lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3c38a8f7-8323-46b2-a29a-2ca06bc60448@efficios.com>
Date: Wed, 10 Jan 2024 15:53:47 -0500
From: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
To: lttng-dev <lttng-dev@...ts.lttng.org>,
 Diamon discuss <diamon-discuss@...ts.linuxfoundation.org>,
 linux-trace-users <linux-trace-users@...r.kernel.org>,
 linux-kernel <linux-kernel@...r.kernel.org>
Subject: [RELEASE] LTTng-modules 2.12.15 and 2.13.11 (Linux kernel tracer)

The LTTng modules provide Linux kernel tracing capability to the LTTng
tracer toolset.

* New and noteworthy in these releases:

Newer Linux kernels (v6.6 and v6.7) are now supported by LTTng modules
2.13.11. If you need support for recent kernels (v5.18+), you will
need to upgrade to a recent LTTng-modules 2.13.x.

The "prio" context has been fixed in 2.13.11 to eliminate a crash
triggered by calling a NULL pointer address when using the "prio"
context (lttng add-context -k -t prio). This issue was introduced
when refactoring the prio context code during the 2.13 development.
The missing initialization was re-introduced, and the use of the kernel
"task_prio()" symbol was entirely replaced by inlining a copy of this
trivial function into lttng-modules instead.

The "built-in.sh" script which can be used to add a link to lttng-modules
within a kernel source tree to built LTTng into a Linux kernel image
has been updated to adapt to changes introduced in Linux v6.1.

A work-around to ensure that LTTng-modules works fine on CPUs and kernels
with IBT support enabled has been integrated:

     When the Intel IBT feature is enabled, a CPU supporting this feature
     validates that all indirect jumps/calls land on an ENDBR64 instruction.
     
     The kernel seals functions which are not meant to be called indirectly,
     which means that calling functions indirectly from their address fetched
     using kallsyms or kprobes trigger a crash.
     
     Use the MSR_IA32_S_CET CET_ENDBR_EN MSR bit to temporarily disable ENDBR
     validation around indirect calls to kernel functions. Considering that
     the main purpose of this feature is to prevent ROP-style attacks,
     disabling the ENDBR validation temporarily around the call from a kernel
     module does not affect the ROP protection.


Both 2.13.11 and 2.12.15:

- Fix an issue with importing VFS namespace for Android kernels.

- Fix build for RHEL 8.8 with linux 4.18.0-477.10.1+

- Fix a hardening OOPS during validation of immediate strings in the bytecode
   validator when CONFIG_UBSAN_BOUNDS and/or CONFIG_FORTIFY_SOURCE are
   configured. It boils down to changing 0-len arrays to flexible arrays
   to let the toolchain know about our intent.

- Add Ubuntu Kinetic kernel ranges for jbd2 instrumentation.

Project website: https://lttng.org
Documentation: https://lttng.org/docs
Download link: https://lttng.org/download

Detailed change logs:

2024-01-10 (National Houseplant Appreciation Day) LTTng modules 2.13.11
         * Fix: Include linux/sched/rt.h for kernels v3.9 to v3.14
         * Fix: Disable IBT around indirect function calls
         * Inline implementation of task_prio()
         * Fix: prio context NULL pointer exception
         * Fix: MODULE_IMPORT_NS is introduced in kernel 5.4
         * Android: Import VFS namespace for android common kernel
         * Fix: get_file_rcu is missing in kernels < 4.1
         * fix: lookup_fd_rcu replaced by lookup_fdget_rcu in linux 6.7.0-rc1
         * fix: mm, vmscan signatures changed in linux 6.7.0-rc1
         * fix: phys_proc_id and cpu_core_id moved in linux 6.7.0-rc1
         * Fix build for RHEL 8.8 with linux 4.18.0-477.10.1+
         * Fix: bytecode validator: oops during validation of immediate string
         * fix: lttng-probe-kvm-x86-mmu build with linux 6.6
         * fix: built-in lttng with kernel >= v6.1
         * fix: ubuntu kinetic kernel range for jdb2

2024-01-10 (National Houseplant Appreciation Day) 2.12.15
         * Fix: MODULE_IMPORT_NS is introduced in kernel 5.4
         * Android: Import VFS namespace for android common kernel
         * Fix build for RHEL 8.8 with linux 4.18.0-477.10.1+
         * Fix: bytecode validator: oops during validation of immediate string
         * fix: ubuntu kinetic kernel range for jdb2

-- 
Mathieu Desnoyers
EfficiOS Inc.
https://www.efficios.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ