It looks like this has been fixed upstream. I will close it. If the
problem still occurs, please reopen it.
** Changed in: linux (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/932850
Title:
add PAX refcount overflow protection
Status in linux package in Ubuntu:
Invalid
Bug description:
In reference to the Ubuntu Security Team's Kernel Roadmap's wishlist
item for the addition of a kernel reference count overflow protection
mechanism, similar to CONFIG_PAX_REFCOUNT, I've developed a patch that
does exactly that: adds reference count overflow protection.
I cherrypicked the CONFIG_PAX_REFCOUNT part of the PAX patch, which
was mostly straightforward. The majority of added code is for the
addition of *_unchecked types and functions, which are used when
implementing types that are meant for performance counters, mainly,
and not reference counting; overflow protection should not be
performed on these types.
Please note that this patch is for kernel version 2.6.32. If the
community is receptive to this version of the patch, I will port the
patch to 3.0.x.
Also, there are no controls, sysctl-based or otherwise, governing
access to this feature at runtime; I was unsure if such controls were
really needed. The feature was cherrypicked directly; I didn't rename
it from "PAX_REFCOUNT" as I was unsure how the community felt about
the name.
This feature is disabled by default and can be found in the Security
menu when configuring a kernel via make menuconfig, etc.
I've also included a module that tests refcount overflow protection by
overflowing a type that is protected by this patch.
The patch applies cleanly to kernel version 2.6.32 with Ubuntu patches, found
at http://packages.ubuntu.com/lucid/linux-source-2.6.32.
---
ApportVersion: 1.23-0ubuntu3
Architecture: i386
DistroRelease: Ubuntu 11.10
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release i386 (20111012)
Package: linux (not installed)
ProcEnviron:
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcVersionSignature:
Tags: oneiric running-unity
Uname: Linux 2.6.32.52+drm33.21-pax-refcount i686
UnreportableReason: The running kernel is not an Ubuntu kernel
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/932850/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
