Ubuntu
linux package

Kernel ignores noexec=off parameter

Bug #597702 reported by Vasilis
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

Hello everybody,

I'm running Ubuntu 10.04 32-bit 2.6.32-22-generic-pae kernel.

I need to boot into Ubuntu having the NX bit set forced OFF since even if i disabled execution protection from BIOS Ubuntu emulates it. (ref @ https://wiki.ubuntu.com/Security/Features#Non-Exec%20Memory)

As such, according to the kernel parameters from kernel.org (ref @ http://www.kernel.org/doc/Documentation/kernel-parameters.txt search for noexec) i am appending the following to parameters to my grub.cfg: noexec=off and noexec32=off

<grub.cfg snip>
menuentry 'Ubuntu, with Linux 2.6.32-22-generic-pae' --class ubuntu --class gnu-linux --class gnu --class os {
 recordfail
 insmod ext2
 set root='(hd0,1)'
 search --no-floppy --fs-uuid --set de69abbd-bd5d-455e-b4c0-be9ab0ed6037
 linux /boot/vmlinuz-2.6.32-22-generic-pae root=UUID=de69abbd-bd5d-455e-b4c0-be9ab0ed6037 ro crashkernel=384M-2G:64M,2G-:128M noexec=off noexec32=off
 initrd /boot/initrd.img-2.6.32-22-generic-pae
}
</grub.cfg snip>

However, the kernel seems to ignore those parameters and still boots with execution prevention enabled,

<var/log/syslog snip>
Jun 22 16:36:00 EL kernel: [ 0.000000] Using x86 segment limits to approximate NX protection
</var/log/syslog snip>

this is verified by running the NX regression test from http://bazaar.launchpad.net/~ubuntu-bugcontrol/qa-regression-testing/master/files/head%3A/scripts/kernel-security/nx/

./nx-test stack
data: 0x804a050
bss: 0x805a080
brk: 0x9edc008
rw: 0xb7827000
rwx: 0x60c000
stack: 0xbfec9fd8
Dump of /proc/self/maps:
0035f000-004b2000 r-xp 00000000 08:01 145283 /lib/tls/i686/cmov/libc-2.11.1.so
004b2000-004b3000 ---p 00153000 08:01 145283 /lib/tls/i686/cmov/libc-2.11.1.so
004b3000-004b5000 r--p 00153000 08:01 145283 /lib/tls/i686/cmov/libc-2.11.1.so
004b5000-004b6000 rw-p 00155000 08:01 145283 /lib/tls/i686/cmov/libc-2.11.1.so
004b6000-004b9000 rw-p 00000000 00:00 0
0060c000-0060d000 rwxp 00000000 00:00 0
008f1000-008f2000 r-xp 00000000 00:00 0 [vdso]
00a62000-00a7d000 r-xp 00000000 08:01 2350 /lib/ld-2.11.1.so
00a7d000-00a7e000 r--p 0001a000 08:01 2350 /lib/ld-2.11.1.so
00a7e000-00a7f000 rw-p 0001b000 08:01 2350 /lib/ld-2.11.1.so
08048000-08049000 r-xp 00000000 08:01 1443777 /home/vasilis/Downloads/nx/nx-test
08049000-0804a000 r--p 00000000 08:01 1443777 /home/vasilis/Downloads/nx/nx-test
0804a000-0804b000 rw-p 00001000 08:01 1443777 /home/vasilis/Downloads/nx/nx-test
0804b000-0805b000 rw-p 00000000 00:00 0
09edc000-09efe000 rw-p 00000000 00:00 0 [heap]
b7815000-b7816000 rw-p 00000000 00:00 0
b7826000-b782b000 rw-p 00000000 00:00 0
bfeb6000-bfecb000 rw-p 00000000 00:00 0 [stack]
Attempting to execute function at 0xbfec9fe4
If this program seg-faults, the region was enforced as non-executable...
Segmentation fault
...

Any help will be seriously appreciated !!!
Thanks
V.

Revision history for this message
Mitch Towner (kermiac) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. This bug did not have a package associated with it, which is important for ensuring that it gets looked at by the proper developers. You can learn more about finding the right package at https://wiki.ubuntu.com/Bugs/FindRightPackage. I have classified this bug as a bug in linux.

When reporting bugs in the future please use apport, either via the appropriate application's "Help -> Report a Problem" menu or using 'ubuntu-bug' and the name of the package affected. You can learn more about this functionality at https://wiki.ubuntu.com/ReportingBugs.

affects: ubuntu → linux (Ubuntu)
Revision history for this message
Jeremy Foshee (jeremyfoshee) wrote :

Hi Vasilis,

Please be sure to confirm this issue exists with the latest development release of Ubuntu. ISO CD images are available from http://cdimage.ubuntu.com/daily/current/ . If the issue remains, please run the following command from a Terminal (Applications->Accessories->Terminal). It will automatically gather and attach updated debug information to this report.

apport-collect -p linux 597702

Also, if you could test the latest upstream kernel available that would be great. It will allow additional upstream developers to examine the issue. Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Once you've tested the upstream kernel, please remove the 'needs-upstream-testing' tag. This can be done by clicking on the yellow pencil icon next to the tag located at the bottom of the bug description and deleting the 'needs-upstream-testing' text. Please let us know your results.

Thanks in advance.

    [This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]

tags: added: needs-kernel-logs
tags: added: needs-upstream-testing
tags: added: kj-triage
Changed in linux (Ubuntu):
status: New → Incomplete
Revision history for this message
Jeremy Foshee (jeremyfoshee) wrote :

This bug report was marked as Incomplete and has not had any updated comments for quite some time. As a result this bug is being closed. Please reopen if this is still an issue in the current Ubuntu development release http://cdimage.ubuntu.com/daily-live/current/ . Also, please be sure to provide any requested information that may have been missing. To reopen the bug, click on the current status under the Status column and change the status back to "New". Thanks.

[This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]

tags: added: kj-expired
Changed in linux (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.