Community Packages

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#49282 - [linux-grsec] gnome-shell killed by grsec kernel

Attached to Project: Community Packages
Opened by Muharem Hrnjadovic (al_maisan) - Monday, 09 May 2016, 22:23 GMT
Last edited by Daniel Micay (thestinger) - Wednesday, 11 May 2016, 23:52 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Daniel Micay (thestinger)
Architecture All
Severity Very Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:
May 09 10:25:18 meyyens gnome-session[622]: gnome-session-binary[622]: WARNING: Application 'org.gnome.Shell.desktop' killed by signal 9
May 09 10:25:18 meyyens kernel: PAX: size overflow detected in function track_pfn_insert arch/x86/mm/pat.c:961 cicus.328_21 max, count: 27, decl: lookup_memtype; num: 1;
May 09 10:25:18 meyyens kernel: CPU: 0 PID: 637 Comm: gnome-shell Not tainted 4.5.3.201605080858-1-grsec #1
May 09 10:25:18 meyyens kernel: Hardware name: LENOVO 2325B15/2325B15, BIOS G2ETA6WW (2.66 ) 03/03/2016
May 09 10:25:18 meyyens kernel: ba76bfd700000002 ba76bfd7aad255cc 0000000000000286 0000000000000000
May 09 10:25:18 meyyens kernel: ffffc900012fbb30 ffffffff97311cbb 0000000000000007 ba76bfd7aad255cc
May 09 10:25:18 meyyens kernel: ffffffff9791b4ab 00000000000003c1 ffffc900012fbb60 ffffffff971d8b14
May 09 10:25:18 meyyens kernel: Call Trace:
May 09 10:25:18 meyyens kernel: [<ffffffff97311cbb>] dump_stack+0x76/0xc3
May 09 10:25:18 meyyens kernel: [<ffffffff971d8b14>] report_size_overflow+0x6c/0x80
May 09 10:25:18 meyyens kernel: [<ffffffff970611a4>] track_pfn_insert+0x8c/0xb0
May 09 10:25:18 meyyens kernel: [<ffffffff97172ead>] vm_insert_pfn+0x85/0x130
May 09 10:25:18 meyyens kernel: [<ffffffffc0117f3c>] i915_gem_fault+0x3e4/0x5f0 [i915]
May 09 10:25:18 meyyens kernel: [<ffffffff9716de66>] __do_fault+0xae/0x190
May 09 10:25:18 meyyens kernel: [<ffffffff971735e9>] handle_mm_fault+0x491/0x1eb0
May 09 10:25:18 meyyens kernel: [<ffffffff9705aa7c>] __do_page_fault+0x204/0x5d0
May 09 10:25:18 meyyens kernel: [<ffffffff97659f75>] ? pax_exit_kernel_user+0x35/0x140
May 09 10:25:18 meyyens kernel: [<ffffffff9705ae6a>] do_page_fault+0x22/0x40
May 09 10:25:18 meyyens kernel: [<ffffffff9765bb38>] page_fault+0x28/0x30
May 09 10:25:18 meyyens gnome-session-binary[622]: WARNING: Application 'org.gnome.Shell.desktop' killed by signal 9
May 09 10:25:18 meyyens gnome-session-binary[622]: Unrecoverable failure in required component org.gnome.Shell.desktop


Additional info:
* package version(s)

linux-grsec 4.5.3.201605080858-1
gnome-shell 3.20.1-1

Steps to reproduce:
Just boot the system with the grsec kernel, gdm login screen never comes up and the system hangs. Cannot switch to a different console using Ctrl-Alt-F[1-9]
This task depends upon

Closed by  Daniel Micay (thestinger)
Wednesday, 11 May 2016, 23:52 GMT
Reason for closing:  Fixed
Comment by Daniel Micay (thestinger) - Monday, 09 May 2016, 22:35 GMT
It's either an upstream Linux kernel bug, a benign overflow in the kernel or a SIZE_OVERFLOW false positive. It's not a gnome-shell bug.
Comment by Muharem Hrnjadovic (al_maisan) - Monday, 09 May 2016, 22:57 GMT
BTW,

paxctl -cm /usr/bin/gnome-shell

had no effect. The problem persists.
Comment by Daniel Micay (thestinger) - Monday, 09 May 2016, 23:04 GMT
Yes, it's in the kernel, not userspace.
Comment by Muharem Hrnjadovic (al_maisan) - Monday, 09 May 2016, 23:05 GMT
Last but not least, this kernel does *not* exhibit the problem: linux-grsec 4.5.2.201604290633-1
Comment by Daniel Micay (thestinger) - Monday, 09 May 2016, 23:06 GMT
Also, paxctl won't do anything with the Arch Linux kernel. It uses the more modern XATTR exception method.
Comment by zless (roentgen) - Tuesday, 10 May 2016, 04:30 GMT
The same function: https://forums.grsecurity.net/viewtopic.php?f=3&t=4469

Still needs work to fix it.
Comment by Jay (GSF1200S) - Wednesday, 11 May 2016, 02:33 GMT
I get the exact same error (except the context part) in systemd's log (journalctl) when trying to startx on the grsec kernel. Using the standard arch kernel of course I have no issue starting X. I use openbox. It hard locks my system to where only hard powering down fixes the problem.

codething kernel: PAX: size overflow detected in function track_pfn_insert arch/x86/mm/pat.c:961 cicus.328_21 max, count: 27, decl: lookup_memtype; num: 1; context: fndecl;

Is this a bug that we need to wait for upstream to fix on the kernel itself, or is there something I need to do to handle this? I can start a new bug report if necessary...

**EDIT** I notice spender said the latest patch should fix this issue.
Comment by Alexander Kempen (chron) - Wednesday, 11 May 2016, 12:56 GMT
It's fixed in 201605102138. Just tested it.
Comment by Muharem Hrnjadovic (al_maisan) - Wednesday, 11 May 2016, 18:56 GMT
`pacman -Syu` is offering linux-grsec-4.5.3.201605080858-1
I guess we still need to wait for the 201605102138 kernel?
Comment by Muharem Hrnjadovic (al_maisan) - Wednesday, 11 May 2016, 19:26 GMT
@chron: how did you test the 201605102138 grsec kernel?
Comment by Daniel Micay (thestinger) - Wednesday, 11 May 2016, 20:27 GMT
SIZE_OVERFLOW is very aggressive by nature. If you run into problems, you always have the option of setting it to the report only mode. Both false positives and benign overflows are a common occurrence. It's a very valuable mitigation nonetheless.
Comment by Jay (GSF1200S) - Wednesday, 11 May 2016, 23:42 GMT
It is indeed fixed for me with linux-grsec-4.5.3.201605102138-1

Loading...