tpe-lkm DoS condition fixed

I have committed a fix to the tpe-lkm project that fixes a DoS condition I previously noted.

It also introduces a new sysctl entry, log_max, as to prevent logs from getting filled up horizontally. I set the default to 50, seemed high enough without giving an attacker too much leverage on spewing junk into the log file should they get the chance, yet low enough to catch the full process tree of you basic exploit attempt.

Continue reading

Recursive function causes DoS in tpe-lkm

I’ve discovered my first denial-of-service bug in the linux kernel. I’m a bit teary eyed, not because the bug was in my own code, but it marks the first bug I’ve found in linux kernel code.

Not worth of a CVE or anything, because I still haven’t declared the code stable, and I don’t imagine many people use this thing just yet. But in the interest of full disclosure, here is information about the bug.

Continue reading

My own private protest

I’ve noticed that I have started to put on some weight (again). The last time my weight started to go up, I counted calories, and managed to get the weight down and stable for a little over a year. This time, however, I’m going to do something different about it.

In the spirit of the various “Occupy” protests lately, I’ve decided to start my own private protest:

Occupy Kitchen

Continue reading

A nagios snmp plugin that obeys snmp.conf

So there is a currently unresolved issue with the check_snmp nagios plugin where it doesn’t use the snmp.conf file. I use v3 of the protocol, and don’t want to have to put the big long string everywhere in the nagios configuration file:

define command{
  command_name check_snmp_cpu
  command_line $USER1$/check_snmp -H $HOSTADDRESS$ -w 2 -c 4 -u "cpu" -P 3 -L authPriv -a MD5 -U snmpmonitor -A "have a look at what I have to offer" -x des -X "have a look at what I have to offer" -o .1.3.6.1.4.1.2021.11.10.0
}

Continue reading

How to use the Ksplice raw utilities

Disclaimer: I have no affiliation with ksplice, I’m just a guy who knows something about hot-patching the linux kernel and figured out how this ksplice thing works. I strongly agree with the sentiment that the ksplice raw utilities is not for general use. In fact, Ksplice says in the distribution of these tools:

Without the appropriate expertise and safety infrastructure, the raw utilities can create subtly incorrect rebootless updates, which can have serious consequences.

Continue reading

Ksplice currently violates the GPL

I have lots of respect for Ksplice, Inc, and hold nothing personal against any of the people that work there. Their software is spectacularly awesome. The following is simply my opinion on a matter of principle, and respectfully state the facts as I see them.

I contacted Ksplice a few months ago and they basically told me that they will no longer be updating their git repository, yet be releasing updates in binary-form only. I had to ask myself; is Ksplice, Inc in violation of the GPL?

Continue reading