Summary: | media-libs/mesa-8.0.3: segfault in nouveau_dri (?) due to RWX mmap | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Maxim Kammerer <mk> |
Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | dschridde+gentoobugs, nikoli, x11 |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugs.freedesktop.org/show_bug.cgi?id=73473 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
glxgears strace
http://cgit.freedesktop.org/mesa/mesa/patch/?id=4dd445f1cf80292f10eda53665cefc2a674d838d |
Description
Maxim Kammerer
2012-08-24 05:19:05 UTC
Created attachment 322062 [details]
glxgears strace
Created attachment 372412 [details, diff] http://cgit.freedesktop.org/mesa/mesa/patch/?id=4dd445f1cf80292f10eda53665cefc2a674d838d media-libs/mesa-9.2.5-r1 still has this bug, so i asked upstream in #nouveau@freenode: [18:03:08] <xexaxo> iirc there was a case where gallium/tasm did not check the return value of mmap although that one should affect every gallium user [18:03:58] <xexaxo> fwiw the commit that fixes that is 4dd445f1cf, although... [18:04:38] <Nikoli> xexaxo, which mesa release is it? [18:05:00] <Nikoli> or is this commit only in git master? [18:05:49] <xexaxo> should have landed in 10.1 and I've CC'd stable (9.1, 9.2 10.0) although I'm guessing that only 10.0 may have it [18:07:04] <xexaxo> present in 10.0.3 and 10.1+ [18:10:24] <Nikoli> xexaxo, will this patch work with 9.2.5? http://cgit.freedesktop.org/mesa/mesa/patch/?id=4dd445f1cf80292f10eda53665cefc2a674d838d [18:10:32] <Nikoli> or it needs editing? [18:14:45] <xexaxo> Nikoli: cannot see why it would fail. tasm has not been touched (with a few 10+ commits aside) for 2+ years [18:15:01] <xexaxo> *gallium/tasm [18:15:35] <xexaxo> if it does not the conflicts should be trivial Attached patch is from http://cgit.freedesktop.org/mesa/mesa/patch/?id=4dd445f1cf80292f10eda53665cefc2a674d838d , mesa builds and works fine with it :) I tested in 3 hardened systems: all of them work fine with this patch and do not need pax marking anymore. Please commit this patch as mesa-9.2.5-r2.ebuild P.S. I tested these apps: KDE session, mpv -vo opengl, glxgears, stellarium, celestia, gltron, ksudoku. Is this bug fixed already? You can use revdep-pax to find and mark programs depending on it, other than that there is little else we can do. (In reply to Francisco Blas Izquierdo Riera from comment #5) > You can use revdep-pax to find and mark programs depending on it, other than > that there is little else we can do. I was asking, because the upstream bug [1] is marked RESOLVED/FIXED and <media-libs/mesa-9.1 is p-masked. Nikoli has a fix for 9.2.5 (can it be backported to reach the oldest stable, 9.1.6, too?) - what is wrong with that patch? [1]: https://bugs.freedesktop.org/show_bug.cgi?id=73473 (In reply to Dennis Schridde from comment #6) > (In reply to Francisco Blas Izquierdo Riera from comment #5) > > You can use revdep-pax to find and mark programs depending on it, other than > > that there is little else we can do. > > I was asking, because the upstream bug [1] is marked RESOLVED/FIXED and > <media-libs/mesa-9.1 is p-masked. > > Nikoli has a fix for 9.2.5 (can it be backported to reach the oldest stable, > 9.1.6, too?) - what is wrong with that patch? > > [1]: https://bugs.freedesktop.org/show_bug.cgi?id=73473 We have two possibilities: 1) the RWX mapping was fixed in nouveau_dri.so in which case this bug is done. 2) the RWX mapping is not fixed, in which case you get the seg fault. The only thing we can do then is to use revdep-pax (from the sys-app/elfix package) to find all the consumers of nouveau_dri.so and mark them. In either case, we have a working solution to this problem. It sounds like you want a mask removed? Where is this mask? (In reply to Anthony Basile from comment #7) > It sounds like you want a mask removed? Where is this mask? I do not want any mask removed. I was just mentioning that the version this was originally reported against is already masked for security vulnerabilities. Yes, this is fixed upstream: no pax marking is required now when using nouveau drivers. Mesa releases 10.0.4, 10.2.8 are marked stable and include commit 4dd445f1cf80292f10eda53665cefc2a674d838d (In reply to Nikoli from comment #9) > Yes, this is fixed upstream: no pax marking is required now when using > nouveau drivers. Mesa releases 10.0.4, 10.2.8 are marked stable and include > commit 4dd445f1cf80292f10eda53665cefc2a674d838d Thanks. |