Hi, unfortunately I don't have root access to any ppc64el machines to be able to install a new kernel, I only have access to plummer.debian.org. (Also you didn't build them for ppc64el yet.)
There are some things different about what we're seeing in cargo, vs the provided C code that segfaults. However the timing is too coincidental so I'm still inclined to think it's caused by this bug. But unfortunately I don't know how I can test this myself. Could you release this to stable so that I can ask the buildd people to install this on plummer, so I can test it? Or, if anyone else is able to test it, you can download and extract this: https://static.rust-lang.org/dist/rust-1.18.0-powerpc64le-unknown-linux-gnu.tar.gz then run `for i in {1..10}; do rust-1.18.0-powerpc64le-unknown-linux-gnu/cargo/bin/cargo -V; done` and see if it segfaults. X Ben Hutchings: > Control: tag -1 moreinfo > > On Thu, 22 Jun 2017 19:02:26 +0200 Ximin Luo <infini...@debian.org> > wrote: >> Package: linux-image-3.16.0-4-powerpc64le >> Version: 3.16.43-2+deb8u1 >> Severity: critical >> Justification: breaks unrelated software >> >> Dear Maintainer, >> >> I have been getting segfaults trying to build cargo on ppc64el >> >> https://github.com/rust-lang/cargo/issues/4197 >> >> The signs point to the recent stack guard fix as being the culprit, I can >> confirm that the test program given here: >> >> http://www.openwall.com/lists/oss-security/2017/06/22/6 >> >> indicates the presence of the bug on plummer.debian.org. I'm not very >> familiar >> with kernel development so I don't know where the proper fix is, but >> subsequent >> discussion on that thread suggests that mainline has the "correct fix" >> whereas >> some distros applied an incorrect one. > > Can you please test with this candidate fix? > https://people.debian.org/~benh/packages/CVE-2017-1000364/ > > Ben. > -- GPG: ed25519/56034877E1F87C35 GPG: rsa4096/1318EFAC5FBBDBCE https://github.com/infinity0/pubkeys.git
