Bug#865549: linux-image-3.16.0-4-powerpc64le: stackguard fix incorrect; probably causes cargo to segfault on ppc64el

To: Ben Hutchings <ben@decadent.org.uk>, 865549@bugs.debian.org
Subject: Bug#865549: linux-image-3.16.0-4-powerpc64le: stackguard fix incorrect; probably causes cargo to segfault on ppc64el
From: Ximin Luo <infinity0@debian.org>
Date: Thu, 22 Jun 2017 21:50:00 +0000
Message-id: <[🔎] 318fd2b9-9281-e53c-5b30-22cd476f4047@debian.org>
Reply-to: Ximin Luo <infinity0@debian.org>, 865549@bugs.debian.org
In-reply-to: <[🔎] 1498166915.2655.31.camel@decadent.org.uk>
References: <[🔎] 149815094601.11521.7289858492571861954.reportbug@localhost.localdomain> <[🔎] 1498166915.2655.31.camel@decadent.org.uk>

Hi, unfortunately I don't have root access to any ppc64el machines to be able to install a new kernel, I only have access to plummer.debian.org. (Also you didn't build them for ppc64el yet.)

There are some things different about what we're seeing in cargo, vs the provided C code that segfaults. However the timing is too coincidental so I'm still inclined to think it's caused by this bug. But unfortunately I don't know how I can test this myself.

Could you release this to stable so that I can ask the buildd people to install this on plummer, so I can test it?

Or, if anyone else is able to test it, you can download and extract this: https://static.rust-lang.org/dist/rust-1.18.0-powerpc64le-unknown-linux-gnu.tar.gz then run `for i in {1..10}; do rust-1.18.0-powerpc64le-unknown-linux-gnu/cargo/bin/cargo -V; done` and see if it segfaults.

X

Ben Hutchings:
> Control: tag -1 moreinfo
> 
> On Thu, 22 Jun 2017 19:02:26 +0200 Ximin Luo <infinity0@debian.org>
> wrote:
>> Package: linux-image-3.16.0-4-powerpc64le
>> Version: 3.16.43-2+deb8u1
>> Severity: critical
>> Justification: breaks unrelated software
>>  
>> Dear Maintainer,
>>  
>> I have been getting segfaults trying to build cargo on ppc64el
>>  
>> https://github.com/rust-lang/cargo/issues/4197
>>  
>> The signs point to the recent stack guard fix as being the culprit, I can
>> confirm that the test program given here:
>>  
>> http://www.openwall.com/lists/oss-security/2017/06/22/6
>>  
>> indicates the presence of the bug on plummer.debian.org. I'm not very familiar
>> with kernel development so I don't know where the proper fix is, but subsequent
>> discussion on that thread suggests that mainline has the "correct fix" whereas
>> some distros applied an incorrect one.
> 
> Can you please test with this candidate fix?
> https://people.debian.org/~benh/packages/CVE-2017-1000364/
> 
> Ben.
> 

-- 
GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE
https://github.com/infinity0/pubkeys.git

Reply to:

Follow-Ups:
- Bug#865549: linux-image-3.16.0-4-powerpc64le: stackguard fix incorrect; probably causes cargo to segfault on ppc64el
  - From: Ximin Luo <infinity0@debian.org>

References:
- Bug#865549: linux-image-3.16.0-4-powerpc64le: stackguard fix incorrect; probably causes cargo to segfault on ppc64el
  - From: Ximin Luo <infinity0@debian.org>
- Bug#865549: linux-image-3.16.0-4-powerpc64le: stackguard fix incorrect; probably causes cargo to segfault on ppc64el
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Bug#865549: linux-image-3.16.0-4-powerpc64le: stackguard fix incorrect; probably causes cargo to segfault on ppc64el
Next by Date: Bug#865549: linux-image-3.16.0-4-powerpc64le: stackguard fix incorrect; probably causes cargo to segfault on ppc64el
Previous by thread: Bug#865549: linux-image-3.16.0-4-powerpc64le: stackguard fix incorrect; probably causes cargo to segfault on ppc64el
Next by thread: Bug#865549: linux-image-3.16.0-4-powerpc64le: stackguard fix incorrect; probably causes cargo to segfault on ppc64el
Index(es):
- Date
- Thread