grsecurity forums

[quasar366]

With latest kernel 4.3.3 and grsecurity-3.1-4.3.3-201512151908.patch I'm unable to boot my hosts (did not tried on vm's yet)
and I'm sorry to say, I have very little information about this issue, because nothing will be displayed!
The culprit must be between 'random nonblocking pool is initialized' and 'clocksoruce: Switched to clocksource'
Unfortunately I have only a bad image about last message, which disappears after 1 second and the machine hangs
https://pl.vc/13nxx

The other host reboots at this point, perhaps there is a kernel panic, because I see the blinking lights on keyboard. (I have a setting to reboot the machine after 2 seconds on kernel panic, because I have an issue with boot parameter intel_iommu=on, which ends in a kernel panic on rebooting the server. I had this issue since first grsecurity kernel on this machine, but only on this host)
But I have no message displayed. Unfortunately it is an important machine for me, where I'm unable to make much tests.

System: Ubuntu 14.04 64Bit (Intel Core i5 gen 4)
gcc version 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04)

Perhaps there is someone who has more information on that?

edit: tested with uderef enabled and without

[PaX Team]

can you post your .config and perhaps bzImage/vmlinux as well?

[PaX Team]

on the off chance that you were also bitten by a size overflow false positive in the tty code, can you try the latest grsec? other than that, your kernel booted fine in qemu so we'll need precise kernel logs for further debugging...

[N8Fear]

May this be related to my issue https://forums.grsecurity.net/viewtopic.php?f=3&t=4341?

Just an idea, because if I disable the SIGKILL action for size overflow I get a ton of these tty related errors in my logs:

Code: Select all

[   88.612883] PAX: size overflow detected in function n_tty_receive_buf_common /usr/src/linux-grsec.git/drivers/tty/n_tty.c:1706 cicus.448_527 min, count: 80, decl: read_head; num: 0; context: n_tty_data;
[   88.615247] CPU: 0 PID: 32 Comm: kworker/0:1 Not tainted 4.3.3-hardened+ #57
[   88.615249] Hardware name: LENOVO 4349WJK/4349WJK, BIOS 6MET92WW (1.52 ) 09/26/2012
[   88.615254] Workqueue: events ffffffff9b49ec90
[   88.615257]  ffffffff00000003 f96cd76c48d5ab97 0000000000000000 ffffffff9bd9f7e8
[   88.615260]  ffffc90000d83bd0 ffffffff9b3cbc60 ffffffff9be0923e ffffc90000d83c00
[   88.615263]  ffffffff9b1f8b34 0000000000000018 0000000000000017 0000000000000000
[   88.615264] Call Trace:
[   88.615269]  [<ffffffff9b3cbc60>] dump_stack+0x4b/0x8b
[   88.615273]  [<ffffffff9b1f8b34>] report_size_overflow+0x34/0x50
[   88.615277]  [<ffffffff9b49a3dc>] n_tty_receive_buf_common+0x124c/0x1570
[   88.615282]  [<ffffffff9b12587f>] ? set_next_entity+0x6f/0x820
[   88.615285]  [<ffffffff9b49a72e>] n_tty_receive_buf2+0x2e/0x40
[   88.615289]  [<ffffffff9b49ed9b>] flush_to_ldisc+0x10b/0x1b0
[   88.615292]  [<ffffffff9b10960c>] process_one_work+0x13c/0x3c0
[   88.615295]  [<ffffffff9b1098dc>] worker_thread+0x4c/0x460
[   88.615298]  [<ffffffff9b109890>] ? process_one_work+0x3c0/0x3c0
[   88.615301]  [<ffffffff9b109890>] ? process_one_work+0x3c0/0x3c0
[   88.615304]  [<ffffffff9b110324>] kthread+0xe4/0x100
[   88.615308]  [<ffffffff9b110240>] ? __kthread_parkme+0x80/0x80
[   88.615311]  [<ffffffff9ba3e0ee>] ret_from_fork+0x3e/0x70
[   88.615315]  [<ffffffff9b110240>] ? __kthread_parkme+0x80/0x80


[quasar366]

Great! The latest grsecurity patch fixed the boot issue!
I'm able to test the latest patch on vm's later on day! I'll report

[quasar366]

Latest patch is also working on vm's!

Thank you for your great support! I'll donating through paypal for your hard work!