From mboxrd@z Thu Jan 1 00:00:00 1970 From: bugzilla-daemon-CC+yJ3UmIYqDUpFQwHEjaQ@public.gmane.org Subject: [Bug 73473] Potential crash bug in src/gallium/auxiliary/rtasm/rtasm_execmem.c Date: Sat, 11 Jan 2014 10:29:20 +0000 Message-ID: References: Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1937871349==" Return-path: In-Reply-To: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: nouveau-bounces-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org Errors-To: nouveau-bounces-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org To: nouveau-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org List-Id: nouveau.vger.kernel.org --===============1937871349== Content-Type: multipart/alternative; boundary="1389436159.Ee2e5bE0.464"; charset="us-ascii" --1389436159.Ee2e5bE0.464 Date: Sat, 11 Jan 2014 10:29:19 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" https://bugs.freedesktop.org/show_bug.cgi?id=73473 --- Comment #4 from Jaak Ristioja --- (In reply to comment #3) > Created attachment 91834 [details] [review] > gallium/rtasm: add support for SELinux > > You're absolutely right here. Seems like there aren't many hardened/selinux > users of the gallium drivers. > > The attached patch should do the job, can you give it a try ? I tried the patch on Mesa 5.1.9 under Gentoo. patching file src/gallium/auxiliary/rtasm/rtasm_execmem.c Hunk #1 succeeded at 60 (offset -1 lines). Hunk #2 succeeded at 72 (offset -1 lines). Hunk #3 succeeded at 90 (offset -1 lines). Hunk #4 succeeded at 103 (offset -1 lines). Hunk #5 succeeded at 115 (offset -1 lines). Running headless over SSH I could not verify today that the glxgears were actually shown in X, but here are the results I got: $ DISPLAY=:0.0 glxgears Running synchronized to the vertical refresh. The framerate should be approximately the same as the monitor refresh rate. 29168 frames in 5.0 seconds = 5833.411 FPS 29463 frames in 5.0 seconds = 5892.528 FPS ... This still gives the kernel message of RWX mmap being denied which is normal. $ DISPLAY=:0.0 LIBGL_ALWAYS_SOFTWARE=1 glxgears LLVM ERROR: Allocation failed when allocating new memory in the JIT Can't allocate RWX Memory: Operation not permitted This also gives the kernel message, but exits immediately after with exit status 1. -- You are receiving this mail because: You are the assignee for the bug. --1389436159.Ee2e5bE0.464 Date: Sat, 11 Jan 2014 10:29:19 +0000 MIME-Version: 1.0 Content-Type: text/html; charset="UTF-8"

Comment # 4 on bug 73473 from 
(In reply to comment #3)
> Created attachment 91834 [details] [review] [review]
> gallium/rtasm: add support for SELinux
> 
> You're absolutely right here. Seems like there aren't many hardened/selinux
> users of the gallium drivers.
> 
> The attached patch should do the job, can you give it a try ?

I tried the patch on Mesa 5.1.9 under Gentoo.

patching file src/gallium/auxiliary/rtasm/rtasm_execmem.c
Hunk #1 succeeded at 60 (offset -1 lines).
Hunk #2 succeeded at 72 (offset -1 lines).
Hunk #3 succeeded at 90 (offset -1 lines).
Hunk #4 succeeded at 103 (offset -1 lines).
Hunk #5 succeeded at 115 (offset -1 lines).

Running headless over SSH I could not verify today that the glxgears were
actually shown in X, but here are the results I got:

$ DISPLAY=:0.0 glxgears
Running synchronized to the vertical refresh.  The framerate should be
approximately the same as the monitor refresh rate.
29168 frames in 5.0 seconds = 5833.411 FPS
29463 frames in 5.0 seconds = 5892.528 FPS
...

This still gives the kernel message of RWX mmap being denied which is normal.

$ DISPLAY=:0.0 LIBGL_ALWAYS_SOFTWARE=1 glxgears
LLVM ERROR: Allocation failed when allocating new memory in the JIT
Can't allocate RWX Memory: Operation not permitted

This also gives the kernel message, but exits immediately after with exit
status 1.

You are receiving this mail because:
  • You are the assignee for the bug.
--1389436159.Ee2e5bE0.464-- --===============1937871349== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Nouveau mailing list Nouveau-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org http://lists.freedesktop.org/mailman/listinfo/nouveau --===============1937871349==--