Re: CAN-2005-0204 and 2.4

From: Marcelo Tosatti
Date: Thu Sep 22 2005 - 15:10:58 EST

Next message: linux-os (Dick Johnson): "Re: security patch"
Previous message: Peter Staubach: "Re: [NFS] Re: [PATCH] repair nfsd/sunrpc in 2.6.14-rc2-mm1 (and other-mm versions)"
In reply to: Nikos Ntarmos: "Re: CAN-2005-0204 and 2.4"
Next in thread: Siddha, Suresh B: "[patch] x86_64: fix tss limit (was Re: CAN-2005-0204 and 2.4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 22, 2005 at 11:30:25AM +0900, Horms wrote:
> On Wed, Sep 21, 2005 at 01:31:37PM +0300, Nikos Ntarmos wrote:
> > Package: kernel-source-2.4.27
> > Version: 2.4.27-11.hls.2005082200
> > Severity: important
> > Justification: fails to build from source
> >
> > Patch 143_outs.diff.bz2 breaks the kernel compilation on x86_64. The
> > problem is that it uses the IO_BITMAP_BYTES macro which is defined for
> > i386 (in linux/include/asm-i386/processor.h) but not for x86_64.
> > Reverting the patch lets the kernel build again, although I guess the
> > correct solution would be to add an appropriate IO_BITMAP_BYTES to
> > linux/include/asm-x86_64/processor.h as well.
>
> Hi Nikos,
>
> First up, thanks for testing out my prebuild kernels. For the
> uninitiated they are snapshots of what is in the deabian kernel-team's
> SVN and live in http://packages.vergenet.net/testing/
>
> The problem that you see is a patch that was included in
> 2.4.27-11 (the current version in sid), though it isn't built
> for amd64.
>
> Could you see if the following patch works for you. I've CCed lkml and
> Marcelo for their consideration. It seems to me that 2.4 is indeed
> vulnerable to CAN-2005-0204, perhaps someone can shed some light on
> this.
>
> --
> Horms
>
> Description: [CAN-2005-0204]: AMD64, allows local users to write to privileged IO ports via OUTS instruction
> Patch author: Suresh Siddha (suresh.b.siddha@xxxxxxxxx)
> Upstream status: not applied
> URL: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=146244
> Patch source: Micah Anderson <micah@xxxxxxxxxx> (debian-kernel)
>
> Added definition of IO_BITMAP_BYTES for Debian's 2.4.27 and
> submitted upstream for consideration for inclusion in 2.4 -- Horms

And v2.6 does not seem to have been updated either, or a different form of
the fix has been deployed?

130 static inline void set_tss_desc(unsigned cpu, void *addr)
131 {
132 set_tssldt_descriptor(&cpu_gdt_table[cpu][GDT_ENTRY_TSS], (unsigned long)addr,
133 DESC_TSS,
134 sizeof(struct tss_struct) - 1);
135 }
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: linux-os (Dick Johnson): "Re: security patch"
Previous message: Peter Staubach: "Re: [NFS] Re: [PATCH] repair nfsd/sunrpc in 2.6.14-rc2-mm1 (and other-mm versions)"
In reply to: Nikos Ntarmos: "Re: CAN-2005-0204 and 2.4"
Next in thread: Siddha, Suresh B: "[patch] x86_64: fix tss limit (was Re: CAN-2005-0204 and 2.4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]