Advisory:
Updated kernel-tmb provides upstream 3.12.18 kernel and fixes the following
security issues:

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/
x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute
arbitrary code on the host OS by leveraging a loop that triggers an
invalid memory copy affecting certain cancel_work_item data. 
(CVE-2014-0049)

The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem
in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise
Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which
allows guest OS users to cause a denial of service (host OS crash) via
unspecified vectors. (CVE-2014-0055)

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through
3.13.5 does not properly handle uncached write operations that copy fewer
than the requested number of bytes, which allows local users to obtain
sensitive information from kernel memory, cause a denial of service
(memory corruption and system crash), or possibly gain privileges via a
writev system call with a crafted pointer. (CVE-2014-0069)

drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable
buffers are disabled, does not properly validate packet lengths, which
allows guest OS users to cause a denial of service (memory corruption and
host OS crash) or possibly gain privileges on the host OS via crafted
packets, related to the handle_rx and get_rx_bufs functions. 
(CVE-2014-0077)

Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the
Linux kernel through 3.14.1 allows local users to cause a denial of service
(use-after-free and system crash) or possibly gain privileges via a crafted
application that leverages an improperly managed reference counter.
(CVE-2014-2851)

Oter fixes in this update:
- switch hugepages back to madvise to fix performance regression (mga#12994)
- enable Intel P-state driver (mga#13080)
- fix r8169 suspend/resume issue (mga#13255)

For upstream merged fixes, read the referenced changelogs:

References:
https://bugs.mageia.org/show_bug.cgi?id=12994
https://bugs.mageia.org/show_bug.cgi?id=13080
https://bugs.mageia.org/show_bug.cgi?id=13255
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.18
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.17
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.16
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.14

Updated advisory to remove referece to madvise fix (wich kernel-tmb didnt need)
:
Updated kernel-tmb provides upstream 3.12.18 kernel and fixes the following
security issues:

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/
x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute
arbitrary code on the host OS by leveraging a loop that triggers an
invalid memory copy affecting certain cancel_work_item data. 
(CVE-2014-0049)

The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem
in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise
Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which
allows guest OS users to cause a denial of service (host OS crash) via
unspecified vectors. (CVE-2014-0055)

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through
3.13.5 does not properly handle uncached write operations that copy fewer
than the requested number of bytes, which allows local users to obtain
sensitive information from kernel memory, cause a denial of service
(memory corruption and system crash), or possibly gain privileges via a
writev system call with a crafted pointer. (CVE-2014-0069)

drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable
buffers are disabled, does not properly validate packet lengths, which
allows guest OS users to cause a denial of service (memory corruption and
host OS crash) or possibly gain privileges on the host OS via crafted
packets, related to the handle_rx and get_rx_bufs functions. 
(CVE-2014-0077)

Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the
Linux kernel through 3.14.1 allows local users to cause a denial of service
(use-after-free and system crash) or possibly gain privileges via a crafted
application that leverages an improperly managed reference counter.
(CVE-2014-2851)

Oter fixes in this update:
- enable Intel P-state driver (mga#13080)
- fix r8169 suspend/resume issue (mga#13255)

For upstream merged fixes, read the referenced changelogs:

References:
https://bugs.mageia.org/show_bug.cgi?id=13080
https://bugs.mageia.org/show_bug.cgi?id=13255
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.18
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.17
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.16
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.14

On real hardware, M4, KDE, 32-bit

Package(s) under test:
kernel-tmb

install kernel-tmb from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.18-tmb-desktop-1.mga4 #1 SMP PREEMPT Thu Apr 24 15:21:56 UTC 2014 i686 i686 i686 GNU/Linux

kernel-tmb boots to a working desktop and applications work fine

Test platform:
Intel, P4 530J 3.0 GHz, 800MHz FSB, 1MB L2, LGA 775
GigaByte  GA-81915G Pro F4  i915G  LGA 775  MoBo
 Marvel Yukon 88E8001 Gigabit LAN
 Intel High Def Audio, Azalia (C-Media 9880) (snd-hda-intel)
 Intel Graphics Media Accelerator 900 (Intel 82915G)
Kingston 4GB (2 x 2GB) DDR400 PC-3200
250GB Seagate
Kingwin KF-91-BK SATA Mobile Rack
Kingwin KF-91-T-BK SATA Mobile Rack Tray
Sony CD/DVD-RW DWQ120AB2

CC: (none) => wilcal.int

Real hardware; Mageia 4; i586

Installed kernel-tmb-laptop from /updates/testing

$ uname -a
Linux localhost 3.12.18-tmb-laptop-1.mga4 #1 SMP Thu Apr 24 15:32:23 UTC 2014 i686 i686 i686 GNU/Linux

kernel-tmb-laptop boots to a working desktop; however mentioned a difference in comparison with kernel-server-3.12.18-1.mga4

[    1.755685] systemd-gpt-auto-generator[80]: Failed to determine block device of root file system: No such file or directory
[    1.757033] systemd[75]: /usr/lib/systemd/system-generators/systemd-gpt-auto-generator failed with error code 1.

My both / and /home partitions are btrfs and I'm booting with grub2 if that matters.

Platform: Lenovo Thinkpad X200 4GB RAM
http://www.thinkwiki.org/wiki/Category:X200

CC: (none) => jyri2000

Thomas:

In VirtualBox, M4, KDE, 32&64-bit

Package(s) under test:
kernel-tmb-desktop
kernel-tmb-server

When launching as a client in Vbox the 64-bit version of
kernel-tmb-server works fine but the 32-bit crashes on
launch immediately.

It's gonna take me some time today to backtrack and try
this on real hardware.

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, Nvidia driver
VirtualBox 4.3.6-1.mga4.x86_64.rpm

On real hardware, M4, KDE, 32&64-bit

Package(s) under test:
kernel-tmb-desktop
kernel-tmb-server

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-desktop-1.mga4 #1 SMP PREEMPT Sun Feb 2 09:47:24 UTC 2014 i686 i686 i686 GNU/Linux
[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-server-1.mga4 #1 SMP Sun Feb 2 10:04:55 UTC 2014 i686 i686 i686 GNU/Linux

kernel-tmb boots to a working desktop and applications work fine

install kernel-tmb from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.18-tmb-desktop-1.mga4 #1 SMP PREEMPT Thu Apr 24 15:21:56 UTC 2014 i686 i686 i686 GNU/Linux
[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.18-tmb-server-1.mga4 #1 SMP Thu Apr 24 15:43:16 UTC 2014 i686 i686 i686 GNU/Linux

kernel-tmb boots to a working desktop and applications work fine

Test platform:
Intel, P4 530J 3.0 GHz, 800MHz FSB, 1MB L2, LGA 775
GigaByte  GA-81915G Pro F4  i915G  LGA 775  MoBo
 Marvel Yukon 88E8001 Gigabit LAN
 Intel High Def Audio, Azalia (C-Media 9880) (snd-hda-intel)
 Intel Graphics Media Accelerator 900 (Intel 82915G)
Kingston 4GB (2 x 2GB) DDR400 PC-3200
250GB Seagate
Kingwin KF-91-BK SATA Mobile Rack
Kingwin KF-91-T-BK SATA Mobile Rack Tray
Sony CD/DVD-RW DWQ120AB2

In VirtualBox, M4, KDE, 32&64-bit

Package(s) under test:
kernel-tmb-desktop
kernel-tmb-server

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-desktop-1.mga4 #1 SMP PREEMPT Sun Feb 2 09:47:24 UTC 2014 i686 i686 i686 GNU/Linux
[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-server-1.mga4 #1 SMP Sun Feb 2 10:04:55 UTC 2014 i686 i686 i686 GNU/Linux
( 3.12.9-tmb-server-1.mga4 immediately crashes )

kernel-tmb boots to a working desktop and applications work fine

install kernel-tmb from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.18-tmb-desktop-1.mga4 #1 SMP PREEMPT Thu Apr 24 15:21:56 UTC 2014 i686 i686 i686 GNU/Linux
Linux localhost 3.12.18-tmb-server-1.mga4 #1 SMP Sun Feb 2 10:04:55 UTC 2014 i686 i686 i686 GNU/Linux
( 3.12.18-tmb-server-1.mga4 immediately crashes )


kernel-tmb boots to a working desktop and applications work fine

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, Nvidia driver
VirtualBox 4.3.6-1.mga4.x86_64.rpm

Just for drill:

In VirtualBox, M3, KDE, 32&64-bit

Package(s) under test:
kernel-tmb-desktop
kernel-tmb-server

[wilcal@localhost ~]$ uname -a
Linux localhost 3.10.28-tmb-desktop-1.mga3 #1 SMP PREEMPT Sat Feb 1 17:24:27 UTC 2014 i686 i686 i686 GNU/Linux
kernel-tmb boots to a working desktop and applications work fine

[wilcal@localhost ~]$ uname -a
Linux localhost 3.10.28-tmb-server-1.mga3 #1 SMP PREEMPT Sat Feb 1 17:24:27 UTC 2014 i686 i686 i686 GNU/Linux
( 3.10.28-tmb-server-1.mga3 immediately crashes )

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, Nvidia driver
VirtualBox 4.3.6-1.mga4.x86_64.rpm

So it appears that kernel-tmb-server works fine on real hardware but
immediately crashes on launch in Vbox. And that in both M3 & M4.

Trying MGA4 64-bit real hardware with ATI/Radeon graphics

Not a success. The first time I tried this it displayed (sort of) "Sorry, cannot configure the graphics. When given a login prompt, log in as root and run drakx11". Having fought my way through that, it dowloaded piles of stuff, ? compiled something, but went on eventually to work.

But after trying other kernels, not any more, & I cannot get it to do so. It always goes (twice) to the console error msg. Running drakx11 seems to work, but ends "Re-start" - which leads to the same thing.

CC: (none) => lewyssmith

Trying MGA4 64-bit real hardware with ATI/Radeon graphics
After adding
 kernel-tmb-desktop-devel-3.12.18-1.mga4-1-1.mga4.x86_64.rpm
the kernel loaded OK in the end and basically works.
BUT
Problem.
SWAP is not functioning. Whether this is new to 3.12.18 (after 3.12.13) I know not; with 4Gb RAM, SWAP is never used. I just noticed it for these kernel tests:
- Esc to see the startup console O/P shows up "FAIL to activate swap on /dev/sda7".
- dmesg includes "Adding swap on /dev/sda7"; but not the error msg above.
- No swap entry in mount O/P.
- swapon -s shows /dev/sda7 but Used = 0.
This happens also with kernels desktop and rt.

It is clear that swap *is* ultimately active. It seems that one attempt visible on the console genuinely fails, and a later attempt visible via dmesg works. The swapon -s output indicates that swap is active, but not being used (in error I took the Used = 0 as a binary flag!).
So the only problem is "why the initial failure"? (The line is in red).

To be persued.

Thomas, could you comment on comment 9 please, thanks.

I cant reproduce, but I see in comment 8:

"VirtualBox 4.3.6-1.mga4.x86_64.rpm"

and I'm running the 4.3.10 released for mga3:
http://advisories.mageia.org/MGASA-2014-0184.html

and mga4:
http://advisories.mageia.org/MGASA-2014-0185.html

So that might explain the issues

Advisory uploaded.

Bill can you comment on comment 14 please. If new vbox cures it then this can be validated.

Whiteboard: (none) => advisory

Retest and correction of testing platform.

In VirtualBox, M4, KDE, 32&64-bit

Package(s) under test:
kernel-tmb-desktop-latest kernel-tmb-server-latest

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.18-tmb-desktop-1.mga4 #1 SMP PREEMPT Thu Apr 24 15:21:56 UTC 2014 i686 i686 i686 GNU/Linux
kernel-tmb boots to a working desktop and applications work fine

3.12.18-tmb-server-1.mga4
immediately crashes on launch

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.18-tmb-desktop-1.mga4 #1 SMP PREEMPT Thu Apr 24 16:12:51 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
kernel-tmb boots to a working desktop and applications work fine

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.18-tmb-server-1.mga4 #1 SMP Thu Apr 24 16:30:22 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
kernel-tmb boots to a working desktop and applications work fine

I'm still poke'n at this thing.

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, Nvidia driver
virtualbox-4.3.10-1.1.mga4.x86_64
virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
nvidia driver: 331.49-2.mga4.nonfree

Could somebody please see if they get the same crash as Bill using kernel-tmb-server in virtualbox.

David Remy:

Guest OS's within Hyper-V Host on Hyper-V Server 2012 R2, M4, xfce4, 32&64-bit

Packages under test:
kernel-tmb-desktop on 32 and 64
kernel-tmb-server on 32 and 64

All variants working: (Boot kernel-tmb-desktop and kernel-tmb-server to a working desktop and applications work)
davidremy@MGA4-64 (zsh) ~ % uname -a
Linux MGA4-64 3.12.18-tmb-desktop-1.mga4 #1 SMP PREEMPT Thu Apr 24 16:12:51 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

davidremy@MGA4-64 (zsh) ~ % uname -a
Linux MGA4-64 3.12.18-tmb-server-1.mga4 #1 SMP Thu Apr 24 16:30:22 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

davidremy@MGA4-32 (zsh) ~ % uname -a
Linux MGA4-32 3.12.18-tmb-desktop-1.mga4 #1 SMP PREEMPT Thu Apr 24 15:21:56 UTC 2014 i686 i686 i686 GNU/Linux

davidremy@MGA4-32 (zsh) ~ % uname -a
Linux MGA4-32 3.12.18-tmb-server-1.mga4 #1 SMP Thu Apr 24 15:43:16 UTC 2014 i686 i686 i686 GNU/Linux


I can't say I can reproduce the crash within a VM when on Hyper-V, everything seems to be ok with these two kernels at this time.

CC: (none) => dpremy

Tested on one hardware set as well, one issue with Broadcome Wireless.

Packages under test on 32bit:
kernel-tmb-desktop
kernel-tmb-server

% uname -a
Linux localhost 3.12.18-tmb-desktop-1.mga4 #1 SMP PREEMPT Thu Apr 24 15:21:56 UTC 2014 i686 i686 i686 GNU/Linux

% uname -a
Linux localhost 3.12.18-tmb-server-1.mga4 #1 SMP Thu Apr 24 15:43:16 UTC 2014 i686 i686 i686 GNU/Linux

All worked but Broadcom BCM4322 wireless card which requires broadcom-wl-common and broadcom-wl-kernel-desktop-latest to bring up. I can do further testing if needed, just unsure what to test at this point for the broadcom.

Test platform:
HP Compaq 6735b AMD notebook
SODIMM 2gb (1x2gb)
BCM4322 802.11a/b/g/n Wireless LAN Controller
Mageia 4 32-bit

I am using:
kernel-tmb-desktop-3.12.18-1.mga4-1-1.mga4.x86_64.rpm
kernel-tmb-desktop-devel-3.12.18-1.mga4-1-1.mga4.x86_64.rpm
kernel-tmb-desktop-devel-latest-3.12.18-1.mga4.x86_64.rpm
kernel-tmb-desktop-latest-3.12.18-1.mga4.x86_64.rpm

On a laptop with nVIDIA GeForce GT650M and driver 337.19 beta.
dkms compilation was OK and proprietary driver works fine.

But VMware Workstation 10.0.2 modules were compiled and are a factor of 10 smaller than the ones compiled on the default kernel-desktop-3.12.18 and VMware Workstation can not start a virtual machine due to "/dev/vmci not found".

With the default Mageia 4 kernel 3.12.18 VMware Workstation works fine.

How can I get correct file sizes for the 4 VMware modules in /lib/modules/<kernel>/misc ?

CC: (none) => bert.ram.aerts

This is now updated to close the CVEs, including the onethat has hit the news
CVE-2014-0155
CVE-2014-0196 (critical, public poc)
CVE-2014-1737
CVE-2014-1738



SRPM: 
kernel-tmb-3.12.20-1.mga4.src.rpm


i586:
kernel-tmb-desktop-3.12.20-1.mga4-1-1.mga4.i586.rpm
kernel-tmb-desktop586-3.12.20-1.mga4-1-1.mga4.i586.rpm
kernel-tmb-desktop586-devel-3.12.20-1.mga4-1-1.mga4.i586.rpm
kernel-tmb-desktop586-devel-latest-3.12.20-1.mga4.i586.rpm
kernel-tmb-desktop586-latest-3.12.20-1.mga4.i586.rpm
kernel-tmb-desktop-devel-3.12.20-1.mga4-1-1.mga4.i586.rpm
kernel-tmb-desktop-devel-latest-3.12.20-1.mga4.i586.rpm
kernel-tmb-desktop-latest-3.12.20-1.mga4.i586.rpm
kernel-tmb-laptop-3.12.20-1.mga4-1-1.mga4.i586.rpm
kernel-tmb-laptop-devel-3.12.20-1.mga4-1-1.mga4.i586.rpm
kernel-tmb-laptop-devel-latest-3.12.20-1.mga4.i586.rpm
kernel-tmb-laptop-latest-3.12.20-1.mga4.i586.rpm
kernel-tmb-server-3.12.20-1.mga4-1-1.mga4.i586.rpm
kernel-tmb-server-devel-3.12.20-1.mga4-1-1.mga4.i586.rpm
kernel-tmb-server-devel-latest-3.12.20-1.mga4.i586.rpm
kernel-tmb-server-latest-3.12.20-1.mga4.i586.rpm
kernel-tmb-source-3.12.20-1.mga4-1-1.mga4.noarch.rpm
kernel-tmb-source-latest-3.12.20-1.mga4.noarch.rpm


x86_64:
kernel-tmb-desktop-3.12.20-1.mga4-1-1.mga4.x86_64.rpm
kernel-tmb-desktop-devel-3.12.20-1.mga4-1-1.mga4.x86_64.rpm
kernel-tmb-desktop-devel-latest-3.12.20-1.mga4.x86_64.rpm
kernel-tmb-desktop-latest-3.12.20-1.mga4.x86_64.rpm
kernel-tmb-laptop-3.12.20-1.mga4-1-1.mga4.x86_64.rpm
kernel-tmb-laptop-devel-3.12.20-1.mga4-1-1.mga4.x86_64.rpm
kernel-tmb-laptop-devel-latest-3.12.20-1.mga4.x86_64.rpm
kernel-tmb-laptop-latest-3.12.20-1.mga4.x86_64.rpm
kernel-tmb-server-3.12.20-1.mga4-1-1.mga4.x86_64.rpm
kernel-tmb-server-devel-3.12.20-1.mga4-1-1.mga4.x86_64.rpm
kernel-tmb-server-devel-latest-3.12.20-1.mga4.x86_64.rpm
kernel-tmb-server-latest-3.12.20-1.mga4.x86_64.rpm
kernel-tmb-source-3.12.20-1.mga4-1-1.mga4.noarch.rpm
kernel-tmb-source-latest-3.12.20-1.mga4.noarch.rpm


Addendum to advisory:
The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel
through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic
return value, which allows guest OS users to cause a denial of service
(host OS crash) via a crafted entry in the redirection table of an I/O
APIC. NOTE: the affected code was moved to the ioapic_service function
before the vulnerability was announced. (CVE-2014-0155)

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel
through 3.14.3 does not properly manage tty driver access in the
"LECHO & !OPOST" case, which allows local users to cause a denial of
service (memory corruption and system crash) or gain privileges by
triggering a race condition involving read and write operations with
long strings. (CVE-2014-0196)

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux
kernel through 3.14.3 does not properly handle error conditions during
processing of an FDRAWCMD ioctl call, which allows local users to trigger
kfree operations and gain privileges by leveraging write access to a
/dev/fd device.  (CVE-2014-1737)

The raw_cmd_copyout function in drivers/block/floppy.c in the Linux
kernel through 3.14.3 does not properly restrict access to certain
pointers during processing of an FDRAWCMD ioctl call, which allows
local users to obtain sensitive information from kernel heap memory
by leveraging write access to a /dev/fd device. (CVE-2014-1738)

References:
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.20
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.19

Summary: Update request: kernel-tmb-3.12.18-1.mga4 => Update request: kernel-tmb-3.12.20-1.mga4
Source RPM: kernel-tmb-3.12.18-1.mga4.src.rpm => kernel-tmb-3.12.20-1.mga4.src.rpm
Whiteboard: advisory => (none)
Severity: normal => critical

PoC: https://bugzilla.novell.com/show_bug.cgi?id=875690#c14

Please also ensure these work ok in VBox as Bill had issues previously with the i586 server kernel.

Whiteboard: (none) => has_procedure

On real hardware, M4, KDE, 32-bit

Package(s) under test:
kernel-tmb-desktop

default install of kernel-tmb-desktop

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-desktop-1.mga4 #1 SMP PREEMPT Sun Feb 2 09:47:24 UTC 2014 i686 i686 i686 GNU/Linux

kernel-tmb-desktop boots to a working desktop and applications work fine

install kernel-tmb-desktop from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-tmb-desktop-1.mga4 #1 SMP PREEMPT Fri May 16 16:42:58 UTC 2014 i686 i686 i686 GNU/Linux

kernel-tmb-desktop boots to a working desktop and applications work fine

Test platform:
Intel, P4 530J 3.0 GHz, 800MHz FSB, 1MB L2, LGA 775
GigaByte  GA-81915G Pro F4  i915G  LGA 775  MoBo
 Marvel Yukon 88E8001 Gigabit LAN
 Intel High Def Audio, Azalia (C-Media 9880) (snd-hda-intel)
 Intel Graphics Media Accelerator 900 (Intel 82915G)
Kingston 4GB (2 x 2GB) DDR400 PC-3200
250GB Seagate
Kingwin KF-91-BK SATA Mobile Rack
Kingwin KF-91-T-BK SATA Mobile Rack Tray
Sony CD/DVD-RW DWQ120AB2

On real hardware, M4, KDE, 32-bit

Package(s) under test:
kernel-tmb-server

default install of kernel-tmb-server

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-server-1.mga4 #1 SMP Sun Feb 2 10:04:55 UTC 2014 i686 i686 i686 GNU/Linux

kernel-tmb-server boots to a working desktop and applications work fine

install kernel-tmb-server from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-tmb-server-1.mga4 #1 SMP Fri May 16 16:55:15 UTC 2014 i686 i686 i686 GNU/Linux

kernel-tmb-server boots to a working desktop and applications work fine

Test platform:
Intel, P4 530J 3.0 GHz, 800MHz FSB, 1MB L2, LGA 775
GigaByte  GA-81915G Pro F4  i915G  LGA 775  MoBo
 Marvel Yukon 88E8001 Gigabit LAN
 Intel High Def Audio, Azalia (C-Media 9880) (snd-hda-intel)
 Intel Graphics Media Accelerator 900 (Intel 82915G)
Kingston 4GB (2 x 2GB) DDR400 PC-3200
250GB Seagate
Kingwin KF-91-BK SATA Mobile Rack
Kingwin KF-91-T-BK SATA Mobile Rack Tray
Sony CD/DVD-RW DWQ120AB2

Tested ok mga4 64 desktop, server, laptop

Tested ok mga4 32 desktop586, desktop, server, laptop

I don't have an mga4 VM at the moment to check it, Bill could you see if this one is better please.

Slowly working my way through these today. Vbox will be after testing
on real hardware.

On real hardware, M4, KDE, 64-bit

Package(s) under test:
kernel-tmb-desktop

default install of kernel-tmb-desktop

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-desktop-1.mga4 #1 SMP PREEMPT Sun Feb 2 09:39:15 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-tmb-desktop to a working desktop and applications work fine

install kernel-tmb-desktop from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-tmb-desktop-1.mga4 #1 SMP PREEMPT Fri May 16 17:05:43 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-tmb-desktop boots to a working desktop and applications work fine

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, Nvidia driver
virtualbox-4.3.10-1.1.mga4.x86_64
virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64

On real hardware, M4, KDE, 64-bit

Package(s) under test:
kernel-tmb-server

default install of kernel-tmb-server

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-server-1.mga4 #1 SMP Sun Feb 2 09:55:29 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-tmb-desktop to a working desktop and applications work fine

install kernel-tmb-server from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-tmb-server-1.mga4 #1 SMP Fri May 16 17:29:32 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-tmb-server boots to a working desktop and applications work fine

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, Nvidia driver
virtualbox-4.3.10-1.1.mga4.x86_64
virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64

Note that in all my 64-bit testing that the nouveau
driver is used in all cases except kernel-desktop-latest

Testing
3.12.20-tmb-desktop-1.mga4
on real hardware, AMD/ATI graphics; MGA4, 64-bit.

No problems on re-booting with the updated kernel. Seems to be OK.

I am tempted to try the PoC referenced from Claire's pointer
 https://bugzilla.novell.com/show_bug.cgi?id=875690#c14at [bug]
->
 http://bugzillafiles.novell.org/attachment.cgi?id=588769 [code]
(The command line given in the bug is equivalent to that given in the code; just different names for the module).

In VirtualBox, M4, KDE, 32-bit

Package(s) under test:
kernel-tmb-desktop

default install of kernel-tmb-desktop

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-desktop-1.mga4 #1 SMP PREEMPT Sun Feb 2 09:47:24 UTC 2014 i686 i686 i686 GNU/Linux

kernel-tmb-desktop boots to a working desktop and applications work fine

install kernel-tmb-desktop from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-tmb-desktop-1.mga4 #1 SMP PREEMPT Fri May 16 16:42:58 UTC 2014 i686 i686 i686 GNU/Linux

kernel-tmb-desktop boots to a working desktop and applications work fine

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, nouveau driver

In VirtualBox, M4, KDE, 64-bit

Package(s) under test:
kernel-tmb-desktop

default install of kernel-tmb-desktop

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-desktop-1.mga4 #1 SMP PREEMPT Sun Feb 2 09:39:15 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-tmb-desktop boots to a working desktop and applications work fine

install kernel-tmb-desktop from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-tmb-desktop-1.mga4 #1 SMP PREEMPT Fri May 16 17:05:43 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-tmb-desktop boots to a working desktop and applications work fine

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, nouveau driver

In VirtualBox, M4, KDE, 32-bit

Package(s) under test:
kernel-tmb-server

default install of kernel-tmb-server

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-server-1.mga4 #1 SMP PREEMPT Sun Feb 2 09:47:24 UTC 2014 i686 i686 i686 GNU/Linux
crash on launch

install kernel-tmb-server from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-tmb-server-1.mga4 #1 SMP PREEMPT Fri May 16 16:42:58 UTC 2014 i686 i686 i686 GNU/Linux
crash on launch

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, nouveau driver

In VirtualBox, M4, KDE, 64-bit

Package(s) under test:
kernel-tmb-server

default install of kernel-tmb-server

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.9-tmb-server-1.mga4 #1 SMP Sun Feb 2 09:55:29 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-tmb-server boots to a working desktop and applications work fine

install kernel-tmb-server from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-tmb-server-1.mga4 #1 SMP Fri May 16 17:29:32 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-tmb-server boots to a working desktop and applications work fine

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, nouveau driver

Guest OS's within Hyper-V Host on Hyper-V Server 2012 R2, M4, xfce4, 64-bit

Packages under test:
kernel-tmb-desktop on x64
kernel-tmb-server on x64

All variants working: (Boot kernel-tmb-desktop and kernel-tmb-server to a working desktop and applications work)
davidremy@MGA4-64 (zsh) ~ % uname -a
Linux MGA4-64 3.12.20-tmb-desktop-1.mga4 #1 SMP PREEMPT Fri May 16 17:05:43 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

davidremy@MGA4-64 (zsh) ~ % lsmod | grep hv_
hv_netvcs                 22696  0
hv_balloon                17379  0
hv_utils                  14261  0
cn                        13393  1 hv_utils
hv_storvsc                21922  3
hv_vmbus                  30675  6 hv_balloon,hv_netvsc,hid_hyperv,hv_utils,
hyperv_fb,hv_storvsc


davidremy@MGA4-64 (zsh) ~ % uname -a
Linux MGA4-64 3.12.20-tmb-server-1.mga4 #1 SMP Fri May 16 17:29:32 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

davidremy@MGA4-64 (zsh) ~ % lsmod | grep hv_
hv_netvcs                 22696  0
hv_balloon                17378  0
hv_utils                  14261  0
cn                        13393  1 hv_utils
hv_storvsc                17785  3
hv_vmbus                  34771  6 hv_balloon,hv_netvsc,hid_hyperv,hv_utils,
hyperv_fb,hv_storvsc

I will complete x86 on HV later tonight, I hope, and will be starting x86 on hardware shortly.

davidremy@linux-lappy (zsh) ~
% uname -a
Linux localhost 3.12.20-tmb-desktop-1.mga4 #1 SMP PREEMPT Fri May 16 16:42:58 UTC 2014 i686 i686 i686 GNU/Linux

davidremy@linux-lappy (zsh) ~
% uname -a
Linux localhost 3.12.20-tmb-server-1.mga4 #1 SMP Fri May 16 17:09:15 UTC 2014 i686 i686 i686 GNU/Linux

Again, no broadcom working for "BCM4322 802.11a/b/g/n Wireless LAN Controller". Everything else is working with kde4, wired network and various desktop apps.

Sorry, previous post was done on the following hardware:

HP Compaq 6735b AMD notebook
SODIMM 2gb (1x2gb)
BCM4322 802.11a/b/g/n Wireless LAN Controller
Mageia 4 32-bit

> Reply to Comment 30.
> Testing 3.12.20 tmb-desktop MGA4, 64-bit real h/w.
> I am tempted to try the PoC
> http://bugzillafiles.novell.org/attachment.cgi?id=588769 [code]
Have just done so, and it reports
CVE-2014-0196 DOS PoC by DigitalCold
[+] New PTY - Master PID 8345, Slave PID 8346
[+] Starting bombing run...
................................................................................
etc
........................................
[-] No crash? Maybe you're not vulnerable...

Alas, trying the same thing with a 3.12.18 kernel (rt) gives the same 'good' result. Inconclusive for me. But if anyone still has a 3.18 kernel it is extremely quick to set up & run this test.

In response to my https://bugs.mageia.org/show_bug.cgi?id=13266#c33
I have attached the last 20 lines of the Vbox.log files from this test.
The file contains the lines from both the desktop ( successful ) and
server ( crash ). The difference is that the second to last line in
the log of the server launch reads:

00:00:07.326096 AIOMgr: Flush failed with VERR_INVALID_PARAMETER, disabling async flushes

Log files are in: /home/wilcal/Vbox_vpi/(Vbox client under test)/Logs

Created attachment 5168 [details]
Vbox crash on launch of server

Not sure if your problem is the same Bill but I set up mga4 VMs to look into this with you.

I discovered that with kernel-tmb-server on mga4 32 that it fails with an error which states it needs pae. The error is kind of bunched up so it's not altogether clear. Enabling PAE in vbox allowed it to boot OK.

BTW: You gave uname -a output in your comment but say it crashes on boot, how did you get the output if it crashed at boot?

(In reply to claire robinson from comment #41)

> BTW: You gave uname -a output in your comment but say it crashes on boot,
> how did you get the output if it crashed at boot?

Yep, my mistake for copying too much of the text I've put together here.
Sorry.

(In reply to claire robinson from comment #41)

> I discovered that with kernel-tmb-server on mga4 32 that it fails with an
> error which states it needs pae. The error is kind of bunched up so it's not
> altogether clear. Enabling PAE in vbox allowed it to boot OK.

Yep, setting the processor to Enable PAE allowed M4 32-bit kernel-tmb-server
in Vbox to boot to a working desktop cleanly works. And quickly running
through all the other kernels shows the change does not effect them.
I'd let tmb to ponder why this is so, but it's not a showstopper

I'd say this is a fine and this upgrade is good to go.

Thanks Bill. Can you confirm whether this is expected Thomas please.

yes, a PAE enabled kernel wont boot on a system without PAE support

thanks for spotting that...

On my Acer laptop, the new kernel-tmb-desktop works and boots fine - I tested KDE 4/KWin/HexChat/Samba/VLC (mp4,webm,ogm,mp3 sound+video), with desktop effects:

 I also have an Acer Aspire 5738DZG laptop with the following specs:

    Intel Pentium(R) Dual-Core CPU T4300 @ 2.10GHz. (x86-64).
    ATI Mobility Radeon⢠HD 4570 (r700)
    15.6" HD LCD Screen.
    3 GB Memory
    320 GB Hard Disk Drive.
    âDVD Super Multi DL driveâ
    Acer Nplify⢠802.11b/g/n.

Adding some OK's. This is ready to validate.

URL: (none) => mga4-32-ok mga4-64-ok

Oops, putting them in the right hole..

URL: mga4-32-ok mga4-64-ok => (none)
Whiteboard: has_procedure => has_procedure mga4-32-ok mga4-64-ok

Advisory amended. Validating.

Could sysadmin please push to 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: has_procedure mga4-32-ok mga4-64-ok => has_procedure advisory mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

(In reply to Bert Aerts from comment #20)
> I am using:
> kernel-tmb-desktop-3.12.18-1.mga4-1-1.mga4.x86_64.rpm
> kernel-tmb-desktop-devel-3.12.18-1.mga4-1-1.mga4.x86_64.rpm
> kernel-tmb-desktop-devel-latest-3.12.18-1.mga4.x86_64.rpm
> kernel-tmb-desktop-latest-3.12.18-1.mga4.x86_64.rpm
> 
> On a laptop with nVIDIA GeForce GT650M and driver 337.19 beta.
> dkms compilation was OK and proprietary driver works fine.
> 
> But VMware Workstation 10.0.2 modules were compiled and are a factor of 10
> smaller than the ones compiled on the default kernel-desktop-3.12.18 and
> VMware Workstation can not start a virtual machine due to "/dev/vmci not
> found".
> 
> With the default Mageia 4 kernel 3.12.18 VMware Workstation works fine.
> 
> How can I get correct file sizes for the 4 VMware modules in
> /lib/modules/<kernel>/misc ?

Same issue with kernel-tmb-desktop-3.12.20

Anyone an idea why VMware Workstation 10.0.2 modules like vmci are not correctly compiled (although built without errors)?

Could you please create a new bug for that Bert and Assign to Thomas. Thanks.

(In reply to claire robinson from comment #51)
> Could you please create a new bug for that Bert and Assign to Thomas. Thanks.

Bug 13432 - VMware Workstation 10.0.2 kernel modules compile ok but are not working with kernel-tmb-desktop-3.12.20

Update pushed:
http://advisories.mageia.org/MGASA-2014-0234.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED