Thanks - I had missed the Debian bug link.
** Description changed:
[impact]
gzip/libgzip fails for systemd services using MemoryDenyWriteExecute=yes
[test case]
note this only fails on ppc64el
create service file /etc/systemd/system/test-localegen.service with
content:
[Service]
MemoryDenyWriteExecute=yes
ExecStart=/usr/sbin/locale-gen
-
run systemctl daemon-reload, and start the service:
- ubuntu at test-ppc-b:~$ sudo systemctl daemon-reload
- ubuntu at test-ppc-b:~$ sudo systemctl start test-localegen.service
- ubuntu at test-ppc-b:~$ sudo systemctl status test-localegen.service
+ ubuntu at test-ppc-b:~$ sudo systemctl daemon-reload
+ ubuntu at test-ppc-b:~$ sudo systemctl start test-localegen.service
+ ubuntu at test-ppc-b:~$ sudo systemctl status test-localegen.service
○ test-localegen.service
- Loaded: loaded (8;;file://test-ppc-b/etc/systemd/system/test-localegen.service^G/etc/systemd/system/test-localegen.service8;;^G; static)
- Active: inactive (dead)
+ Loaded: loaded (8;;file://test-ppc-b/etc/systemd/system/test-localegen.service^G/etc/systemd/system/test-localegen.service8;;^G; static)
+ Active: inactive (dead)
Jun 24 16:44:18 test-ppc-b locale-gen[2737]: gzip: error while loading shared libraries: cannot restore segment prot after reloc: Operation not permitted
Jun 24 16:44:18 test-ppc-b locale-gen[2738]: gzip: error while loading shared libraries: cannot restore segment prot after reloc: Operation not permitted
Jun 24 16:44:18 test-ppc-b locale-gen[2739]: gzip: error while loading shared libraries: cannot restore segment prot after reloc: Operation not permitted
Jun 24 16:44:18 test-ppc-b locale-gen[2740]: gzip: error while loading shared libraries: cannot restore segment prot after reloc: Operation not permitted
Jun 24 16:44:18 test-ppc-b locale-gen[2741]: gzip: error while loading shared libraries: cannot restore segment prot after reloc: Operation not permitted
Jun 24 16:44:18 test-ppc-b locale-gen[2506]: failed to set locale!
Jun 24 16:44:18 test-ppc-b locale-gen[2506]: [error] default character map file `ANSI_X3.4-1968' not found: No such file or directory
Jun 24 16:44:18 test-ppc-b locale-gen[2489]: done
Jun 24 16:44:18 test-ppc-b locale-gen[2483]: Generation complete.
Jun 24 16:44:18 test-ppc-b systemd[1]: test-localegen.service: Deactivated successfully.
-
[regression potential]
as this sets NO_ASM any regression would likely involve changed
performance or architecture-specific failures
+
+ [racb] As NO_ASM switches code implementations inside gzip, it's
+ possible that this regresses behaviour if a bug exists in the C
+ implementation but not in the assembly implementation. However in
+ mitigation the C implementation has been in use since Focal, and it
+ doesn't look like anything relevant to this change has been changed
+ since Bionic.
[scope]
this is needed only in b
this was fixed in debian at version 1.9-2.1, so this is fixed already in
f and later
** Changed in: gzip (Ubuntu Bionic)
Status: In Progress => Fix Committed
** Tags added: verification-needed verification-needed-bionic
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gzip in Ubuntu.
https://bugs.launchpad.net/bugs/1933516
Title:
gzip: error while loading shared libraries: cannot restore segment
prot after reloc: Operation not permitted
Status in gzip package in Ubuntu:
Fix Released
Status in gzip source package in Bionic:
Fix Committed
Status in gzip package in Debian:
Fix Released
Bug description:
[impact]
gzip/libgzip fails for systemd services using
MemoryDenyWriteExecute=yes
[test case]
note this only fails on ppc64el
create service file /etc/systemd/system/test-localegen.service with
content:
[Service]
MemoryDenyWriteExecute=yes
ExecStart=/usr/sbin/locale-gen
run systemctl daemon-reload, and start the service:
ubuntu at test-ppc-b:~$ sudo systemctl daemon-reload
ubuntu at test-ppc-b:~$ sudo systemctl start test-localegen.service
ubuntu at test-ppc-b:~$ sudo systemctl status test-localegen.service
○ test-localegen.service
Loaded: loaded (8;;file://test-ppc-b/etc/systemd/system/test-localegen.service^G/etc/systemd/system/test-localegen.service8;;^G; static)
Active: inactive (dead)
Jun 24 16:44:18 test-ppc-b locale-gen[2737]: gzip: error while loading shared libraries: cannot restore segment prot after reloc: Operation not permitted
Jun 24 16:44:18 test-ppc-b locale-gen[2738]: gzip: error while loading shared libraries: cannot restore segment prot after reloc: Operation not permitted
Jun 24 16:44:18 test-ppc-b locale-gen[2739]: gzip: error while loading shared libraries: cannot restore segment prot after reloc: Operation not permitted
Jun 24 16:44:18 test-ppc-b locale-gen[2740]: gzip: error while loading shared libraries: cannot restore segment prot after reloc: Operation not permitted
Jun 24 16:44:18 test-ppc-b locale-gen[2741]: gzip: error while loading shared libraries: cannot restore segment prot after reloc: Operation not permitted
Jun 24 16:44:18 test-ppc-b locale-gen[2506]: failed to set locale!
Jun 24 16:44:18 test-ppc-b locale-gen[2506]: [error] default character map file `ANSI_X3.4-1968' not found: No such file or directory
Jun 24 16:44:18 test-ppc-b locale-gen[2489]: done
Jun 24 16:44:18 test-ppc-b locale-gen[2483]: Generation complete.
Jun 24 16:44:18 test-ppc-b systemd[1]: test-localegen.service: Deactivated successfully.
[regression potential]
as this sets NO_ASM any regression would likely involve changed
performance or architecture-specific failures
[racb] As NO_ASM switches code implementations inside gzip, it's
possible that this regresses behaviour if a bug exists in the C
implementation but not in the assembly implementation. However in
mitigation the C implementation has been in use since Focal, and it
doesn't look like anything relevant to this change has been changed
since Bionic.
[scope]
this is needed only in b
this was fixed in debian at version 1.9-2.1, so this is fixed already
in f and later
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gzip/+bug/1933516/+subscriptions