RE: FW: i386 Linux kernel DoS (clarification)

Alan Cox (alan@lxorguk.ukuu.org.uk)
13 Nov 2002 21:10:14 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dan Steele: "RE: loop no longer works in 2.5.47?"
Previous message: J.E.J. Bottomley: "Re: [parisc-linux] Untested port of parisc_device to generic device"
Next in thread: Petr Vandrovec: "Re: FW: i386 Linux kernel DoS (clarification)"
Reply: Petr Vandrovec: "Re: FW: i386 Linux kernel DoS (clarification)"
Reply: Alan Cox: "Re: FW: i386 Linux kernel DoS (clarification)"

On Wed, 2002-11-13 at 20:36, Petr Vandrovec wrote:
> 2.5.47-current-bk, run as mere user: Kernel panic: Attempted to kill init!
> Next time I'll trust you.

It does the lcall
The lcall takes an exception
The exception (TF) has NT set
iret returns via the task linkage

I think just clearing the NT bit in both lcall path _and_ in the TF
exception handler does the trick.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dan Steele: "RE: loop no longer works in 2.5.47?"
Previous message: J.E.J. Bottomley: "Re: [parisc-linux] Untested port of parisc_device to generic device"
Next in thread: Petr Vandrovec: "Re: FW: i386 Linux kernel DoS (clarification)"
Reply: Petr Vandrovec: "Re: FW: i386 Linux kernel DoS (clarification)"
Reply: Alan Cox: "Re: FW: i386 Linux kernel DoS (clarification)"