As previously reported on kernel mailing list. http://www.ussg.iu.edu/hypermail/linux/kernel/0304.0/0137.html The security update causes serious problems with the TotalView debugger. Any word on when a fixed set of kernel rpms will be available? Currently we are instructing our customers as follows, however an RPM update that applies Alan's suggested fix would be greatly appreciated: * A kernel update RPM package was released for RedHat 7.1, 7.2, 7.3, and 8.0 to address a vulnerability in ptrace. This fix introduced a new bug in the kernel which causes TotalView to crash and introduces other kernel stability problems. The kernel developers have located problem and a new fix should be forthcoming. If you are experiencing this problem and build your own Linux kernels, the solution is to change the definition of "is_dumpable" in include/linux/sched.h from: #define is_dumpable(tsk) ((tsk)->task_dumpable && (tsk)->mm->dumpable) to this corrected definition: #define is_dumpable(tsk) ((tsk)->task_dumpable && (tsk)->mm && (tsk)->mm->dumpable) The affected RedHat RPM packages are listed below and should not be installed: Red Hat Linux 7.1 --------------------------------------- kernel-2.4.18-27.7.x.src.rpm kernel-2.4.18-27.7.x.athlon.rpm kernel-smp-2.4.18-27.7.x.athlon.rpm kernel-2.4.18-27.7.x.i386.rpm kernel-BOOT-2.4.18-27.7.x.i386.rpm kernel-doc-2.4.18-27.7.x.i386.rpm kernel-source-2.4.18-27.7.x.i386.rpm kernel-2.4.18-27.7.x.i586.rpm kernel-smp-2.4.18-27.7.x.i586.rpm kernel-2.4.18-27.7.x.i686.rpm kernel-bigmem-2.4.18-27.7.x.i686.rpm kernel-debug-2.4.18-27.7.x.i686.rpm kernel-smp-2.4.18-27.7.x.i686.rpm Red Hat Linux 7.2 --------------------------------------- kernel-2.4.18-27.7.x.src.rpm kernel-2.4.18-27.7.x.athlon.rpm kernel-smp-2.4.18-27.7.x.athlon.rpm kernel-2.4.18-27.7.x.i386.rpm kernel-BOOT-2.4.18-27.7.x.i386.rpm kernel-doc-2.4.18-27.7.x.i386.rpm kernel-source-2.4.18-27.7.x.i386.rpm kernel-2.4.18-27.7.x.i586.rpm kernel-smp-2.4.18-27.7.x.i586.rpm kernel-2.4.18-27.7.x.i686.rpm kernel-bigmem-2.4.18-27.7.x.i686.rpm kernel-debug-2.4.18-27.7.x.i686.rpm kernel-smp-2.4.18-27.7.x.i686.rpm Red Hat Linux 7.3 --------------------------------------- kernel-2.4.18-27.7.x.src.rpm kernel-2.4.18-27.7.x.athlon.rpm kernel-smp-2.4.18-27.7.x.athlon.rpm kernel-2.4.18-27.7.x.i386.rpm kernel-BOOT-2.4.18-27.7.x.i386.rpm kernel-doc-2.4.18-27.7.x.i386.rpm kernel-source-2.4.18-27.7.x.i386.rpm kernel-2.4.18-27.7.x.i586.rpm kernel-smp-2.4.18-27.7.x.i586.rpm kernel-2.4.18-27.7.x.i686.rpm kernel-bigmem-2.4.18-27.7.x.i686.rpm kernel-debug-2.4.18-27.7.x.i686.rpm kernel-smp-2.4.18-27.7.x.i686.rpm Red Hat Linux 8.0 --------------------------------------- kernel-2.4.18-27.8.0.src.rpm kernel-2.4.18-27.8.0.athlon.rpm kernel-smp-2.4.18-27.8.0.athlon.rpm kernel-2.4.18-27.8.0.i386.rpm kernel-BOOT-2.4.18-27.8.0.i386.rpm kernel-doc-2.4.18-27.8.0.i386.rpm kernel-source-2.4.18-27.8.0.i386.rpm kernel-2.4.18-27.8.0.i586.rpm kernel-smp-2.4.18-27.8.0.i586.rpm kernel-2.4.18-27.8.0.i686.rpm kernel-bigmem-2.4.18-27.8.0.i686.rpm kernel-debug-2.4.18-27.8.0.i686.rpm kernel-smp-2.4.18-27.8.0.i686.rpm
Actually I should have said as reported "in the thread" http://www.ussg.iu.edu/hypermail/linux/kernel/0304.0/0137.html the post that is most relevant to our specific problems with this patch is http://www.ussg.iu.edu/hypermail/linux/kernel/0304.0/0601.html From the users perspective trying to use TotalView on any target results in TotalView getting quite violently killed by the kernel when the kernel oopses trying to fufill a ptrace call. It is not obvious to users that the problem is a kernel bug as opposed to a TotalView bug. Thanks, Chris
The secruity update kernel being shipped to address the ptrace exploit is faulty. It causes a kernel oops whenever doing a ptrace call on a zombie process. While the effect is quite clear in the Etnus TotalView debugger causing the debugger to crash, the problem ought to be a concern to all users. It also causes a stability problem on heavilly loaded machines as documented here: http://www.ussg.iu.edu/hypermail/linux/kernel/0304.0/0137.html This ought to be of particular interest to RedHat who wants to provide a stable and secure platform for all users! The fix is simple, safe, and correct. When should we plan to see a kernel update for the affected RPM kernel packages? For easy testing, you may download TotalView and a trial license from http://www.etnus.com to observe the severity of the problem. Etnus has had several users report this problem so this a particularly urgent issue in our opinion.
HELLOOOOOOOOOOOO! This is a simple one. Is anyone listening?
I'm also having problems with kernel-2.4.20-13.7 on RHL7.3. I've been trying to get a core dump out of squid for a while so I can send stacktraces to the squid developers without success. gdb also wouldn't allow me to do a backtrace when running squid under gdb. I have reverted the two ptrace patches in 2.4.20-13.7 and everything works properly now. Of couse, I'm going to have to put them back when I am finished debugging the squid problem. This is extremely inconvenient on a production box.
Fixes are available for 8.0 and 9 at least, see bug 89057, not sure about 7.x.
Seems to be fixed for 7.X in the 2.4.20-18.7 kernel update as well ...
Thanks for the bug report. However, Red Hat no longer maintains this version of the product. Please upgrade to the latest version and open a new bug if the problem persists. The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, and if you believe this bug is interesting to them, please report the problem in the bug tracker at: http://bugzilla.fedora.us/