On Wed, Nov 27, 2024 at 3:10 AM Agathe Porte <2089...@bugs.launchpad.net> wrote: > > Note that jammy is 5.15 which is older than 6.6 from ChromeOS/Android > GKI. > > Your title says 24.04 and your description says 22.04. I targeted to > both, but title and description should be clarified.
I apologize for the confusion. , I meant to backport to 6.8 kernel, which is 24.04 LTS, I believe. Waiting for your > patches on the ML, and for the SRU template to be filled > (https://canonical-sru-docs.readthedocs- > hosted.com/en/latest/reference/bug-template/). > I sent out patches to kernel-t...@lists.ubuntu.com yesterday, is that shown up in ML yet ? (it is in my "sent " folder on the email box) > ** Also affects: linux (Ubuntu Noble) > Importance: Undecided > Status: New > > ** Also affects: linux (Ubuntu Jammy) > Importance: Undecided > Status: New > > ** Changed in: linux (Ubuntu) > Status: New => Invalid > > ** Changed in: linux (Ubuntu Noble) > Status: New => Triaged > > ** Changed in: linux (Ubuntu Jammy) > Status: New => Triaged > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/2089711 > > Title: > Request to backport mseal syscall to LTS 24.04 LTS GA kernel > > Status in linux package in Ubuntu: > Invalid > Status in linux source package in Jammy: > Triaged > Status in linux source package in Noble: > Triaged > > Bug description: > Hello, > > My name is Jeff Xu, I work with Stephen Röttger on hardening the > chrome browser. I'm reaching out to explore the possibility of > backporting memory sealing into the 22.04 LTS kernel. > > For context, it is worth noting that the Kernel introduces mseal > support in version 6.10 [1]. The Chrome V8 engine will utilize the > memory sealing function to protect its JIT compiler from memory > corruption vulnerabilities. The change is merged in Chrome, and we > believe that Ubuntu users would benefit from using this safer version > of Chrome. > > In addition, glibc’s dynamic linker is adding mseal to seal RO mapping > such as .text, .rodata, .relco [2], the integration test is > completed. > > The backport work includes 4 commits [3] [4] [5] [6]. ChromeOS and > Android GKI both have the mseal backported to the 6.6 kernel. I will > send out patches for LTS 22.04 to kernel-t...@lists.ubuntu.com > > Thank you for your time and consideration. > Best regards, > Jeff > > [1] https://docs.kernel.org/userspace-api/mseal.html > [2] https://sourceware.org/pipermail/libc-alpha/2024-September/160291.html > [3] > https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5595211/4 > [4] > https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5595853/4 > [5] > https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5742931 > [6] > https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/5802772 > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2089711/+subscriptions > -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2089711 Title: Request to backport mseal syscall to LTS 24.04 LTS GA kernel To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2089711/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
