1 |
Hello, |
2 |
|
3 |
I run a Gentoo (hardened/amd64) and after some modifications to my system |
4 |
(updates, new kernel, new softwares) I decided to reboot it. After the |
5 |
reboot, X.org did not start, neither did Amarok. |
6 |
|
7 |
After some investigations, I found that the X server could run with the nv |
8 |
driver but not with the nvidia driver, and Amarok crashed within a function |
9 |
in /usr/lib64/opengl/nvidia/lib/... |
10 |
|
11 |
A strace gave me : |
12 |
|
13 |
open("/dev/zero", O_RDWR) = 3 |
14 |
mmap(NULL, 8192, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|0x40, 3, 0) = -1 |
15 |
EPERM (Operation not permitted) |
16 |
mmap(NULL, 8192, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE, 3, 0) = -1 EPERM |
17 |
(Operation not permitted) |
18 |
close(3) = 0 |
19 |
--- SIGSEGV (Segmentation fault) @ 0 (0) --- |
20 |
|
21 |
With google, I found : |
22 |
|
23 |
http://mail-index.netbsd.org/tech-security/2004/06/24/0010.html |
24 |
> Now that we have noexec permissions on pages (for some architectures), |
25 |
> make the mapping of vnode backed pages with PROT_EXEC only be allowed |
26 |
> on filesystems that were not mounted with noexec. Otherwise, |
27 |
> mmap/uvm_map/mprotect will return EPERM for the mapping operation. |
28 |
|
29 |
|
30 |
So, I watched my /etc/fstab and found : |
31 |
udev /dev tmpfs nosuid,noexec,size=16M 0 0 |
32 |
|
33 |
After I removed the noexec flag, all worked perfectly. |
34 |
|
35 |
I hope this will help somebody. |
36 |
|
37 |
Nicolas MASSE |
38 |
|
39 |
-- |
40 |
gentoo-amd64@g.o mailing list |