kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #166714
[Bug 1518483] Re: problem with PIE binaries and kernels <= 3.19
Since it's not guaranteed that we'll ever get buildds booted into
kernels with the fix above, I'm proposing to disable -pie for bash. For
xenial, this will have no affect except for on s390x, as on all other
arches, pie is not the default anyway.
** Also affects: bash (Ubuntu)
Importance: Undecided
Status: New
** Changed in: bash (Ubuntu Vivid)
Status: New => Invalid
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1518483
Title:
problem with PIE binaries and kernels <= 3.19
Status in bash package in Ubuntu:
New
Status in linux package in Ubuntu:
Fix Released
Status in bash source package in Vivid:
Invalid
Status in linux source package in Vivid:
Fix Released
Bug description:
When bash is built as a Position Independent Executable (PIE), it very
sporadically crashes due to some issue with memory layout in kernels
before 4.2. I'm currently testing enabling PIE by default in gcc on
amd64 for xenial, and some of my builds (e.g. cpio) are failing in the
buildds with the following message emitted:
bash: xmalloc: .././locale.c:81: cannot allocate 2 bytes (0 bytes
allocated)
when the bash that is used is built as PIE. I have seen these failures
on buildds where the host is running 3.13 and 3.19. I am also able to
reproduce this locally on a machine running trusty with the stock
trusty kernel. However, when I boot that same machine with the linux-
lts-wily (4.2) kernel and retry the build with everything else exactly
the same, the failure disappears.
I discussed this a bit with Kees Cook, and he noted that some cleanups
to the kernel's ASLR code happened in 4.1. Specifically, he noted:
commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86
Author: Michael Davidson <md@xxxxxxxxxx>
fs/binfmt_elf.c: fix bug in loading of PIE binaries
However, that landed in stable and has been picked up in our kernels as 668965be56ea0b2c45ed6bec84dc2088490ae6b1, landing in Ubuntu-3.13.0-56.93 and b51621abbcb4694b8d2842ce3a66006a60bba6e5 / Ubuntu-3.19.0-19.19.
Kees also pointed out that he landed a series of patches from
204db6ed17743000691d930368a5abd6ea541c58 until Michael Davidson's
patch (i.e.
a87938b2e246b81b4fb713edb371a9fa3c5c3c86..204db6ed17743000691d930368a5abd6ea541c58
), and in particular, there's:
commit d1fd836dcf00d2028c700c7e44d2c23404062c90
Author: Kees Cook <keescook@xxxxxxxxxxxx>
mm: split ET_DYN ASLR from mmap ASLR
Other fixes that I see to fs/binfmt_elf.c and arch/x86/mm/mmap.c look like they either occurred only in 4.3 or have already been backported via the stable kernels.
I should also point out that these cleanups may address some of the
ASLR failed tests that occur on non-x86 architectures for pre 4.2
kernels.
I am happy to test out kernels to try to address this. Thanks.
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: linux-image-3.13.0-68-generic 3.13.0-68.111
ProcVersionSignature: Ubuntu 3.13.0-68.111-generic 3.13.11-ckt27
Uname: Linux 3.13.0-68-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.18
Architecture: amd64
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/dsp', '/dev/snd/by-path', '/dev/snd/controlC0', '/dev/snd/hwC0D0', '/dev/snd/hwC0D1', '/dev/snd/pcmC0D0c', '/dev/snd/pcmC0D0p', '/dev/snd/pcmC0D1c', '/dev/snd/pcmC0D1p', '/dev/snd/pcmC0D2c', '/dev/snd/pcmC0D3p', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
Date: Fri Nov 20 13:58:40 2015
HibernationDevice: RESUME=UUID=dc63f523-507a-4f9d-aa30-a2e880199150
IwConfig:
eth0 no wireless extensions.
lo no wireless extensions.
MachineType: Shuttle Inc SG33
ProcEnviron:
SHELL=/bin/bash
TERM=screen
PATH=(custom, user)
LANG=en_US.UTF-8
XDG_RUNTIME_DIR=<set>
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-68-generic root=UUID=d30e91cf-3c43-41a9-a72d-c07d1be1d53e ro loop.max_loop=64 rootflags=data=ordered nomdmonddf nomdmonisw nomdmonddf nomdmonisw nomdmonddf nomdmonisw nomdmonddf nomdmonisw
RelatedPackageVersions:
linux-restricted-modules-3.13.0-68-generic N/A
linux-backports-modules-3.13.0-68-generic N/A
linux-firmware 1.127.18
RfKill:
SourcePackage: linux
StagingDrivers: zram
UpgradeStatus: Upgraded to trusty on 2014-04-16 (583 days ago)
WpaSupplicantLog:
dmi.bios.date: 11/28/2007
dmi.bios.vendor: Phoenix Technologies, LTD
dmi.bios.version: 6.00 PG
dmi.board.name: FG33
dmi.board.vendor: Shuttle Inc
dmi.board.version: V10
dmi.chassis.type: 3
dmi.chassis.vendor: Shuttle Inc
dmi.chassis.version: G5
dmi.modalias: dmi:bvnPhoenixTechnologies,LTD:bvr6.00PG:bd11/28/2007:svnShuttleInc:pnSG33:pvrV10:rvnShuttleInc:rnFG33:rvrV10:cvnShuttleInc:ct3:cvrG5:
dmi.product.name: SG33
dmi.product.version: V10
dmi.sys.vendor: Shuttle Inc
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1518483/+subscriptions
References