Re: please revert backport of 44c76825d6eefee9eb7ce06c38e1a6632ac7eb7d

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



21.11.2024 17:33, Kees Cook wrote:
Hi stable tree maintainers,

Please revert the backports of

44c76825d6ee ("x86: Increase brk randomness entropy for 64-bit systems")

namely:

5.4:  03475167fda50b8511ef620a27409b08365882e1
5.10: 25d31baf922c1ee987efd6fcc9c7d4ab539c66b4
5.15: 06cb3463aa58906cfff72877eb7f50cb26e9ca93
6.1:  b0cde867b80a5e81fcbc0383e138f5845f2005ee
6.6:  1a45994fb218d93dec48a3a86f68283db61e0936

There seems to be a bad interaction between this change and older
PIE-built qemu-user-static (for aarch64) binaries[1]. Investigation
continues to see if this will need to be reverted from 6.6, 6.11,
and mainline. But for now, it's clearly a problem for older kernels with
older qemu.

Thanks!

-Kees

[1] https://lore.kernel.org/all/202411201000.F3313C02@keescook/
Unfortunately I haven't seen this thread and this email before now,
when things are already too late.

And it turned out it's entirely my fault with all this.  Let me
explain so things become clear to everyone.

The problem here is entirely in qemu-user.  The fundamental issue
is that qemu-user does not implement an MMU, instead, it implements
just address shift, searching for a memory region for the guest address
space which is hopefully not used by qemu-user itself.

In practice, this is rarely an issue though, when - and this is the
default - qemu is built as a static-pie executable.  This is important:
it's the default mode for the static build - it builds as static-pie
executable, which works around the problem in almost all cases.
This is done for quite a long time, too.

However, I, as qemu maintainer in debian, got a bug report saying
that qemu-user-static isn't "static enough" - because for some tools
used on debian (lintian), static-pie was something unknown and the
tool issued a warning.  And at the time, I just added --disable-pie
flag to the build, without much thinking.  This is where things went
wrong.

Later I reverted this change with a shame, because it causes numerous
configurations to fail randomly, and each of them is very difficult to
debug (especially due to randomness of failures, sometimes it can work
50 times in a row but fail on the 51th).

But unfortunately, I forgot to revert this "de-PIEsation" change in
debian stable, and that's exactly where the original bug report come
from, stating kernel broke builds in qemu.

The same qemu-user-static configuration has been used by some other
distributions too, but hopefully everything's fixed now.  Except of
debian bookworm, and probably also ubuntu jammy (previous LTS).

It is not an "older qemu" anymore (though for a very old qemu this is
true again, that old one can't be used anymore with modern executables
anyway due to other reasons).  It is just my build mistake which is
*still* unfixed on debian stable (bookworm).  And even there, this
issue can trivially be fixed locally, since qemu-user-static is
self-contained and can be installed on older debian releases, and I
always provide up-to-date backports of qemu packages for debian stable.

And yes, qemu had numerous improvements in this area since bookworm
version, which addressed many other issues around this and fixed many
other configurations (which are not related to this kernel change),
but the fundamental issue (lack of full-blown MMU) remains.

Hopefully this clears things up, and it can be seen that this is not
a kernel bug.  And I'm hoping we'll fix this in debian bookworm soon
too.

Thanks, and sorry for all the buzz which caused my 2 mistakes.

/mjt




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux