Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel Topic is solved

Add-ons for Pale Moon and other applications
General discussion, compatibility, contributed extensions, themes, plugins, and more.

Moderators: FranklinDM, Lootyhoof

miroR
Fanatic
Fanatic
Posts: 116
Joined: 2016-05-31, 19:22

Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel

Unread post by miroR » 2018-02-20, 20:55

title: Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel
---
EDIT 2018-02-21 05:01+00:00 s/ublocko/uBlock0/ and variants of it corrections. The copy/pasting now works verbatim for getting and on the tcp.stream.
---
Freshly compiled Pale Moon, see:
Building Pale Moon on Devuan fails
viewtopic.php?f=57&t=15751&p=135172#p135172

Code: Select all

root@gdOv:/usr/lib/palemoon# ls -l
total 90208
-rw-r--r-- 1 root root      452 2018-02-01 21:25 application.ini
drwxr-xr-x 7 root root     4096 2018-02-18 21:24 browser
-rw-r--r-- 1 root root       40 2018-02-01 21:25 chrome.manifest
drwxr-xr-x 2 root root     4096 2018-02-18 21:24 components
drwxr-xr-x 3 root root     4096 2017-07-07 16:00 defaults
-rw-r--r-- 1 root root      188 2018-02-01 21:25 dependentlibs.list
drwxr-xr-x 2 root root     4096 2018-02-18 21:24 dictionaries
-rw-r--r-- 1 root root      899 2018-02-01 21:25 libfreeblpriv3.chk
-rw-r--r-- 1 root root   498144 2018-02-01 21:25 libfreeblpriv3.so
-rw-r--r-- 1 root root 10965904 2018-02-01 21:25 libicudata.so.58
-rw-r--r-- 1 root root  2022040 2018-02-01 21:25 libicui18n.so.58
-rw-r--r-- 1 root root  1419976 2018-02-01 21:25 libicuuc.so.58
-rw-r--r-- 1 root root    10440 2018-02-01 21:25 libmozalloc.so
-rw-r--r-- 1 root root  7266608 2018-02-01 21:25 libmozjs.so
-rw-r--r-- 1 root root   833528 2018-02-01 21:25 libmozsqlite3.so
-rw-r--r-- 1 root root   244632 2018-02-01 21:25 libnspr4.so
-rw-r--r-- 1 root root   997016 2018-02-01 21:25 libnss3.so
-rw-r--r-- 1 root root   599776 2018-02-01 21:25 libnssckbi.so
-rw-r--r-- 1 root root      899 2018-02-01 21:25 libnssdbm3.chk
-rw-r--r-- 1 root root   117728 2018-02-01 21:25 libnssdbm3.so
-rw-r--r-- 1 root root   175464 2018-02-01 21:25 libnssutil3.so
-rw-r--r-- 1 root root    18648 2018-02-01 21:25 libplc4.so
-rw-r--r-- 1 root root    14456 2018-02-01 21:25 libplds4.so
-rw-r--r-- 1 root root   139912 2018-02-01 21:25 libsmime3.so
-rw-r--r-- 1 root root      899 2018-02-01 21:25 libsoftokn3.chk
-rw-r--r-- 1 root root   217168 2018-02-01 21:25 libsoftokn3.so
-rw-r--r-- 1 root root   262496 2018-02-01 21:25 libssl3.so
-rw-r--r-- 1 root root 58018912 2018-02-01 21:25 libxul.so
-rw-r--r-- 1 root root  7629688 2018-02-01 21:25 omni.ja
-rwxr-xr-x 1 root root   416968 2018-02-01 21:25 palemoon
-rw-r--r-- 1 root root       47 2018-02-01 21:25 platform.ini
-rwxr-xr-x 1 root root   400536 2018-02-01 21:25 plugin-container
-rw-r--r-- 1 root root      711 2018-02-01 21:25 removed-files
-rwxr-xr-x 1 root root     8915 2018-01-29 09:49 run-mozilla.sh
root@gdOv:/usr/lib/palemoon#
It wouldn't work out of the box, it's a grsecurity-hardened kernel based system.

As usual these:
# ls -ABRgo palemoon plugin-container

Code: Select all

-rwxr-xr-x 1 416968 2018-02-01 21:25 palemoon
-rwxr-xr-x 1 400536 2018-02-01 21:25 plugin-container
#
will need to be allowed more slack:

Code: Select all

# paxctl -v palemoon plugin-container
PaX control v0.9
Copyright 2004,2005,2006,2007,2009,2010,2011,2012,2014 PaX Team <pageexec@freemail.hu>

file palemoon does not have a PT_PAX_FLAGS program header, try conversion
file plugin-container does not have a PT_PAX_FLAGS program header, try conversion
root@gdOv:/usr/lib/palemoon# paxctl -c palemoon plugin-container
file palemoon had a PT_GNU_STACK program header, converted
file plugin-container had a PT_GNU_STACK program header, converted
# paxctl -v palemoon plugin-container
PaX control v0.9
Copyright 2004,2005,2006,2007,2009,2010,2011,2012,2014 PaX Team <pageexec@freemail.hu>

- PaX flags: -------x-e-- [palemoon]
        RANDEXEC is disabled
        EMUTRAMP is disabled
- PaX flags: -------x-e-- [plugin-container]
        RANDEXEC is disabled
        EMUTRAMP is disabled
#
That wouldn't work. Here, to be in the clear about it (not everybody is familiar with grsecurity [1]):

Code: Select all

mr@gdOv:~$ strace -tt -s128 -o ~mr/strace.d/palemoon_$(date +%y%m%d_%H%M%S)_O palemoon
Segmentation fault
mr@gdOv:~$
And in the /var/log/kern.log:

Code: Select all

Feb 20 09:38:01 gdOv kernel: [256672.320749] grsec: (mr:U:/) exec of /bin/date (date +%y%m%d_%H%M%S ) by /bin/date[bash:19681] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 09:38:01 gdOv kernel: [256672.329813] grsec: (mr:U:/usr/bin/strace) exec of /usr/bin/strace (strace -tt -s128 -o /home/mr/strace.d/palemoon_180220_+093801_O palemoon ) by /usr/bin/strace[bash:19682] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 09:38:01 gdOv kernel: [256672.336771] grsec: (mr:U:/usr/bin/strace) process /usr/bin/strace(strace:19683) attached to via ptrace by /usr/bin/strace[strace:19682] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 09:38:01 gdOv kernel: [256672.338763] grsec: (mr:U:/usr/bin/strace) process /usr/bin/strace(strace:19684) attached to via ptrace by /usr/bin/strace[strace:19682] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 09:38:01 gdOv kernel: [256672.340779] grsec: (mr:U:/usr/lib/palemoon/palemoon) exec of /usr/lib/palemoon/palemoon (palemoon ) by /usr/lib/palemoon/palemoon[strace:19684] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/strace[strace:19682] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 09:38:02 gdOv kernel: [256672.605395] grsec: (mr:U:/usr/lib/palemoon/palemoon) denied RWX mprotect of <anonymous mapping> by /usr/lib/palemoon/palemoon[palemoon:19684] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/strace[strace:19682] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 09:38:02 gdOv kernel: [256672.605732] grsec: (mr:U:/usr/lib/palemoon/palemoon) Segmentation fault occurred at            (nil) in /usr/lib/palemoon/palemoon[palemoon:19684] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/strace[strace:19682] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 09:38:02 gdOv kernel: [256672.619188] grsec: (mr:U:/usr/bin/strace) denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/bin/strace[strace:19682] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
The strace is "a little" longer:

Code: Select all

mr@gdOv:~$ ls -ltr  strace.d/palemoon_180220_093801_O 
-rw-r--r-- 1 mr mr 85504 2018-02-20 09:38 strace.d/palemoon_180220_093801_O
mr@gdOv:~$ ls -ltrh  strace.d/palemoon_180220_093801_O 
-rw-r--r-- 1 mr mr 84K 2018-02-20 09:38 strace.d/palemoon_180220_093801_O
mr@gdOv:~$ 
and doesn't fit in a post. But I wish so much to solve this issue, and if the need arises, I can post them somewhere on my NGO's website.

Maybe a few lines of it though:

Code: Select all

[...]
09:38:02.006055 mmap(NULL, 2179152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x36efc045000
09:38:02.006340 mprotect(0x36efc058000, 2093056, PROT_NONE) = 0
09:38:02.006536 mmap(0x36efc257000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x12000) = 0x36efc257000
09:38:02.006767 mmap(0x36efc259000, 80, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x36efc259000
09:38:02.007001 close(4)                = 0
09:38:02.007916 mprotect(0x36efc257000, 4096, PROT_READ) = 0
09:38:02.008165 mprotect(0x36efc45d000, 4096, PROT_READ) = 0
[...]
09:38:02.027198 mprotect(0x36f02bca000, 28672, PROT_READ) = 0
09:38:02.028844 mprotect(0x36f02edc000, 32768, PROT_READ) = 0
09:38:02.049012 mprotect(0x36f068ad000, 4317184, PROT_READ) = 0
09:38:02.049610 gettimeofday({tv_sec=1519119482, tv_usec=49683}, NULL) = 0
09:38:02.049899 statfs("/sys/fs/selinux", 0x3952a9eeee0) = -1 ENOENT (No such file or directory)
09:38:02.050185 statfs("/selinux", 0x3952a9eeee0) = -1 ENOENT (No such file or directory)
09:38:02.050395 openat(AT_FDCWD, "/proc/filesystems", O_RDONLY|O_CLOEXEC) = 4
09:38:02.050830 fstat(4, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
09:38:02.051191 read(4, "nodev\tsysfs\nnodev\trootfs\nnodev\tramfs\nnodev\tbdev\nnodev\tproc\nnodev\tcpuset\nnodev\tcgroup\nnodev\tcgroup2\nnodev\ttmpfs\nnodev\tdevtmpfs\nno"..., 1024) = 419
09:38:02.051536 read(4, "", 1024)       = 0
09:38:02.051727 close(4)                = 0
09:38:02.051972 access("/etc/selinux/config", F_OK) = -1 ENOENT (No such file or directory)
09:38:02.052474 futex(0x36f00f1ae28, FUTEX_WAKE_PRIVATE, 2147483647) = 0
09:38:02.052680 futex(0x36f00f1ae28, FUTEX_WAKE_PRIVATE, 2147483647) = 0
09:38:02.053262 clock_gettime(CLOCK_MONOTONIC, {tv_sec=256672, tv_nsec=597474991}) = 0
09:38:02.053467 clock_gettime(CLOCK_MONOTONIC, {tv_sec=256672, tv_nsec=597669708}) = 0
[...]
09:38:02.057254 clock_gettime(CLOCK_MONOTONIC, {tv_sec=256672, tv_nsec=601464324}) = 0
09:38:02.057464 clock_gettime(CLOCK_MONOTONIC, {tv_sec=256672, tv_nsec=601674966}) = 0
09:38:02.057744 munmap(0x36f0a86c000, 82001) = 0
09:38:02.058139 gettid()                = 19684
09:38:02.058365 rt_sigaction(SIGPIPE, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x36f0a53e180}, NULL, 8) = 0
09:38:02.058660 gettimeofday({tv_sec=1519119482, tv_usec=58727}, NULL) = 0
09:38:02.059012 futex(0x36f06d64f50, FUTEX_WAKE_PRIVATE, 2147483647) = 0
09:38:02.059504 futex(0x36f0a32605c, FUTEX_WAKE_PRIVATE, 2147483647) = 0
09:38:02.059812 futex(0x36f0a326068, FUTEX_WAKE_PRIVATE, 2147483647) = 0
09:38:02.060133 read(3, "", 4096)       = 0
09:38:02.060341 close(3)                = 0
09:38:02.060692 clock_gettime(CLOCK_MONOTONIC, {tv_sec=256672, tv_nsec=604899398}) = 0
09:38:02.060942 mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x36efb82c000
09:38:02.061155 mprotect(0x36efb82d000, 8388608, PROT_READ|PROT_WRITE|PROT_EXEC) = -1 EACCES (Permission denied)
09:38:02.061392 munmap(0x36efb82c000, 8392704) = 0
09:38:02.061640 --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
09:38:02.074759 +++ killed by SIGSEGV +++
But this is solved by making a compromise and allowing RWX mprotect of <anonymous mapping> by palemoon and plugin-container:

Code: Select all

root@gdOv:/usr/lib/palemoon# paxctl -v palemoon plugin-container
PaX control v0.9
Copyright 2004,2005,2006,2007,2009,2010,2011,2012,2014 PaX Team <pageexec@freemail.hu>

- PaX flags: -----m-x-e-- [palemoon]
        MPROTECT is disabled
        RANDEXEC is disabled
        EMUTRAMP is disabled
- PaX flags: -----m-x-e-- [plugin-container]
        MPROTECT is disabled
        RANDEXEC is disabled
        EMUTRAMP is disabled
root@gdOv:/usr/lib/palemoon#
It will work now:

Code: Select all

mr@gdOv:~$ strace -tt -s128 -o ~mr/strace.d/palemoon_$(date +%y%m%d_%H%M%S)_O palemoon

Palemoon has opened a window. And it has already huge trace (mind that I've cared to take it quickly as the window showed up.

Code: Select all

mr@gdOv:~$ cp -iav strace.d/palemoon_180220_095634_O  strace.d/palemoon_180220_095634_O_1 
'strace.d/palemoon_180220_095634_O' -> 'strace.d/palemoon_180220_095634_O_1'
mr@gdOv:~$ ls -l strace.d/palemoon_180220_095634_O  strace.d/palemoon_180220_095634_O_1 
-rw-r--r-- 1 mr mr 2449385 2018-02-20 09:56 strace.d/palemoon_180220_095634_O
-rw-r--r-- 1 mr mr 2330823 2018-02-20 09:56 strace.d/palemoon_180220_095634_O_1
mr@gdOv:~$ ls -l strace.d/palemoon_180220_095634_O  strace.d/palemoon_180220_095634_O_1 
-rw-r--r-- 1 mr mr 3193884 2018-02-20 09:57 strace.d/palemoon_180220_095634_O
-rw-r--r-- 1 mr mr 2330823 2018-02-20 09:56 strace.d/palemoon_180220_095634_O_1
mr@gdOv:~$ 
And it's growing fast even on idle (doing nothing with it yet). And it already is too much for me to make anything out of it...

But Pale Moon works fine.

I had previously removed all the addons because I want to start anew.

I've browsed without a single crash all day yesterday, after these modifications.

And I felt I would first try and install Decentraleyes or uBlock origin addon which at first I didn't succeed because javascript.enabled in my about:config was at false (precaution in the wake of the spectre revelations, AMD64 here, meltdown no threat). Eventually, enabled javascript back, I successfully installed uBlock0... for a very short while.

uBlock0 addon appeared to be successfully installed for mere seconds only, and my Pale Moon within 10 sec after having reported that successful install of uBlock0 ,crashed.

I've tried a lot since then and from that later testing it appears that the uBlock0 install change has been causing the crashes of my Pale Moon. I just couldn't get it to work anymore until, that is, I removed uBlock0.
But it might make for a clearer narrative if I try and show what happened from the logs, and from decryptable traffic dump (which I hope I all have intact; even from the screencast if need be), given that I try and always run my (primitive) https://github.com/miroR/uncenz program for such purposes.

I've prepared the reduced, to-the-point trace with the SSL keys, and cast at:
Pale Moon and uBlock0 on a grsec-hardened kernel
https://www.croatiafidelis.hr/foss/cap/ ... n-uBlock0/

For quick insight, download just the:
dump_180220_0456_gdO_uBlock0.pcap
and
dump_180220_0456_gdO_uBlock0_SSLKEYLOGFILE.txt
download https://github.com/miroR/tshark-streams and run

Code: Select all

$ tshark-streams.sh -r dump_180220_0456_gdO_uBlock0.pcap -k dump_180220_0456_gdO_uBlock0_SSLKEYLOGFILE.txt -Y "tcp.stream==3"
That will get you (disregard the three other files):

Code: Select all

$ ls -l dump_180220_0456_gdO_uBlock0_s003-ssl.bin
-rw-r--r-- 1 mr mr 1773517 2018-02-20 12:43 dump_180220_0456_gdO_uBlock0_s003-ssl.bin
(Look up https://wireshark.org/wiki/SSL in case some kind less advanced reader is lost here.)
What istalled in my Pale Moon is what I downloaded, and what I downloaded is in that tcp.stream. If you run:

Code: Select all

$ dd if=dump_180220_0456_gdO_uBlock0_s003-ssl.bin skip=1256 bs=1 of=dump_180220_0456_gdO_uBlock0_s003-ssl_XPI.zip
that's the downloaded and installed file:

Code: Select all

$ ls -l dump_180220_0456_gdO_uBlock0_s003-ssl_XPI.zip ~mr/.moonchild\ productions/pale\ moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi 
-rw-r--r-- 1 mr mr 1772261 2018-02-20 12:50  dump_180220_0456_gdO_uBlock0_s003-ssl_XPI.zip
-rw------- 1 mr mr 1772261 2018-02-20 04:58 '/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi'
$ sha256sum dump_180220_0456_gdO_uBlock0_s003-ssl_XPI.zip ~mr/.moonchild\ productions/pale\ moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi 
e142ae1052e17ae93fe44ed508907a8df743793e7c38b6117cc4b2a493c6f776  dump_180220_0456_gdO_uBlock0_s003-ssl_XPI.zip
e142ae1052e17ae93fe44ed508907a8df743793e7c38b6117cc4b2a493c6f776  /home/mr/.moonchild productions/pale moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi
$
But what can clearly be seen in the screencast, is that my Pale Moon crashed right after installing uBlock0! Look it up, it's just 29 seconds, and if you check my PGP-signed hashes, and get the right hash, you're safe (not the case with Goog the Schmoogle videos, I don't think).

The video also serves to kind of verify the kern.log snippet that I'll post (I always have a

Code: Select all

# tail -f /var/log/kern.log
running for me):

Code: Select all

Feb 20 04:58:05 gdOv kernel: [239876.262222] grsec: (mr:U:/usr/lib/palemoon/palemoon) denied access of /var/tmp for writing by /usr/lib/palemoon/palemoon[mozStorage #10:17061] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
[... 5 more lines of the same kind --just the timestamp increased-- ...]
Feb 20 04:58:09 gdOv kernel: [239879.722999] grsec: (mr:U:/usr/lib/palemoon/palemoon) denied access of /var/tmp for writing by /usr/lib/palemoon/palemoon[mozStorage #10:17061] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 04:58:10 gdOv kernel: [239880.889260] 8139too 0000:04:15.0 eth1: link down
Feb 20 04:58:11 gdOv kernel: [239882.228265] PAX: execution attempt in: (null), 00000000-00000000 00000000
Feb 20 04:58:11 gdOv kernel: [239882.228282] PAX: terminating task: /usr/lib/palemoon/palemoon(palemoon):13441, uid/euid: 1000/1000, PC: 0000000000000302, SP: 0000039dfd6ed218
Feb 20 04:58:11 gdOv kernel: [239882.228293] PAX: bytes at PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 
Feb 20 04:58:11 gdOv kernel: [239882.228346] 
Feb 20 04:58:11 gdOv kernel: [239882.228348] PAX: bytes at SP-8: 0000038890e4b865 0000038890e51478 0000039dfd6ed290 0000039dfd6eda10 0000039dfd6eda50 0000039dfd6ed660 000003883e55f7d0 0000039dfd6ed2e0 0000039dfd6ed320 0000039dfd6ed730 00000388846d0a80 
Feb 20 04:58:11 gdOv kernel: [239882.228361] 
Feb 20 04:58:11 gdOv kernel: [239882.228866] grsec: more alerts, logging disabled for 10 seconds
But my (primitive) expertise ends here. Well, about what the PAX lines mean. I did, afterwards, sort that Pale Moon can write to /var/tmp (generally it sufficed to allow it the /tmp dir), but what those PAX numbers exactly mean, I don't currently know.

I have grsecurity RBAC deployed (Role Base Access Policy, if anyone not familiar, find it on forums.grsecurity.net pls.

But I start investigate now what this could be, without enabling RBAC, thought still with simply grsecurity kernel (I generally don't go online with Mr. Linus' plain non-hardened kernel --although they've recently copied a lot of code from grsecurity's original kernel patch, in the wake of Meltdown and Spectre computing disaster: the problem is Schmoogle the Goog controls now Linux security, and I don't trust unofficial world top spy agencies like the Schmoog to care for my security).

Again, in this post I only showed verifiably what I had (previously, very early in the morning CET) downloaded and installed (the uBlock0) in my Pale Moon when it crashed the first time after I compiled it and installed it, and how it crashed.

In the next post, I'll try reinstalling it, and try and analyze what happens (wrong).
Last edited by miroR on 2018-02-21, 05:03, edited 1 time in total.

miroR
Fanatic
Fanatic
Posts: 116
Joined: 2016-05-31, 19:22

Re: Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel

Unread post by miroR » 2018-02-20, 20:59

At this stage, I have Pale Moon:

Code: Select all

$ palemoon --version
Moonchild Productions Pale Moon 27.7.2
installed, running fine. It has no addons, no extensions, nothing whatsoever. Vanilla Pale Moon. There are no issues.

Code: Select all

Feb 20 14:11:13 gdOv kernel: [273064.456096] grsec: (root:U:/sbin/gradm) exec of /sbin/gradm (gradm -D ) by /sbin/gradm[bash:23619] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:3813] uid/euid:0/0 gid/egid:0/0
Feb 20 14:11:21 gdOv kernel: [273071.665692] grsec: shutdown auth success for /sbin/gradm[gradm:23619] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:3813] uid/euid:0/0 gid/egid:0/0
Feb 20 14:11:21 gdOv kernel: [273071.669683] grsec: exec of /sbin/grlearn (/sbin/grlearn -stop ) by /sbin/grlearn[gradm:23620] uid/euid:0/0 gid/egid:0/0, parent /[gradm:23619] uid/euid:0/0 gid/egid:0/0
One potential actor out of sight, the grsec RBAC is disabled, for these new tries to install addons.

But it's first actually just enabling uBlock0, because I see it grayed out in about:addons:

Code: Select all


UO uBlock Origin 1.15.6 (disabled)                                         +--------+  +--------+
   Finally, an efficient blocker. Easy on CPU and memory. [u]More[/u]      | Enable |  | Remove |
                                                                           +--------+  +--------+
I'll try and simply just click on "Enable". I'll trace it with strace, then enable it.

As in the first post:

Code: Select all

$ strace -tt -s128 -o ~mr/strace.d/palemoon_$(date +%y%m%d_%H%M%S)_O palemoon

So starts running fine. The trace is already 3M, just starting it, and writing the above:

Code: Select all

mr@gdOv:~$ ls -l strace.d/palemoon_180220_142155_O  strace.d/palemoon_180220_142155_O_1
-rw-r--r-- 1 mr mr 3210517 2018-02-20 14:23 strace.d/palemoon_180220_142155_O
-rw-r--r-- 1 mr mr 3207367 2018-02-20 14:23 strace.d/palemoon_180220_142155_O_1
mr@gdOv:~$
Going to about:addons and Enabling as I said.

Little happened so far... Oh now, it did happen right after I thought it wouldn't happen so soon. Here's the current log snippet:

Code: Select all

Feb 20 14:21:55 gdOv kernel: [273706.451642] grsec: exec of /bin/date (date +%y%m%d_%H%M%S ) by /bin/date[bash:23694] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:21:55 gdOv kernel: [273706.459496] grsec: exec of /usr/bin/strace (strace -tt -s128 -o /home/mr/strace.d/palemoon_180220_142155_O palemoon ) by /usr/bin/strace[bash:23695] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:21:55 gdOv kernel: [273706.485870] grsec: process /usr/bin/strace(strace:23696) attached to via ptrace by /usr/bin/strace[strace:23695] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:21:55 gdOv kernel: [273706.487877] grsec: process /usr/bin/strace(strace:23697) attached to via ptrace by /usr/bin/strace[strace:23695] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4314] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:21:55 gdOv kernel: [273706.490046] grsec: exec of /usr/lib/palemoon/palemoon (palemoon ) by /usr/lib/palemoon/palemoon[strace:23697] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/strace[strace:23695] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:23:08 gdOv kernel: [273778.636397] grsec: exec of /bin/cp (cp -iav strace.d/palemoon_180220_142155_O strace.d/palemoon_180220_142155_O_1 ) by /bin/cp[bash:23735] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4324] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:23:09 gdOv kernel: [273780.387793] grsec: exec of /bin/ls (ls --color=auto -l strace.d/palemoon_180220_142155_O strace.d/palemoon_180220_142155_O_1 ) by /bin/ls[bash:23736] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4324] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:23:11 gdOv kernel: [273782.324430] grsec: exec of /bin/ls (ls --color=auto -lh strace.d/palemoon_180220_142155_O strace.d/palemoon_180220_142155_O_1 ) by /bin/ls[bash:23737] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4324] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:24:01 gdOv kernel: [273832.247083] grsec: exec of /bin/ls (ls --color=auto -lh strace.d/palemoon_180220_142155_O strace.d/palemoon_180220_142155_O_1 ) by /bin/ls[bash:23739] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4324] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:24:03 gdOv kernel: [273834.121344] grsec: exec of /bin/ls (ls --color=auto -l strace.d/palemoon_180220_142155_O strace.d/palemoon_180220_142155_O_1 ) by /bin/ls[bash:23740] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4324] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:24:29 gdOv kernel: [273859.930099] PAX: execution attempt in: (null), 00000000-00000000 00000000
Feb 20 14:24:29 gdOv kernel: [273859.930117] PAX: terminating task: /usr/lib/palemoon/palemoon(palemoon):23697, uid/euid: 1000/1000, PC:            (nil), SP: 000003c90a41a888
Feb 20 14:24:29 gdOv kernel: [273859.930129] PAX: bytes at PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 
Feb 20 14:24:29 gdOv kernel: [273859.930223] 
Feb 20 14:24:29 gdOv kernel: [273859.930226] PAX: bytes at SP-8: 000003821704b865 0000038217051478 00000381fba65ca0 000003c90a41b080 0000000000000000 000003c90a41acd0 00000381fba65cd0 000003c90a41a950 000003c90a41a990 0000038216ea6bd2 000003820a8d0a80 
Feb 20 14:24:29 gdOv kernel: [273859.930242] 
Feb 20 14:24:29 gdOv kernel: [273859.930667] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/lib/palemoon/palemoon[palemoon:23697] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/strace[strace:23695] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:24:58 gdOv kernel: [273888.896649] grsec: exec of /bin/cp (cp -iav strace.d/palemoon_180220_142155_O strace.d/palemoon_180220_142155_O_1 ) by /bin/cp[bash:23750] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4324] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:25:01 gdOv kernel: [273891.611904] grsec: exec of /bin/cp (cp -iav strace.d/palemoon_180220_142155_O strace.d/palemoon_180220_142155_O_2 ) by /bin/cp[bash:23751] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4324] uid/euid:1000/1000 gid/egid:1000/1000
Feb 20 14:25:06 gdOv kernel: [273897.248157] grsec: exec of /bin/ls (ls --color=auto -l strace.d/palemoon_180220_142155_O strace.d/palemoon_180220_142155_O_1 strace.d/palemoon_180220_142155_O_2 ) by /bin/ls[bash:23752] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4324] uid/euid:1000/1000 gid/egid:1000/1000
And, according to my understanding, the "execution attempt in: (null)" (whatever exactly that it mean) happened after I had already cp'ed the main trace filename to the palemoon_180220_142155_O_1. So only the last 5M of text are key to examine (I'm joking of course, it's all system calls, signals, and symbols, not complete mumbo-jumbo but rather vague to me... Very hard work).
(
Because:

Code: Select all

mr@gdOv:~$ cp -iav strace.d/palemoon_180220_142155_O  strace.d/palemoon_180220_142155_O_1
cp: overwrite 'strace.d/palemoon_180220_142155_O_1'? ^[[A^C
mr@gdOv:~$ cp -iav strace.d/palemoon_180220_142155_O  strace.d/palemoon_180220_142155_O_2
'strace.d/palemoon_180220_142155_O' -> 'strace.d/palemoon_180220_142155_O_2'
mr@gdOv:~$
I didn't overwrite palemoon_180220_142155_O_1 which I copied the palemoon_180220_142155_O to previously.
)

And my very tentative guess about what happened follows, some three hours of perusing the strace output
(
which is available, somewhat anonymized, such as the salt is redacted at:
Pale Moon and uBlock0 on a grsec-hardened kernel 2
https://www.croatiafidelis.hr/foss/cap/ ... ock0-2.php
).

It's PAX/grsec not allowing uBlock0 for some reason and in some way.

All is (likely) still well up unto my clicking of the uBlock0 extenstion's:

Code: Select all

 +--------+  
 | Enable |  
 +--------+  
button in the about:addons page. It is this moment:

Code: Select all

14:24:12.243061 gettimeofday({tv_sec=1519136652, tv_usec=243194}, NULL) = 0
14:24:12.244172 gettimeofday({tv_sec=1519136652, tv_usec=244302}, NULL) = 0
14:24:12.244817 gettimeofday({tv_sec=1519136652, tv_usec=244967}, NULL) = 0
14:24:12.245683 gettimeofday({tv_sec=1519136652, tv_usec=245803}, NULL) = 0
14:24:12.246285 stat("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi", {st_mode=S_IFREG|0600, st_size=1772261, ...}) = 0
14:24:12.246792 openat(AT_FDCWD, "/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi", O_RDONLY) = 43
14:24:12.247079 lseek(43, 0, SEEK_CUR)  = 0
14:24:12.247217 lseek(43, 0, SEEK_END)  = 1772261
14:24:12.247348 lseek(43, 0, SEEK_SET)  = 0
14:24:12.247483 fstat(43, {st_mode=S_IFREG|0600, st_size=1772261, ...}) = 0
14:24:12.247695 mmap(NULL, 1772261, PROT_READ, MAP_PRIVATE, 43, 0) = 0x381f734f000
14:24:12.247856 close(43)               = 0
14:24:12.248535 munmap(0x381f734f000, 1772261) = 0
14:24:12.248855 stat("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi", {st_mode=S_IFREG|0600, st_size=1772261, ...}) = 0
14:24:12.249326 stat("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi", {st_mode=S_IFREG|0600, st_size=1772261, ...}) = 0
14:24:12.250153 stat("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi", {st_mode=S_IFREG|0600, st_size=1772261, ...}) = 0
14:24:12.250584 openat(AT_FDCWD, "/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi", O_RDONLY) = 43
14:24:12.250799 lseek(43, 0, SEEK_CUR)  = 0
14:24:12.250977 lseek(43, 0, SEEK_END)  = 1772261
14:24:12.251111 lseek(43, 0, SEEK_SET)  = 0
14:24:12.251247 fstat(43, {st_mode=S_IFREG|0600, st_size=1772261, ...}) = 0
14:24:12.251457 mmap(NULL, 1772261, PROT_READ, MAP_PRIVATE, 43, 0) = 0x381f734f000
14:24:12.251617 close(43)               = 0
14:24:12.251945 munmap(0x381f734f000, 1772261) = 0
14:24:12.252470 gettimeofday({tv_sec=1519136652, tv_usec=252565}, NULL) = 0
14:24:12.252849 gettimeofday({tv_sec=1519136652, tv_usec=252994}, NULL) = 0
14:24:12.253156 openat(AT_FDCWD, "/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extensions/uBlock0@raymondhill.net.xpi", O_RDONLY) = 43
14:24:12.253381 lseek(43, 0, SEEK_CUR)  = 0
14:24:12.253517 lseek(43, 0, SEEK_END)  = 1772261
14:24:12.253645 lseek(43, 0, SEEK_SET)  = 0
14:24:12.253779 fstat(43, {st_mode=S_IFREG|0600, st_size=1772261, ...}) = 0
14:24:12.254024 mmap(NULL, 1772261, PROT_READ, MAP_PRIVATE, 43, 0) = 0x381f734f000
14:24:12.254183 close(43)               = 0
14:24:12.254476 futex(0x38205252994, FUTEX_WAKE_PRIVATE, 2147483647) = 1
14:24:12.254643 futex(0x381f7b735c0, FUTEX_WAKE_PRIVATE, 1) = 1
14:24:12.255014 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273842, tv_nsec=799214590}) = 0
14:24:12.255674 gettimeofday({tv_sec=1519136652, tv_usec=255784}, NULL) = 0
14:24:12.256398 gettimeofday({tv_sec=1519136652, tv_usec=256516}, NULL) = 0
14:24:12.257411 gettimeofday({tv_sec=1519136652, tv_usec=257539}, NULL) = 0
14:24:12.259211 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273842, tv_nsec=803488318}) = 0
14:24:12.259451 gettimeofday({tv_sec=1519136652, tv_usec=259508}, NULL) = 0
14:24:12.259783 gettimeofday({tv_sec=1519136652, tv_usec=259852}, NULL) = 0
14:24:12.260037 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273842, tv_nsec=804237296}) = 0
14:24:12.260187 gettimeofday({tv_sec=1519136652, tv_usec=260243}, NULL) = 0
14:24:12.260427 gettimeofday({tv_sec=1519136652, tv_usec=260490}, NULL) = 0
14:24:12.261311 gettimeofday({tv_sec=1519136652, tv_usec=261440}, NULL) = 0
14:24:12.262081 gettimeofday({tv_sec=1519136652, tv_usec=262199}, NULL) = 0
14:24:12.262340 gettimeofday({tv_sec=1519136652, tv_usec=262398}, NULL) = 0
14:24:12.265240 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273842, tv_nsec=809515061}) = 0
14:24:12.265478 gettimeofday({tv_sec=1519136652, tv_usec=265534}, NULL) = 0
14:24:12.266092 gettimeofday({tv_sec=1519136652, tv_usec=266211}, NULL) = 0
14:24:12.266327 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273842, tv_nsec=810525804}) = 0
14:24:12.266492 gettimeofday({tv_sec=1519136652, tv_usec=266548}, NULL) = 0
14:24:12.266647 gettimeofday({tv_sec=1519136652, tv_usec=266703}, NULL) = 0
14:24:12.266827 gettimeofday({tv_sec=1519136652, tv_usec=266911}, NULL) = 0
14:24:12.267013 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273842, tv_nsec=811208293}) = 0
14:24:12.267163 gettimeofday({tv_sec=1519136652, tv_usec=267227}, NULL) = 0
14:24:12.267326 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273842, tv_nsec=811521462}) = 0
14:24:12.267471 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273842, tv_nsec=811665614}) = 0
14:24:12.267623 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273842, tv_nsec=811818147}) = 0
But uBlock0 doesn't get the resources:

Code: Select all

14:24:12.311496 poll([{fd=4, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=4, revents=POLLIN|POLLOUT}])
14:24:12.311693 recvmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\6\0#\24\231\202R\20\340\4\0\0x\0`\0\0\0\0\0\6\4<\1p\3\23\1\0\0\1\0\6\0#\24\243\202R\20\340\4\0\0x\0`\0\0\0\0\0\7\4;\1q\3\22\1\0\0\1\0", iov_len=4096}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 64
14:24:12.312019 writev(4, [{iov_base="\24\0\6\0J\2`\0_\1\0\0\6\0\0\0\0\0\0\0\4\0\0\0", iov_len=24}, {iov_base=NULL, iov_len=0}, {iov_base="", iov_len=0}], 3) = 24
14:24:12.312290 poll([{fd=4, events=POLLIN}], 1, -1) = 1 ([{fd=4, revents=POLLIN}])
14:24:12.312480 recvmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\1\0$\24\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", iov_len=4096}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 32
14:24:12.312756 recvmsg(4, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable)
14:24:12.312969 recvmsg(4, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable)
14:24:12.313178 poll([{fd=4, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=4, revents=POLLOUT}])
14:24:12.313366 writev(4, [{iov_base="\24\0\6\0N\3`\0_\1\0\0\6\0\0\0\0\0\0\0\4\0\0\0", iov_len=24}, {iov_base=NULL, iov_len=0}, {iov_base="", iov_len=0}], 3) = 24
14:24:12.313598 poll([{fd=4, events=POLLIN}], 1, -1) = 1 ([{fd=4, revents=POLLIN}])
14:24:12.313785 recvmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\1\0%\24\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", iov_len=4096}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 32
14:24:12.314059 recvmsg(4, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable)
It tries, but ends up with the same...:

Code: Select all

14:24:19.420324 gettimeofday({tv_sec=1519136659, tv_usec=420386}, NULL) = 0
14:24:19.420507 gettimeofday({tv_sec=1519136659, tv_usec=420569}, NULL) = 0
14:24:19.420743 futex(0x382193b3bb0, FUTEX_WAKE_PRIVATE, 1) = 1
14:24:19.423830 access("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extension-data", F_OK) = 0
14:24:19.424192 stat("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extension-data", {st_mode=S_IFDIR|0754, st_size=4096, ...}) = 0
14:24:19.424851 lstat("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extension-data/ublock0.sqlite", {st_mode=S_IFREG|0644, st_size=10616832, ...}) = 0
14:24:19.425233 lstat("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extension-data/ublock0.sqlite", {st_mode=S_IFREG|0644, st_size=10616832, ...}) = 0
14:24:19.425559 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=969763081}) = 0
14:24:19.425742 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=969943551}) = 0
14:24:19.425966 getpid()                = 23697
14:24:19.426145 openat(AT_FDCWD, "/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extension-data/ublock0.sqlite", O_RDWR|O_CREAT|O_CLOEXEC, 0644) = 43
14:24:19.426408 fstat(43, {st_mode=S_IFREG|0644, st_size=10616832, ...}) = 0
14:24:19.426671 fstat(43, {st_mode=S_IFREG|0644, st_size=10616832, ...}) = 0
14:24:19.426950 stat("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extension-data/ublock0.sqlite", {st_mode=S_IFREG|0644, st_size=10616832, ...}) = 0
14:24:19.427274 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=971475868}) = 0
14:24:19.427454 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=971653824}) = 0
14:24:19.427653 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=971856084}) = 0
14:24:19.427833 lseek(43, 0, SEEK_SET)  = 0
14:24:19.428035 read(43, "SQLite format 3\0\200\0\1\1\0@  \0\0\0\304\0\0\1D\0\0\0\262\0\0\1\t\0\0\0\6\0\0\0\4\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\304\0.\30\310", 100) = 100
14:24:19.428318 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=972518738}) = 0
14:24:19.428551 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=972753126}) = 0
14:24:19.428765 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=972967678}) = 0
14:24:19.428998 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=973207094}) = 0
14:24:19.429236 fcntl(43, F_SETLK, {l_type=F_RDLCK, l_whence=SEEK_SET, l_start=1073741824, l_len=1}) = 0
14:24:19.429460 fcntl(43, F_SETLK, {l_type=F_RDLCK, l_whence=SEEK_SET, l_start=1073741826, l_len=510}) = 0
14:24:19.429671 fcntl(43, F_SETLK, {l_type=F_UNLCK, l_whence=SEEK_SET, l_start=1073741824, l_len=1}) = 0
14:24:19.429890 stat("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extension-data/ublock0.sqlite-journal", 0x3c90a41c550) = -1 ENOENT (No such file or directory)
14:24:19.430155 stat("/home/mr/.moonchild productions/pale moon/xpmdemzk.default/extension-data/ublock0.sqlite-wal", 0x3c90a41c550) = -1 ENOENT (No such file or directory)
14:24:19.430400 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=974606993}) = 0
14:24:19.430598 fstat(43, {st_mode=S_IFREG|0644, st_size=10616832, ...}) = 0
14:24:19.430901 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=975106497}) = 0
14:24:19.431095 mmap(NULL, 1048576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x381f6e00000
14:24:19.431440 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=975641482}) = 0
14:24:19.431616 lseek(43, 0, SEEK_SET)  = 0
14:24:19.431782 read(43, "SQLite format 3\0\200\0\1\1\0@  \0\0\0\304\0\0\1D\0\0\0\262\0\0\1\t\0\0\0\6\0\0\0\4\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\304\0.\30\310\r\177\370\0\2\177`\0\177`\177\307\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 32768) = 32768
14:24:19.432215 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=976417279}) = 0
14:24:19.432537 fcntl(43, F_SETLK, {l_type=F_UNLCK, l_whence=SEEK_SET, l_start=0, l_len=0}) = 0
14:24:19.432783 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=976991094}) = 0
14:24:19.433018 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=977224644}) = 0
14:24:19.433226 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=977434168}) = 0
14:24:19.433618 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=977827514}) = 0
14:24:19.433816 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=978054079}) = 0
14:24:19.434064 mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x381f64ff000
14:24:19.434273 mprotect(0x381f6500000, 8388608, PROT_READ|PROT_WRITE|PROT_EXEC) = 0
14:24:19.434540 clone(child_stack=0x381f6cfef70, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x381f6cff9d0, tls=0x381f6cff700, child_tidptr=0x381f6cff9d0) = 23748
14:24:19.434821 futex(0x381f706ec90, FUTEX_WAIT_PRIVATE, 0, NULL) = 0
14:24:19.435058 futex(0x381f706ec08, FUTEX_WAKE_PRIVATE, 1) = 0
14:24:19.435249 futex(0x381f706ebd0, FUTEX_WAKE_PRIVATE, 2147483647) = 1
14:24:19.435539 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=979751501}) = 0
14:24:19.435749 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=979953203}) = 0
14:24:19.435968 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=980179489}) = 0
14:24:19.436427 gettimeofday({tv_sec=1519136659, tv_usec=436500}, NULL) = 0
14:24:19.436640 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=980846892}) = 0
14:24:19.436838 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=981082676}) = 0
14:24:19.437076 futex(0x381f706ebd4, FUTEX_WAKE_PRIVATE, 2147483647) = 1
14:24:19.437312 gettimeofday({tv_sec=1519136659, tv_usec=437381}, NULL) = 0
14:24:19.437495 gettimeofday({tv_sec=1519136659, tv_usec=437559}, NULL) = 0
14:24:19.437676 gettimeofday({tv_sec=1519136659, tv_usec=437740}, NULL) = 0
14:24:19.437910 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=982122194}) = 0
14:24:19.438097 gettimeofday({tv_sec=1519136659, tv_usec=438199}, NULL) = 0
14:24:19.438364 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=982574765}) = 0
14:24:19.438584 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=982790156}) = 0
14:24:19.439219 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=983470968}) = 0
14:24:19.439471 gettimeofday({tv_sec=1519136659, tv_usec=439539}, NULL) = 0
14:24:19.439695 gettimeofday({tv_sec=1519136659, tv_usec=439765}, NULL) = 0
14:24:19.439925 gettimeofday({tv_sec=1519136659, tv_usec=439997}, NULL) = 0
14:24:19.440189 futex(0x382193b3bb0, FUTEX_WAKE_PRIVATE, 1) = 1
14:24:19.441237 gettimeofday({tv_sec=1519136659, tv_usec=441320}, NULL) = 0
14:24:19.441457 gettimeofday({tv_sec=1519136659, tv_usec=441525}, NULL) = 0
14:24:19.441657 gettimeofday({tv_sec=1519136659, tv_usec=441725}, NULL) = 0
14:24:19.441922 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=986137788}) = 0
14:24:19.442129 gettimeofday({tv_sec=1519136659, tv_usec=442196}, NULL) = 0
14:24:19.442368 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=986577508}) = 0
14:24:19.442594 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=986802956}) = 0
14:24:19.442815 futex(0x38203de2cd4, FUTEX_WAKE_PRIVATE, 2147483647) = 1
14:24:19.443065 futex(0x382026e7a00, FUTEX_WAKE_PRIVATE, 1) = 1
14:24:19.443478 futex(0x38203de2cd0, FUTEX_WAKE_PRIVATE, 2147483647) = 1
14:24:19.443698 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=987904493}) = 0
14:24:19.443951 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=988163185}) = 0
14:24:19.444154 gettimeofday({tv_sec=1519136659, tv_usec=444221}, NULL) = 0
14:24:19.444438 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=988647324}) = 0
14:24:19.444641 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=988847909}) = 0
14:24:19.444852 recvmsg(4, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable)
14:24:19.445186 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=989394347}) = 0
14:24:19.445391 poll([{fd=4, events=POLLIN}, {fd=5, events=POLLIN}, {fd=19, events=POLLIN}], 3, 0) = 1 ([{fd=19, revents=POLLIN}])
14:24:19.445632 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=989839934}) = 0
14:24:19.445834 futex(0x38207566d74, FUTEX_WAKE_PRIVATE, 2147483647) = 1
14:24:19.446069 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=990277141}) = 0
14:24:19.446271 read(19, "\372", 1)     = 1
14:24:19.446486 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=990693953}) = 0
14:24:19.446687 recvmsg(4, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable)
14:24:19.446921 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=991133115}) = 0
14:24:19.447125 poll([{fd=4, events=POLLIN}, {fd=5, events=POLLIN}, {fd=19, events=POLLIN}], 3, 0) = 0 (Timeout)
14:24:19.447337 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=991545179}) = 0
14:24:19.447538 futex(0x38207566d70, FUTEX_WAKE_PRIVATE, 2147483647) = 1
14:24:19.447731 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=991938525}) = 0
14:24:19.447961 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=992174030}) = 0
14:24:19.448170 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=992378525}) = 0
14:24:19.448371 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=992577992}) = 0
14:24:19.448571 recvmsg(4, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable)
14:24:19.448797 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=993033077}) = 0
14:24:19.449031 poll([{fd=4, events=POLLIN}, {fd=5, events=POLLIN}, {fd=19, events=POLLIN}], 3, 0) = 0 (Timeout)
14:24:19.449244 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=993451287}) = 0
14:24:19.449442 futex(0x38207566d74, FUTEX_WAKE_PRIVATE, 2147483647) = 1
14:24:19.449638 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=993845471}) = 0
14:24:19.449841 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=994079020}) = 0
14:24:19.450071 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=994279046}) = 0
14:24:19.450271 gettimeofday({tv_sec=1519136659, tv_usec=450338}, NULL) = 0
14:24:19.450471 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=994716532}) = 0
14:24:19.450710 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=994916557}) = 0
14:24:19.450918 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=995129713}) = 0
14:24:19.451125 futex(0x382193b3a34, FUTEX_WAKE_PRIVATE, 1) = 1
14:24:19.451321 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=995527808}) = 0
14:24:19.451717 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=995926741}) = 0
14:24:19.451917 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=996127046}) = 0
14:24:19.452120 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=996327072}) = 0
14:24:19.452347 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=996554195}) = 0
14:24:19.452887 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=997104545}) = 0
14:24:19.453100 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=997305688}) = 0
14:24:19.453322 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=997529180}) = 0
14:24:19.453533 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=997739262}) = 0
14:24:19.453730 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=997936494}) = 0
14:24:19.453959 recvmsg(4, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable)
14:24:19.454197 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=998402754}) = 0
14:24:19.454397 poll([{fd=4, events=POLLIN}, {fd=5, events=POLLIN}, {fd=19, events=POLLIN}], 3, 0) = 0 (Timeout)
14:24:19.454610 clock_gettime(CLOCK_MONOTONIC, {tv_sec=273849, tv_nsec=998815935}) = 0
14:24:19.454806 futex(0x38207566d70, FUTEX_WAKE_PRIVATE, 2147483647) = 1
14:24:19.455025 poll([{fd=4, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=4, revents=POLLOUT}])
14:24:19.455233 writev(4, [{iov_base="&\30\2\0x\0`\0", iov_len=8}, {iov_base=NULL, iov_len=0}, {iov_base="", iov_len=0}], 3) = 8
14:24:19.455560 poll([{fd=4, events=POLLIN}], 1, -1) = 1 ([{fd=4, revents=POLLIN}])
14:24:19.455768 recvmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\1\0015\33\0\0\0\0\340\4\0\0\0\0\0\0\357\3\362\0Y\3\311\0\0\0\0\0\0\0\0\0", iov_len=4096}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 32
14:24:19.456122 recvmsg(4, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable)
...with the same "Resource temporarily unavailable".

We reach to really huge stretches of almost uniform:

Code: Select all

14:24:21.569021 madvise(0x38202416000, 24576, MADV_DONTNEED) = 0
[...some 1047 lines cut here, all but one with "madvise", only different timestamps...] 
14:24:21.766990 madvise(0x381ff081000, 4096, MADV_DONTNEED) = 0
And 0.2 seconds is a very long time for processes.

Interestingly no more openat system calls to be found after that stretch of madvise.

Instead, one last stretch of a similarly boring:

Code: Select all

14:24:24.132622 gettimeofday({tv_sec=1519136664, tv_usec=132686}, NULL) = 0
[...16798 lines cut here all but a very rare few of same content, but different timestamps...]
14:24:28.636786 gettimeofday({tv_sec=1519136668, tv_usec=636849}, NULL) = 0
The very few interruptions look like this:

Code: Select all

14:24:28.640477 mmap(NULL, 1048576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x381f1b00000
14:24:28.642535 futex(0x382193b3bb4, FUTEX_WAKE_PRIVATE, 1) = 1
14:24:28.640477 mmap(NULL, 1048576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x381f1b00000

Code: Select all

14:24:28.654944 gettimeofday({tv_sec=1519136668, tv_usec=655299}, NULL) = 0
[...2480 lines cut here all but a very rare few, if any, of same content, but different timestamps...]
14:24:29.385217 gettimeofday({tv_sec=1519136669, tv_usec=385290}, NULL) = 0
And then it all ends abruptly with this, argh, liberating line:

Code: Select all

14:24:29.567736 +++ killed by SIGKILL +++

miroR
Fanatic
Fanatic
Posts: 116
Joined: 2016-05-31, 19:22

Re: Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel

Unread post by miroR » 2018-02-20, 21:28

Indeed I have no issues (pls. read me corrected in [2]) with vanilla Pale Moon in my grsec-hardened Linux... well, it's actually grsecunoff (grsec-unofficial, but that's little else than semantics and... aarghh... quality, the difference; there are not so often geniuses born like spender and PaX Team... Also Windows had, at one time benefited, if I'm allowed the short digression[1]).

But on those heavy advertizing heavy intrusion into your privacy very loaded locations, not on Pale Moon forums, or Devuan forums or Debian forums... well not so far... (And I'm posting this with my updated Pale Moon 2.7.7.2.)

That's it, I posted all I could to try and reach for a solution, and get me the good addons and extensions, that I was advised months ago in:
Tracking protection and NSS SSL secrets logging (two security questions)?
viewtopic.php?f=26&t=12544&p=104104#p103695
by HaleSun

Thanks if anybody has a piece of advice!


---
[1] But it kind of stole the code:
http://expertmiami.blogspot.com/2012/05 ... nodes.html
http://arstechnica.com/business/2012/05 ... microsoft/

[2] The first issue I just had when, after opening my old:
Grsecurity/Pax installation on Debian GNU/Linux
http://forums.debian.net/viewtopic.php?f=16&t=108616
to find the links in the [1], and when I went to check that those links weren't dead (they are not at this time), the Schmoog attacked me (joking, pls. don't get that too seriously... but there was a lot of google in the traffic dump :) )
(and when I opened those links from [1] above] I got a:

Code: Select all

[1]+  Segmentation fault      palemoon
with nothing in the logs... Cruel world out there...

miroR
Fanatic
Fanatic
Posts: 116
Joined: 2016-05-31, 19:22

Re: Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel

Unread post by miroR » 2018-02-20, 21:38

Just posted:
segfaults upon install of uBlock0 on grsecunoff kernel-based Linux #3530
https://github.com/gorhill/uBlock/issues/3530

miroR
Fanatic
Fanatic
Posts: 116
Joined: 2016-05-31, 19:22

Re: Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel

Unread post by miroR » 2018-02-20, 21:45

And posted on:
segfaults upon install of uBlock0 in Pale Moon on grsecunoff kernel-based Linux #27
https://github.com/minipli/linux-unoffi ... /issues/27

miroR
Fanatic
Fanatic
Posts: 116
Joined: 2016-05-31, 19:22

Re: Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel

Unread post by miroR » 2018-02-22, 19:38

Some people apparently think this issue is not to blame on grsec (both, but the first only if I read him correctly):
https://github.com/gorhill/uBlock/issue ... -367143816
and
https://github.com/minipli/linux-unoffi ... -367473590

My Pale Moon that I gave links to how I compiled it in top of the first post, has devtools. I haven't really used those previously.
Can anybody give a few quick tips where to go to (more quickly) try to learn how to use debugger, or console --or if I should use some other tool-- to try and find out more about what is causing these crashes in my Pale Moon?

I've read a few guides:
https://developer.mozilla.org/en-US/doc ... er/UI_Tour
https://mozilladevelopers.github.io/pla ... /debugger/
but I'd like something that I could apply more quickly to this particular case that I have, these crashes upon installing of uBlock0.

Thanks in anybody has a few quick tips.

miroR
Fanatic
Fanatic
Posts: 116
Joined: 2016-05-31, 19:22

Re: Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel

Unread post by miroR » 2018-02-23, 15:35

Gosh! Miro-Biro is so slow... Took me so long... Argh...
But I think this is solved. I'll mark it as solve once I completely confirm that my Pale Moon is working correctly regading this uBlock0 issue.

In short, the more upstream devs are right. I've, properly installed (apparently) Pale Moon 2.7.7.2, and here's what needs to be used, of compilers in Linux:
about:buildconfig

Code: Select all

Build tools
Compiler 	Version 	Compiler flags
gcc-4.9 	4.9.2 	-Wall -Wdeclaration-after-statement -Wempty-body -Wpointer-to-int-cast -Wsign-compare -Wtype-limits -Wno-unused -Wcast-align -g -O2 -std=gnu99 -fgnu89-inline -fno-strict-aliasing -ffunction-sections -fdata-sections -fno-math-errno -pthread -pipe
g++-4.9 	4.9.2 	-Wall -Wempty-body -Woverloaded-virtual -Wsign-compare -Wwrite-strings -Wno-invalid-offsetof -Wcast-align -g -O2 -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -std=gnu++0x -pthread -pipe -DNDEBUG -DTRIMMED -g -freorder-blocks -O2 -fomit-frame-pointer
Some more testing, so I can (hopefully) declare this issue solved. Be back.
Last edited by miroR on 2018-02-23, 15:36, edited 1 time in total.

miroR
Fanatic
Fanatic
Posts: 116
Joined: 2016-05-31, 19:22

Re: Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel

Unread post by miroR » 2018-02-24, 17:45

This issue is SOLVED.
(However forum rules do not make possible editing a few days old posts, which is fine, only I can't mark the title with SOLVED)
Regards!

User avatar
SpockFan02
Astronaut
Astronaut
Posts: 535
Joined: 2017-09-24, 16:35
Location: Mak pupulusšum, California

Re: Installing uBlock Origin breaks Pale Moon on grsec-hardened kernel

Unread post by SpockFan02 » 2018-03-04, 05:14

miroR wrote:This issue is SOLVED.
(However forum rules do not make possible editing a few days old posts, which is fine, only I can't mark the title with SOLVED)
Regards!
You can, however, click the button with a check mark on one of the replies, and the topic will be marked as solved.

Locked