Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200608205515.GA19026@pi3.com.pl>
Date: Mon, 8 Jun 2020 22:55:15 +0200
From: Adam Zabrocki <pi3@....com.pl>
To: lkrg-users@...ts.openwall.com
Subject: Re: modprobe: ERROR: could not insert 'p_lkrg': No
 buffer space available

Hi,

I believe I've replied to your private email which you've sent to me. However, 
I'm pasting it here as well:

--- CUT ---
Hi,

It looks like you have very non-standard kernel. LKRG can't find the function
"ttwu_do_wakeup" (which is not normal). You can manually verify availability of
that symbol by running the following command:

# uname -a
Linux pi3 5.7.0-050700-generic #202005312130 SMP Mon Jun 1 01:33:12 UTC 2020 
x86_64 x86_64 x86_64 GNU/Linux
# cat /proc/kallsyms |grep ttwu_do_wakeup
ffffffff912ddd50 t ttwu_do_wakeup
#

As you can see this function is normally visible in all kernels (including 
5.7).
Please also share your .config file.

Thanks,
Adam
--- CUT ---

Nevertheless, I've spent significant amount of time (on the weekend) on the 
problem. I strongly believe that you have ISRA version of such function. Here 
are some of the notes:

 - You have enforced an aggrsesive ISLA gcc optimization
 - Compiler decided to rewrote "ttwu_do_wakeup" function (using ISLA 
optimization) and as a results, such function changed original definition. To 
avoid confusion, compiler gave to that function different name/symbol: 
"ttwu_do_wakeup.isla.N" where N is a number.
 - I've verified various kernels from the various distros and none of them has 
compiled kernel where ISLA modified "ttwu_do_wakeup".
 - I've spent some time to manually generate such kernel and I was able to 
created ISLA optimized "ttwu_do_wakeup". However, it is not easy :)

Please confirm that you indeed has ISRA version of "ttwu_do_wakeup".

I did analyze the generated ISRA optimized function from the binary level. 
Function signature is different and that's why such optimization changes the 
name.
However, the essentials from LKRG perspective is the same so as a temporary 
workaround you can apply this simple patch:

    diff --git a/src/modules/exploit_detection/syscalls/p_ttwu_do_wakeup/p_ttwu_do_wakeup.c b/src/modules/exploit_detection/syscalls/p_ttwu_do_wakeup/p_ttwu_do_wakeup.c
    index 186516b..f39724b 100644
    --- a/src/modules/exploit_detection/syscalls/p_ttwu_do_wakeup/p_ttwu_do_wakeup.c
    +++ b/src/modules/exploit_detection/syscalls/p_ttwu_do_wakeup/p_ttwu_do_wakeup.c
    @@ -24,7 +24,7 @@
     char p_ttwu_do_wakeup_kretprobe_state = 0x0;

     static struct kretprobe p_ttwu_do_wakeup_kretprobe = {
    -    .kp.symbol_name = "ttwu_do_wakeup",
    +    .kp.symbol_name = "ttwu_do_wakeup.isra.0",
         .handler = p_ttwu_do_wakeup_ret,
         .entry_handler = p_ttwu_do_wakeup_entry,
         .data_size = sizeof(struct p_ttwu_do_wakeup_data),

However, replace the number in the ISRA function name ("ttwu_do_wakeup.isra.0") 
with the correct one for your kernel.

Together with Mariusz we are looking for more general solution. We might also 
skip placing such hook if ISRA optimization is detected. However, for now we 
might try to just dynamically extract newly generated name in case of ISRA 
optimization.

Thanks,
Adam



On Mon, Jun 08, 2020 at 11:37:32AM +0200, Jacek wrote:
> Hi
> 
> How do I fix the error below:
> 
> Modprobe:
> 
> # root ~> modprobe -v p_lkrg
> insmod /lib/modules/5.7.1-g2/extra/p_lkrg.ko
> modprobe: ERROR: could not insert 'p_lkrg': No buffer space available
> 
> Kern.log:
> 
> Jun 8 11:24:42 domek kernel: [ 2436.867801] [p_lkrg] Loading LKRG...
> Jun 8 11:24:42 domek kernel: [ 2436.867803] [p_lkrg] System does NOT
> support SMAP. LKRG can't enforce SMAP validation :(
> Jun 8 11:24:51 domek kernel: [ 2436.879612] Freezing user space
> processes ... (elapsed 0.002 seconds) done.
> Jun 8 11:24:51 domek kernel: [ 2436.881800] OOM killer disabled.
> Jun 8 11:24:51 domek kernel: [ 2436.881823] [p_lkrg] 4/23 UMH paths were
> whitelisted...
> Jun 8 11:24:51 domek kernel: [ 2440.610874] [p_lkrg] [kretprobe]
> register_kretprobe() for <ttwu_do_wakeup> failed! [err=-22]
> Jun 8 11:24:51 domek kernel: [ 2440.610875] [p_lkrg] ERROR: Can't hook
> ttwu_do_wakeup :(
> Jun 8 11:24:51 domek kernel: [ 2446.249901] [p_lkrg] Can't initialize
> exploit detection features! Exiting...
> Jun 8 11:24:51 domek kernel: [ 2446.273798] OOM killer enabled.
> Jun 8 11:24:51 domek kernel: [ 2446.273801] Restarting tasks ... done.
> 
> 
> LKRG build log:
> 
> # root ~> cd /ssdtmp/lkrg-main/
> 
> # G1 Gentu?? ### pon cze 08 11:21:33 domek : /ssdtmp/lkrg-main
> # root ~> make clean
> make -C /lib/modules/5.7.1-g2/build M=/ssdtmp/lkrg-main clean
> make[1]: Wej??cie do katalogu
> '/ssdtmp/fabryka/kernel/src64/linux-5.7.1-gentoo'
> CLEAN /ssdtmp/lkrg-main/Module.symvers
> make[1]: Opuszczenie katalogu
> '/ssdtmp/fabryka/kernel/src64/linux-5.7.1-gentoo'
> rm -f Module.markers modules.order
> rm -f /ssdtmp/lkrg-main/src/modules/kmod/client/kmod/Module.markers
> rm -f /ssdtmp/lkrg-main/src/modules/kmod/client/kmod/modules.order
> rm -f -rf output
> 
> # G1 Gentu?? ### pon cze 08 11:21:38 domek : /ssdtmp/lkrg-main
> # root ~> date
> pon, 8 cze 2020, 11:21:43 CEST
> 
> # G1 Gentu?? ### pon cze 08 11:21:43 domek : /ssdtmp/lkrg-main
> # root ~> git pull
> Already up to date.
> 
> # G1 Gentu?? ### pon cze 08 11:21:47 domek : /ssdtmp/lkrg-main
> # root ~> make
> make -C /lib/modules/5.7.1-g2/build M=/ssdtmp/lkrg-main modules
> make[1]: Wej??cie do katalogu
> '/ssdtmp/fabryka/kernel/src64/linux-5.7.1-gentoo'
> CC [M] /ssdtmp/lkrg-main/src/modules/ksyms/p_resolve_ksym.o
> /ssdtmp/lkrg-main/src/modules/ksyms/p_resolve_ksym.c: In function
> ???get_kallsyms_address???:
> /ssdtmp/lkrg-main/src/modules/ksyms/p_resolve_ksym.c:48:18: note: byref
> variable will be forcibly initialized
> 48 | struct kprobe p_kprobe;
> | ^~~~~~~~
> CC [M] /ssdtmp/lkrg-main/src/modules/hashing/p_lkrg_fast_hash.o
> /ssdtmp/lkrg-main/src/modules/hashing/p_lkrg_fast_hash.c: In function
> ???p_lkrg_fast_hash???:
> /ssdtmp/lkrg-main/src/modules/hashing/p_lkrg_fast_hash.c:31:13: note:
> byref variable will be forcibly initialized
> 31 | uint64_t p_tmp = 0x0;
> | ^~~~~
> CC [M] /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.o
> In file included from
> /ssdtmp/lkrg-main/src/modules/comm_channel/../../p_lkrg_main.h:225,
> from /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c:18:
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c: In function
> ???p_lkrg_open_rw???:
> /ssdtmp/lkrg-main/src/modules/comm_channel/../../modules/wrap/p_struct_wrap.h:340:20:
> note: byref variable will be forcibly initialized
> 340 | static inline void p_lkrg_open_rw(void) {
> | ^~~~~~~~~~~~~~
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c: In function
> ???p_lkrg_close_rw???:
> /ssdtmp/lkrg-main/src/modules/comm_channel/../../modules/wrap/p_struct_wrap.h:349:20:
> note: byref variable will be forcibly initialized
> 349 | static inline void p_lkrg_close_rw(void) {
> | ^~~~~~~~~~~~~~~
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c: In function
> ???p_sysctl_pcfi_enforce???:
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c:1032:10:
> note: byref variable will be forcibly initialized
> 1032 | char *p_str[] = {
> | ^~~~~
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c: In function
> ???p_sysctl_umh_enforce???:
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c:911:10:
> note: byref variable will be forcibly initialized
> 911 | char *p_str[] = {
> | ^~~~~
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c: In function
> ???p_sysctl_pint_enforce???:
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c:483:10:
> note: byref variable will be forcibly initialized
> 483 | char *p_str[] = {
> | ^~~~~
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c: In function
> ???p_sysctl_pint_validate???:
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c:444:10:
> note: byref variable will be forcibly initialized
> 444 | char *p_str[] = {
> | ^~~~~
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c: In function
> ???p_sysctl_kint_enforce???:
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c:397:10:
> note: byref variable will be forcibly initialized
> 397 | char *p_str[] = {
> | ^~~~~
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c: In function
> ???p_sysctl_kint_validate???:
> /ssdtmp/lkrg-main/src/modules/comm_channel/p_comm_channel.c:352:10:
> note: byref variable will be forcibly initialized
> 352 | char *p_str[] = {
> | ^~~~~
> CC [M] /ssdtmp/lkrg-main/src/modules/integrity_timer/p_integrity_timer.o
> /ssdtmp/lkrg-main/src/modules/integrity_timer/p_integrity_timer.c: In
> function ???p_check_integrity???:
> /ssdtmp/lkrg-main/src/modules/integrity_timer/p_integrity_timer.c:157:23:
> note: byref variable will be forcibly initialized
> 157 | p_module_kobj_mem *p_module_kobj_tmp = NULL;
> | ^~~~~~~~~~~~~~~~~
> /ssdtmp/lkrg-main/src/modules/integrity_timer/p_integrity_timer.c:156:23:
> note: byref variable will be forcibly initialized
> 156 | p_module_list_mem *p_module_list_tmp = NULL;
> | ^~~~~~~~~~~~~~~~~
> /ssdtmp/lkrg-main/src/modules/integrity_timer/p_integrity_timer.c:155:17:
> note: byref variable will be forcibly initialized
> 155 | unsigned int p_module_kobj_nr_tmp; // Count by walk through the
> list first
> | ^~~~~~~~~~~~~~~~~~~~
> /ssdtmp/lkrg-main/src/modules/integrity_timer/p_integrity_timer.c:154:17:
> note: byref variable will be forcibly initialized
> 154 | unsigned int p_module_list_nr_tmp; // Count by walk through the
> list first
> | ^~~~~~~~~~~~~~~~~~~~
> /ssdtmp/lkrg-main/src/modules/integrity_timer/p_integrity_timer.c:152:15:
> note: byref variable will be forcibly initialized
> 152 | p_cpu_info p_tmp_cpu_info;
> | ^~~~~~~~~~~~~~
> CC [M] /ssdtmp/lkrg-main/src/modules/kmod/p_kmod.o
> CC [M] /ssdtmp/lkrg-main/src/modules/database/CPU.o
> CC [M] /ssdtmp/lkrg-main/src/modules/database/arch/x86/p_x86_metadata.o
> /ssdtmp/lkrg-main/src/modules/database/arch/x86/p_x86_metadata.c: In
> function ???p_dump_x86_metadata???:
> /ssdtmp/lkrg-main/src/modules/database/arch/x86/p_x86_metadata.c:84:18:
> note: byref variable will be forcibly initialized
> 84 | unsigned char p_idtr[0xA];
> | ^~~~~~
> CC [M]
> /ssdtmp/lkrg-main/src/modules/database/arch/x86/p_switch_idt/p_switch_idt.o
> CC [M] /ssdtmp/lkrg-main/src/modules/database/arch/arm64/p_arm64_metadata.o
> CC [M] /ssdtmp/lkrg-main/src/modules/database/arch/arm/p_arm_metadata.o
> CC [M] /ssdtmp/lkrg-main/src/modules/database/arch/p_arch_metadata.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/database/JUMP_LABEL/p_arch_jump_label_transform/p_arch_jump_label_transform.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/database/JUMP_LABEL/p_arch_jump_label_transform_apply/p_arch_jump_label_transform_apply.o
> CC [M] /ssdtmp/lkrg-main/src/modules/database/p_database.o
> CC [M] /ssdtmp/lkrg-main/src/modules/notifiers/p_notifiers.o
> CC [M] /ssdtmp/lkrg-main/src/modules/self-defense/hiding/p_hiding.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/p_rb_ed_trees/p_rb_ed_pids/p_rb_ed_pids_tree.o
> CC [M] /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_install.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_execve/p_sys_execve.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_execveat/p_sys_execveat.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.o
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c:
> In function ???p_check_if_file_exists???:
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c:78:16:
> note: byref variable will be forcibly initialized
> 78 | struct path p_path;
> | ^~~~~~
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c:
> In function ???p_call_usermodehelper_entry???:
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c:120:5:
> note: byref variable will be forcibly initialized
> 120 | int p_call_usermodehelper_entry(struct kretprobe_instance *p_ri,
> struct pt_regs *p_regs) {
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c:120:5:
> note: byref variable will be forcibly initialized
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_call_usermodehelper_exec/p_call_usermodehelper_exec.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_do_exit/p_do_exit.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_wake_up_new_task/p_wake_up_new_task.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_setuid/p_sys_setuid.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_setreuid/p_sys_setreuid.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_setresuid/p_sys_setresuid.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_setfsuid/p_sys_setfsuid.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_setgid/p_sys_setgid.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_setregid/p_sys_setregid.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_setresgid/p_sys_setresgid.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_setfsgid/p_sys_setfsgid.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_set_current_groups/p_set_current_groups.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_do_init_module/p_do_init_module.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_finit_module/p_sys_finit_module.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_delete_module/p_sys_delete_module.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_generic_permission/p_generic_permission.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sel_write_enforce/p_sel_write_enforce.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_seccomp/p_seccomp.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_unshare/p_sys_unshare.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_setns/p_sys_setns.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/caps/p_sys_capset/p_sys_capset.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/caps/p_cap_task_prctl/p_cap_task_prctl.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/keyring/p_key_change_session_keyring/p_key_change_session_keyring.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/keyring/p_sys_add_key/p_sys_add_key.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/keyring/p_sys_request_key/p_sys_request_key.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/keyring/p_sys_keyctl/p_sys_keyctl.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_sys_ptrace/p_sys_ptrace.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/compat/p_compat_sys_execve/p_compat_sys_execve.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/compat/p_compat_sys_execveat/p_compat_sys_execveat.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/compat/p_compat_sys_keyctl/p_compat_sys_keyctl.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/compat/p_compat_sys_ptrace/p_compat_sys_ptrace.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/compat/p_compat_sys_delete_module/p_compat_sys_delete_module.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/compat/p_compat_sys_capset/p_compat_sys_capset.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/compat/p_compat_sys_add_key/p_compat_sys_add_key.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/compat/p_compat_sys_request_key/p_compat_sys_request_key.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/__x32/p_x32_sys_execve/p_x32_sys_execve.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/__x32/p_x32_sys_execveat/p_x32_sys_execveat.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/__x32/p_x32_sys_keyctl/p_x32_sys_keyctl.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/__x32/p_x32_sys_ptrace/p_x32_sys_ptrace.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/override/p_override_creds/p_override_creds.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/override/p_revert_creds/p_revert_creds.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/override/overlayfs/p_ovl_create_or_link/p_ovl_create_or_link.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/pCFI/p_mark_inode_dirty/p_mark_inode_dirty.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/pCFI/p_schedule/p_schedule.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/pCFI/p___queue_work/p___queue_work.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/pCFI/p_lookup_fast/p_lookup_fast.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_ttwu_do_wakeup/p_ttwu_do_wakeup.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_capable/p_capable.o
> CC [M]
> /ssdtmp/lkrg-main/src/modules/exploit_detection/syscalls/p_scm_send/p_scm_send.o
> CC [M] /ssdtmp/lkrg-main/src/modules/exploit_detection/p_exploit_detection.o
> /ssdtmp/lkrg-main/src/modules/exploit_detection/p_exploit_detection.c:
> In function ???p_cmp_tasks???:
> /ssdtmp/lkrg-main/src/modules/exploit_detection/p_exploit_detection.c:713:8:
> note: byref variable will be forcibly initialized
> 713 | int p_ret = 0x0;
> | ^~~~~
> /ssdtmp/lkrg-main/src/modules/exploit_detection/p_exploit_detection.c:
> In function ???p_ed_enforce_pcfi???:
> /ssdtmp/lkrg-main/src/modules/exploit_detection/p_exploit_detection.c:1395:9:
> note: byref variable will be forcibly initialized
> 1395 | char p_sym1[KSYM_SYMBOL_LEN];
> | ^~~~~~
> /ssdtmp/lkrg-main/src/modules/exploit_detection/p_exploit_detection.c:1383:24:
> note: byref variable will be forcibly initialized
> 1383 | struct unwind_state p_state;
> | ^~~~~~~
> CC [M] /ssdtmp/lkrg-main/src/p_lkrg_main.o
> /ssdtmp/lkrg-main/src/p_lkrg_main.c: In function ???p_init_page_attr???:
> /ssdtmp/lkrg-main/src/p_lkrg_main.c:89:6: note: byref variable will be
> forcibly initialized
> 89 | void p_init_page_attr(void) {
> | ^~~~~~~~~~~~~~~~
> /ssdtmp/lkrg-main/src/p_lkrg_main.c:89:6: note: byref variable will be
> forcibly initialized
> /ssdtmp/lkrg-main/src/p_lkrg_main.c:89:6: note: byref variable will be
> forcibly initialized
> /ssdtmp/lkrg-main/src/p_lkrg_main.c: In function ???p_uninit_page_attr???:
> /ssdtmp/lkrg-main/src/p_lkrg_main.c:158:6: note: byref variable will be
> forcibly initialized
> 158 | void p_uninit_page_attr(void) {
> | ^~~~~~~~~~~~~~~~~~
> /ssdtmp/lkrg-main/src/p_lkrg_main.c:158:6: note: byref variable will be
> forcibly initialized
> /ssdtmp/lkrg-main/src/p_lkrg_main.c:158:6: note: byref variable will be
> forcibly initialized
> /ssdtmp/lkrg-main/src/p_lkrg_main.c:158:6: note: byref variable will be
> forcibly initialized
> /ssdtmp/lkrg-main/src/p_lkrg_main.c:158:6: note: byref variable will be
> forcibly initialized
> LD [M] /ssdtmp/lkrg-main/p_lkrg.o
> MODPOST 1 modules
> CC [M] /ssdtmp/lkrg-main/p_lkrg.mod.o
> LD [M] /ssdtmp/lkrg-main/p_lkrg.ko
> make[1]: Opuszczenie katalogu
> '/ssdtmp/fabryka/kernel/src64/linux-5.7.1-gentoo'
> mkdir -p output
> cp /ssdtmp/lkrg-main/p_lkrg.ko output
> 
> # G1 Gentu?? ###   pon cze 08 11:36:13  domek : /ssdtmp/lkrg-main
> 
> # root ~> make install
> make -C /lib/modules/5.7.1-g2/build M=/ssdtmp/lkrg-main modules_install
> make[1]: Wej??cie do katalogu
> '/ssdtmp/fabryka/kernel/src64/linux-5.7.1-gentoo'
>   INSTALL /ssdtmp/lkrg-main/p_lkrg.ko
>   DEPMOD  5.7.1-g2
> make[1]: Opuszczenie katalogu
> '/ssdtmp/fabryka/kernel/src64/linux-5.7.1-gentoo'
> depmod -a
> /ssdtmp/lkrg-main/scripts/bootup/lkrg-bootup.sh install
>  [*] Executing LKRG's bootup installation script
>   [-] Unsupported init system: not systemd or not running as root?
> 
> # G1 Gentu?? ### pon cze 08 11:22:28 domek : /ssdtmp/lkrg-main
> 
> # root ~> modinfo p_lkrg
> filename: /lib/modules/5.7.1-g2/extra/p_lkrg.ko
> license: GPL v2
> description: pi3's Linux kernel Runtime Guard
> author: Adam 'pi3' Zabrocki (http://pi3.com.pl)
> srcversion: B1DF6F54F2541DEC0B0408B
> depends: retpoline: Y
> name: p_lkrg
> vermagic: 5.7.1-g2 SMP preempt mod_unload modversions
> RANDSTRUCT_PLUGIN_9a899239afa4ac2dd0153baa26691533355fb37a0e07c11aa4bd908bdc6e7a43
> sig_id: PKCS#7
> signer: sig_key: sig_hashalgo: unknown
> signature: parm: log_level:log_level [3 (warn) is default] (uint)
> parm: heartbeat:heartbeat [0 (don't print) is default] (uint)
> parm: block_modules:block_modules [0 (don't block) is default] (uint)
> parm: interval:interval [15 seconds is default] (uint)
> parm: kint_validate:kint_validate [3 (periodically + random events) is
> default] (uint)
> parm: kint_enforce:kint_enforce [2 (panic) is default] (uint)
> parm: msr_validate:msr_validate [1 (enabled) is default] (uint)
> parm: pint_validate:pint_validate [2 (current + waking_up) is default]
> (uint)
> parm: pint_enforce:pint_enforce [1 (kill task) is default] (uint)
> parm: umh_validate:umh_validate [1 (whitelist UMH paths) is default] (uint)
> parm: umh_enforce:umh_enforce [1 (prevent execution) is default] (uint)
> parm: pcfi_validate:pcfi_validate [2 (fully enabled pCFI) is default] (uint)
> parm: pcfi_enforce:pcfi_enforce [1 (kill task) is default] (uint)
> parm: smep_validate:smep_validate [1 (enabled) is default] (uint)
> parm: smep_enforce:smep_enforce [2 (panic) is default] (uint)
> parm: smap_validate:smap_validate [1 (enabled) is default] (uint)
> parm: smap_enforce:smap_enforce [2 (panic) is default] (uint)
> 
> Cheers
> 
> 




-- 
pi3 (pi3ki31ny) - pi3 (at) itsec pl
http://pi3.com.pl

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.