Uncategorized

Issues with hardened-sources-2.6.28-r9

unocode_pnz3cj

I recently upgraded kernel on one of my servers from hardened-sources-2.6.28-r7 to hardened-sources-2.6.28-r9 and immediately had problems after reboot. Rebooting that server, I was greeted with the following message:


Booting 'Gentoo (bzImage-2.6.28-hardened-r9)'

root (hd0,0)
Filesystem type is ext2fs, partition type 0x83
kernel (hd0,0)/boot/bzImage-2.6.28-hardened-r9 root=/dev/sda4
[Linux-bzImaeg, setup=0x2a00, size=0x165990]

Decompressing Linux... Parsing ELF... done.
Booting the kernel.

I went ahead and posted this issue to the Gentoo forum and worked on a few ideas how to remedy this. You can follow that thread here:
http://forums.gentoo.org/viewtopic-p-5762324.html

I noticed that the hardened-source ChangeLog mentioned the following:

I recently upgraded kernel on one of my servers from hardened-sources-2.6.28-r7 to hardened-sources-2.6.28-r9 and immediately had problems after reboot. Rebooting that server, I was greeted with the following message:


Booting 'Gentoo (bzImage-2.6.28-hardened-r9)'

root (hd0,0)
Filesystem type is ext2fs, partition type 0x83
kernel (hd0,0)/boot/bzImage-2.6.28-hardened-r9 root=/dev/sda4
[Linux-bzImaeg, setup=0x2a00, size=0x165990]

Decompressing Linux... Parsing ELF... done.
Booting the kernel.

I went ahead and posted this issue to the Gentoo forum and worked on a few ideas how to remedy this. You can follow that thread here:
http://forums.gentoo.org/viewtopic-p-5762324.html

I noticed that the hardened-source ChangeLog mentioned the following:


*hardened-sources-2.6.28-r9 (25 May 2009)

25 May 2009; Gordon Malm <gengor@gentoo.org>
-hardened-sources-2.6.28-r8.ebuild, +hardened-sources-2.6.28-r9.ebuild:
Fix x86-32 boot failure (regression vs. 2.6.28-r7).

I figured this was a good place to start. Looking at bugs, I found two bugs that could be related to my problem, since I am using PAX on my kernel.
http://bugs.gentoo.org/show_bug.cgi?id=271871
http://bugs.gentoo.org/show_bug.cgi?id=264617

I disabled a few PAX features and also went ahead and disabled all PAX support without any signs of improving. It was also suggested that I rebuild my /boot partition due to potential fragmentation. The partition was original +80% used. I cleaned out some boot images and rebuilt the filesystem in /boot, and again.. no improvement.

I’m suspecting that the is something completely hosed in the ebuild, or upstream source. I’ll keep my eyes open in bugs in the meantime. If I don’t see any more chatter regarding this, I’ll post a bug.