Bug#810820: linux-image-4.3.0-1-amd64: XEN fails after 7 domU's are started with linux-image-4.3.0-1-amd64 (version 4.3.3-5)

[KSB]

Can't find 4.3.3-6 anymore, but can confirm that on 4.3.3-7 problem is gone.
Do I need to make any additional tests?

Kaspars

Bug#810820: marked as done (linux-image-4.3.0-1-amd64: XEN fails after 7 domU's are started with linux-image-4.3.0-1-amd64 (version 4.3.3-5))

[Debian Bug Tracking System]

Your message dated Fri, 22 Jan 2016 19:05:09 +
with message-id <1453489509.7675.23.ca...@debian.org>
and subject line Re: Bug#810820: linux-image-4.3.0-1-amd64: XEN fails after 7 
domU's are started with linux-image-4.3.0-1-amd64 (version 4.3.3-5)
has caused the Debian Bug report #810820,
regarding linux-image-4.3.0-1-amd64: XEN fails after 7 domU's are started with 
linux-image-4.3.0-1-amd64 (version 4.3.3-5)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
810820: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810820
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:linux
Version: 4.3.3-5
Severity: normal



-- Package-specific info:
** Kernel log: boot messages should be attached

** Model information
sys_vendor: Quanta Computer Inc   
product_name: Sun Blade X6250 Server Module
product_version: To Be Filled By O.E.M.
chassis_vendor: Quanta Computer Inc   
chassis_version: To Be Filled By O.E.M.
bios_vendor: American Megatrends Inc.
bios_version: S90_3B14
board_vendor: Quanta Computer Inc   
board_name: Sun Blade X6250 Server Module
board_version: To be filled by O.E.M.

** PCI devices:
00:00.0 Host bridge [0600]: Intel Corporation 5000P Chipset Memory Controller 
Hub [8086:25d8] (rev b1)
Subsystem: Oracle/SUN Device [108e:4340]
Control: I/O- Mem- BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr+ 
Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 

00:02.0 PCI bridge [0604]: Intel Corporation 5000 Series Chipset PCI Express x8 
Port 2-3 [8086:25f7] (rev b1) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr+ 
Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:03.0 PCI bridge [0604]: Intel Corporation 5000 Series Chipset PCI Express x4 
Port 3 [8086:25e3] (rev b1) (prog-if 00 [Normal decode])
Control: I/O- Mem- BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr+ 
Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:04.0 PCI bridge [0604]: Intel Corporation 5000 Series Chipset PCI Express x8 
Port 4-5 [8086:25f8] (rev b1) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr+ 
Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:05.0 PCI bridge [0604]: Intel Corporation 5000 Series Chipset PCI Express x4 
Port 5 [8086:25e5] (rev b1) (prog-if 00 [Normal decode])
Control: I/O- Mem- BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr+ 
Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:06.0 PCI bridge [0604]: Intel Corporation 5000 Series Chipset PCI Express x8 
Port 6-7 [8086:25f9] (rev b1) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr+ 
Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:07.0 PCI bridge [0604]: Intel Corporation 5000 Series Chipset PCI Express x4 
Port 7 [8086:25e7] (rev b1) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr+ 
Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:10.0 Host bridge [0600]: Intel Corporation 5000 Series Chipset FSB Registers 
[8086:25f0] (rev b1)
Subsystem: Oracle/SUN Device [108e:4340]
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- 

Bug#812366: linux-image-3.16.0-4-amd64: Kernel panic due to reading /sys/block/bcache?/bcache/writeback_rate_debug (bch_cached_dev_show)

[Dmitry Yu Okunev]

Package: src:linux
Version: 3.16.7-ckt20-1+deb8u1
Severity: normal
Tags: upstream

Hello.

I experienced a bug in module "bcache" of linux kernel (a reduced photo is 
attached, a less reduced photo you can download from [1]).

[1] 
https://devel.mephi.ru/dyokunev/public/raw/master/debian/bugreport/2016/bcache-panic/photo_kernelbug-bch_cached_dev_show.jpg

The server is in production so I have no ability to repeat the bug and I tried 
to recognize a text on the photo (sorry if there're any typos):

[525996.860864] 880c0010 880c84737630 880c84737d40 
880cbdd4a040
[525996.860943] aOSecaeS 0003 0003 
000a
[525996.861023] Call Trace:
{525996.861067] [] ? dump_stack+0x41/0x51
[525996.861108] [] ? panic+0xc8/0x1fc
[525996.861156] [l ? __bch_cached_dev_show+0x505/0x510 
[bcache]
[525996.861225} [] ? __stack_chk_fail+0x17/0x20
[525996.861269) [] ? __bch_cached_dev_show+0x505/0x510 
[bcache]
[525996.861338] [] ? bch_cached_dev_show+0x2c/0x50 [bcache]
[525996.861386] [] ? sysfs_kf_seq_show+0xc4/0x1e0
[525996.861431] [] ? seq_read+0xe2/0x360
[525996.861475] [] ? vfs_read+0x93/0x170
[525996.861514] [] ? SyS_read+0x42/0xa0
[525996.861555] [] ? page_fault+0x28/0x30
[525996.861598] [] ? system_call_fast_compare_end+0x10/0x15
[525996.861686] Kernel Offset: 0x0 from 0x8100 (relocation range: 
0x8000-0x9ff)
[525996.980293] ---[ end Kernel panic - not syncing: stack-protector: Kernel 
stack is corrupted in: a05ec3e5

I googled the issue and found [2]. Indeed I was reading files 
/sys/block/bcache{0,1,2,3}/bcache/writeback_rate_debug every second for 
debugging purposes. I stopped the processes, reading "writeback_rate_debug" and 
the bug didn't appear again.

[2] http://www.spinics.net/lists/linux-bcache/msg03173.html

Seems the bug is related to vanilla kernel code but Debian has own patches on 
the kernel, so I filled this report.

Best regards, Dmitry,
tel. 8 (495) 788-56-99, ext. 8255.

-- Package-specific info:
** Version:
Linux version 3.16.0-4-amd64 (debian-kernel@lists.debian.org) (gcc version 
4.8.4 (Debian 4.8.4-1) ) #1 SMP Debian 3.16.7-ckt20-1+deb8u1 (2015-12-14)

** Command line:
BOOT_IMAGE=/boot/vmlinuz-3.16.0-4-amd64 
root=UUID=598c2749-c8c2-41ff-ac76-056ea007eb9e ro

** Tainted: O (4096)
 * Out-of-tree module has been loaded.

** Model information
sys_vendor: Supermicro
product_name: SYS-6028R-WTR
product_version: 0123456789
chassis_vendor: Supermicro
chassis_version: 0123456789
bios_vendor: American Megatrends Inc.
bios_version: 1.0c
board_vendor: Supermicro
board_name: X10DRW-i
board_version: 1.02

** Loaded modules:
fuse
btrfs
xor
raid6_pq
ufs
qnx4
hfsplus
hfs
minix
ntfs
vfat
msdos
fat
jfs
xfs
dm_mod
iscsi_trgt(O)
cpuid
md_mod
drbd
lru_cache
libcrc32c
crc32c_generic
crc32c_intel
nfsd
auth_rpcgss
oid_registry
nfs_acl
lockd
sunrpc
fcoe
libfcoe
libfc
scsi_transport_fc
scsi_tgt
8021q
garp
stp
mrp
llc
mlx4_ib
ib_sa
ib_mad
ib_core
ib_addr
mlx4_en
mlx4_core
vxlan
x86_pkg_temp_thermal
intel_powerclamp
intel_rapl
coretemp
kvm_intel
iTCO_wdt
kvm
iTCO_vendor_support
crc32_pclmul
aesni_intel
aes_x86_64
lrw
gf128mul
glue_helper
ablk_helper
cryptd
joydev
pcspkr
mei_me
lpc_ich
ioatdma
shpchp
mei
i2c_i801
mfd_core
evdev
wmi
tpm_tis
tpm
ipmi_si
ipmi_msghandler
processor
thermal_sys
acpi_power_meter
acpi_pad
button
ext4
crc16
mbcache
jbd2
hid_generic
usbhid
hid
bcache
sg
sd_mod
crc_t10dif
crct10dif_generic
crct10dif_pclmul
crct10dif_common
ahci
libahci
ehci_pci
igb
i2c_algo_bit
xhci_hcd
ehci_hcd
libata
megaraid_sas
i2c_core
dca
usbcore
ptp
scsi_mod
usb_common
pps_core

** PCI devices:
00:00.0 Host bridge [0600]: Intel Corporation Haswell-E DMI2 [8086:2f00] (rev 
02)
Subsystem: Super Micro Computer Inc Device [15d9:0821]
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 

00:01.0 PCI bridge [0604]: Intel Corporation Haswell-E PCI Express Root Port 1 
[8086:2f02] (rev 02) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:02.0 PCI bridge [0604]: Intel Corporation Haswell-E PCI Express Root Port 2 
[8086:2f04] (rev 02) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:02.2 PCI bridge [0604]: Intel Corporation Haswell-E PCI Express Root Port 

Bug#784688: Thousands of "xen:balloon: Cannot add additional memory (-17) messages" despite dom0 ballooning disabled

[KSB]

Seen this behavior on earlier kernels (i.e. 3.14-2-amd64 pkg 3.14.15-2.) 
and seems to be gone at least in 4.3

linux_3.16.7-ckt20-1+deb8u3~bpo70+1_multi.changes ACCEPTED into wheezy-backports->backports-policy, wheezy-backports

[Debian FTP Masters]

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 19 Jan 2016 23:33:46 +
Source: linux
Binary: linux-source-3.16 linux-doc-3.16 linux-manual-3.16 
linux-support-3.16.0-0.bpo.4 linux-libc-dev linux-headers-3.16.0-0.bpo.4-all 
linux-headers-3.16.0-0.bpo.4-all-amd64 kernel-image-3.16.0-0.bpo.4-amd64-di 
nic-modules-3.16.0-0.bpo.4-amd64-di 
nic-wireless-modules-3.16.0-0.bpo.4-amd64-di 
nic-shared-modules-3.16.0-0.bpo.4-amd64-di 
serial-modules-3.16.0-0.bpo.4-amd64-di 
usb-serial-modules-3.16.0-0.bpo.4-amd64-di ppp-modules-3.16.0-0.bpo.4-amd64-di 
pata-modules-3.16.0-0.bpo.4-amd64-di cdrom-core-modules-3.16.0-0.bpo.4-amd64-di 
firewire-core-modules-3.16.0-0.bpo.4-amd64-di 
scsi-core-modules-3.16.0-0.bpo.4-amd64-di scsi-modules-3.16.0-0.bpo.4-amd64-di 
scsi-common-modules-3.16.0-0.bpo.4-amd64-di 
scsi-extra-modules-3.16.0-0.bpo.4-amd64-di loop-modules-3.16.0-0.bpo.4-amd64-di 
btrfs-modules-3.16.0-0.bpo.4-amd64-di ext4-modules-3.16.0-0.bpo.4-amd64-di 
isofs-modules-3.16.0-0.bpo.4-amd64-di jfs-modules-3.16.0-0.bpo.4-amd64-di 
ntfs-modules-3.16.0-0.bpo.4-amd64-di
 xfs-modules-3.16.0-0.bpo.4-amd64-di fat-modules-3.16.0-0.bpo.4-amd64-di 
md-modules-3.16.0-0.bpo.4-amd64-di multipath-modules-3.16.0-0.bpo.4-amd64-di 
usb-modules-3.16.0-0.bpo.4-amd64-di usb-storage-modules-3.16.0-0.bpo.4-amd64-di 
pcmcia-storage-modules-3.16.0-0.bpo.4-amd64-di 
fb-modules-3.16.0-0.bpo.4-amd64-di input-modules-3.16.0-0.bpo.4-amd64-di 
event-modules-3.16.0-0.bpo.4-amd64-di mouse-modules-3.16.0-0.bpo.4-amd64-di 
nic-pcmcia-modules-3.16.0-0.bpo.4-amd64-di 
pcmcia-modules-3.16.0-0.bpo.4-amd64-di nic-usb-modules-3.16.0-0.bpo.4-amd64-di 
sata-modules-3.16.0-0.bpo.4-amd64-di core-modules-3.16.0-0.bpo.4-amd64-di 
acpi-modules-3.16.0-0.bpo.4-amd64-di i2c-modules-3.16.0-0.bpo.4-amd64-di 
crc-modules-3.16.0-0.bpo.4-amd64-di crypto-modules-3.16.0-0.bpo.4-amd64-di 
crypto-dm-modules-3.16.0-0.bpo.4-amd64-di efi-modules-3.16.0-0.bpo.4-amd64-di 
ata-modules-3.16.0-0.bpo.4-amd64-di mmc-core-modules-3.16.0-0.bpo.4-amd64-di 
mmc-modules-3.16.0-0.bpo.4-amd64-di
 nbd-modules-3.16.0-0.bpo.4-amd64-di squashfs-modules-3.16.0-0.bpo.4-amd64-di 
speakup-modules-3.16.0-0.bpo.4-amd64-di virtio-modules-3.16.0-0.bpo.4-amd64-di 
uinput-modules-3.16.0-0.bpo.4-amd64-di sound-modules-3.16.0-0.bpo.4-amd64-di 
hyperv-modules-3.16.0-0.bpo.4-amd64-di udf-modules-3.16.0-0.bpo.4-amd64-di 
fuse-modules-3.16.0-0.bpo.4-amd64-di linux-headers-3.16.0-0.bpo.4-common 
linux-image-3.16.0-0.bpo.4-amd64 linux-headers-3.16.0-0.bpo.4-amd64 
linux-image-3.16.0-0.bpo.4-amd64-dbg xen-linux-system-3.16.0-0.bpo.4-amd64 
linux-headers-3.16.0-0.bpo.4-all-armel kernel-image-3.16.0-0.bpo.4-kirkwood-di 
nic-modules-3.16.0-0.bpo.4-kirkwood-di 
nic-shared-modules-3.16.0-0.bpo.4-kirkwood-di 
usb-serial-modules-3.16.0-0.bpo.4-kirkwood-di 
ppp-modules-3.16.0-0.bpo.4-kirkwood-di 
cdrom-core-modules-3.16.0-0.bpo.4-kirkwood-di 
scsi-core-modules-3.16.0-0.bpo.4-kirkwood-di 
loop-modules-3.16.0-0.bpo.4-kirkwood-di btrfs-modules-3.16.0-0.bpo.4-kirkwood-di
 ext4-modules-3.16.0-0.bpo.4-kirkwood-di 
isofs-modules-3.16.0-0.bpo.4-kirkwood-di jfs-modules-3.16.0-0.bpo.4-kirkwood-di 
fat-modules-3.16.0-0.bpo.4-kirkwood-di minix-modules-3.16.0-0.bpo.4-kirkwood-di 
md-modules-3.16.0-0.bpo.4-kirkwood-di 
multipath-modules-3.16.0-0.bpo.4-kirkwood-di 
usb-modules-3.16.0-0.bpo.4-kirkwood-di 
usb-storage-modules-3.16.0-0.bpo.4-kirkwood-di 
fb-modules-3.16.0-0.bpo.4-kirkwood-di input-modules-3.16.0-0.bpo.4-kirkwood-di 
event-modules-3.16.0-0.bpo.4-kirkwood-di 
mouse-modules-3.16.0-0.bpo.4-kirkwood-di 
nic-usb-modules-3.16.0-0.bpo.4-kirkwood-di 
sata-modules-3.16.0-0.bpo.4-kirkwood-di core-modules-3.16.0-0.bpo.4-kirkwood-di 
crc-modules-3.16.0-0.bpo.4-kirkwood-di 
crypto-modules-3.16.0-0.bpo.4-kirkwood-di 
crypto-dm-modules-3.16.0-0.bpo.4-kirkwood-di 
mmc-modules-3.16.0-0.bpo.4-kirkwood-di nbd-modules-3.16.0-0.bpo.4-kirkwood-di 
squashfs-modules-3.16.0-0.bpo.4-kirkwood-di 
uinput-modules-3.16.0-0.bpo.4-kirkwood-di
 leds-modules-3.16.0-0.bpo.4-kirkwood-di udf-modules-3.16.0-0.bpo.4-kirkwood-di 
fuse-modules-3.16.0-0.bpo.4-kirkwood-di kernel-image-3.16.0-0.bpo.4-orion5x-di 
nic-modules-3.16.0-0.bpo.4-orion5x-di 
nic-shared-modules-3.16.0-0.bpo.4-orion5x-di 
usb-serial-modules-3.16.0-0.bpo.4-orion5x-di 
ppp-modules-3.16.0-0.bpo.4-orion5x-di 
cdrom-core-modules-3.16.0-0.bpo.4-orion5x-di 
scsi-core-modules-3.16.0-0.bpo.4-orion5x-di 
loop-modules-3.16.0-0.bpo.4-orion5x-di ipv6-modules-3.16.0-0.bpo.4-orion5x-di 
btrfs-modules-3.16.0-0.bpo.4-orion5x-di ext4-modules-3.16.0-0.bpo.4-orion5x-di 
isofs-modules-3.16.0-0.bpo.4-orion5x-di jffs2-modules-3.16.0-0.bpo.4-orion5x-di 
jfs-modules-3.16.0-0.bpo.4-orion5x-di fat-modules-3.16.0-0.bpo.4-orion5x-di 
minix-modules-3.16.0-0.bpo.4-orion5x-di md-modules-3.16.0-0.bpo.4-orion5x-di 
multipath-modules-3.16.0-0.bpo.4-orion5x-di 
usb-modules-3.16.0-0.bpo.4-orion5x-di 
usb-storage-modules-3.16.0-0.bpo.4-orion5x-di 
event-modules-3.16.0-0.bpo.4-orion5x-di
 

Processed: reassign 812207 to linux-image-3.16.0-4-amd64

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 812207 linux-image-3.16.0-4-amd64 3.16.7-ckt20
Bug #812207 [linux-image-3.16.0-4] linux: AUFS can hang up; Please update to 
v20160111 or later
Warning: Unknown package 'linux-image-3.16.0-4'
Bug reassigned from package 'linux-image-3.16.0-4' to 
'linux-image-3.16.0-4-amd64'.
No longer marked as found in versions 3.16.7-ckt20.
Ignoring request to alter fixed versions of bug #812207 to the same values 
previously set
Bug #812207 [linux-image-3.16.0-4-amd64] linux: AUFS can hang up; Please update 
to v20160111 or later
There is no source info for the package 'linux-image-3.16.0-4-amd64' at version 
'3.16.7-ckt20' with architecture ''
Unable to make a source version for version '3.16.7-ckt20'
Marked as found in versions 3.16.7-ckt20.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
812207: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812207
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#720735: initramfs-tools: mkinitramfs uses ldd, which is insecure and generates core dumps

[Vincent Lefevre]

Control: tags -1 - moreinfo

On 2016-01-22 02:36:44 +, Ben Hutchings wrote:
> Do you think there is still a bug to fix here, or can this be closed?

Well, the core dump problem has been fixed in the kernel. Now, I think
that if there is an issue, it is in ldd. It is still not clear whether
/libx32 is free for any use if x32 related packages are not installed.
About /lib, FHS 2.3 says "[...] on systems which support more
than one binary format requiring separate libraries" but I don't think
that one can say that Debian/amd64 supports the x32 binary format. And
about the requirements, "If one or more of these directories exist"
is rather unclear: does "these directories" mean any directory name
matching /lib* or any directory associated with a supported binary
format?

If /libx32 is free for any use, then there may be a security issue
because /libx32/ld-linux-x32.so.2 gets executed by ldd.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Processed: Re: initramfs-tools: mkinitramfs uses ldd, which is insecure and generates core dumps

[Debian Bug Tracking System]

Processing control commands:

> tags -1 - moreinfo
Bug #720735 [initramfs-tools] initramfs-tools: Use static check for library 
dependencies instead of ldd
Removed tag(s) moreinfo.

-- 
720735: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720735
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#720735: marked as done (initramfs-tools: Use static check for library dependencies instead of ldd)

[Debian Bug Tracking System]

Your message dated Fri, 22 Jan 2016 12:37:50 +
with message-id <1453466270.3734.141.ca...@decadent.org.uk>
and subject line Re: initramfs-tools: mkinitramfs uses ldd, which is insecure 
and generates core dumps
has caused the Debian Bug report #720735,
regarding initramfs-tools: Use static check for library dependencies instead of 
ldd
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
720735: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720735
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: initramfs-tools
Version: 0.113
Severity: important
Tags: security

I've noticed that when running update-initramfs, a core dump was
generated in the current directory, which is in itself a first bug.

After looking at this problem with strace, I saw that this came from:

  /usr/bin/ldd /lib/firmware/cis/PCMLM28.cis

apparently via mkinitramfs. The strace output shows:

23190 execve("/libx32/ld-linux-x32.so.2", ["/libx32/ld-linux-x32.so.2"], [/* 
115 vars */]) = 0
23190 syscall_1073741836(0, 0, 0x400c, 0xbfebfbff, 0x37f, 0x64, 0x1000, 
0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 
0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 
0x1000, 0x1000, 0x1000, 0x1000, 0x1000) = -1 (errno 38)
23190 syscall_1073742340(0x2, 0xfffbaa70, 0x1, 0xbfebfbff, 0xf77b0a3e, 
0xf776d8cc, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 
0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 
0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 
0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 
0xf776ef7d, 0xf776ef7d, 0xf776ef7d) = -1 (errno 38)
23190 syscall_1073742055(0x7f, 0x403c, 0x7f, 0xbfebfbff, 0x40e7, 
0xf776d8cc, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 
0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7) = -1 (errno 38)
23190 syscall_1073741884(0x7f, 0x403c, 0x7f, 0xbfebfbff, 0x40e7, 
0xf776d8cc, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 
0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7) = -1 (errno 38)
23190 --- SIGSEGV (Segmentation fault) @ 0 (0) ---

I wonder whether it may be a security bug. /libx32 is not necessarily
a standard directory, and could for instance be NFS mounted, have
write-access to more people, or whatever; only some particular
packages use this directory, but if they are not installed, I assume
that the admin is free to do whatever he wants with it, and tools
like mkinitramfs are not supposed to run anything from it.

And this is not a bug in ldd, as the ldd man page says:

  Security
In the usual  case,  ldd  invokes  the  standard  dynamic  linker  (see
ld.so(8))  with the LD_TRACE_LOADED_OBJECTS environment variable set to
1, which causes the linker to display  the  library  dependencies.   Be
aware,  however,  that  in some circumstances, some versions of ldd may
attempt to obtain the dependency information by directly executing  the
program.  Thus, you should never employ ldd on an untrusted executable,
since this may result in the execution  of  arbitrary  code.   A  safer
alternative when dealing with untrusted executables is:

$ objdump -p /path/to/program | grep NEEDED

For this reason, I think that the use of ldd should be dropped
entirely from initramfs-tools. It might ease privilege escalation
if there's another security bug on the system.

-- Package-specific info:
-- initramfs sizes
-rw-r--r-- 1 root root 13M 2013-08-24 23:54:26 /boot/initrd.img-3.10-1-amd64
-rw-r--r-- 1 root root 13M 2013-08-24 23:35:31 /boot/initrd.img-3.10-2-amd64
-rw-r--r-- 1 root root 13M 2013-08-24 23:36:02 /boot/initrd.img-3.8-1-amd64
-rw-r--r-- 1 root root 13M 2013-08-24 23:35:55 /boot/initrd.img-3.8-2-amd64
-rw-r--r-- 1 root root 13M 2013-08-24 23:35:46 /boot/initrd.img-3.9-1-amd64
-- /proc/cmdline
root=/dev/mapper/xvii-root ro quiet reboot=pci

-- resume
RESUME=/dev/mapper/xvii-swap_1
-- /proc/filesystems
ext3
fuseblk
ext2

-- lsmod
Module  Size  Used by
cuse   12971  3 
cpufreq_powersave  12454  0 
cpufreq_stats  12866  0 
cpufreq_userspace  12576  0 
cpufreq_conservative14184  0 
xt_multiport   12548  2 
iptable_filter 12536  1 
ip_tables  22036  1 iptable_filter
x_tables   19041  3 ip_tables,xt_multiport,iptable_filter
parport_pc 22409  0 
ppdev  12763  0 
lp

Processed: Re: Bug#812336: [s390x] udeb: include modules to mount ISOs (loop device)

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + patch
Bug #812336 [src:linux] [s390x] udeb: include modules to mount ISOs (loop 
device)
Added tag(s) patch.

-- 
812336: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812336
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#812336: [s390x] udeb: include modules to mount ISOs (loop device)

[Hendrik Brueckner]

Control: tags -1 + patch

Attached patch to add the module udebs.
>From 29c5deff3510c2e326c2f4d9c35d0c3dddf5dab2 Mon Sep 17 00:00:00 2001
From: Hendrik Brueckner 
Date: Fri, 22 Jan 2016 14:37:59 +0100
Subject: [PATCH] [s390x] udeb: include modules to mount ISOs (loop device)

To mount ISO images within the Debian Installer, the loop device
support is required.  Also the CD/DVD file systems are required too.

Hence, add the ISO and UDF file systems modules, as well as, the
loop device modules.

Signed-off-by: Hendrik Brueckner 
---
 debian/changelog   | 8 
 debian/installer/s390x/modules/s390x/isofs-modules | 1 +
 debian/installer/s390x/modules/s390x/loop-modules  | 1 +
 debian/installer/s390x/modules/s390x/udf-modules   | 1 +
 4 files changed, 11 insertions(+)
 create mode 100644 debian/installer/s390x/modules/s390x/isofs-modules
 create mode 100644 debian/installer/s390x/modules/s390x/loop-modules
 create mode 100644 debian/installer/s390x/modules/s390x/udf-modules

diff --git a/debian/changelog b/debian/changelog
index 83d54a0..8178765 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+linux (4.3.3-8) UNRELEASED; urgency=medium
+
+  [ Hendrik Brueckner ]
+  * [s390x] udeb: include modules to mount ISOs (loop device)
+(Closes: #812336)
+
+ -- Hendrik Brueckner   Fri, 22 Jan 2016 
14:34:21 +0100
+
 linux (4.3.3-7) unstable; urgency=medium
 
   * linux-image-dbg: Don't rely on upstream makefile to make .build-id
diff --git a/debian/installer/s390x/modules/s390x/isofs-modules 
b/debian/installer/s390x/modules/s390x/isofs-modules
new file mode 100644
index 000..da4fa9a
--- /dev/null
+++ b/debian/installer/s390x/modules/s390x/isofs-modules
@@ -0,0 +1 @@
+#include 
diff --git a/debian/installer/s390x/modules/s390x/loop-modules 
b/debian/installer/s390x/modules/s390x/loop-modules
new file mode 100644
index 000..c1c948f
--- /dev/null
+++ b/debian/installer/s390x/modules/s390x/loop-modules
@@ -0,0 +1 @@
+#include 
diff --git a/debian/installer/s390x/modules/s390x/udf-modules 
b/debian/installer/s390x/modules/s390x/udf-modules
new file mode 100644
index 000..b90d7ee
--- /dev/null
+++ b/debian/installer/s390x/modules/s390x/udf-modules
@@ -0,0 +1 @@
+#include 
-- 
2.3.9

Bug#812336: [s390x] udeb: include modules to mount ISOs (loop device)

[Hendrik Brueckner]

Package: src:linux
Version: 4.3.0-1
Severity: normal
Tags: d-i

Ben,

for mounting ISO images within the Debian Installer, the loop and ISO file
system module udebs are missing and should be included. I will attach a
patch to resolve this issue.

These module udebs are required by the the iso-scan/load-iso debian installer
packages.

Thanks and kind regards,
  Hendrik

Bug#812340: [s390x] udeb: include btrfs-modules

[Hendrik Brueckner]

Package: src:linux
Version: 4.3.0-1
Severity: normal
Tags: d-i

Ben,

here is yet another debian-installer udeb request.  The btrfs module udeb is not
included.  Apart from the btrfs-modules udeb, the zlib-modules is also
required to resolve zlib_deflate dependency.   Again, patch follows.

Kind regards,
  Hendrik

Bug#812340: [s390x] udeb: include btrfs-modules

[Hendrik Brueckner]

Control: tags -1 + patch

Attached the patch to add the btrfs-modules udeb.  You might apply
the patch after #812336 "[s390x] udeb: include modules to mount ISOs".

Thanks.
>From 4129f8f8619c414af98795d3ef63aad11d13f473 Mon Sep 17 00:00:00 2001
From: Hendrik Brueckner 
Date: Fri, 22 Jan 2016 15:39:53 +0100
Subject: [PATCH] [s390x] udeb: include btrfs-modules

Add btrfs-modules udeb.  Also add zlib-modules udeb because btrfs
requires zlib_deflate.

Signed-off-by: Hendrik Brueckner 
---
 debian/changelog   | 3 ++-
 debian/installer/s390x/modules/s390x/btrfs-modules | 1 +
 debian/installer/s390x/modules/s390x/zlib-modules  | 1 +
 3 files changed, 4 insertions(+), 1 deletion(-)
 create mode 100644 debian/installer/s390x/modules/s390x/btrfs-modules
 create mode 100644 debian/installer/s390x/modules/s390x/zlib-modules

diff --git a/debian/changelog b/debian/changelog
index 890dad8..3b8f8d7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,8 +3,9 @@ linux (4.3.3-8) UNRELEASED; urgency=medium
   [ Hendrik Brueckner ]
   * [s390x] udeb: include modules to mount ISOs (loop device)
 (Closes: #812336)
+  * [s390x] udeb: include btrfs-modules (Closes: #812340)
 
- -- Hendrik Brueckner   Fri, 22 Jan 2016 
14:34:21 +0100
+ -- Hendrik Brueckner   Fri, 22 Jan 2016 
15:21:08 +0100
 
 linux (4.3.3-7) unstable; urgency=medium
 
diff --git a/debian/installer/s390x/modules/s390x/btrfs-modules 
b/debian/installer/s390x/modules/s390x/btrfs-modules
new file mode 100644
index 000..e261e13
--- /dev/null
+++ b/debian/installer/s390x/modules/s390x/btrfs-modules
@@ -0,0 +1 @@
+#include 
diff --git a/debian/installer/s390x/modules/s390x/zlib-modules 
b/debian/installer/s390x/modules/s390x/zlib-modules
new file mode 100644
index 000..e02ad64
--- /dev/null
+++ b/debian/installer/s390x/modules/s390x/zlib-modules
@@ -0,0 +1 @@
+#include 
-- 
2.3.9

Processed: Re: Bug#812340: [s390x] udeb: include btrfs-modules

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + patch
Bug #812340 [src:linux] [s390x] udeb: include btrfs-modules
Added tag(s) patch.

-- 
812340: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812340
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#810154: [PATCH initramfs-tools 0/4] Changes to busybox integration

[Ben Hutchings]

On Fri, 2016-01-22 at 08:58 +0300, Michael Tokarev wrote:
> 22.01.2016 01:14, Ben Hutchings wrote:
> > This series removes the busybox hook script and definition of
> > BUSYBOXDIR from initramfs-tools, leaving busybox itself responsible
> > for these.
> 
> Oh well.  How many times I talked with Max on IRC, sent patches,
> created a git tree for initramfs to pull from..  His answer has
> always been the same: no need.  So I gave up, creating an ugly
> zzz-busybox which undoes the mess done in initramfs script.

That's strange as the TODO file said it should be done.

> Please note that once the d-i team prevented me from maintaining
> busybox, this package remains unmaintained.  So maybe it is a
> better idea to remove usage of busybox in initramfs (which this
> series actually does).

It doesn't; busybox is still recommended and used by default.

Ben.

> Thank you Ben!
> 
> (And yes, I'm still subscribed to busybox package, for unknown
> reason).
> 
> /mjt
> 
-- 
Ben Hutchings
Quantity is no substitute for quality, but it's the only one we've got.


signature.asc
Description: This is a digitally signed message part

Bug#812386: Please enable ARCH_QCOM on arm64

[Martin Michlmayr]

Package: linux
Version: 4.4-1~exp1
Severity: wishlist

Please enable ARCH_QCOM on arm64.  I believe the following options
should be enabled:

CONFIG_ARCH_QCOM=y

CONFIG_STMMAC_ETH=m
CONFIG_STMMAC_PLATFORM=m
CONFIG_DWMAC_GENERIC=m
CONFIG_DWMAC_IPQ806X=m

CONFIG_SERIAL_MSM=y
CONFIG_SERIAL_MSM_CONSOLE=y

CONFIG_HW_RANDOM_MSM=m

CONFIG_I2C_QUP=m
CONFIG_SPI_QUP=m

CONFIG_PINCTRL=y

CONFIG_POWER_RESET_MSM=y

CONFIG_QCOM_WDT=m

CONFIG_DRM=m
CONFIG_DRM_MSM=m
CONFIG_DRM_MSM_DSI=y
CONFIG_DRM_MSM_DSI_PLL=y
CONFIG_DRM_MSM_DSI_28NM_PHY=y
CONFIG_DRM_MSM_DSI_20NM_PHY=y

CONFIG_SND_SOC=m
CONFIG_SND_SOC_QCOM=m

CONFIG_USB_PHY=y
CONFIG_USB_MSM_OTG=m
CONFIG_USB_QCOM_8X16_PHY=m
CONFIG_USB_GADGET=m

CONFIG_MMC_QCOM_DML=m

CONFIG_DMADEVICES=y
CONFIG_QCOM_BAM_DMA=m

CONFIG_HWSPINLOCK=m
CONFIG_HWSPINLOCK_QCOM=m

CONFIG_QCOM_GSBI=m
CONFIG_QCOM_SMEM=m
CONFIG_QCOM_SMD=m
CONFIG_QCOM_SMD_RPM=m

CONFIG_EXTCON=m

CONFIG_RESET_CONTROLLER=y

CONFIG_PHY_QCOM_APQ8064_SATA=m
CONFIG_PHY_QCOM_IPQ806X_SATA=m

CONFIG_CRYPTO_DEV_QCE=m

-- 
Martin Michlmayr
Linux for HPE Helion, Hewlett Packard Enterprise