Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 27 Jul 2015 11:38:38 +0100
From: Luis Henriques <luis.henriques@...onical.com>
To: oss-security@...ts.openwall.com
Cc: Josh Boyer <jwboyer@...oraproject.org>
Subject: Re: Re: Linux x86_64 NMI security issues

On Fri, Jul 24, 2015 at 11:12:48PM -0700, Andy Lutomirski wrote:
> On 07/24/2015 07:16 AM, Josh Boyer wrote:
> > On Wed, Jul 22, 2015 at 2:12 PM, Andy Lutomirski <luto@...capital.net> wrote:
> >> Note: Several of these fixes each depend on a few patches immediately
> >> before them.  The NMI stack switching fix also depends on changes made
> >> in 4.2 and will appear to apply but crash on older kernels.  I have a
> >> different variant that's more portable.
> > 
> > Given that none of these are going to apply cleanly on older kernels,
> > do you have backports available for 4.1.y and the longterm stable
> > kernels?
> > 
> 
> There's this:
> 
> https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/nmi-backport
> 
> which is a combined effort of me and Ben Hutchings.  It's not synced up
> to the fixes in Linus' tree.
>

Thank you all for working on these backports.  I'm planning to use
them (and more specifically the patches in the Debian kernel) for the
3.16 stable kernel.

Cheers,
--
Luís


> Note that even Linus' tree doesn't have the synchronous modify_ldt fix
> yet.  I sent a hopefully final version of that out a few minutes ago.
> 
> --Andy

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ