Linux 6.1 Lands Code To Warn About W+X Mappings By Default

Written by Michael Larabel in Linux Security on 11 October 2022 at 12:00 PM EDT. 12 Comments
LINUX SECURITY --
In addition to MGLRU and Maple Tree having been merged overnight, Linus Torvalds also picked up the x86/mm changes for Linux 6.1 that will now by default warn about W+X mappings.

As outlined a month ago, Linux 6.1 will now warn about W+X mappings by default. The Linux kernel has offered "CONFIG_DEBUG_WX" to warn about memory mappings at boot time that are both writable and executable as they can pose an obvious security risk. Finally with Linux 6.1 that kernel boot time warning will be enabled by default for x86_64.

The changes for Linux 6.1 also include various detection improvements/fixes around the W+X mappings. The goal is to ultimately have the kernel refuse to allow W+X mappings but that didn't happen for Linux 6.1.

Due to some 32-bit x86 headaches and then uncovering some systemd eBPF issues that caused boot failures and only addressed recently, Linux 6.1 will stick to only warning about W+X mappings. Hopefully though for Linux 6.2 will be the point at which the kernel will refuse to create W+X kernel mappings.

The list of x86/mm feature patches merged for Linux 6.1 can be found via this pull.

Linux 6.1 is shaping up to be a damn fine kernel release and should be this year's LTS kernel.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week