On Feb 13 2008 17:48, [EMAIL PROTECTED] wrote:
>On 13 Feb 2008 at 8:29, Randy Dunlap wrote:
>
>> Is it signed-off-by: pageexec ?
>
>no it isn't, on purpose as i won't give out my real name that the
>DCO requires.
But could still add "Brought-to-attention-by: [EMAIL PROTECTED]" or
something like
On 14 Feb 2008 at 8:30, Ingo Molnar wrote:
> --- linux-x86.q.orig/arch/x86/kernel/process_64.c
> +++ linux-x86.q/arch/x86/kernel/process_64.c
> @@ -166,6 +166,15 @@ static inline void play_dead(void)
> void cpu_idle(void)
> {
> current_thread_info()->status |= TS_POLLING;
> +
> +#ifdef
On 14 Feb 2008 at 8:30, Ingo Molnar wrote:
--- linux-x86.q.orig/arch/x86/kernel/process_64.c
+++ linux-x86.q/arch/x86/kernel/process_64.c
@@ -166,6 +166,15 @@ static inline void play_dead(void)
void cpu_idle(void)
{
current_thread_info()-status |= TS_POLLING;
+
+#ifdef
On Feb 13 2008 17:48, [EMAIL PROTECTED] wrote:
On 13 Feb 2008 at 8:29, Randy Dunlap wrote:
Is it signed-off-by: pageexec ?
no it isn't, on purpose as i won't give out my real name that the
DCO requires.
But could still add Brought-to-attention-by: [EMAIL PROTECTED] or
something like that.
--
> --- linux-2.6.24.2/arch/x86/kernel/Makefile_642008-01-24
> 23:58:37.0
> +0100
> +++ linux-2.6.24.2-pax/arch/x86/kernel/Makefile_642008-02-13
> 11:36:14.0 +0100
> @@ -42,4 +42,6 @@ obj-$(CONFIG_PCI) += early-quirks.o
> obj-y
* Ingo Molnar <[EMAIL PROTECTED]> wrote:
> > was removed from arch/x86/kernel/process_64.c:__switch_to? that's
> > the only reason i can think of that would trigger this trace.
>
> I hand-ported your fixes [the patch was whitespace damaged] so i'm
> quite sure i got every bit of it - but find
* [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > hm, had to pull it again because it crashed in testing:
>
> i've only tested .24, not .25 so maybe something changed. did you make
> sure that
>
> write_pda(stack_canary, next_p->stack_canary);
>
> was removed from
* Sam Ravnborg <[EMAIL PROTECTED]> wrote:
> > > if you're merging this, please do the independent parts really
> > > independenrly. For example, the above is a patch in its own right,
> > > and probably worth doing regardless of anything else.
> >
> > yes. I wanted to have it tested for a
On 13 Feb 2008 at 17:48, Ingo Molnar wrote:
> hm, had to pull it again because it crashed in testing:
i've only tested .24, not .25 so maybe something changed. did you
make sure that
write_pda(stack_canary, next_p->stack_canary);
was removed from arch/x86/kernel/process_64.c:__switch_to?
On Wed, Feb 13, 2008 at 05:01:48PM +0100, Ingo Molnar wrote:
>
> * Linus Torvalds <[EMAIL PROTECTED]> wrote:
>
> > if you're merging this, please do the independent parts really
> > independenrly. For example, the above is a patch in its own right, and
> > probably worth doing regardless of
On 13 Feb 2008 at 8:29, Randy Dunlap wrote:
> Is it signed-off-by: pageexec ?
no it isn't, on purpose as i won't give out my real name that the
DCO requires.
> Couldn't that be a problem?
no it couldn't. no employer -> no problem. the little pleasures of life.
--
To unsubscribe from this
On Wed, 13 Feb 2008 16:29:00 +0100 Ingo Molnar wrote:
>
> * [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> > patches to get CONFIG_CC_STACKPROTECTOR_ALL actually to work (it
> > includes the Makefile patch proposed in this thread already).
> >
> > note that the fix to ACPI is an actual
* Linus Torvalds <[EMAIL PROTECTED]> wrote:
> if you're merging this, please do the independent parts really
> independenrly. For example, the above is a patch in its own right, and
> probably worth doing regardless of anything else.
yes. I wanted to have it tested for a bit, because the lack
Ingo,
if you're merging this, please do the independent parts really
independenrly. For example, the above is a patch in its own right, and
probably worth doing regardless of anything else.
(Same goes for the ACPI parts, I'll bounce that part to Len,
Linus
On Wed,
* [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> patches to get CONFIG_CC_STACKPROTECTOR_ALL actually to work (it
> includes the Makefile patch proposed in this thread already).
>
> note that the fix to ACPI is an actual stack corruption bug (caught by
> ssp thanks to a lucky stack layout),
On 12 Feb 2008 at 9:00, Arjan van de Ven wrote:
> I just read the excellent LWN writeup of the vmsplice security thing, and
> that got me
> wondering why this attack wasn't stopped by the CONFIG_CC_STACKPROTECTOR
> option... because
> it plain should have been...
what makes you think it should
On 12 Feb 2008 at 9:00, Arjan van de Ven wrote:
I just read the excellent LWN writeup of the vmsplice security thing, and
that got me
wondering why this attack wasn't stopped by the CONFIG_CC_STACKPROTECTOR
option... because
it plain should have been...
what makes you think it should have
Ingo,
if you're merging this, please do the independent parts really
independenrly. For example, the above is a patch in its own right, and
probably worth doing regardless of anything else.
(Same goes for the ACPI parts, I'll bounce that part to Len,
Linus
On Wed,
* [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
patches to get CONFIG_CC_STACKPROTECTOR_ALL actually to work (it
includes the Makefile patch proposed in this thread already).
note that the fix to ACPI is an actual stack corruption bug (caught by
ssp thanks to a lucky stack layout), due to
* Linus Torvalds [EMAIL PROTECTED] wrote:
if you're merging this, please do the independent parts really
independenrly. For example, the above is a patch in its own right, and
probably worth doing regardless of anything else.
yes. I wanted to have it tested for a bit, because the lack of
On 13 Feb 2008 at 8:29, Randy Dunlap wrote:
Is it signed-off-by: pageexec ?
no it isn't, on purpose as i won't give out my real name that the
DCO requires.
Couldn't that be a problem?
no it couldn't. no employer - no problem. the little pleasures of life.
--
To unsubscribe from this list:
On Wed, 13 Feb 2008 16:29:00 +0100 Ingo Molnar wrote:
* [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
patches to get CONFIG_CC_STACKPROTECTOR_ALL actually to work (it
includes the Makefile patch proposed in this thread already).
note that the fix to ACPI is an actual stack corruption
On 13 Feb 2008 at 17:48, Ingo Molnar wrote:
hm, had to pull it again because it crashed in testing:
i've only tested .24, not .25 so maybe something changed. did you
make sure that
write_pda(stack_canary, next_p-stack_canary);
was removed from arch/x86/kernel/process_64.c:__switch_to?
On Wed, Feb 13, 2008 at 05:01:48PM +0100, Ingo Molnar wrote:
* Linus Torvalds [EMAIL PROTECTED] wrote:
if you're merging this, please do the independent parts really
independenrly. For example, the above is a patch in its own right, and
probably worth doing regardless of anything
* [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
hm, had to pull it again because it crashed in testing:
i've only tested .24, not .25 so maybe something changed. did you make
sure that
write_pda(stack_canary, next_p-stack_canary);
was removed from
* Sam Ravnborg [EMAIL PROTECTED] wrote:
if you're merging this, please do the independent parts really
independenrly. For example, the above is a patch in its own right,
and probably worth doing regardless of anything else.
yes. I wanted to have it tested for a bit, because the
* Ingo Molnar [EMAIL PROTECTED] wrote:
was removed from arch/x86/kernel/process_64.c:__switch_to? that's
the only reason i can think of that would trigger this trace.
I hand-ported your fixes [the patch was whitespace damaged] so i'm
quite sure i got every bit of it - but find it below
--- linux-2.6.24.2/arch/x86/kernel/Makefile_642008-01-24
23:58:37.0
+0100
+++ linux-2.6.24.2-pax/arch/x86/kernel/Makefile_642008-02-13
11:36:14.0 +0100
@@ -42,4 +42,6 @@ obj-$(CONFIG_PCI) += early-quirks.o
obj-y+=
On Tue, Feb 12, 2008 at 11:08:18AM -0800, Arjan van de Ven wrote:
> On Tue, 12 Feb 2008 19:50:12 +0100
> Sam Ravnborg <[EMAIL PROTECTED]> wrote:
> > >
> > > Now I realize that certain distros have patched gcc to compensate
> > > for their lack of distro wide CFLAGS, and it's great to work around
On Tue, 12 Feb 2008 19:50:12 +0100
Sam Ravnborg <[EMAIL PROTECTED]> wrote:
> >
> > Now I realize that certain distros have patched gcc to compensate
> > for their lack of distro wide CFLAGS, and it's great to work around
> > that... but would there be a way to NOT disable this for
> >
On Tue, Feb 12, 2008 at 09:00:01AM -0800, Arjan van de Ven wrote:
>
> Hi,
>
> I just read the excellent LWN writeup of the vmsplice security thing, and
> that got me
> wondering why this attack wasn't stopped by the CONFIG_CC_STACKPROTECTOR
> option... because
> it plain should have been...
>
Hi,
I just read the excellent LWN writeup of the vmsplice security thing, and that
got me
wondering why this attack wasn't stopped by the CONFIG_CC_STACKPROTECTOR
option... because
it plain should have been...
some analysis later.. it turns out that the following line in the top level
On Tue, 12 Feb 2008 19:50:12 +0100
Sam Ravnborg [EMAIL PROTECTED] wrote:
Now I realize that certain distros have patched gcc to compensate
for their lack of distro wide CFLAGS, and it's great to work around
that... but would there be a way to NOT disable this for
On Tue, Feb 12, 2008 at 09:00:01AM -0800, Arjan van de Ven wrote:
Hi,
I just read the excellent LWN writeup of the vmsplice security thing, and
that got me
wondering why this attack wasn't stopped by the CONFIG_CC_STACKPROTECTOR
option... because
it plain should have been...
some
On Tue, Feb 12, 2008 at 11:08:18AM -0800, Arjan van de Ven wrote:
On Tue, 12 Feb 2008 19:50:12 +0100
Sam Ravnborg [EMAIL PROTECTED] wrote:
Now I realize that certain distros have patched gcc to compensate
for their lack of distro wide CFLAGS, and it's great to work around
that...
Hi,
I just read the excellent LWN writeup of the vmsplice security thing, and that
got me
wondering why this attack wasn't stopped by the CONFIG_CC_STACKPROTECTOR
option... because
it plain should have been...
some analysis later.. it turns out that the following line in the top level
36 matches
Mail list logo
