Announcement

**sinepgib** · 11 October 2022, 01:29 PM

Someone can bring some more specifics about the systemd+eBPF issues? It sounds interesting enough to merit some links

**johncall** · 11 October 2022, 02:08 PM

Linux 6.1 is shaping up to be a damn fine kernel release

Agreed! Thanks for all of your articles letting us know about the goodness going into this version!

**fitzie** · 11 October 2022, 06:47 PM

Originally posted by sinepgib View Post

Someone can bring some more specifics about the systemd+eBPF issues? It sounds interesting enough to merit some links

here are some links:

https://lore.kernel.org/lkml/[email protected]/
https://marc.info/?l=linux-kernel&m=166483125325327&w=2
https://lore.kernel.org/all/CAMj1kXH...ail.gmail.com/
https://lore.kernel.org/bpf/c84cc27c...ernel.org/T/#u
https://lore.kernel.org/bpf/[email protected]/

**intelfx** · 12 October 2022, 05:30 AM

Originally posted by sinepgib View Post

Someone can bring some more specifics about the systemd+eBPF issues? It sounds interesting enough to merit some links

There's nothing about systemd in it. It simply looks like systemd is the only (or the only visible) user of this functionality

**sinepgib** · 12 October 2022, 06:07 AM

Originally posted by fitzie View Post

here are some links:

https://lore.kernel.org/lkml/[email protected]/
https://marc.info/?l=linux-kernel&m=166483125325327&w=2
https://lore.kernel.org/all/CAMj1kXH...ail.gmail.com/
https://lore.kernel.org/bpf/c84cc27c...ernel.org/T/#u
https://lore.kernel.org/bpf/[email protected]/

Originally posted by intelfx View Post

There's nothing about systemd in it. It simply looks like systemd is the only (or the only visible) user of this functionality

Thank you both. Indeed, the last two links show clearly that the bug is not really dependent upon the loaded programs. I guess mentioning systemd pays in clicks.

**Weasel** · 12 October 2022, 08:57 AM

Wait, so what about dynamically generated code? Like JITs?

**sinepgib** · 12 October 2022, 09:33 AM

Originally posted by Weasel View Post

Wait, so what about dynamically generated code? Like JITs?

First you write, then you mark read only and executable for the rest of its life. W^X is about never being both at the same time and never going back to writable once it's executable. You always need your page to start out as writable after all, how will you copy the code otherwise?

**Weasel** · 12 October 2022, 03:31 PM

Originally posted by sinepgib View Post

First you write, then you mark read only and executable for the rest of its life. W^X is about never being both at the same time and never going back to writable once it's executable. You always need your page to start out as writable after all, how will you copy the code otherwise?

Normal code is just mapped by the kernel in most applications. It's not even copied. And even if it was, the kernel obviously has power to ignore its own rules here, if it has to.

But yeah, if this still works for user-land apps to set the executable bit after writing something, it's not a problem. It would also break compressors like UPX otherwise.

**sinepgib** · 12 October 2022, 03:47 PM

Originally posted by Weasel View Post

Normal code is just mapped by the kernel in most applications. It's not even copied. And even if it was, the kernel obviously has power to ignore its own rules here, if it has to.

"Mapped" is a way of saying the page is already in memory and you're assigning it a virtual address, but at some point you copy from disk to memory.

Originally posted by Weasel View Post

But yeah, if this still works for user-land apps to set the executable bit after writing something, it's not a problem. It would also break compressors like UPX otherwise.

It should work AFAIK.

Announcement

Linux 6.1 Lands Code To Warn About W+X Mappings By Default

Linux 6.1 Lands Code To Warn About W+X Mappings By Default

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment