| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201009201319.40563.arnd@arndb.de> Date: Mon, 20 Sep 2010 13:19:40 +0200 From: Arnd Bergmann <arnd@...db.de> To: Henrique de Moraes Holschuh <hmh@....eng.br> Cc: "H. Peter Anvin" <hpa@...ux.intel.com>, linux-kernel@...r.kernel.org, "Greg Kroah-Hartman" <gregkh@...e.de> Subject: Re: New compat_alloc_user_space() GPLness and fglrx On Saturday 18 September 2010, Henrique de Moraes Holschuh wrote: > Well, that means ATI needs to mess with the insides of their binary > blob... Anyone knows of a channel to talk to them? Someone must tell > them about this, I am just an unwilling user of fglrx (R600 support in > the open drivers is nowhere near what I need yet). > > Meanwhile, what is the solution? Keep using (the newly named) > arch_compat_alloc_user_space()? Since you don't know how that is used in the driver, that could very well keep the security hole open as long as the driver is loaded. You still have the obvious options that you won't like: 1. stay on an older (broken) kernel 2. don't use fglrx until this is fixed 3. copy the new compat_alloc_user_space as an inline function into the wrapper module (possibly making it undistributable) Arnd -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists