The long story, for those interested: http://lists.debian.org/debian-x/2002/debian-x-200208/msg00091.html (and read the whole thread) The short story: I need people with root on machines of your given architecture to compile and run the attached C program. It consists of code borrowed from xdm's genauth.c program. The X Strike Force is trying to determine for which architectures it's a bad idea to read several megabytes of data sequentially from /dev/mem, because this is exactly what XDM currently does when generating an XDM-AUTHORIZATION-1 cookie. Be warned: on at least some architectures (notably IA-64), this sort of read has been known to cause untrapped machine checks (a.k.a., lockups or spontaneous reboots). Arguably the kernel should trap this sort of nonsense, so you may be in the mood to file a bug against "kernel" after running this program. I and the other folks at the X Strike Force need to know the following things: 1) whether or not this program works when you run it without arguments 2) if scenario 1) causes problems, what the last line of output was 3) if scenario 1) causes problems, whether invoking this program with the argument "fragile" helps it 4) if scenario 3) causes problems, what the last line of output was Remember, this program must be run as root. If normal users can read from /dev/mem on your machine, you're in trouble. :) -- G. Branden Robinson | No math genius, eh? Then perhaps Debian GNU/Linux | you could explain to me where you branden@debian.org | got these... PENROSE TILES! http://people.debian.org/~branden/ | -- Stephen R. Notley
#include <errno.h> #include <fcntl.h> #include <stdio.h> #include <string.h> #include <sys/types.h> #include <sys/stat.h> #include <unistd.h> #define FILE_LIMIT 1024 static int sumFile (char *name, long sum[2], int dofragile) { long buf[1024*2]; int cnt; int fd; int loops; int reads; int i; int ret_status = 0; fd = open (name, O_RDONLY); if (fd < 0) { fprintf(stderr, "Cannot open randomFile \"%s\" (%s)\n", name, strerror(errno)); return 0; } if (dofragile) { if (strcmp(name, "/dev/mem") == 0) lseek (fd, (off_t) 0x100000, SEEK_SET); } reads = FILE_LIMIT; sum[0] = 0; sum[1] = 0; while ((cnt = read (fd, (char *) buf, sizeof (buf))) > 0 && --reads > 0) { printf("read #%d of %d bytes \n", (FILE_LIMIT - reads + 1), sizeof (buf)); loops = cnt / (2 * sizeof (long)); for (i = 0; i < loops; i+= 2) { sum[0] += buf[i]; sum[1] += buf[i+1]; ret_status = 1; } } if (cnt < 0) fprintf(stderr, "Cannot read randomFile \"%s\" (%s)\n", name, strerror(errno)); close (fd); return ret_status; } int main(int argc, char *argv[]) { int status; int dofragile = 0; long checksum[2]; char *filename = "/dev/mem"; if (argv[1] != NULL && (strncmp(argv[1], "fragile", 7) == 0)) { dofragile = 1; } printf("Reading data from %s%s...\n", (dofragile ? "(fragile) " : ""), filename); status = sumFile(filename, checksum, dofragile); printf("done with read of %s%s (returned %d).\n", (dofragile ? "(fragile) " : ""), filename, status); printf("sumFile() %s.\n", (status ? "succeeded" : "failed" )); exit(0); }
Attachment:
pgpK1S1WTEggk.pgp
Description: PGP signature