It's not PaX related, I've disable PaX and recompiled completly and stills segfault when emerge does the .configure of xz package (it happened to me too when enabling some flags in .configure of samhain, I have disable too ACPI completly too and stills segfaulting.
I changed VirtualBox with KVM and segfaults in both. I 2013/7/16 Jens Kasten <[email protected]> > Hi, > > first which rsbac version you are using. > Appears this bug also when you try the rsbac-sources without pax? > > Jens > > Am 2013-07-15 03:07, schrieb Javier Juan Martínez Cabezón: > > I send related PaX .config if you need it: >> >> # >> # PaX >> # >> CONFIG_ARCH_TRACK_EXEC_LIMIT=y >> CONFIG_PAX_PER_CPU_PGD=y >> CONFIG_PAX=y >> >> # >> # PaX Control >> # >> CONFIG_PAX_SOFTMODE=y >> # CONFIG_PAX_EI_PAX is not set >> CONFIG_PAX_PT_PAX_FLAGS=y >> # CONFIG_PAX_XATTR_PAX_FLAGS is not set >> # CONFIG_PAX_NO_ACL_FLAGS is not set >> CONFIG_PAX_HAVE_ACL_FLAGS=y >> # CONFIG_PAX_HOOK_ACL_FLAGS is not set >> >> # >> # Non-executable pages >> # >> CONFIG_PAX_NOEXEC=y >> CONFIG_PAX_PAGEEXEC=y >> # CONFIG_PAX_SEGMEXEC is not set >> CONFIG_PAX_EMUTRAMP=y >> CONFIG_PAX_MPROTECT=y >> # CONFIG_PAX_ELFRELOCS is not set >> CONFIG_PAX_KERNEXEC=y >> CONFIG_PAX_KERNEXEC_PLUGIN_**METHOD="" >> >> # >> # Address Space Layout Randomization >> # >> CONFIG_PAX_ASLR=y >> CONFIG_PAX_RANDKSTACK=y >> CONFIG_PAX_RANDUSTACK=y >> CONFIG_PAX_RANDMMAP=y >> >> # >> # Miscellaneous hardening features >> # >> # CONFIG_PAX_MEMORY_SANITIZE is not set >> # CONFIG_PAX_MEMORY_STACKLEAK is not set >> # CONFIG_PAX_MEMORY_UDEREF is not set >> CONFIG_PAX_REFCOUNT=y >> # CONFIG_PAX_USERCOPY is not set >> # CONFIG_PAX_CONSTIFY_PLUGIN is not set >> # CONFIG_PAX_SIZE_OVERFLOW is not set >> # CONFIG_KEYS is not set >> CONFIG_SECURITY_DMESG_**RESTRICT=y >> # CONFIG_SECURITY is not set >> # CONFIG_SECURITYFS is not set >> CONFIG_DEFAULT_SECURITY_DAC=y >> CONFIG_DEFAULT_SECURITY="" >> CONFIG_XOR_BLOCKS=y >> CONFIG_ASYNC_CORE=y >> CONFIG_ASYNC_MEMCPY=y >> CONFIG_ASYNC_XOR=y >> CONFIG_ASYNC_PQ=y >> CONFIG_ASYNC_RAID6_RECOV=y >> CONFIG_CRYPTO=y >> >> # >> >> 2013/7/15 Javier Juan Martínez Cabezón <[email protected]> >> >> Hi all >>> >>> I'm with this several months and I still without knowing if it was >>> mistake from me while patching PaX with rsbac at hand or is a >>> kernel bug, or it's from VirtualBox (the behaviour is horrible, >>> sorry): >>> >>> After the bug hits system guest gets unusable, hard reset is >>> required, every command executed gets segfaulted from there. >>> >>> I can reproduce it easily, using backup_all (a shell script that >>> makes the sec policy backup (as in this case)) or with ./configure >>> when compiling (as emerge does something), so emerge usually does >>> seg fault. The EIP is always at the same, strnlen+0x6/0x18 >>> >>> Jul 13 22:50:02 orion kernel: BUG: unable to handle kernel paging >>> request at 00001033 >>> Jul 13 22:50:02 orion kernel: IP: [<001aa8e2>] strnlen+0x6/0x18 >>> Jul 13 22:50:02 orion kernel: *pdpt = 000000000e965001 *pde = >>> 0000000000000000 >>> Jul 13 22:50:02 orion kernel: Oops: 0000 [#1] >>> Jul 13 22:50:02 orion kernel: >>> Jul 13 22:50:02 orion kernel: Pid: 4147, comm: bash Not tainted >>> 3.4.0-rsbac #9 innotek GmbH VirtualBox >>> Jul 13 22:50:02 orion kernel: EIP: 0060:[<001aa8e2>] EFLAGS: >>> 00010217 CPU: 0 >>> Jul 13 22:50:02 orion kernel: EIP is at strnlen+0x6/0x18 >>> Jul 13 22:50:02 orion kernel: EAX: 00001033 EBX: ce9c0069 ECX: >>> 00001033 EDX: 0000000e >>> Jul 13 22:50:02 orion kernel: ESI: 00001033 EDI: ce9c0069 EBP: >>> ce9c07f5 ESP: c66d3b38 >>> Jul 13 22:50:02 orion kernel: DS: 0068 ES: 0068 FS: 0000 GS: 0000 >>> SS: 0068 >>> Jul 13 22:50:02 orion kernel: CR0: 8005003b CR2: 00001033 CR3: >>> 01415000 CR4: 000006f0 >>> Jul 13 22:50:02 orion kernel: DR0: 00000000 DR1: 00000000 DR2: >>> 00000000 DR3: 00000000 >>> Jul 13 22:50:02 orion kernel: DR6: ffff0ff0 DR7: 00000400 >>> Jul 13 22:50:02 orion kernel: Process bash (pid: 4147, ti=e738ee3c >>> task=e738ebd0 task.ti=e738ee3c) >>> Jul 13 22:50:02 orion kernel: Stack: >>> Jul 13 22:50:02 orion kernel: 001a884b c66d3bb4 c66d3bb0 c66d3bb4 >>> ce9c0069 ce9c0069 001a916e 000fff00 >>> Jul 13 22:50:02 orion kernel: 000fffff 0000000f ce9c07f5 ce9c000b >>> c1514bcb 000007ea ff0a0004 000fffff >>> Jul 13 22:50:02 orion kernel: ce9c0000 c66d3bdc c66d3bac c66d3bdc >>> 0004dfc6 c66d3ba8 e702a4c0 c66d3bdc >>> Jul 13 22:50:02 orion kernel: Call Trace: >>> Jul 13 22:50:02 orion kernel: [<001a884b>] ? >>> string.isra.1+0x25/0x8c >>> Jul 13 22:50:02 orion kernel: [<001a916e>] ? vsnprintf+0x139/0x257 >>> Jul 13 22:50:02 orion kernel: [<000fff00>] ? bio_map_user+0x13/0x25 >>> Jul 13 22:50:02 orion kernel: [<000fffff>] ? bio_map_kern+0xb0/0xd9 >>> Jul 13 22:50:02 orion kernel: [<000fffff>] ? bio_map_kern+0xb0/0xd9 >>> Jul 13 22:50:02 orion kernel: [<0004dfc6>] ? rsbac_printk+0x52/0x18e >>> Jul 13 22:50:02 orion kernel: [<0007d3ee>] ? >>> rsbac_adf_set_attr_cap+0x680/**0x9a6 >>> Jul 13 22:50:02 orion kernel: [<00038a00>] ? >>> smp_apic_timer_interrupt+0x62/**0x6a >>> Jul 13 22:50:02 orion kernel: [<00407f91>] ? >>> resume_userspace_sig+0x1b/0x2a >>> Jul 13 22:50:02 orion kernel: [<0007148e>] ? >>> rsbac_adf_set_attr+0x45f/**0x12b3 >>> Jul 13 22:50:02 orion kernel: [<00800001>] ? 0x800000 >>> Jul 13 22:50:02 orion kernel: [<0009fa4f>] ? do_adjtimex+0x2ab/0x550 >>> Jul 13 22:50:02 orion kernel: [<000e85ec>] ? >>> do_path_lookup+0x17/0x4a >>> Jul 13 22:50:02 orion kernel: [<000e8963>] ? >>> user_path_at_empty+0x4b/0x69 >>> Jul 13 22:50:02 orion kernel: [<000e8963>] ? >>> user_path_at_empty+0x4b/0x69 >>> Jul 13 22:50:02 orion kernel: [<000c6a52>] ? __do_fault+0x357/0x389 >>> Jul 13 22:50:02 orion kernel: [<0002cc9e>] ? >>> free_thread_xstate+0x17/0x23 >>> Jul 13 22:50:02 orion kernel: [<00110c60>] ? >>> load_elf_binary+0xf05/0xfbf >>> Jul 13 22:50:02 orion kernel: [<00110c60>] ? >>> load_elf_binary+0xf05/0xfbf >>> Jul 13 22:50:02 orion kernel: [<00030502>] ? >>> x86_pmu_event_init+0x23c/0x2d1 >>> Jul 13 22:50:02 orion kernel: [<000e2f53>] ? >>> do_execve_common+0x363/0x45e >>> Jul 13 22:50:02 orion kernel: [<00800001>] ? 0x800000 >>> Jul 13 22:50:02 orion kernel: [<0009fa4f>] ? do_adjtimex+0x2ab/0x550 >>> Jul 13 22:50:02 orion kernel: [<000e85ec>] ? >>> do_path_lookup+0x17/0x4a >>> Jul 13 22:50:02 orion kernel: [<000e8963>] ? >>> user_path_at_empty+0x4b/0x69 >>> Jul 13 22:50:02 orion kernel: [<000e8963>] ? >>> user_path_at_empty+0x4b/0x69 >>> Jul 13 22:50:02 orion kernel: [<000c6a52>] ? __do_fault+0x357/0x389 >>> Jul 13 22:50:02 orion kernel: [<00800001>] ? 0x800000 >>> Jul 13 22:50:02 orion kernel: [<0009fa4f>] ? >>> do_adjtimex+0x2ab/0x550 >>> Jul 13 22:50:02 orion kernel: [<00800001>] ? 0x800000 >>> Jul 13 22:50:02 orion kernel: [<0009fa4f>] ? do_adjtimex+0x2ab/0x550 >>> Jul 13 22:50:02 orion kernel: [<000e85ec>] ? >>> do_path_lookup+0x17/0x4a >>> Jul 13 22:50:02 orion kernel: [<000e8963>] ? >>> user_path_at_empty+0x4b/0x69 >>> Jul 13 22:50:02 orion kernel: [<000e8963>] ? >>> user_path_at_empty+0x4b/0x69 >>> Jul 13 22:50:02 orion kernel: [<00800001>] ? 0x800000 >>> Jul 13 22:50:02 orion kernel: [<0009fa4f>] ? >>> do_adjtimex+0x2ab/0x550 >>> Jul 13 22:50:02 orion kernel: [<000c6a52>] ? __do_fault+0x357/0x389 >>> Jul 13 22:50:02 orion kernel: [<000e626c>] ? getname_flags+0x1b/0xbf >>> Jul 13 22:50:02 orion kernel: [<000e3057>] ? do_execve+0x9/0xb >>> Jul 13 22:50:02 orion kernel: [<0002d0f1>] ? sys_execve+0x2c/0x50 >>> Jul 13 22:50:02 orion kernel: [<004087f2>] ? ptregs_execve+0x12/0x20 >>> Jul 13 22:50:02 orion kernel: [<00408009>] ? syscall_call+0x7/0xb >>> Jul 13 22:50:02 orion kernel: [<00408024>] ? restore_all_pax+0x7/0x7 >>> Jul 13 22:50:02 orion kernel: [<000290d5>] ? >>> math_state_restore+0x96/0x96 >>> Jul 13 22:50:02 orion kernel: [<00010206>] ? >>> kvm_arch_vcpu_ioctl_run+0x79a/**0xbdc >>> Jul 13 22:50:02 orion kernel: [<0003c0a9>] ? >>> vmalloc_sync_all+0x1/0x1 >>> Jul 13 22:50:02 orion kernel: [<00408024>] ? restore_all_pax+0x7/0x7 >>> Jul 13 22:50:02 orion kernel: [<0040007b>] ? >>> pcnet32_remove_one+0x22/0xe3 >>> Jul 13 22:50:02 orion kernel: [<0001007b>] ? >>> kvm_arch_vcpu_ioctl_run+0x60f/**0xbdc >>> Jul 13 22:50:02 orion kernel: [<0003c0a9>] ? >>> vmalloc_sync_all+0x1/0x1 >>> Jul 13 22:50:02 orion kernel: [<00010287>] ? >>> kvm_arch_vcpu_ioctl_run+0x81b/**0xbdc >>> Jul 13 22:50:02 orion kernel: Code: d0 f2 ae 74 05 bf 01 00 00 00 4f >>> eb 02 31 ff 89 f8 5f c3 85 c9 57 89 c7 74 07 89 d0 f2 ae 75 01 4f 89 >>> f8 5f c3 89 c1 89 c8 eb 06 <80> 38 00 74 07 40 4a 83 fa ff 75 f4 29 >>> c8 c3 90 90 90 57 83 c9 >>> Jul 13 22:50:02 orion kernel: EIP: [<001aa8e2>] strnlen+0x6/0x18 >>> SS:ESP 0068:c66d3b38 >>> Jul 13 22:50:02 orion kernel: CR2: 0000000000001033 >>> Jul 13 22:50:02 orion kernel: ---[ end trace 4a7d8fa933a5d5dd ]--- >>> >>> Jul 13 22:59:01 orion kernel: BUG: unable to handle kernel paging >>> request at 000010a1 >>> Jul 13 22:59:01 orion kernel: IP: [<001aa8e2>] strnlen+0x6/0x18 >>> Jul 13 22:59:01 orion kernel: *pdpt = 000000000df00001 *pde = >>> 0000000000000000 >>> Jul 13 22:59:01 orion kernel: Oops: 0000 [#2] >>> Jul 13 22:59:01 orion kernel: >>> Jul 13 22:59:01 orion kernel: Pid: 4257, comm: bash Tainted: >>> G D 3.4.0-rsbac #9 innotek GmbH VirtualBox >>> Jul 13 22:59:01 orion kernel: EIP: 0060:[<001aa8e2>] EFLAGS: >>> 00010217 CPU: 0 >>> Jul 13 22:59:01 orion kernel: EIP is at strnlen+0x6/0x18 >>> Jul 13 22:59:01 orion kernel: EAX: 000010a1 EBX: ce9c0869 ECX: >>> 000010a1 EDX: 0000000e >>> Jul 13 22:59:01 orion kernel: ESI: 000010a1 EDI: ce9c0869 EBP: >>> ce9c0ff5 ESP: c66cfb48 >>> Jul 13 22:59:01 orion kernel: DS: 0068 ES: 0068 FS: 0000 GS: 0000 >>> SS: 0068 >>> Jul 13 22:59:01 orion kernel: CR0: 8005003b CR2: 000010a1 CR3: >>> 01415000 CR4: 000006f0 >>> Jul 13 22:59:01 orion kernel: DR0: 00000000 DR1: 00000000 DR2: >>> 00000000 DR3: 00000000 >>> Jul 13 22:59:01 orion kernel: DR6: ffff0ff0 DR7: 00000400 >>> Jul 13 22:59:01 orion kernel: Process bash (pid: 4257, ti=e738ee3c >>> task=e738ebd0 task.ti=e738ee3c) >>> >> >
