[Kernel-packages] [Bug 2089711] Re: Request to backport mseal syscall to LTS 24.04 LTS GA kernel

Tue, 26 Nov 2024 13:21:22 -0800 

** Patch added: "pach 2/4 mseal-add-mseal-syscall.patch"
   
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2089711/+attachment/5840622/+files/0002-mseal-add-mseal-syscall.patch
-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2089711

Title:
  Request to backport mseal syscall to LTS 24.04 LTS GA kernel

Status in linux package in Ubuntu:
  New

Bug description:
  Hello,

  My name is Jeff Xu, I work with Stephen Röttger on hardening the
  chrome browser.  I'm reaching out to explore the possibility of
  backporting memory sealing into the 22.04 LTS kernel.

  For context, it is worth noting that the Kernel introduces mseal
  support in version 6.10 [1].  The Chrome V8 engine will utilize the
  memory sealing function to protect its JIT compiler from memory
  corruption vulnerabilities. The change is merged in Chrome, and we
  believe that Ubuntu users would benefit from using this safer version
  of Chrome.

  In addition, glibc’s dynamic linker is adding mseal to seal RO mapping
  such as  .text, .rodata, .relco [2], the integration test is
  completed.

  The backport work includes 4 commits [3] [4] [5] [6].  ChromeOS and
  Android GKI both have the mseal backported to the 6.6 kernel.  I will
  send out patches for LTS 22.04 to kernel-t...@lists.ubuntu.com

  Thank you for your time and consideration.
  Best regards,
  Jeff

  [1] https://docs.kernel.org/userspace-api/mseal.html
  [2] https://sourceware.org/pipermail/libc-alpha/2024-September/160291.html
  [3] 
https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5595211/4
  [4] 
https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5595853/4
  [5] 
https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5742931
  [6] 
https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5802772

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2089711/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to