1 |
On 14 Jan 2006 at 12:40, Nicolas MASSE wrote: |
2 |
> open("/dev/zero", O_RDWR) = 3 |
3 |
> mmap(NULL, 8192, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|0x40, 3, 0) = -1 |
4 |
> EPERM (Operation not permitted) |
5 |
> mmap(NULL, 8192, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE, 3, 0) = -1 EPERM |
6 |
> (Operation not permitted) |
7 |
|
8 |
[snipped] |
9 |
|
10 |
> So, I watched my /etc/fstab and found : |
11 |
> udev /dev tmpfs nosuid,noexec,size=16M 0 0 |
12 |
> |
13 |
> After I removed the noexec flag, all worked perfectly. |
14 |
> |
15 |
> I hope this will help somebody. |
16 |
|
17 |
thanks for the investigation but the cure is worse than the disease ;-). |
18 |
there's a reason why /dev is mounted noexec, and the correct solution |
19 |
is to tell the nvidia folks that mapping /dev/zero to obtain anonymous |
20 |
memory is old-school and completely unnecessary, mmap() has supported |
21 |
MAP_ANONYMOUS for a long time now. also, if they don't need PROT_EXEC |
22 |
then they shouldn't ask for it (that would also fix it for /dev/zero). |
23 |
|
24 |
-- |
25 |
gentoo-hardened@g.o mailing list |