status of the gdm3 security update

To: debian-lts@lists.debian.org
Cc: Markus Koschany <apo@debian.org>
Subject: status of the gdm3 security update
From: Antoine Beaupré <anarcat@orangeseeds.org>
Date: Mon, 27 Aug 2018 20:07:54 -0400
Message-id: <[🔎] 87efej5p5x.fsf@curie.anarc.at>

Hi!

After asking Markus the status of the gdm3 security upgrade for jessie,
he nicely offered me to take it over since he got stuck.

Using his patches, however, I wasn't able to reproduce the
problems. Sure, it *looks* like gdm is "crashing", but I /think/ it's
actually doing what it's asked. The reproducer issues those two
commands:

display_path=$(dbus-send --system --dest=org.gnome.DisplayManager --type=method_call --print-reply=literal /org/gnome/DisplayManager/LocalDisplayFactory org.gnome.DisplayManager.LocalDisplayFactory.CreateTransientDisplay)
dbus-send --system --dest=org.gnome.DisplayManager --type=method_call $display_path org.gnome.DisplayManager.Display.GetId

ie. it's calling `CreateTransientDisplay`. I am not very familiar with
the gdm3 D-Bus API, but a quick search online seems to indicate this is
used to create a "transient" session, also known as "fast user
switching".

When running the patched gdm3 under Vagrant / VirtualBox, the reproducer
seems to "crash" the display - but what it's doing is actually trying to
create that secondary display. There is no actual segfault the Linux
kernel can detect, and an attached gdb process happily goes through
without detecting anything faulty.

I would therefore assert that the patch does what it's designed to do
and everything is actually good.

Just out of curiosity, I've actually tested the reproducer in Debian
buster, which is supposed to be fixed. It could be because I have an
exotic session (i3 window manager), but it doesn't work very well
either. The display seems to completely crash and return to some virtual
terminal. (Just for good measure, all volumes are maxed up as well,
bringing down my hearing a few more dBs. :p) But gdm3 doesn't segfault
and if I login with my regular user, my session actually returns
untouched.

So I think this flickering and reset is actually normal.

(One thing I *did* find in buster is that
gnome-session-check-accelerated segfaults during the procedure:

Aug 27 19:34:57 curie kernel: [446832.229288] gnome-session-c[28820]: segfault at 0 ip 0000000000000000 sp 00007fff2cd46d08 error 14 in gnome-session-check-accelerated
[5606b821b000+2000]
Aug 27 19:34:57 curie kernel: [446832.308946] gnome-session-c[28824]: segfault at 0 ip 0000000000000000 sp 00007fffcd6fb1b8 error 14 in gnome-session-check-accelerated
[5589f17d9000+2000]
Aug 27 19:34:57 curie gnome-session[28817]: gnome-session-binary[28817]: WARNING: software acceleration check failed: Le processus fils a été tué par le signal 11
Aug 27 19:34:57 curie gnome-session-binary[28817]: WARNING: software acceleration check failed: Le processus fils a été tué par le signal 11

This is likely an unrelated problem, however, so I am ignoring that.)

So long story short: apo, your patches were fine! Should I upload the
result or do you want to do the honors?

If I got no reply tomorrow, I'll complete the DLA.

Thanks for the hard work!

--
In a world where Henry Kissinger wins the Nobel Peace Prize,
there is no need for satire.
- Tom Lehrer

Reply to:

Follow-Ups:
- Re: status of the gdm3 security update
  - From: Antoine Beaupré <anarcat@orangeseeds.org>
- Re: status of the gdm3 security update
  - From: Markus Koschany <apo@debian.org>

Prev by Date: Re: Missing dependency on latest jessie-security release of linux-image-4.9-amd64
Next by Date: Re: status of the gdm3 security update
Previous by thread: Re: Missing dependency on latest jessie-security release of linux-image-4.9-amd64
Next by thread: Re: status of the gdm3 security update
Index(es):
- Date
- Thread