Re-enable RODATA for virtual i386

Bug #809838 reported by Stefan Bader
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Medium
Stefan Bader
Natty
Fix Released
Medium
Stefan Bader

Bug Description

SRU Justification:

Impact: Kernel data is marked as read-only by this option and it is set for security reasons on all kernel flavours. However it had been disabled in the i386 virtual flavour because of a bug that would prevent booting in EC2 (bug #699828).

Fix: This issue is now fixed and it is possible to turn this option back on.

Testcase: Compiled current kernel with the option turned back on and boot tested on EC2 and local Xen test system.

Stefan Bader (smb)
Changed in linux (Ubuntu):
assignee: nobody → Stefan Bader (stefan-bader-canonical)
importance: Undecided → Medium
status: New → In Progress
summary: - [Natty] Re-enable RODATA for virtual i386
+ Re-enable RODATA for virtual i386
Changed in linux (Ubuntu Natty):
assignee: nobody → Stefan Bader (stefan-bader-canonical)
importance: Undecided → Medium
status: New → In Progress
Stefan Bader (smb)
Changed in linux (Ubuntu Natty):
status: In Progress → Fix Committed
Changed in linux (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Herton R. Krzesinski (herton) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-natty' to 'verification-done-natty'.

If verification is not done by one week from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-natty
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.0.0-6.7

---------------
linux (3.0.0-6.7) oneiric; urgency=low

  [ Eagon Yager ]

  * [Config] Fix misspelled 'skipmodule' in arm makefile.

  [ Keng-Yu Lin ]

  * SAUCE: Input: ALPS - Enable Intellimouse mode for Lenovo Zhaoyang E47
    - LP: #632884, #803005

  [ Leann Ogasawara ]

  * Revert "[Config] Temporarily disable CONFIG_SMC91X on armel-omap"
  * Revert "[Config] Temporarily Disable CONFIG_BRCMSMAC on arm"
  * Revert "[Config] Temporarily Disable CONFIG_RTL8192SE on powerpc"
  * Revert "[Config] Temporarily Disable CONFIG_RTL8192SE on arm"
  * Revert "[Config] Temporarily disable CONFIG_BRCMSMAC on powerpc"
  * [Config] Set CONFIG_ACPI_PCI_SLOT=m
  * [Config] Set CONFIG_ACPI_SBS=m
  * [Config] Set CONFIG_ACPI_WMI=m
  * [Config] Set CONFIG_AD7150=m on arm
  * [Config] Set CONFIG_AD7152=m on arm
  * [Config] Drop CONFIG_GPIO_S5PV210
  * [Config] Drop CONFIG_GPIO_S5PC100
  * [Config] Drop CONFIG_GPIO_PLAT_SAMSUNG
  * [Config] Drop CONFIG_GPIO_EXYNOS4

  [ Stefan Bader ]

  * SAUCE: Re-enable RODATA for i386 virtual
    - LP: #809838

  [ Upstream Kernel Changes ]

  * Revert "Quirk to fix suspend/resume on Lenovo Edge 11,13,14,15"
  * (drop after 3.0.0) acer-wmi: Add support for Aspire 1830 wlan hotkey
    - LP: #771758
 -- Leann Ogasawara <email address hidden> Wed, 20 Jul 2011 06:36:02 -0700

Changed in linux (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Stefan Bader (smb) wrote :

I had been testing before and this actually should cause the qa-regression suite to pass without failures on ec2. Going forward to mark this as verified.

tags: added: verification-done-natty
removed: verification-needed-natty
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (13.4 KiB)

This bug was fixed in the package linux - 2.6.38-11.48

---------------
linux (2.6.38-11.48) natty-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #818175

  [ Upstream Kernel Changes ]

  * Revert "HID: magicmouse: ignore 'ivalid report id' while switching
    modes"
    - LP: #814250

linux (2.6.38-11.47) natty-proposed; urgency=low

  [Steve Conklin]

  * Release Tracking Bug
    - LP: #811180

  [ Keng-Yu Lin ]

  * SAUCE: Revert: "dell-laptop: Toggle the unsupported hardware
    killswitch"
    - LP: #775281

  [ Ming Lei ]

  * SAUCE: fix yama_ptracer_del lockdep warning
    - LP: #791019

  [ Stefan Bader ]

  * SAUCE: Re-enable RODATA for i386 virtual
    - LP: #809838

  [ Tim Gardner ]

  * [Config] Add grub-efi as a recommended bootloader for server and
    generic
    - LP: #800910
  * SAUCE: rtl8192se: Force a build for a 2.6/3.0 kernel
    - LP: #805494

  [ Upstream Kernel Changes ]

  * Revert "bridge: Forward reserved group addresses if !STP"
    - LP: #793702
  * Fix up ABI directory
  * bonding: Incorrect TX queue offset, CVE-2011-1581
    - LP: #792312
    - CVE-2011-1581
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * usbnet/cdc_ncm: add missing .reset_resume hook
    - LP: #793892
  * ath5k: Disable fast channel switching by default
    - LP: #767192
  * mm: vmscan: correctly check if reclaimer should schedule during
    shrink_slab
    - LP: #755066
  * mm: vmscan: correct use of pgdat_balanced in sleeping_prematurely
    - LP: #755066
  * ALSA: hda - Use LPIB for ATI/AMD chipsets as default
    - LP: #741825
  * ALSA: hda - Enable snoop bit for AMD controllers
    - LP: #741825
  * ALSA: hda - Enable sync_write workaround for AMD generically
    - LP: #741825
  * cpuidle: menu: fixed wrapping timers at 4.294 seconds
    - LP: #774947
  * drm/i915: Fix gen6 (SNB) missed BLT ring interrupts.
    - LP: #761065
  * USB: ehci: remove structure packing from ehci_def
    - LP: #791552
  * drm/i915: disable PCH ports if needed when disabling a CRTC
    - LP: #791752
  * kmemleak: Do not return a pointer to an object that kmemleak did not
    get
    - LP: #793702
  * kmemleak: Initialise kmemleak after debug_objects_mem_init()
    - LP: #793702
  * Fix _OSC UUID in pcc-cpufreq
    - LP: #793702
  * CPU hotplug, re-create sysfs directory and symlinks
    - LP: #793702
  * Fix memory leak in cpufreq_stat
    - LP: #793702
  * net: recvmmsg: Strip MSG_WAITFORONE when calling recvmsg
    - LP: #793702
  * ftrace: Only update the function code on write to filter files
    - LP: #793702
  * qla2xxx: Fix hang during driver unload when vport is active.
    - LP: #793702
  * qla2xxx: Fix virtual port failing to login after chip reset.
    - LP: #793702
  * qla2xxx: Fix vport delete hang when logins are outstanding.
    - LP: #793702
  * powerpc/kdump64: Don't reference freed memory as pacas
    - LP: #793702
  * powerpc/kexec: Fix memory corruption from unallocated slaves
    - LP: #793702
  * x86, cpufeature: Fix cpuid leaf 7 feature detection
    - LP: #793702
  * ath9k_hw: do noise floor calibration only on required chain...

Changed in linux (Ubuntu Natty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.