lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <248061.1528488439@turing-police.cc.vt.edu>
Date:   Fri, 08 Jun 2018 16:07:19 -0400
From:   valdis.kletnieks@...edu
To:     Mike Snitzer <snitzer@...hat.com>, Alasdair Kergon <agk@...hat.com>
Cc:     linux-kernel@...r.kernel.org, dm-devel@...hat.com, axboe@...nel.dk
Subject: Re: next-20180605 - kernel tried to execute NX-protected page - exploit attempt?

On Thu, 07 Jun 2018 18:41:35 -0400, valdis.kletnieks@...edu said:
> On Thu, 07 Jun 2018 17:14:01 -0400, Mike Snitzer said:
> > Can you please share what you test is?  We've gotten lots of reports
> > with failure following wake_up but I don't have a canned test to trigger
>
> Just a laptop with 16G of RAM, no clear reproducer -  Chrome with a lot of
> tabs, a mail reader, a bunch of SSH windows, and the next thing I know, it's
> locked up good and solid with wreckage in /sys/fs/pstore :)
>
> I got bit a third time a little while ago.  Will test the patches and see if
> they help - looks like I'm averaging two hours or so of active use before it
> hits, so it shouldn't take long before I know if the issue is swatted...

Looks like those two patches from Jens fixed the issue - this build has been up for
20 hours, and has survived a kernel build, an OpenWRT/Lede build, and a backup,
along with a bunch of other stuff.

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ