Hi,
I notice a regression report on Bugzilla [1]. Quoting from it:
> Recent kernels seem to generate this:
>
> "memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=3976 'Xorg'"
>
> Is this a kernel problem or something to do with Xorg ?
>
> Seen in Kernels 6.3.4 and 6.4.0-rc4.
>
> Thanks
See Bugzilla for the full thread and attached logs (dmesg, xorg, bisection
log).
Anyway, I'm adding it to regzbot:
#regzbot introduced: 105ff5339f498a https://bugzilla.kernel.org/show_bug.cgi?id=217508
#regzbot title: memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL on Xorg
Thanks.
[1]: https://bugzilla.kernel.org/show_bug.cgi?id=217508
--
An old man doll... just what I always wanted! - Clara
On 6/1/23 04:07, Bagas Sanjaya wrote:
> Hi,
>
> I notice a regression report on Bugzilla [1]. Quoting from it:
>
>> Recent kernels seem to generate this:
>>
>> "memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=3976 'Xorg'"
>>
>> Is this a kernel problem or something to do with Xorg ?
>>
>> Seen in Kernels 6.3.4 and 6.4.0-rc4.
>>
>> Thanks
>
> See Bugzilla for the full thread and attached logs (dmesg, xorg, bisection
> log).
>
> Anyway, I'm adding it to regzbot:
>
> #regzbot introduced: 105ff5339f498a https://bugzilla.kernel.org/show_bug.cgi?id=217508
> #regzbot title: memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL on Xorg
Hm indeed it seems to have introduced 2 new flags and immediately warn if
any process doesn't use them. Maybe it would make sense for some of the
non-default values of vm.memfd_noexec, but it's too early to warn
unconditionally everywhere, no?
> Thanks.
>
> [1]: https://bugzilla.kernel.org/show_bug.cgi?id=217508
>
On Thu, Jun 01, 2023 at 09:18:47AM +0200, Vlastimil Babka wrote:
> On 6/1/23 04:07, Bagas Sanjaya wrote:
> > Hi,
> >
> > I notice a regression report on Bugzilla [1]. Quoting from it:
> >
> >> Recent kernels seem to generate this:
> >>
> >> "memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=3976 'Xorg'"
> >>
> >> Is this a kernel problem or something to do with Xorg ?
> >>
> >> Seen in Kernels 6.3.4 and 6.4.0-rc4.
> >>
> >> Thanks
> >
> > See Bugzilla for the full thread and attached logs (dmesg, xorg, bisection
> > log).
> >
> > Anyway, I'm adding it to regzbot:
> >
> > #regzbot introduced: 105ff5339f498a https://bugzilla.kernel.org/show_bug.cgi?id=217508
> > #regzbot title: memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL on Xorg
>
> Hm indeed it seems to have introduced 2 new flags and immediately warn if
> any process doesn't use them. Maybe it would make sense for some of the
> non-default values of vm.memfd_noexec, but it's too early to warn
> unconditionally everywhere, no?
This is pretty standard for getting new options like this noticed by
userspace -- there is no regression in _behavior_. It's just a reminder
to fix userspace code.
-Kees
> >
> > [1]: https://bugzilla.kernel.org/show_bug.cgi?id=217508
> >
>
--
Kees Cook
On 6/1/23 21:12, Kees Cook wrote:
>> Hm indeed it seems to have introduced 2 new flags and immediately warn if
>> any process doesn't use them. Maybe it would make sense for some of the
>> non-default values of vm.memfd_noexec, but it's too early to warn
>> unconditionally everywhere, no?
>
> This is pretty standard for getting new options like this noticed by
> userspace -- there is no regression in _behavior_. It's just a reminder
> to fix userspace code.
>
Telling regzbot:
#regzbot invalid: not a kernel regression, but userspace fix is needed
Thanks.
--
An old man doll... just what I always wanted! - Clara
On 02/06/2023 03:15, Bagas Sanjaya wrote:
> On 6/1/23 21:12, Kees Cook wrote:
>>> Hm indeed it seems to have introduced 2 new flags and immediately warn if
>>> any process doesn't use them. Maybe it would make sense for some of the
>>> non-default values of vm.memfd_noexec, but it's too early to warn
>>> unconditionally everywhere, no?
>>
>> This is pretty standard for getting new options like this noticed by
>> userspace -- there is no regression in _behavior_. It's just a reminder
>> to fix userspace code.
>>
>
> Telling regzbot:
>
> #regzbot invalid: not a kernel regression, but userspace fix is needed
>
> Thanks.
>
Issue raised with XOrg:
https://gitlab.freedesktop.org/xorg/xserver/-/issues/1553