[grsec] gradm segfaults:

Brad Spengler spender at grsecurity.net
Wed Jun 23 23:50:14 EDT 2010 

It appears to be a BUG() that manifests itself when scatterlist 
debugging is enabled.  The scatterlist API has been updated and now 
requires the scatterlist to be initialized with an API call prior to 
setting buffers.  This will be fixed in the next version of the patch.

Thanks for the report,
-Brad

On Wed, Jun 23, 2010 at 03:12:57PM +0400, Alexander Gattin wrote:
> Hello,
> 
> I didn't use RBAC for about 5 years. Yesterday I tried
> to perform a full learning (-F -L ...), but gradm generated
> Segmentation fault when I tried to disable it (-D).
> 
> Here is what I've found in syslog:
> 
> > kernel BUG at include/linux/scatterlist.h:65!
> > invalid opcode: 0000 [#1] PREEMPT SMP
> > ...
> > Pid: 14644, comm: gradm Tainted: P           (2.6.32-grsec #1) System Product Name
> > EIP: 0060:[<00244ec0>] EFLAGS: 00010203 CPU: 1
> > EAX: c46dfc00 EBX: ef7e04c4 ECX: 00000080 EDX: 00000001
> > ESI: 00000000 EDI: c3c54000 EBP: c304df0c ESP: c304dea8
> >  DS: 0068 ES: 0068 FS: 00d8 GS: 00e0 SS: 0068
> > Process gradm (pid: 14644, ti=c304c000 task=f7083a70 task.ti=c304c000)
> > Stack:
> >  c304dedc ef7e04d4 f5522e00 000e5dd6 00000001 f70c1000 c304dedc 00000000
> > <0> 00000000 f5522e00 00000000 00000000 00000000 f7006500 00000068 0808c003
> > <0> c3c54000 c304df0c 00259ba8 00000000 c3c54000 2b3f7e7a 00000000 00000000
> > Call Trace:
> >  [<000e5dd6>] ?
> >  [<00259ba8>] ?
> >  [<0024c072>] ?
> >  [<0010cad5>] ?
> >  [<0010105c>] ?
> >  [<0002ca95>] ?
> >  [<00002200>] ?
> >  [<0024b930>] ?
> >  [<00101784>] ?
> >  [<0010205d>] ?
> >  [<0000483d>] ?
> > Code: 1d 14 00 00 00 75 08 83 c4 58 5b 5e 5f 5d c3 e8 07 65 e0 ff 0f 0b eb fe 8d 76 00 0f 0b eb fe 0f 0b eb fe 0f 0b eb fe 8d 74 26 00 <0f> 0b eb fe 0f 0b eb fe 90 90 90 90 90 90 90 90 a1 44 a0 55 c1
> > EIP: [<00244ec0>]  SS:ESP 0068:c304dea8
> > ---[ end trace c289c4c0c327a874 ]---
> 
> After the 1st segfault, any further gradm -D
> or gradm -a process hangs.
> 
> Do you have any idea about what's wrong?
> 
> P.S. The same segfault happend with
> both gradm 2.1.14 and 2.2.0 (with
> corresponding grsec kernel patch version).
> 
> -- 
> WBR,
> xrgtn
> _______________________________________________
> grsecurity mailing list
> grsecurity at grsecurity.net
> http://grsecurity.net/cgi-bin/mailman/listinfo/grsecurity
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://grsecurity.net/pipermail/grsecurity/attachments/20100623/18f1b516/attachment.pgp>

More information about the grsecurity mailing list