On Thu, May 17, 2012 at 6:04 AM, Anthony G. Basile <[email protected]> wrote: > Please open a bug, attach both config files. It would be useful if you also > identify on which options it breaks. Liberte, last I looked, has quite a > few hardening features off. Pay attention to GRKERNSEC_IO, PAX_PAGEEXEC, > PAX_KERNEXEC, PAX_MEMORY_UDEREF.
It took less time to work it out than I expected; a bit of a binary search through the grsecurity/PaX options I had enabled pretty clearly indicates the culprint is PAX_MEMORY_UDEREF. Using both xf86-video-intel-2.17.0-r3 and 2.19.0 and xorg-server-1.11.3 and 1.12.1, there's a bug introduced between hardened-sources-3.2.2-r1 and >=3.2.11 that by enabling PAX_MEMORY_UDEREF the i915/i965 kernel module gets a "BUG: unable to handle kernel NULL pointer dereference" in i915_gem_execbuffer_reserve when starting X. I'll submit a bug shortly.
