binutils hasn't been modified to support it, the -C argument to paxctl can craft one such that it works similar to the old chpax binary.

The bug will not show itself after that fix. It was a single line introduced in error.

Thanks,
-Brad

grsecurity forums

Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity

Re: Java 7 (oracle jdk 1.7) freezes hangs with GRSecurity