grsec-unoff (RAP) related Call Traces, 171118-0933 oops

(No. 0)  171114-1000-manu  171117-1426-oops  171118-0933-rsys  171118-1030-none  171122-1348-rsys  171123-1254  171123-1530  171124-0102-none  180101-1917-rsync 

( This is not a (RAP)-related Call Trace page, placing this here to report more quickly to the author of the patch for the kernel in question. )

Some more talk about the context is at the time of a later, non-recorded (nothing in the logs) trace one hour later.

Nov 18 09:15:01 gdOv kernel: [  803.770473] grsec: chdir to /var/lib/lurker/www
by /usr/bin/lurker-prune[lurker-prune:4447] uid/euid:33/33 gid/egid:33/33,
parent /bin/dash[sh:4446] uid/euid:33/33 gid/egid:33/33

Nov 18 09:30:01 gdOv kernel: [ 1703.747052] grsec: chdir to /var/www by
/usr/sbin/cron[cron:4452] uid/euid:33/33 gid/egid:33/33, parent
/usr/sbin/cron[cron:4451] uid/euid:0/0 gid/egid:0/0

Nov 18 09:30:01 gdOv kernel: [ 1703.747226] grsec: exec of /bin/dash (/bin/sh
-c if test -f /var/lib/lurker/db; then /usr/bin/lurker-prune; fi ) by
/bin/dash[cron:4452] uid/euid:33/33 gid/egid:33/33, parent
/usr/sbin/cron[cron:4451] uid/euid:0/0 gid/egid:0/0

Nov 18 09:30:01 gdOv kernel: [ 1703.749407] grsec: exec of
/usr/bin/lurker-prune (/usr/bin/lurker-prune ) by
/usr/bin/lurker-prune[sh:4453] uid/euid:33/33 gid/egid:33/33, parent
/bin/dash[sh:4452] uid/euid:33/33 gid/egid:33/33

Nov 18 09:30:01 gdOv kernel: [ 1703.754999] grsec: chdir to /var/lib/lurker by
/usr/bin/lurker-prune[lurker-prune:4453] uid/euid:33/33 gid/egid:33/33, parent
/bin/dash[sh:4452] uid/euid:33/33 gid/egid:33/33

Nov 18 09:30:01 gdOv kernel: [ 1703.755023] grsec: chdir to /var/www by
/usr/bin/lurker-prune[lurker-prune:4453] uid/euid:33/33 gid/egid:33/33, parent
/bin/dash[sh:4452] uid/euid:33/33 gid/egid:33/33

Nov 18 09:30:01 gdOv kernel: [ 1703.755206] grsec: chdir to /var/lib/lurker/www
by /usr/bin/lurker-prune[lurker-prune:4453] uid/euid:33/33 gid/egid:33/33,
parent /bin/dash[sh:4452] uid/euid:33/33 gid/egid:33/33

Nov 18 09:31:09 gdOv kernel: [ 1771.675752] grsec: exec of /usr/bin/mplayer
(mplayer -use-filedir-conf HTV1_H1118_0907.m2t ) by /usr/bin/mplayer[bash:4454]
uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4159]
uid/euid:1000/1000 gid/egid:1000/1000

Nov 18 09:31:09 gdOv kernel: [ 1771.932174] grsec: denied resource overstep by
requesting 135168 for RLIMIT_MEMLOCK against limit 65536 for
/usr/bin/mplayer[mplayer:4454] uid/euid:1000/1000 gid/egid:1000/1000, parent
/bin/bash[bash:4159] uid/euid:1000/1000 gid/egid:1000/1000

Nov 18 09:33:36 gdOv kernel: [ 1918.420433] general protection fault: 0000 [#1] SMP
Nov 18 09:33:36 gdOv kernel: [ 1918.421791] Modules linked in: nf_log_ipv4 nf_log_common xt_LOG xt_tcpudp xt_conntrack iptable_filter iptable_mangle iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack iptable_raw ip_tables x_tables cx22702 isl6421 cx24123 cx88_dvb cx88_vp3054_i2c videobuf2_dvb dvb_core wm8775 ir_lirc_codec ir_rc5_decoder lirc_dev rc_hauppauge tuner_simple tuner_types tda9887 tda8290 tuner snd_hda_codec_realtek snd_hda_codec_generic snd_hda_intel edac_mce_amd snd_hda_codec edac_core snd_hda_core amdkfd cx8802 radeon cx8800 cx88_alsa mxm_wmi snd_hwdep snd_pcm cx88xx snd_timer ttm drm_kms_helper drm tveeprom fb_sys_fops k10temp videobuf2_dma_sg syscopyarea videobuf2_memops v4l2_common sysfillrect kvm_amd kvm irqbypass snd evdev serio_raw videobuf2_v4l2 pcspkr videobuf2_core sysimgblt soundcore
Nov 18 09:33:36 gdOv kernel: [ 1918.428454]  videodev media i2c_algo_bit nuvoton_cir sp5100_tco sg wmi shpchp rc_core button acpi_cpufreq ext4 crc16 jbd2 fscrypto mbcache xts gf128mul algif_skcipher af_alg dm_crypt dm_mod sr_mod cdrom sd_mod ata_generic uas usb_storage ohci_pci psmouse r8169 mii firewire_ohci ahci firewire_core crc_itu_t libahci sky2 pata_atiixp libata xhci_pci ehci_pci ohci_hcd xhci_hcd ehci_hcd i2c_piix4 scsi_mod usbcore fjes
Nov 18 09:33:36 gdOv kernel: [ 1918.436249] CPU: 3 PID: 4097 Comm: Xorg Not tainted 4.9.62-unofficial+grsec171117-23 #1
Nov 18 09:33:36 gdOv kernel: [ 1918.438360] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./970 Extreme4, BIOS P2.60 11/11/2013
Nov 18 09:33:36 gdOv kernel: [ 1918.440532] task: ffff88031b860680 task.stack: ffffc9000a164000
Nov 18 09:33:36 gdOv kernel: [ 1918.442702] RIP: 0010:[]  [] vma_wants_writenotify+0x94/0xc0
Nov 18 09:33:36 gdOv kernel: [ 1918.444968] RSP: 0018:ffffc9000a167cf0  EFLAGS: 00010287
Nov 18 09:33:36 gdOv kernel: [ 1918.447247] RAX: ff8803194de000ff RBX: 8000000000000027 RCX: 4000000000000000
Nov 18 09:33:36 gdOv kernel: [ 1918.449569] RDX: 0000000000000020 RSI: 2000000000000000 RDI: ffff880322c9bfff
Nov 18 09:33:36 gdOv kernel: [ 1918.451887] RBP: ffff88031c743900 R08: ffff88031c743900 R09: 00000000140440bb
Nov 18 09:33:36 gdOv kernel: [ 1918.454263] R10: 8000000000000027 R11: ffff88031cd7a620 R12: 00003ffffffff278
Nov 18 09:33:36 gdOv kernel: [ 1918.456665] R13: 00000000140440bb R14: 0000000000000001 R15: 000003e3dc42b000
Nov 18 09:33:36 gdOv kernel: [ 1918.459090] FS:  000003e3dc412a40(0000) GS:ffff88032fd80000(0000) knlGS:0000000000000000
Nov 18 09:33:36 gdOv kernel: [ 1918.461557] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Nov 18 09:33:36 gdOv kernel: [ 1918.464046] CR2: 000003e3dc424800 CR3: 00000000017e9000 CR4: 00000000000006f0
Nov 18 09:33:36 gdOv kernel: [ 1918.466518] Stack:
Nov 18 09:33:36 gdOv kernel: [ 1918.468906]  ffffffff8115a594 00000000140440bb 000003e3dc42b000 ffff880320dd66c0
Nov 18 09:33:36 gdOv kernel: [ 1918.471257]  ffff88031ab11980 ffffffff8115c27f ffff880320efb100 0000000000101332
Nov 18 09:33:36 gdOv kernel: [ 1918.473583]  0000000000000000 ffff88031c743900 00000000140440bb ffff88031c743900
Nov 18 09:33:36 gdOv kernel: [ 1918.475855] Call Trace:
Nov 18 09:33:36 gdOv kernel: [ 1918.478045]  [] ? vma_set_page_prot+0x34/0x60
Nov 18 09:33:36 gdOv kernel: [ 1918.480243]  [] ? mmap_region+0x2cf/0x6d0
Nov 18 09:33:36 gdOv kernel: [ 1918.482475]  [] ? do_mmap+0x560/0x620
Nov 18 09:33:36 gdOv kernel: [ 1918.484713]  [] ? vm_mmap_pgoff+0xb9/0x100
Nov 18 09:33:36 gdOv kernel: [ 1918.486940]  [] ? sys_mmap_pgoff+0x1a9/0x270
Nov 18 09:33:36 gdOv kernel: [ 1918.489203]  [] ? entry_SYSCALL_64_fastpath+0x17/0xa8
Nov 18 09:33:36 gdOv kernel: [ 1918.491480] Code: c0 74 a4 48 8b 80 f8 00 00 00 48 85 c0 74 98 48 8b 38 48 c7 c0 40 ca 44 82 48 85 ff 74 14 48 8b 47 28 48 3b 05 d6 bf 34 01 74 10 <48> 8b 80 d8 00 00 00 8b 40 18 f7 d0 83 e0 01 c3 e8 97 0d 08 00 
Nov 18 09:33:36 gdOv kernel: [ 1918.496342] RIP  [] vma_wants_writenotify+0x94/0xc0
Nov 18 09:33:36 gdOv kernel: [ 1918.498750]  RSP 
Nov 18 09:33:36 gdOv kernel: [ 1918.511405] ---[ end trace 31e80f49fd8dc8c9 ]---
Nov 18 09:33:36 gdOv kernel: [ 1918.511414] grsec: banning user with uid 1000 until system restart for suspicious kernel crash
Nov 18 09:33:36 gdOv kernel: [ 1918.587358] grsec: exec of /sbin/agetty (/sbin/getty 38400 tty6 ) by /sbin/agetty[init:4456] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0

Nov 18 09:37:02 gdOv kernel: [   42.267711] grsec: exec of /bin/sed (sed
/=/!d;s/^.*=// ) by /bin/sed[cryptdisks:1337] uid/euid:0/0 gid/egid:0/0, parent
/etc/init.d/cryptdisks[cryptdisks:1335] uid/euid:0/0 gid/egid:0/0

Nov 18 09:37:02 gdOv kernel: [   42.272191] grsec: exec of /usr/bin/tput
(/usr/bin/tput hpa 60 ) by /usr/bin/tput[cryptdisks:1338] uid/euid:0/0
gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0
gid/egid:0/0

Nov 18 09:37:02 gdOv kernel: [   42.273371] grsec: exec of /usr/bin/tput
(/usr/bin/tput setaf 1 ) by /usr/bin/tput[cryptdisks:1339] uid/euid:0/0
gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0
gid/egid:0/0

Nov 18 09:37:02 gdOv kernel: [   42.274459] grsec: exec of /usr/bin/tput
(/usr/bin/tput setaf 1 ) by /usr/bin/tput[cryptdisks:1340] uid/euid:0/0
gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0
gid/egid:0/0

Nov 18 09:37:02 gdOv kernel: [   42.275617] grsec: exec of /usr/bin/tput
(/usr/bin/tput setaf 2 ) by /usr/bin/tput[cryptdisks:1341] uid/euid:0/0
gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0
gid/egid:0/0

Nov 18 09:37:02 gdOv kernel: [   42.276744] grsec: exec of /usr/bin/tput
(/usr/bin/tput setaf 3 ) by /usr/bin/tput[cryptdisks:1342] uid/euid:0/0
gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0
gid/egid:0/0

Nov 18 09:37:02 gdOv kernel: [   42.277856] grsec: exec of /usr/bin/tput
(/usr/bin/tput op ) by /usr/bin/tput[cryptdisks:1343] uid/euid:0/0
gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0
gid/egid:0/0

That's with all modules available to the kernel, the all-purpose set of kernel packages (that I sometimes offer on: https://www.croatiafidelis.hr/gnu/deb/ ), such kernel that will likely work on any amd64 machines (amd64 in Debian world actually means x86_64, Intel or AMD) whichever drivers are there that a machine might need.

As I'm preparing this, I'm back to running my some-modules-compiled-in 4.9.61 kernel tailored for my machine (as little as I need, removed what I don't need, and also all functionalities are in the kernel, not outside in modules):

$ uname -r
4.9.61-unofficial+grsec171114-20
$

No more Oopses since an hour and twenty minutes... But there was one Oops the first time that I booted with my 4.9.61 tailor-made. Some cache at work somewhere, I guess...

An hour forty five minutes and no freezing... Could be the new kernel that was causing the Oopses...

Wow! More than two hours and no freezing, no Oopses... It must be the new kernel causing all this trouble...

Because the system has been doing many tasks: video recording with tzap and with mencoder, video playing, lots of xterms opened, Pale Moon running with the cached pages all the time...

I could post the new linux-image-4.9.62-grsecunoff-171117-23 packages that I compiled late last night, but I suspect the kernel is at fault...

I'll try and report it to the minipli repo.

I do think it's related to the 4.9.62 kernel. I ran for many hours the 4.9.61 all-modules-compiled-separately kernel that I uploaded and is available (for a week or a little longer from now yet) at:

https://www.croatiafidelis.hr/gnu/deb/linux-deb-4.9.61-unofficial+grsec171114-19/

(because I always test on my machines first what I prepare for uploading) and I didn't have issues.

---

The verifiable files necessary for this study, if any, are listed in the main page of this section.

---