--MpKs5nvDfep3D9OD5ja2SG0WqFT5NdFsd
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGBQJYCiLkAAoJEOUbz4mlLlJxSnAQAJbbcd134h7yQh1ZI+Kh/+LC
PBB8VdhBfVxmGmwZhJxvW9qvv/+yaZnNc4fNxdEU6vyP+K1Bs1CuQU6kufZ/RI0c
U1fR8qPt5UvkQm9/sGfWv3Bh/RPefQgsEtJAjxNY4p7mQpF02kaqc4uR3MG+q8Y+
65yoSrfpvDH5Xefw9LTvBQsmerDXC1y5VACzz2ITziLzUkm0wTyhFKutT5DeeYuL
rPtIMnlPX6fhE2l3giPSbstfkZw0EOECTRa7gmbQE/IB0AxXYFINHEjZpNtraHZU
/y/KLKo8s27SU5fl29WXwgxqv6aMh8czu4n4EJrIRETfpZYUwiA6KYA+YyJDqzl3
0rcF9uDWi+4n0mfBuY/EhBIovUOj1oxR/dZUkQ2e7HUmxa0FrJSsV2aPmQHgXj2u
9Qx1brMOrCuHiVtmQ+fAfHn3U+YQjUGRiPQrnOOITwY1YZ3HHXqq/K/w9sSdg2WX
86JaxxKdzReABp+lvZNMfzOtBVdZqVqeYli9t5OkEQ0Fw5gN3AlelCw7XVq7RSKi
xAL9QKYlFHKNMxq+ioPL/L2x5eniruzHFiw1qZm3Z0R3S5h3noO2PvKhO7Q0KiVE
XhRmiw2IQajs0ca/+zjJYzvOwQYghmB7D9+xScqvjDB6qhmCWrqCDBoYEdR26Vum
9dBycntRxPgNUMjCTVPh
=mQRq
-----END PGP SIGNATURE-----
--MpKs5nvDfep3D9OD5ja2SG0WqFT5NdFsd--
=========================================================================
Date: Fri, 21 Oct 2016 18:12:34 +0100
Reply-To: Alan Bartlett <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Alan Bartlett <[log in to unmask]>
Subject: Re: Kernel Local Privilege Escalation - CVE-2016-5195
Comments: To: Akemi Yagi <[log in to unmask]>
Comments: cc: "[log in to unmask]"
<[log in to unmask]>
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Message-ID: <[log in to unmask]>
On 20 October 2016 at 23:32, Akemi Yagi <[log in to unmask]> wrote:
>
> As far as I can see, it is not trivial to apply the patch to the
> current EL kernels. Hopefully Red Hat publishes the patched kernel
> soon.
>
> But if you really need to run a fixed kernel today, I suggest you
> install the latest kernel-ml from ELRepo. It is version 4.8.3 and does
> contain the referenced patch.
>
> http://elrepo.org/tiki/kernel-ml
>
> Akemi
Further to Akemi's note (above), the latest kernel-lt (EL5, EL6 & EL7)
and the latest kernel-ml (EL6 & EL7) package sets, available from the
ELRepo Project, all contain the upstream patch (commit
19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619).
Alan.
=========================================================================
Date: Sat, 22 Oct 2016 18:02:54 +0200
Reply-To: Valentin B <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Valentin B <[log in to unmask]>
Subject: Cowroot vulnerability
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="57xw9xUg6hFjqWTbiXviubU0gG4jUDqq9"
Message-ID: <[log in to unmask]>
--57xw9xUg6hFjqWTbiXviubU0gG4jUDqq9
Content-Type: multipart/mixed; boundary="saKAn91gwrtAIJ2afhAElm7XE2PGnUfUW";
protected-headers="v1"
From: Valentin B <[log in to unmask]>
To: "[log in to unmask]"
<[log in to unmask]>
Message-ID: <[log in to unmask]>
Subject: Cowroot vulnerability
--saKAn91gwrtAIJ2afhAElm7XE2PGnUfUW
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hi,
Are there patches already available for the following exploits?
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs
--=20
Valentin Bajrami
Kapteyn Astronomical Institute
University of Groningen
Postbus 800
NL-9700 AV Groningen
The Netherlands
Phone: +31-(0)50-3634068
PGP Fingerprint: 50D7 E233 C2E0 1C81 BB7F F8D8 E51B CF89 A52E 5271
--saKAn91gwrtAIJ2afhAElm7XE2PGnUfUW--
--57xw9xUg6hFjqWTbiXviubU0gG4jUDqq9
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJYC42uAAoJEOUbz4mlLlJx8aYP/Rq5GA1B6jT/0pXHfwLtjuIE
U46TjjwXSDFXAmwwUgf1umgkZnJwQJGMI9rOAUnEA7PlDYkQ/pj+J1tNVv874poT
VwykeFl2It8ajIMXt7zmkVwPZLqo6lmm9uFdKVakOvNsfGjK89jFYvOFYyAtH5YH
+gQReMenvQXQkqr1eRdIe4a7wPhrixPqmMxYhMxbhyugL9+iV4F+MLPsa3pLU2dC
vXonjD5iRvwfbPQR72WKARWQUsQlOCtY1N4L71mxpSgQHHdTEsRKgGArojtG6sVo
4sO7aU4TmCviTvYdQLOeJ2Yzm2VeDvvl9ERhPzMM/Q9Y6ynK1+tW7GbXmgUgfTNd
y2WZRAAVi2Af8CZGBxlZyOWi+0JbNy8rqYFdr5I7viCg5Br7GxE1WFW71TO30VoK
1ot00avZxe+K21B38ZPG/H4kc1k8TVfhRtjaWsiRb9r067OzXB6WNVg0it4G3NQy
hW57YMwv8XHRD5nqBTZ10AZ81qT6jp0MCit1C9AdI2nJUR8ghj3pyKehmxg81s0G
cvjNYYmiAAGKpEGlfza5kRW03a2GtXeTyBK2SG70S4hx6QyraPXlQDAKc/gMLm4Q
O2YoOmRXt1SHVuOayYfYBbS6aBRpRTfiLW2oUylNR4lRWAhgaUKswhDw1IHd+LIx
3U/d9gCtxApsMHy+w6iD
=Nre1
-----END PGP SIGNATURE-----
--57xw9xUg6hFjqWTbiXviubU0gG4jUDqq9--
=========================================================================
Date: Sat, 22 Oct 2016 12:02:42 -0700
Reply-To: Akemi Yagi <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Akemi Yagi <[log in to unmask]>
Subject: Re: Xorg crashes
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Message-ID: <[log in to unmask]>
On Fri, Oct 21, 2016 at 7:15 AM, Valentin B <[log in to unmask]> wrote:
> Recently I upgraded a machine from 6.8 to 7.2 (Nitrogen). The machine is
> randomly frozen and nothing works afterwards. No ctrl+alt+f2,f3,f4 etc.
> The machine seems to be reponsive since I can ssh to it.
> 01:00.0 VGA compatible controller: NVIDIA Corporation GF116 [GeForce GTX
> 550 Ti] (rev a1)
> I've done some research on the net and saw the following links that
> describe the problem.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1158879
> https://bugs.freedesktop.org/show_bug.cgi?id=87819
> https://bbs.archlinux.org/viewtopic.php?id=188004
According to comment #23 of the 2nd link above (
https://bugs.freedesktop.org/show_bug.cgi?id=87819#c23 ),
"Module nouveau from linux-3.19.1 seems to fix the bug"
So, it may be worthwhile for you to test-install ELRepo's kernel-ml
which is at version 4.8.4.
However, a better solution could be to use ELRepo's Nvidia driver.
More details can be found at:
http://elrepo.org/tiki/nvidia-detect
Akemi
=========================================================================
Date: Sun, 23 Oct 2016 01:49:52 +0200
Reply-To: Valentin B <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Valentin B <[log in to unmask]>
Subject: Re: Xorg crashes
Comments: To: Akemi Yagi <[log in to unmask]>
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="t523iJr9dbKetU5d8LWuhDsOkkBso2XbX"
Message-ID: <[log in to unmask]>
--t523iJr9dbKetU5d8LWuhDsOkkBso2XbX
Content-Type: multipart/mixed; boundary="7WflvWPPKQA6xXX0b5rVvqJJ5tMwdjflm";
protected-headers="v1"
From: Valentin B <[log in to unmask]>
To: Akemi Yagi <[log in to unmask]>,
"[log in to unmask]"
<[log in to unmask]>
Message-ID: <[log in to unmask]>
Subject: Re: Xorg crashes
References: <[log in to unmask]>
<[log in to unmask]>
In-Reply-To: <[log in to unmask]>
--7WflvWPPKQA6xXX0b5rVvqJJ5tMwdjflm
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hi Akemi,
Thanks you for the links. I installed nvidia as you suggested. I'll just
have to wait and see if this fixes the problem.
Best,
Valentin
On 10/22/2016 09:02 PM, Akemi Yagi wrote:
> On Fri, Oct 21, 2016 at 7:15 AM, Valentin B <[log in to unmask]> wro=
te:
>=20
>> Recently I upgraded a machine from 6.8 to 7.2 (Nitrogen). The machine =
is
>> randomly frozen and nothing works afterwards. No ctrl+alt+f2,f3,f4 etc=
=2E
>> The machine seems to be reponsive since I can ssh to it.
>=20
>> 01:00.0 VGA compatible controller: NVIDIA Corporation GF116 [GeForce G=
TX
>> 550 Ti] (rev a1)
>=20
>=20
>> I've done some research on the net and saw the following links that
>> describe the problem.
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=3D1158879
>> https://bugs.freedesktop.org/show_bug.cgi?id=3D87819
>> https://bbs.archlinux.org/viewtopic.php?id=3D188004
>=20
> According to comment #23 of the 2nd link above (
> https://bugs.freedesktop.org/show_bug.cgi?id=3D87819#c23 ),
>=20
> "Module nouveau from linux-3.19.1 seems to fix the bug"
>=20
> So, it may be worthwhile for you to test-install ELRepo's kernel-ml
> which is at version 4.8.4.
>=20
> However, a better solution could be to use ELRepo's Nvidia driver.
> More details can be found at:
>=20
> http://elrepo.org/tiki/nvidia-detect
>=20
> Akemi
>=20
--=20
Valentin Bajrami
Kapteyn Astronomical Institute
University of Groningen
Postbus 800
NL-9700 AV Groningen
The Netherlands
Phone: +31-(0)50-3634068
PGP Fingerprint: 50D7 E233 C2E0 1C81 BB7F F8D8 E51B CF89 A52E 5271
--7WflvWPPKQA6xXX0b5rVvqJJ5tMwdjflm--
--t523iJr9dbKetU5d8LWuhDsOkkBso2XbX
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJYC/sjAAoJEOUbz4mlLlJxmOgP/0NUCcvmw0wMshI8vTHA13wy
zOxolCnEmaYXpmbGRmUPv3noBptRBkLL9n1KFeyOUnVjNwXh44a83mWNIm9b4pZw
Nek+nip30SO9yg/pP2Gdu7oduNf9+w2ROin3ejK3a8eCvub0hYxWYRw7ysJqSQlb
Jn9XZvKHQWAwNYwPlUagxOwWFUBNvXc4AWBUqWrNPWqXDzZXncsjiAbo7bWPuTtL
b06FqQA7WGGiPOlELqmxThxycjQiAi+cFNaHarBhDpR1mk5TMwJsBvnzT2IuZTBA
RMqX2byS6Z+L7PNkyi51qrSvPWW2etEmZeF7YTnPsL953yYy/TDAyoWQ+YtEy9RL
r/o1FB5HnVmL9wKoUg6/jIkXHy7abe69VJZCnZPfWhc02NoIROhRlcySAKG+RGwf
vwLWnusLsfeGLaK2oGI7bLOdRdANal4uFEeuErX1VRSo2S29antDw4y2Tvl8tJyg
od8l/5os55gA7Gi09cKqHFiF/LhJ4ATkxr7yreIhUj9GxIa9fgfkWqkuwTKxoLhQ
o+04GLCSPUSpTsFIek2EKYO+cTZG+7IGj+OkpBe6v1kUEpmYtFJmt3wlhAD8KEQr
/CRouwlPgYb3Ne7BQ06HW2SGpoyxHXiiDU49B46L5aCYhIXBanQTqsYSNj0WWU+L
NIGNsXW6XOYxM6usHLLH
=isa4
-----END PGP SIGNATURE-----
--t523iJr9dbKetU5d8LWuhDsOkkBso2XbX--
=========================================================================
Date: Mon, 24 Oct 2016 09:09:01 -0500
Reply-To: Pat Riehecky <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Pat Riehecky <[log in to unmask]>
Subject: Re: Cowroot vulnerability
Comments: To: Valentin B <[log in to unmask]>
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 7bit
Message-ID: <[log in to unmask]>
Updated packages for SL7 are currently compiling.
Pat
On 10/22/2016 11:02 AM, Valentin B wrote:
> Hi,
>
> Are there patches already available for the following exploits?
>
> https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs
>
>
=========================================================================
Date: Mon, 24 Oct 2016 11:02:30 -0500
Reply-To: Pat Riehecky <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Pat Riehecky <[log in to unmask]>
Subject: Re: Cowroot vulnerability
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 7bit
Message-ID: <[log in to unmask]>
Published
On 10/24/2016 09:09 AM, Pat Riehecky wrote:
> Updated packages for SL7 are currently compiling.
>
> Pat
>
> On 10/22/2016 11:02 AM, Valentin B wrote:
>> Hi,
>>
>> Are there patches already available for the following exploits?
>>
>> https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs
>>
>>
=========================================================================
Date: Mon, 24 Oct 2016 22:13:02 +0200
Reply-To: Valentin B <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Valentin B <[log in to unmask]>
Subject: Re: Cowroot vulnerability
Comments: To: Pat Riehecky <[log in to unmask]>
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="s7uK1MLfEK5goUXk1Vn7r5SIiFsDJp5s6"
Message-ID: <[log in to unmask]>
--s7uK1MLfEK5goUXk1Vn7r5SIiFsDJp5s6
Content-Type: multipart/mixed; boundary="QSMRpXqnnWiieXJXKUrS7CPuDbMWhuptC";
protected-headers="v1"
From: Valentin B <[log in to unmask]>
To: Pat Riehecky <[log in to unmask]>, [log in to unmask]
Message-ID: <[log in to unmask]>
Subject: Re: [SCIENTIFIC-LINUX-DEVEL] Cowroot vulnerability
References: <[log in to unmask]>
<[log in to unmask]>
<[log in to unmask]>
In-Reply-To: <[log in to unmask]>
--QSMRpXqnnWiieXJXKUrS7CPuDbMWhuptC
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hi Pat,
If this patch / fix was applied to kernel 3.10.0-327.36.3.el7.x86_64
then it seems to me more of a mitigation / blocker instead.
The patch applied to 4.7.9-200.fc24.x86_64 on Fedora 24 seems more of a
proper fix. The cowroot vulnerability doesn't get the chance to be
executed at all.
Best regards,
Valentin
On 10/24/2016 06:02 PM, Pat Riehecky wrote:
> Published
>=20
> On 10/24/2016 09:09 AM, Pat Riehecky wrote:
>> Updated packages for SL7 are currently compiling.
>>
>> Pat
>>
>> On 10/22/2016 11:02 AM, Valentin B wrote:
>>> Hi,
>>>
>>> Are there patches already available for the following exploits?
>>>
>>> https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs
>>>
>>>
--=20
Valentin Bajrami
Kapteyn Astronomical Institute
University of Groningen
Postbus 800
NL-9700 AV Groningen
The Netherlands
Phone: +31-(0)50-3634068
PGP Fingerprint: 50D7 E233 C2E0 1C81 BB7F F8D8 E51B CF89 A52E 5271
--QSMRpXqnnWiieXJXKUrS7CPuDbMWhuptC--
--s7uK1MLfEK5goUXk1Vn7r5SIiFsDJp5s6
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJYDmtQAAoJEOUbz4mlLlJx6ikP+QEg7iQa1SsUKIz+CjGU7NgG
5DMB8nue0X9FN5mNo1c00P6o0A5EquAqL1c7Pn6YehbgkRG75gQ5BePbocOcamvi
heTfkZYPpd2o8UnpLAa3dk6HL8T+/v/4Jp3wNNscWIeEBKDwOFjRkV35Zxt2yrJA
zdaTiKzjt3e+dl2of55c5ucwzy75XLkUGf4Ncioxs9Wc6hVhl7UxKpLEnaZQwAEm
SY2p3sJY/0lBnoIyL+tX98It0k9arth95dB0sMKOWi5n+qVtAhqfjGX+7iHRiwvy
eFPIf1Yxzog+m0j8qH3161HuiNDt4joMe47ggMIjIVWN6OO4zY4omVoV1rZTkoDI
9G68e7xGCTTIXTaTUCFL4c3JnGe4lW7KGxWOi/eBx3Uu7xfNbqguS/aaOrQK+B3b
zK5ZiV5gIZuZl+oLI2zyKKWr2s0Old3eKeyZUOz64lJ6m7M3hfFBmRv6MmsYFM7K
P7zmFXi99h6HXB90WTpzWeN4QF/psbmAvgX+ybDhxnGDlaPpBYOCAvfMDwETQU1h
JD6lgcdhW8xso9YewCPCVfldjii2AkZoGDAY8PAGm6ndUtb9filHgJe3ZYlXz92b
+1BKX72BPAFArNODXCivBe3e7wg98JMtX1S/V7xKBTtQBz7pZJZ1Hx6McZNlEO77
u23/RrF/+5lJwaKLhlqH
=Vbxi
-----END PGP SIGNATURE-----
--s7uK1MLfEK5goUXk1Vn7r5SIiFsDJp5s6--
=========================================================================
Date: Mon, 24 Oct 2016 17:04:45 -0700
Reply-To: Akemi Yagi <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Akemi Yagi <[log in to unmask]>
Subject: Re: Cowroot vulnerability
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Message-ID: <[log in to unmask]>
Hi Valentin,
On Mon, Oct 24, 2016 at 1:13 PM, Valentin B <[log in to unmask]> wrote:
> Hi Pat,
>
> If this patch / fix was applied to kernel 3.10.0-327.36.3.el7.x86_64
> then it seems to me more of a mitigation / blocker instead.
Which "patch / fix" are you referring to? Could you elaborate?
I believe the patch applied to the 7.2 kernel is in principle the same
as what appeared in the upstream kernels at kernel.org. The two
patches are not identical due to rather heavy modifications done to
the RHEL kernel.
> The patch applied to 4.7.9-200.fc24.x86_64 on Fedora 24 seems more of a
> proper fix. The cowroot vulnerability doesn't get the chance to be
> executed at all.
>
> Best regards,
> Valentin
Akemi
=========================================================================
Date: Tue, 25 Oct 2016 09:48:43 +0200
Reply-To: Valentin B <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Valentin B <[log in to unmask]>
Subject: Re: Cowroot vulnerability
Comments: To: Akemi Yagi <[log in to unmask]>
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="caOsQBL6huKbQJnXFMbuWHMkoTNEXvcGc"
Message-ID: <[log in to unmask]>
--caOsQBL6huKbQJnXFMbuWHMkoTNEXvcGc
Content-Type: multipart/mixed; boundary="qDK4j3fGQBNoxmSV0gvGARLfEtEgL2n6n";
protected-headers="v1"
From: Valentin B <[log in to unmask]>
To: Akemi Yagi <[log in to unmask]>,
"[log in to unmask]"
<[log in to unmask]>
Message-ID: <[log in to unmask]>
Subject: Re: [SCIENTIFIC-LINUX-DEVEL] Cowroot vulnerability
References: <[log in to unmask]>
<[log in to unmask]>
<[log in to unmask]>
<[log in to unmask]>
<[log in to unmask]>
In-Reply-To: <[log in to unmask]>
--qDK4j3fGQBNoxmSV0gvGARLfEtEgL2n6n
Content-Type: multipart/alternative;
boundary="------------879D21E337084F1FB0855FBC"
This is a multi-part message in MIME format.
--------------879D21E337084F1FB0855FBC
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hi Akemi,
The fix allows me to run the cow vulnerability but it blocks which is goo=
d.
See the following:
DirtyCow root privilege escalation
Backing up /usr/bin/passwd to /tmp/bak
Size of binary: 27832
Racing, this may take a while..
thread stopped
thread stopped
Based on the following bug report
https://bugzilla.redhat.com/show_bug.cgi?id=3D1384344#c13
, I had compiled a similar module which does the same
1) Download kernel-debuginfo and kernel-debuginfo-common
yum install kernel-debuginfo kernel-debuginfo-common --enablerepo=3D*
2) Create a file mitigation.stp with the following content:
probe kernel.function("mem_write").call ? {
$count =3D 0
}
probe syscall.ptrace { // includes compat ptrace as well
$request =3D 0xfff
}
probe begin {
printk(0, "CVE-2016-5195 mitigation loaded")
}
probe end {
printk(0, "CVE-2016-5195 mitigation unloaded")
}
3) Build the module
stap -g -p 4 mitigation.stp
4) module file is placed in the following location=20
/root/.systemtap/cache/f4/stap_f4efcb030069a07d7cacae195d59169a_65631.ko
5)
staprun -L stap_f4efcb030069a07d7cacae195d59169a_65631.ko
6) Deploy and run the module on all affected machines.
So my question is, what has been exactly patched to the recently upstream=
kernel.
Valentin
On 10/25/2016 02:04 AM, Akemi Yagi wrote:
> Hi Valentin,
>
> On Mon, Oct 24, 2016 at 1:13 PM, Valentin B <[log in to unmask]> wro=
te:
>> Hi Pat,
>>
>> If this patch / fix was applied to kernel 3.10.0-327.36.3.el7.x86_64
>> then it seems to me more of a mitigation / blocker instead.
> Which "patch / fix" are you referring to? Could you elaborate?
>
> I believe the patch applied to the 7.2 kernel is in principle the same
> as what appeared in the upstream kernels at kernel.org. The two
> patches are not identical due to rather heavy modifications done to
> the RHEL kernel.
>
>> The patch applied to 4.7.9-200.fc24.x86_64 on Fedora 24 seems more of =
a
>> proper fix. The cowroot vulnerability doesn't get the chance to be
>> executed at all.
>>
>> Best regards,
>> Valentin
> Akemi
--=20
Valentin Bajrami
Kapteyn Astronomical Institute
University of Groningen
Postbus 800
NL-9700 AV Groningen
The Netherlands
Phone: +31-(0)50-3634068
PGP Fingerprint: 50D7 E233 C2E0 1C81 BB7F F8D8 E51B CF89 A52E 5271
--------------879D21E337084F1FB0855FBC
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta content=3D"text/html; charset=3Dutf-8" http-equiv=3D"Content-Ty=
pe">
</head>
<body bgcolor=3D"#FFFFFF" text=3D"#000000">
<p><tt>Hi Akemi,</tt></p>
<p><tt>The fix allows me to run the cow vulnerability but it blocks
which is good. <br>
</tt></p>
<p><tt>See the following:</tt></p>
<p><tt>DirtyCow root privilege escalation<br>
Backing up /usr/bin/passwd to /tmp/bak<br>
Size of binary: 27832<br>
Racing, this may take a while..<br>
thread stopped<br>
thread stopped<br>
</tt></p>
<p><tt>Based on the following bug report </tt></p>
<pre wrap=3D""><a class=3D"moz-txt-link-freetext" href=3D"https://bug=
zilla.redhat.com/show_bug.cgi?id=3D1384344#c13">https://bugzilla.redhat.c=
om/show_bug.cgi?id=3D1384344#c13</a></pre>
<p><tt>, I had compiled a similar module which does the same</tt><br>=
<tt></tt></p>
<pre wrap=3D"">
1) Download kernel-debuginfo and kernel-debuginfo-common
yum install kernel-debuginfo kernel-debuginfo-common --enablerepo=3D*
2) Create a file mitigation.stp with the following content:
probe kernel.function("mem_write").call ? {
$count =3D 0
}
probe syscall.ptrace { // includes compat ptrace as well
$request =3D 0xfff
}
probe begin {
printk(0, "CVE-2016-5195 mitigation loaded")
}
probe end {
printk(0, "CVE-2016-5195 mitigation unloaded")
}
3) Build the module
stap -g -p 4 mitigation.stp
4) module file is placed in the following location=20
<i class=3D"moz-txt-slash"><span class=3D"moz-txt-tag">/</span>root<span =
class=3D"moz-txt-tag">/</span></i>.systemtap/cache/f4/stap_f4efcb030069a0=
7d7cacae195d59169a_65631.ko
5)
staprun -L stap_f4efcb030069a07d7cacae195d59169a_65631.ko
6) Deploy and run the module on all affected machines.
So my question is, what has been exactly patched to the recently upstream=
kernel.
Valentin
</pre>
<div class=3D"moz-cite-prefix">On 10/25/2016 02:04 AM, Akemi Yagi
wrote:<br>
</div>
<blockquote
cite=3D"mid:[log in to unmask]
ail.com"
type=3D"cite">
<pre wrap=3D"">Hi Valentin,
On Mon, Oct 24, 2016 at 1:13 PM, Valentin B <a class=3D"moz-txt-link-rfc2=
396E" href=3D"mailto:[log in to unmask]"><[log in to unmask]>=
</a> wrote:
</pre>
<blockquote type=3D"cite">
<pre wrap=3D"">Hi Pat,
If this patch / fix was applied to kernel 3.10.0-327.36.3.el7.x86_64
then it seems to me more of a mitigation / blocker instead.
</pre>
</blockquote>
<pre wrap=3D"">
Which "patch / fix" are you referring to? Could you elaborate?
I believe the patch applied to the 7.2 kernel is in principle the same
as what appeared in the upstream kernels at kernel.org. The two
patches are not identical due to rather heavy modifications done to
the RHEL kernel.
</pre>
<blockquote type=3D"cite">
<pre wrap=3D"">The patch applied to 4.7.9-200.fc24.x86_64 on Fedo=
ra 24 seems more of a
proper fix. The cowroot vulnerability doesn't get the chance to be
executed at all.
Best regards,
Valentin
</pre>
</blockquote>
<pre wrap=3D"">
Akemi
</pre>
</blockquote>
<br>
<pre class=3D"moz-signature" cols=3D"72">--=20
Valentin Bajrami
Kapteyn Astronomical Institute
University of Groningen
Postbus 800
NL-9700 AV Groningen
The Netherlands
Phone: +31-(0)50-3634068
PGP Fingerprint: 50D7 E233 C2E0 1C81 BB7F F8D8 E51B CF89 A52E 5271</pre>
</body>
</html>
--------------879D21E337084F1FB0855FBC--
--qDK4j3fGQBNoxmSV0gvGARLfEtEgL2n6n--
--caOsQBL6huKbQJnXFMbuWHMkoTNEXvcGc
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGBQJYDw5bAAoJEOUbz4mlLlJxDkYP/3hfFwroJBykHuZTad3dDBdb
zESCFr63RqZE0cpekQX/iIU0LXd+te51ixtl7qFIBBRuVqH9C+S+4r+ci4WHXGUn
Rp5w1qqtfTgUOnDhYfLmQM4IrSnLp+8jmDDP3CAc0+lxaeLwaJh46XrLVNf/oEdE
9eyNJgPBESfQie+KqyZpE8E2pv/v3B3S7n2clNqdLVJx1o7S5EyR2zt2KyPozDz0
x1RswpHTBnFH5j9i9W0Hr+qvK78WaMkJaBs9eImHxdJRroUvCftdaO1Wp1PFhODT
lahm4VOd+zH9Bgfi3lcnRe7rUm5T7pPr/paDqLCB4YWEtoU/hM5x/ppFCVOli0kX
qvETmw+OX2oY5i0SJoNciVTRmKYNrnmBzho8dBN0zTU9StzaDrxtPf3wm/BemPfC
oFOn1u/laIhnMwWqiCHs499HAR2pDKx8AAns6sw2GxBzJbnxz4xNtXOnh7vByNEC
v8xsLQKrnCqAe54ZvFqy9C7Je1MMZSt9LyI2qH8mepmgfrllTZf+DdfKix6V015x
ClV5bBDw/iDCTpHQKWuNRZHhcxzrFCnNhBcuxuYA5GZ7BTQL/4EjGHfSg5jfrI1Q
h5Em22gs9AIJoxcdyNPne54Fzcq0qBeuDZCHtW96/9u8vV7XMeit3g6pEPSE7Wx2
x2xoiXJdSd8R+v1XZKcn
=g2JX
-----END PGP SIGNATURE-----
--caOsQBL6huKbQJnXFMbuWHMkoTNEXvcGc--
=========================================================================
Date: Tue, 25 Oct 2016 05:40:15 -0700
Reply-To: Akemi Yagi <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Akemi Yagi <[log in to unmask]>
Subject: Re: Cowroot vulnerability
Comments: To: Valentin B <[log in to unmask]>
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="001a11c16282aaefb3053fafd09c"
Message-ID: <[log in to unmask]>
--001a11c16282aaefb3053fafd09c
Content-Type: text/plain; charset="UTF-8"
On Tue, Oct 25, 2016 at 12:48 AM, Valentin B <[log in to unmask]> wrote:
> Hi Akemi,
>
> The fix allows me to run the cow vulnerability but it blocks which is good.
>
> See the following:
>
> DirtyCow root privilege escalation
> Backing up /usr/bin/passwd to /tmp/bak
> Size of binary: 27832
> Racing, this may take a while..
> thread stopped
> thread stopped
(snip)
> So my question is, what has been exactly patched to the recently upstream
> kernel.
Thanks for the detailed note.
Because the source code is available, I did a diff between kernels
3.10.0-327.36.2.el7 and 3.10.0-327.36.3.el7 and am attaching it for
anyone to see.
Akemi
--001a11c16282aaefb3053fafd09c
Content-Type: text/plain; charset="US-ASCII"; name="362to363.diff"
Content-Disposition: attachment; filename="362to363.diff"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_iuphb4qo1
ZGlmZiAtdU5wciBsaW51eC0zLjEwLjAtMzI3LjM2LjIuZWw3L2luY2x1ZGUvbGludXgvbW0uaCBs
aW51eC0zLjEwLjAtMzI3LjM2LjMuZWw3L2luY2x1ZGUvbGludXgvbW0uaAotLS0gbGludXgtMy4x
MC4wLTMyNy4zNi4yLmVsNy9pbmNsdWRlL2xpbnV4L21tLmgJMjAxNi0wOS0yNyAxMToxOToxNy4w
MDAwMDAwMDAgLTA3MDAKKysrIGxpbnV4LTMuMTAuMC0zMjcuMzYuMy5lbDcvaW5jbHVkZS9saW51
eC9tbS5oCTIwMTYtMTAtMTkgMjM6NDM6MjEuMDAwMDAwMDAwIC0wNzAwCkBAIC0xOTcxLDYgKzE5
NzEsNyBAQCBzdGF0aWMgaW5saW5lIHN0cnVjdCBwYWdlICpmb2xsb3dfcGFnZShzCiAjZGVmaW5l
IEZPTExfTlVNQQkweDIwMAkvKiBmb3JjZSBOVU1BIGhpbnRpbmcgcGFnZSBmYXVsdCAqLwogI2Rl
ZmluZSBGT0xMX01JR1JBVElPTgkweDQwMAkvKiB3YWl0IGZvciBwYWdlIHRvIHJlcGxhY2UgbWln
cmF0aW9uIGVudHJ5ICovCiAjZGVmaW5lIEZPTExfVFJJRUQJMHg4MDAJLyogYSByZXRyeSwgcHJl
dmlvdXMgcGFzcyBzdGFydGVkIGFuIElPICovCisjZGVmaW5lIEZPTExfQ09XCTB4NDAwMAkvKiBp
bnRlcm5hbCBHVVAgZmxhZyAqLwogCiB0eXBlZGVmIGludCAoKnB0ZV9mbl90KShwdGVfdCAqcHRl
LCBwZ3RhYmxlX3QgdG9rZW4sIHVuc2lnbmVkIGxvbmcgYWRkciwKIAkJCXZvaWQgKmRhdGEpOwpk
aWZmIC11TnByIGxpbnV4LTMuMTAuMC0zMjcuMzYuMi5lbDcvTWFrZWZpbGUgbGludXgtMy4xMC4w
LTMyNy4zNi4zLmVsNy9NYWtlZmlsZQotLS0gbGludXgtMy4xMC4wLTMyNy4zNi4yLmVsNy9NYWtl
ZmlsZQkyMDE2LTA5LTI3IDExOjE5OjE3LjAwMDAwMDAwMCAtMDcwMAorKysgbGludXgtMy4xMC4w
LTMyNy4zNi4zLmVsNy9NYWtlZmlsZQkyMDE2LTEwLTE5IDIzOjQzOjIxLjAwMDAwMDAwMCAtMDcw
MApAQCAtNSw3ICs1LDcgQEAgRVhUUkFWRVJTSU9OID0KIE5BTUUgPSBVbmljeWNsaW5nIEdvcmls
bGEKIFJIRUxfTUFKT1IgPSA3CiBSSEVMX01JTk9SID0gMgotUkhFTF9SRUxFQVNFID0gMzI3LjM2
LjIKK1JIRUxfUkVMRUFTRSA9IDMyNy4zNi4zCiBSSEVMX0RSTV9WRVJTSU9OID0gNAogUkhFTF9E
Uk1fUEFUQ0hMRVZFTCA9IDEKIFJIRUxfRFJNX1NVQkxFVkVMID0gMApkaWZmIC11TnByIGxpbnV4
LTMuMTAuMC0zMjcuMzYuMi5lbDcvbW0vbWVtb3J5LmMgbGludXgtMy4xMC4wLTMyNy4zNi4zLmVs
Ny9tbS9tZW1vcnkuYwotLS0gbGludXgtMy4xMC4wLTMyNy4zNi4yLmVsNy9tbS9tZW1vcnkuYwky
MDE2LTA5LTI3IDExOjE5OjE3LjAwMDAwMDAwMCAtMDcwMAorKysgbGludXgtMy4xMC4wLTMyNy4z
Ni4zLmVsNy9tbS9tZW1vcnkuYwkyMDE2LTEwLTE5IDIzOjQzOjIxLjAwMDAwMDAwMCAtMDcwMApA
QCAtMTMxLDYgKzEzMSwxNSBAQCBzdGF0aWMgaW50IF9faW5pdCBpbml0X3plcm9fcGZuKHZvaWQp
CiB9CiBjb3JlX2luaXRjYWxsKGluaXRfemVyb19wZm4pOwogCisvKgorICogRk9MTF9GT1JDRSBj
YW4gd3JpdGUgdG8gZXZlbiB1bndyaXRhYmxlIHB0ZSdzLCBidXQgb25seQorICogYWZ0ZXIgd2Un
dmUgZ29uZSB0aHJvdWdoIGEgQ09XIGN5Y2xlIGFuZCB0aGV5IGFyZSBkaXJ0eS4KKyAqLworc3Rh
dGljIGlubGluZSBib29sIGNhbl9mb2xsb3dfd3JpdGVfcHRlKHB0ZV90IHB0ZSwgdW5zaWduZWQg
aW50IGZsYWdzKQoreworCXJldHVybiBwdGVfd3JpdGUocHRlKSB8fAorCQkoKGZsYWdzICYgRk9M
TF9GT1JDRSkgJiYgKGZsYWdzICYgRk9MTF9DT1cpICYmIHB0ZV9kaXJ0eShwdGUpKTsKK30KIAog
I2lmIGRlZmluZWQoU1BMSVRfUlNTX0NPVU5USU5HKQogCkBAIC0xNTg4LDcgKzE1OTcsNyBAQCBz
cGxpdF9mYWxsdGhyb3VnaDoKIAl9CiAJaWYgKChmbGFncyAmIEZPTExfTlVNQSkgJiYgcHRlX251
bWEocHRlKSkKIAkJZ290byBub19wYWdlOwotCWlmICgoZmxhZ3MgJiBGT0xMX1dSSVRFKSAmJiAh
cHRlX3dyaXRlKHB0ZSkpCisJaWYgKChmbGFncyAmIEZPTExfV1JJVEUpICYmICFjYW5fZm9sbG93
X3dyaXRlX3B0ZShwdGUsIGZsYWdzKSkKIAkJZ290byB1bmxvY2s7CiAKIAlwYWdlID0gdm1fbm9y
bWFsX3BhZ2Uodm1hLCBhZGRyZXNzLCBwdGUpOwpAQCAtMTkwMCw3ICsxOTA5LDcgQEAgbG9uZyBf
X2dldF91c2VyX3BhZ2VzKHN0cnVjdCB0YXNrX3N0cnVjdAogCQkJCSAqLwogCQkJCWlmICgocmV0
ICYgVk1fRkFVTFRfV1JJVEUpICYmCiAJCQkJICAgICEodm1hLT52bV9mbGFncyAmIFZNX1dSSVRF
KSkKLQkJCQkJZm9sbF9mbGFncyAmPSB+Rk9MTF9XUklURTsKKwkJCQkJZm9sbF9mbGFncyB8PSBG
T0xMX0NPVzsKIAogCQkJCWNvbmRfcmVzY2hlZCgpOwogCQkJfQo=
--001a11c16282aaefb3053fafd09c--
=========================================================================
Date: Thu, 27 Oct 2016 15:51:11 +0200
Reply-To: Valentin B <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Valentin B <[log in to unmask]>
Subject: intel i915 driver problems
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="NbU0i7soI7Fc2po0hmu2ej6190WuDOdHB"
Message-ID: <[log in to unmask]>
--NbU0i7soI7Fc2po0hmu2ej6190WuDOdHB
Content-Type: multipart/mixed; boundary="HVhpNLrdJa9HRK4cEa84Q1Vmetd6E8tj5";
protected-headers="v1"
From: Valentin B <[log in to unmask]>
To: "[log in to unmask]"
<[log in to unmask]>
Message-ID: <[log in to unmask]>
Subject: intel i915 driver problems
--HVhpNLrdJa9HRK4cEa84Q1Vmetd6E8tj5
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hi,
On a machine with the intel integrated card, more specifically
00:02.0 VGA compatible controller: Intel Corporation Sky Lake Integrated
Graphics (rev 06)
seem to be some issues with recognizing the monitor properties.
Running `xrandr` the following output is displayed:
xrandr: Failed to get size of gamma for output default
Screen 0: minimum 1024 x 768, current 1024 x 768, maximum 1024 x 768
default connected primary 1024x768+0+0 0mm x 0mm
1024x768 76.00*
I've managed to solve the problem using the following steps as also
explained here:
http://www.linuxquestions.org/questions/centos-111/cannot-change-screen-r=
esolution-on-unknown-display-in-centos7-4175583712/
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm=
yum install yum-plugin-fastestmirror
yum --enablerepo=3Delrepo-kernel install kernel-ml
I actually would like to avoid using kernel-ml since this doesn't
provide any warranty concerning security and system stability in
general. Has anyone been able to solve the problem differently?
Thanks!
--=20
Valentin Bajrami
Kapteyn Astronomical Institute
University of Groningen
Postbus 800
NL-9700 AV Groningen
The Netherlands
Phone: +31-(0)50-3634068
PGP Fingerprint: 50D7 E233 C2E0 1C81 BB7F F8D8 E51B CF89 A52E 5271
--HVhpNLrdJa9HRK4cEa84Q1Vmetd6E8tj5--
--NbU0i7soI7Fc2po0hmu2ej6190WuDOdHB
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGBQJYEgZPAAoJEOUbz4mlLlJxSdEP/3SCsP/hWsthQuoUu1W2eXPH
79GGlcal18yPBlMvDfQyfW1eNUI4K8Y8R0T7fkrHr/XZLE8keQk20vidFZYdFdDb
1A8IDeZqkiiPpqVDhOt04Zk6VB1bqVxVxQFKHGgE1mIgoAcAcni/SysCF05WTdiM
wKOCx1dyYrwnx1jOVm2l/t0g8Pf6vRx2b9Fi+zfmcZF9fadMcUwzNG0F3MPbbtBi
T5X3xoCVhIkDW8xgEOPYVZXr7KbKUNTvHJP35ufoUhh13FvSC5XzX56oX7BCVIJY
/JmEdX0QlgT8aAuAOFIODcp0IFH3DJl/X+xsCMuOBD8693z7w/sKgQAm08TX3maR
79y7hIBNv+oXCpoDZ5vLMz5BpNaA9sKZaEvMUr3Xg86JdXfX3bNlwRWVpEVOEJo4
FX/DekB6dmVi/YiJBxSwGzexCPPpR1CHEKy66IreZEspU9G9w7JScnKQScS0JbDT
LPXHCn1tsWRUxI/U/TEnmRUVf8YG1TsxYHOfGvy5XhAMsqzElxKEVoAMvNlA9ID9
Pd3z5OtuEQY/UUkpTv+eRVI/lDrvl8IznEnuYQkqy6l52E+LLYo2hIWq4pflxCup
nBD6H5VEjvkKrj3+kxFeNrO86X+yCUhHMyQH/MBJDX7S0FK7+HoDm1fYP9hx2m3B
5Hc5aDCCRkP8h+WFHMPt
=L3c/
-----END PGP SIGNATURE-----
--NbU0i7soI7Fc2po0hmu2ej6190WuDOdHB--
=========================================================================
Date: Thu, 27 Oct 2016 08:54:23 -0500
Reply-To: Pat Riehecky <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Pat Riehecky <[log in to unmask]>
Subject: Re: intel i915 driver problems
Comments: To: Valentin B <[log in to unmask]>
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 7bit
Message-ID: <[log in to unmask]>
Might this be related? https://bugzilla.redhat.com/show_bug.cgi?id=1306841
On 10/27/2016 08:51 AM, Valentin B wrote:
> Hi,
>
> On a machine with the intel integrated card, more specifically
>
> 00:02.0 VGA compatible controller: Intel Corporation Sky Lake Integrated
> Graphics (rev 06)
>
> seem to be some issues with recognizing the monitor properties.
>
> Running `xrandr` the following output is displayed:
>
> xrandr: Failed to get size of gamma for output default
> Screen 0: minimum 1024 x 768, current 1024 x 768, maximum 1024 x 768
> default connected primary 1024x768+0+0 0mm x 0mm
> 1024x768 76.00*
>
>
> I've managed to solve the problem using the following steps as also
> explained here:
> http://www.linuxquestions.org/questions/centos-111/cannot-change-screen-resolution-on-unknown-display-in-centos7-4175583712/
>
>
> rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
> rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
> yum install yum-plugin-fastestmirror
> yum --enablerepo=elrepo-kernel install kernel-ml
>
>
> I actually would like to avoid using kernel-ml since this doesn't
> provide any warranty concerning security and system stability in
> general. Has anyone been able to solve the problem differently?
>
> Thanks!
=========================================================================
Date: Thu, 27 Oct 2016 15:56:22 +0200
Reply-To: Valentin B <[log in to unmask]>
Sender: Mailing list for Scientific Linux developers worldwide
<[log in to unmask]>
From: Valentin B <[log in to unmask]>
Subject: Re: intel i915 driver problems
Comments: To: Pat Riehecky <[log in to unmask]>
In-Reply-To: <[log in to unmask]>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="axUUDNW1S7Rr7mKInPw15mnp8OwLi7Q9A"
Message-ID: <[log in to unmask]>
--axUUDNW1S7Rr7mKInPw15mnp8OwLi7Q9A
Content-Type: multipart/mixed; boundary="O5JOGq0kEWwJ0p5ejqw59P2GTe0SUhImp";
protected-headers="v1"
From: Valentin B <[log in to unmask]>
To: Pat Riehecky <[log in to unmask]>, [log in to unmask]
Message-ID: <[log in to unmask]>
Subject: Re: [SCIENTIFIC-LINUX-DEVEL] intel i915 driver problems
References: <[log in to unmask]>
<[log in to unmask]>
In-Reply-To: <[log in to unmask]>
--O5JOGq0kEWwJ0p5ejqw59P2GTe0SUhImp
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hi Pat,
This is exactly the same problem I'm experiencing. I'll have to wait
till 7.3 is pushed out then. Thanks for your quick response.
Valentin
On 10/27/2016 03:54 PM, Pat Riehecky wrote:
> Might this be related? https://bugzilla.redhat.com/show_bug.cgi?id=3D13=
06841
>=20
> On 10/27/2016 08:51 AM, Valentin B wrote:
>> Hi,
>>
>> On a machine with the intel integrated card, more specifically
>>
>> 00:02.0 VGA compatible controller: Intel Corporation Sky Lake Integrat=
ed
>> Graphics (rev 06)
>>
>> seem to be some issues with recognizing the monitor properties.
>>
>> Running `xrandr` the following output is displayed:
>>
>> xrandr: Failed to get size of gamma for output default
>> Screen 0: minimum 1024 x 768, current 1024 x 768, maximum 1024 x 768
>> default connected primary 1024x768+0+0 0mm x 0mm
>> 1024x768 76.00*
>>
>>
>> I've managed to solve the problem using the following steps as also
>> explained here:
>> http://www.linuxquestions.org/questions/centos-111/cannot-change-scree=
n-resolution-on-unknown-display-in-centos7-4175583712/
>>
>>
>>
>> rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
>> rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.=
rpm
>> yum install yum-plugin-fastestmirror
>> yum --enablerepo=3Delrepo-kernel install kernel-ml
>>
>>
>> I actually would like to avoid using kernel-ml since this doesn't
>> provide any warranty concerning security and system stability in
>> general. Has anyone been able to solve the problem differently?
>>
>> Thanks!
--=20
Valentin Bajrami
Kapteyn Astronomical Institute
University of Groningen
Postbus 800
NL-9700 AV Groningen
The Netherlands
Phone: +31-(0)50-3634068
PGP Fingerprint: 50D7 E233 C2E0 1C81 BB7F F8D8 E51B CF89 A52E 5271
--O5JOGq0kEWwJ0p5ejqw59P2GTe0SUhImp--
--axUUDNW1S7Rr7mKInPw15mnp8OwLi7Q9A
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGBQJYEgeGAAoJEOUbz4mlLlJx9qQQAKKtFrQPHLMK9fzCTWKkKyYC
84vZPqaSBFf6wEPrxQaqRa+4BE8aShMjGyeWzcNhb/k6TsIOqvgMCQpkRntJjcFg
DVravVw5GhXCpeJGnxjwVjv/ARBl0m+qq62lX5ljmm4K54CX7M3oYCeVUhpaCEQf
fZM0QmKyJkd0PNl1nCKwYOjaUf2GShne+W5ogF1aMnGw2ygpS+g1d/cLzNoZTyTO
g2gc7IaqTnq1tZsYgvQfDq9Dmgh6oQXIp+rizGRFrZakmm6w62J7Q9kxDjnojfvM
NDdr8XiL3i6UtTEgvGtuWfwTABWmp7s7OVQLRJdQUffNRg29IuhHdbVWfnMkYTPK
iaUbF4PjFiBCTeToB3rrKmEcI2FI+30RBT0SV1hG3KUXgpCnTn/qDp8fUtF/K/mn
n1+YTkBRXMmDz22i94i2pBA498Y3Ots1BYl2vQ+hc9pBCnVVwvyTCnekGbMqdF9o
kjsy2OzUnM1VdJEmH15YeI/SmZCAn19H791PJ0DojShnFujIe/JHo2RzoTUCLs62
1BZw5T8UH/Q2xZx2fODhCzgd4OBqUu6bOEqQh70Vv8YyF4PLPVl1Wb8FMlDgXaLd
qqlFkmUxYtc+JE/MltIUUe/uwLHlFtZ+LdbLGjoZA/h0AajE77weygbunSfYo0ND
5+bXQjLVuKUDWDvimAVc
=KN08
-----END PGP SIGNATURE-----
--axUUDNW1S7Rr7mKInPw15mnp8OwLi7Q9A--