I patched and compiled my own grsecurity kernel on the raspberry pi 2. When testing, everything works fine, except docker. When I try to start it I get a:
- Code: Select all
Killed (core dumped)
When inspecting further, I see in the kernel logs that the error comes from PAX:
- Code: Select all
Jul 20 19:03:46 rPi kernel: PAX: From 192.168.1.37: execution attempt in: (null), 00000000-00000000 00000000
Jul 20 19:03:46 rPi kernel: PAX: terminating task: /usr/bin/docker(docker):720, uid/euid: 1000/1000, PC: ffff0fc0, SP: 76bc9f1c
Jul 20 19:03:46 rPi kernel: PAX: bytes at PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ??
Jul 20 19:03:46 rPi kernel: PAX: bytes at SP-4: ffffffff 000527e8 00056610 76bc9f38 00000001 00000002 76bc9f74 00003039 00000001 60cbf8d0 76bc9f4c 000139d8 00800000 00000000 00000000 00000000 00001000 00000000 00000000 00000000 00000000
Since I am still learning about both grsecurity and docker, I am really not sure what can be the cause of this. Is there any specific configuration that needs to be done for using docker? Or is there another way to solve the problem?
Thanks in advance for any advice.
OS: ArchLinux armv7h
Current grsec/pax kernel config: http://pastebin.com/SgpPu9nG