Archive

Posts Tagged ‘Kernel’

CVE-2010-3081: 64bit Linux Kernel Root Exploit

September 20th, 2010 1 comment

Well its been a heavy week on the security front, first up is a Linux root exploit for 64bit Machines.

A vulnerability in the 32-bit compatibility layer for 64-bit systems was reported. It is caused by insecure allocation of user space memory when translating system call inputs to 64-bit. A stack pointer underflow can occur when using the “compat_alloc_user_space” method with an arbitrary length input.

What does that mean? Essentially, some sanity checks in the compat_alloc_user_space function to check the length and ensure that the pointer to the block of memory is within the user-space of the process is valid was missing. The fix has already been committed but if you are running any x64 versions of Linux, make sure you update your Kernel – especially now that the exploit code is publicly available!

Read up on the exploit by Jeff Arnold from Ksplice and use this very useful CVE-2010-3081 high-profile exploit detection tool to determine if you’re boxens are already compromised.

Of particular note from his article is the breadth of exploitable distributions – see the references below for vendor specific information:

This vulnerability was introduced into the Linux kernel in April 2008, and so essentially every distribution is affected, including RHEL, CentOS, Debian, Ubuntu, Parallels Virtuozzo Containers, OpenVZ, CloudLinux, and SuSE, among others. A few vendors have released kernels that fix the vulnerability if you reboot, but other vendors, including Red Hat, are still working on releasing an updated kernel.

After downloading and running the tool under a non-sudo account, you should cheerfully get the following output.

thushan@dingo:~/tmp$ ./diagnose-2010-3081
Diagnostic tool for public CVE-2010-3081 exploit -- Ksplice, Inc.
(see http://www.ksplice.com/uptrack/cve-2010-3081)

$$$ Kernel release: 2.6.32-23-server
!!! Not a RHEL kernel, will skip LSM method
$$$ Backdoor in LSM (1/3): not available.
$$$ Backdoor in timer_list_fops (2/3): checking...not present.
$$$ Backdoor in IDT (3/3): checking...not present.

Your system is free from the backdoors that would be left in memory by the published exploit for CVE-2010-3081.
thushan@dingo:~/tmp$

If not, its time to put those security drills into action!

References

{lang: 'en-GB'}
Share

Google releases ChromeOS

November 20th, 2009 No comments

Google just released information and a presentation (below) about ChromeOS.

Wow, you can take a peek at the source as well. I’m not sure if its just a very tweaked minimalistic Linux Kernel with a Chrome Window Manager or what, but like they did with Chrome, this is definitely a Think Different product. Take a look at a visual tour of the ChromeOS.

I don’t think this will replace your traditional desktop completely (I still like to have my stuff with me rather than hosted somewhere!) but what happens to devices, peripherals etc, development environments (Imagine running Visual Studio over the intertubes on ADSL!) etc.

But one things for sure, it takes the idea of Operating Systems and how you view your operating system to a different level. All those tabs you see in Chrome now, are virtual desktop like instances in ChromeOS. More info can be got from the PCWorld article on ChromeOS.

{lang: 'en-GB'}
Share

Boffins get 1,000,000 Linux Kernels running as virtual machines!

August 4th, 2009 No comments

Thats right, that wasn’t a typo. Some crazy boffins at Sandia National Laboratories in Livermore, have run more than a million Linux kernels as virtual machines out of which 20,000 can be run simultaneously! Why on earth would they attempt such feats?

Prehaps this XKCD may jog your memory

XKCD: Networking

Yep, just about:

The technique will allow them to effectively observe behaviour found in malicious botnets, or networks of infected machines that can operate on the scale of a million nodes.

Insane!

{lang: 'en-GB'}
Share

Linux Btrfs: A short history of btrfs

August 2nd, 2009 No comments

Valerie Aurora (such a cool name!) takes a look into the history of Btrfs, well written and easy to follow.

{lang: 'en-GB'}
Share

Linus releases Linux 2.6.30

June 11th, 2009 No comments

Linus has released 2.6.30 of the kernel, list of changes are available in the Linux Kernel Newbies guide.

This version adds the log-structured NILFS2 filesystem, a filesystem for object-based storage devices, a caching layer for local caching of NFS data, the RDS protocol which delivers high-performance reliable connections between the servers of a cluster, a distributed networking filesystem (POHMELFS), automatic flushing of files on renames/truncates in ext3, ext4 and btrfs, preliminary support for the 802.11w drafts, support for the Microblaze architecture, the Tomoyo security module, DRM support for the Radeon R6xx/R7xx graphic cards, asynchronous scanning of devices and partitions for faster bootup, MD support for switching between raid5/6 modes, the preadv/pwritev syscalls, several new drivers and many other small improvements.

One interesting change (amongst the many) is that we have this new feature called Fastboot. Essentially, when we boot right now, there is significant cycles wasted waiting for the device probing to complete. From Johnathan Corbet’s article on LWN:

There are many aspects to the job of making a system boot quickly. Some of the lowest-hanging fruit can be found in the area of device probing. Figuring out what hardware exists on the system tends to be a slow task at best; if it involves physical actions (such as spinning up a disk) it gets even worse. Kernel developers have long understood that they could gain a lot of time if this device probing could, at least, be done in a parallel manner: while the kernel is waiting for one device to respond, it can be talking to another. Attempts at parallelizing this work over the years have foundered, though. Problems with device ordering, concurrent access, and more have adversely affected system stability, with the inevitable result that the parallel code is taken back out. So early system initialization remains almost entirely sequential.

This new release attempts to address this problem.

Arjan hopes to succeed where others have failed by (1) taking a carefully-controlled approach to parallelization which doesn’t try to parallelize everything at once, and (2) an API which attempts to hide the effects of parallelization (other than improved speed) from the rest of the system. For (1), Arjan has limited himself to making parts of the SCSI and libata subsystems asynchronous, without addressing much of the rest of the system. The API work ensures that device registration happens in the same order is it would in a strictly sequential system. That eliminates the irritating problems which result when one’s hardware changes names from one boot to the next.

How well it does it, I guess we’ll have to wait and see. But here’s a bit of a tidbit in the kernel for the new Microblaze implementation.

void __init setup_cpuinfo(void)
{
struct device_node *cpu = NULL;

cpu = (struct device_node *) of_find_node_by_type(NULL, "cpu");
if (!cpu)
printk(KERN_ERR "You don't have cpu!!!\n");

printk(KERN_INFO "%s: initialising\n", __func__);

DUDE, You dont’ have cpu!!!

{lang: 'en-GB'}
Share

THIS IS FEDORA: Fedora 11 Released

June 9th, 2009 No comments

This is FEDORA.

Fedora 11 aka Leonidas has been released. Whilst the front page is yet to be updated the mirrors are being updated as I write and ISO’s are being propogated.

Download ISO:

In Australia? Try the local mirrors:

Bit of a torrenter? See the Torrent Tracker page.

Approximate sizes (from internode):

Fedora-11-i686-Live.iso             688M
Fedora-11-i686-Live-KDE.iso         686M
Fedora-11-x86_64-Live.iso           691M
Fedora-11-x86_64-Live-KDE.iso       693M

See the Fedora 11 Release Notes for more information about changes in this release, the Fedora 11 feature list or the Unoffficial Fedora 11 Guide.

I’ve been awaiting this release primarily for the Linux Kernel v2.6.29 (in comparison to Jaunty‘s Kernel 2.6.28) which brings a slew of updates to the table – in particular KMS (Kernel mode setting – flicker free graphics), the inclusion of Btrfs in the kernel for preliminary testing and better memory mangement. Ofcourse Fedora 11 ships with X.org 1.6 as well. With the inclusion of GCC 4.4 all packages are now compiled with gcc4.4 too.

I’ve only dabbled in Fedora 10, but I think its a worthy move from my primarily Ubuntu lifestyle.

Whats really interesting though, is that Ubuntu 9.10 seems to have a decent performance bump, so whilst the wait for Fedora 11 is over, its time to get excited about the snappier the Karmic Koala.

{lang: 'en-GB'}
Share

Thanks for the memory: Understanding the memory usage in the JVM in Windows and Linux

May 11th, 2009 No comments

I’m nothing special, in fact I’m a bit of a bore
If I tell a joke, you’ve probably heard it before
But I have a talent, a wonderful thing
cause everyone listens when I start to sing
I’m so grateful and proud
All I want is to sing it out loud

Sooo I sang, thank-you for the memory tuning options for the JVM Andrew Hall, you’ve made my day. Andrew has written an excellent article detailing the inner workings of the JVM and how it manages memory, it goes quite deep starting with Kernel vs User Space, how the JVM uses native memory (including some examples to show running out of native memory), how to detect/measure heap usage and finally how to move over to the 64bit world with some caveats (native 64bit binaries for JNI libs etc).

Well worth the read.

{lang: 'en-GB'}
Share

Funky Jaunty: Ubuntu 9.04 Release Candidate, its almost here!

April 17th, 2009 1 comment

Excited Jen? You should be. Ubuntu 9.04 (aka Jaunty Jackalope) will be out in less than a week, and if you cant wait, grab the Release candidate and give it ago.

Amongst the highlights:

Our main server box (Zeus) is still running 7.04, so I think its about time I upgrade the little guy to the latest and greatest, 2 years later with a fresh dose of hardware.

{lang: 'en-GB'}
Share

Funky Moves: Linux Kernel v2.6.29 released!

March 24th, 2009 No comments

Linux Torvalds has just released Linux Kernel 2.6.29, amongst the highlights for this release include:

Linux 2.6.29 adds kernel based graphic mode setting, WiMAX support, Access Point support in the wifi stack, the inclusion of the btrfs and squashfs filesystems, ecryptfs filename encryption, ext4 no journaling mode, ocfs2 metadata checksums, a more scalable RCU implementation, filesystem freeze support, swap management in the memory controller, many new drivers and many other improvements.

Unfortunately the Linux Kernel Newbies site is still being edited for the .29 release, so you’ll have to checkout the release notes or the changelog for 2.6.29 for now and if your game, download the source and build.

{lang: 'en-GB'}
Share

The anatomy of the Ext4 File-System

February 23rd, 2009 No comments

Tim Jones has posted an article on the IBM DeveloperWorks website about the importance and anatomy of the Ext4 file system for Linux.

The first supported file system for Linux was the Minix file system. This file system had some significant performance issues, so another file system was created specifically for Linux called the extended file system. The first extended file system (ext1) was designed by Remy Card and introduced into Linux in April 1992. The ext1 file system was the first to use the virtual file system (VFS) switch implemented in the 0.96c kernel and supported file systems up to 2 gigabytes (GB) in size.

The second extended file system (ext2), also implemented by Remy Card, was introduced in January 1993. It adopted advanced ideas from other file systems of the day (such as the Berkeley Fast File System [FFS]). Ext2 extended supported file systems of 2TB in size, although 2.6 kernels extended the maximum size of ext2 file systems to 32TB.

The third extended file system (ext3) was a major advance in Linux file systems, even though its performance was less than some of its competitors. The ext3 file system introduced the concept of journaling to improve the reliability of the file system when the system is abruptly halted. And although competing file systems had better performance (such as Silicon Graphics’ XFS and the IBM® Journaled File System [JFS]), ext3 supported in-place upgrades from systems already using ext2. Ext3 was introduced in November 2001 and implemented by Stephen Tweedie.

Fast-forward to today. We now have the fourth extended file system (ext4). Ext4 introduces numerous new advancements for performance, scalability, and reliability. Most notably, ext4 supports file systems of 1 exabyte in size. Ext4 was implemented by a team of developers, led by Theodore Tso (the ext3 maintainer), and was introduced in the 2.6.19 kernel. It is now stable in the 2.6.28 kernel (as of December 2008).

Ext4 borrows many useful concepts from a variety of competing file systems. For example, the extent approach to block management had been implemented in JFS. Another block management-related feature (delayed allocation) was implemented in both XFS and in Sun Microsystems’ ZFS.

Well worth a read as it covers some of the significant changes and updates made to Ext4 and how it differs from previous releases. I’m using XFS on my file server eagerly awating the arrival of Btrfs.

{lang: 'en-GB'}
Share