Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 19 Dec 2018 11:35:27 +0100
From: bryn1u85 <m.bryn1u@...il.com>
To: lkrg-users@...ts.openwall.com
Subject: Re: insmod: ERROR: could not insert module p_lkrg.ko: No
 buffer space available

My output.

[root@...alhost lkrg-main]# dmesg | tail -20
[    3.836920] cryptd: max_cpu_qlen set to 1000
[    3.851179] AVX2 version of gcm_enc/dec engaged.
[    3.851180] AES CTR mode by8 optimization enabled
[    3.905981] EXT4-fs (vda1): mounted filesystem with ordered data mode.
Opts: (null)
[    4.125758] Adding 7077884k swap on /dev/mapper/centos-swap.
Priority:-2 extents:1 across:7077884k FS
[    4.757109] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[   11.546012] random: crng init done
[   11.546017] random: 7 urandom warning(s) missed due to ratelimiting
[  296.265199] p_lkrg: loading out-of-tree module taints kernel.
[  296.265283] p_lkrg: module verification failed: signature and/or
required key missing - tainting kernel
[  296.266610] [p_lkrg] Loading LKRG...
[  296.302774] [p_lkrg] Can't initialize exploit detection features!
Exiting...
[  315.920095] [p_lkrg] Loading LKRG...
[  315.950728] [p_lkrg] Can't initialize exploit detection features!
Exiting...
[  342.557674] [p_lkrg] Loading LKRG...
[  342.589567] [p_lkrg] Can't initialize exploit detection features!
Exiting...
[41040.104115] [p_lkrg] Loading LKRG...
[41040.117676] [p_lkrg] [kretprobe] register_kretprobe() for
<__x64_sys_execve> failed! [err=-38]
[41040.118335] [p_lkrg] ERROR: Can't hook execve syscall :(
[41040.139079] [p_lkrg] Can't initialize exploit detection features!
Exiting...
[root@...alhost lkrg-main]#


śr., 19 gru 2018 o 03:51 Adam Zabrocki <pi3@....com.pl> napisał(a):

> On Tue, Dec 18, 2018 at 09:03:44PM +0100, bryn1u85 wrote:
> > hey guys,
> >
> > I recompiled kernel to kernel-4.19.10. After that im trying to run lkrg
> but
> > im getting errors like below:
> >
> >
> > [root@...alhost output]# insmod p_lkrg.ko
> > insmod: ERROR: could not insert module p_lkrg.ko: No buffer space
> available
> > [root@...alhost output]#
> >
> > [   97.954081] p_lkrg: loading out-of-tree module taints kernel.
> > [   97.954346] p_lkrg: module verification failed: signature and/or
> > required key missing - tainting kernel
> > [   97.955845] [p_lkrg] Loading LKRG...
> > [   97.990086] [p_lkrg] Can't initialize exploit detection features!
> > Exiting...
> > [root@...alhost output]#
> >
> > What can i do in this situation ?
> > Thanks !
>
> Hi,
>
> I believe you've already asked the same question a few times.
> Alexander replied to you here:
>
> https://www.openwall.com/lists/lkrg-users/2018/12/06/1
>
> Additionally, that can be useful for you too:
>
>
> https://forums.gentoo.org/viewtopic-p-8247498.html?sid=72c22d571ef610bb77a41150177a2939#8247498
>
> In short:
>
> "For the future reference, if you would like to know why LKRG fails
> initialization you can try this simple scenario:
> LKRG module has a parameter p_init_log_level which defines default
> log_level
> which is going to be used during initialization. You can read more about
> log_level option (and in general about communication channel) here:
>
> https://openwall.info/wiki/p_lkrg/Examples#Communication-channel
>
> In short it might be a number between 0-4 or 0-6 (if debugging compilation
> was
> used). If LKRG fails initialization I'm suggesting to use at least
> number 4 for this parameter (e.g. # insmod p_lkrg.ko p_init_log_level=4).
> It
> will give more information about the root of the problem. If debug option
> is
> enabled number 5 and 6 is also available but you need to be carefully
> using it
> to not spam the kernel with too many logs."
>
> Thanks,
> Adam
>
> --
> pi3 (pi3ki31ny) - pi3 (at) itsec pl
> http://pi3.com.pl
>

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.