You are not logged in.

#1 2015-12-24 21:33:04

Amanda S
Member
Registered: 2013-09-21
Posts: 276
Website

X-Plane/GRSEC/Firejail Crash

Recently I've been unable to exit X-Plane because by doing so my entire system will freeze. No Ctrl+Alt+F1, no Ctrl+Alt+Del, nothing solves it. The worse part is that my X-Plane's Log.txt has no information of the problem as the last lines are always "shutting down".

I suspect of three main causes: either Firejail's problem; grsecurity's problem; or X-Plane's problem. Or all together.


Things to consider about Firejail:

Firejail was my first suspicion (although not likely) because it has had a history or problems related to pulseaudio, in which applications would crash because of pulseaudio. This isn't a Firejail bug, but a pulseaudio bug.
However, I already applied the fix, and X-Plane is the only program with problems.


Things to consider about GRSecurity:


I haven't had any problems with grsec and programs in the past. I always disable the "MPROTEC" Kernel protection that stops programs from injecting new executable code into the memory. This protection only works at START, when programs are opened, and NOT when they exit.

However, even after disabling all kernel protections for X-Plane (PEMRS), the Sim still crashes my system at exit.

However (2), there are these interesting lines at journalctl:

Dec 24 15:36:26 amarildo kernel: RIP  [<ffffffff8b0b1238>] mutex_optimistic_spin+0x48/0x1c0
Dec 24 15:36:26 amarildo kernel:  RSP <ffffc90007cab820>
Dec 24 15:36:26 amarildo kernel: ---[ end trace ff9d409d9db085d8 ]---
Dec 24 15:36:26 amarildo kernel: grsec: banning user with uid 1000 until system restart for suspicious kernel crash
Dec 24 15:36:26 amarildo kernel: Fixing recursive fault but reboot is needed!
-- Reboot --

This could indicate that GRSecurity is picking illegal activities comming from X-Plane.

Another thing to consider is that this could be a grsecurity problem, although not likely. I can't be 100% sure about this, but this problem started to happen after this recent GRSec Kernel. The older one, which I don't remember the number but is easy to track down, worked OK.

However, why would only X-Plane have problems with it?

Also, I'm not sure X-Plane is compatible with Kernel 4.3.3.


Things to consider about X-Plane:

I also noticed my firewall picking up UDP traffic trying to come in while I played X-Plane. This traffic is DENIED, only selected ports are allowed to function.

Here's the journalctl lines (there are hundreds of these):

15:35:38 amarildo kernel: RULE 21 -- DENY IN= OUT=enp0s7 SRC=187.XXX.XXX.XX DST=239.255.1.1 LEN=58 TOS=0x00 PREC=0x00 TTL=1 ID=48105

Here is the Firewall line that says "after the allowed traffic, all other attempts are denied":

# ALL UDP
iptables -N RULE_21
iptables -A OUTPUT -p udp -m udp  -j RULE_21
iptables -A INPUT -p udp -m udp  -j RULE_21
iptables -A RULE_21  -j LOG  --log-level info --log-prefix "RULE 21 -- DENY "
iptables -A RULE_21  -j DROP

--------------------------------------------------------------------------------------

My Setup:



    - Arch Linux, fully up-to-date;

    - X-Plane running from Steam, all files verified to be intact;

    - Radeon drivers. Using "--force_run" command. These drivers have better performance than proprietary Catalyst;

    - AMD R9 270X;

    - Kernel: Linux amarildo 4.3.3.201512222129-1-grsec #1 SMP PREEMPT Wed Dec 23 02:03:09 EST 2015 x86_64 GNU/Linux;

    - MATE Desktop Environment;

    - KDE 5 is installed too, though I rarely use it;


Mesa:

[root@amarildo ~]# pacman -Qs mesa
local/glu 9.0.0-4
    Mesa OpenGL Utility library
local/lib32-glu 9.0.0-3
    Mesa OpenGL utility library (32 bits)
local/lib32-libtxc_dxtn 1.0.1-5
    S3 Texture Compression (S3TC) library for Mesa (32-bit)
local/lib32-mesa 11.1.0-1
    an open-source implementation of the OpenGL specification (32-bit)
local/lib32-mesa-libgl 11.1.0-1
    Mesa 3-D graphics library (32-bit)
local/lib32-mesa-vdpau 11.1.0-1
    Mesa VDPAU drivers (32-bit)
local/libtxc_dxtn 1.0.1-6
    S3 Texture Compression (S3TC) library for Mesa
local/mesa 11.1.0-1
    an open-source implementation of the OpenGL specification
local/mesa-libgl 11.1.0-1
    Mesa 3-D graphics library
local/mesa-vdpau 11.1.0-1
    Mesa VDPAU drivers
[root@amarildo ~]#

I'm copying a few things ATM, but at the end I'll make my system crash again. Then, I'll post the Log.txt so you guys can look at it.

The last thing to consider:

This is my second system install since the problem. After re-installing the system once, I tried to reproduce the problem: Having multiple firejail sandboxes opened, grsec in place with only the MPROTEC disabled for X-Plane, etc. Didn't happen, the Sim ran fine. Somewhere, after re-installing the system again, something must have caused this to happen, either a program or a configuration, I don't know. I'll re-install everything again and try to see where the problem is. This will take several hours so I appreciate your help in the mean time.


Cheers.

Last edited by Amanda S (2015-12-24 22:35:59)


If it ain't broke, you haven't tweaked it enough...

Offline

#2 2015-12-24 21:52:45

2ManyDogs
Forum Fellow
Registered: 2012-01-15
Posts: 4,648

Re: X-Plane/GRSEC/Firejail Crash

You will get better help if you change your thread title to something that better describes the actual problem.

https://wiki.archlinux.org/index.php/Fo … ow_to_post

Choose clear, informative subjects. This is more likely to elicit response from experienced users who have knowledge about that particular topic. It also makes the topic easy to reference and find in forum searches by future users with similar problems. Further, avoid extraneous phrases such as [HELP!], [URGENT], etc.

Last edited by 2ManyDogs (2015-12-24 21:55:23)

Offline

#3 2015-12-24 21:55:17

Amanda S
Member
Registered: 2013-09-21
Posts: 276
Website

Re: X-Plane/GRSEC/Firejail Crash

2ManyDogs wrote:

You will get better help if you change your thread title to something that better describes the actual problem.

I actually don't know what the problem is. Do you have any suggestions to a title?


If it ain't broke, you haven't tweaked it enough...

Offline

#4 2015-12-24 21:57:34

2ManyDogs
Forum Fellow
Registered: 2012-01-15
Posts: 4,648

Re: X-Plane/GRSEC/Firejail Crash

You are apparently having a problem with X-plane, which you suspect is related to firejail and/or grsecurity. Adding any or all of those to the title (and removing "AWFUL DEADLY") would be a start.

You also appear to think this might be a kernel problem. Have you tried the mainline kernel, or the lts kernel?

Or because you think it worked before the grsec kernel upgrade, you could try downgrading it. https://wiki.archlinux.org/index.php/Do … g_packages

Last edited by 2ManyDogs (2015-12-24 22:21:15)

Offline

#5 2015-12-24 22:34:06

Amanda S
Member
Registered: 2013-09-21
Posts: 276
Website

Re: X-Plane/GRSEC/Firejail Crash

2ManyDogs wrote:

You are apparently having a problem with X-plane, which you suspect is related to firejail and/or grsecurity. Adding any or all of those to the title (and removing "AWFUL DEADLY") would be a start.

You also appear to think this might be a kernel problem. Have you tried the mainline kernel, or the lts kernel?

Or because you think it worked before the grsec kernel upgrade, you could try downgrading it. https://wiki.archlinux.org/index.php/Do … g_packages

OK.

Yes, I'll test things in a minute. I'm backing up things so I can start over after zeroing my drive.


If it ain't broke, you haven't tweaked it enough...

Offline

#6 2015-12-25 00:06:00

Amanda S
Member
Registered: 2013-09-21
Posts: 276
Website

Re: X-Plane/GRSEC/Firejail Crash

Interesting. I always do backups of my MBR's. After zeroing my drive a new partition table and label were created, different from the ones that were used when I made backups of X-Plane. I edited my disk label with fdisk to match the previous one, and now it's not crashing. I wouldn't think X-Plane has this kind of DRM, I mean, it should use Steam's DRM.

I can't confirm that this is the fix.


If it ain't broke, you haven't tweaked it enough...

Offline

#7 2015-12-25 17:27:01

Amanda S
Member
Registered: 2013-09-21
Posts: 276
Website

Re: X-Plane/GRSEC/Firejail Crash

Yesterday I noticed X-Plane didn't crash, but Pulse did. So I guess this is a combo of the three after all: Firejail and Pulseaudio get in conflict, X-Plane might need something from Pulse and doesn't find  it, so it makes an illegal action in the eyes of GRSecurity, and I get screwed.

I'll re-install the system from scratch. I decided to ditch Firejail completely and will now use KVM for virtual machines/sandboxing (with qemu).

I'm not sure this thread is solved so I'm not marking it as so at this moment. We'll see how it goes.


If it ain't broke, you haven't tweaked it enough...

Offline

Board footer

Powered by FluxBB