Re-enable RODATA for virtual i386

Bug #809838 reported by Stefan Bader
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Medium
Stefan Bader
Natty
Fix Released
Medium
Stefan Bader

Bug Description

SRU Justification:

Impact: Kernel data is marked as read-only by this option and it is set for security reasons on all kernel flavours. However it had been disabled in the i386 virtual flavour because of a bug that would prevent booting in EC2 (bug #699828).

Fix: This issue is now fixed and it is possible to turn this option back on.

Testcase: Compiled current kernel with the option turned back on and boot tested on EC2 and local Xen test system.

Stefan Bader (smb)
Changed in linux (Ubuntu):
assignee: nobody → Stefan Bader (stefan-bader-canonical)
importance: Undecided → Medium
status: New → In Progress
summary: - [Natty] Re-enable RODATA for virtual i386
+ Re-enable RODATA for virtual i386
Changed in linux (Ubuntu Natty):
assignee: nobody → Stefan Bader (stefan-bader-canonical)
importance: Undecided → Medium
status: New → In Progress
Stefan Bader (smb)
Changed in linux (Ubuntu Natty):
status: In Progress → Fix Committed
Changed in linux (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Herton R. Krzesinski (herton) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-natty' to 'verification-done-natty'.

If verification is not done by one week from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-natty
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.0.0-6.7

---------------
linux (3.0.0-6.7) oneiric; urgency=low

  [ Eagon Yager ]

  * [Config] Fix misspelled 'skipmodule' in arm makefile.

  [ Keng-Yu Lin ]

  * SAUCE: Input: ALPS - Enable Intellimouse mode for Lenovo Zhaoyang E47
    - LP: #632884, #803005

  [ Leann Ogasawara ]

  * Revert "[Config] Temporarily disable CONFIG_SMC91X on armel-omap"
  * Revert "[Config] Temporarily Disable CONFIG_BRCMSMAC on arm"
  * Revert "[Config] Temporarily Disable CONFIG_RTL8192SE on powerpc"
  * Revert "[Config] Temporarily Disable CONFIG_RTL8192SE on arm"
  * Revert "[Config] Temporarily disable CONFIG_BRCMSMAC on powerpc"
  * [Config] Set CONFIG_ACPI_PCI_SLOT=m
  * [Config] Set CONFIG_ACPI_SBS=m
  * [Config] Set CONFIG_ACPI_WMI=m
  * [Config] Set CONFIG_AD7150=m on arm
  * [Config] Set CONFIG_AD7152=m on arm
  * [Config] Drop CONFIG_GPIO_S5PV210
  * [Config] Drop CONFIG_GPIO_S5PC100
  * [Config] Drop CONFIG_GPIO_PLAT_SAMSUNG
  * [Config] Drop CONFIG_GPIO_EXYNOS4

  [ Stefan Bader ]

  * SAUCE: Re-enable RODATA for i386 virtual
    - LP: #809838

  [ Upstream Kernel Changes ]

  * Revert "Quirk to fix suspend/resume on Lenovo Edge 11,13,14,15"
  * (drop after 3.0.0) acer-wmi: Add support for Aspire 1830 wlan hotkey
    - LP: #771758
 -- Leann Ogasawara <email address hidden> Wed, 20 Jul 2011 06:36:02 -0700

Changed in linux (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Stefan Bader (smb) wrote :

I had been testing before and this actually should cause the qa-regression suite to pass without failures on ec2. Going forward to mark this as verified.

tags: added: verification-done-natty
removed: verification-needed-natty
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (13.4 KiB)

This bug was fixed in the package linux - 2.6.38-11.48

---------------
linux (2.6.38-11.48) natty-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #818175

  [ Upstream Kernel Changes ]

  * Revert "HID: magicmouse: ignore 'ivalid report id' while switching
    modes"
    - LP: #814250

linux (2.6.38-11.47) natty-proposed; urgency=low

  [Steve Conklin]

  * Release Tracking Bug
    - LP: #811180

  [ Keng-Yu Lin ]

  * SAUCE: Revert: "dell-laptop: Toggle the unsupported hardware
    killswitch"
    - LP: #775281

  [ Ming Lei ]

  * SAUCE: fix yama_ptracer_del lockdep warning
    - LP: #791019

  [ Stefan Bader ]

  * SAUCE: Re-enable RODATA for i386 virtual
    - LP: #809838

  [ Tim Gardner ]

  * [Config] Add grub-efi as a recommended bootloader for server and
    generic
    - LP: #800910
  * SAUCE: rtl8192se: Force a build for a 2.6/3.0 kernel
    - LP: #805494

  [ Upstream Kernel Changes ]

  * Revert "bridge: Forward reserved group addresses if !STP"
    - LP: #793702
  * Fix up ABI directory
  * bonding: Incorrect TX queue offset, CVE-2011-1581
    - LP: #792312
    - CVE-2011-1581
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * usbnet/cdc_ncm: add missing .reset_resume hook
    - LP: #793892
  * ath5k: Disable fast channel switching by default
    - LP: #767192
  * mm: vmscan: correctly check if reclaimer should schedule during
    shrink_slab
    - LP: #755066
  * mm: vmscan: correct use of pgdat_balanced in sleeping_prematurely
    - LP: #755066
  * ALSA: hda - Use LPIB for ATI/AMD chipsets as default
    - LP: #741825
  * ALSA: hda - Enable snoop bit for AMD controllers
    - LP: #741825
  * ALSA: hda - Enable sync_write workaround for AMD generically
    - LP: #741825
  * cpuidle: menu: fixed wrapping timers at 4.294 seconds
    - LP: #774947
  * drm/i915: Fix gen6 (SNB) missed BLT ring interrupts.
    - LP: #761065
  * USB: ehci: remove structure packing from ehci_def
    - LP: #791552
  * drm/i915: disable PCH ports if needed when disabling a CRTC
    - LP: #791752
  * kmemleak: Do not return a pointer to an object that kmemleak did not
    get
    - LP: #793702
  * kmemleak: Initialise kmemleak after debug_objects_mem_init()
    - LP: #793702
  * Fix _OSC UUID in pcc-cpufreq
    - LP: #793702
  * CPU hotplug, re-create sysfs directory and symlinks
    - LP: #793702
  * Fix memory leak in cpufreq_stat
    - LP: #793702
  * net: recvmmsg: Strip MSG_WAITFORONE when calling recvmsg
    - LP: #793702
  * ftrace: Only update the function code on write to filter files
    - LP: #793702
  * qla2xxx: Fix hang during driver unload when vport is active.
    - LP: #793702
  * qla2xxx: Fix virtual port failing to login after chip reset.
    - LP: #793702
  * qla2xxx: Fix vport delete hang when logins are outstanding.
    - LP: #793702
  * powerpc/kdump64: Don't reference freed memory as pacas
    - LP: #793702
  * powerpc/kexec: Fix memory corruption from unallocated slaves
    - LP: #793702
  * x86, cpufeature: Fix cpuid leaf 7 feature detection
    - LP: #793702
  * ath9k_hw: do noise floor calibration only on required chain...

Changed in linux (Ubuntu Natty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers