On Wed, Nov 27, 2024 at 3:10 AM Agathe Porte <2089...@bugs.launchpad.net> wrote: > > Note that jammy is 5.15 which is older than 6.6 from ChromeOS/Android > GKI. > > Your title says 24.04 and your description says 22.04. I targeted to > both, but title and description should be clarified.
I apologize for the confusion. , I meant to backport to 6.8 kernel, which is 24.04 LTS, I believe. Waiting for your > patches on the ML, and for the SRU template to be filled > (https://canonical-sru-docs.readthedocs- > hosted.com/en/latest/reference/bug-template/). > I sent out patches to kernel-t...@lists.ubuntu.com yesterday, is that shown up in ML yet ? (it is in my "sent " folder on the email box) > ** Also affects: linux (Ubuntu Noble) > Importance: Undecided > Status: New > > ** Also affects: linux (Ubuntu Jammy) > Importance: Undecided > Status: New > > ** Changed in: linux (Ubuntu) > Status: New => Invalid > > ** Changed in: linux (Ubuntu Noble) > Status: New => Triaged > > ** Changed in: linux (Ubuntu Jammy) > Status: New => Triaged > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/2089711 > > Title: > Request to backport mseal syscall to LTS 24.04 LTS GA kernel > > Status in linux package in Ubuntu: > Invalid > Status in linux source package in Jammy: > Triaged > Status in linux source package in Noble: > Triaged > > Bug description: > Hello, > > My name is Jeff Xu, I work with Stephen Röttger on hardening the > chrome browser. I'm reaching out to explore the possibility of > backporting memory sealing into the 22.04 LTS kernel. > > For context, it is worth noting that the Kernel introduces mseal > support in version 6.10 [1]. The Chrome V8 engine will utilize the > memory sealing function to protect its JIT compiler from memory > corruption vulnerabilities. The change is merged in Chrome, and we > believe that Ubuntu users would benefit from using this safer version > of Chrome. > > In addition, glibc’s dynamic linker is adding mseal to seal RO mapping > such as .text, .rodata, .relco [2], the integration test is > completed. > > The backport work includes 4 commits [3] [4] [5] [6]. ChromeOS and > Android GKI both have the mseal backported to the 6.6 kernel. I will > send out patches for LTS 22.04 to kernel-t...@lists.ubuntu.com > > Thank you for your time and consideration. > Best regards, > Jeff > > [1] https://docs.kernel.org/userspace-api/mseal.html > [2] https://sourceware.org/pipermail/libc-alpha/2024-September/160291.html > [3] > https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5595211/4 > [4] > https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5595853/4 > [5] > https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5742931 > [6] > https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5802772 > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2089711/+subscriptions > -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2089711 Title: Request to backport mseal syscall to LTS 24.04 LTS GA kernel Status in linux package in Ubuntu: Invalid Status in linux source package in Jammy: Triaged Status in linux source package in Noble: Triaged Bug description: Hello, My name is Jeff Xu, I work with Stephen Röttger on hardening the chrome browser. I'm reaching out to explore the possibility of backporting memory sealing into the 22.04 LTS kernel. For context, it is worth noting that the Kernel introduces mseal support in version 6.10 [1]. The Chrome V8 engine will utilize the memory sealing function to protect its JIT compiler from memory corruption vulnerabilities. The change is merged in Chrome, and we believe that Ubuntu users would benefit from using this safer version of Chrome. In addition, glibc’s dynamic linker is adding mseal to seal RO mapping such as .text, .rodata, .relco [2], the integration test is completed. The backport work includes 4 commits [3] [4] [5] [6]. ChromeOS and Android GKI both have the mseal backported to the 6.6 kernel. I will send out patches for LTS 22.04 to kernel-t...@lists.ubuntu.com Thank you for your time and consideration. Best regards, Jeff [1] https://docs.kernel.org/userspace-api/mseal.html [2] https://sourceware.org/pipermail/libc-alpha/2024-September/160291.html [3] https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5595211/4 [4] https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5595853/4 [5] https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5742931 [6] https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5802772 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2089711/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
