lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6375f31f-316a-bebc-6aec-c6241049e401@alu.unizg.hr>
Date:   Fri, 14 Oct 2022 12:32:55 +0200
From:   Mirsad Todorovac <mirsad.todorovac@....unizg.hr>
To:     Bagas Sanjaya <bagasdotme@...il.com>
Cc:     linux-kernel@...r.kernel.org, Slade Watkins <srw@...dewatkins.net>,
        Marc Miltenberger <marcmiltenberger@...il.com>,
        Thorsten Leemhuis <regressions@...mhuis.info>,
        "regressions@...ts.linux.dev" <regressions@...ts.linux.dev>
Subject: Re: 6.0.0-RC kernels trigger Firefox snap bug with 6.0.0-rc3 through
 6.0.0-rc7

Hi everybody,

On 10/13/22 15:24, Mirsad Goran Todorovac wrote:

> Thank you for the instruction for how to shorten the bisection time. 
> My fastest build was almost 2 hours.
>
> This bug did appear with the mainline Ubuntu's and ElRepo's 6.0.0 
> kernels, however not with the
> /usr/bin/firefox build, but only that using snapd, squashfs and 
> /snap/bin/firefox ...
>
> The Firefox 91.x esr was unaffected, indeed, in a couple of days of 
> testing its work (on AL).
>
> However, please not that this bug is no deterministic, and that it can 
> take from a couple of hours
> to an overnight work to manifest.
>
> The "make localmodconfig" feature will probably help reducing the 
> build time, but I am also doing
> my day job stuff which by the Murphy's law surged right now ...
>
> You second request, to reproduce with Firefox from the dev site, is as 
> you will understand impossible
> to meet: the bug occurred only with Firefox 104.x and 105.0.1, 
> 105.0.2, 105.0.3 in Ubuntu snap
> release (and the snap release guest installed at AlmaLinux, the CentOS 
> fork).
>
> I was able to confirm that AppArmor doesn't affect behaviour once the 
> Firefox misbehaves.
> After starting to crash tabs and refusing to connect to the Internet 
> from inside Yahoo mail (Chrome
> simultaneously connected), then it complained about libmozsandbox.so 
> version and Verneed record.
>
> -Mirsad
>
> On 12.10.2022. 9:46, Bagas Sanjaya wrote:
>> Hi Mirsad,
>>
>> The bug doesn't appear on 6.0 mainline release. However, in my case,
>> Firefox is downloaded and installed from official Mozilla binary [1].
>>
>> Also, many developers here want to see bisection result. In order to
>> shorten kernel build time (and thus time needed for bisection),
>> you can strip out unneeded modules in your kernel configuration with
>> "make localmodconfig". Ensure that all devices on your computer is
>> plugged in before running that. And as other people pointed, base
>> your localmodconfig from last working kernel.
>>
>> In any case, please reproduce with Firefox from [1].
>>
>> Thanks.
>>
>> [1]: https://www.mozilla.org/en-US/firefox/
>>
I tried the "make localmodconfig" and provided the default answers 
([ENTER]) to all questions
the script asked as advised here: 
https://www.stolaf.edu/people/rab/os/linux-compile.html .

However, though it built much faster, the stripped version did not 
trigger the bug.

I am now trying to reproduce the bug with v6.0-rc[123] with 
config-{051913,060000}.
This brings a lot of combinations, and though I am a newbie, I noticed 
that build scripts
start with "make clean" for both deb-pkg and rpm-pkg.

Is there a way to rebuild only the stuff that changed between the versions?

Thank you.

-- 
Mirsad Goran Todorovac
Sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
-- 
System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ