Davide Libenzi wrote:
(B
(B>On Mon, 2005-04-18 at 00:42 -0400, Daniel Jacobowitz wrote:
(B>
(B>
(B>
(B>>On Mon, Apr 18, 2005 at 01:19:57PM +0900, Takashi Ikebe wrote:
(B>>
(B>>
(B>>>GDB based approach seems not fit to our requirements. GDB(ptrace) based
(B>>>functions are
David S. Miller wrote:
On Sun, 17 Apr 2005 13:29:14 +0300
Avi Kivity <[EMAIL PROTECTED]> wrote:
TOEs can remove the data copy on receive. In some applications (notably
storage), where the application does not touch most of the data, this is
a significant advantage that cannot be achieved in a
On Fri, Apr 15, 2005 at 04:37:05PM -0700, Inaky Perez-Gonzalez wrote:
> By following your method, the pi engine becomes unnecesarily complex;
> you have actually two engines following two different propagation
> chains (one kernel, one user). If your mutexes/locks/whatever are the
> same with a
On Mon, Apr 18, 2005 at 12:20:31PM +0900, Takashi Ikebe wrote:
> The patch was over 50k, so I separate it to each architecture and in line..
>
> This patch add function called "Live patching" which is defined on
> OSDL's carrier grade linux requiremnt definition to linux 2.6.11.7 kernel.
Daniel Jacobowitz wrote:
(B
(B>On Mon, Apr 18, 2005 at 10:41:23AM +0900, Takashi Ikebe wrote:
(B>
(B>
(B>>Daniel-san,
(B>>GDB based approach seems not fit to our requirements. GDB(ptrace) based
(B>>functions are basically need to be done when target process is stopping.
(B>>From our
On Mon, 18 Apr 2005 00:42:23 -0400
Daniel Jacobowitz <[EMAIL PROTECTED]> wrote:
> On Mon, Apr 18, 2005 at 01:19:57PM +0900, Takashi Ikebe wrote:
> > GDB based approach seems not fit to our requirements. GDB(ptrace) based
> > functions are basically need to be done when target process is
On Mon, 2005-04-18 at 00:42 -0400, Daniel Jacobowitz wrote:
> On Mon, Apr 18, 2005 at 01:19:57PM +0900, Takashi Ikebe wrote:
> > GDB based approach seems not fit to our requirements. GDB(ptrace) based
> > functions are basically need to be done when target process is stopping.
> > In addition to
On Mon, 2005-04-18 at 00:42 -0400, Daniel Jacobowitz wrote:
> On Mon, Apr 18, 2005 at 01:19:57PM +0900, Takashi Ikebe wrote:
> > GDB based approach seems not fit to our requirements. GDB(ptrace) based
> > functions are basically need to be done when target process is stopping.
> > In addition to
On Mon, Apr 18, 2005 at 01:19:57PM +0900, Takashi Ikebe wrote:
> GDB based approach seems not fit to our requirements. GDB(ptrace) based
> functions are basically need to be done when target process is stopping.
> In addition to that current PTRACE_PEEK/POKE* allows us to copy only a
> *word*
On Mon, Apr 18, 2005 at 10:41:23AM +0900, Takashi Ikebe wrote:
> Daniel-san,
> GDB based approach seems not fit to our requirements. GDB(ptrace) based
> functions are basically need to be done when target process is stopping.
> From our experience, sometimes patches became to dozens to hundreds
On Mon, Apr 18, 2005 at 12:08:41AM -0400, Kyle Moffett wrote:
(...)
> What I think would be _much_ more useful is a generic low-power
> multi-proc MIPS/PPC system on a PCI card with a certain amount of
> RAM, etc that could be programmed at runtime by the master CPU.
> Then you lose none of the
Hello,
Chris Wedgwood wrote:
On Mon, Apr 18, 2005 at 12:19:54PM +0900, Takashi Ikebe wrote:
This patch add function called "Live patching" which is defined on
OSDL's carrier grade linux requiremnt definition to linux 2.6.11.7
kernel.
I;m curious as to what people decided this was a necessary
On Apr 17, 2005, at 19:37, Horst von Brand wrote:
Andreas Hartmann <[EMAIL PROTECTED]> said:
Alacritech developed a new chip for NIC's
(http://www.alacritech.com/html/tech_review.html), which makes it
possible
to take away the TCP stack from the host CPU. Therefore, the host CPU
has
more
On Mon, Apr 18, 2005 at 12:19:54PM +0900, Takashi Ikebe wrote:
> This patch add function called "Live patching" which is defined on
> OSDL's carrier grade linux requiremnt definition to linux 2.6.11.7
> kernel.
I;m curious as to what people decided this was a necessary
requirement.
> The live
On Tue, Feb 01, 2005 at 09:16:16PM +1100, Dave Airlie wrote:
>
> I'll nack this patch for now Adrian, but I'm going to bring all these
> changes into the DRM tree as soon as I can.. one of the functions you
> removed pointed out a bug in the i810/i830/i915 drivers (granted
> no-one uses pageflip
This patch makes some needlessly global code static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/usb/net/zd1201.c | 20 +++-
1 files changed, 11 insertions(+), 9 deletions(-)
--- linux-2.6.12-rc2-mm3-full/drivers/usb/net/zd1201.c.old 2005-04-18
This patch makes two needlessly global functions static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/usb/media/sn9c102_core.c |4 ++--
drivers/usb/media/sn9c102_sensor.h |2 --
2 files changed, 2 insertions(+), 4 deletions(-)
---
This patch makes needlessly global code static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/usb/media/pwc/pwc-ctrl.c | 76 +++
drivers/usb/media/pwc/pwc-if.c |2
drivers/usb/media/pwc/pwc.h |6 --
3 files changed, 40 insertions(+),
On Mon, Apr 18, 2005 at 03:52:02AM +0200, Adrian Bunk wrote:
> This patch removes cifs_kcalloc and replaces it with calls to
> kcalloc(1, ...) .
>
> Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
As a followup patch you might want to check the return value
of all those calls before blindly
On Sun, Apr 17, 2005 at 07:48:50PM -0400, Xin Zhao wrote:
> any kernel level protection, including
> SELinux, could be disabled after the kernel is compromised. Am I
> missing some points here?
No, Immutable bit is an application of capabilities (or securelevel), you
are right.
If the kernel is
This patch removes cifs_kcalloc and replaces it with calls to
kcalloc(1, ...) .
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
fs/cifs/connect.c | 92 --
1 files changed, 41 insertions(+), 51 deletions(-)
---
On Wed, Mar 23, 2005 at 08:02:54PM +1100, [EMAIL PROTECTED] wrote:
> Hi
>
> I'm using relayfs to relay data from a kernel module to user space on
> a SuSE 2.6.5 kernel. I'm not absolutely sure what version of relayfs
> has been back ported to it.
Hi Tom,
Could you please have a look at the
Daniel-san, David-san,
Pannus project has two targets.
One is user-mode application live patching, and the other one is kernel
live patching.
What we posted now is user-mode application live patching function.
>If I'm right, I'm not sure why some of the bits of it were done
>separately instead
Hi all,
In the linux system , kernel is often starting up like this :
bootloader -> start_32() -> start_kernel() -> init()
i would like to ask what is the piority level in this starting procedure
? 0 or 3 ? that means, this start up process are running in kernel space
or user space ? or the
Andreas Hartmann <[EMAIL PROTECTED]> said:
> Alacritech developed a new chip for NIC's
> (http://www.alacritech.com/html/tech_review.html), which makes it possible
> to take away the TCP stack from the host CPU. Therefore, the host CPU has
> more performance for the applications according
I compiled linux kernel 2.6.11.7 on RHEL and while
rebooting I get this
error message -
Cannot open root device /SCSIGroup00/SCSIVol000
Please append a correct "root=" boot option
Kernelpanic - not syncing: VFS: Unable to mount root
fs on
unknown-block 0,0
This root entry in grub .conf is
Sorry for this dumb question.
I am trying to install Fedora Core 2 on a dell PowerEdge 2850 with
three 73GB SCSI disks on a RAID 4e/DI controller. I set it up as Raid
5. but when I tried to install FC2, it always complaint that no disk
drive can be found.
Can anybody give me some advice on how
Eric Van Hensbergen <[EMAIL PROTECTED]> wrote:
> On 4/11/05, Miklos Szeredi <[EMAIL PROTECTED]> wrote:
>>
>> 1) Only allow mount over a directory for which the user has write
>> access (and is not sticky)
>>
>> 2) Use nosuid,nodev mount options
[...]
> Do these solve all the security
We can certainly harden the system, but sometime the vulnerability in
kernel is hard to detect and protect. For example, the brk()
vulnerablitiy found in Linux kernel. All the security mechanisms you
mentioned have to rely on a healthy kernel. Unfortunately, the kernel
itself could be compromised
On Fri, Apr 15, 2005 at 06:49:56PM +0100, Alan Cox wrote:
> On Gwe, 2005-04-15 at 00:20, Adrian Bunk wrote:
> > On Sun, Mar 27, 2005 at 05:38:38PM +0100, Alan Cox wrote:
> > > On Sul, 2005-03-27 at 15:34, Adrian Bunk wrote:
> > > > - syncppp.c: sppp_input
> > > > - syncppp.c: sppp_change_mtu
>
On Wed, Apr 13, 2005 at 09:12:53PM -0400, Derek Cheung wrote:
> OK, hope this patch can satisfy everyone :-)
>
> The following is the diffstat of the enclosed patch file:
>
> drivers/i2c/busses/Kconfig | 10
> drivers/i2c/busses/Makefile |1
> drivers/i2c/busses/i2c-mcf5282.c
On Sun, Apr 17, 2005 at 10:05:27AM +1000, Dave Airlie wrote:
> > NO! DO NOT use pci_find_device(). It is broken for systems with pci
> > hotplug (which means any pci system). Please use the way the driver
> > currently works, that is correct.
>
> But its not an LPC driver, it only uses a small
On Mon, 18 Apr 2005 00:27:02 +0200, Alexander Nyberg wrote:
>This patch fixes the NMI checking problems in -mm x64 for me. It
What problems?
>changes the perfctr selection to use RETIRED_UOPS instead
>(makes both processors tick even on my box).
This patch mixes what appears to be cleanups
This patch contains the following possible cleanups:
- make needlessly global code static
- #if 0 unused functions
- remove unused EXPORT_SYMBOL's
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/w1/dscore.c| 35 ++-
drivers/w1/dscore.h|4
This patch makes some needlessly global functions static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/video/sis/init.c |4 ++--
drivers/video/sis/init.h |3 ---
drivers/video/sis/init301.c |9 +
drivers/video/sis/init301.h |4
This patch makes a needlessly global struct static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
--- linux-2.6.12-rc2-mm3-full/drivers/video/fbsysfs.c.old 2005-04-18
00:40:01.0 +0200
+++ linux-2.6.12-rc2-mm3-full/drivers/video/fbsysfs.c 2005-04-18
00:40:09.0 +0200
@@
This patch makes a needlessly global function static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
--- linux-2.6.12-rc2-mm3-full/drivers/video/fbmem.c.old 2005-04-18
00:39:21.0 +0200
+++ linux-2.6.12-rc2-mm3-full/drivers/video/fbmem.c 2005-04-18
00:39:34.0 +0200
@@
... aaand it flopped. i'm not even getting data out of the
serial console - not a squeak. HELP!
the patch is quite large - and contains [working in 2.4.27] a
lot of untested stuff - naturally, if i don't get a squeak out
of the serial console. features include support for CPU_FREQ
which is a
mån 2005-04-11 klockan 01:25 -0700 skrev Andrew Morton:
> ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.12-rc2/2.6.12-rc2-mm3/
>
I tried to kexec on my x64 and it hangs up in calibrate_delay() because
the PIT never fires any interrupts so jiffies is never updated. Has
kexec
> ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.12-rc2/2.6.12-rc2-mm3/
>
>
[Mikael Pettersson on CC, would like your advice]
This patch fixes the NMI checking problems in -mm x64 for me. It
changes the perfctr selection to use RETIRED_UOPS instead
(makes both processors
verify_area() will soon be dead and gone, replaced by access_ok(), thus
the function named rw_verify_area() is badly named and should be renamed.
This patch renames rw_verify_area to rw_access_ok which seems more
appropriate (it also updates all callers of the functions as well as
references
- Remove ugly '#ifdef MODULE's
- Use the __exit attribute on sbpcd_exit()
- Don't rename sbpcd_init() to __sbpcd_init() in modules
- Make sbpcd_init() and sbpcd_exit() static
- Ensure sbpcd_init() is actually called when the driver is compiled in
to the kernel
Signed-off-by: Ross Kendall Axe
On Sun, Apr 17, 2005 at 07:46:16PM +0200, Patrick McHardy wrote:
>
> HTB also needs to be fixed. Destruction is usually defered by the
> refcnt until ->put(), htb_put() doesn't lock the tree. Same for
> HFSC and CBQ.
Yes you're absolutely right.
--
Visit Openswan at http://www.openswan.org/
On Mon, Apr 11, 2005 at 01:25:32AM -0700, Andrew Morton wrote:
>...
> Changes since 2.6.12-rc2-mm2:
>...
> gregkh-driver.patch
>...
Due to the removal of class_simple.c, "make mandocs" no longer works.
This patch fixes this issue.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
Since verify_area is deprecated and going away completely very soon now
TEST_VERIFY_AREA is a bad name to use and should be renamed. The patch
below renames it to TEST_ACCESS_OK which I believe is more appropriate.
Btw: I didn't find anything that actually ever defines TEST_VERIFY_AREA.
Is
On Fri, 15 Apr 2005, Matthew Wilcox wrote:
> On Fri, Apr 15, 2005 at 10:03:05PM +1000, Herbert Xu wrote:
> > I suppose it could be smart and stay quiet about
> >
> > val < 0 || val > BOUND
> >
> > However, gcc is slow enough as it is without adding unnecessary
> > smarts like this.
>
> It only
This patch makes a needlessly globbal function static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
--- linux-2.6.12-rc2-mm3-full/drivers/char/keyboard.c.old 2005-04-17
18:10:34.0 +0200
+++ linux-2.6.12-rc2-mm3-full/drivers/char/keyboard.c 2005-04-17
18:10:55.0 +0200
On Sun, 17 Apr 2005 13:29:14 +0300
Avi Kivity <[EMAIL PROTECTED]> wrote:
> TOEs can remove the data copy on receive. In some applications (notably
> storage), where the application does not touch most of the data, this is
> a significant advantage that cannot be achieved in a software-only
>
This patch contains the following cleanups:
- make needlessly global code static
- remove the TRUE/FALSE macros
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/char/rocket.c | 226 --
drivers/char/rocket_int.h | 40 --
2 files changed,
On Sun, Apr 17, 2005 at 10:15:37PM +0200, Adrian Bunk wrote:
> This patch #if 0's the unused global function randomize_range.
>
This is presumably for future work in process randomization. Arjan,
what's the status of this bit?
> Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
>
> ---
>
>
On Sun, 17 Apr 2005 14:51:43 -0400
Daniel Jacobowitz <[EMAIL PROTECTED]> wrote:
> Takashi-san's description was not very clear, but it sounds like it's a
> patching mechanism for userspace applications - not for kernel space.
> So kprobes would not be a good fit.
I saw the presentation of this
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
OK, finally got a full dump from the serial console! Here is it!
---
Unable to handle kernel paging request at virtual address f8b6f02c
printing eip:
f88b0078
*pde = 031f6067
Oops:
This patch #if 0's the unused global function randomize_range.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/char/random.c |2 ++
include/linux/random.h |1 -
2 files changed, 2 insertions(+), 1 deletion(-)
--- linux-2.6.12-rc2-mm3-full/include/linux/random.h.old
This patch makes a needlessly global variable static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
--- linux-2.6.12-rc2-mm3-full/drivers/char/rio/rio_linux.c.old 2005-04-17
18:18:39.0 +0200
+++ linux-2.6.12-rc2-mm3-full/drivers/char/rio/rio_linux.c 2005-04-17
18:18:47.0
On Friday 15 April 2005 08:43, Peter Baumann wrote:
> On Thu, Apr 14, 2005 at 07:40:52PM +0200, Daniel Ritz wrote:
> >
> > could you apply this debuggin patch instead and send me the dmsg output
> > plus output from lspci, lspci -vvvn. also please send me a hexdump from
> > /proc/bus/pci/00/0b.0
This patch makes a needlessly global function static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
--- linux-2.6.12-rc2-mm3-full/drivers/char/stallion.c.old 2005-04-17
18:27:46.0 +0200
+++ linux-2.6.12-rc2-mm3-full/drivers/char/stallion.c 2005-04-17
18:28:03.0 +0200
Adrian Bunk wrote:
> That is not specifically against this patch, but before we add another
> AES implementation, I'd like to find a better solution for the general
> AES selection.
That would be nice as I didn't like having to duplicate a whole Kconfig
entry which in fact means that it is
This patch makes a needlessly global function static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/char/tty_io.c |5 +++--
include/linux/tty.h |2 --
2 files changed, 3 insertions(+), 4 deletions(-)
--- linux-2.6.12-rc2-mm3-full/include/linux/tty.h.old 2005-04-17
The options CONFIG_IEEE1394_PCILYNX_LOCALRAM and
CONFIG_IEEE1394_PCILYNX_PORTS are not available for some time.
Is this patch for removing them and the code behind them correct, or is
a future usage planned?
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/ieee1394/Kconfig |
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Hi Adrian,
> This patch #if 0's an unused global function.
No. James and Ladislav are working on this driver.
Thanks,
--
Jean Delvare
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at
This patch contains the following possible cleanups:
- make the needlessly global function __nvram_set_checksum static
- #if 0 the unused global function nvram_set_checksum
- remove the EXPORT_SYMBOL's for both functions
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/char/nvram.c
This patch contains the following cleanups:
- make a needlessly global function static
- #if 0 the unused global function dsp3780I_ReadGenCfg
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/char/mwave/3780i.c |6 --
drivers/char/mwave/3780i.h |4
2 files changed, 4
This patch removes an unneeded global variable.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/char/istallion.c |3 +--
1 files changed, 1 insertion(+), 2 deletions(-)
--- linux-2.6.12-rc2-mm3-full/drivers/char/istallion.c.old 2005-04-17
18:05:53.0 +0200
+++
This patch contains the following cleanups:
- i2cmd.c: #if 0 the unused function i2cmdUnixFlags
- i2cmd.c: make the needlessly global funciton i2cmdBaudDef static
- ip2main.c: remove dead code that wasn't reachable due to an #ifdef
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
This patch contains the following possible cleanups:
- pci/cy82c693.c: make a needlessly global function statix
- remove the following unneeded EXPORT_SYMBOL's:
- ide-taskfile.c: do_rw_taskfile
- ide-iops.c: default_hwif_iops
- ide-iops.c: default_hwif_transport
- ide-iops.c:
This patch #if 0's an unused global function.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
--- linux-2.6.12-rc2-mm3-full/drivers/i2c/chips/ds1337.c.old2005-04-17
18:32:54.0 +0200
+++ linux-2.6.12-rc2-mm3-full/drivers/i2c/chips/ds1337.c2005-04-17
18:33:16.0 +0200
This patch makes a needlessly global and EXPORT_SYMBOL'ed struct static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
--- linux-2.6.12-rc2-mm3-full/drivers/cpufreq/cpufreq_ondemand.c.old
2005-04-17 18:32:10.0 +0200
+++ linux-2.6.12-rc2-mm3-full/drivers/cpufreq/cpufreq_ondemand.c
This patch makes some needlessly global code static.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/char/agp/ali-agp.c |4 ++--
drivers/char/agp/amd-k7-agp.c |2 +-
drivers/char/agp/amd64-agp.c|2 +-
drivers/char/agp/ati-agp.c |2 +-
On 4/17/05, Miklos Szeredi <[EMAIL PROTECTED]> wrote:
> > >
> > > 1) Only allow mount over a directory for which the user has write
> > > access (and is not sticky)
> > >
> > > 2) Use nosuid,nodev mount options
> > >
> > > [ parts deleted ]
> >
> > Do these solve all the security concerns
This patch removes unneeded EXPORT_SYMBOL's.
Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
---
drivers/ieee1394/ieee1394_core.c | 16
1 files changed, 16 deletions(-)
--- linux-2.6.12-rc2-mm3-full/drivers/ieee1394/ieee1394_core.c.old
2005-04-17 20:49:31.0
On Sun, Apr 17, 2005 at 09:20:21PM +0200, Andreas Steinmetz wrote:
> The attached patch contains the required changes for the crypto Kconfig
> to enable the usage of the x86_64 AES assembler implementation.
That is not specifically against this patch, but before we add another
AES
On Tue, Jul 27, 2004 at 03:58:59PM -0300, Marcelo Tosatti wrote:
> On Tue, Jul 27, 2004 at 07:53:04AM -0500, Robin Holt wrote:
> > Marcin, you have a process with a Page Table Entry which indicates it is
> > pointing to a page which has been swapped out to block 0 of swap device
> > 256. This is
In article <[EMAIL PROTECTED]> you wrote:
> Yes. I know, with immutable, even root cannot modify sensitive
> files. What I am curious is if an intruder has root access, he may
> have many ways to turn off the immutable protection and modify files.
If you secure your system correctly (i.e make
In article <[EMAIL PROTECTED]> you wrote:
> Why not simply unset the write bit for all three groups of users?
> That seems to be enough to prevent file modification.
# touch test
# chmod a-w test
# echo test > test
# cat test
test
Because this does not protect against writes from root and it
In article <[EMAIL PROTECTED]> you wrote:
> maybe one day you would be able to offload your firewall and policy
> router too :)
There are quite a few filtering NICs out there.
Greetings
Bernd
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Hello,
I'm having trouble reading from /dev/kmem in Linux 2.4.22 and 2.4.25. I
have written some code available at
http://vv.carleton.ca/~cat/misc/readidt.c. The behavior on both kernel
versions is the following:
# ./readidt
idt: 0xe000 + 0x07ff
pointer at 0xe400
read: 0
As
The attached patch contains the x86_64 arch specific Makefile stuff.
--
Andreas Steinmetz SPAMmers use [EMAIL PROTECTED]
diff -rNu linux-2.6.11.2.orig/arch/x86_64/Makefile
linux-2.6.11.2/arch/x86_64/Makefile
--- linux-2.6.11.2.orig/arch/x86_64/Makefile2005-03-09
The attached patch contains the required changes for the crypto Kconfig
to enable the usage of the x86_64 AES assembler implementation.
--
Andreas Steinmetz SPAMmers use [EMAIL PROTECTED]
diff -rNu linux-2.6.11.2.orig/crypto/Kconfig linux-2.6.11.2/crypto/Kconfig
---
The attached patch contains Gladman's in-kernel code for key schedule
and table generation modified to fit to my assembler implementation,
--
Andreas Steinmetz SPAMmers use [EMAIL PROTECTED]
diff -rNu linux-2.6.11.2.orig/arch/x86_64/crypto/aes.c
The attached patch contains my AES assembler implementation for x86_64.
This includes only encrypt/decrypt as Gladman's in-kernel code is used
for key schedule and table generation.
--
Andreas Steinmetz SPAMmers use [EMAIL PROTECTED]
diff -rNu
Implementation:
===
The encrypt/decrypt code is based on an x86 implementation I did a while
ago which I never published. This unpublished implementation does
include an assembler based key schedule and precomputed tables. For
simplicity and best acceptance, however, I took Gladman's
Willy Tarreau schrieb:
> Hello !
>
> On Sun, Apr 17, 2005 at 01:29:14PM +0300, Avi Kivity wrote:
>> On Sun, 2005-04-17 at 12:07, Arjan van de Ven wrote:
>> > On Sun, 2005-04-17 at 10:17 +0200, Andreas Hartmann wrote:
>> > > Hello!
>> > >
>> > > Alacritech developed a new chip for NIC's
>> > >
On Sat, Apr 16, 2005 at 11:44:39PM -0700, David S. Miller wrote:
>
> Takashi-san, have you ever investigated using kprobes to
> implement this feature? It seems a perfect fit, and would
> allow support on several architectures other than just x86
> and x86_64.
>
> If kprobes does not meet your
> >
> > 1) Only allow mount over a directory for which the user has write
> > access (and is not sticky)
> >
> > 2) Use nosuid,nodev mount options
> >
> > [ parts deleted ]
>
> Do these solve all the security concerns with unprivileged mounts, or
> are there other barriers/concerns?
On Fri, Apr 15, 2005 at 08:56:25AM -0400, Salyzyn, Mark wrote:
>
> You can not remove the entries in sys_info.h (osMajorVersion & friends),
> this communicates information to the application via the ioctls and the
> structure shape is important. Change the code to zero the values, leave
> osType
On Sat, Apr 16, 2005 at 08:59:23AM +0100, Russell King wrote:
> On Sat, Apr 16, 2005 at 04:38:52AM +0200, Adrian Bunk wrote:
> > In the Linux kernel, it's more common to put such header dependencies
> > for header files into the C files, but if the ACPI people agree a patch
> > to add the
Eric Van Hensbergen wrote:
> I'd like to second that I think private-namespaces are the right way
> to solve this sort of problem. It also helps not cluttering the
> global namespace with user-local mounts
>
> >
> > Shared subtrees and more support in userspace tools is needed before
> > private
On 4/11/05, Miklos Szeredi <[EMAIL PROTECTED]> wrote:
>
> 1) Only allow mount over a directory for which the user has write
> access (and is not sticky)
>
> 2) Use nosuid,nodev mount options
>
> [ parts deleted ]
Do these solve all the security concerns with unprivileged mounts, or
On Sun, 17 Apr 2005 12:53:24 -0400 TJ wrote:
> I was using the 2.6.7 kernel without APIC or ACPI support, and the via82xx
> driver worked perfectly, compiled as a module, without any options. I built a
> new 2.6.7 kernel on the same hardware with APIC and ACPI support in the
> kernel, as the
Herbert Xu wrote:
On Sat, Apr 16, 2005 at 01:06:39PM +0200, Thomas Graf wrote:
qdisc_destroy can still be invoked without qdisc_tree_lock via the
deletion of a class when it calls qdisc_destroy to destroy its
leaf qdisc.
Indeed. Fortuantely HTB seems to be safe as it calls sch_tree_lock
which is
On 4/12/05, Miklos Szeredi <[EMAIL PROTECTED]> wrote:
> > I think that would be _much_ nicer implemented as a mount which is
> > invisible to other users, rather than one which causes the admin's
> > scripts to spew error messages.
>>
> > Is the namespace mechanism at all suitable for that?
>
>
On Sun, Apr 17, 2005 at 10:06:53AM -0700, David Brownell wrote:
> I tracked down a regression in PCMCIA (and other software) to a
> new bogus register_chrdev() behavior that got merged last month;
> a patch from Matt Mackall that misbehaves.
Thanks and sorry about that. I actually asked Linus to
I tracked down a regression in PCMCIA (and other software) to a
new bogus register_chrdev() behavior that got merged last month;
a patch from Matt Mackall that misbehaves.
This patch just reverts Matt's, restoring the previous behavior
but at the cost of about a Kbyte of static memory on 32bit
I was using the 2.6.7 kernel without APIC or ACPI support, and the via82xx
driver worked perfectly, compiled as a module, without any options. I built a
new 2.6.7 kernel on the same hardware with APIC and ACPI support in the
kernel, as the board supports it, and the driver did not work correctly.
On Sun, Apr 17, 2005 at 12:12:13PM -0400, Xin Zhao wrote:
> Thanks for your reply.
>
> Yes. I know, with immutable, even root cannot modify sensitive
> files. What I am curious is if an intruder has root access, he may
> have many ways to turn off the immutable protection and modify files.
>
On Apr 17, 2005, at 12:12, Xin Zhao wrote:
Thanks for your reply.
Yes. I know, with immutable, even root cannot modify sensitive
files. What I am curious is if an intruder has root access, he may
have many ways to turn off the immutable protection and modify files.
So immutable is designed just
Thanks for your reply.
Yes. I know, with immutable, even root cannot modify sensitive
files. What I am curious is if an intruder has root access, he may
have many ways to turn off the immutable protection and modify files.
So immutable is designed just to prevent a valid root from making
On Sun, Apr 17, 2005 at 11:54:34AM -0400, Xin Zhao wrote:
> Why not simply unset the write bit for all three groups of users?
> That seems to be enough to prevent file modification.
>
> Immutable seems to only add one more protection level in case of
> misconfiguration on standard access right
1 - 100 of 236 matches
Mail list logo