On Thu, May 13, 2010 at 08:20:46AM -0400, Robert P. J. Day wrote: > On Thu, 13 May 2010, Roman I Khimov wrote: > > ... mmap_min_addr stuff snipped ... > > > The real solution is in the kernel, it should be fixed for latest > > Ubuntu and hopefully Fedora will catch up on this issue too. > > > > http://git.kernel.org/?p=linux/kernel/git/jmorris/security- > > testing-2.6.git;a=commitdiff;h=822cceec7248013821d655545ea45d1c6a9d15b3 > > > > Interesting that openSUSE with 2.6.31 kernel doesn't have such > > problems... And our main build machine with Debian stable + 2.6.30 > > kernel works fine too. Probably this check got introduced in 2.6.32. > > not sure which kernel *version* it showed up in, but it appears to > be a result of this commit from nov of last year (which you can see > ended up being unnecessarily restrictive -- d'oh!): > > commit 0e1a6ef2dea88101b056b6d9984f3325c5efced3 > Author: Kees Cook <[email protected]> > Date: Sun Nov 8 09:37:00 2009 -0800 > > sysctl: require CAP_SYS_RAWIO to set mmap_min_addr
... repeated stuff snipped ... You should finish reading the thread again :). Yes, that's the same commit as http://git.openembedded.org/cgit.cgi/openembedded/commit/?id=1b426b8382d2a7864b63051b0707e577f2c0ce69 says. Workaround to qemu-native already pushed. So now it should work on every system with with readable /proc/sys/vm/mmap_min_addr or /proc/sys/vm/mmap_min_addr <= 65536. -- uin:136542059 jid:[email protected] Jansa Martin sip:[email protected] JaMa _______________________________________________ Openembedded-devel mailing list [email protected] http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-devel
