Kernel panic in osscore. (2.6.36-gentoo-r5 SMP PREEMPT)

OSS specific Linux discussion (x86/amd64)

Moderators: cesium, dev, kodachi, hannu

Re: Kernel panic in osscore. (2.6.36-gentoo-r5 SMP PREEMPT)

Postby igorzwx » Sat Feb 19, 2011 1:06 pm

cesium wrote:Perhaps, but I am no expert (or dev - the OSS devs are at the oss-devel mailing list). Right now, I'm curious to find out whether it's a sync issue or an overflow issue (very likely the first, but I want to make sure).


Do you mean "buffer overflow"?

In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program operates. This may result in erratic program behavior, including memory access errors, incorrect results, a crash, or a breach of system security. They are thus the basis of many software vulnerabilities and can be maliciously exploited.
http://en.wikipedia.org/wiki/Buffer_overflow
igorzwx
Known Member
 
Posts: 1001
Joined: Sun Jun 28, 2009 9:31 pm

Re: Kernel panic in osscore. (2.6.36-gentoo-r5 SMP PREEMPT)

Postby cesium » Sat Feb 19, 2011 1:13 pm

Perhaps. I don't quite know. In any event, IIRC there's a separation between kernel address space and userland address space under Linux/modern OSs (the former ought to be unwritable/readable from userland. Kernel modules have copy_to_user/copy_from_user() funcs and other methods for passing stuff around). A program would have to somehow modify the kernel area and I don't see how it inject stuff in these spots (without already having root etc.), so all we get is a crash. I'm no expert mind you...

[edit: in any event, the thread is about helping o01eg, and this is tangential. o01eg: my last post on the matter is at here]
cesium
Developer
 
Posts: 902
Joined: Sun Aug 12, 2007 12:51 am

Re: Kernel panic in osscore. (2.6.36-gentoo-r5 SMP PREEMPT)

Postby igorzwx » Sat Feb 19, 2011 1:38 pm

cesium wrote:in any event, the thread is about helping o01eg, and this is tangential.


Yes, but it seems that it may also help to enhance my natural inclination to paranoia.
In a word, that presentation http://www.theregister.co.uk/2011/02/09 ... _problems/
seems to be a kind of warning to Iran: "Linux may not help. A new Stuxnet might be designed. IBM is not going to be responsible, if something happens to your installations".
http://www.google.com/search?q=linux%20 ... 8&oe=UTF-8
See also: http://www.grc.com/sn/sn-268.htm

I tend to believe that the removal of PulseAudio may solve the problem.
Could it be heplful for o01eg ?
Last edited by igorzwx on Sat Feb 19, 2011 3:20 pm, edited 1 time in total.
igorzwx
Known Member
 
Posts: 1001
Joined: Sun Jun 28, 2009 9:31 pm

Re: Kernel panic in osscore. (2.6.36-gentoo-r5 SMP PREEMPT)

Postby o01eg » Sat Feb 19, 2011 1:42 pm

It cann't be helpful for me because bugged code called by oss instead PulseAudio.
o01eg
New Member
 
Posts: 8
Joined: Sat Feb 19, 2011 9:19 am

Re: Kernel panic in osscore. (2.6.36-gentoo-r5 SMP PREEMPT)

Postby igorzwx » Sat Feb 19, 2011 1:51 pm

o01eg wrote:It cann't be helpful for me because bugged code called by oss instead PulseAudio.


It sounds scary... Is it possible to design a kind of (reproducible) "clear-cut empirical tests" to prove that this the problem of OSS4, and not of PulseAudio?
igorzwx
Known Member
 
Posts: 1001
Joined: Sun Jun 28, 2009 9:31 pm

Re: Kernel panic in osscore. (2.6.36-gentoo-r5 SMP PREEMPT)

Postby cesium » Sat Feb 19, 2011 1:54 pm

We already saw a trace. And the program in question probably doesn't even use Pulse (play is from sox, and has several backends). Even if Pulse was involved, kernel modules shouldn't cause a panic due to input, so OSS is at fault here regardless. [Edit: using Pulse might sidestep the crash though, as it has its own mixing]
cesium
Developer
 
Posts: 902
Joined: Sun Aug 12, 2007 12:51 am

Re: Kernel panic in osscore. (2.6.36-gentoo-r5 SMP PREEMPT)

Postby igorzwx » Sat Feb 19, 2011 1:58 pm

cesium wrote:We already saw a trace. And the program in question probably doesn't even use Pulse (play is from sox, and has several backends). Even if Pulse was involved, kernel modules shouldn't cause a panic due to input, so OSS is at fault here regardless.


"probably" and "shouldn't" do not seem to mean anything "exact". Right? Or it is so in English "newspeak", today?
http://en.wikipedia.org/wiki/Newspeak

EDIT: I certainly want to believe that the removal of PulseAudio may solve the problem, but, first of all, I want to know the truth. In any case, the unwillingness to discuss the security issue makes it sound even more scary.

IGNORANCE IS STRENGTH
George Orwell, 1984


No more desktop Linux systems in the German Foreign Office
http://www.h-online.com/open/news/item/ ... 91122.html

If the German Foreign Office is removing Linux from their computers, this can only mean that they are not going to participate in a new Linux botnet, a kind of Linux Stuxnet, for example. Perhaps, they also received a warning from IBM's X-Force security division
http://www.theregister.co.uk/2011/02/09 ... _problems/
http://www.theregister.co.uk/2011/02/14 ... factories/
http://www.google.com/search?q=linux%20 ... 8&oe=UTF-8

Clever attack exploits fully-patched Linux kernel
...The exploit works only when a security extension knows as SELinux, or Security-Enhanced Linux, is enabled. Conversely, it also works when audio software known as PulseAudio is installed. http://www.theregister.co.uk/2009/07/17 ... l_exploit/
igorzwx
Known Member
 
Posts: 1001
Joined: Sun Jun 28, 2009 9:31 pm

Previous

Return to Linux

Who is online

Users browsing this forum: No registered users and 1 guest