Date: Thu, 22 Nov 2012 18:40:41 -0600 From: Bryan Drewery <bryan-lists@shatow.net> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-12:08.linux Message-ID: <50AEC609.2040102@shatow.net> In-Reply-To: <50AEC391.9020105@shatow.net> References: <201211230002.qAN023hw018318@freefall.freebsd.org> <50AEC391.9020105@shatow.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/22/2012 6:30 PM, Bryan Drewery wrote: > On 11/22/2012 6:02 PM, FreeBSD Security Advisories wrote: >> IV. Workaround >> >> No workaround is available, but systems not using the Linux binary >> compatibility layer are not vulnerable. >> >> The following command can be used to test if the Linux binary >> compatibility layer is loaded: >> >> # kldstat -m linuxelf > > Is it sufficient to kldunload linux? > > Bryan Assuming it is enough to unload[/recompile/reload], here's a tip if it refuses to unload (in use), assuming no securelevel: > # kldunload linux > kldunload: can't unload file: Device busy > # procstat -ka|grep linux > 40338 100221 bot - mi_switch sleepq_switch sleepq_catch_signals sleepq_timedwait_sig _cv_timedwait_sig kern_select linux_select syscall Xint0x80_syscall > # kill 40338 > # kldunload linux > # kldstat -m linuxelf > kldstat: can't find module linuxelf: No such file or directory -- Regards, Bryan Drewery bdrewery@freenode/EFNet
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50AEC609.2040102>