On an unpatched 2.6.23, I got this:
Feb 11 20:56:52 holly kernel: ptpatch2008: init, (c) 2008 <email address hidden> Feb 11 20:56:52 holly kernel: ptpatch2008: syscalls c0622540 Feb 11 20:56:52 holly kernel: ptpatch2008: syscall table might be readonly Feb 11 20:56:52 holly kernel: hooked sys_vmsplice
I ran a quick test of the exploit code, which failed with a "[-] wtf" error, then a few seconds later the message log filled up with this:
Feb 11 20:57:54 holly kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 Feb 11 20:57:54 holly kernel: ata1.00: cmd b0/da:00:00:4f:c2/00:00:00:00:00/00 tag 0 cdb 0x0 data 0 Feb 11 20:57:54 holly kernel: res 51/04:00:00:4f:c2/00:00:00:00:00/00 Emask 0x1 (device error) Feb 11 20:57:54 holly kernel: ata1.00: Host Protected Area detected: Feb 11 20:57:54 holly kernel: current size: 321670847 sectors Feb 11 20:57:54 holly kernel: native size: 321672960 sectors Feb 11 20:57:54 holly kernel: ata1.00: Host Protected Area detected: Feb 11 20:57:54 holly kernel: current size: 321670847 sectors Feb 11 20:57:54 holly kernel: native size: 321672960 sectors Feb 11 20:57:54 holly kernel: ata1.00: configured for UDMA/133 Feb 11 20:57:54 holly kernel: ata1: EH complete Feb 11 20:57:54 holly kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 Feb 11 20:57:54 holly kernel: ata1.00: cmd b0/da:00:00:4f:c2/00:00:00:00:00/00 t ag 0 cdb 0x0 data 0 Feb 11 21:02:08 holly kernel: res 51/04:00:00:4f:c2/00:00:00:00:00/00 E mask 0x1 (device error) Feb 11 21:02:08 holly kernel: ata1.00: Host Protected Area detected: Feb 11 21:02:08 holly kernel: current size: 321670847 sectors Feb 11 21:02:08 holly kernel: native size: 321672960 sectors Feb 11 21:02:08 holly kernel: ata1.00: Host Protected Area detected: Feb 11 21:02:08 holly kernel: current size: 321670847 sectors Feb 11 21:02:08 holly kernel: native size: 321672960 sectors Feb 11 21:02:08 holly kernel: ata1.00: configured for UDMA/133 Feb 11 21:02:08 holly kernel: ata1: EH complete Feb 11 21:02:08 holly kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 act ion 0x0 Feb 11 21:02:08 holly kernel: ata1.00: cmd b0/da:00:00:4f:c2/00:00:00:00:00/00 t ag 0 cdb 0x0 data 0 Feb 11 21:02:08 holly kernel: res 51/04:00:00:4f:c2/00:00:00:00:00/00 E mask 0x1 (device error) Feb 11 21:02:08 holly smartd[4692]: smartd version 5.36 [i686-redhat-linux-gnu] Copyright (C) 2002-6 Bruce Allen Feb 11 21:02:08 holly kernel: ata1.00: Host Protected Area detected: Feb 11 21:02:08 holly smartd[4692]: Home page is http://smartmontools.sourceforg e.net/ Feb 11 21:02:08 holly kernel: current size: 321670847 sectors
And the machine promptly panicked.
On an unpatched 2.6.23, I got this:
Feb 11 20:56:52 holly kernel: ptpatch2008: init, (c) 2008 <email address hidden>
Feb 11 20:56:52 holly kernel: ptpatch2008: syscalls c0622540
Feb 11 20:56:52 holly kernel: ptpatch2008: syscall table might be readonly
Feb 11 20:56:52 holly kernel: hooked sys_vmsplice
I ran a quick test of the exploit code, which failed with a "[-] wtf" error,
then a few seconds later the message log filled up with this:
Feb 11 20:57:54 holly kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 00:4f:c2/ 00:00:00: 00:00/00 00:4f:c2/ 00:00:00: 00:00/00 00:4f:c2/ 00:00:00: 00:00/00 t 00:4f:c2/ 00:00:00: 00:00/00 E 00:4f:c2/ 00:00:00: 00:00/00 t 00:4f:c2/ 00:00:00: 00:00/00 E linux-gnu] smartmontools. sourceforg
action 0x0
Feb 11 20:57:54 holly kernel: ata1.00: cmd b0/da:00:
tag 0 cdb 0x0 data 0
Feb 11 20:57:54 holly kernel: res 51/04:00:
Emask 0x1 (device error)
Feb 11 20:57:54 holly kernel: ata1.00: Host Protected Area detected:
Feb 11 20:57:54 holly kernel: current size: 321670847 sectors
Feb 11 20:57:54 holly kernel: native size: 321672960 sectors
Feb 11 20:57:54 holly kernel: ata1.00: Host Protected Area detected:
Feb 11 20:57:54 holly kernel: current size: 321670847 sectors
Feb 11 20:57:54 holly kernel: native size: 321672960 sectors
Feb 11 20:57:54 holly kernel: ata1.00: configured for UDMA/133
Feb 11 20:57:54 holly kernel: ata1: EH complete
Feb 11 20:57:54 holly kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0
action 0x0
Feb 11 20:57:54 holly kernel: ata1.00: cmd b0/da:00:
ag 0 cdb 0x0 data 0
Feb 11 21:02:08 holly kernel: res 51/04:00:
mask 0x1 (device error)
Feb 11 21:02:08 holly kernel: ata1.00: Host Protected Area detected:
Feb 11 21:02:08 holly kernel: current size: 321670847 sectors
Feb 11 21:02:08 holly kernel: native size: 321672960 sectors
Feb 11 21:02:08 holly kernel: ata1.00: Host Protected Area detected:
Feb 11 21:02:08 holly kernel: current size: 321670847 sectors
Feb 11 21:02:08 holly kernel: native size: 321672960 sectors
Feb 11 21:02:08 holly kernel: ata1.00: configured for UDMA/133
Feb 11 21:02:08 holly kernel: ata1: EH complete
Feb 11 21:02:08 holly kernel: ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 act
ion 0x0
Feb 11 21:02:08 holly kernel: ata1.00: cmd b0/da:00:
ag 0 cdb 0x0 data 0
Feb 11 21:02:08 holly kernel: res 51/04:00:
mask 0x1 (device error)
Feb 11 21:02:08 holly smartd[4692]: smartd version 5.36 [i686-redhat-
Copyright (C) 2002-6 Bruce Allen
Feb 11 21:02:08 holly kernel: ata1.00: Host Protected Area detected:
Feb 11 21:02:08 holly smartd[4692]: Home page is http://
e.net/
Feb 11 21:02:08 holly kernel: current size: 321670847 sectors
And the machine promptly panicked.