Hi It seems x11-misc/googleearth-4_beta will be terminated by PAX unless the pax header for /opt/googleearth/googleearth-bin is set not restrict mprotect(): 1.) out-of-the-box: PAX: execution attempt in: /usr/lib/opengl/nvidia/lib/libGLcore.so.1.0.8774, 4c09f000-4c0cf000 0078f000 PAX: terminating task: /opt/googleearth/googleearth-bin(googleearth-bin):20613, uid/euid: 1000/1000, PC: 4c0c8748, SP: 5877596c PAX: bytes at PC: 65 a1 c8 ff ff ff ff a0 08 04 00 00 cc cc cc cc cc cc cc cc PAX: bytes at SP-4: 00000000 4bc5930f 00000000 00000000 00000284 00000229 08285ad8 082cc210 45fd1000 082cb5d8 082cb5d8 00005085 4b90b6d0 03a00453 4c1355f2 08211398 0805fab8 587759c0 4bd87540 0825b450 082aa948 chpax -v googleearth-bin ----[ chpax 0.7 : Current flags for googleearth-bin (peMRxS) ]---- * Paging based PAGE_EXEC : disabled * Trampolines : not emulated * mprotect() : restricted * mmap() base : randomized * ET_EXEC base : not randomized * Segmentation based PAGE_EXEC : enabled 2.) fixing: chpax -m googleearth-bin and it starts fine... -> consider adding an entry to /etc/conf.d/chpax MPROTECT_EXEMPT thanks.
*** Bug 147209 has been marked as a duplicate of this bug. ***
*** Bug 147208 has been marked as a duplicate of this bug. ***
The problem is you are using the 3rd party nvidia drivers. You will notice everything that links with that libGLcore.so will suffer from the same problem. We have this pkg p.mask in the hardened profiles. Also note that we wont be adding anymore entries to the chpax conf file. chpax is now obsolete in favor of paxctl-0.4 (which can inject PT_PAX_FLAGS)
I see... Thanks!
