Menu
▾
▴
devil-linux-discuss
|
From: Andrzej O. <an...@ma...> - 2013-01-18 14:18:48
|
Dears, be carefull if you use vsftpd on DL compiled with grsec. Do not upgrade to last version (1.6.3, kernel 3.2.35). Probably problem is in grsec. In moment of first ftp transmission efect is following: > BUG: unable to handle kernel NULL pointer dereference at 00000020 > IP: [<c013f967>] dup_mm+0x247/0x4e0 > *pdpt = 0000000004bfe001 *pde = 0000000000000000 > Oops: 0000 [#1] SMP > Modules linked in: tun xt_connbytes act_mirred ip6table_filter ifb act_police ... > > Pid: 3683, comm: vsftpd Tainted: G O 3.2.35-grsec #1 /DQ67SW > EIP: 0060:[<c013f967>] EFLAGS: 00210286 CPU: 1 > EAX: f38fa5c0 EBX: eaaf52a0 ECX: e48e1a80 EDX: 00000000 > ESI: f505932c EDI: e48e1adc EBP: f37e30c0 ESP: c517becc > DS: 0068 ES: 0068 FS: 00d8 GS: 00e0 SS: 0068 > Process vsftpd (pid: 3683, ti=f36fc2b0 task=f36fc030 task.ti=f36fc2b0) > Stack: > 00200202 f3bc5900 e48e1a80 00000000 00000000 f3bc5938 f37e30f8 f37e30c0 > f37e30c4 00000000 f36fc030 f36fc030 ea52d420 fffffff4 ea59e688 01200011 > c014070a 00000000 c517bf5c bf395060 c517bfb4 ea52d6a4 ea52d54c 00000000 > Call Trace: > [<c014070a>] ? copy_process+0xb0a/0xdd0 > [<c0140a62>] ? do_fork+0x92/0x270 > [<c04b6938>] ? sys_socketcall+0x148/0x350 > [<c01125c0>] ? sys_clone+0x30/0x40 > [<c0590085>] ? ptregs_clone+0x15/0x20 > [<c058f2cc>] ? syscall_call+0x7/0xb > Code: 46 50 81 66 1c ff df ff ff c7 46 10 00 00 00 00 85 c0 c7 46 0c 00 00 00 00 c7 46 58 00 00 00 00 74 4b 8b 50 0c 8b b0 84 00 00 00 <8b> 52 20 f0 ff 40 1c 8b 7c 24 08 f6 47 1d 08 74 07 f0 ff 8a b8 > EIP: [<c013f967>] dup_mm+0x247/0x4e0 SS:ESP 0068:c517becc > CR2: 0000000000000020 > ---[ end trace e5446380ef6aad88 ]--- > 0ef6aad88 ]--- and kernel stops. Problem is known here: http://forums.grsecurity.net/viewtopic.php?t=3230&p=12453 and issue is present in 3.2.36 too. From today is accessible new patch 3.2.37 so probably grsec author works on new grsec patch. Best Regards Andrzej Odyniec |
|
From: Bruce S. <bw...@re...> - 2013-01-18 15:29:37
|
You can try the DL Server version to confirm it's grsec. - BS On Fri, Jan 18, 2013 at 9:13 AM, Andrzej Odyniec <an...@ma...>wrote: > Dears, > > be carefull if you use vsftpd on DL compiled with grsec. Do not upgrade to > last version (1.6.3, kernel 3.2.35). Probably problem is in grsec. In > moment > of first ftp transmission efect is following: > > > BUG: unable to handle kernel NULL pointer dereference at 00000020 > > IP: [<c013f967>] dup_mm+0x247/0x4e0 > > *pdpt = 0000000004bfe001 *pde = 0000000000000000 > > Oops: 0000 [#1] SMP > > Modules linked in: tun xt_connbytes act_mirred ip6table_filter ifb > act_police ... > > > > Pid: 3683, comm: vsftpd Tainted: G O 3.2.35-grsec #1 > /DQ67SW > > EIP: 0060:[<c013f967>] EFLAGS: 00210286 CPU: 1 > > EAX: f38fa5c0 EBX: eaaf52a0 ECX: e48e1a80 EDX: 00000000 > > ESI: f505932c EDI: e48e1adc EBP: f37e30c0 ESP: c517becc > > DS: 0068 ES: 0068 FS: 00d8 GS: 00e0 SS: 0068 > > Process vsftpd (pid: 3683, ti=f36fc2b0 task=f36fc030 task.ti=f36fc2b0) > > Stack: > > 00200202 f3bc5900 e48e1a80 00000000 00000000 f3bc5938 f37e30f8 f37e30c0 > > f37e30c4 00000000 f36fc030 f36fc030 ea52d420 fffffff4 ea59e688 01200011 > > c014070a 00000000 c517bf5c bf395060 c517bfb4 ea52d6a4 ea52d54c 00000000 > > Call Trace: > > [<c014070a>] ? copy_process+0xb0a/0xdd0 > > [<c0140a62>] ? do_fork+0x92/0x270 > > [<c04b6938>] ? sys_socketcall+0x148/0x350 > > [<c01125c0>] ? sys_clone+0x30/0x40 > > [<c0590085>] ? ptregs_clone+0x15/0x20 > > [<c058f2cc>] ? syscall_call+0x7/0xb > > Code: 46 50 81 66 1c ff df ff ff c7 46 10 00 00 00 00 85 c0 c7 46 0c 00 > 00 00 00 c7 46 58 00 00 00 00 74 4b 8b 50 0c 8b b0 84 00 00 00 <8b> 52 20 > f0 ff 40 1c 8b 7c 24 08 f6 47 1d 08 74 07 f0 ff 8a b8 > > EIP: [<c013f967>] dup_mm+0x247/0x4e0 SS:ESP 0068:c517becc > > CR2: 0000000000000020 > > ---[ end trace e5446380ef6aad88 ]--- > > 0ef6aad88 ]--- > > and kernel stops. > > Problem is known here: > http://forums.grsecurity.net/viewtopic.php?t=3230&p=12453 and issue is > present > in 3.2.36 too. From today is accessible new patch 3.2.37 so probably grsec > author works on new grsec patch. > > Best Regards > > Andrzej Odyniec > > > ------------------------------------------------------------------------------ > Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and > much more. Get web development skills now with LearnDevNow - > 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. > SALE $99.99 this month only -- learn more at: > http://p.sf.net/sfu/learnmore_122812 > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > |
|
From: Andrzej O. <an...@ma...> - 2013-01-21 13:35:08
|
Bruce Smith wrote: > You can try the DL Server version to confirm it's grsec. Of course I tried. Hence the warning. I will say more: I compiled DL the day before with new patch-3.2.37.xz and new grsecurity-2.9.1-3.2.37-201301181518.patch.bz2 well and the problem disappeared. Result image is working succesfully (as to today) on my production router/server sucessfully with vsftpd. So by the time up to new DL building I recommend avoiding update DL with grsec to 1.6.3 if used with vsftpd. Best Regards Andrzej Odyniec |
|
From: Heiko Z. <he...@zu...> - 2013-01-21 13:43:49
|
Andrzej, I'll get the new kernel and grsecurity patches added as soon as I get a chance. As always, thanks for your work. Heiko Quoting Andrzej Odyniec <an...@ma...>: > Bruce Smith wrote: >> You can try the DL Server version to confirm it's grsec. > > Of course I tried. Hence the warning. > > I will say more: I compiled DL the day before with new > patch-3.2.37.xz and new > grsecurity-2.9.1-3.2.37-201301181518.patch.bz2 well and the problem > disappeared. Result image is working succesfully (as to today) on my > production router/server sucessfully with vsftpd. So by the time up to new DL > building I recommend avoiding update DL with grsec to 1.6.3 if used > with vsftpd. > > Best Regards > > Andrzej Odyniec > > ------------------------------------------------------------------------------ > Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, > MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current > with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft > MVPs and experts. SALE $99.99 this month only -- learn more at: > http://p.sf.net/sfu/learnmore_122412 > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss -- Regards Heiko Zuerker http://www.devil-linux.org |
|
From: Heiko Z. <he...@zu...> - 2013-02-11 00:30:55
|
Hey, I added the latest kernel and grsecurity to CVS. Best Regards Heiko Zuerker -----Original Message----- From: Heiko Zuerker [mailto:he...@zu...] Sent: Monday, January 21, 2013 7:44 AM To: dev...@li... Subject: Re: [Devil-Linux-discuss] Warning: kernel 3.2.35-36 grsec and vsftpd kernel panic Andrzej, I'll get the new kernel and grsecurity patches added as soon as I get a chance. As always, thanks for your work. Heiko Quoting Andrzej Odyniec <an...@ma...>: > Bruce Smith wrote: >> You can try the DL Server version to confirm it's grsec. > > Of course I tried. Hence the warning. > > I will say more: I compiled DL the day before with new patch-3.2.37.xz > and new > grsecurity-2.9.1-3.2.37-201301181518.patch.bz2 well and the problem > disappeared. Result image is working succesfully (as to today) on my > production router/server sucessfully with vsftpd. So by the time up to > new DL building I recommend avoiding update DL with grsec to 1.6.3 if > used with vsftpd. > > Best Regards > > Andrzej Odyniec > > ---------------------------------------------------------------------- > -------- Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, > HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your > skills current with LearnDevNow - 3,200 step-by-step video tutorials > by Microsoft MVPs and experts. SALE $99.99 this month only -- learn > more at: > http://p.sf.net/sfu/learnmore_122412 > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss -- Regards Heiko Zuerker http://www.devil-linux.org ---------------------------------------------------------------------------- -- Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122412 _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss |
