NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Postby x14sg1 » Thu Feb 13, 2014 3:30 pm

Hello,

Using the grsecurity-3.0-3.13.2-201402111747.patch and a patched NVIDIA-Linux-x86-334.16.run, I get a kernel OOPS (with nothing in any log files).

A non-grsecurity 3.13.2 kernel works fine. As does the previous NVIDIA-Linux-x86-331.38.run with and without grsecurity

The vmlinuz, config and System.map files, along with the nvidia patch I am using are here:

https://home.comcast.net/~x14sg1/System ... -grsec-smp
https://home.comcast.net/~x14sg1/config ... -grsec-smp
https://home.comcast.net/~x14sg1/vmlinu ... -grsec-smp
https://home.comcast.net/~x14sg1/nv.patch

The nvidia patch is a combination of paxguy's patch(es), me making them work for kernels
with and without grsecurity and patches to get it to compile and work with linux kernels 3.13 and 3.14.

I hope paxguy1 releases a new patch soon.

Command line I used to compile the nvidia module is:

./NVIDIA-Linux-x86-334.16-custom.run --silent --no-network --force-tls=new --no-kernel-module-source --no-backup --no-nvidia-modprobe
x14sg1
 
Posts: 137
Joined: Sun Aug 23, 2009 7:47 pm

Re: NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Postby PaX Team » Thu Feb 13, 2014 7:28 pm

if it's an oops then you surely see something somewhere ;). even if the machine freezes you can still try to take a picture of it (in a framebuffer console for more info). or you could try setting up a serial or net console to capture it.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm

Re: NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Postby x14sg1 » Thu Feb 13, 2014 8:29 pm

Sorry about that.

I should have said after I run xinit, I see a black screen with a non-blinking '-' in the upper left corner and the machine is locked up solid

Still investigating getting more output
x14sg1
 
Posts: 137
Joined: Sun Aug 23, 2009 7:47 pm

Re: NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Postby x14sg1 » Thu Feb 13, 2014 11:15 pm

Ok, figured out how to get netconsole working


Hello,

I retested with the new patch, grsecurity-3.0-3.13.3-201402132113.patch

Here are the files (GPF is the netconsole crash output from syslog - I did not reformat it)

https://home.comcast.net/~x14sg1/GPF
https://home.comcast.net/~x14sg1/System ... -grsec-smp
https://home.comcast.net/~x14sg1/config ... -grsec-smp
https://home.comcast.net/~x14sg1/nv.patch
https://home.comcast.net/~x14sg1/vmlinu ... -grsec-smp
x14sg1
 
Posts: 137
Joined: Sun Aug 23, 2009 7:47 pm

Re: NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Postby PaX Team » Thu Feb 13, 2014 11:40 pm

thanks, this is a UDEREF a violation, the nvidia code tried to access a userland address (in eax) directly without going through the usual userland accessors, so this is likely a security bug as well. for now disabling UDEREF would get this to work but i wouldn't put much faith into this new code... and feel free to report this to them ;).
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm

Re: NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Postby x14sg1 » Thu Feb 13, 2014 11:42 pm

Thank you for the quick reply
x14sg1
 
Posts: 137
Joined: Sun Aug 23, 2009 7:47 pm

Re: NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Postby x14sg1 » Sun Feb 16, 2014 2:02 am

Bug report has been filed
x14sg1
 
Posts: 137
Joined: Sun Aug 23, 2009 7:47 pm

Re: NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Postby x14sg1 » Sun Mar 02, 2014 5:14 pm

NVIDIA bug is 1464774

Anyone know how to track it or if it is even possible to track?
x14sg1
 
Posts: 137
Joined: Sun Aug 23, 2009 7:47 pm

Re: NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Postby PaX Team » Mon Mar 03, 2014 2:18 pm

according to the changelog this bug has been fixed in 334.21.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm

Re: NVIDIA 334.16 kernel OOPS with latest 3.13.2 grsec patch

Postby x14sg1 » Mon Mar 03, 2014 10:26 pm

You beat me to reporting this ... 334.21 fixed the problem

Thanks
x14sg1
 
Posts: 137
Joined: Sun Aug 23, 2009 7:47 pm


Return to grsecurity support