Public bug reported: [Impact]
Use nosuid,noexec mount options on devtmpfs, this allows to provide a bit of extra security by preventing mmapping stuff in /dev with PROT_EXEC or having setuid executables. [Test case] If we really want to provide a test case for this...: $ grep devtmpfs /proc/mounts We should see nosuid,noexec in the mount options if this change is applied, otherwise we should only see nosuid (or none of the above). [Fix] Enable CONFIG_DEVTMPFS_SAFE. [Regression potential] This change can potentially break some drivers that require mmapping /dev/mem with the PROT_EXEC flag (for example non-KSM video drivers, or drivers that need to execute BIOS / firmware code directly from /dev/mem). However, it'd be nice to see if we still have drivers that are still relying on this dangerous behavior and provide some additional safety measures in the system. ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Affects: linux (Ubuntu Kinetic) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Kinetic) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1974442 Title: enable CONFIG_DEVTMPFS_SAFE Status in linux package in Ubuntu: New Status in linux source package in Kinetic: New Bug description: [Impact] Use nosuid,noexec mount options on devtmpfs, this allows to provide a bit of extra security by preventing mmapping stuff in /dev with PROT_EXEC or having setuid executables. [Test case] If we really want to provide a test case for this...: $ grep devtmpfs /proc/mounts We should see nosuid,noexec in the mount options if this change is applied, otherwise we should only see nosuid (or none of the above). [Fix] Enable CONFIG_DEVTMPFS_SAFE. [Regression potential] This change can potentially break some drivers that require mmapping /dev/mem with the PROT_EXEC flag (for example non-KSM video drivers, or drivers that need to execute BIOS / firmware code directly from /dev/mem). However, it'd be nice to see if we still have drivers that are still relying on this dangerous behavior and provide some additional safety measures in the system. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1974442/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp