Discussion:
[tomoyo-users-en 695] Re: A briefing mail
Tetsuo Handa
2017-12-25 14:10:35 UTC
Permalink
Hello.

Since RHEL 7 started supporting AArch64 architecture, I added symbol
guessing logic for AArch64 architecture to AKARI and CaitSith. Also, since
Linux 4.15 started automatically hashing values printed by plain %p format,
current instruction which manually compares the guessed addresses with
addresses recorded in System.map no longer works. Although it will be possible
to replace %p format with 0x%lx or %px format, I decided to take this opportunity
to stop printing addresses of guessed symbols. And I modified symbol guessing
logic to automatically verify address of guessed functions and address of
security_hook_heads object. Therefore, when loading akari_test.ko or
caitsith_test.ko on Linux 4.2 and later kernels, there should be no symbols to
manually compare.

Latest files are shown below.

ccs-patch-1.8.5-20171111.tar.gz MD5:dddd09af1377c72da5bd5cf230c9a24b
akari-1.0.37-20171225.tar.gz MD5:99992ce7c7e4501da62333dc770d29be
caitsith-patch-0.2-20171225.tar.gz MD5:ddddbb52b72d6bb10ad6d5283b5a5057

Happy Holidays!
Tetsuo Handa
2018-02-12 13:28:53 UTC
Permalink
Hello.

Since Linux 4.16-rc1 was released, I refreshed the tarballs.

caitsith-patch-0.2-20180212.tar.gz MD5:444418029820b15e238123b226c51355
ccs-patch-1.8.5-20180212.tar.gz MD5:cccc7affbfed3767d8adfea20c3d58d5

I had a talk at CELF Jamboree about how horrible the Linux kernel's memory
management subsystem is, and the presentation slides are available at
https://elinux.org/images/4/49/CELFJP-Jamboree63-handa-en.pdf . I published
"The OOM CTF" page ( http://I-love.SAKURA.ne.jp/The_OOM_CTF.html ) on November
2016. Since I was encouraged to translate the page at the Jamboree, I translated
the page (so far except chapter 5). You can check the page if you are interested
in why Linux systems hangup silently and want to know one of possible causes.
Tetsuo Handa
2018-05-22 14:28:05 UTC
Permalink
Hello.

Recently, I'm involved in fixing bugs reported by syzbot ( https://syzkaller.appspot.com/ ).
It's an amazing system which finds bugs faster than we can fix. ;-) It is very helpful
because not only it finds bugs but also tries to find reproducers. Various bug fixes
are getting merged towards Linux 4.17/4.18.



Since Linux 4.17-rc6 and CentOS 7.5 were released, I refreshed the tarballs.

akari-1.0.38-20180522.tar.gz MD5:aaaaee6e6fa93026de141cfd79573018
caitsith-patch-0.2-20180522.tar.gz MD5:ccccf77b1836d5103de2c9923c4714a3
ccs-patch-1.8.5-20180522.tar.gz MD5:44443d2a297565ae53088201c863aaf1

You can use below tarballs for CentOS 7.4.

akari-1.0.38-20180401.tar.gz MD5:33338a33a4ceaabc16e42ec2f4e8c740
caitsith-patch-0.2-20180401.tar.gz MD5:444473e2fa4634d725e1ccabe941a4a3
ccs-patch-1.8.5-20180401.tar.gz MD5:66663cd41ee4ef67ed10d5653547e511

Regarding TOMOYO, a theoretical bug which can hung up upon initialization was
fixed in 20180401.tar.gz . Regarding AKARI and CaitSith, a bug which by error
overwrites existing LSM hooks (Linux 4.12+) was fixed in 20180401.tar.gz , and
a redundant check which was called upon LSM hook registration (Linux 4.12+) was
removed in 20180522.tar.gz .
Tetsuo Handa
2018-07-14 11:10:41 UTC
Permalink
Hello.

syzbot so far found 1000+ bugs. Also, syzbot restarted testing linux-next.git .
We can find buggy changes before they arrive at linux.git , and as a result
we can reduce possibility of propagating buggy changes to other trees when
a merge window closes. ;-)

Since Linux 4.18-rc4 and CentOS 6.10 were released, I refreshed the tarballs.
There is no change except updating ccs-patch-*.diff to the latest kernels.

caitsith-patch-0.2-20180714.tar.gz MD5:ddddd80903a88d10a4e38632011735cd
ccs-patch-1.8.5-20180714.tar.gz MD5:ffff3ac3a230cfee1af46db98824a4b4

Also, you can download my GPG key which extended expiry date by 5 years.
Tetsuo Handa
2018-08-27 12:58:21 UTC
Permalink
Hello.

Since Linux 4.19-rc1 was released, I refreshed the tarballs.
There is no change except supporting the latest kernels.

ccs-patch-1.8.5-20180827.tar.gz MD5:55554ec21718c99acc2dc76cce7a1e05
akari-1.0.38-20180827.tar.gz MD5:88888c873401a32a09246885b5f14976
caitsith-patch-0.2-20180827.tar.gz MD5:77771eed4742da0ced87faa577bca777
Loading...