Yesterday I upgraded my gentoo hardened kernel.
Before the upgrade it was running hardened-sources-2.6.32 from hardened-development, after the upgrade it's hardened-sources-2.6.32-r3.
The new kernel spits out such messages every time I run something that reads /proc (these messages are from 'ls /proc'):
Feb 12 19:02:14 odon kernel: [ 451.498883] BUG: sleeping function called from invalid context at include/linux/kernel.h:158
Feb 12 19:02:14 odon kernel: [ 451.498887] in_atomic(): 1, irqs_disabled(): 0, pid: 5422, name: ls
Feb 12 19:02:14 odon kernel: [ 451.498891] Pid: 5422, comm: ls Not tainted 2.6.32-hardened-r3 #2
Feb 12 19:02:14 odon kernel: [ 451.498893] Call Trace:
Feb 12 19:02:14 odon kernel: [ 451.498901] [<c14af383>] ? printk+0x18/0x1a
Feb 12 19:02:14 odon kernel: [ 451.498907] [<c1028da0>] __might_sleep+0x100/0x110
Feb 12 19:02:14 odon kernel: [ 451.498912] [<c1596ac8>] ? wireless_seq_ops+0x8af00/0xf0438
Feb 12 19:02:14 odon kernel: [ 451.498917] [<c10bc425>] filldir64+0x205/0x230
Feb 12 19:02:14 odon kernel: [ 451.498922] [<c10f59c3>] proc_fill_cache+0xb3/0x120
Feb 12 19:02:14 odon kernel: [ 451.498926] [<c10bc220>] ? filldir64+0x0/0x230
Feb 12 19:02:14 odon kernel: [ 451.498930] [<c10f92af>] proc_pid_readdir+0x16f/0x220
Feb 12 19:02:14 odon kernel: [ 451.498933] [<c10f8bd0>] ? proc_pid_instantiate+0x0/0xb0
Feb 12 19:02:14 odon kernel: [ 451.498937] [<c10bc220>] ? filldir64+0x0/0x230
Feb 12 19:02:14 odon kernel: [ 451.498940] [<c10bc200>] ? generic_block_fiemap+0x50/0x70
Feb 12 19:02:14 odon kernel: [ 451.498944] [<c10bc220>] ? filldir64+0x0/0x230
Feb 12 19:02:14 odon kernel: [ 451.498947] [<c10f5512>] proc_root_readdir+0x42/0x60
Feb 12 19:02:14 odon kernel: [ 451.498951] [<c14d2a20>] ? proc_root_operations+0x0/0x80
Feb 12 19:02:14 odon kernel: [ 451.498955] [<c10bc903>] vfs_readdir+0x93/0xb0
Feb 12 19:02:14 odon kernel: [ 451.498958] [<c10bc220>] ? filldir64+0x0/0x230
Feb 12 19:02:14 odon kernel: [ 451.498962] [<c10bc9ba>] sys_getdents64+0x9a/0x150
Feb 12 19:02:14 odon kernel: [ 451.498966] [<c100356b>] sysenter_do_call+0x12/0x26
The processes do not die but I still don't like these messages.
Then I tested different versions to see which component brought in these errors.
Here are the results:
hardened-sources-2.6.32 (2.6.32 + grsecurity-2.1.14-2.6.32-200912121327): no bug
2.6.32.7 vanilla: no bug
hardened-sources-2.6.32-r3 (2.6.32.7 + grsecurity-2.1.14-2.6.32.7-201001291848): bug exists
2.6.32.8 + grsecurity-2.1.14-2.6.32.8-201002101507 patch: bug exists
I also tried removing this patch:
http://grsecurity.net/~spender/chroot_proc.diff
as it recently touched the affected part of the kernel, however, this did not help either.