grsecurity-3.0-3.15.8-201407312007.patch

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

grsecurity-3.0-3.15.8-201407312007.patch

Postby x14sg1 » Thu Jul 31, 2014 10:37 pm

Hello,

The grsecurity-3.0-3.15.8-201407312007.patch causes "refcount overflows" in ntpdate/ping
and a "size overflow detected" in atomic_add_return in my dmesg output.

The output of those msgs are in the dmesg file listed below. Also included are my kernel, config, and System.map

https://home.comcast.net/~x14sg1/System ... -grsec-smp
https://home.comcast.net/~x14sg1/config ... -grsec-smp
https://home.comcast.net/~x14sg1/vmlinu ... -grsec-smp
https://home.comcast.net/~x14sg1/dmesg
x14sg1
 
Posts: 137
Joined: Sun Aug 23, 2009 7:47 pm

Re: grsecurity-3.0-3.15.8-201407312007.patch

Postby x14sg1 » Thu Jul 31, 2014 11:49 pm

Forgot to mention, I see similar errors on a non-Virtualbox system running the same Kernel/config
x14sg1
 
Posts: 137
Joined: Sun Aug 23, 2009 7:47 pm

Re: grsecurity-3.0-3.15.8-201407312007.patch

Postby PaX Team » Fri Aug 01, 2014 3:36 am

in net/ipv4/route.c:ip_idents_reserve() change the atomic_add_return to an atomic_add_return_unchecked and it should work.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm

Re: grsecurity-3.0-3.15.8-201407312007.patch

Postby x14sg1 » Fri Aug 01, 2014 3:54 am

Thanks - that fixed it.
x14sg1
 
Posts: 137
Joined: Sun Aug 23, 2009 7:47 pm


Return to grsecurity support