[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#605090: [RFC] Proposal for a new linux-grsec source package

On 12/19/15, Jacob Appelbaum <jacob@appelbaum.net> wrote:
> On 12/19/15, Yves-Alexis Perez <corsac@debian.org> wrote:
>> On jeu., 2015-11-05 at 22:08 +0100, Yves-Alexis Perez wrote:
>>> On sam., 2015-10-10 at 21:55 +0200, Yves-Alexis Perez wrote:
>>> > This is really a work in progress and this mail a request for comment.
>>> > Especially missing is:
>>>
>>> So, did any of you have the chance to test it? I'm currently running the
>>> 4.2.5
>>> kernel with grsecurity-3.1-4.2.5-201511021814 (just uploaded to my
>>> repository
>>> and to git.d.o) and it works just fine.
>>>
>>> I'm really interested by any feedback you would have on this.
>>>
>> With a lot of help from Ben I've made quite some progress in having the
>> less possible differences with src:linux package. With 4.3.3 we still have
>> few
>> things differing, some of them which I think will be integrated in the
>> upcoming src:linux releases.
>>
>
> Great news - this looks fantastic!
>
>> I'm intending to upload the current version to NEW during the week-end,
>> so
>> if any of you want to test it, now would be a good time.
>>
>
> I've installed it - I've also tuned a few things. It seems to work as
> well as my previous kernel - audio works, etc.
>
>> You can find it on the git repository
>> at https://anonscm.debian.org/cgit/colla
>> b-maint/linux-grsec.git and the source and binary packages on my apt
>> repository
>> at https://perso.corsac.net/~corsac/debian/kernel-grsec/packages/
>
> To boot Debian Jessie (with some testing pacakes too) to X - I had to set:
>
> kernel.grsecurity.disable_priv_io=0
> kernel.pax.softmode=1
> kernel.grsecirity.grsec_lock=0
>

With that stuff set - I also see the following:

Dec 19 17:44:32 vula kernel: [ 4047.508272] WARNING: CPU: 5 PID: 2109
at /build/linux-grsec-4.3.3/debian/build/s
ource_grsec/include/drm/drm_crtc.h:1577
drm_helper_choose_crtc_dpms+0x8e/0x90 [drm_kms_helper]()
Dec 19 17:44:32 vula kernel: [ 4047.508272] Modules linked in:
binfmt_misc cfg80211 bridge stp llc snd_hda_codec
_hdmi snd_hda_codec_realtek snd_hda_codec_generic snd_hda_intel
snd_hda_codec nouveau snd_hda_core intel_rapl io
sf_mbi snd_hwdep ttm eeepc_wmi x86_pkg_temp_thermal asus_wmi
drm_kms_helper sparse_keymap intel_powerclamp coret
emp snd_pcm rfkill drm iTCO_wdt video iTCO_vendor_support i2c_algo_bit
snd_timer kvm_intel fb_sys_fops mxm_wmi sb_edac syscopyarea psmouse
pcspkr mei_me serio_raw edac_core kvm joydev lpc_ich sysfillrect mei
snd mfd_core evdev sysimgblt soundcore i2c_i801 shpchp 8250_fintek wmi
tpm_infineon tpm_tis processor tpm button loop fuse autofs4 ext4 crc16
mbcache jbd2 algif_skcipher af_alg uas usb_storage hid_generic
hid_cherry usbhid hid dm_crypt dm_mod sg sd_mod crct10dif_pclmul
crc32_pclmul crc32c_intel jitterentropy_rng hmac drbg ahci libahci
ansi_cprng aesni_intel aes_x86_64 xhci_pci lrw gf128mul glue_helper
ablk_helper ehci_pci libata ehci_hcd xhci_hcd cryptd e1000e ptp
scsi_mod usbcore usb_common pps_core
Dec 19 17:44:32 vula kernel: [ 4047.508303] CPU: 5 PID: 2109 Comm:
kworker/5:0 Tainted: G        W       4.3.0-1-grsec-amd64 #1 Debian
4.3.3-1+grsec1
Dec 19 17:44:32 vula kernel: [ 4047.508304] Hardware name: System
manufacturer System Product Name/P9X79, BIOS 4608 12/24/2013
Dec 19 17:44:32 vula kernel: [ 4047.508305] Workqueue: events ffffffffa0696b70
Dec 19 17:44:32 vula kernel: [ 4047.508305]  0000000000000000
729b2a82b7c3ba87 0000000000000000 ffffffffa04779a0
Dec 19 17:44:32 vula kernel: [ 4047.508307]  ffffffff812f376f
0000000000000000 ffffffff810648e7 ffff880dfb95d000
Dec 19 17:44:32 vula kernel: [ 4047.508308]  ffff880036954000
0000000000000000 0000000000000003 0000000000000000
Dec 19 17:44:32 vula kernel: [ 4047.508310] Call Trace:
Dec 19 17:44:32 vula kernel: [ 4047.508314]  [<ffffffffa04779a0>] ?
sysrq_drm_fb_helper_restore_op+0x20/0x2db9 [drm_kms_helper]
Dec 19 17:44:32 vula kernel: [ 4047.508315]  [<ffffffff812f376f>] ?
dump_stack+0x40/0x61
Dec 19 17:44:32 vula kernel: [ 4047.508317]  [<ffffffff810648e7>] ?
warn_slowpath_common+0x77/0xb0
Dec 19 17:44:32 vula kernel: [ 4047.508319]  [<ffffffffa0467b1e>] ?
drm_helper_choose_crtc_dpms+0x8e/0x90 [drm_kms_helper]
Dec 19 17:44:32 vula kernel: [ 4047.508322]  [<ffffffffa0467b80>] ?
drm_helper_connector_dpms+0x60/0x100 [drm_kms_helper]
Dec 19 17:44:32 vula kernel: [ 4047.508338]  [<ffffffffa073a439>] ?
nouveau_connector_hotplug+0x69/0xb0 [nouveau]
Dec 19 17:44:32 vula kernel: [ 4047.508346]  [<ffffffffa0696b9c>] ?
nvif_notify_work+0x2c/0xc0 [nouveau]
Dec 19 17:44:32 vula kernel: [ 4047.508355]  [<ffffffffa069a028>] ?
nvkm_notify_work+0x78/0x80 [nouveau]
Dec 19 17:44:32 vula kernel: [ 4047.508356]  [<ffffffff8108135d>] ?
process_one_work+0x14d/0x390
Dec 19 17:44:32 vula kernel: [ 4047.508358]  [<ffffffff81082423>] ?
worker_thread+0x63/0x490
Dec 19 17:44:32 vula kernel: [ 4047.508359]  [<ffffffff810823c0>] ?
rescuer_thread+0x320/0x320
Dec 19 17:44:32 vula kernel: [ 4047.508360]  [<ffffffff81087e5b>] ?
kthread+0xeb/0x110
Dec 19 17:44:32 vula kernel: [ 4047.508362]  [<ffffffff81087d70>] ?
kthread_park+0x60/0x60
Dec 19 17:44:32 vula kernel: [ 4047.508363]  [<ffffffff815e1c8e>] ?
ret_from_fork+0x3e/0x70
Dec 19 17:44:32 vula kernel: [ 4047.508364]  [<ffffffff81087d70>] ?
kthread_park+0x60/0x60
Dec 19 17:44:32 vula kernel: [ 4047.508365] ---[ end trace c5e955d006e5124c ]---

Lots of things like that in my kernel log...
Reply to: