From: Martin Jansa <martin.jansa@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: Re: some possible fixes in the OE web pages
Date: Thu, 13 May 2010 14:32:16 +0200 [thread overview]
Message-ID: <20100513123216.GM3370@jama> (raw)
In-Reply-To: <alpine.DEB.2.00.1005130815410.8372@lynx>
On Thu, May 13, 2010 at 08:20:46AM -0400, Robert P. J. Day wrote:
> On Thu, 13 May 2010, Roman I Khimov wrote:
>
> ... mmap_min_addr stuff snipped ...
>
> > The real solution is in the kernel, it should be fixed for latest
> > Ubuntu and hopefully Fedora will catch up on this issue too.
> >
> > http://git.kernel.org/?p=linux/kernel/git/jmorris/security-
> > testing-2.6.git;a=commitdiff;h=822cceec7248013821d655545ea45d1c6a9d15b3
> >
> > Interesting that openSUSE with 2.6.31 kernel doesn't have such
> > problems... And our main build machine with Debian stable + 2.6.30
> > kernel works fine too. Probably this check got introduced in 2.6.32.
>
> not sure which kernel *version* it showed up in, but it appears to
> be a result of this commit from nov of last year (which you can see
> ended up being unnecessarily restrictive -- d'oh!):
>
> commit 0e1a6ef2dea88101b056b6d9984f3325c5efced3
> Author: Kees Cook <kees.cook@canonical.com>
> Date: Sun Nov 8 09:37:00 2009 -0800
>
> sysctl: require CAP_SYS_RAWIO to set mmap_min_addr
... repeated stuff snipped ...
You should finish reading the thread again :).
Yes, that's the same commit as
http://git.openembedded.org/cgit.cgi/openembedded/commit/?id=1b426b8382d2a7864b63051b0707e577f2c0ce69
says.
Workaround to qemu-native already pushed. So now it should work on every
system with with readable /proc/sys/vm/mmap_min_addr or
/proc/sys/vm/mmap_min_addr <= 65536.
--
uin:136542059 jid:Martin.Jansa@gmail.com
Jansa Martin sip:jamasip@voip.wengo.fr
JaMa
next prev parent reply other threads:[~2010-05-13 12:36 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-12 21:30 some possible fixes in the OE web pages Robert P. J. Day
2010-05-13 5:53 ` Roman I Khimov
2010-05-13 6:40 ` Martin Jansa
2010-05-13 8:23 ` Roman I Khimov
2010-05-13 8:46 ` Martin Jansa
2010-05-13 8:59 ` Roman I Khimov
2010-05-13 9:23 ` Martin Jansa
2010-05-13 9:38 ` QEMU mmap_min_addr issue Was: " Martin Jansa
2010-05-13 10:11 ` Martin Jansa
2010-05-13 12:20 ` Robert P. J. Day
2010-05-13 12:32 ` Martin Jansa [this message]
2010-05-13 12:53 ` Robert P. J. Day
2010-05-13 10:17 ` Robert P. J. Day
2010-05-13 10:18 ` Robert P. J. Day
2010-05-13 9:57 ` Robert P. J. Day
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100513123216.GM3370@jama \
--to=martin.jansa@gmail.com \
--cc=openembedded-devel@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.