FAQ

On Wednesday 15 May 2013 11:48:14 David C. Miller wrote:
For those who don't know yet here is the redhat bugzilla on this exploit.

https://bugzilla.redhat.com/show_bug.cgi?id�2792

Does anyone know if CentOS 6 have the debug packages available to apply the
temp patch for this listed in the bugzilla link?

An alternative to the somewhat complicated process of getting a full systemtap
build environment running is to use precompiled modules. I've made mine
available. Here are pros and cons:


+ only needs the base pkg systemtap-runtime
+ easy to deploy
+ disables perf as long as active (stops the vuln)


- you got to trust me but:
  * I've signed this email with my normal key used previously on the list
  * I included md5sums
- my systemtap fix is more blunt, disables perf_event_open completely
- you need to be running a matching kernel (I built for -358.2.1 and 6.1)
- you can't rename the .ko file


Instructions:
  1) get the .ko file matching your kernel (35821 for -358.2.1, ...)
  2) check the md5sum
  3) insert it with "# staprun -L ./perf_event_blocker_358?1.ko"


  4) (optional) "perf stat true" should now fail with -14
  5) (optionally to disable) "staprun -A" + Ctrl-C


http://www.nsc.liu.se/~cap/perf_event_blocker_35821.ko
http://www.nsc.liu.se/~cap/perf_event_blocker_35861.ko
http://www.nsc.liu.se/~cap/perf_event_blocker.stp


e721fcbdcd1f7616ddd11d41f4909545 perf_event_blocker_35821.ko
a1a9819138bada0a1a7d9c21c6458510 perf_event_blocker_35861.ko
05f0bfd3030db4d4f4deb0fdc71b7fa3 perf_event_blocker.stp


/Peter


--
-= Peter Kjellstr?m
-= National Supercomputer Centre
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
Url : http://lists.centos.org/pipermail/centos/attachments/20130516/f4f2a2ea/attachment.bin

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 3 of 5 | next ›
Discussion Overview
groupcentos @
categoriescentos
postedMay 15, '13 at 6:48p
activeMay 17, '13 at 10:04a
posts5
users4
websitecentos.org
irc#centos

People

Translate

site design / logo © 2022 Grokbase