|
Message-ID: <b2d3482e-3529-d57f-fdc5-c4b2a03b3e1e@gmail.com>
Date: Tue, 9 Jun 2020 09:33:56 +0200
From: Mikhail Morfikov <mmorfikov@...il.com>
To: lkrg-users@...ts.openwall.com
Subject: Issues with GCC 10
I've just built my kernel with gcc 10 (10.1.0-3 in Debian), and it looks like
the LKRG module doesn't work well with such kernel. LKRG builds, but it
doesn't work:
# make
make -C /lib/modules/5.7.1-amd64/build M=/usr/src/lkrg-0.7+git20200604 modules
make[1]: Entering directory '/usr/src/linux-headers-5.7.1-amd64'
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/ksyms/p_resolve_ksym.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/hashing/p_lkrg_fast_hash.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/comm_channel/p_comm_channel.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/integrity_timer/p_integrity_timer.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/kmod/p_kmod.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/database/CPU.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/database/arch/x86/p_x86_metadata.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/database/arch/x86/p_switch_idt/p_switch_idt.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/database/arch/arm64/p_arm64_metadata.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/database/arch/arm/p_arm_metadata.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/database/arch/p_arch_metadata.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/database/JUMP_LABEL/p_arch_jump_label_transform/p_arch_jump_label_transform.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/database/JUMP_LABEL/p_arch_jump_label_transform_apply/p_arch_jump_label_transform_apply.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/database/p_database.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/notifiers/p_notifiers.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/self-defense/hiding/p_hiding.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/p_rb_ed_trees/p_rb_ed_pids/p_rb_ed_pids_tree.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_install.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_execve/p_sys_execve.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_execveat/p_sys_execveat.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_call_usermodehelper_exec/p_call_usermodehelper_exec.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_do_exit/p_do_exit.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_wake_up_new_task/p_wake_up_new_task.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_setuid/p_sys_setuid.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_setreuid/p_sys_setreuid.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_setresuid/p_sys_setresuid.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_setfsuid/p_sys_setfsuid.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_setgid/p_sys_setgid.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_setregid/p_sys_setregid.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_setresgid/p_sys_setresgid.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_setfsgid/p_sys_setfsgid.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_set_current_groups/p_set_current_groups.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_do_init_module/p_do_init_module.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_finit_module/p_sys_finit_module.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_delete_module/p_sys_delete_module.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_generic_permission/p_generic_permission.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sel_write_enforce/p_sel_write_enforce.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_seccomp/p_seccomp.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_unshare/p_sys_unshare.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_setns/p_sys_setns.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/caps/p_sys_capset/p_sys_capset.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/caps/p_cap_task_prctl/p_cap_task_prctl.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/keyring/p_key_change_session_keyring/p_key_change_session_keyring.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/keyring/p_sys_add_key/p_sys_add_key.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/keyring/p_sys_request_key/p_sys_request_key.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/keyring/p_sys_keyctl/p_sys_keyctl.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_sys_ptrace/p_sys_ptrace.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/compat/p_compat_sys_execve/p_compat_sys_execve.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/compat/p_compat_sys_execveat/p_compat_sys_execveat.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/compat/p_compat_sys_keyctl/p_compat_sys_keyctl.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/compat/p_compat_sys_ptrace/p_compat_sys_ptrace.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/compat/p_compat_sys_delete_module/p_compat_sys_delete_module.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/compat/p_compat_sys_capset/p_compat_sys_capset.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/compat/p_compat_sys_add_key/p_compat_sys_add_key.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/compat/p_compat_sys_request_key/p_compat_sys_request_key.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/__x32/p_x32_sys_execve/p_x32_sys_execve.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/__x32/p_x32_sys_execveat/p_x32_sys_execveat.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/__x32/p_x32_sys_keyctl/p_x32_sys_keyctl.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/__x32/p_x32_sys_ptrace/p_x32_sys_ptrace.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/override/p_override_creds/p_override_creds.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/override/p_revert_creds/p_revert_creds.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/override/overlayfs/p_ovl_create_or_link/p_ovl_create_or_link.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/pCFI/p_mark_inode_dirty/p_mark_inode_dirty.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/pCFI/p_schedule/p_schedule.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/pCFI/p___queue_work/p___queue_work.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/pCFI/p_lookup_fast/p_lookup_fast.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_ttwu_do_wakeup/p_ttwu_do_wakeup.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_capable/p_capable.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/syscalls/p_scm_send/p_scm_send.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/modules/exploit_detection/p_exploit_detection.o
CC [M] /usr/src/lkrg-0.7+git20200604/src/p_lkrg_main.o
LD [M] /usr/src/lkrg-0.7+git20200604/p_lkrg.o
MODPOST 1 modules
CC [M] /usr/src/lkrg-0.7+git20200604/p_lkrg.mod.o
LD [M] /usr/src/lkrg-0.7+git20200604/p_lkrg.ko
make[1]: Leaving directory '/usr/src/linux-headers-5.7.1-amd64'
mkdir -p output
cp /usr/src/lkrg-0.7+git20200604/p_lkrg.ko output
# modprobe -v p_lkrg
insmod /lib/modules/5.7.1-amd64/updates/dkms/p_lkrg.ko
modprobe: ERROR: could not insert 'p_lkrg': No buffer space available
And in the syslog I get the following:
Jun 09 09:14:19 morfikownia kernel: [p_lkrg] Loading LKRG...
Jun 09 09:14:19 morfikownia kernel: [p_lkrg] System does NOT support SMAP. LKRG can't enforce SMAP validation :(
Jun 09 09:14:19 morfikownia systemd-udevd[1134]: Network interface NamePolicy= disabled on kernel command line, ignoring.
Jun 09 09:14:20 morfikownia kernel: Freezing user space processes ... (elapsed 0.045 seconds) done.
Jun 09 09:14:20 morfikownia kernel: OOM killer disabled.
Jun 09 09:14:20 morfikownia kernel: [p_lkrg] 8/23 UMH paths were whitelisted...
Jun 09 09:14:20 morfikownia kernel: [p_lkrg] [kretprobe] register_kretprobe() for <lookup_fast> failed! [err=-22]
Jun 09 09:14:20 morfikownia kernel: [p_lkrg] ERROR: Can't hook pcfi_lookup_fast :(
Jun 09 09:14:20 morfikownia kernel: =============================================================================
Jun 09 09:14:20 morfikownia kernel: BUG p_ed_pids (Tainted: G O T): Objects remaining in p_ed_pids on __kmem_cache_shutdown()
Jun 09 09:14:20 morfikownia kernel: -----------------------------------------------------------------------------
Jun 09 09:14:20 morfikownia kernel: Disabling lock debugging due to kernel taint
Jun 09 09:14:20 morfikownia kernel: INFO: Slab 0x000000003920626f objects=32 used=1 fp=0x00000000a9438583 flags=0x2ffe00000010200
Jun 09 09:14:20 morfikownia kernel: CPU: 2 PID: 7461 Comm: modprobe Tainted: G B O T 5.7.1-amd64 #2
Jun 09 09:14:20 morfikownia kernel: Hardware name: LENOVO 2349BM5/2349BM5, BIOS G1ETC2WW (2.82 ) 08/07/2019
Jun 09 09:14:20 morfikownia kernel: Call Trace:
Jun 09 09:14:20 morfikownia kernel: dump_stack+0x50/0x68
Jun 09 09:14:20 morfikownia kernel: slab_err+0xdc/0x103
Jun 09 09:14:20 morfikownia kernel: ? slub_cpu_dead+0x90/0x90
Jun 09 09:14:20 morfikownia kernel: __kmem_cache_shutdown.cold+0x31/0x156
Jun 09 09:14:20 morfikownia kernel: shutdown_cache+0x16/0x1b0
Jun 09 09:14:20 morfikownia kernel: kmem_cache_destroy+0x237/0x270
Jun 09 09:14:20 morfikownia kernel: p_delete_rb_ed_pids+0x8f/0xb0 [p_lkrg]
Jun 09 09:14:20 morfikownia kernel: p_exploit_detection_exit+0x3e/0x60 [p_lkrg]
Jun 09 09:14:20 morfikownia kernel: p_exploit_detection_init+0x321/0x390 [p_lkrg]
Jun 09 09:14:20 morfikownia kernel: p_lkrg_register+0x1b0/0x1000 [p_lkrg]
Jun 09 09:14:20 morfikownia kernel: ? 0xffffffffc04d8000
Jun 09 09:14:20 morfikownia kernel: do_one_initcall+0x5b/0x240
Jun 09 09:14:20 morfikownia kernel: do_init_module+0x5f/0x260
Jun 09 09:14:20 morfikownia kernel: load_module+0x2075/0x2300
Jun 09 09:14:20 morfikownia kernel: __do_sys_finit_module+0xc4/0x120
Jun 09 09:14:20 morfikownia kernel: do_syscall_64+0xa2/0x334
Jun 09 09:14:20 morfikownia kernel: ? do_syscall_64+0x2e/0x334
Jun 09 09:14:20 morfikownia kernel: entry_SYSCALL_64_after_hwframe+0x44/0xa9
Jun 09 09:14:20 morfikownia kernel: RIP: 0033:0x7bd970d22f79
Jun 09 09:14:20 morfikownia kernel: Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e7 3e 0c 00 f7 d8 64 89 01 48
Jun 09 09:14:20 morfikownia kernel: RSP: 002b:00007ffc63a1c178 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
Jun 09 09:14:20 morfikownia kernel: RAX: ffffffffffffffda RBX: 0000574d246ecec0 RCX: 00007bd970d22f79
Jun 09 09:14:20 morfikownia kernel: RDX: 0000000000000000 RSI: 0000574d23be5358 RDI: 0000000000000003
Jun 09 09:14:20 morfikownia kernel: RBP: 0000000000040000 R08: 0000000000000000 R09: 0000574d246ee3d0
Jun 09 09:14:20 morfikownia kernel: R10: 0000000000000003 R11: 0000000000000246 R12: 0000574d23be5358
Jun 09 09:14:20 morfikownia kernel: R13: 0000000000000000 R14: 0000574d246ece60 R15: 0000574d246ecec0
Jun 09 09:14:20 morfikownia kernel: INFO: Object 0x000000008f8e6020 @offset=10816
Jun 09 09:14:20 morfikownia kernel: kmem_cache_destroy p_ed_pids: Slab cache still has objects
Jun 09 09:14:20 morfikownia kernel: CPU: 2 PID: 7461 Comm: modprobe Tainted: G B O T 5.7.1-amd64 #2
Jun 09 09:14:20 morfikownia kernel: Hardware name: LENOVO 2349BM5/2349BM5, BIOS G1ETC2WW (2.82 ) 08/07/2019
Jun 09 09:14:20 morfikownia kernel: Call Trace:
Jun 09 09:14:20 morfikownia kernel: dump_stack+0x50/0x68
Jun 09 09:14:20 morfikownia kernel: kmem_cache_destroy.cold+0x16/0x1b
Jun 09 09:14:20 morfikownia kernel: p_delete_rb_ed_pids+0x8f/0xb0 [p_lkrg]
Jun 09 09:14:20 morfikownia kernel: p_exploit_detection_exit+0x3e/0x60 [p_lkrg]
Jun 09 09:14:20 morfikownia kernel: p_exploit_detection_init+0x321/0x390 [p_lkrg]
Jun 09 09:14:20 morfikownia kernel: p_lkrg_register+0x1b0/0x1000 [p_lkrg]
Jun 09 09:14:20 morfikownia kernel: ? 0xffffffffc04d8000
Jun 09 09:14:20 morfikownia kernel: do_one_initcall+0x5b/0x240
Jun 09 09:14:20 morfikownia kernel: do_init_module+0x5f/0x260
Jun 09 09:14:20 morfikownia kernel: load_module+0x2075/0x2300
Jun 09 09:14:20 morfikownia kernel: __do_sys_finit_module+0xc4/0x120
Jun 09 09:14:20 morfikownia kernel: do_syscall_64+0xa2/0x334
Jun 09 09:14:20 morfikownia kernel: ? do_syscall_64+0x2e/0x334
Jun 09 09:14:20 morfikownia kernel: entry_SYSCALL_64_after_hwframe+0x44/0xa9
Jun 09 09:14:20 morfikownia kernel: RIP: 0033:0x7bd970d22f79
Jun 09 09:14:20 morfikownia kernel: Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e7 3e 0c 00 f7 d8 64 89 01 48
Jun 09 09:14:20 morfikownia kernel: RSP: 002b:00007ffc63a1c178 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
Jun 09 09:14:20 morfikownia kernel: RAX: ffffffffffffffda RBX: 0000574d246ecec0 RCX: 00007bd970d22f79
Jun 09 09:14:20 morfikownia kernel: RDX: 0000000000000000 RSI: 0000574d23be5358 RDI: 0000000000000003
Jun 09 09:14:20 morfikownia kernel: RBP: 0000000000040000 R08: 0000000000000000 R09: 0000574d246ee3d0
Jun 09 09:14:20 morfikownia kernel: R10: 0000000000000003 R11: 0000000000000246 R12: 0000574d23be5358
Jun 09 09:14:20 morfikownia kernel: R13: 0000000000000000 R14: 0000574d246ece60 R15: 0000574d246ecec0
Jun 09 09:14:20 morfikownia kernel: [p_lkrg] Can't initialize exploit detection features! Exiting...
Jun 09 09:14:20 morfikownia kernel: OOM killer enabled.
Jun 09 09:14:20 morfikownia kernel: Restarting tasks ... done.
Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.