Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Pappy's Kernel Seeds Part III<Closed. Please use new thread>
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3 ... 5, 6, 7 ... 22, 23, 24  Next  
This topic is locked: you cannot edit posts or make replies.    Gentoo Forums Forum Index Unsupported Software
View previous topic :: View next topic  
Author Message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Thu Sep 02, 2010 5:13 am    Post subject: Reply with quote

Not really, but I have visited the site before.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
d2_racing
Bodhisattva
Bodhisattva


Joined: 25 Apr 2005
Posts: 13047
Location: Ste-Foy,Canada

PostPosted: Thu Sep 02, 2010 1:04 pm    Post subject: Reply with quote

I'm happy to see that the http://kmuto.jp/debian/hcl/ use the latest Debian Kernel to build their database, so at least it can detect a wide range to hardware.

Maybe one day, Pappy will use his own database based on the latest vanilla-source or even the git-source :P
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Fri Sep 03, 2010 10:09 am    Post subject: Reply with quote

Another day, another batch of kernel sources. I've uploaded .configs for 2.6.31-tuxonice-r13, 2.6.32-hardened-r15, and 2.6.34-hardened-r3 in both x86 and x86_64 flavors. Enjoy!

2.6.35-zen2 has hit portage. I checked to make sure that:
a) the .config was the same
b) my Makefile still works.

All is well. So, now you have a choice of two different named versions of linux-2.6.35-zen2; the recently released, and mine...well three if you add the original git version. Cool fun.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
stuNNed2
n00b
n00b


Joined: 17 Jul 2009
Posts: 32
Location: New Orleans, LA, U.S.

PostPosted: Fri Sep 03, 2010 4:43 pm    Post subject: Reply with quote

Pappy,

You da man! Computer is running a lot better now that it's based upon one of your seeds!

Thanks man!

Lance(stuNNed)
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Fri Sep 03, 2010 5:51 pm    Post subject: Reply with quote

It does me good to read things of this nature. I am so glad I could help. Enjoy the Linux experience!

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
scouter389
n00b
n00b


Joined: 14 Mar 2008
Posts: 22
Location: Chickasha, OK

PostPosted: Sun Sep 05, 2010 3:49 pm    Post subject: Reply with quote

I recently stumbled across this thread and decided to try a seed. WOW, what a difference it made to my machines. I can't begin to describe the difference it made to my ancient Compaq Proliant 1850R server especially. it felt so much snappier that I was amazed. All six (yes, six) of my machines at home now have your seeds for the kernels. Thanks Pappy!
_________________
I am root. Obey me.
Back to top
View user's profile Send private message
d2_racing
Bodhisattva
Bodhisattva


Joined: 25 Apr 2005
Posts: 13047
Location: Ste-Foy,Canada

PostPosted: Sun Sep 05, 2010 5:31 pm    Post subject: Reply with quote

6 box :P What are you doing with them ?
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Sun Sep 05, 2010 6:20 pm    Post subject: Reply with quote

scouter389,

Thank you for that lovely endorsement. All four of my machines run on seeds. I don't just make them, I use them.

Of course, I get to play with and use the best settings since I'm always experimenting with my stuff first. The results of that experimentation and the info gleaned from the research on the information pages is going to make it so much easier when the time comes for the flowers to bloom. That's the term I use when I'm in production of a new set of seed settings.

And that time isn't too far in the future. While I doubt it will be in time for the kernel-seeds.org two year anniversary (First official page dated 9-12-2008), the new seeds should be ready well before the holidays.

Everyone,

Before I forget again, I'd like to thank Martin d'Anjou for his most generous donation to the site. His name will be added to the A&B page most likely later on this evening, or early tomorrow morning.

I'd like to share his note to me, since it echo's scouter389's sentiment. This is after I thanked him for his donation.

Code:
Hello,

Before I discovered your kernel seeds, kernel configuration was hit and miss for me. Ever since I've been using your seeds, I have never missed!

My donation is very small, and I don't feel I deserve to be mentioned on the Above and Beyond Page. But if it entices others do donate, simply add my name to the list at the bottom or in alphabetical order, whichever way you do it now is fine.

Regards,
Martin d'Anjou


I add the names in order of those who donate, to be precise, and I will be adding your name in the above time frame, Martin. Once again, I thank you publicly for your generous donation.

Anyone want to add their names as well? I've got all kinds of room on my server and on the failover, so don't be shy!

On a different subject,

I am thinking of being a professional on line computer fixer-upper. Is there anyone out there who does this? What package(s) do you use? I'm thinking something web based, with logging chat provisions, and so on. It has to be pleasing at the user end. I don't care what it looks like on mine.

Please private message me with any thoughts or information.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Thu Sep 09, 2010 7:53 am    Post subject: Reply with quote

A tornado stopped by Dallas earlier today for a visit. Had it not done so, I would have made this announcement prior to now...

I've just uploaded the .configs for 2.6.32-hardened-r16 and 2.6.34-hardened-r4 in both x86 and x86_64 flavors. Enjoy!

No need to storm chase when they come right to you.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Thu Sep 09, 2010 8:05 am    Post subject: Reply with quote

Also, as promised, I updated the Above and Beyond page.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Fri Sep 10, 2010 9:51 pm    Post subject: Reply with quote

I would like to take this opportunity to humbly and publicly thank stuNNed for his generous donation. His name has been added to the Above and Beyond (A&B) page.

And folks, there's lots of room left to add your names to the A&B. Since the two year anniversary for the site is this coming Sunday, 09-12-2010, what a better time or reason to donate. You can help me keep the site running into year three, and earn my undying gratitude.

Once again, my most heartfelt thanks to stuNNed.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Tue Sep 14, 2010 6:20 am    Post subject: Reply with quote

Only two kernel source releases today. I've just uploaded .configs for 2.6.34.7 and 2.6.35-gentoo-r6 in both x86 and x86_64 flavors. Enjoy!
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Thu Sep 16, 2010 9:42 am    Post subject: Reply with quote

Another day, another few kernel sources released. I've just uploaded .configs for 2.6.32-hardened-17, 2.6.34-gentoo-r9, and 2.6.34-hardened-5 in both x86 and x86_64 flavors. Enjoy!

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Fri Sep 17, 2010 6:39 am    Post subject: Reply with quote

I've just uploaded .configs for 2.6.32-gentoo-17, 2.6.34-gentoo-r10, and 2.6.35-gentoo-7 in both x86 and x86_64 flavors. Enjoy!

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Sat Sep 18, 2010 7:52 am    Post subject: Reply with quote

I'm a little bit hardened, I'm a little bit tuxonice.

I say that because I've just uploaded .configs for 2.6.32-hardened-r18, 2.6.32-tuxonice-r17, 2.6.34-hardened-r6, 2.6.34-tuxonice-r6, and 2.6.35-tuxonice-r3 in both x86 and x86_64 flavors. Enjoy!

What will tomorrow bring? Stay-tuned to find out.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
Moriah
Advocate
Advocate


Joined: 27 Mar 2004
Posts: 2117
Location: Kentucky

PostPosted: Mon Sep 20, 2010 4:06 am    Post subject: Reply with quote

Does anyone know which kernel versions are affected by this?

Quote:
CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow

Code:
http://isc.sans.edu/diary.html?storyid=9574


It seems that there are reports of exploits active in the wild taking advantage of this, and although I do not currently have any internet facing servers or firewalls, gateways, tunnel endpoints, etc. running in 64 bit mode, I do have workstations that are laptops running in 64 bit mode that must face the internet when they are on the road and not protected by the firewalls on the home network. I don't want any compromised machines, and I especially don't want any compromised road warriors coming home to roost and infecting machines on the protected lan.
_________________
The MyWord KJV Bible tool is at http://www.elilabs.com/~myword

Foghorn Leghorn is a Warner Bros. cartoon character.
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Mon Sep 20, 2010 5:49 am    Post subject: Reply with quote

I don't know if this exactly translates, but apparently, this bug was introduced in the .26 kernel family, and has been removed from 2.6.36_rcr4. There is a patch available, and I'm pretty sure we're going to see some new source in the next few days that have this issue fixed.

Check this document for more information. I believe this article is referencing vanilla source code, and not RHEL based kernel source. RHEL based kernel source is its own animal...an animal I've dealt with a couple times, but I'd rather not do it again.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
Moriah
Advocate
Advocate


Joined: 27 Mar 2004
Posts: 2117
Location: Kentucky

PostPosted: Mon Sep 20, 2010 1:39 pm    Post subject: Reply with quote

Ditto on the RHEL. Yes, I have a license for it, but I only use it when it is required by the customer. The DoD likes it and mandates it because the SELINUX flavor of it has been blessed by the NSA, which is certainly a feather in the red hat. :wink:

My concern, and the reason for my original post, was to determine if there was a gentoo kernel update to plug this hole, and if so, what kernel was it. I figured if anybody might know, it woudl Dr. Kernel himself, Pappy McFae. :)
_________________
The MyWord KJV Bible tool is at http://www.elilabs.com/~myword

Foghorn Leghorn is a Warner Bros. cartoon character.
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Mon Sep 20, 2010 11:01 pm    Post subject: Reply with quote

I just took a quick look at kernel.org, and they've released new versions of the sources that remain in production. My assumption is there are going to be a lot of new seeds showing up sometime in the next twelve hours or so. I would imagine that other seed sources will be following suit in a few days, if they aren't already in portage.

Just thought you'd like to know.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
neofutur
n00b
n00b


Joined: 18 Jun 2006
Posts: 21
Location: France

PostPosted: Mon Sep 20, 2010 11:14 pm    Post subject: Reply with quote

Moriah wrote:

My concern, and the reason for my original post, was to determine if there was a gentoo kernel update to plug this hole, and if so, what kernel was it. I figured if anybody might know, it woudl Dr. Kernel himself, Pappy McFae. :)


=sys-kernel/hardened-sources-2.6.32-r18 ~amd64 is immune to the problem , still testing but works well here
_________________
http://bitcoin.gw.gd-http://ww7.pe-http://waisse.org
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Tue Sep 21, 2010 8:05 am    Post subject: Reply with quote

As I figured, this problem has been addressed by kernel.org. I've just uploaded .configs for 2.6.27.54, 2.6.32.22, and 2.6.35.5 in both x86 and x86_64 flavors. Enjoy!

And I have checked, and yes, these sources are patched for the issue. I've also patched 2.6.34-zen1 and 2.6.35-zen2 (the sources I'm using on core-too), and things appear to be ok. There is a test that is supposed to identify if your system is able to be injured by the associated exploit. I just tested mine, and I pass. You can get the executable or the source here to make sure you are ok as well.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
upengan78
l33t
l33t


Joined: 27 Jun 2007
Posts: 710
Location: IL

PostPosted: Tue Sep 21, 2010 2:02 pm    Post subject: Reply with quote

pappy_mcfae wrote:
As I figured, this problem has been addressed by kernel.org. I've just uploaded .configs for 2.6.27.54, 2.6.32.22, and 2.6.35.5 in both x86 and x86_64 flavors. Enjoy!

And I have checked, and yes, these sources are patched for the issue. I've also patched 2.6.34-zen1 and 2.6.35-zen2 (the sources I'm using on core-too), and things appear to be ok. There is a test that is supposed to identify if your system is able to be injured by the associated exploit. I just tested mine, and I pass. You can get the executable or the source here to make sure you are ok as well.

Cheers,
Pappy



I upgraded to 2.6.35-gentoo-r7 yesterday. Is this safe?

I posted some comments here : https://forums.gentoo.org/viewtopic-p-6431369.html#6431369
Back to top
View user's profile Send private message
pappy_mcfae
Watchman
Watchman


Joined: 27 Dec 2007
Posts: 5998
Location: Pomona, California.

PostPosted: Tue Sep 21, 2010 7:00 pm    Post subject: Reply with quote

No. That version was released before the unveiling of the issue. The only versions of source known to not have this issue are the ones I listed last night; the latest vanilla-sources.

Just to remind everyone that if you don't have a 64 bit machine, this issue will not be a problem. 32 bit machines are unaffected.

Cheers,
Pappy
_________________
This space left intentionally blank, except for these ASCII symbols.
Back to top
View user's profile Send private message
Anon-E-moose
Advocate
Advocate


Joined: 23 May 2008
Posts: 4203
Location: Dallas area

PostPosted: Tue Sep 21, 2010 7:13 pm    Post subject: Reply with quote

Diagnostic tool for public CVE-2010-3081 exploit -- Ksplice, Inc.
(see http://www.ksplice.com/uptrack/cve-2010-3081)

$$$ Kernel release: 2.6.35-zen2
!!! Could not find symbol: per_cpu__current_task

A symbol required by the published exploit for CVE-2010-3081 is not
provided by your kernel. The exploit would not work on your system.



I'm running a 64 bit system, multi-lib and I have not applied any patch, so I don't know what to say.
_________________
Asus m5a99fx, FX 8320 - nouveau, oss4, rx550 for qemu passthrough
Acer laptop E5-575, i3-7100u - i965, alsa
---both---
5.0.13 zen kernel, profile 17.1 (no-pie & modified) amd64-no-multilib
gcc 8.2.0, eudev, openrc, openbox, palemoon
Back to top
View user's profile Send private message
upengan78
l33t
l33t


Joined: 27 Jun 2007
Posts: 710
Location: IL

PostPosted: Tue Sep 21, 2010 7:15 pm    Post subject: Reply with quote

pappy_mcfae wrote:
No. That version was released before the unveiling of the issue. The only versions of source known to not have this issue are the ones I listed last night; the latest vanilla-sources.

Just to remind everyone that if you don't have a 64 bit machine, this issue will not be a problem. 32 bit machines are unaffected.

Cheers,
Pappy


Hello again Pappy, Thanks for reply.

Code:
Ac1dB1tCh3z VS Linux kernel 2.6 kernel 0d4y
$$$ Kallsyms +r   
$$$ K3rn3l r3l3as3: 2.6.35-gentoo-r7
$$$ prepare_creds->ffffffff810663f0
$$$ override_creds->ffffffff81066370
$$$ revert_creds->ffffffff81066680
$$$ Kernel Credentials detected
!!! Err0r 1n s3tt1ng cr3d sh3llc0d3z



strings exploit.out
Code:
/lib/ld-linux.so.2
#&"'
__gmon_start__
libc.so.6
_IO_stdin_used
socket
strcpy
exit
fopen
perror
puts
fork
unlink
mmap
fgets
memset
strstr
__errno_location
read
getopt
msgget
poll
stdout
memcpy
fclose
strcat
optarg
stderr
msgctl
munmap
getuid
execve
strtoull
getcwd
fwrite
atoi
waitpid
fprintf
sleep
uname
strcmp
__libc_start_main
GLIBC_2.2
GLIBC_2.1
GLIBC_2.0
PTRh
QVhC
 [^]
</~5
< t(
SVQR
ZY^[[^_]
D$Tm
D$Df
D$ =
D$$O
D$(b
D$,t
[^_]
2.6.18-164.el5
#1 SMP Thu Sep 3 03:28:30 EDT 2009
2.6.18-164.11.1.el5
#1 SMP Wed Jan 6 13:26:04 EST 2010
2.6.18-164.11.1.el5xen
#1 SMP Wed Jan 20 08:06:04 EST 2010
#1 SMP Wed Jan 20 07:32:21 EST 2010
/selinux/enforce
$$$ %s->%s
/proc/kallsyms
.el4
.el5
!!! N0t a RH3l k3rn3l
$$$ L00k1ng f0r kn0wn t4rg3tz..
$$$ Th1z b1tch 1z t0azt. kn0wn t4rg3t: %s %s
$$$ c0mput3r 1z aqu1r1ng n3w t4rg3t...
/boot/System.map-
selinux_ops
dummy_security_ops
capability_ops
selinux_enforcing
audit_enabled
$$$ Kallsyms +r   
!!!  Un4bl3 t0 g3t r3l3as3 wh4t th3 fuq!
$$$ K3rn3l r3l3as3: %s
!!! Un4bl3 t0 p4s3 cr3d c0d3z
!!! Un4bl3 t0 p4rs3 f0P numb3rs
??? wh4t th3 fuq s3l1nux 1z n0t 3v3n 3n4bl3d!?
!!! Un4bl3 t0 p4rs3 f0p c0mput3r numb3rs
siflc:k:o:
prepare_creds
override_creds
revert_creds
!!! Err0r 1n s3tt1ng cr3d sh3llc0d3z
$$$ Kernel Credentials detected
per_cpu__current_task
$$$ K3rn3l per_cpu r3l0cs 3n4bl3d!   
??? Trying the F0PPPPPPPPPPPPPPPPpppppppppp_____ m3th34d
timer_list_fops
$$$ w34p0n 0f ch01c3: F0PZzZzzz
!!! u4bl3 t0 f1nd t4rg3t!? W3'll s33 ab0ut th4t!
!!! Un4lb3 t0 f1nd t4rg3t: c0ntinu3 w1th0ut s3linsux d1s4bl3.
!!! 3v3ryth3ng f41l3d!!*@&^@&*^@* try an0th3r 0d4y L0l
mmap
/__tmpfile
[32mAc1dB1tCh3z
[0mVS Linux kernel 2.6 kernel 0d4y
$$$ h0m3 b4s3 addr3ss: %llx
$$$ Bu1ld1ng r1ngzer0c00l sh3llc0d3 - IDT m3th34d
$$$ Prepare: m0rn1ng w0rk0ut b1tch3z
$$$ add1ng sp3c14l c0de t0 rem0v3 s3linux t3rr0r1zt thr34t
$$$ Bu1ld1ng r1ngzer0c00l sh3llc0d3 - F0PZzzZzZZ/LSD(M) m3th34d
$$$ Us1ng cr3d s3ash3llc0d3z
$$$ Us1ng st4nd4rd s3ash3llz
$$$ 0p3n1ng th3 m4giq p0rt4l
socket
!!! Un4bl3 t0 r3m4p sh1t   
$$$ Us1ng 1dt 3ntry: %d
$$$ m4q1c p0rt4l l3n f0und: 0x%x
$$$ 0v3r thr0w f0ps g0v3rnm3nt
/proc/timer_list
!!! fuq t1m3r_l1st
!!! fuqqqqqq msgg3t
$$$ bl1ng bl1ng n1gg4 :PppPpPPpPPPpP
/bin/sh
TERM=linux
BASH_HISTORY=/dev/null
HISTORY=/dev/null
history=/dev/null
HISTFILE=/dev/null
HISTFILESIZE=0
PATH=/bin:/sbin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
!!! y0u fuq1ng f41l. g3t th3 fuq 0ut!
QWSVH1
AAAA;0u
^[_Y
SRWH
AAAAAAAA
BBBBBBBB
CCCCCCCC
__Z[
WPeH
AAAAAAAA
AAAAAAAA
AAAAAAAAA
BBBBBBBBA


You still think 2.6.35-gentoo-r7 is vulnerable to this exploit? Please let me know, I'm gonna have to re compile kernel otherwise. Thanks!!

EDIT :

Just found this

http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/sys-kernel/gentoo-sources/ChangeLog?view=markup

ttyl.
Back to top
View user's profile Send private message
Display posts from previous:   
This topic is locked: you cannot edit posts or make replies.    Gentoo Forums Forum Index Unsupported Software All times are GMT
Goto page Previous  1, 2, 3 ... 5, 6, 7 ... 22, 23, 24  Next
Page 6 of 24

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum