Gentoo Archives: gentoo-hardened

From:	pageexec@××××××××.hu
To:	gentoo-hardened@l.g.o
Cc:	gentoo-amd64@l.g.o
Subject:	Re: [gentoo-hardened] [SOLVED] Amarok and X.org crashing with hardened gentoo on amd64
Date:	Sat, 14 Jan 2006 14:33:32
Message-Id:	`43C91931.9217.1DA53715@pageexec.freemail.hu`
In Reply to:	[gentoo-hardened] [SOLVED] Amarok and X.org crashing with hardened gentoo on amd64 by Nicolas MASSE

1	On 14 Jan 2006 at 12:40, Nicolas MASSE wrote:
2	> open("/dev/zero", O_RDWR) = 3
3	> mmap(NULL, 8192, PROT_READ\|PROT_WRITE\|PROT_EXEC, MAP_PRIVATE\|0x40, 3, 0) = -1
4	> EPERM (Operation not permitted)
5	> mmap(NULL, 8192, PROT_READ\|PROT_WRITE\|PROT_EXEC, MAP_PRIVATE, 3, 0) = -1 EPERM
6	> (Operation not permitted)
7
8	[snipped]
9
10	> So, I watched my /etc/fstab and found :
11	> udev /dev tmpfs nosuid,noexec,size=16M 0 0
12	>
13	> After I removed the noexec flag, all worked perfectly.
14	>
15	> I hope this will help somebody.
16
17	thanks for the investigation but the cure is worse than the disease ;-).
18	there's a reason why /dev is mounted noexec, and the correct solution
19	is to tell the nvidia folks that mapping /dev/zero to obtain anonymous
20	memory is old-school and completely unnecessary, mmap() has supported
21	MAP_ANONYMOUS for a long time now. also, if they don't need PROT_EXEC
22	then they shouldn't ask for it (that would also fix it for /dev/zero).
23
24	--
25	gentoo-hardened@g.o mailing list

Subject	Author
Re: [gentoo-hardened] [SOLVED] Amarok and X.org crashing with hardened gentoo on amd64	Nicolas MASSE <nicolas27.masse@×××××××.net>