| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Mar 2007 15:20:00 -0700 (PDT) From: Roland McGrath <roland@...hat.com> To: Jeremy Fitzhardinge <jeremy@...p.org> Cc: Ingo Molnar <mingo@...e.hu>, Andi Kleen <ak@....de>, Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org, virtualization@...ts.osdl.org, xen-devel@...ts.xensource.com, Chris Wright <chrisw@...s-sol.org>, Zachary Amsden <zach@...are.com>, Rusty Russell <rusty@...tcorp.com.au>, Ian Pratt <ian.pratt@...source.com>, Christian Limpach <Christian.Limpach@...cam.ac.uk>, Ulrich Drepper <drepper@...hat.com>, Jakub Jelinek <jakub@...hat.com> Subject: Re: [patch 17/26] Xen-paravirt_ops: Add nosegneg capability to the vsyscall page notes > I'm not quite sure what you're suggesting here though. Do you mean one of: > > NOTE_KERNELCAP_BEGIN(1, 1) > NOTE_KERNELCAP(0, "nosegneg") > NOTE_KERNELCAP_END > > or > > NOTE_KERNELCAP_BEGIN(1, 2) > NOTE_KERNELCAP(1, "nosegneg") > NOTE_KERNELCAP_END > > is the correct thing to use? Yes. (Sorry about the typo, 1 and 0 are close enough aren't they? ;-) > > Some pre-release glibc's (before 2.4) had a bug in the code that parses > > this, and would crash parsing the correct note. Using the wrong bit value > > with nonmatching mask worked around this. IIRC, no glibc release ever > > included the buggy version of the code. In nonbuggy glibc, the mismatched > > value causes the "nosegneg" to be omitted from the directory search (under > > LD_LIBRARY_PATH and default directories), though ldconfig-based lookups > > will work (the most common case). > > Are you saying that one of the corrected forms might cause old glibcs to > crash, or just ignore nosegneg? Yes, the affected glibc crashed with the canonical form (the first above). I'm not sure such a glibc exists in the wild today, maybe only in some FC5 test releases (I CC'd Jakub so he can verify that at least as far as FC). Rik van Riel discovered that the s/0/1/ tweak sufficed for common daily use (i.e. ld.so.cache hits), and did that temporarily when he was hacking on Xen Linux kernels for Fedora, but reverted it after we fixed glibc. The uncorrected form causes current (correct) glibc to ignore nosegneg (for cache misses). Looking at the buggy version of the code, I think it will not crash with the second form above, just avoid using bit 0. (But I wouldn't swear to it without testing it.) The second form should certainly be fine with the current glibc. Just make sure that "kernelcap 1 nosegneg" is used in the ld.so.conf.d file, to match 1 in the NOTE_KERNELCAP first arg. Thanks, Roland - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists