Public bug reported: Hello everybody,
I'm running Ubuntu 10.04 32-bit 2.6.32-22-generic-pae kernel. I need to boot into Ubuntu having the NX bit set forced OFF since even if i disabled execution protection from BIOS Ubuntu emulates it. (ref @ https://wiki.ubuntu.com/Security/Features#Non-Exec%20Memory) As such, according to the kernel parameters from kernel.org (ref @ http://www.kernel.org/doc/Documentation/kernel-parameters.txt search for noexec) i am appending the following to parameters to my grub.cfg: noexec=off and noexec32=off <grub.cfg snip> menuentry 'Ubuntu, with Linux 2.6.32-22-generic-pae' --class ubuntu --class gnu-linux --class gnu --class os { recordfail insmod ext2 set root='(hd0,1)' search --no-floppy --fs-uuid --set de69abbd-bd5d-455e-b4c0-be9ab0ed6037 linux /boot/vmlinuz-2.6.32-22-generic-pae root=UUID=de69abbd-bd5d-455e-b4c0-be9ab0ed6037 ro crashkernel=384M-2G:64M,2G-:128M noexec=off noexec32=off initrd /boot/initrd.img-2.6.32-22-generic-pae } </grub.cfg snip> However, the kernel seems to ignore those parameters and still boots with execution prevention enabled, <var/log/syslog snip> Jun 22 16:36:00 EL kernel: [ 0.000000] Using x86 segment limits to approximate NX protection </var/log/syslog snip> this is verified by running the NX regression test from http://bazaar.launchpad.net/~ubuntu-bugcontrol/qa-regression- testing/master/files/head%3A/scripts/kernel-security/nx/ ./nx-test stack data: 0x804a050 bss: 0x805a080 brk: 0x9edc008 rw: 0xb7827000 rwx: 0x60c000 stack: 0xbfec9fd8 Dump of /proc/self/maps: 0035f000-004b2000 r-xp 00000000 08:01 145283 /lib/tls/i686/cmov/libc-2.11.1.so 004b2000-004b3000 ---p 00153000 08:01 145283 /lib/tls/i686/cmov/libc-2.11.1.so 004b3000-004b5000 r--p 00153000 08:01 145283 /lib/tls/i686/cmov/libc-2.11.1.so 004b5000-004b6000 rw-p 00155000 08:01 145283 /lib/tls/i686/cmov/libc-2.11.1.so 004b6000-004b9000 rw-p 00000000 00:00 0 0060c000-0060d000 rwxp 00000000 00:00 0 008f1000-008f2000 r-xp 00000000 00:00 0 [vdso] 00a62000-00a7d000 r-xp 00000000 08:01 2350 /lib/ld-2.11.1.so 00a7d000-00a7e000 r--p 0001a000 08:01 2350 /lib/ld-2.11.1.so 00a7e000-00a7f000 rw-p 0001b000 08:01 2350 /lib/ld-2.11.1.so 08048000-08049000 r-xp 00000000 08:01 1443777 /home/vasilis/Downloads/nx/nx-test 08049000-0804a000 r--p 00000000 08:01 1443777 /home/vasilis/Downloads/nx/nx-test 0804a000-0804b000 rw-p 00001000 08:01 1443777 /home/vasilis/Downloads/nx/nx-test 0804b000-0805b000 rw-p 00000000 00:00 0 09edc000-09efe000 rw-p 00000000 00:00 0 [heap] b7815000-b7816000 rw-p 00000000 00:00 0 b7826000-b782b000 rw-p 00000000 00:00 0 bfeb6000-bfecb000 rw-p 00000000 00:00 0 [stack] Attempting to execute function at 0xbfec9fe4 If this program seg-faults, the region was enforced as non-executable... Segmentation fault ... Any help will be seriously appreciated !!! Thanks V. ** Affects: ubuntu Importance: Undecided Status: New -- Kernel ignores noexec=off parameter https://bugs.launchpad.net/bugs/597702 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
