| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 6 Feb 2008 14:35:06 +0100
From: Ingo Molnar <mingo@...e.hu>
To: David Miller <davem@...emloft.net>
Cc: linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
Linus Torvalds <torvalds@...ux-foundation.org>,
Casey Schaufler <casey@...aufler-ca.com>
Subject: [bisected] Re: [bug] networking broke, ssh: connect to port 22:
Protocol error
* Ingo Molnar <mingo@...e.hu> wrote:
> yeah, although various other upstream breakages prevented real long
> randconfig series in the past 2-3 days. I'd say it's either in this
> pull from your tree:
ok, i have bisected it down but the result made no sense, so i
double-checked it and noticed that the .config mutated during the test.
the diff below is the diff between the 'good' and 'bad' .config, with
this notable detail:
@@ -2336,7 +2350,7 @@ CONFIG_SECURITY_NETWORK=y
CONFIG_SECURITY_CAPABILITIES=y
# CONFIG_SECURITY_FILE_CAPABILITIES is not set
# CONFIG_SECURITY_ROOTPLUG is not set
-# CONFIG_SECURITY_SMACK is not set
+CONFIG_SECURITY_SMACK=y
CONFIG_XOR_BLOCKS=m
CONFIG_ASYNC_CORE=m
CONFIG_ASYNC_MEMCPY=m
so i disabled CONFIG_SECURITY_SMACK, and viola, just 2 hours of hard
work later networking works on my testbox again :-/
And we have this 1 day old commit:
commit e114e473771c848c3cfec05f0123e70f1cdbdc99
Author: Casey Schaufler <casey@...aufler-ca.com>
Date: Mon Feb 4 22:29:50 2008 -0800
Smack: Simplified Mandatory Access Control Kernel
that adds SMACK.
So unlike some other security modules like SELINUX, enabling SMACK
breaks un-aware userspace and breaks TCP networking?
I dont think that's expected behavior - and i'd definitely like to
enable SMACK in automated tests to check for regressions, etc.
Ingo
--- .config.good 2008-02-06 14:13:35.000000000 +0100
+++ .config.bad 2008-02-06 14:17:28.000000000 +0100
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
# Linux kernel version: 2.6.24
-# Wed Feb 6 14:11:27 2008
+# Wed Feb 6 14:15:22 2008
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
@@ -94,15 +94,16 @@ CONFIG_FUTEX=y
CONFIG_ANON_INODES=y
# CONFIG_EPOLL is not set
CONFIG_SIGNALFD=y
-CONFIG_TIMERFD=y
+# CONFIG_TIMERFD is not set
CONFIG_EVENTFD=y
# CONFIG_SHMEM is not set
# CONFIG_VM_EVENT_COUNTERS is not set
# CONFIG_SLAB is not set
# CONFIG_SLUB is not set
CONFIG_SLOB=y
-# CONFIG_PROFILING is not set
+CONFIG_PROFILING=y
# CONFIG_MARKERS is not set
+CONFIG_OPROFILE=y
CONFIG_HAVE_OPROFILE=y
# CONFIG_KPROBES is not set
CONFIG_HAVE_KPROBES=y
@@ -691,7 +692,7 @@ CONFIG_MAC80211_RC_DEFAULT=""
# CONFIG_MAC80211_RC_PID is not set
# CONFIG_MAC80211_RC_SIMPLE is not set
# CONFIG_MAC80211_DEBUGFS is not set
-# CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT is not set
+CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT=y
# CONFIG_MAC80211_DEBUG is not set
CONFIG_IEEE80211=m
# CONFIG_IEEE80211_DEBUG is not set
@@ -744,6 +745,7 @@ CONFIG_CDROM_PKTCDVD=y
CONFIG_CDROM_PKTCDVD_BUFFERS=8
CONFIG_CDROM_PKTCDVD_WCACHE=y
CONFIG_ATA_OVER_ETH=y
+CONFIG_VIRTIO_BLK=y
# CONFIG_MISC_DEVICES is not set
# CONFIG_IDE is not set
@@ -796,9 +798,19 @@ CONFIG_BLK_DEV_3W_XXXX_RAID=y
CONFIG_SCSI_3W_9XXX=m
CONFIG_SCSI_ACARD=y
# CONFIG_SCSI_AACRAID is not set
-# CONFIG_SCSI_AIC7XXX is not set
-# CONFIG_SCSI_AIC7XXX_OLD is not set
-# CONFIG_SCSI_AIC79XX is not set
+CONFIG_SCSI_AIC7XXX=y
+CONFIG_AIC7XXX_CMDS_PER_DEVICE=32
+CONFIG_AIC7XXX_RESET_DELAY_MS=5000
+# CONFIG_AIC7XXX_DEBUG_ENABLE is not set
+CONFIG_AIC7XXX_DEBUG_MASK=0
+# CONFIG_AIC7XXX_REG_PRETTY_PRINT is not set
+CONFIG_SCSI_AIC7XXX_OLD=m
+CONFIG_SCSI_AIC79XX=y
+CONFIG_AIC79XX_CMDS_PER_DEVICE=32
+CONFIG_AIC79XX_RESET_DELAY_MS=5000
+CONFIG_AIC79XX_DEBUG_ENABLE=y
+CONFIG_AIC79XX_DEBUG_MASK=0
+# CONFIG_AIC79XX_REG_PRETTY_PRINT is not set
CONFIG_SCSI_AIC94XX=m
# CONFIG_AIC94XX_DEBUG is not set
CONFIG_SCSI_DPT_I2O=m
@@ -1181,6 +1193,7 @@ CONFIG_NETCONSOLE=y
CONFIG_NETPOLL=y
# CONFIG_NETPOLL_TRAP is not set
CONFIG_NET_POLL_CONTROLLER=y
+# CONFIG_VIRTIO_NET is not set
CONFIG_ISDN=y
# CONFIG_ISDN_I4L is not set
# CONFIG_ISDN_CAPI is not set
@@ -2043,7 +2056,8 @@ CONFIG_INFINIBAND_AMSO1100=m
CONFIG_INFINIBAND_AMSO1100_DEBUG=y
# CONFIG_INFINIBAND_CXGB3 is not set
CONFIG_MLX4_INFINIBAND=m
-# CONFIG_INFINIBAND_NES is not set
+CONFIG_INFINIBAND_NES=m
+CONFIG_INFINIBAND_NES_DEBUG=y
CONFIG_INFINIBAND_IPOIB=m
CONFIG_INFINIBAND_IPOIB_CM=y
CONFIG_INFINIBAND_IPOIB_DEBUG=y
@@ -2336,7 +2350,7 @@ CONFIG_SECURITY_NETWORK=y
CONFIG_SECURITY_CAPABILITIES=y
# CONFIG_SECURITY_FILE_CAPABILITIES is not set
# CONFIG_SECURITY_ROOTPLUG is not set
-# CONFIG_SECURITY_SMACK is not set
+CONFIG_SECURITY_SMACK=y
CONFIG_XOR_BLOCKS=m
CONFIG_ASYNC_CORE=m
CONFIG_ASYNC_MEMCPY=m
@@ -2396,7 +2410,9 @@ CONFIG_CRYPTO_AUTHENC=y
# CONFIG_CRYPTO_HW is not set
CONFIG_VIRTUALIZATION=y
# CONFIG_LGUEST is not set
-# CONFIG_VIRTIO_PCI is not set
+CONFIG_VIRTIO=y
+CONFIG_VIRTIO_RING=y
+CONFIG_VIRTIO_PCI=y
# CONFIG_VIRTIO_BALLOON is not set
#
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists