← Back to team overview

ubuntu-x-swat team mailing list archive

Re: [Bug 642518] Re: [MASTER] package fglrx 2:8.723.1-0ubuntu4 failed to install/upgrade: Kernel fix for CVE-2010-3081 breaks fglrx

 

I have recompiled fglrx 8.723.1 using instructions from Stefan Brozinski (
http://www.mail-archive.com/ubuntu-bugs@xxxxxxxxxxxxxxxx/msg2514536.html ),
but for above version. During rebooting Ububtu 10.04 told me that it wants
to download in low resolution mode. Then I choose X-server restart and after
complete downloading
ATI driver works OK. In hadrware drivers section I seen that proprietar
ATI/AMD driver FGLRX is activated.
Only Mplayer was not working in full screen mode (I fixed it by choosing X11
in options), and also I can't to activate visual effects in GNOME.

But every time during rebooting Ubuntu wants to download in low resolution
mode, and then I must choose X-server restart during download. Is it
necessary to run "Xorg -configure"?

2010/9/23 QIII <642518@xxxxxxxxxxxxxxxxxx>

> Fortunately, I keep my ear to the ground and was aware of this problem
> before I updated.  I would have been able to dig myself out of it, but
> it would certainly have raised by blood pressure.
>
> Since the fix was made available in -updates, this worked for me:
>
> Completely uninstall Catalyst 10.9.
>
> Reinstall Catalyst 10.4 from the repo.
>
> Perform updates.
>
> Restart.
>
> I am not going to move forward with installing the later Catalyst
> versions at this point.
>
> But I must say something, and I hope the developers and MOTUs will take
> this as constructive criticism.  I understand that you all work very
> hard, and I appreciate that.  I admire you.
>
> Lucid is an LTS.  People expect it to be stable.  They do not expect
> that some strange-sounding thing like compat_alloc_user_space, which
> they don't know from a hole in the ground, should change suddenly,
> causing them to have difficulty with their video driver.
> Understandably, this is difficult with driver versions later than the
> ones in the repos, but changes should work at least with what is in the
> repos.  The driver affected, per the original bug report, is the one
> that is in the Lucid repo.  CVE-2010-3081 is a critical bug fix that
> plugs a hole that can allow a nefarious outside user to root an
> exploited machine.  The likelihood that someone's personal machine would
> be attacked is small, but it is real.  This whole thing would have gone
> right past a headless server without notice.
>
> A critical update to the kernel was needed and provided.  Unwitting
> users, perhaps with little tech know-how, diligently updated their
> machines and broke their ATI drivers because there was a change in other
> files that kept the driver from being compiled against the kernel
> correctly.  They were left with machines that would not operate as
> expected. They were first offered a patch, which many might not have
> understood how to apply. Finally some 24 - 36 hours later, they were
> given an update that works with the driver in the repo.  Their ability
> to use it depends somewhat on whether they are able to get themselves
> out of whatever mire they may have gotten themselves into in the
> meantime.
>
> Sorry, guys, but this smells very strongly of failure coordinate effort
> and conduct appropriate testing.
>
> I've been doing the computer gig for 35 years.  This is just not the
> sort of thing I find acceptable.
>
> --
> [MASTER] package fglrx 2:8.723.1-0ubuntu4 failed to install/upgrade: Kernel
> fix for CVE-2010-3081 breaks fglrx
> https://bugs.launchpad.net/bugs/642518
> You received this bug notification because you are a direct subscriber
> of a duplicate bug (642139).
>
> Status in “fglrx-installer” package in Ubuntu: Triaged
> Status in “linux-restricted-modules-2.6.24” package in Ubuntu: Invalid
> Status in “linux-restricted-modules-envy-2.6.24” package in Ubuntu: Invalid
> Status in “fglrx-installer” source package in Lucid: Fix Released
> Status in “linux-restricted-modules-2.6.24” source package in Lucid:
> Invalid
> Status in “linux-restricted-modules-envy-2.6.24” source package in Lucid:
> Invalid
> Status in “fglrx-installer” source package in Hardy: Invalid
> Status in “linux-restricted-modules-2.6.24” source package in Hardy: Fix
> Committed
> Status in “linux-restricted-modules-envy-2.6.24” source package in Hardy:
> Fix Committed
> Status in “fglrx-installer” source package in Jaunty: Fix Committed
> Status in “linux-restricted-modules-2.6.24” source package in Jaunty:
> Invalid
> Status in “linux-restricted-modules-envy-2.6.24” source package in Jaunty:
> Invalid
> Status in “fglrx-installer” source package in Karmic: Fix Committed
> Status in “linux-restricted-modules-2.6.24” source package in Karmic:
> Invalid
> Status in “linux-restricted-modules-envy-2.6.24” source package in Karmic:
> Invalid
>
> Bug description:
> SRU Justification:
>
> Impact: Due to kernel changes for CVE-2010-3081 a function that was an
> inline before has changed to a GPL only function. The fglrx driver cannot
> link against this and fails to compile. In fglrx only the old inlines (which
> have been renamed) may be used but those would lack the additional checks.
>
> Fix: Add code to detect whether the fglrx driver is compiled against a
> kernel which has this change and use the old inlines in this case. Add the
> additional checks from the CVE to the driver wrapper, so the hardening is
> done in any case.
>
> Testcase: Compile of 64bit fglrx driver fails with an error without this
> change.
>
> ---
>
> will not compile for this version of the linux kernal
>
> ProblemType: Package
> DistroRelease: Ubuntu 10.04
> Package: fglrx 2:8.723.1-0ubuntu4
> ProcVersionSignature: Ubuntu 2.6.32-24.43-generic 2.6.32.15+drm33.5
> Uname: Linux 2.6.32-24-generic x86_64
> NonfreeKernelModules: wl
> Architecture: amd64
> Date: Sat Sep 18 23:31:16 2010
> DkmsStatus:
>  fglrx, 8.723.1: added
>  bcmwl, 5.60.48.36+bdcom, 2.6.32-24-generic, x86_64: installed
>  vboxnetflt, 3.2.8, 2.6.32-24-generic, x86_64: installed
>  vboxnetadp, 3.2.8, 2.6.32-24-generic, x86_64: installed
>  vboxdrv, 3.2.8, 2.6.32-24-generic, x86_64: installed
> ErrorMessage: fglrx kernel module failed to build
> InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100429)
> MachineType: Dell Inc. Studio 1558
> PackageVersion: 2:8.723.1-0ubuntu4
> ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.32-24-generic
> root=UUID=b11bf21b-cde8-40dd-968b-af47e2d36186 ro quiet splash
> SourcePackage: fglrx-installer
> Title: package fglrx 2:8.723.1-0ubuntu4 failed to install/upgrade: fglrx
> kernel module failed to build
> dmi.bios.date: 01/08/2010
> dmi.bios.vendor: Dell Inc.
> dmi.bios.version: A03
> dmi.board.name: 0NJWJR
> dmi.board.vendor: Dell Inc.
> dmi.board.version: A03
> dmi.chassis.type: 8
> dmi.chassis.vendor: Dell Inc.
> dmi.chassis.version: A03
> dmi.modalias:
> dmi:bvnDellInc.:bvrA03:bd01/08/2010:svnDellInc.:pnStudio1558:pvrA03:rvnDellInc.:rn0NJWJR:rvrA03:cvnDellInc.:ct8:cvrA03:
> dmi.product.name: Studio 1558
> dmi.product.version: A03
> dmi.sys.vendor: Dell Inc.
> system:
>  distro:             Ubuntu
>  codename:           lucid
>  architecture:       x86_64
>  kernel:             2.6.32-24-generic
>
>
>
> To unsubscribe from this bug, go to:
>
> https://bugs.launchpad.net/ubuntu/+source/fglrx-installer/+bug/642518/+subscribe
>

-- 
[MASTER] package fglrx 2:8.723.1-0ubuntu4 failed to install/upgrade: Kernel fix for CVE-2010-3081 breaks fglrx
https://bugs.launchpad.net/bugs/642518
You received this bug notification because you are a member of Ubuntu-X,
which is subscribed to linux-restricted-modules-2.6.24 in ubuntu.



References