lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date:   Fri, 7 Oct 2022 08:09:12 +0200
From:   Mirsad Goran Todorovac <mirsad.todorovac@....unizg.hr>
To:     Thorsten Leemhuis <regressions@...mhuis.info>,
        linux-kernel@...r.kernel.org
Cc:     Marc Miltenberger <marcmiltenberger@...il.com>,
        "regressions@...ts.linux.dev" <regressions@...ts.linux.dev>
Subject: Re: 6.0.0-RC kernels trigger Firefox snap bug with 6.0.0-rc3 through
 6.0.0-rc7

On 06. 10. 2022. 19:13, Mirsad Goran Todorovac wrote:

> On 06. 10. 2022. 18:58, Thorsten Leemhuis wrote:
>
>> On 06.10.22 18:43, Mirsad Goran Todorovac wrote:
>>
>> On 06. 10. 2022. 15:23, Thorsten Leemhuis wrote:
>>>> On 06.10.22 14:43, Mirsad Todorovac wrote:
>>>>> On 10/6/22 14:25, Thorsten Leemhuis wrote:
>>>>>
>>>>>> One more question:
>>>>>>
>>>>>> On 06.10.22 14:00, Thorsten Leemhuis wrote:
>>>>>> Were those two vanilla kernels? I asked in #snappy on IRC and was told
>>>>>> that "snapd simply expects some ubuntu bit in patched into the kernel if
>>>>>> it detects that it runs on an official ubuntu install...". This was also
>>>>>> suggested "it probably makes sense to file a but in LP to make the
>>>>>> kernel team aware".
>>>>>>
>>>>> Yes, last time I tried it with git clone from linux_stable on kernel.org
>>>>> and
>>>>> config-6.0.0-060000-generic from the official Ubuntu mainline build
>>>> You don't want to do that. Better take the config used to build a
>>>> working kernel (say 5.19.y) and then build 6.0 with it (after running
>>>> "make olddefconfig"), because it might be a new kernel option (say for a
>>>> new security technique) that might cause the problem, as explained here:
>>>> https://docs.kernel.org/admin-guide/reporting-regressions.html
>>> If I understood well, that would mean buildingwww.kernel.org  git
>>> linux_stable
>>> source with Ubuntu's config-5.9.13-051903?
>> I meant "please download Linux 6.0 (ideally through git, that you have
>> everything to perform a bisection), add the config from a working kernel
>> (if config-5.9.13-051903 is one, yeah, then take that) as .config and
>> then run "make olddefconfig" before compiling and installing the kernel
>> to see if 6.0 fails with that config that was working.
>
> Thank you for all your instructions.
>
> Yes, I can confirm I already did a git pull from 
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
> and a `git checkout linux6.0.y' with Ubuntu's config-5.19.13-051903, 
> for that will, being a
> generic build, surely cover all my devices.
>
> The build is already in progress, but it may take a couple of hours 
> for the bud to show with
> Firefox "tabs crashed" and consequential Verneed record mismatch, 
> provided it hath not been
> fixed already by something else.
>
> Still, I would be the happier version of myself if we could pinpoint 
> the exact line of kernel source
> that caused this. (And yes, all my builds were from kernel.org repos, 
> whether Mr. Torvalds's or
> the linux_stable line.)
>
Hi Thorsten, Marc,

I can confirm that the "Firefox tab crashed" problem with Verneed record 
version mismatch persisted in the
official Ubuntu's 6.0.0-06000 mainline build:

marvin@...vin-IdeaPad-3-15ITL6:~$ uname -rms
Linux 6.0.0-060000-generic x86_64
marvin@...vin-IdeaPad-3-15ITL6:~$ /snap/bin/firefox &
[1] 45245
marvin@...vin-IdeaPad-3-15ITL6:~$ /bin/bash: 
/lib/x86_64-linux-gnu/libdl.so.2: unsupported version 0 of Verdef record
/bin/bash: error while loading shared libraries: 
/lib/x86_64-linux-gnu/libdl.so.2: unsupported version 0 of Verneed record

[1]+  Exit 127                /snap/bin/firefox
marvin@...vin-IdeaPad-3-15ITL6:~$

The build with the Ubuntu's config-5.19.3-051903-generic config file an 
linux_stable 6.0.0 source
is currently in testing. To repeat, it usually took a couple of hours of 
work in Firefox (especially playing Youtube
videos in a tab) before the bug manifested.

Regards,
-mt

-- 

Mirsad Goran Todorovac
Sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
-- 
System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
The European Union
tel. +385 (0)1 3711 451
mob. +385 91 57 88 355

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ