1 |
W dniu 27.08.2014 o 18:34, André Aparício pisze: |
2 |
> I encountered the same problem with qemu/kvm but can't even login, I |
3 |
> get random segfaults and even failed malloc assertions |
4 |
> in /sbin/init, /sbin/rc or /bin/login (never past this). |
5 |
> |
6 |
> But it works fine with CONFIG_PAX_MEMORY_UDEREF disabled. |
7 |
|
8 |
|
9 |
It looks that disabling CONFIG_PAX_MEMORY_UDEREF solves problem on my |
10 |
host too. |
11 |
|
12 |
|
13 |
> Config that reproduces the problem. |
14 |
> |
15 |
> $ grep -P "(GRK|PAX)" linux-3.15.8-hardened/.config |
16 |
> CONFIG_PAX_KERNEXEC_PLUGIN=y |
17 |
> CONFIG_PAX_PER_CPU_PGD=y |
18 |
> CONFIG_PAX_USERCOPY_SLABS=y |
19 |
> CONFIG_GRKERNSEC=y |
20 |
> CONFIG_GRKERNSEC_CONFIG_AUTO=y |
21 |
> # CONFIG_GRKERNSEC_CONFIG_CUSTOM is not set |
22 |
> CONFIG_GRKERNSEC_CONFIG_SERVER=y |
23 |
> # CONFIG_GRKERNSEC_CONFIG_DESKTOP is not set |
24 |
> # CONFIG_GRKERNSEC_CONFIG_VIRT_NONE is not set |
25 |
> CONFIG_GRKERNSEC_CONFIG_VIRT_GUEST=y |
26 |
> # CONFIG_GRKERNSEC_CONFIG_VIRT_HOST is not set |
27 |
> CONFIG_GRKERNSEC_CONFIG_VIRT_EPT=y |
28 |
> # CONFIG_GRKERNSEC_CONFIG_VIRT_SOFT is not set |
29 |
> # CONFIG_GRKERNSEC_CONFIG_VIRT_XEN is not set |
30 |
> # CONFIG_GRKERNSEC_CONFIG_VIRT_VMWARE is not set |
31 |
> CONFIG_GRKERNSEC_CONFIG_VIRT_KVM=y |
32 |
> # CONFIG_GRKERNSEC_CONFIG_VIRT_VIRTUALBOX is not set |
33 |
> # CONFIG_GRKERNSEC_CONFIG_PRIORITY_PERF is not set |
34 |
> CONFIG_GRKERNSEC_CONFIG_PRIORITY_SECURITY=y |
35 |
> CONFIG_GRKERNSEC_PROC_GID=10 |
36 |
> CONFIG_GRKERNSEC_TPE_UNTRUSTED_GID=100 |
37 |
> CONFIG_GRKERNSEC_SYMLINKOWN_GID=100 |
38 |
> CONFIG_PAX=y |
39 |
> # CONFIG_PAX_SOFTMODE is not set |
40 |
> CONFIG_PAX_PT_PAX_FLAGS=y |
41 |
> CONFIG_PAX_XATTR_PAX_FLAGS=y |
42 |
> # CONFIG_PAX_NO_ACL_FLAGS is not set |
43 |
> CONFIG_PAX_HAVE_ACL_FLAGS=y |
44 |
> # CONFIG_PAX_HOOK_ACL_FLAGS is not set |
45 |
> CONFIG_PAX_NOEXEC=y |
46 |
> CONFIG_PAX_PAGEEXEC=y |
47 |
> CONFIG_PAX_EMUTRAMP=y |
48 |
> CONFIG_PAX_MPROTECT=y |
49 |
> # CONFIG_PAX_MPROTECT_COMPAT is not set |
50 |
> # CONFIG_PAX_ELFRELOCS is not set |
51 |
> CONFIG_PAX_KERNEXEC=y |
52 |
> CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_BTS=y |
53 |
> CONFIG_PAX_KERNEXEC_PLUGIN_METHOD="bts" |
54 |
> CONFIG_PAX_ASLR=y |
55 |
> # CONFIG_PAX_RANDKSTACK is not set |
56 |
> CONFIG_PAX_RANDUSTACK=y |
57 |
> CONFIG_PAX_RANDMMAP=y |
58 |
> CONFIG_PAX_MEMORY_SANITIZE=y |
59 |
> CONFIG_PAX_MEMORY_STACKLEAK=y |
60 |
> CONFIG_PAX_MEMORY_STRUCTLEAK=y |
61 |
> CONFIG_PAX_MEMORY_UDEREF=y |
62 |
> CONFIG_PAX_REFCOUNT=y |
63 |
> CONFIG_PAX_CONSTIFY_PLUGIN=y |
64 |
> CONFIG_PAX_USERCOPY=y |
65 |
> # CONFIG_PAX_USERCOPY_DEBUG is not set |
66 |
> CONFIG_PAX_SIZE_OVERFLOW=y |
67 |
> CONFIG_PAX_LATENT_ENTROPY=y |
68 |
> CONFIG_GRKERNSEC_KMEM=y |
69 |
> CONFIG_GRKERNSEC_IO=y |
70 |
> CONFIG_GRKERNSEC_PERF_HARDEN=y |
71 |
> CONFIG_GRKERNSEC_RAND_THREADSTACK=y |
72 |
> CONFIG_GRKERNSEC_PROC_MEMMAP=y |
73 |
> CONFIG_GRKERNSEC_KSTACKOVERFLOW=y |
74 |
> CONFIG_GRKERNSEC_BRUTE=y |
75 |
> CONFIG_GRKERNSEC_HIDESYM=y |
76 |
> CONFIG_GRKERNSEC_RANDSTRUCT=y |
77 |
> # CONFIG_GRKERNSEC_RANDSTRUCT_PERFORMANCE is not set |
78 |
> # CONFIG_GRKERNSEC_KERN_LOCKOUT is not set |
79 |
> CONFIG_GRKERNSEC_NO_RBAC=y |
80 |
> CONFIG_GRKERNSEC_ACL_HIDEKERN=y |
81 |
> CONFIG_GRKERNSEC_ACL_MAXTRIES=3 |
82 |
> CONFIG_GRKERNSEC_ACL_TIMEOUT=30 |
83 |
> CONFIG_GRKERNSEC_PROC=y |
84 |
> # CONFIG_GRKERNSEC_PROC_USER is not set |
85 |
> CONFIG_GRKERNSEC_PROC_USERGROUP=y |
86 |
> CONFIG_GRKERNSEC_PROC_ADD=y |
87 |
> CONFIG_GRKERNSEC_LINK=y |
88 |
> CONFIG_GRKERNSEC_SYMLINKOWN=y |
89 |
> CONFIG_GRKERNSEC_FIFO=y |
90 |
> CONFIG_GRKERNSEC_SYSFS_RESTRICT=y |
91 |
> # CONFIG_GRKERNSEC_ROFS is not set |
92 |
> CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL=y |
93 |
> CONFIG_GRKERNSEC_CHROOT=y |
94 |
> CONFIG_GRKERNSEC_CHROOT_MOUNT=y |
95 |
> CONFIG_GRKERNSEC_CHROOT_DOUBLE=y |
96 |
> CONFIG_GRKERNSEC_CHROOT_PIVOT=y |
97 |
> CONFIG_GRKERNSEC_CHROOT_CHDIR=y |
98 |
> CONFIG_GRKERNSEC_CHROOT_CHMOD=y |
99 |
> CONFIG_GRKERNSEC_CHROOT_FCHDIR=y |
100 |
> CONFIG_GRKERNSEC_CHROOT_MKNOD=y |
101 |
> CONFIG_GRKERNSEC_CHROOT_SHMAT=y |
102 |
> CONFIG_GRKERNSEC_CHROOT_UNIX=y |
103 |
> CONFIG_GRKERNSEC_CHROOT_FINDTASK=y |
104 |
> CONFIG_GRKERNSEC_CHROOT_NICE=y |
105 |
> CONFIG_GRKERNSEC_CHROOT_SYSCTL=y |
106 |
> CONFIG_GRKERNSEC_CHROOT_CAPS=y |
107 |
> # CONFIG_GRKERNSEC_AUDIT_GROUP is not set |
108 |
> CONFIG_GRKERNSEC_EXECLOG=y |
109 |
> CONFIG_GRKERNSEC_RESLOG=y |
110 |
> CONFIG_GRKERNSEC_CHROOT_EXECLOG=y |
111 |
> # CONFIG_GRKERNSEC_AUDIT_PTRACE is not set |
112 |
> # CONFIG_GRKERNSEC_AUDIT_CHDIR is not set |
113 |
> # CONFIG_GRKERNSEC_AUDIT_MOUNT is not set |
114 |
> CONFIG_GRKERNSEC_SIGNAL=y |
115 |
> # CONFIG_GRKERNSEC_FORKFAIL is not set |
116 |
> CONFIG_GRKERNSEC_TIME=y |
117 |
> CONFIG_GRKERNSEC_PROC_IPADDR=y |
118 |
> CONFIG_GRKERNSEC_RWXMAP_LOG=y |
119 |
> CONFIG_GRKERNSEC_DMESG=y |
120 |
> CONFIG_GRKERNSEC_HARDEN_PTRACE=y |
121 |
> CONFIG_GRKERNSEC_PTRACE_READEXEC=y |
122 |
> CONFIG_GRKERNSEC_SETXID=y |
123 |
> CONFIG_GRKERNSEC_HARDEN_IPC=y |
124 |
> CONFIG_GRKERNSEC_TPE=y |
125 |
> # CONFIG_GRKERNSEC_TPE_ALL is not set |
126 |
> # CONFIG_GRKERNSEC_TPE_INVERT is not set |
127 |
> CONFIG_GRKERNSEC_TPE_GID=100 |
128 |
> CONFIG_GRKERNSEC_RANDNET=y |
129 |
> CONFIG_GRKERNSEC_BLACKHOLE=y |
130 |
> CONFIG_GRKERNSEC_NO_SIMULT_CONNECT=y |
131 |
> # CONFIG_GRKERNSEC_SOCKET is not set |
132 |
> # CONFIG_GRKERNSEC_SYSCTL is not set |
133 |
> CONFIG_GRKERNSEC_FLOODTIME=10 |
134 |
> CONFIG_GRKERNSEC_FLOODBURST=6 |
135 |
> |
136 |
> On Tue, 26 Aug 2014 11:24:26 +0100 |
137 |
> Marcin Mirosław <marcin@×××××.pl> wrote: |
138 |
> |
139 |
>> Hello! |
140 |
>> I suspect that I've got problem with hardened-sources in KVM VM. I'm |
141 |
>> not sure if I should fill a bug for this. I'd like to post it here |
142 |
>> before using b.g.o. |
143 |
>> I've got VM (it's KVM with qemu-2.0.0-r1), with |
144 |
>> hardened-sources-3.15.{5-r2,8}. I'm observing a kind of memory |
145 |
>> corruption. After a couple of hours of uptime I'm starting seeing |
146 |
>> random segfaults, general protection traps especially when process |
147 |
>> uses a lot of CPU and do many I/O operations (masscheck scripts |
148 |
>> written in perl for spamassasin rules). |
149 |
>> In log I've got e.g.: |
150 |
>> |
151 |
>> 2014-08-25T13:05:23.243062+02:00 mohikanin kernel: [45571.239703] PAX: |
152 |
>> >From 88.198.102.195: execution attempt in: (null), 00000000-00000000 |
153 |
>> 00000000 |
154 |
>> 2014-08-25T13:05:23.243088+02:00 mohikanin kernel: [45571.239707] PAX: |
155 |
>> terminating task: /usr/libexec/dovecot/pop3-login(pop3-login):2507, |
156 |
>> uid/euid: 105/105, PC: (nil), SP: 000003a8574e4c00 |
157 |
>> 2014-08-25T13:05:23.243093+02:00 mohikanin kernel: [45571.239709] PAX: |
158 |
>> bytes at |
159 |
>> PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? |
160 |
>> 2014-08-25T13:05:23.243095+02:00 mohikanin kernel: [45571.239735] |
161 |
>> PAX: bytes at SP-8: 0000000000000000 0000000000000000 |
162 |
>> 00000059c6deceb0 0000000000000000 00000316027bc540 0000000000000001 |
163 |
>> 000003160271dbb5 0000000000000000 0000000000000000 0000000000000000 |
164 |
>> 0000000000000000 2014-08-25T13:24:42.943001+02:00 mohikanin kernel: |
165 |
>> [46730.931353] traps: spamd child[19681] general protection |
166 |
>> ip:2c572b6e163 sp:3ca7d000be0 error:0 in |
167 |
>> libc-2.19.so[2c572aee000+19e000] 2014-08-25T13:24:42.943007+02:00 |
168 |
>> mohikanin kernel: [46730.931371] grsec: Segmentation fault occurred |
169 |
>> at (nil) in /usr/sbin/spamd[spamd child:19681] |
170 |
>> uid/euid:999/999 gid/egid:100/100, |
171 |
>> parent /usr/sbin/spamd[/usr/sbin/spamd:1255] uid/euid:0/0 |
172 |
>> gid/egid:0/0 2014-08-25T13:55:22.383032+02:00 mohikanin kernel: |
173 |
>> [48570.375917] traps: freshclam[6594] general protection |
174 |
>> ip:344cceb368d sp:3d5f5ced520 error:0 in |
175 |
>> libclamav.so.6.1.23[344ccdf1000+9d1000] |
176 |
>> 2014-08-25T13:55:22.383050+02:00 mohikanin kernel: [48570.375968] |
177 |
>> grsec: Segmentation fault occurred at (nil) |
178 |
>> in /usr/bin/freshclam[freshclam:6594] uid/euid:104/104 |
179 |
>> gid/egid:115/115, parent /usr/bin/freshclam[freshclam:1159] |
180 |
>> uid/euid:104/104 gid/egid:115/115 |
181 |
>> |
182 |
>> Yesterday I switched kernel to gentoo-sources-3.14.14 and I don't see |
183 |
>> any unwanted behavior. This is why I suspect hardened-sources. Should |
184 |
>> I fill a bug? What should I do help find out the root of problem? |
185 |
>> (gcc is: gcc version 4.7.3 (Gentoo Hardened 4.7.3-r1 p1.4, |
186 |
>> pie-0.5.5) , with ld.gold) |
187 |
>> |
188 |
>> Marcin |
189 |
>> |
190 |
>> # grep -P "(GRK|PAX)" /boot/config-3.15.8-hardened |
191 |
>> CONFIG_PAX_KERNEXEC_PLUGIN=y |
192 |
>> CONFIG_PAX_PER_CPU_PGD=y |
193 |
>> CONFIG_PAX_USERCOPY_SLABS=y |
194 |
>> CONFIG_GRKERNSEC=y |
195 |
>> CONFIG_GRKERNSEC_CONFIG_AUTO=y |
196 |
>> # CONFIG_GRKERNSEC_CONFIG_CUSTOM is not set |
197 |
>> CONFIG_GRKERNSEC_CONFIG_SERVER=y |
198 |
>> # CONFIG_GRKERNSEC_CONFIG_DESKTOP is not set |
199 |
>> # CONFIG_GRKERNSEC_CONFIG_VIRT_NONE is not set |
200 |
>> CONFIG_GRKERNSEC_CONFIG_VIRT_GUEST=y |
201 |
>> # CONFIG_GRKERNSEC_CONFIG_VIRT_HOST is not set |
202 |
>> CONFIG_GRKERNSEC_CONFIG_VIRT_EPT=y |
203 |
>> # CONFIG_GRKERNSEC_CONFIG_VIRT_SOFT is not set |
204 |
>> # CONFIG_GRKERNSEC_CONFIG_VIRT_XEN is not set |
205 |
>> # CONFIG_GRKERNSEC_CONFIG_VIRT_VMWARE is not set |
206 |
>> CONFIG_GRKERNSEC_CONFIG_VIRT_KVM=y |
207 |
>> # CONFIG_GRKERNSEC_CONFIG_VIRT_VIRTUALBOX is not set |
208 |
>> CONFIG_GRKERNSEC_CONFIG_PRIORITY_PERF=y |
209 |
>> # CONFIG_GRKERNSEC_CONFIG_PRIORITY_SECURITY is not set |
210 |
>> CONFIG_GRKERNSEC_PROC_GID=55555 |
211 |
>> CONFIG_GRKERNSEC_TPE_TRUSTED_GID=55555 |
212 |
>> CONFIG_GRKERNSEC_SYMLINKOWN_GID=100 |
213 |
>> CONFIG_PAX=y |
214 |
>> # CONFIG_PAX_SOFTMODE is not set |
215 |
>> # CONFIG_PAX_PT_PAX_FLAGS is not set |
216 |
>> CONFIG_PAX_XATTR_PAX_FLAGS=y |
217 |
>> # CONFIG_PAX_NO_ACL_FLAGS is not set |
218 |
>> CONFIG_PAX_HAVE_ACL_FLAGS=y |
219 |
>> # CONFIG_PAX_HOOK_ACL_FLAGS is not set |
220 |
>> CONFIG_PAX_NOEXEC=y |
221 |
>> CONFIG_PAX_PAGEEXEC=y |
222 |
>> CONFIG_PAX_EMUTRAMP=y |
223 |
>> CONFIG_PAX_MPROTECT=y |
224 |
>> # CONFIG_PAX_MPROTECT_COMPAT is not set |
225 |
>> # CONFIG_PAX_ELFRELOCS is not set |
226 |
>> CONFIG_PAX_KERNEXEC=y |
227 |
>> CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_BTS=y |
228 |
>> CONFIG_PAX_KERNEXEC_PLUGIN_METHOD="bts" |
229 |
>> CONFIG_PAX_ASLR=y |
230 |
>> CONFIG_PAX_RANDKSTACK=y |
231 |
>> CONFIG_PAX_RANDUSTACK=y |
232 |
>> CONFIG_PAX_RANDMMAP=y |
233 |
>> # CONFIG_PAX_MEMORY_SANITIZE is not set |
234 |
>> CONFIG_PAX_MEMORY_STACKLEAK=y |
235 |
>> CONFIG_PAX_MEMORY_STRUCTLEAK=y |
236 |
>> CONFIG_PAX_MEMORY_UDEREF=y |
237 |
>> CONFIG_PAX_REFCOUNT=y |
238 |
>> CONFIG_PAX_CONSTIFY_PLUGIN=y |
239 |
>> CONFIG_PAX_USERCOPY=y |
240 |
>> # CONFIG_PAX_USERCOPY_DEBUG is not set |
241 |
>> CONFIG_PAX_SIZE_OVERFLOW=y |
242 |
>> CONFIG_PAX_LATENT_ENTROPY=y |
243 |
>> CONFIG_GRKERNSEC_KMEM=y |
244 |
>> CONFIG_GRKERNSEC_IO=y |
245 |
>> CONFIG_GRKERNSEC_JIT_HARDEN=y |
246 |
>> CONFIG_GRKERNSEC_PERF_HARDEN=y |
247 |
>> CONFIG_GRKERNSEC_RAND_THREADSTACK=y |
248 |
>> CONFIG_GRKERNSEC_PROC_MEMMAP=y |
249 |
>> CONFIG_GRKERNSEC_KSTACKOVERFLOW=y |
250 |
>> # CONFIG_GRKERNSEC_BRUTE is not set |
251 |
>> CONFIG_GRKERNSEC_MODHARDEN=y |
252 |
>> CONFIG_GRKERNSEC_HIDESYM=y |
253 |
>> CONFIG_GRKERNSEC_RANDSTRUCT=y |
254 |
>> CONFIG_GRKERNSEC_RANDSTRUCT_PERFORMANCE=y |
255 |
>> # CONFIG_GRKERNSEC_KERN_LOCKOUT is not set |
256 |
>> CONFIG_GRKERNSEC_NO_RBAC=y |
257 |
>> # CONFIG_GRKERNSEC_ACL_HIDEKERN is not set |
258 |
>> CONFIG_GRKERNSEC_ACL_MAXTRIES=3 |
259 |
>> CONFIG_GRKERNSEC_ACL_TIMEOUT=30 |
260 |
>> CONFIG_GRKERNSEC_PROC=y |
261 |
>> CONFIG_GRKERNSEC_PROC_USER=y |
262 |
>> CONFIG_GRKERNSEC_PROC_ADD=y |
263 |
>> CONFIG_GRKERNSEC_LINK=y |
264 |
>> CONFIG_GRKERNSEC_SYMLINKOWN=y |
265 |
>> CONFIG_GRKERNSEC_FIFO=y |
266 |
>> CONFIG_GRKERNSEC_SYSFS_RESTRICT=y |
267 |
>> # CONFIG_GRKERNSEC_ROFS is not set |
268 |
>> CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL=y |
269 |
>> CONFIG_GRKERNSEC_CHROOT=y |
270 |
>> CONFIG_GRKERNSEC_CHROOT_MOUNT=y |
271 |
>> CONFIG_GRKERNSEC_CHROOT_DOUBLE=y |
272 |
>> CONFIG_GRKERNSEC_CHROOT_PIVOT=y |
273 |
>> CONFIG_GRKERNSEC_CHROOT_CHDIR=y |
274 |
>> CONFIG_GRKERNSEC_CHROOT_CHMOD=y |
275 |
>> CONFIG_GRKERNSEC_CHROOT_FCHDIR=y |
276 |
>> CONFIG_GRKERNSEC_CHROOT_MKNOD=y |
277 |
>> CONFIG_GRKERNSEC_CHROOT_SHMAT=y |
278 |
>> CONFIG_GRKERNSEC_CHROOT_UNIX=y |
279 |
>> CONFIG_GRKERNSEC_CHROOT_FINDTASK=y |
280 |
>> CONFIG_GRKERNSEC_CHROOT_NICE=y |
281 |
>> CONFIG_GRKERNSEC_CHROOT_SYSCTL=y |
282 |
>> CONFIG_GRKERNSEC_CHROOT_CAPS=y |
283 |
>> CONFIG_GRKERNSEC_CHROOT_INITRD=y |
284 |
>> # CONFIG_GRKERNSEC_AUDIT_GROUP is not set |
285 |
>> # CONFIG_GRKERNSEC_EXECLOG is not set |
286 |
>> CONFIG_GRKERNSEC_RESLOG=y |
287 |
>> # CONFIG_GRKERNSEC_CHROOT_EXECLOG is not set |
288 |
>> # CONFIG_GRKERNSEC_AUDIT_PTRACE is not set |
289 |
>> # CONFIG_GRKERNSEC_AUDIT_CHDIR is not set |
290 |
>> CONFIG_GRKERNSEC_AUDIT_MOUNT=y |
291 |
>> CONFIG_GRKERNSEC_SIGNAL=y |
292 |
>> CONFIG_GRKERNSEC_FORKFAIL=y |
293 |
>> CONFIG_GRKERNSEC_TIME=y |
294 |
>> CONFIG_GRKERNSEC_PROC_IPADDR=y |
295 |
>> CONFIG_GRKERNSEC_RWXMAP_LOG=y |
296 |
>> CONFIG_GRKERNSEC_DMESG=y |
297 |
>> CONFIG_GRKERNSEC_HARDEN_PTRACE=y |
298 |
>> CONFIG_GRKERNSEC_PTRACE_READEXEC=y |
299 |
>> CONFIG_GRKERNSEC_SETXID=y |
300 |
>> CONFIG_GRKERNSEC_HARDEN_IPC=y |
301 |
>> CONFIG_GRKERNSEC_TPE=y |
302 |
>> CONFIG_GRKERNSEC_TPE_ALL=y |
303 |
>> CONFIG_GRKERNSEC_TPE_INVERT=y |
304 |
>> CONFIG_GRKERNSEC_TPE_GID=55555 |
305 |
>> CONFIG_GRKERNSEC_RANDNET=y |
306 |
>> CONFIG_GRKERNSEC_BLACKHOLE=y |
307 |
>> CONFIG_GRKERNSEC_NO_SIMULT_CONNECT=y |
308 |
>> # CONFIG_GRKERNSEC_SOCKET is not set |
309 |
>> CONFIG_GRKERNSEC_SYSCTL=y |
310 |
>> # CONFIG_GRKERNSEC_SYSCTL_DISTRO is not set |
311 |
>> CONFIG_GRKERNSEC_SYSCTL_ON=y |
312 |
>> CONFIG_GRKERNSEC_FLOODTIME=10 |
313 |
>> CONFIG_GRKERNSEC_FLOODBURST=6 |
314 |
>> |
315 |
> |
316 |
> |
317 |
> |
318 |
|
319 |
|
320 |
-- |
321 |
xmpp (jabber): marcin [at] mejor.pl |
322 |
www: http://blog.mejor.pl/ |