Comment 1 Mike Pagano 2017-06-24 20:03:36 UTC

(In reply to Mike Pagano from comment #0)
> Arches, please stabilize gentoo-sources-4.9.23.
> 
> Among other things, it contains the fixes for the recently disclosed "Stack
> Clash" vulnerability.

4.9.34.  Sorry for the typo.

Comment 2 Agostino Sarubbo 2017-06-25 16:33:47 UTC

amd64 stable

This stabilization... does solve this issue with latest nvidia-drivers? (not the legacy ones)
https://bugs.gentoo.org/show_bug.cgi?id=608264

I tried with several 4.9.* kernels and the issue is the same. Kernel 4.10.* solves that issue (in fact, that's what I'm using now), so I asked a stable request but I got nothing.

Thanks.

Comment 4 Mike Pagano 2017-06-25 20:28:24 UTC

(In reply to jorgicio from comment #3)
> This stabilization... does solve this issue with latest nvidia-drivers? (not
> the legacy ones)
> https://bugs.gentoo.org/show_bug.cgi?id=608264
> 
> I tried with several 4.9.* kernels and the issue is the same. Kernel 4.10.*
> solves that issue (in fact, that's what I'm using now), so I asked a stable
> request but I got nothing.
> 
> Thanks.

4.10.* is gone.  

And out of kernel drivers never hold up stable kernel requests.
And nvidia is even worse, as it is a closed binary driver.

(In reply to Mike Pagano from comment #4)
> (In reply to jorgicio from comment #3)
> > This stabilization... does solve this issue with latest nvidia-drivers? (not
> > the legacy ones)
> > https://bugs.gentoo.org/show_bug.cgi?id=608264
> > 
> > I tried with several 4.9.* kernels and the issue is the same. Kernel 4.10.*
> > solves that issue (in fact, that's what I'm using now), so I asked a stable
> > request but I got nothing.
> > 
> > Thanks.
> 
> 4.10.* is gone.  
> 
> And out of kernel drivers never hold up stable kernel requests.
> And nvidia is even worse, as it is a closed binary driver.

I'd stop using if except for the poor performance of the Nouveau drivers. That's weird that 4.9.*, being stable, breaks some modules like the Nvidia, no matter if closed or not.

Comment 6 Mike Pagano 2017-06-26 10:42:05 UTC

(In reply to jorgicio from comment #5)
> (In reply to Mike Pagano from comment #4)
> > (In reply to jorgicio from comment #3)
> > > This stabilization... does solve this issue with latest nvidia-drivers? (not
> > > the legacy ones)
> > > https://bugs.gentoo.org/show_bug.cgi?id=608264
> > > 
> > > I tried with several 4.9.* kernels and the issue is the same. Kernel 4.10.*
> > > solves that issue (in fact, that's what I'm using now), so I asked a stable
> > > request but I got nothing.
> > > 
> > > Thanks.
> > 
> > 4.10.* is gone.  
> > 
> > And out of kernel drivers never hold up stable kernel requests.
> > And nvidia is even worse, as it is a closed binary driver.
> 
> I'd stop using if except for the poor performance of the Nouveau drivers.
> That's weird that 4.9.* being stable, breaks some modules like the Nvidia,
> no matter if closed or not.

If there are other modules broken that are in the kernel than open bugs.  Making vague statements like this helps no one.  

And does not belong on this bug.  

This fixes an important root exploit.

In fact the issue was open some time ago and the link was above. However, it was marked as "resolved", but the issue is still there.

I just tried this kernel and it solves the issue. Now I'm using this version of kernel. Thanks anyways.

Comment 9 Mike Pagano 2017-06-26 20:16:15 UTC

(In reply to jorgicio from comment #7)
> In fact the issue was open some time ago and the link was above. However, it
> was marked as "resolved", but the issue is still there.

You're not getting it.  Binary out of tree drivers never stop kernel stabilization.  Trust me, I've been around here a long time.

Comment 10 Tobias Klausmann (RETIRED) 2017-06-26 20:21:18 UTC

Stable on alpha.

Comment 11 Mike Pagano 2017-06-27 16:31:09 UTC

Stable on x86

(In reply to Mike Pagano from comment #9)
> (In reply to jorgicio from comment #7)
> > In fact the issue was open some time ago and the link was above. However, it
> > was marked as "resolved", but the issue is still there.
> 
> You're not getting it.  Binary out of tree drivers never stop kernel
> stabilization.  Trust me, I've been around here a long time.

I got it, who's not getting it is someone else than me, also there are more essentials problems rather than a out-of-kernel binary. But it does not matter by now, the issue at least is solved and that's enough for me.

Comment 13 Mike Pagano 2017-06-29 19:53:23 UTC

(In reply to jorgicio from comment #12)
> (In reply to Mike Pagano from comment #9)
> > (In reply to jorgicio from comment #7)
> > > In fact the issue was open some time ago and the link was above. However, it
> > > was marked as "resolved", but the issue is still there.
> > 
> > You're not getting it.  Binary out of tree drivers never stop kernel
> > stabilization.  Trust me, I've been around here a long time.
> 
> I got it, who's not getting it is someone else than me, also there are more
> essentials problems rather than a out-of-kernel binary. But it does not
> matter by now, the issue at least is solved and that's enough for me.

Easy there.

What more essential problems are you talking about? Bug, please. And they better be worse than this root exploit.

Comment 14 Sergei Trofimovich (RETIRED) 2017-06-30 10:49:47 UTC

ia64 stable

Comment 15 Agostino Sarubbo 2017-07-07 09:11:43 UTC

sparc stable

Comment 16 Agostino Sarubbo 2017-07-07 13:26:49 UTC

ppc stable

Comment 17 Agostino Sarubbo 2017-07-07 14:52:20 UTC

ppc64 stable

(In reply to Sergei Trofimovich from comment #14)
> ia64 stable

As requested via IRC, tested on a real ia64 :
---------------------------------------------
mosfet linux # uname -a
Linux mosfet 4.9.34-gentoo #1 Wed Jul 5 17:02:40 HKT 2017 ia64 Madison GenuineIntel GNU/Linux
mosfet linux # binutils-config -l
 [1] ia64-unknown-linux-gnu-2.26.1 *
mosfet linux # gcc-config -l
 [1] ia64-unknown-linux-gnu-5.4.0 *
mosfet linux # grep CONFIG_MODULES .config
CONFIG_MODULES_USE_ELF_RELA=y
CONFIG_MODULES=y
mosfet linux # 
---------------------------------------------
If you ned/want more info let me know

As requested via IRC, tested on a real hppa :
---------------------------------------------
valve linux # uname -a
Linux valve 4.9.34-gentoo #1 SMP Tue Jul 25 14:05:30 HKT 2017 parisc64 PA8700 (PCX-W2) 9000/785/J6750 GNU/Linux
valve linux # binutils-config -l
 [1] hppa2.0-unknown-linux-gnu-2.26.1 *

 [2] hppa64-unknown-linux-gnu-2.26.1 *
valve linux # gcc-config -l
 [1] hppa2.0-unknown-linux-gnu-5.4.0 *

 [2] hppa64-unknown-linux-gnu-5.4.0 *
valve linux # grep CONFIG_MODULES .config
CONFIG_MODULES_USE_ELF_RELA=y
# CONFIG_MODULES is not set
valve linux # 
---------------------------------------------
If you ned/want more info let me know

Comment 20 Mike Pagano 2017-08-13 20:11:49 UTC

hppa was stabled

Comment 21 Stabilization helper bot 2017-12-09 22:01:35 UTC

An automated check of this bug failed - the following atom is unknown:

sys-kernel/gentoo-sources-4.9.34

Please verify the atom list.

Comment 22 Pacho Ramos 2017-12-14 11:00:34 UTC

If this needs to be stabilized on arm... current version to stabilize would be 4.9.49-r1... do you want to use this bug for that or better wait for a new stabilization bug targetting a newer 4.9.x version for all arches?

Comment 23 Mike Pagano 2017-12-18 21:42:44 UTC

(In reply to Pacho Ramos from comment #22)
> If this needs to be stabilized on arm... current version to stabilize would
> be 4.9.49-r1... do you want to use this bug for that or better wait for a
> new stabilization bug targetting a newer 4.9.x version for all arches?

Its up to you guys. It's only a problem when it keeps me from removing old kernels and this particular one is not.

We can request a new 4.9. It probably would be better for us since we're talking a lot of version from this one until now.

Comment 24 Thomas Deutschmann (RETIRED) 2017-12-28 18:30:36 UTC

Superseded by bug 642522.