1 |
On Thu, May 17, 2012 at 6:04 AM, Anthony G. Basile |
2 |
<basile@××××××××××××××.edu> wrote: |
3 |
> Please open a bug, attach both config files. It would be useful if you also |
4 |
> identify on which options it breaks. Liberte, last I looked, has quite a |
5 |
> few hardening features off. Pay attention to GRKERNSEC_IO, PAX_PAGEEXEC, |
6 |
> PAX_KERNEXEC, PAX_MEMORY_UDEREF. |
7 |
|
8 |
It took less time to work it out than I expected; a bit of a binary |
9 |
search through the grsecurity/PaX options I had enabled pretty clearly |
10 |
indicates the culprint is PAX_MEMORY_UDEREF. Using both |
11 |
xf86-video-intel-2.17.0-r3 and 2.19.0 and xorg-server-1.11.3 and |
12 |
1.12.1, there's a bug introduced between hardened-sources-3.2.2-r1 and |
13 |
>=3.2.11 that by enabling PAX_MEMORY_UDEREF the i915/i965 kernel |
14 |
module gets a "BUG: unable to handle kernel NULL pointer dereference" |
15 |
in i915_gem_execbuffer_reserve when starting X. |
16 |
|
17 |
I'll submit a bug shortly. |