[Nouveau] [Bug 73473] Potential crash bug in src/gallium/auxiliary/rtasm/rtasm_execmem.c

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Fri Jan 17 11:21:04 PST 2014


https://bugs.freedesktop.org/show_bug.cgi?id=73473

--- Comment #8 from Amadeusz <amade at asmblr.net> ---
Created attachment 92300
  --> https://bugs.freedesktop.org/attachment.cgi?id=92300&action=edit
patch adding check for PaX mprotect

As I said on #gentoo-hardened channel, I wouldn't like to see the SELinux part
of this patch to be merged. Provided SELinux check effectively requires
allowing all applications to be allowed access to write|exec memory regardless
of if it is needed or not.

I tested patch without the SELinux part and it worked fine on my PaX & SELinux
enabled system. Starting glxgears didn't bring down whole X server as was the
case before applying patch ;) .


If one wants to avoid "grsec: denied RWX mmap" messages probably something
along the lines of patch I attached (based on checks from the SELinux one and
http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/libffi/files/libffi-3.0.13-emutramp_pax_proc.patch?revision=1.2&view=markup)
would be needed.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/nouveau/attachments/20140117/42f6b0af/attachment.html>


More information about the Nouveau mailing list