Page 1 of 1

Linux 2.4.28, Error copying structures to the kernel.

PostPosted: Sat Nov 27, 2004 3:32 am
by urug
Hello

Gradm2.0.2 doesn't want to work with my kernel-2.4.28. When I trying to gradm -E, i got this error (Like in topic).
(I set 'medium' in grsec config) .

EDIT:
I have Slackware 10.0
glibc-2.3.3
glib2-2.4.7
glib-1.2.10
gcc-3.3.4

When I compiled gradm and kernel with grsec on old glibc, gradm worked.
(2.4.27+grsec+pom) .

.

PostPosted: Sat Nov 27, 2004 3:07 pm
by urug
I have same error on 2.4.27 kernel with gradm2.0.1
(With pom)

Please help

Linux 2.4.28, Error copying structures to the kernel.

PostPosted: Sat Nov 27, 2004 8:21 pm
by fonya
I have this problem too. I compile the kernel with gcc-3.4.1, on a Fedora Core 2
And I compile gradm after reboot the new kernel. /I use the new patch, and tool/

PostPosted: Sun Nov 28, 2004 7:58 am
by spender
What appears in your dmesg when you run gradm -E?

-Brad

.

PostPosted: Sun Nov 28, 2004 8:23 am
by urug
root:|/tmp|: gradm -E
Error copying structures to the kernel.
root:|/tmp|:

---[ dmesg ]--
grsec: From 192.168.1.2: Unable to load grsecurity 2.0.2 for /sbin/gradm[gradm:8169] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:24140] uid/euid:0/0 gid/egid:0/0


---[ strace gradm -E ]---
open("/dev/grsec", O_WRONLY) = 5
write(5, "\20\356\7\10\2\2\0\0\34\1\0\0", 12) = -1 EFAULT (Bad address)
write(2, "Error copying structures to the "..., 40Error copying structures to the kernel.
) = 40
close(5) = 0
exit_group(1) = ?

Thats all .

PostPosted: Sun Nov 28, 2004 5:14 pm
by spender
Is your /etc/grsec/policy any different from the default?
If it is, can you send it to spender@grsecurity.net?

-Brad

.

PostPosted: Mon Nov 29, 2004 2:42 am
by urug
I have default /etc/grsec/policy file.

PostPosted: Mon Nov 29, 2004 4:11 pm
by spender
I'm really busy at the moment with finals and such, so you have two options to help get this problem fixed:

In gracl.c, add printks before each copy from userspace that can return -EFAULT. Each printk should be unique.

example:
Code: Select all
               if (copy_from_user(g_tmp, *guser,
                                   sizeof (struct acl_object_label)))
                        return -EFAULT;


change this to:
Code: Select all
               printk("A\n");
                if (copy_from_user(g_tmp, *guser,
                                   sizeof (struct acl_object_label)))
                        return -EFAULT;

once you've covered all of them, recompile and reboot with that kernel. When you run gradm -E this time, check the dmesg for the last outputted message. This will tell me what pointer in userspace is possibly null or corrupt.

Your other choice is to wait 2 weeks or so for me to make this patch up for you.

-Brad

.

PostPosted: Wed Dec 01, 2004 10:50 am
by urug
I think, I wait for this patch ;]

PostPosted: Wed Dec 01, 2004 4:30 pm
by fonya
spender wrote:I
once you've covered all of them, recompile and reboot with that kernel. When you run gradm -E this time, check the dmesg for the last outputted message. This will tell me what pointer in userspace is possibly null or corrupt.
-Brad


Hi,

I make those changes, the number in the printk output are the lines, where I wrote the printk itself:
<------------- CUT ------------->
copy_from_user 1056
copy_from_user 1071
copy_from_user 1273
grsec: Unable to load grsecurity 2.0.2 for /sbin/gradm[gradm:16793]
uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:16227] uid/euid:0/0
gid/egid:0/0
<------------- CUT ------------->

So my problem exist in the copy_user_subjs() function.

I hope it's usefull for You :)

Thank You for Your help!

PostPosted: Mon Dec 06, 2004 1:54 pm
by spender
Since I can't duplicate the problem on my machine, could you give me access to yours so that I can debug the problem? I'd need to use valgrind and insert some debugging into gradm so that I can see which subject being passed to the kernel in the list is using a bad pointer.

-Brad

.

PostPosted: Mon Dec 06, 2004 2:02 pm
by urug
Well I think I can give you my root pass, but this is very slow machine :)
Can I meet you on IRC ?

PostPosted: Mon Dec 06, 2004 2:23 pm
by spender
irc.oftc.net #grsecurity

-Brad

PostPosted: Tue Dec 07, 2004 2:47 pm
by spender
The problem has been fixed in current CVS of gradm2. A change was made to gradm_defs.h

-Brad

PostPosted: Tue Dec 07, 2004 4:18 pm
by fonya
Thanks a lot!

It works for me now! :lol: