FS#48279 - [paxd] «denied RWX mmap» to php

Attached to Project: Community Packages
Opened by Hermann Zahnweh (eigengrau) - Saturday, 20 February 2016, 22:37 GMT
Last edited by Daniel Micay (thestinger) - Monday, 12 December 2016, 05:27 GMT
Task Type Feature Request
Category Packages
Status Closed
Assigned To Daniel Micay (thestinger)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 0
Private No

Details

Description:
After upgrading the kernel to 4.4.2.201602182048-1, my journal gets flooded by «denied RWX mmap» messages.

Feb 20 23:11:27 eigengrau kernel: grsec: denied RWX mmap of <anonymous mapping> by /usr/bin/php[php:7742] uid/euid:33/33 gid/egid:33/33, parent /usr/bin/php[php:580] uid/euid:33/33 gid/egid:33/33

The respective process is stand-alone PHP application (the RSS updater daemon from community/tt-rss). I have not yet noticed any unexpected behavior after the mmap was denied.

Can you advise whether this is a (non-)issue? Does PHP 7 require any new PaX exclusions?

Additional info:
* linux-grsec 4.4.2.201602182048-1
* php 7.0.3-1
* tt-rss 1:r7911-1
This task depends upon

Closed by  Daniel Micay (thestinger)
Monday, 12 December 2016, 05:27 GMT
Reason for closing:  Upstream
Additional comments about closing:  These are going to be tracked upstream.
Comment by Daniel Micay (thestinger) - Saturday, 05 March 2016, 12:34 GMT
After upgrading the kernel? It sounds like it was caused by upgrading PHP. The error will go away with an MPROTECT exception but the cause needs to be clear before I'll add it to paxd. I don't think PHP has a JIT compiler yet.
Comment by Hermann Zahnweh (eigengrau) - Sunday, 06 March 2016, 14:48 GMT
The first time this appears in my logs is feb 18, after upgrading linux-grsec from 4.3.5.201602092235-1 to 4.4.2.201602182048-1. No PHP update was made in the transaction preceding these messages. Though one possibility is that those errors just weren’t being logged to the journal before that date.

Loading...