ubuntu-x-swat team mailing list archive

[Stefan Bader <stefan.bader@xxxxxxxxxxxxx>]

Some comment to the problem and info from discussing this on irc (I have
not read through all comments, so sorry if some facts are duplicated).
The problem we are facing is the fact that for resolving the security
issue, upstream patches changed compat_alloc_user_space from being an
inlined function, that gets defined in asm/compat.h, into a real
function defined in kernel/compat.c and declared in linux/compat.h. Even
worse the function is exported GPL only (EXPORT_SYMBOL_GPL).

This is no issue for code that is GPL, but fglrx has no part that is GPL. Even when we change the export to be EXPORT_SYMBOL, there still seems to be the problem that linux/compat.h cannot be included from a non-gpl module.
And as this change did not change things for GPL code, there was no ABI bump required which could be used to decide whether the old code is in use or the new one.

It seems there is one potential solution to this: as
compat_alloc_user_space was an inline before it would not show up in
/proc/kallsyms. So the makefile for fglrx can look there do decide
whether is needs to adapt. In the new code the former
compat_alloc_user_space can now be accessed through
arch_compat_alloc_user_space. But to benefit from the security fix, the
checking from that update should also be added.

** Patch added: "Proposed work-around"
   https://bugs.launchpad.net/ubuntu/+source/fglrx-installer/+bug/642518/+attachment/1613498/+files/gpl-workaround.diff

-- 
[MASTER] package fglrx 2:8.723.1-0ubuntu4 failed to install/upgrade: Kernel fix for CVE-2010-3081 breaks fglrx
https://bugs.launchpad.net/bugs/642518
You received this bug notification because you are a member of Ubuntu-X,
which is subscribed to fglrx-installer in ubuntu.