[grsec] Re: grsecurity 2.1.7 2.4.31/2.6.13 test patches
pageexec at freemail.hu
pageexec at freemail.hu
Fri Sep 9 05:56:13 EDT 2005
On 9 Sep 2005 at 11:25, Jaakko Heinonen wrote:
> Brad Spengler wrote:
> > The hash table implementation used in the RBAC system and the IP address
> > tagging functions has been converted to chained hash tables,
>
> I get these on x86-64 (grsecurity-2.1.7-2.6.13-200509062221.patch):
>
> Debug: sleeping function called from invalid context at mm/slab.c:2096
> in_atomic():1, irqs_disabled():0
>
> Call Trace:<ffffffff8013333d>{__might_sleep+189} <ffffffff801781d2>{kmem_cache_alloc+34}
> <ffffffff802228d0>{gr_update_task_in_ip_table+352}
the GFP_KERNEL under a spinlock is not a good idea indeed (i bet
that the crash reported on the forum is related to this as well),
make it GFP_ATOMIC at least. i wonder if using a dedicated slab for
conn_table_entry would not be better for memory use/fragmentation.
More information about the grsecurity
mailing list