Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 4 product line. The current stable release is 4.9. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 146244

Summary: CAN-2005-0204 OUTS instruction does not cause SIGSEGV for all ports
Product: Red Hat Enterprise Linux 4 Reporter: Staffan Larsen <sta_larsen>
Component: kernelAssignee: Jason Baron <jbaron>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: medium    
Version: 4.0CC: bjohnson, davej, grgustaf, jbaron, johan.walles, judy.grote, knoel, security-response-team, sten.garmark, suresh.b.siddha
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard: impact=important,public=20050126
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-02-24 05:26:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 144195    
Attachments:
Description Flags
reproducer source code
none
Patch fixing the issue. It setups TSS limits correctly. none

Description Staffan Larsen 2005-01-26 13:28:02 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5)
Gecko/20041107 Firefox/1.0

Description of problem:
Compile the attached program on x86

Run on x86 - it should not print anything. This behaviour is correct.

Run (the same binary) on x86_64 - it prints out a number of port
values for which the OUTS instruction did not cause a SIGSEGV. This
behaviour is not correct.

Version-Release number of selected component (if applicable):
Linux version 2.6.9-1.906_ELsmp (bhcompile.redhat.com)
(gcc version 3.4.3 20041125 (Red Hat 3.4.3-6.EL4)) #1 SMP Sun Dec 12
23:05:02 EST 2004

How reproducible:
Always

Steps to Reproduce:
1. Compile program on x86

A. 
2. Run on x86

B.
2. Run on x86_64


    

Actual Results:  A.
<nothing>

B.
didn't get signal for port=440
didn't get signal for port=441
didn't get signal for port=442
didn't get signal for port=443
didn't get signal for port=444
didn't get signal for port=445
didn't get signal for port=446
didn't get signal for port=447
didn't get signal for port=448
didn't get signal for port=449
didn't get signal for port=44a
didn't get signal for port=44b
didn't get signal for port=44c
didn't get signal for port=44d
didn't get signal for port=44e
didn't get signal for port=44f
didn't get signal for port=450
didn't get signal for port=451
didn't get signal for port=452
didn't get signal for port=453
didn't get signal for port=454
didn't get signal for port=455
didn't get signal for port=456
didn't get signal for port=457
didn't get signal for port=458
didn't get signal for port=459
didn't get signal for port=45a
didn't get signal for port=45b
didn't get signal for port=45c
didn't get signal for port=45d
didn't get signal for port=45e
didn't get signal for port=45f
didn't get signal for port=460
didn't get signal for port=461
didn't get signal for port=462
didn't get signal for port=463
didn't get signal for port=464
didn't get signal for port=465
didn't get signal for port=466
didn't get signal for port=467
didn't get signal for port=468
didn't get signal for port=469
didn't get signal for port=46a
didn't get signal for port=46b
didn't get signal for port=46c
didn't get signal for port=46d
didn't get signal for port=46e
didn't get signal for port=46f
didn't get signal for port=470
didn't get signal for port=471
didn't get signal for port=472
didn't get signal for port=473
didn't get signal for port=474
didn't get signal for port=475
didn't get signal for port=476
didn't get signal for port=477
didn't get signal for port=478
didn't get signal for port=479
didn't get signal for port=47a
didn't get signal for port=47b
didn't get signal for port=47c
didn't get signal for port=47d
didn't get signal for port=47e
didn't get signal for port=47f
didn't get signal for port=480
didn't get signal for port=481
didn't get signal for port=482
didn't get signal for port=483
didn't get signal for port=484
didn't get signal for port=485
didn't get signal for port=486
didn't get signal for port=487
didn't get signal for port=488
didn't get signal for port=489
didn't get signal for port=48a
didn't get signal for port=48b
didn't get signal for port=48c
didn't get signal for port=48d
didn't get signal for port=48e
didn't get signal for port=48f
didn't get signal for port=490
didn't get signal for port=491
didn't get signal for port=492
didn't get signal for port=493
didn't get signal for port=494
didn't get signal for port=495
didn't get signal for port=496
didn't get signal for port=497
didn't get signal for port=498
didn't get signal for port=499
didn't get signal for port=49a
didn't get signal for port=49b
didn't get signal for port=49c
didn't get signal for port=49d
didn't get signal for port=49e
didn't get signal for port=49f
didn't get signal for port=4a0
didn't get signal for port=4a1
didn't get signal for port=4a2
didn't get signal for port=4a3
didn't get signal for port=4a4
didn't get signal for port=4a5
didn't get signal for port=4a6
didn't get signal for port=4a7
didn't get signal for port=4a8
didn't get signal for port=4a9
didn't get signal for port=4aa
didn't get signal for port=4ab
didn't get signal for port=4ac
didn't get signal for port=4ad
didn't get signal for port=4ae
didn't get signal for port=4af
didn't get signal for port=4b0
didn't get signal for port=4b1
didn't get signal for port=4b2
didn't get signal for port=4b3
didn't get signal for port=4b4
didn't get signal for port=4b5
didn't get signal for port=4b6
didn't get signal for port=4b7


Expected Results:  A.
<nothing>

B.
<nothing>

Additional info:
Comment 1 Staffan Larsen 2005-01-26 13:29:17 UTC 
Created attachment 110244 [details]
reproducer source code
Comment 2 Suresh Siddha 2005-01-31 04:25:27 UTC 
Created attachment 110424 [details]
Patch fixing the issue. It setups TSS limits correctly.

combination of ____cacheline_aligned attribute to tss_struct and "sizeof" is
the cause for this issue. We shouldn't be using sizeof. Attached patch fixes
the issue.

Base kernel doesn't have this issue anymore, as they changed IO_BITMAP_BITS  to
65536 in include/asm-x86_64/processor.h. I will send my patch to base aswell
(just to be safe if someone touches IO_BITMAP_BITS in future)
Comment 4 Dave Jones 2005-02-08 03:58:38 UTC 
fixed in cvs, will be in tonights build.
Comment 5 Mark J. Cox 2005-02-09 11:20:29 UTC 
I'm assigning this CAN-2005-0204
Comment 8 Johan Walles 2005-02-11 17:19:35 UTC 
The patch seems to resolve the issue for us.  Thanks, Suresh.