[12:14] Ahahah. Someone went through the effort of registering ubuntu.suxx? =) [12:15] suxx.pl with a subdomain ubuntu [12:16] I just think it's funny. =) [12:16] Some people like us, some people hate us. =) [12:16] watch this. [12:16] gimme 2 minutes. [12:19] jbailey: ubuntu-dapper.kicks-ass.net [12:19] :> === bluefoxicy removes that now. [12:19] =) [12:24] bluefoxicy: suxx.pl is my domain [12:24] ubuntu is just a topic subdomain [12:24] I had a bad day when I registered suxx.pl but now it's just history :) [12:25] I like ubuntu alot :D [12:25] jbailey: do you happen to use itanium? [12:31] zyga: FSVO 'use' [12:32] great, do you happen to need a dual CPU daughterboard for free? [12:32] for itanium 1 :/ [12:32] Nope. Mine's a dual 900mhz itanium 2. [12:32] I've got two itanium 2 cpus as well but I plan to use them as soon as I find a mobo :) [12:32] eh :) [12:32] those things are pricey :) [12:33] I got a bit lucky with that particular hardware acquisition. [12:33] well so did I, I guess [12:34] both cpu's cost about 20$ [12:34] 10$ / cpu [12:34] even less than that useless daugtherboard :) [12:35] zyga: You could mail me the daughterboard and I could use it to decorate my house. [12:35] zyga: I suspect you'll have a hard time finding someone who will actually USE it, though. [12:36] if you cover the shipping I might ;] I also posted it on to the debian-hw-donations project [12:36] I might end up buys the remaining bits to assemble an itanium 1 box [12:36] it's brand new you know :) [12:37] I kind of like the connector :) [12:37] looks like some ancient computer card :D [01:14] oh holy shit it works! [01:18] bluefoxicy: it? [01:23] jbailey: http://rafb.net/paste/results/VkXzkF11.html paxtest on ubuntu [01:24] I wrote a small kernel patch, and then booted the new kernel with stack_random_bits=22 mmap_random_bits=16 [01:24] http://rafb.net/paste/results/gI4UFC11.html [01:25] bluefoxicy: I was reading drepper's blog on the lock downs that they did. Neat stuff. [01:25] I hope we can do that for edgy. [01:25] on what? [01:25] Lemme find the posting for you [01:25] jbailey: yeah. I want to try to get this patch into mainline, but I'm hoping maybe I can get ubuntu behind me? [01:26] It lets you adjust mmap() and stack randomization at boot time [01:26] the stack by default shifts around in 8 megs, mmap() base in 1 meg [01:27] http://udrepper.livejournal.com/9666.html [01:27] bluefoxicy: Dunno. I'm not involved in the kernel at all. [01:27] this gives (to granularity of 16 bytes) 524288 positions in 128 pages for stack; and (to granularity of 4096 bytes) 256 positions for the mmap() base (libraries etc) [01:27] I just show up here to harass Ben. =) [01:28] Of course the stack you might throw 4096 bytes of stuffing into and make that 128 ranges your attack works in... [01:29] in such a case, imagine we have say 1000 users who get attacked on a vulnerability protected by this. That's 1/128 success, maybe 10 fall to it? (gaim has an executable stack, x86 tends to have an executable stack...) [01:29] worst case scenario. === bluefoxicy wants to be able to hit a button and get high-order entropy :) Also heap randomization which fedora seems to have... [01:31] ah [01:31] that's nice, yes [01:31] Right. I'd like us to follow this if we could for edgy. [01:31] I think it would be very hard. [01:31] Third party programs are likely to also cause troubles. [01:31] I know nvidia glx breaks due to that stuff (because PAX BROKE NVIDIA GLX AND WE BITCHED AT THEM FOR 3 YEARS BEFORE GIVING UP) [01:31] nVIdia will never care. [01:31] they'll just say, "Well turn the security off." [01:32] Really, it's not a matter of negotiating, 3 years of negotiation did nothing. Go kick them in the balls if you want it to get done [01:32] What we need is an open source nvidia glx driver [01:33] True. [01:33] Anyone working on one? =) [01:33] nope :) [01:34] The proprietary one needs to start sucking more so people are more motivated to replace it. [01:34] I can only assume that fglrx being COMPLETE CRAP has been a large motivation for radeon hacking. [01:35] also that radeon mainly worked before the fglrx was out [01:35] Oh well, one more thing in the list of things I'll never have the skill to hack on. =) [01:35] we actually had 3D on lower radeon [01:35] And probably wouldn't chip in more than $20 towards getting fixed. [01:35] jbailey: go offer to suck ajax's thing for it or something, maybe he'll finally get around to writing it. [01:35] jbailey: Get a brain transfusion from airlied. [01:36] jbailey: thats what things like daniels are for [01:36] i knew an excellent graphics card hacker [01:36] infinity: I could all the drm knowledge. And he could then go write scary makefiles instead? [01:36] Joy. [01:36] but he hates open source stuff. [01:36] it's an egoism thing [01:36] lifeless: Eh, didn't know you trakced this channel. =) [01:36] but the guy picked up a game cube and started writing stuff to control its hardware [01:37] could reverse engineer shit [01:37] jbailey: Well, he's an X hacker, so probably already know scary Imake. :) [01:37] it didn't seem like a big deal to him, he was just really smart [02:03] There are people working on an open nvidia driver [02:09] hey mj [02:10] http://rafb.net/paste/results/1GRXs654.html about to send this to lkml to see what I get. === doko [n=doko@201.160.19.41.cableonline.com.mx] has joined #ubuntu-kernel === zul [n=chuck@ubuntu/member/zul] has joined #ubuntu-kernel [02:47] hey === mgalvin [n=mgalvin@ubuntu/member/mgalvin] has joined #ubuntu-kernel [02:58] how was you guys day off? [03:02] WTF? [03:02] Thunderbird suggests "testatrix" in place of "paxtest" [03:02] ubotu... dammit wrong channel [04:02] http://lkml.org/lkml/2006/5/19/219 And there it goes. [05:12] mm. people aren't going to like that hardcoded page size [05:12] mm. [05:12] I did note as a FIXME to replace 4096 with PAGE_SIZE [05:12] yep [05:13] I will have to rewrite some of the logic for that of course. [05:13] the semantics of stack_random_bits for example means the stack can take on 2^stack_random_bits different values. [05:14] if you lose the ability to shift by 16 bytes at a time then 16 bits of stack randomization is 256M; otherwise 24 bits is 256M [05:15] similarly, if your pages are 8KiB instead of 4KiB you have to use the first 9 bits for intra-page randomization and the rest for page randomization. [05:15] and of course mmap() randomization is straight randomization * PAGE_SIZE, which is easy [05:15] the stack stuff however requires log base 2 calculations. [05:18] dilinger: to be fair, the original shifted around by 8192 (2 pages) for sub-page stack randomization. [05:32] Anyone know how to log(2,n) something? [07:12] dilinger: fixed. === tuxmaniac [n=aanjhan@60.254.67.17] has joined #ubuntu-kernel === __keybuk [n=scott@syndicate.netsplit.com] has joined #ubuntu-kernel === kimo [n=ahmed@196.202.31.155] has joined #ubuntu-kernel [10:05] why does the topic still say -22 ! duh, I'm on -23 now === ivoks [n=ivoks@lns02-1582.dsl.iskon.hr] has joined #ubuntu-kernel === _human_blip_ [n=mike@mike.nelsonbay.com] has joined #ubuntu-kernel === human_blip [n=mike@mike.nelsonbay.com] has joined #ubuntu-kernel === _mike_ [n=mike@mike.nelsonbay.com] has joined #ubuntu-kernel === human_blip [n=mike@mike.nelsonbay.com] has joined #ubuntu-kernel === tuxmaniac [n=aanjhan@60.254.67.17] has joined #ubuntu-kernel === human_blip [n=mike@mike.nelsonbay.com] has joined #ubuntu-kernel === human_blip [n=mike@mike.nelsonbay.com] has joined #ubuntu-kernel === ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-kernel === human_blip [n=mike@mike.nelsonbay.com] has joined #ubuntu-kernel === tuxmaniac [n=aanjhan@60.254.67.17] has joined #ubuntu-kernel === BenC [n=bcollins@debian/developer/bcollins] has joined #ubuntu-kernel === human_blip [n=mike@220.157.65.127] has joined #ubuntu-kernel [02:01] dpkg-deb: building package `linux-image-2.6.17-1-powerpc' in `../linux-image-2.6.17-1-powerpc_2.6.17-1.1_powerpc.deb'. [02:01] yummy === _human_blip_ [n=mike@220.157.65.127] has joined #ubuntu-kernel === BenC_ [n=bcollins@72.169.114.90] has joined #ubuntu-kernel [02:41] sweet, full build of 2.6.17-git for edgy on powerpc [02:52] Linux colorless 2.6.17-1-powerpc #1 Sat May 20 01:39:11 EDT 2006 ppc GNU/Linux [02:58] aye ben. [03:02] http://rafb.net/paste/results/b1eCH937.html Think I got a shot at getting this one into Edgy as per https://wiki.ubuntu.com/UbuntuDownUnder/BOFs/ProactiveSecurityRoadmap ? [03:02] I'm still working on it, gotta handle some logic for x86-64 with IA-32 emulation specifically. [03:03] (wouldn't want randomization over 1TiB of VA space and suddenly an IA-32 process tries to put stuff at 0x001C000000000000 and finds VMA isn't that long) [03:06] cool [03:29] aha, got it [03:29] I used TASK_SIZE / 6 as my random interval [03:30] so IA-32 code should let you tell it to randomize mmap() by 512M and stack by 512M; x86-64 assuming VMA space is 192TiB (of the 48 bit 256TiB space the CPU gives us) would give 32TiB max [03:30] but if you don't specify on the kernel command line, it'll just do 1MiB mmap() and 8MiB stack, as it does now :) [03:30] I should probably cut that back to TASK_SIZE/12 [03:31] since I know /6 will have issues on IA-32 [03:33] anyway gotta go for about an hour, be back in a bit. [03:35] (what I really need is a guaranteed TASK_STACK_ALIGN, which should always be 16, to determine how much alignment the stack needs for randomization) === doko [n=doko@201.139.156.169.cableonline.com.mx] has joined #ubuntu-kernel === kimo [n=ahmed@196.202.31.155] has joined #ubuntu-kernel === zul [n=chuck@ubuntu/member/zul] has joined #ubuntu-kernel [06:33] yay [06:33] heylo [06:33] my patch looks nice now, and it still patches to the dapper one ;) [06:33] hey zul [06:33] hey bluefoxicy [06:34] http://rafb.net/paste/results/VblFVp66.html :> [06:35] hmm. Build fails. === bluefoxicy forgot something. *fixes* [06:36] didn't define a long I used in one function. [06:41] now it works. [06:42] http://rafb.net/paste/results/pOP53u33.html :) [06:44] shit. === bluefoxicy copied a chunk of code around without actually re-declaring the variable it uses, so he keeps finding spots where max_random_bits isn't defined >:| === ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-kernel === jane_ [n=JaneW@dsl-146-177-94.telkomadsl.co.za] has joined #ubuntu-kernel === ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-kernel === doko [n=doko@201.139.156.169.cableonline.com.mx] has joined #ubuntu-kernel === mgalvin [n=mgalvin@ubuntu/member/mgalvin] has joined #ubuntu-kernel === holden [n=holden@d83-184-201-205.cust.tele2.it] has joined #ubuntu-kernel [08:33] hi. does anyone know what /lib/modules/2.6.15-23-amd64-k8/volatile is for? [08:34] For linking non-free modules [08:35] mount reports: lrm on /lib/modules/2.6.15-23-amd64-k8/volatile type tmpfs (rw) [08:35] do I need it? how can i disable it? === ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-kernel === doko [n=doko@201.160.19.41.cableonline.com.mx] has joined #ubuntu-kernel === tuxmaniac [n=aanjhan@60.254.67.17] has joined #ubuntu-kernel