Re: Crashes with Grsecurity kernel

From: Christian Rößner <c_at_roessner-network-solutions.com>
Date: Sun, 11 Jan 2015 16:13:59 +0100

Hi,

> Am 11.01.2015 um 12:33 schrieb A. Schulze <sca_at_andreasschulze.de>:
>
>
> Christian Rößner:
>
>> I really hope that this problem can be fixed.
>
> Christian: no idea about your problems nature.
> I switched to 2.10.0 yesterday and will observe it's stability.
> ( Debian Wheezy )
>
> But I don't expect surprises if I look at the sourcecode diffs 2.9.2 vs. 2.10.0

You don’t have Grsecurity. Your kernel does not protect stack frames. I _believe_ the are pointers that define a memory block, which is too small for some operation and these operations overwrite. If you are lucky, nothing happens. And this seems to be the case with all versions of OpenDKIM up to 2.10.0. But if I understood the Grsecurity stuff correctly, the stack frames are protected. There is some random thing that is written to the end of a frame (or the beginning; don’t know) and if a function overwrites this value, because of bad allocated memory, the kernel kills the process. This is, what I BELIEVE happens. I guess there is a function that will create a new frame and it overwrites to a neighbor.

I am not a gcc/glibc/kernel expert. All I think is that some pointers are bad and we were lucky that the bug did not appear for most people. If I knew how to apply gdb and how to backtrace this, I would run the Grsecurity kernel again and provide debugging output. I will try to rerun this now with gdb —pid. Hopefully this will work.

Sorry, I know there is much speculation here. But right now, where I am using a standard unprotected kernel, OpenDKIM is running. So something in OpenDKIM brings a hardened kernel to a kill of the process. And it wouldn’t do this, if there was no good reason for it.

Best wishes

Christian
--
Bachelor of Science Informatik
Erlenwiese 14, 36304 Alsfeld
T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345
USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com



Received on Sun Jan 11 2015 - 15:14:17 PST

This archive was generated by hypermail 2.3.0 : Sun Jan 11 2015 - 15:18:01 PST