Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200604174220.GA27374@pi3.com.pl>
Date: Thu, 4 Jun 2020 19:42:20 +0200
From: Adam Zabrocki <pi3@....com.pl>
To: lkrg-users@...ts.openwall.com
Subject: Re: Re: Support for 5.7 linux kernel?

Hi,

I've just pushed a basic verification if necessary CONFIG_* options are 
enabled. If I miss something in the latest commit, I will be incrementaly 
adding them.

Please try to recompile the module and check if it works.

Thanks,
Adam

On Thu, Jun 04, 2020 at 05:05:51PM +0200, Mikhail Morfikov wrote:
> On 04/06/2020 15:54, Jacek wrote:
> ...
> 
> I also have something similar/the same now when I'm loading the lkrg module:
> 
> 
> 
> Jun 04 16:58:17 morfikownia kernel: p_lkrg: loading out-of-tree module taints kernel.
> Jun 04 16:58:17 morfikownia kernel: [p_lkrg] Loading LKRG...
> Jun 04 16:58:17 morfikownia kernel: [p_lkrg] System does NOT support SMAP. LKRG can't enforce SMAP validation :(
> Jun 04 16:58:17 morfikownia kernel: Freezing user space processes ... (elapsed 0.016 seconds) done.
> Jun 04 16:58:17 morfikownia kernel: OOM killer disabled.
> Jun 04 16:58:17 morfikownia kernel: [p_lkrg] 8/23 UMH paths were whitelisted...
> Jun 04 16:58:17 morfikownia kernel: [p_lkrg] [kretprobe] register_kretprobe() for <ttwu_do_wakeup> failed! [err=-22]
> Jun 04 16:58:17 morfikownia kernel: [p_lkrg] ERROR: Can't hook ttwu_do_wakeup :(
> Jun 04 16:58:17 morfikownia kernel: =============================================================================
> Jun 04 16:58:17 morfikownia kernel: BUG p_ed_pids (Tainted: G           O    T): Objects remaining in p_ed_pids on __kmem_cache_shutdown()
> Jun 04 16:58:17 morfikownia kernel: -----------------------------------------------------------------------------
> Jun 04 16:58:17 morfikownia kernel: Disabling lock debugging due to kernel taint
> Jun 04 16:58:17 morfikownia kernel: INFO: Slab 0x00000000f876039f objects=32 used=1 fp=0x00000000cab2f402 flags=0x2ffe00000010200
> Jun 04 16:58:17 morfikownia kernel: CPU: 3 PID: 5515 Comm: modprobe Tainted: G    B      O    T 5.7.0-amd64 #4
> Jun 04 16:58:17 morfikownia kernel: Hardware name: LENOVO 2349BM5/2349BM5, BIOS G1ETC2WW (2.82 ) 08/07/2019
> Jun 04 16:58:17 morfikownia kernel: Call Trace:
> Jun 04 16:58:17 morfikownia kernel:  dump_stack+0x50/0x68
> Jun 04 16:58:17 morfikownia kernel:  slab_err+0xdc/0x103
> Jun 04 16:58:17 morfikownia kernel:  ? slub_cpu_dead+0xa0/0xa0
> Jun 04 16:58:17 morfikownia kernel:  __kmem_cache_shutdown.cold+0x31/0x13a
> Jun 04 16:58:17 morfikownia kernel:  shutdown_cache+0x16/0x1b0
> Jun 04 16:58:17 morfikownia kernel:  kmem_cache_destroy+0x229/0x250
> Jun 04 16:58:17 morfikownia kernel:  p_delete_rb_ed_pids+0x8f/0xb0 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_exploit_detection_exit+0x48/0x60 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_exploit_detection_init+0x339/0x3a0 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_lkrg_register+0x1b0/0x1000 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  ? 0xffffffffc0573000
> Jun 04 16:58:17 morfikownia kernel:  do_one_initcall+0x5b/0x240
> Jun 04 16:58:17 morfikownia kernel:  do_init_module+0x5f/0x230
> Jun 04 16:58:17 morfikownia kernel:  load_module+0x26f7/0x29d0
> Jun 04 16:58:17 morfikownia kernel:  ? __do_sys_finit_module+0xc2/0x120
> Jun 04 16:58:17 morfikownia kernel:  __do_sys_finit_module+0xc2/0x120
> Jun 04 16:58:17 morfikownia kernel:  do_syscall_64+0xa4/0x5e7
> Jun 04 16:58:17 morfikownia kernel:  ? do_syscall_64+0x30/0x5e7
> Jun 04 16:58:17 morfikownia kernel:  entry_SYSCALL_64_after_hwframe+0x44/0xa9
> Jun 04 16:58:17 morfikownia kernel: RIP: 0033:0x7f040945ef79
> Jun 04 16:58:17 morfikownia kernel: Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e7 3e 0c 00 f7 d8 64 89 01 48
> Jun 04 16:58:17 morfikownia kernel: RSP: 002b:00007fff1eaee8e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
> Jun 04 16:58:17 morfikownia kernel: RAX: ffffffffffffffda RBX: 00005e56a867eef0 RCX: 00007f040945ef79
> Jun 04 16:58:17 morfikownia kernel: RDX: 0000000000000000 RSI: 00005e56a6eee358 RDI: 0000000000000003
> Jun 04 16:58:17 morfikownia kernel: RBP: 0000000000040000 R08: 0000000000000000 R09: 00005e56a86803f0
> Jun 04 16:58:17 morfikownia kernel: R10: 0000000000000003 R11: 0000000000000246 R12: 00005e56a6eee358
> Jun 04 16:58:17 morfikownia kernel: R13: 0000000000000000 R14: 00005e56a867ee90 R15: 00005e56a867eef0
> Jun 04 16:58:17 morfikownia kernel: INFO: Object 0x000000001f233985 @offset=576
> Jun 04 16:58:17 morfikownia kernel: =============================================================================
> Jun 04 16:58:17 morfikownia kernel: BUG p_ed_pids (Tainted: G    B      O    T): Objects remaining in p_ed_pids on __kmem_cache_shutdown()
> Jun 04 16:58:17 morfikownia kernel: -----------------------------------------------------------------------------
> Jun 04 16:58:17 morfikownia kernel: INFO: Slab 0x00000000b0d6792b objects=32 used=1 fp=0x00000000592cd8d9 flags=0x2ffe00000010200
> Jun 04 16:58:17 morfikownia kernel: CPU: 3 PID: 5515 Comm: modprobe Tainted: G    B      O    T 5.7.0-amd64 #4
> Jun 04 16:58:17 morfikownia kernel: Hardware name: LENOVO 2349BM5/2349BM5, BIOS G1ETC2WW (2.82 ) 08/07/2019
> Jun 04 16:58:17 morfikownia kernel: Call Trace:
> Jun 04 16:58:17 morfikownia kernel:  dump_stack+0x50/0x68
> Jun 04 16:58:17 morfikownia kernel:  slab_err+0xdc/0x103
> Jun 04 16:58:17 morfikownia kernel:  __kmem_cache_shutdown.cold+0x31/0x13a
> Jun 04 16:58:17 morfikownia kernel:  shutdown_cache+0x16/0x1b0
> Jun 04 16:58:17 morfikownia kernel:  kmem_cache_destroy+0x229/0x250
> Jun 04 16:58:17 morfikownia kernel:  p_delete_rb_ed_pids+0x8f/0xb0 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_exploit_detection_exit+0x48/0x60 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_exploit_detection_init+0x339/0x3a0 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_lkrg_register+0x1b0/0x1000 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  ? 0xffffffffc0573000
> Jun 04 16:58:17 morfikownia kernel:  do_one_initcall+0x5b/0x240
> Jun 04 16:58:17 morfikownia kernel:  do_init_module+0x5f/0x230
> Jun 04 16:58:17 morfikownia kernel:  load_module+0x26f7/0x29d0
> Jun 04 16:58:17 morfikownia kernel:  ? __do_sys_finit_module+0xc2/0x120
> Jun 04 16:58:17 morfikownia kernel:  __do_sys_finit_module+0xc2/0x120
> Jun 04 16:58:17 morfikownia kernel:  do_syscall_64+0xa4/0x5e7
> Jun 04 16:58:17 morfikownia kernel:  ? do_syscall_64+0x30/0x5e7
> Jun 04 16:58:17 morfikownia kernel:  entry_SYSCALL_64_after_hwframe+0x44/0xa9
> Jun 04 16:58:17 morfikownia kernel: RIP: 0033:0x7f040945ef79
> Jun 04 16:58:17 morfikownia kernel: Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e7 3e 0c 00 f7 d8 64 89 01 48
> Jun 04 16:58:17 morfikownia kernel: RSP: 002b:00007fff1eaee8e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
> Jun 04 16:58:17 morfikownia kernel: RAX: ffffffffffffffda RBX: 00005e56a867eef0 RCX: 00007f040945ef79
> Jun 04 16:58:17 morfikownia kernel: RDX: 0000000000000000 RSI: 00005e56a6eee358 RDI: 0000000000000003
> Jun 04 16:58:17 morfikownia kernel: RBP: 0000000000040000 R08: 0000000000000000 R09: 00005e56a86803f0
> Jun 04 16:58:17 morfikownia kernel: R10: 0000000000000003 R11: 0000000000000246 R12: 00005e56a6eee358
> Jun 04 16:58:17 morfikownia kernel: R13: 0000000000000000 R14: 00005e56a867ee90 R15: 00005e56a867eef0
> Jun 04 16:58:17 morfikownia kernel: INFO: Object 0x00000000f48c566e @offset=8256
> Jun 04 16:58:17 morfikownia kernel: =============================================================================
> Jun 04 16:58:17 morfikownia kernel: BUG p_ed_pids (Tainted: G    B      O    T): Objects remaining in p_ed_pids on __kmem_cache_shutdown()
> Jun 04 16:58:17 morfikownia kernel: -----------------------------------------------------------------------------
> Jun 04 16:58:17 morfikownia kernel: INFO: Slab 0x00000000bf9211db objects=32 used=1 fp=0x00000000f8602c03 flags=0x2ffe00000010200
> Jun 04 16:58:17 morfikownia kernel: CPU: 3 PID: 5515 Comm: modprobe Tainted: G    B      O    T 5.7.0-amd64 #4
> Jun 04 16:58:17 morfikownia kernel: Hardware name: LENOVO 2349BM5/2349BM5, BIOS G1ETC2WW (2.82 ) 08/07/2019
> Jun 04 16:58:17 morfikownia kernel: Call Trace:
> Jun 04 16:58:17 morfikownia kernel:  dump_stack+0x50/0x68
> Jun 04 16:58:17 morfikownia kernel:  slab_err+0xdc/0x103
> Jun 04 16:58:17 morfikownia kernel:  __kmem_cache_shutdown.cold+0x31/0x13a
> Jun 04 16:58:17 morfikownia kernel:  shutdown_cache+0x16/0x1b0
> Jun 04 16:58:17 morfikownia kernel:  kmem_cache_destroy+0x229/0x250
> Jun 04 16:58:17 morfikownia kernel:  p_delete_rb_ed_pids+0x8f/0xb0 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_exploit_detection_exit+0x48/0x60 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_exploit_detection_init+0x339/0x3a0 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_lkrg_register+0x1b0/0x1000 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  ? 0xffffffffc0573000
> Jun 04 16:58:17 morfikownia kernel:  do_one_initcall+0x5b/0x240
> Jun 04 16:58:17 morfikownia kernel:  do_init_module+0x5f/0x230
> Jun 04 16:58:17 morfikownia kernel:  load_module+0x26f7/0x29d0
> Jun 04 16:58:17 morfikownia kernel:  ? __do_sys_finit_module+0xc2/0x120
> Jun 04 16:58:17 morfikownia kernel:  __do_sys_finit_module+0xc2/0x120
> Jun 04 16:58:17 morfikownia kernel:  do_syscall_64+0xa4/0x5e7
> Jun 04 16:58:17 morfikownia kernel:  ? do_syscall_64+0x30/0x5e7
> Jun 04 16:58:17 morfikownia kernel:  entry_SYSCALL_64_after_hwframe+0x44/0xa9
> Jun 04 16:58:17 morfikownia kernel: RIP: 0033:0x7f040945ef79
> Jun 04 16:58:17 morfikownia kernel: Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e7 3e 0c 00 f7 d8 64 89 01 48
> Jun 04 16:58:17 morfikownia kernel: RSP: 002b:00007fff1eaee8e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
> Jun 04 16:58:17 morfikownia kernel: RAX: ffffffffffffffda RBX: 00005e56a867eef0 RCX: 00007f040945ef79
> Jun 04 16:58:17 morfikownia kernel: RDX: 0000000000000000 RSI: 00005e56a6eee358 RDI: 0000000000000003
> Jun 04 16:58:17 morfikownia kernel: RBP: 0000000000040000 R08: 0000000000000000 R09: 00005e56a86803f0
> Jun 04 16:58:17 morfikownia kernel: R10: 0000000000000003 R11: 0000000000000246 R12: 00005e56a6eee358
> Jun 04 16:58:17 morfikownia kernel: R13: 0000000000000000 R14: 00005e56a867ee90 R15: 00005e56a867eef0
> Jun 04 16:58:17 morfikownia kernel: INFO: Object 0x0000000024be6f4e @offset=5184
> Jun 04 16:58:17 morfikownia kernel: =============================================================================
> Jun 04 16:58:17 morfikownia kernel: BUG p_ed_pids (Tainted: G    B      O    T): Objects remaining in p_ed_pids on __kmem_cache_shutdown()
> Jun 04 16:58:17 morfikownia kernel: -----------------------------------------------------------------------------
> Jun 04 16:58:17 morfikownia kernel: INFO: Slab 0x0000000070a58fc0 objects=32 used=1 fp=0x00000000c1d6cdd8 flags=0x2ffe00000010200
> Jun 04 16:58:17 morfikownia kernel: CPU: 3 PID: 5515 Comm: modprobe Tainted: G    B      O    T 5.7.0-amd64 #4
> Jun 04 16:58:17 morfikownia kernel: Hardware name: LENOVO 2349BM5/2349BM5, BIOS G1ETC2WW (2.82 ) 08/07/2019
> Jun 04 16:58:17 morfikownia kernel: Call Trace:
> Jun 04 16:58:17 morfikownia kernel:  dump_stack+0x50/0x68
> Jun 04 16:58:17 morfikownia kernel:  slab_err+0xdc/0x103
> Jun 04 16:58:17 morfikownia kernel:  __kmem_cache_shutdown.cold+0x31/0x13a
> Jun 04 16:58:17 morfikownia kernel:  shutdown_cache+0x16/0x1b0
> Jun 04 16:58:17 morfikownia kernel:  kmem_cache_destroy+0x229/0x250
> Jun 04 16:58:17 morfikownia kernel:  p_delete_rb_ed_pids+0x8f/0xb0 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_exploit_detection_exit+0x48/0x60 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_exploit_detection_init+0x339/0x3a0 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_lkrg_register+0x1b0/0x1000 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  ? 0xffffffffc0573000
> Jun 04 16:58:17 morfikownia kernel:  do_one_initcall+0x5b/0x240
> Jun 04 16:58:17 morfikownia kernel:  do_init_module+0x5f/0x230
> Jun 04 16:58:17 morfikownia kernel:  load_module+0x26f7/0x29d0
> Jun 04 16:58:17 morfikownia kernel:  ? __do_sys_finit_module+0xc2/0x120
> Jun 04 16:58:17 morfikownia kernel:  __do_sys_finit_module+0xc2/0x120
> Jun 04 16:58:17 morfikownia kernel:  do_syscall_64+0xa4/0x5e7
> Jun 04 16:58:17 morfikownia kernel:  ? do_syscall_64+0x30/0x5e7
> Jun 04 16:58:17 morfikownia kernel:  entry_SYSCALL_64_after_hwframe+0x44/0xa9
> Jun 04 16:58:17 morfikownia kernel: RIP: 0033:0x7f040945ef79
> Jun 04 16:58:17 morfikownia kernel: Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e7 3e 0c 00 f7 d8 64 89 01 48
> Jun 04 16:58:17 morfikownia kernel: RSP: 002b:00007fff1eaee8e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
> Jun 04 16:58:17 morfikownia kernel: RAX: ffffffffffffffda RBX: 00005e56a867eef0 RCX: 00007f040945ef79
> Jun 04 16:58:17 morfikownia kernel: RDX: 0000000000000000 RSI: 00005e56a6eee358 RDI: 0000000000000003
> Jun 04 16:58:17 morfikownia kernel: RBP: 0000000000040000 R08: 0000000000000000 R09: 00005e56a86803f0
> Jun 04 16:58:17 morfikownia kernel: R10: 0000000000000003 R11: 0000000000000246 R12: 00005e56a6eee358
> Jun 04 16:58:17 morfikownia kernel: R13: 0000000000000000 R14: 00005e56a867ee90 R15: 00005e56a867eef0
> Jun 04 16:58:17 morfikownia kernel: INFO: Object 0x0000000002c6ed47 @offset=1088
> Jun 04 16:58:17 morfikownia kernel: kmem_cache_destroy p_ed_pids: Slab cache still has objects
> Jun 04 16:58:17 morfikownia kernel: CPU: 3 PID: 5515 Comm: modprobe Tainted: G    B      O    T 5.7.0-amd64 #4
> Jun 04 16:58:17 morfikownia kernel: Hardware name: LENOVO 2349BM5/2349BM5, BIOS G1ETC2WW (2.82 ) 08/07/2019
> Jun 04 16:58:17 morfikownia kernel: Call Trace:
> Jun 04 16:58:17 morfikownia kernel:  dump_stack+0x50/0x68
> Jun 04 16:58:17 morfikownia kernel:  kmem_cache_destroy.cold+0x15/0x1a
> Jun 04 16:58:17 morfikownia kernel:  p_delete_rb_ed_pids+0x8f/0xb0 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_exploit_detection_exit+0x48/0x60 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_exploit_detection_init+0x339/0x3a0 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  p_lkrg_register+0x1b0/0x1000 [p_lkrg]
> Jun 04 16:58:17 morfikownia kernel:  ? 0xffffffffc0573000
> Jun 04 16:58:17 morfikownia kernel:  do_one_initcall+0x5b/0x240
> Jun 04 16:58:17 morfikownia kernel:  do_init_module+0x5f/0x230
> Jun 04 16:58:17 morfikownia kernel:  load_module+0x26f7/0x29d0
> Jun 04 16:58:17 morfikownia kernel:  ? __do_sys_finit_module+0xc2/0x120
> Jun 04 16:58:17 morfikownia kernel:  __do_sys_finit_module+0xc2/0x120
> Jun 04 16:58:17 morfikownia kernel:  do_syscall_64+0xa4/0x5e7
> Jun 04 16:58:17 morfikownia kernel:  ? do_syscall_64+0x30/0x5e7
> Jun 04 16:58:17 morfikownia kernel:  entry_SYSCALL_64_after_hwframe+0x44/0xa9
> Jun 04 16:58:17 morfikownia kernel: RIP: 0033:0x7f040945ef79
> Jun 04 16:58:17 morfikownia kernel: Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e7 3e 0c 00 f7 d8 64 89 01 48
> Jun 04 16:58:17 morfikownia kernel: RSP: 002b:00007fff1eaee8e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
> Jun 04 16:58:17 morfikownia kernel: RAX: ffffffffffffffda RBX: 00005e56a867eef0 RCX: 00007f040945ef79
> Jun 04 16:58:17 morfikownia kernel: RDX: 0000000000000000 RSI: 00005e56a6eee358 RDI: 0000000000000003
> Jun 04 16:58:17 morfikownia kernel: RBP: 0000000000040000 R08: 0000000000000000 R09: 00005e56a86803f0
> Jun 04 16:58:17 morfikownia kernel: R10: 0000000000000003 R11: 0000000000000246 R12: 00005e56a6eee358
> Jun 04 16:58:17 morfikownia kernel: R13: 0000000000000000 R14: 00005e56a867ee90 R15: 00005e56a867eef0
> Jun 04 16:58:17 morfikownia kernel: [p_lkrg] Can't initialize exploit detection features! Exiting...
> Jun 04 16:58:17 morfikownia kernel: OOM killer enabled.
> Jun 04 16:58:17 morfikownia kernel: Restarting tasks ... done.
> 
> 
> 




-- 
pi3 (pi3ki31ny) - pi3 (at) itsec pl
http://pi3.com.pl

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.