lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAJwJo6bPG_U3=rmw9=N3gguZMTMDrLLMC6AFb7DbMOx1y+_5Rg@mail.gmail.com>
Date:	Tue, 19 Jul 2016 17:26:33 +0300
From:	Dmitry Safonov <0x7f454c46@...il.com>
To:	Andy Lutomirski <luto@...nel.org>
Cc:	X86 ML <x86@...nel.org>, Borislav Petkov <bp@...en8.de>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/vdso: Error out if the vDSO isn't a valid DSO

2016-07-19 0:46 GMT+03:00 Andy Lutomirski <luto@...nel.org>:
> Some distros has been playing with toolchain changes that can affect
> the type of ELF objects built.  Occasionally, this goes wrong and
> the vDSO ends up not being a DSO at all.  This causes the kernel to
> end up broken in a surprisingly subtle way -- glibc apparently
> silently ignores a vDSO that isn't a DSO, so everything works,
> albeit slowly, until users try a different libc implementation.
>
> Make the kernel build process a bit more robust: fail outright if
> the vDSO isn't ET_DYN or is missing its PT_DYNAMIC segment.  I've
> never seen this in an unmodified kernel.
>
> See https://github.com/docker/docker/issues/23378

Heh, that's good, I've also saw the same kind of bug:
https://lists.openvz.org/pipermail/criu/2016-June/029153.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ