[Bug 1905728] Re: Found insecure W+X mapping at address on Groovy RISCV
** Also affects: linux-riscv (Ubuntu) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: linux-riscv (Ubuntu Groovy) Importance: Undecided Status: New ** Changed in: linux-riscv (Ubuntu Groovy) Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo) ** Changed in: linux-riscv (Ubuntu Groovy) Importance: Undecided => Medium ** Changed in: linux-riscv (Ubuntu Groovy) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1905728 Title: Found insecure W+X mapping at address on Groovy RISCV To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905728/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1905728] Re: Found insecure W+X mapping at address on Groovy RISCV
This is not a regression and has been this way since the dawn of 5.8 riscv, as we have CONFIG_STRICT_KERNEL_RWX set. When investigating, I see many fixes that involve the linker script, so I assume this is due to some sections, like init sections carrying both text and data, which could cause this. I tried picking a lot of commits, and needed to either do extensive backports or carry a lot of commits, and still without success, hitting a linker problem that would require carrying even more fixes. So, contrary to what has been said about 5.8 bringing up STRICT_KERNEL_RWX to riscv, this is really not ready for prime time, and should be left for future versions. TL;DR: We should just disable CONFIG_STRICT_KERNEL_RWX on linux-riscv 5.8. Cascardo. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1905728 Title: Found insecure W+X mapping at address on Groovy RISCV To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905728/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1905728] Re: Found insecure W+X mapping at address on Groovy RISCV
** Attachment added: "dmesg-5.8.0-17-generic" https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905728/+attachment/5464855/+files/dmesg -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1905728 Title: Found insecure W+X mapping at address on Groovy RISCV To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905728/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1905728] Re: Found insecure W+X mapping at address on Groovy RISCV
Still seeing this with the 5.8.0-17-generic riscv kernel on groovy. See attached dmesg. ** Changed in: linux (Ubuntu) Status: Expired => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1905728 Title: Found insecure W+X mapping at address on Groovy RISCV To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905728/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1905728] Re: Found insecure W+X mapping at address on Groovy RISCV
[Expired for linux (Ubuntu) because there has been no activity for 60 days.] ** Changed in: linux (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1905728 Title: Found insecure W+X mapping at address on Groovy RISCV To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905728/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1905728] Re: Found insecure W+X mapping at address on Groovy RISCV
** Attachment added: "riscv-groovy-dmesg.log" https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905728/+attachment/5438245/+files/riscv-groovy-dmesg.log -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1905728 Title: Found insecure W+X mapping at address on Groovy RISCV To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905728/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs