[Mono-bugs] [Bug 61710][Nor] New - mono can't compile with PaX

bugzilla-daemon@bugzilla.ximian.com bugzilla-daemon@bugzilla.ximian.com
Sun, 18 Jul 2004 18:30:02 -0400 (EDT)

Previous message: [Mono-bugs] [Bug 60324][Maj] Changed - Exception when compiling decimal class
Next message: [Mono-bugs] [Bug 61711][Wis] New - Stacktrace does not contain line numbers on os x 10.3 (mono 1.0)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by nigelenki@comcast.net.

http://bugzilla.ximian.com/show_bug.cgi?id=61710

--- shadow/61710	2004-07-18 18:30:02.000000000 -0400
+++ shadow/61710.tmp.22201	2004-07-18 18:30:02.000000000 -0400
@@ -0,0 +1,65 @@
+Bug#: 61710
+Product: Mono: Runtime
+Version: unspecified
+OS: 
+OS Details: Gentoo with PaX
+Status: NEW   
+Resolution: 
+Severity: 001 One hour
+Priority: Normal
+Component: misc
+AssignedTo: mono-bugs@ximian.com                            
+ReportedBy: nigelenki@comcast.net               
+QAContact: mono-bugs@ximian.com
+TargetMilestone: ---
+URL: 
+Cc: 
+Summary: mono can't compile with PaX
+
+Description of Problem:
+When building mono, at least one kill occurs with PaX:
+
+PAX: execution attempt in: <anonymous mapping>, 22018000-22020000 22018000
+PAX: terminating task:
+/tmp/portage/mono-1.0/work/mono-1.0/mono/mini/.libs/lt-mono(lt-mono):19342,
+uid/euid: 0/0, PC: 22018050, SP: 5cb37e6c
+
+I'm digging my way through to see what needs to be done, but I'm assuming
+you'll need to `paxctl -pemrxs` against this binary during building, before
+using it.  You may wish to use both 'chpax' and 'paxctl' at this point.
+
+You can find information on PaX at:
+
+http://pax.grsecurity.net/
+http://en.wikipedia.org/wiki/PaX
+
+Basically, it's a strict executable space protection scheme.
+
+Steps to reproduce the problem:
+1.  Set up a PaX-enabled system
+2.  Compile mono
+3.  Watch lt-mono die.
+
+Actual Results:
+lt-mono dies due to a PaX kill, compilation halts.
+
+Expected Results:
+mono should finish installing and get merged to /
+
+How often does this happen? 
+100% guarantee.
+
+Additional Information:
+See the two links above.  It's not feasible to say, "just get a binary
+download" or "don't use PaX," in this situation; however, you'll want to
+allow the paxctl and chpax commands to fail in the Makefile, as non-PaX
+systems won't have these installed.
+
+Anything that does JIT during build will need restrictions removed as given
+above.
+
+This should be a fairly simple build system fix (mark affected binaries
+before using them, and after building).  I've left the priority at "Normal"
+because I figure none of the Internet cares about security at this point,
+and would rather we switch off our protections.  Raise if you disagree with
+common opinion.

Previous message: [Mono-bugs] [Bug 60324][Maj] Changed - Exception when compiling decimal class
Next message: [Mono-bugs] [Bug 61711][Wis] New - Stacktrace does not contain line numbers on os x 10.3 (mono 1.0)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]