mencoder: page allocation failure: order:1, mode:0x2080024(GFP_ATOMIC|GFP_DMA32) (only 4.9.111, not with 4.9.107)

[miroR]

Not recorded because either exec_logging and audit_chdir were off or for some other reason, but this was running:

2018-07-15T06:11:03.035069+00:00 gdOv kernel: [  486.399411] grsec: (root:U:/usr/sbin/tripwire) exec of /usr/sbin/tripwire (tripwire -m c ) by /usr/sbin/tripwire[bash:4038] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:3932] uid/euid:0/0 gid/egid:0/0

( of course, the above, I ran again at later time, as the timestamp shows )

And a tshark-based script of mine was running (and this is now consecutive order as it was happening, I'll only shorten for quicker reading.

2018-07-15T05:35:43.868594+00:00 gdOv kernel: [ 5468.682523] grsec: (mr:U:/usr/bin/tshark) chdir to /usr/lib/x86_64-linux-gnu/wireshark/extcap by /usr/bin/tshark[tshark:27474] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/tshark[tshark:27416] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:35:43.868599+00:00 gdOv kernel: [ 5468.682823] grsec: (mr:U:/) exec of /usr/lib/x86_64-linux-gnu/wireshark/extcap/udpdump (/usr/lib/x86_64-linux-gnu/wireshark/extcap/udpdump --extcap-interfaces ) by /usr/lib/x86_64-linux-gnu/wireshark/extcap/udpdump[tshark:27474] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/tshark[tshark:27416] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:35:43.870569+00:00 gdOv kernel: [ 5468.684846] grsec: (mr:U:/bin/rm) exec of /bin/rm (rm -v dump_180714_1029_gdO-frame-http-request-full_uri.txt ) by /bin/rm[tshark-hosts-co:27475] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/local/bin/tshark-hosts-conv.sh[tshark-hosts-co:25371] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:35:43.875621+00:00 gdOv kernel: [ 5468.689215] grsec: (mr:U:/usr/bin/tee) exec of /usr/bin/tee (tee -a dump_180714_1029_gdO_tHostsConv_180715_053528.log ) by /usr/bin/tee[tshark-hosts-co:27476] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/local/bin/tshark-hosts-conv.sh[tshark-hosts-co:25371] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:35:43.878566+00:00 gdOv kernel: [ 5468.692434] grsec: (mr:U:/usr/bin/tshark) chdir to /usr/lib/x86_64-linux-gnu/wireshark/extcap by /usr/bin/tshark[tshark:27477] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/tshark[tshark:27416] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:35:43.878588+00:00 gdOv kernel: [ 5468.692687] grsec: (mr:U:/usr/lib/x86_64-linux-gnu/wireshark/extcap/sshdump) exec of /usr/lib/x86_64-linux-gnu/wireshark/extcap/sshdump (/usr/lib/x86_64-linux-gnu/wireshark/extcap/sshdump --extcap-config --extcap-interface ssh ) by /usr/lib/x86_64-linux-gnu/wireshark/extcap/sshdump[tshark:27477] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/tshark[tshark:27416] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:35:43.881564+00:00 gdOv kernel: [ 5468.695675] grsec: (mr:U:/bin/rm) exec of /bin/rm (rm -v dump_180714_1029_gdO.hosts ) by /bin/rm[tshark-hosts-co:27478] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/local/bin/tshark-hosts-conv.sh[tshark-hosts-co:25371] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:35:43.881596+00:00 gdOv kernel: [ 5468.695992] grsec: (mr:U:/usr/bin/tee) exec of /usr/bin/tee (tee -a dump_180714_1029_gdO_tHostsConv_180715_053528.log ) by /usr/bin/tee[tshark-hosts-co:27479] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/local/bin/tshark-hosts-conv.sh[tshark-hosts-co:25371] uid/euid:1000/1000 gid/egid:1000/1000

[ 75 lines cut here ]

2018-07-15T05:35:44.387711+00:00 gdOv kernel: [ 5469.201789] grsec: (mr:U:/) exec of /usr/lib/x86_64-linux-gnu/wireshark/extcap/udpdump (/usr/lib/x86_64-linux-gnu/wireshark/extcap/udpdump --extcap-interfaces ) by /usr/lib/x86_64-linux-gnu/wireshark/extcap/udpdump[tshark:27537] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/tshark[tshark:27501] uid/euid:1000/1000 gid/egid:1000/1000

This is my script that I run to turn off exec_logging and audit_chdir when they would be too verbose and spam /var/log/kern.log and /var/log/syslog (grsec isn't sorted with logging, and would run even in /var/log/messages, in Debian/Devuan, same lines in all three, in parallel, but I removed the last one...).

2018-07-15T05:35:44.387742+00:00 gdOv kernel: [ 5469.201816] grsec: (admin:S:/) exec of /usr/local/bin/grsec_el_ad_0.sh (grsec_el_ad_0.sh ) by /usr/local/bin/grsec_el_ad_0.sh[bash:27534] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:3947] uid/euid:0/0 gid/egid:0/0

[ 3 lines cut here ]

Previous is /var/log/kern.log.1 , below is /var/log/kern.log

2018-07-15T05:53:26.993588+00:00 gdOv kernel: [ 6531.799300] grsec: (root:U:/usr/bin/file) denied access to hidden file /dev/grsec by /usr/bin/file[file:2742] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/rkhunter[rkhunter:2741] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:53:26.993619+00:00 gdOv kernel: [ 6531.799355] grsec: (root:U:/usr/bin/file) denied access to hidden file /dev/grsec by /usr/bin/file[file:2742] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/rkhunter[rkhunter:2741] uid/euid:0/0 gid/egid:0/0

[ 8 lines cut here ]

2018-07-15T05:53:40.899564+00:00 gdOv kernel: [ 6545.704786] grsec: (admin:S:/) exec of /bin/grep (grep updatedb.mlocate ) by /bin/grep[grsec_if_upddb_:3398] uid/euid:0/0 gid/egid:0/0, parent /usr/local/bin/grsec_if_upddb_rkh_exec_chdir.sh[grsec_if_upddb_:3396] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:53:40.930627+00:00 gdOv kernel: [ 6545.736077] grsec: (admin:S:/) exec of /usr/local/bin/grsec_el_ad_1.sh (/usr/local/bin/grsec_el_ad_1.sh ) by /usr/local/bin/grsec_el_ad_1.sh[grsec_if_upddb_:3400] uid/euid:0/0 gid/egid:0/0, parent /usr/local/bin/grsec_if_upddb_rkh_exec_chdir.sh[grsec_if_upddb_:11366] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:53:40.934601+00:00 gdOv kernel: [ 6545.740566] grsec: (admin:S:/) exec of /usr/local/bin/grsec_el_ad_pr_q.sh (grsec_el_ad_pr_q.sh ) by /usr/local/bin/grsec_el_ad_pr_q.sh[grsec_if_upddb_:3402] uid/euid:0/0 gid/egid:0/0, parent /usr/local/bin/grsec_if_upddb_rkh_exec_chdir.sh[grsec_if_upddb_:11366] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:53:40.935597+00:00 gdOv kernel: [ 6545.741537] grsec: (admin:S:/) exec of /bin/cat (cat /proc/sys/kernel/grsecurity/exec_logging /proc/sys/kernel/grsecurity/audit_chdir ) by /bin/cat[grsec_if_upddb_:3408] uid/euid:0/0 gid/egid:0/0, parent /usr/local/bin/grsec_if_upddb_rkh_exec_chdir.sh[grsec_if_upddb_:3402] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:53:40.936620+00:00 gdOv kernel: [ 6545.742497] grsec: (admin:S:/) exec of /usr/bin/tr (tr \012 @ ) by /usr/bin/tr[grsec_if_upddb_:3409] uid/euid:0/0 gid/egid:0/0, parent /usr/local/bin/grsec_if_upddb_rkh_exec_chdir.sh[grsec_if_upddb_:3402] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:53:40.937558+00:00 gdOv kernel: [ 6545.743143] grsec: (admin:S:/) exec of /bin/sed (sed s/@//g ) by /bin/sed[grsec_if_upddb_:3410] uid/euid:0/0 gid/egid:0/0, parent /usr/local/bin/grsec_if_upddb_rkh_exec_chdir.sh[grsec_if_upddb_:3402] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:53:43.721622+00:00 gdOv kernel: [ 6548.527540] grsec: (admin:S:/) exec of /bin/grep (grep \[ Warning ) by /bin/grep[bash:3412] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:3931] uid/euid:0/0 gid/egid:0/0

[ 13 lines cut here ]

2018-07-15T05:54:59.173715+00:00 gdOv kernel: [ 6623.978673] grsec: (mr:U:/usr/bin/mencoder) exec of /usr/bin/mencoder (mencoder tv:// -profile mpeg4_capt_HaupP -o Compo_H0715_0554.avi ) by /usr/bin/mencoder[bash:3441] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:3776] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:55:10.340596+00:00 gdOv kernel: [ 6635.145434] grsec: (mr:U:/) exec of /usr/bin/alsamixer (alsamixer ) by /usr/bin/alsamixer[bash:3442] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:3875] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:55:19.697528+00:00 gdOv kernel: [ 6644.500983] grsec: (mr:U:/) exec of /bin/ls (ls --color=auto -ltr ) by /bin/ls[bash:3443] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:3875] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:55:32.345594+00:00 gdOv kernel: [ 6657.150409] grsec: (mr:U:/usr/bin/vim.basic) exec of /usr/bin/vim.basic (vi -p /home/mr/.asoundrc /home/mr/.mplayer/mencoder.conf ) by /usr/bin/vim.basic[bash:3468] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:3875] uid/euid:1000/1000 gid/egid:1000/1000

[ 75 lines cut here (all vim.basic, it really spams the logs when exec_logging is on... ]

It's relatively little, so no more cutting. Soon the Call Trace for kind visitor to view in all its ugliness...

2018-07-15T05:55:32.621578+00:00 gdOv kernel: [ 6657.426298] grsec: (mr:U:/usr/bin/vim.basic) chdir to /Cmn/mr_180714_gdO by /usr/bin/vim.basic[vi:3468] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:3875] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:55:32.621596+00:00 gdOv kernel: [ 6657.426308] grsec: (mr:U:/usr/bin/vim.basic) chdir to /usr/share/vim/vim81 by /usr/bin/vim.basic[vi:3468] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:3875] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:55:32.621599+00:00 gdOv kernel: [ 6657.426316] grsec: (mr:U:/usr/bin/vim.basic) chdir to /Cmn/mr_180714_gdO by /usr/bin/vim.basic[vi:3468] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:3875] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:55:38.325601+00:00 gdOv kernel: [ 6663.130321] grsec: (root:U:/etc/cron.daily) exec of /etc/cron.daily/yclamscan (/etc/cron.daily/yclamscan ) by /etc/cron.daily/yclamscan[run-parts:3469] uid/euid:0/0 gid/egid:0/0, parent /bin/run-parts[run-parts:11387] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.379608+00:00 gdOv kernel: [ 6663.183998] grsec: (root:U:/bin/date) exec of /bin/date (date +%y%m%d_%H ) by /bin/date[yclamscan:3472] uid/euid:0/0 gid/egid:0/0, parent /etc/cron.daily/yclamscan[yclamscan:3470] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.379665+00:00 gdOv kernel: [ 6663.184042] grsec: (root:U:/bin/date) exec of /bin/date (date +%y%m%d_%H ) by /bin/date[yclamscan:3473] uid/euid:0/0 gid/egid:0/0, parent /etc/cron.daily/yclamscan[yclamscan:3471] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.395579+00:00 gdOv kernel: [ 6663.200751] grsec: (root:U:/usr/sbin/cron) chdir to /root by /usr/sbin/cron[cron:3474] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/cron[cron:11385] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.401123+00:00 gdOv kernel: [ 6663.205129] grsec: (root:U:/usr/sbin/sendmail) exec of /usr/sbin/sendmail (/usr/sbin/sendmail -i -FCronDaemon -B8BITMIME -oem root ) by /usr/sbin/sendmail[cron:3474] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/cron[cron:11385] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.430606+00:00 gdOv kernel: [ 6663.234880] grsec: (root:U:/) exec of /bin/hostname (hostname ) by /bin/hostname[yclamscan:3475] uid/euid:0/0 gid/egid:0/0, parent /etc/cron.daily/yclamscan[yclamscan:3471] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.430652+00:00 gdOv kernel: [ 6663.234919] grsec: (root:U:/) exec of /bin/hostname (hostname ) by /bin/hostname[yclamscan:3476] uid/euid:0/0 gid/egid:0/0, parent /etc/cron.daily/yclamscan[yclamscan:3470] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.437734+00:00 gdOv kernel: [ 6663.242489] grsec: (root:U:/usr/bin/clamscan) exec of /usr/bin/clamscan (/usr/bin/clamscan -r -i --cross-fs=no /Cmn ) by /usr/bin/clamscan[yclamscan:3471] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.437778+00:00 gdOv kernel: [ 6663.242534] grsec: (root:U:/usr/bin/clamscan) exec of /usr/bin/clamscan (/usr/bin/clamscan -r -i --cross-fs=no / ) by /usr/bin/clamscan[yclamscan:3470] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.645622+00:00 gdOv kernel: [ 6663.450737] grsec: (root:U:/usr/sbin/sendmail) chdir to /var/spool/postfix by /usr/sbin/sendmail[sendmail:3474] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/cron[cron:11385] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.667598+00:00 gdOv kernel: [ 6663.470736] grsec: (root:U:/usr/sbin/postdrop) exec of /usr/sbin/postdrop (/usr/sbin/postdrop -r ) by /usr/sbin/postdrop[sendmail:3477] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/sendmail[sendmail:3474] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.677613+00:00 gdOv kernel: [ 6663.482750] grsec: (root:U:/usr/sbin/postdrop) chdir to /var/spool/postfix by /usr/sbin/postdrop[postdrop:3477] uid/euid:0/0 gid/egid:0/117, parent /usr/sbin/sendmail[sendmail:3474] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.804601+00:00 gdOv kernel: [ 6663.609421] grsec: (root:U:/usr/lib/postfix/sbin) exec of /usr/lib/postfix/sbin/cleanup (cleanup -z -t unix -u -c ) by /usr/lib/postfix/sbin/cleanup[master:3478] uid/euid:0/0 gid/egid:0/0, parent /usr/lib/postfix/sbin/master[master:3542] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.867588+00:00 gdOv kernel: [ 6663.672150] grsec: (root:U:/usr/lib/postfix/sbin) chdir to /var/spool/postfix by /usr/lib/postfix/sbin/cleanup[cleanup:3478] uid/euid:0/0 gid/egid:0/0, parent /usr/lib/postfix/sbin/master[master:3542] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.867615+00:00 gdOv kernel: [ 6663.672425] grsec: (root:U:/usr/lib/postfix/sbin) chdir to /var/spool/postfix by /usr/lib/postfix/sbin/cleanup[cleanup:3478] uid/euid:0/0 gid/egid:113/113, parent /usr/lib/postfix/sbin/master[master:3542] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:38.997705+00:00 gdOv kernel: [ 6663.801826] grsec: (root:U:/usr/lib/postfix/sbin) exec of /usr/lib/postfix/sbin/local (local -t unix -v ) by /usr/lib/postfix/sbin/local[master:3479] uid/euid:0/0 gid/egid:0/0, parent /usr/lib/postfix/sbin/master[master:3542] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:39.030606+00:00 gdOv kernel: [ 6663.835414] grsec: (root:U:/usr/lib/postfix/sbin) chdir to /var/spool/postfix by /usr/lib/postfix/sbin/local[local:3479] uid/euid:0/0 gid/egid:0/0, parent /usr/lib/postfix/sbin/master[master:3542] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:39.066366+00:00 gdOv kernel: [ 6663.869795] grsec: (mr:U:/bin/dash) exec of /bin/dash (sh -c procmail -a "$EXTENSION" ) by /bin/dash[local:3480] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/lib/postfix/sbin/local[local:3479] uid/euid:0/106 gid/egid:0/113
2018-07-15T05:55:39.186603+00:00 gdOv kernel: [ 6663.991588] grsec: (mr:U:/usr/bin/procmail) exec of /usr/bin/procmail (procmail -a  ) by /usr/bin/procmail[sh:3481] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/dash[sh:3480] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:55:46.973389+00:00 gdOv kernel: [ 6671.777316] grsec: (mr:U:/) exec of /bin/date (date +H%m%d_%H%M ) by /bin/date[bash:3482] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:3776] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:55:46.975584+00:00 gdOv kernel: [ 6671.780009] grsec: (mr:U:/usr/bin/mencoder) exec of /usr/bin/mencoder (mencoder tv:// -profile mpeg4_capt_HaupP -o Compo_H0715_0555.avi ) by /usr/bin/mencoder[bash:3483] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:3776] uid/euid:1000/1000 gid/egid:1000/1000
2018-07-15T05:55:53.893470+00:00 gdOv kernel: [ 6678.697699] grsec: (mr:U:/) exec of /bin/ls (ls --color=auto -ltr ) by /bin/ls[bash:3486] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:3839] uid/euid:1000/1000 gid/egid:1000/1000

For easier reading, the Call Trace I put in the next post.

[miroR]

2018-07-15T05:55:56.548501+00:00 gdOv kernel: [ 6681.336517] mencoder: page allocation failure: order:1, mode:0x2080024(GFP_ATOMIC|GFP_DMA32)
2018-07-15T05:55:56.548550+00:00 gdOv kernel: [ 6681.336532] CPU: 3 PID: 3484 Comm: mencoder Not tainted 4.9.111-dappersec180712-15 #1
2018-07-15T05:55:56.548553+00:00 gdOv kernel: [ 6681.336539] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./970 Extreme4, BIOS P2.60 11/11/2013
2018-07-15T05:55:56.548555+00:00 gdOv kernel: [ 6681.336544]  ffffc900074777f0 ffffffff81824e2b 0000000000007a02 438704b40566aeb0
2018-07-15T05:55:56.548556+00:00 gdOv kernel: [ 6681.336550]  ffffffff829df1d0 0000000000000000 ffffc90007477878 ffffffff8124686d
2018-07-15T05:55:56.548558+00:00 gdOv kernel: [ 6681.336555]  0208002400000002 ffffffff829df1d0 ffffc90007477818 ffffffff00000010
2018-07-15T05:55:56.548559+00:00 gdOv kernel: [ 6681.336562] Call Trace:
2018-07-15T05:55:56.548560+00:00 gdOv kernel: [ 6681.336574]  [<ffffffff81824e2b>] dump_stack+0x94/0xf9
2018-07-15T05:55:56.548561+00:00 gdOv kernel: [ 6681.336578]  [<ffffffff8124686d>] warn_alloc+0x1ad/0x1f0
2018-07-15T05:55:56.548562+00:00 gdOv kernel: [ 6681.336581]  [<ffffffff81246cc4>] __alloc_pages_slowpath+0x364/0x1060
2018-07-15T05:55:56.548564+00:00 gdOv kernel: [ 6681.336584]  [<ffffffff81245ca2>] ? get_page_from_freelist+0x572/0xc40
2018-07-15T05:55:56.548584+00:00 gdOv kernel: [ 6681.336586]  [<ffffffff81247dcd>] __alloc_pages_nodemask+0x1bd/0x2c0
2018-07-15T05:55:56.548587+00:00 gdOv kernel: [ 6681.336590]  [<ffffffff81095614>] dma_generic_alloc_coherent+0x114/0x190
2018-07-15T05:55:56.548588+00:00 gdOv kernel: [ 6681.336594]  [<ffffffff810ce64d>] gart_alloc_coherent+0x6d/0x1a0
2018-07-15T05:55:56.548589+00:00 gdOv kernel: [ 6681.336599]  [<ffffffff8205cbbc>] cx88_risc_buffer+0x12c/0x290
2018-07-15T05:55:56.548590+00:00 gdOv kernel: [ 6681.336603]  [<ffffffff82063fdd>] buffer_prepare+0x1cd/0x2f0
2018-07-15T05:55:56.548592+00:00 gdOv kernel: [ 6681.336607]  [<ffffffff82027e87>] __buf_prepare+0x197/0x250
2018-07-15T05:55:56.548593+00:00 gdOv kernel: [ 6681.336609]  [<ffffffff82029d40>] vb2_core_qbuf+0xa0/0x300
2018-07-15T05:55:56.548594+00:00 gdOv kernel: [ 6681.336611]  [<ffffffff8202e24e>] vb2_qbuf+0x9e/0xe0
2018-07-15T05:55:56.548595+00:00 gdOv kernel: [ 6681.336614]  [<ffffffff8202ec89>] vb2_ioctl_qbuf+0x69/0xa0
2018-07-15T05:55:56.548597+00:00 gdOv kernel: [ 6681.336616]  [<ffffffff8200b866>] v4l_qbuf+0x86/0xc0
2018-07-15T05:55:56.548598+00:00 gdOv kernel: [ 6681.336619]  [<ffffffff8201188b>] __video_do_ioctl+0x1fb/0x490
2018-07-15T05:55:56.548599+00:00 gdOv kernel: [ 6681.336621]  [<ffffffff82011e9b>] video_usercopy+0x37b/0x850
2018-07-15T05:55:56.548600+00:00 gdOv kernel: [ 6681.336623]  [<ffffffff82011690>] ? v4l_printk_ioctl+0x100/0x100
2018-07-15T05:55:56.548601+00:00 gdOv kernel: [ 6681.336627]  [<ffffffff820123b9>] video_ioctl2+0x49/0x80
2018-07-15T05:55:56.548602+00:00 gdOv kernel: [ 6681.336630]  [<ffffffff82005e49>] v4l2_ioctl+0xe9/0x1c0
2018-07-15T05:55:56.548604+00:00 gdOv kernel: [ 6681.336635]  [<ffffffff813152ef>] do_vfs_ioctl+0xff/0xd00
2018-07-15T05:55:56.548605+00:00 gdOv kernel: [ 6681.336637]  [<ffffffff81316046>] rap_sys_ioctl+0x76/0xe0
2018-07-15T05:55:56.548606+00:00 gdOv kernel: [ 6681.336643]  [<ffffffff825a9053>] entry_SYSCALL_64_fastpath+0x1e/0xec
2018-07-15T05:55:56.548607+00:00 gdOv kernel: [ 6681.336646]  [<ffffffff825a90ab>] ? entry_SYSCALL_64_fastpath+0x76/0xec
2018-07-15T05:55:56.628197+00:00 gdOv kernel: [ 6681.336666] Mem-Info:
2018-07-15T05:55:56.648660+00:00 gdOv kernel: [ 6681.336673] active_anon:328431 inactive_anon:129439 isolated_anon:0
2018-07-15T05:55:56.648735+00:00 gdOv kernel: [ 6681.336673]  active_file:397024 inactive_file:406863 isolated_file:0
2018-07-15T05:55:56.648744+00:00 gdOv kernel: [ 6681.336673]  unevictable:0 dirty:177 writeback:0 unstable:0
2018-07-15T05:55:56.648764+00:00 gdOv kernel: [ 6681.336673]  slab_reclaimable:725785 slab_unreclaimable:10612
2018-07-15T05:55:56.648772+00:00 gdOv kernel: [ 6681.336673]  mapped:15152 shmem:2371 pagetables:3157 bounce:0
2018-07-15T05:55:56.648777+00:00 gdOv kernel: [ 6681.336673]  free:13022 free_pcp:1229 free_cma:0
2018-07-15T05:55:56.648785+00:00 gdOv kernel: [ 6681.336681] Node 0 active_anon:1313724kB inactive_anon:517756kB active_file:1588096kB inactive_file:1627452kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:60608kB dirty:708kB writeback:0kB shmem:9484kB writeback_tmp:0kB unstable:0kB pages_scanned:51 all_unreclaimable? no
2018-07-15T05:55:56.648791+00:00 gdOv kernel: [ 6681.336684] Node 0 DMA free:13500kB min:20kB low:32kB high:44kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
2018-07-15T05:55:56.648797+00:00 gdOv kernel: [ 6681.336689] lowmem_reserve[]: 0 3371 7850 7850
2018-07-15T05:55:56.648812+00:00 gdOv kernel: [ 6681.336693] Node 0 DMA32 free:27604kB min:4864kB low:8316kB high:11768kB active_anon:701288kB inactive_anon:52688kB active_file:928612kB inactive_file:324548kB unevictable:0kB writepending:444kB present:3627120kB managed:3525856kB mlocked:0kB slab_reclaimable:1473556kB slab_unreclaimable:9312kB kernel_stack:336kB pagetables:1940kB bounce:0kB free_pcp:2196kB local_pcp:468kB free_cma:0kB
2018-07-15T05:55:56.648827+00:00 gdOv kernel: [ 6681.336698] lowmem_reserve[]: 0 0 4479 4479
2018-07-15T05:55:56.648832+00:00 gdOv kernel: [ 6681.336701] Node 0 Normal free:10984kB min:6464kB low:11048kB high:15632kB active_anon:612560kB inactive_anon:465044kB active_file:659484kB inactive_file:1302904kB unevictable:0kB writepending:264kB present:4718588kB managed:4586972kB mlocked:0kB slab_reclaimable:1429584kB slab_unreclaimable:33136kB kernel_stack:4080kB pagetables:10688kB bounce:0kB free_pcp:2632kB local_pcp:644kB free_cma:0kB
2018-07-15T05:55:56.648838+00:00 gdOv kernel: [ 6681.336706] lowmem_reserve[]: 0 0 0 0
2018-07-15T05:55:56.648965+00:00 gdOv kernel: [ 6681.336709] Node 0 DMA: 1*4kB (H) 1*8kB (H) 1*16kB (H) 1*32kB (H) 0*64kB 1*128kB (H) 0*256kB 0*512kB 1*1024kB (U) 2*2048kB (UM) 2*4096kB (M) = 13500kB
2018-07-15T05:55:56.648978+00:00 gdOv kernel: [ 6681.336721] Node 0 DMA32: 6812*4kB (UE) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 27248kB
2018-07-15T05:55:56.648983+00:00 gdOv kernel: [ 6681.336729] Node 0 Normal: 2746*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 10984kB
2018-07-15T05:55:56.648988+00:00 gdOv kernel: [ 6681.336739] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
2018-07-15T05:55:56.649007+00:00 gdOv kernel: [ 6681.336740] 807500 total pagecache pages
2018-07-15T05:55:56.649016+00:00 gdOv kernel: [ 6681.336743] 1224 pages in swap cache
2018-07-15T05:55:56.649021+00:00 gdOv kernel: [ 6681.336745] Swap cache stats: add 8914, delete 7690, find 906/999
2018-07-15T05:55:56.649026+00:00 gdOv kernel: [ 6681.336746] Free swap  = 8963844kB
2018-07-15T05:55:56.649031+00:00 gdOv kernel: [ 6681.336747] Total swap = 8997948kB
2018-07-15T05:55:56.649036+00:00 gdOv kernel: [ 6681.336749] 2090425 pages RAM
2018-07-15T05:55:56.652693+00:00 gdOv kernel: [ 6681.336751] 0 pages HighMem/MovableOnly
2018-07-15T05:55:56.652723+00:00 gdOv kernel: [ 6681.336752] 58241 pages reserved
2018-07-15T05:55:56.652726+00:00 gdOv kernel: [ 6681.336758] PAX: please report this to pageexec@freemail.hu
2018-07-15T05:55:56.652728+00:00 gdOv kernel: [ 6681.336764] BUG: unable to handle kernel NULL pointer dereference at 0000000000000004
2018-07-15T05:55:56.652730+00:00 gdOv kernel: [ 6681.337964] IP: [<ffffffff82063cea>] buffer_queue+0x4a/0x170
2018-07-15T05:55:56.652732+00:00 gdOv kernel: [ 6681.339127] PGD 14c759000 
2018-07-15T05:55:56.652735+00:00 gdOv kernel: [ 6681.339144] 
2018-07-15T05:55:56.652736+00:00 gdOv kernel: [ 6681.340285] Oops: 0002 [#1] SMP
2018-07-15T05:55:56.652738+00:00 gdOv kernel: [ 6681.341439] CPU: 3 PID: 3484 Comm: mencoder Not tainted 4.9.111-dappersec180712-15 #1
2018-07-15T05:55:56.652740+00:00 gdOv kernel: [ 6681.342650] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./970 Extreme4, BIOS P2.60 11/11/2013
2018-07-15T05:55:56.652745+00:00 gdOv kernel: [ 6681.343909] task: ffff8800d81d8c80 task.stack: ffffc90007474000
2018-07-15T05:55:56.652747+00:00 gdOv kernel: [ 6681.345181] RIP: 0010:[<ffffffff82063cea>]  [<ffffffff82063cea>] buffer_queue+0x4a/0x170
2018-07-15T05:55:56.652751+00:00 gdOv kernel: [ 6681.346496] RSP: 0018:ffffc90007477b60  EFLAGS: 00010286
2018-07-15T05:55:56.652752+00:00 gdOv kernel: [ 6681.347818] RAX: ffff880214083000 RBX: ffff880210219c00 RCX: 0000000000000000
2018-07-15T05:55:56.652754+00:00 gdOv kernel: [ 6681.349170] RDX: 0000000000000008 RSI: 0000000000000000 RDI: ffff880210219de8
2018-07-15T05:55:56.652757+00:00 gdOv kernel: [ 6681.350541] RBP: ffffc90007477b78 R08: 0000000000007a35 R09: 0000000000000000
2018-07-15T05:55:56.652759+00:00 gdOv kernel: [ 6681.351925] R10: 000000000000000b R11: 0000000000ffff0a R12: ffff8802140ad000
2018-07-15T05:55:56.652761+00:00 gdOv kernel: [ 6681.353325] R13: 8000000000000000 R14: ffffc90007477d28 R15: 00000000c058560f
2018-07-15T05:55:56.652833+00:00 gdOv kernel: [ 6681.354727] FS:  000003840dc4c700(0000) GS:ffff88021fd80000(0000) knlGS:0000000000000000
2018-07-15T05:55:56.652836+00:00 gdOv kernel: [ 6681.356127] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
2018-07-15T05:55:56.652839+00:00 gdOv kernel: [ 6681.357511] CR2: 0000000000000004 CR3: 0000000002c24000 CR4: 00000000000006f0
2018-07-15T05:55:56.652841+00:00 gdOv kernel: [ 6681.358899] Stack:
2018-07-15T05:55:56.652843+00:00 gdOv kernel: [ 6681.360257]  0000000000000001 ffff880210219c00 8000000000000000 ffffc90007477ba0
2018-07-15T05:55:56.652845+00:00 gdOv kernel: [ 6681.361657]  ffffffff82026899 ffff880214083b68 ffff880210219c00 ffffc90007477d28
2018-07-15T05:55:56.652846+00:00 gdOv kernel: [ 6681.363054]  ffffc90007477bc8 ffffffff82029e91 ffff880214083b68 ffffc90007477d28
2018-07-15T05:55:56.652849+00:00 gdOv kernel: [ 6681.364442] Call Trace:
2018-07-15T05:55:56.652852+00:00 gdOv kernel: [ 6681.365805]  [<ffffffff82026899>] __enqueue_in_driver+0xd9/0x110
2018-07-15T05:55:56.652854+00:00 gdOv kernel: [ 6681.367227]  [<ffffffff82029e91>] vb2_core_qbuf+0x1f1/0x300
2018-07-15T05:55:56.652856+00:00 gdOv kernel: [ 6681.368627]  [<ffffffff8202e24e>] vb2_qbuf+0x9e/0xe0
2018-07-15T05:55:56.652858+00:00 gdOv kernel: [ 6681.370029]  [<ffffffff8202ec89>] vb2_ioctl_qbuf+0x69/0xa0
2018-07-15T05:55:56.652860+00:00 gdOv kernel: [ 6681.371432]  [<ffffffff8200b866>] v4l_qbuf+0x86/0xc0
2018-07-15T05:55:56.652862+00:00 gdOv kernel: [ 6681.372840]  [<ffffffff8201188b>] __video_do_ioctl+0x1fb/0x490
2018-07-15T05:55:56.652864+00:00 gdOv kernel: [ 6681.374269]  [<ffffffff82011e9b>] video_usercopy+0x37b/0x850
2018-07-15T05:55:56.652866+00:00 gdOv kernel: [ 6681.375704]  [<ffffffff82011690>] ? v4l_printk_ioctl+0x100/0x100
2018-07-15T05:55:56.652868+00:00 gdOv kernel: [ 6681.377145]  [<ffffffff820123b9>] video_ioctl2+0x49/0x80
2018-07-15T05:55:56.652870+00:00 gdOv kernel: [ 6681.378573]  [<ffffffff82005e49>] v4l2_ioctl+0xe9/0x1c0
2018-07-15T05:55:56.694832+00:00 gdOv kernel: [ 6681.379971]  [<ffffffff813152ef>] do_vfs_ioctl+0xff/0xd00
2018-07-15T05:55:56.694965+00:00 gdOv kernel: [ 6681.381329]  [<ffffffff81316046>] rap_sys_ioctl+0x76/0xe0
2018-07-15T05:55:56.694978+00:00 gdOv kernel: [ 6681.382648]  [<ffffffff825a9053>] entry_SYSCALL_64_fastpath+0x1e/0xec
2018-07-15T05:55:56.694983+00:00 gdOv kernel: [ 6681.383980]  [<ffffffff825a90ab>] ? entry_SYSCALL_64_fastpath+0x76/0xec
2018-07-15T05:55:56.694988+00:00 gdOv kernel: [ 6681.385305] Code: ff ff cc cc cc cc cc cc cc cc 48 8b 03 8b b3 18 02 00 00 48 8d bb e8 01 00 00 48 8b 8b 08 02 00 00 48 8b 40 48 8d 56 08 4c 8b 20 <89> 51 04 48 8b 93 10 02 00 00 c7 02 00 00 01 70 8b b3 18 02 00 
2018-07-15T05:55:56.694994+00:00 gdOv kernel: [ 6681.388316] RIP  [<ffffffff82063cea>] buffer_queue+0x4a/0x170
2018-07-15T05:55:56.695000+00:00 gdOv kernel: [ 6681.389773]  RSP <ffffc90007477b60>
2018-07-15T05:55:56.695004+00:00 gdOv kernel: [ 6681.391200] CR2: 0000000000000004
2018-07-15T05:55:56.695008+00:00 gdOv kernel: [ 6681.398524] ---[ end trace 2b9981a520ef9742 ]---
2018-07-15T05:55:56.695013+00:00 gdOv kernel: [ 6681.398528] grsec: banning user with uid 1000 until system restart for suspicious kernel crash

A lot of info there, for experts, I would say.

2018-07-15T05:55:56.695071+00:00 gdOv kernel: [ 6681.458821] grsec: (root:U:/usr/sbin/rsyslogd) denied access to hidden file /dev/tty6 by /usr/sbin/rsyslogd[rs:main Q:Reg:2328] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:56.695081+00:00 gdOv kernel: [ 6681.458875] grsec: (root:U:/usr/sbin/rsyslogd) denied access to hidden file /dev/tty5 by /usr/sbin/rsyslogd[rs:main Q:Reg:2328] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:56.695121+00:00 gdOv kernel: [ 6681.458928] grsec: (root:U:/usr/sbin/rsyslogd) denied access to hidden file /dev/pts/0 by /usr/sbin/rsyslogd[rs:main Q:Reg:2328] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:56.695131+00:00 gdOv kernel: [ 6681.458970] grsec: (root:U:/usr/sbin/rsyslogd) denied access to hidden file /dev/pts/1 by /usr/sbin/rsyslogd[rs:main Q:Reg:2328] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:56.695136+00:00 gdOv kernel: [ 6681.459066] grsec: (root:U:/usr/sbin/rsyslogd) denied access to hidden file /dev/pts/5 by /usr/sbin/rsyslogd[rs:main Q:Reg:2328] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:56.695141+00:00 gdOv kernel: [ 6681.459114] grsec: (root:U:/usr/sbin/rsyslogd) denied access to hidden file /dev/pts/7 by /usr/sbin/rsyslogd[rs:main Q:Reg:2328] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:56.695146+00:00 gdOv kernel: [ 6681.459171] grsec: (root:U:/usr/sbin/rsyslogd) denied access to hidden file /dev/pts/10 by /usr/sbin/rsyslogd[rs:main Q:Reg:2328] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
2018-07-15T05:55:56.695151+00:00 gdOv kernel: [ 6681.459211] grsec: more alerts, logging disabled for 10 seconds
2018-07-15T05:55:56.837668+00:00 gdOv kernel: [ 6681.641877] grsec: (root:U:/sbin/agetty) exec of /sbin/agetty (/sbin/getty 38400 tty6 ) by /sbin/agetty[init:3489] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:00:01.922571+00:00 gdOv kernel: [ 6926.724877] grsec: (clamav:U:/) chdir to /var/lib/clamav by /usr/sbin/cron[cron:3496] uid/euid:101/101 gid/egid:105/105, parent /usr/sbin/cron[cron:3494] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:00:01.922580+00:00 gdOv kernel: [ 6926.724969] grsec: (clamav:U:/) denied access to hidden file /bin/sh by /usr/sbin/cron[cron:3496] uid/euid:101/101 gid/egid:105/105, parent /usr/sbin/cron[cron:3494] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:00:01.922582+00:00 gdOv kernel: [ 6926.725049] grsec: (clamav:U:/) denied access to hidden file /etc/locale.alias by /usr/sbin/cron[cron:3496] uid/euid:101/101 gid/egid:105/105, parent /usr/sbin/cron[cron:3494] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:00:01.924561+00:00 gdOv kernel: [ 6926.727410] grsec: (www-data:U:/) chdir to /var/www by /usr/sbin/cron[cron:3497] uid/euid:33/33 gid/egid:33/33, parent /usr/sbin/cron[cron:3495] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:00:01.924570+00:00 gdOv kernel: [ 6926.727560] grsec: (www-data:U:/bin/dash) exec of /bin/dash (/bin/sh -c if test -f /var/lib/lurker/db; then /usr/bin/lurker-prune; fi ) by /bin/dash[cron:3497] uid/euid:33/33 gid/egid:33/33, parent /usr/sbin/cron[cron:3495] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:00:01.956874+00:00 gdOv kernel: [ 6926.759421] grsec: (www-data:U:/usr/bin/lurker-prune) exec of /usr/bin/lurker-prune (/usr/bin/lurker-prune ) by /usr/bin/lurker-prune[sh:3498] uid/euid:33/33 gid/egid:33/33, parent /bin/dash[sh:3497] uid/euid:33/33 gid/egid:33/33
2018-07-15T06:00:02.032622+00:00 gdOv kernel: [ 6926.834953] grsec: (www-data:U:/usr/bin/lurker-prune) chdir to /var/lib/lurker by /usr/bin/lurker-prune[lurker-prune:3498] uid/euid:33/33 gid/egid:33/33, parent /bin/dash[sh:3497] uid/euid:33/33 gid/egid:33/33

This was, clearly, grsec banning me, normal user (user with uid 1000), and allowing what remains of the system to run, such as the the lurker cron script above... But of course, mechanical reboot the only recourse, and the below is what grsec set up like I set it up (with exec_logging and audit_chroot) leaves in the logs of the the very start of the booting sequence (starts too late).

[ 5 lines cut here ]

2018-07-15T06:03:49.934030+00:00 gdOv kernel: [   49.574887] grsec: exec of /bin/run-parts (/bin/run-parts --exit-on-error /etc/network/if-up.d ) by /bin/run-parts[sh:1594] uid/euid:0/0 gid/egid:0/0, parent /bin/dash[sh:1593] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:03:49.934293+00:00 gdOv kernel: [   49.575746] grsec: exec of /etc/network/if-up.d/clamav-freshclam-ifupdown (/etc/network/if-up.d/clamav-freshclam-ifupdown ) by /etc/network/if-up.d/clamav-freshclam-ifupdown[run-parts:1595] uid/euid:0/0 gid/egid:0/0, parent /bin/run-parts[run-parts:1594] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:03:49.934306+00:00 gdOv kernel: [   49.576946] grsec: exec of /etc/network/if-up.d/ethtool (/etc/network/if-up.d/ethtool ) by /etc/network/if-up.d/ethtool[run-parts:1596] uid/euid:0/0 gid/egid:0/0, parent /bin/run-parts[run-parts:1594] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:03:49.934321+00:00 gdOv kernel: [   49.579769] grsec: exec of /bin/sed (sed -n  /^IF_ETHERNET_PAUSE_[A-Za-z0-9_]*=/ {     h;                             # hold line     s/^IF_ETHERNET_PAUSE_//; s/=.*/) by /bin/sed[ethtool:1599] uid/euid:0/0 gid/egid:0/0, parent /etc/network/if-up.d/ethtool[ethtool:1597] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:03:49.934331+00:00 gdOv kernel: [   49.582497] grsec: exec of /bin/sed (sed -n  /^IF_HARDWARE_IRQ_COALESCE_[A-Za-z0-9_]*=/ {     h;                             # hold line     s/^IF_HARDWARE_IRQ_COALE) by /bin/sed[ethtool:1602] uid/euid:0/0 gid/egid:0/0, parent /etc/network/if-up.d/ethtool[ethtool:1600] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:03:49.934336+00:00 gdOv kernel: [   49.585007] grsec: exec of /bin/sed (sed -n  /^IF_HARDWARE_DMA_RING_[A-Za-z0-9_]*=/ {     h;                             # hold line     s/^IF_HARDWARE_DMA_RING_//; ) by /bin/sed[ethtool:1605] uid/euid:0/0 gid/egid:0/0, parent /etc/network/if-up.d/ethtool[ethtool:1603] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:03:49.934340+00:00 gdOv kernel: [   49.587729] grsec: exec of /bin/sed (sed -n  /^IF_OFFLOAD_[A-Za-z0-9_]*=/ {     h;                             # hold line     s/^IF_OFFLOAD_//; s/=.*//; s/_/-/g;  #) by /bin/sed[ethtool:1608] uid/euid:0/0 gid/egid:0/0, parent /etc/network/if-up.d/ethtool[ethtool:1606] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:03:49.934344+00:00 gdOv kernel: [   49.590661] grsec: exec of /etc/network/if-up.d/mountnfs (/etc/network/if-up.d/mountnfs ) by /etc/network/if-up.d/mountnfs[run-parts:1609] uid/euid:0/0 gid/egid:0/0, parent /bin/run-parts[run-parts:1594] uid/euid:0/0 gid/egid:0/0
2018-07-15T06:03:49.934358+00:00 gdOv kernel: [   49.593411] grsec: exec of /bin/cat (cat /proc/cmdline ) by /bin/cat[mountnfs:1610] uid/euid:0/0 gid/egid:0/0, parent /etc/network/if-up.d/mountnfs[mountnfs:1609] uid/euid:0/0 gid/egid:0/0

[miroR]

Now, this bug just calls for solving it! This, Aristotelian logic of premises and coclusions (the bug is not in 4.9.107, which I have to run today, as I'm not risking my watching of my country Croatia finals in the Football World Cup, so I can't test till at least a few hours from now (but I assure you I will do my best afterwards: approximately half of my time for a few days from now I can dedicate to testing, if there are the owner and other devs (link @minipli and @HacKurx) to look into this)...

If it is needed, I can try and wrap what I posted, it it would make for easier reading, just say!

I'll now, in slow time, try and relate this same bug in minipli's grsecunoff, as I did have this bug with his kernel, much earlier.

[miroR]

The 4.9.111-dappersec180712-15 is for-my-hardware-only kernel, not the all-modules that I upload for everybody to use. I'll try and find more previous resources in regard (in slow time).

[theLOICofFRANCE]

@miroR

I have to run today, as I'm not risking my watching of my country Croatia finals in the Football World Cup

Sorry but it's my country the winner :p

For all your different problems, you must indicate the version that caused the problem in order to find the commit that poses problem. This will allow us to compare a functional version and the problem version.

Now, we should not expect its next resolution because we need time to understand everything.

On my side if it continues, I will see to maintain a few grsec patches and abandon my searching on PaX. Besides, I'm not sure Spender is capable of maintaining PaX over the long term without PaX Team... Pipacs is truly a prodigious and talented genius!

[miroR]

@miroR

...as I'm not risking my watching of my country Croatia finals in the Football World Cup

@HacKurx

Sorry but it's my country the winner :p

Congratulations for having won against such a team as ours! You the French were the sole ones who beat us after our long series of victories.

For all your different problems, you must indicate the version that caused the problem in order to find the commit that poses problem. This will allow us to compare a functional version and the problem version.

It's the 4.9.107 dappesec that I was able to do all and everything that I do on that system (up until yesterday, a note is below) that I had bugs/something-else-that-it-is on that questionable system of mine, and I got this mencoder bug on 4.9.111 dappersec. The versions are even in the title.... But I did think it must be somehow traceable to grsecunoff (the minipli's)...

Now, we should not expect its next resolution because we need time to understand everything. I know...

I'm not sure Spender is capable of maintaining PaX over the long term without PaX Team... Pipacs is truly a prodigious and talented genius!

Surely so. But what are you saying? That they parted company? That they do not work together any longer like they always have?

I wrote above "up until yesterday"... I owe explanation, but allow me to do it later.

[miroR]

@HacKurx wrote previously:

I'm not sure Spender is capable of maintaining PaX over the long term without PaX Team...

I just checked (with the DuckDuck go search engine). No news like what you seem to be implying....

[matthewruffell]

As far as I am aware, Pipacs is working along with Spender on the current grsec patches. If you read the grsecurity twitter feed, Spender talks about the long nights / working round the clock by both himself and Pipacs to keep their customers safe from the Meltdown and Spectre attacks. Pretty dedicated people. Although, that's exactly what you want in that field of work.

It was announced on the passing the baton post that there won't be any more public releases of PaX (by itself) or any more releases of grsecurity (PaX + the other great fixes and mitigations). That's why we haven't seen any more releases of PaX from this url: https://grsecurity.net/~paxguy1/

So, for now, unless you know something that the world does not, I'm pretty sure they are still working together as usual.

Anyway, @miroR do you get this bug all the time, or was it just a one off? Have you tried 4.9.113? I've been running 4.9.111-> 4.9.113 without issues. There hasn't been a huge amount of changes to memory management from 4.9.111 onwards, so I can't easily say what happened.

[theLOICofFRANCE]

@miroR

It's the 4.9.107 dappesec that I was able to do all and everything that I do on that system (up until yesterday, a note is below) that I had bugs/something-else-that-it-is on that questionable system of mine, and I got this mencoder bug on 4.9.111 dappersec. The versions are even in the title....

The difference is important between version 4.9.107 and 4.9.111. Do you have the problem with version 4.9.108?

I'm not sure Spender is capable of maintaining PaX over the long term without PaX Team...

My sentence is confusing. Sorry. I mean, if he had to leave.

[theLOICofFRANCE]

Maybe that: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/drivers/media/v4l2-core/v4l2-compat-ioctl32.c?id=v4.9.111&id2=v4.9.107

EDIT: For information, in linux 4.9.111 with commit 1e6b50b6b68e25a8ff972a1e1279a40cd7adc4fd

As warned by smatch:
        drivers/media/v4l2-core/v4l2-compat-ioctl32.c:879 put_v4l2_ext_controls32() warn: check for integer overflow 'count'

The access_ok() logic should check for too big arrays too.

@miroR can you reverse that in 4.9.111 to see.

You the French were the sole ones who beat us after our long series of victories.

Congratulations anyway because now the world knows Croatia!

[miroR]

@msr50 wrote:

Anyway, @miroR do you get this bug all the time, or was it just a one off? Have you tried 4.9.113? I've been running 4.9.111-> 4.9.113 without issues. There hasn't been a huge amount of changes to memory management from 4.9.111 onwards, so I can't easily say what happened.

No, I've had very long bug-free time with 4.9.107, and that one that I mentioned, but not posted yet --and it was some page allocation failure, not the mencoder, at least in the Call Trace it said so-- was a one-off with that 4.9.107...

Been busy, so pls. forgive the delay, and allow for some more delay.

But I will try and test the 4.9.113 (or anyway the latest there will be when I can do the testing, hopefully sooner than later).

[miroR]

@HacKurx wrote:

Maybe that: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/drivers/media/v4l2-core/v4l2-compat-ioctl32.c?id=v4.9.111&id2=v4.9.107

EDIT: For information, in linux 4.9.111 with commit 1e6b50b6b68e25a8ff972a1e1279a40cd7adc4fd

As warned by smatch: drivers/media/v4l2-core/v4l2-compat-ioctl32.c:879 put_v4l2_ext_controls32() warn: check for integer overflow 'count'

The access_ok() logic should check for too big arrays too.

Umpf! That looks like time to find to delve into C... but for real... No time now... Very attractive it tastes to me, but no time right now...

But thanks for looking into it!

In fact, if there shows to be a no go, because of that --i.e. newer kernels don't work, like 4.9.107 works-- than sooner than later I will have to delve into C tutorials...

It's not impossible for me at this stage. Look up what I did to a complex program Chaosreader... Here: https://github.com/miroR/stream-cont

But that will be days on end doing nothing but C...

Ah, sorry for my excessive rambling...