Public bug reported: Hello AppArmor team,
I am reporting behavior that appears to involve AppArmor confinement and personality handling across exec. Summary A process sets ADDR_NO_RANDOMIZE via personality, verifies it as set using personality(0xffffffff), then calls execv on itself. After exec, ASLR still appears active, and the same logic repeats forever, causing an infinite self-exec loop and 100% CPU. Context Linux with AppArmor enabled Reproducible in VSCode integrated terminal process tree on my machine Not reproduced in gnome-terminal on the same machine Triggered by google-benchmark MaybeReenterWithoutASLR logic Upstream discussion: https://github.com/google/benchmark/issues/2184 Observed evidence GDB repeatedly shows process is executing new program, then main again, in a loop Stack addresses (for example argv pointer values) differ across iterations, indicating ASLR remains active after exec The pre-exec personality query reports ADDR_NO_RANDOMIZE as set This mismatch leads to repeated execv and infinite loop Expected behavior One of these should happen consistently: If policy forbids effective no-ASLR across exec, personality should fail clearly with an error If personality succeeds and reports ADDR_NO_RANDOMIZE set, it should remain effective after exec Question Is this expected AppArmor behavior, a policy interaction, or a bug in mediation semantics around personality plus exec? I can provide Minimal standalone C reproducer (without google-benchmark) Exact environment details (kernel, distro, AppArmor profile, VSCode version) GDB logs showing repeated exec and changing stack addresses Thanks for your help. ** Affects: apparmor (Ubuntu) Importance: Undecided Status: New ** Tags: apparmor aslr execve lsm personality -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2153650 Title: AppArmor: personality ADDR_NO_RANDOMIZE appears set but not effective after exec (causes infinite self-exec loop) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2153650/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
