Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 24 Jul 2015 23:12:48 -0700
From: Andy Lutomirski <luto@...capital.net>
To: Josh Boyer <jwboyer@...oraproject.org>
Cc: oss security list <oss-security@...ts.openwall.com>
Subject: Re: Linux x86_64 NMI security issues

On 07/24/2015 07:16 AM, Josh Boyer wrote:
> On Wed, Jul 22, 2015 at 2:12 PM, Andy Lutomirski <luto@...capital.net> wrote:
>> Note: Several of these fixes each depend on a few patches immediately
>> before them.  The NMI stack switching fix also depends on changes made
>> in 4.2 and will appear to apply but crash on older kernels.  I have a
>> different variant that's more portable.
> 
> Given that none of these are going to apply cleanly on older kernels,
> do you have backports available for 4.1.y and the longterm stable
> kernels?
> 

There's this:

https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/nmi-backport

which is a combined effort of me and Ben Hutchings.  It's not synced up
to the fixes in Linus' tree.

Note that even Linus' tree doesn't have the synchronous modify_ldt fix
yet.  I sent a hopefully final version of that out a few minutes ago.

--Andy

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.