[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Fwd: [lemote] Re: Are -mfix-loongson2f-nop and -mfix-loongson2f-jump needed for userland programs?]

On Thu, 4 Feb 2010, fxzhang wrote:
On Sat, 2010-01-23 at 13:39 -0500, Daniel Clark wrote:
Does anyone know canonically if the system can have instability
because *any* executable program is compiled without the loongson2f
as/binutils fixes?

The site http://dev.lemote.com/code/firefox-3.7-loongson-jit says:

"Recommend building with Lemote's tool-chain
http://dev.lemote.com/files/binary/toolchain/gcc4ls2f.tar to avoid a
potential bug http://sourceware.org/ml/binutils/2009-11/msg00387.html.";

I was under the impression that only the kernel, linux had to be
compiled with the loongson2f as/binutils fixes to avoid system lockups
due to silicon-level loongson2f bugs.

As I have said in
http://sourceware.org/ml/binutils/2009-11/msg00387.html, only
-mfix-loongson2f-nop is needed for user-space applications.

From reading that message, it seems very wrong to me. It sounds like a
regular user could cause the machine to crash by omitting the -mfix-loongson2f-nop when compiling his programs. This solution seems akin to "fixing" a buffer overflow in a server by modifying the client to never send strings that are too long.

Am I missing something, or was the solution to this DoS vulnerability something along the lines of "let's create a way so that we can avoid exploiting it accidentally"?

Just a long-time debian user,

Reply to: