Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 416415 - sys-apps/v86d-0.1.10 fails to read EBDA with GRKERNSEC_KMEM=y on some configurations
Summary: sys-apps/v86d-0.1.10 fails to read EBDA with GRKERNSEC_KMEM=y on some configu...
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Hardened (show other bugs)
Hardware: x86 Linux
: Normal minor
Assignee: The Gentoo Linux Hardened Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-05-17 17:00 UTC by Maxim Kammerer
Modified: 2017-08-14 08:05 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Maxim Kammerer 2012-05-17 17:00:15 UTC
sys-apps/v86d-0.1.10 was built with USE="x86emu"

Hardened kernel 3.2.11 with:
CONFIG_FB_UVESA=m
CONFIG_GRKERNSEC_KMEM=y

When uvesafb module is loaded (options do not matter), the following warning is produced (not on all configurations):

grsec: denied access of range 9d000 -> 9e000 in /dev/mem by /sbin/v86d[v86d:1253] uid/euid:0/0 gid/egid:0/0, parent /[v86d:1252] uid/euid:0/0 gid/egid:0/0
v86d: mmap '/dev/mem' failed with: Operation not permitted
v86d: Failed to read EBDA size from 9dc00. Ignoring EBDA.

The module is loaded with:
modprobe uvesafb mode_option=800x600-32 mtrr=3 scroll=ywrap

Other than the warning, there are no module functionality issues.

Example configuration exhibiting the issue:
- QEMU-KVM 1.0, -vga cirrus (Gentoo)

Example configurations *not* exhibiting the issue:
- VirtualBox 4.1.10 (Windows)
- VMware Workstation 8.0.1 (Gentoo)
Comment 1 Brad Spengler 2012-05-17 23:32:43 UTC
Could you try the patch at:

http://grsecurity.net/~spender/ebda.diff

Thanks,
-Brad
Comment 2 Maxim Kammerer 2012-05-18 02:22:57 UTC
Hi, the patch fixes the problem in QEMU-KVM (-vga cirrus).
Comment 3 Maxim Kammerer 2012-05-31 09:31:38 UTC
Just FYI, the issue apparently also manifests on some NVIDIA cards. From user's bug report:

<1>grsec: denied access of range 9d000 -> 9e000 in /dev/mem by /sbin/v86d[v86d:2578] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
<3>v86d: mmap '/dev/mem' failed with: Operation not permitted
<4>v86d: Failed to read EBDA size from 9d000. Ignoring EBDA.
<6>uvesafb: NVIDIA Corporation, GT216 Board - 0696a340, Chip Rev   , OEM: NVIDIA, VBE v3.0
<6>uvesafb: protected mode interface info at c000:ca60
<6>uvesafb: pmi: set display start = c00ccac3, set palette = c00ccb1e
<6>uvesafb: pmi: ports = 3b4 3b5 3ba 3c0 3c1 3c4 3c5 3c6 3c7 3c8 3c9 3cc 3ce 3cf 3d0 3d1 3d2 3d3 3d4 3d5 3da 
<6>uvesafb: VBIOS/hardware doesn't support DDC transfers
<6>uvesafb: no monitor limits have been set, default refresh rate will be used
<6>uvesafb: scrolling: ywrap using protected mode interface, yres_virtual=2304
<6>Console: switching to colour frame buffer device 100x37
<6>uvesafb: framebuffer at 0xd1000000, mapped to 0xf8e80000, using 7200k, total 14336k
<6>fb0: VESA VGA frame buffer device
Comment 4 PaX Team 2012-05-31 09:56:39 UTC
(In reply to comment #3)
> Just FYI, the issue apparently also manifests on some NVIDIA cards. From
> user's bug report:

and does spender's patch or the latest grsec fix it?
Comment 5 Maxim Kammerer 2012-05-31 10:11:55 UTC
I don't know — will test on my local machine with an NVIDIA card.
Comment 6 Maxim Kammerer 2012-06-11 17:44:30 UTC
Tested on NVIDIA 8500 GT -- unfortunately, the EBDA problem is not present with this card to begin with.
Comment 7 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2017-08-14 08:05:16 UTC
commit 30c31bfe86f048a443baa523e9f487c38d950f24
Author:     Michał Górny <mgorny@gentoo.org>
AuthorDate: Mon Aug 14 09:56:21 2017
Commit:     Michał Górny <mgorny@gentoo.org>
CommitDate: Mon Aug 14 10:02:53 2017

    sys-apps/v86d: Remove last-rited pkg, #606154

 profiles/arch/amd64/package.use.force |  4 ---
 profiles/package.mask                 |  5 ----
 sys-apps/v86d/Manifest                |  1 -
 sys-apps/v86d/metadata.xml            |  8 -----
 sys-apps/v86d/v86d-0.1.10.ebuild      | 56 -----------------------------------
 5 files changed, 74 deletions(-)