lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20130621225541.GA29801@electric-eye.fr.zoreil.com>
Date:	Sat, 22 Jun 2013 00:55:41 +0200
From:	Francois Romieu <romieu@...zoreil.com>
To:	"opensource@...usoft.pl" <opensource@...usoft.pl>
Cc:	linux-kernel@...r.kernel.org, security@...ian.org
Subject: Re: hanging, and possible exploit/ddos from LAN for RTL and other
 cards (watchdog netdev)

opensource@...usoft.pl <opensource@...usoft.pl> :
> On Sunday 16 June 2013 18:39:21 Francois Romieu wrote:
> 
> Thank you for feedback. We provide XID, IRQ and additional info below.

Executive summary:
1. affected Realtek nics are 8168evl (XID 0c900800) and an old PCI
   (XID 18000000)
2. failing marvell nic resorts to a proprietary fglrx tainted kernel
   on a computer with several graphic cards

(2) is nothing I am thrilled to spend time on, especially in a
clusterfucked openbsd-tor-bitcoin-grsecurity-backport-from-hell
technical context.

b423e9ae49d78ea3f53b131c8d5a6087aed16fd6 must be applied if tx
checksumming is enabled on your 8168evl (see 'ethtool -k eth0').
b423e9ae49d78ea3f53b131c8d5a6087aed16fd6 is still pending inclusion
in -stable so it can only be found in current -git.

[...]
>  * We plan to connect -eth-tcpdump-eth- boxes between some computers and LAN
>  * We plan to swap electrical devices: switches, even cables to exclude this

No overclocking nor outdated gigabyte EP45xyz motherboard bioses ?

[...]
> --- possible solutions ------------------------------------
> #1 the patch rtl8169-fix1a-3.2.46.patch below  (NO. not working)

As expected: 8168evl is RTL_GIGA_MAC_VER_34.

> #2 kernel cmdline "pcie_aspm=off"  (not tested enough)
> #3 kernel cmdline "clocksource=acpi_pm" (not tested enough)
> 
> Since rearranging the network as in <info1> below, the hang of
> trident-mainboard-based computer no longer hangs entire network
> easily, so we wait for the freezing of computers to reoccur.

8168 may go into a mac pause frame frenzy if it fails.

[...]
> - when 2nd card was plugged in (usb0) it instantly was unhanging the computer 
> same as replugging eth0 cable would, and seemed to immunize it from hanging

Ok.

[...]
>         r8169 0000:02:00.0: eth4: unable to load firmware patch 
> rtl_nic/rtl8168e-3.fw (-2)

You can give it a try.

-- 
Ueimor
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ