Date: Sun, 09 Nov 1997 15:34:27 -0800 From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca> To: freebsd-security@freebsd.org Cc: security-officer@freebsd.org Subject: [linux-security] Perl script to locate F0 0F C7 C8 bombs Message-ID: <199711092335.PAA18013@cwsys.cwsent.com>
index | next in thread | raw e-mail
Here's a little Perl script that may make postmortums a little easier.
There's one error in it. The line containing
if($data =~ /\xf0\x0f\xc7\xc8/) {
should be replaced with
if($data =~ /\xf0\x0f\xc7[\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf]/) {
as any LOCK CMPXCHG8B opcode with a direct register reference (invalid as cou
cannot compare and swap a 64 bit value with a 32 bit value) will cause the P5
chip hangs, e.g. LOCK CMPXCHG8B %EAX or LOCK CMPXCHG8B %EDX.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
UNIX Support OV/VM: BCSC02(CSCHUBER)
ITSD BITNET: CSCHUBER@BCSC02.BITNET
Government of BC Internet: cschuber@uumail.gov.bc.ca
Cy.Schubert@gems8.gov.bc.ca
"Quit spooling around, JES do it."
------- Forwarded Message
Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.8.8/8.6.10) id
OAA22578 for <cy@passer.osg.gov.bc.ca>; Sun, 9 Nov 1997 14:59:21 -0800 (PST)
X-UIDL: 879117126.003
Resent-Message-Id: <199711092259.OAA22578@passer.osg.gov.bc.ca>
Received: from localhost(127.0.0.1), claiming to be "passer.osg.gov.bc.ca"
via SMTP by localhost, id smtpdaawBqa; Sun Nov 9 14:59:11 1997
Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.8.8/8.6.10) id
OAA23054 for <cschuber@passer.osg.gov.bc.ca>; Sun, 9 Nov 1997 14:58:51 -0800
(PST)
Received: from orca.gov.bc.ca(142.32.102.25)
via SMTP by passer.osg.gov.bc.ca, id smtpdaawBga; Sun Nov 9 14:58:32 1997
Received: from mail2.redhat.com by orca.gov.bc.ca (5.4R3.10/200.1.1.4)
id AA16352; Sun, 9 Nov 1997 14:58:31 -0800
Received: (qmail 10538 invoked by uid 501); 9 Nov 1997 22:58:29 -0000
Prev-Resent-Date: 9 Nov 1997 22:58:29 -0000
Prev-Resent-Cc: recipient.list.not.shown.;@uumail.gov.bc.ca
Mbox-Line: From linux-security-request@redhat.com Sun Nov 9 17:58:28 1997
X-Pop3-Rcpt: t757607@helium
Date: Fri, 7 Nov 1997 13:03:23 -0800 (PST)
From: Sam Trenholme <set@reality.samiam.org>
To: linux-security@redhat.com
Message-Id: <Pine.LNX.3.95.971107125739.4153A-100000@reality.samiam.org>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Prev-Resent-Message-Id: <"uM3Km3.0.Ka2.K0aPq"@mail2.redhat.com>
Prev-Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
X-Mailing-List: <linux-security@redhat.com> archive/latest/341
X-Loop: linux-security@redhat.com
Precedence: list
Prev-Resent-Sender: linux-security-request@redhat.com
Subject: [linux-security] Perl script to locate F0 0F C7 C8 bombs
Resent-To: cy@passer.osg.gov.bc.ca
Resent-Date: Sun, 09 Nov 1997 14:59:10 -0800
Resent-From: Cy Schubert - ITSD Open Systems Group
<cschuber@passer.osg.gov.bc.ca>
There is no known fix to the F0 0F C7 C8 bug at this time. What can be
done, however, is run a program, such as the script after my signature, to
locate any and all such programs. This script can be used in single
user mode after a mysterious lockup on a multiuser Pentium system.
I hope it is possible to come up with a software fix for this problem.
- - Sam
"You can...turn sadness into laughter" -- Sunscreem, _Love_U_More_
#!/usr/bin/perl
# There is no known software fix to the F0 0F C7 C8 bug at this time
# usage: finddeath dir
# where dir is the directory you recursively look at all programs in
# for instances of the F0 0F C7 C8 sequence
# This script will search for programs with this sequence, which will
# help sysadmins take appropriate action against those running such
# programs
# This script is written (but has not been tested) in Perl4, to
# insure maximum compatibility
sub findit {
local($dir,$file,@files,$data) = @_;
undef $/;
if(!opendir(DIR,$dir)) {
print STDERR "Can not open $dir: $!\n";
return 0;
}
@files=readdir(DIR);
foreach $file (@files) {
if($file ne '.' && $file ne '..') {
if( -f "$dir/$file" && open(FILE,"< $dir/$file")) {
$data=<FILE>;
if($data =~ /\xf0\x0f\xc7\xc8/) {
print "$dir/$file contains F0 0F C7 C8\n";
}
} elsif( -d "$dir/$file") {
&findit("$dir/$file");
}
}
}
}
$dir = shift || '/home';
&findit($dir);
- --
- ----------------------------------------------------------------------
Please refere to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
- ----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null
------- End of Forwarded Message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199711092335.PAA18013>