ProLiant Servers (ML,DL,SL)
cancel
Showing results for 
Search instead for 
Did you mean: 

Security issue: cpqhealth in non-module kernels doesn't work

M.Goebl
Occasional Visitor

Security issue: cpqhealth in non-module kernels doesn't work

We integrated cpqasm and cpqevt (from hpasm-6.40.0-16.Redhat8_0.i386.rpm) into our
self-compiled linux-2.4.22 kernel image (to linux/drivers/cpqhealth).
In my attachment, you can see the patches we did.
After booting we can access /proc/cpqfan but we get only a header.
The module-version of cpqhealth give the status of all fans.
In the attachment there are our dmesg-boot-messages as well.

At our site we a running our linux servers without module-support.
Modules are the number-one rootkit hooks. We even protect our /dev/kmem etc
with the grsecurity.net-patch.

Because we don't want to lower out security level, we would have to stop our
migration process from our netservers to proliants..!

In order to succeed, we need a casm/cevt that works in 2.4.22 kernel images.

Sincerely,
Matthias