diff mbox

[Natty] Temporary patch to make i386 ec2 instances boot

Message ID 4D2E2AB2.4040104@canonical.com
State Accepted
Delegated to: Andy Whitcroft
Headers show

Commit Message

Stefan Bader Jan. 12, 2011, 10:26 p.m. UTC
Unfortunately there still seems to be something wrong with the new attempt to
make certain kernel areas read-only and non-executable. Until we find and fix
the real issue it would at least allow the 32 bit instances to boot if we
temporarily disable the option to set kernel data read-only.

Comments

Tim Gardner Jan. 14, 2011, 5:47 p.m. UTC | #1
On 01/12/2011 04:26 PM, Stefan Bader wrote:
> Unfortunately there still seems to be something wrong with the new attempt to
> make certain kernel areas read-only and non-executable. Until we find and fix
> the real issue it would at least allow the 32 bit instances to boot if we
> temporarily disable the option to set kernel data read-only.
>
>

applied
diff mbox

Patch

From a8038024b3d3bebe57eb9f27f651651838aadaf0 Mon Sep 17 00:00:00 2001
From: Stefan Bader <stefan.bader@canonical.com>
Date: Tue, 11 Jan 2011 23:29:25 +0000
Subject: [PATCH] UBUNTU: Temporarily disable RODATA for virtual i386

Setting to RO was ok, but the whole patchset seems to cause
i386 EC instances to panic on boot when setting the kernel data
to read-only and no-execute. So while there is no proper fix
found disable this in the i386 virtual flavour.

BugLink: http://bugs.launchpad.net/bugs/699828

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
---
 debian.master/config/amd64/config.common.amd64     |    1 +
 debian.master/config/armel/config.common.armel     |    1 +
 debian.master/config/config.common.ubuntu          |    1 -
 debian.master/config/enforce                       |    3 ++-
 debian.master/config/i386/config.flavour.generic   |    1 +
 .../config/i386/config.flavour.generic-pae         |    1 +
 debian.master/config/i386/config.flavour.virtual   |    1 +
 debian.master/config/powerpc/config.common.powerpc |    1 +
 8 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/debian.master/config/amd64/config.common.amd64 b/debian.master/config/amd64/config.common.amd64
index 7d0d5de..a62256c 100644
--- a/debian.master/config/amd64/config.common.amd64
+++ b/debian.master/config/amd64/config.common.amd64
@@ -61,6 +61,7 @@  CONFIG_CRYPTO_SEQIV=m
 CONFIG_DAB=y
 CONFIG_DAVICOM_PHY=y
 CONFIG_DEBUG_INFO=y
+CONFIG_DEBUG_RODATA=y
 CONFIG_DEFAULT_MMAP_MIN_ADDR=65536
 CONFIG_DISPLAY_SUPPORT=m
 # CONFIG_DL2K is not set
diff --git a/debian.master/config/armel/config.common.armel b/debian.master/config/armel/config.common.armel
index d9f46b4..19b9b32 100644
--- a/debian.master/config/armel/config.common.armel
+++ b/debian.master/config/armel/config.common.armel
@@ -40,6 +40,7 @@  CONFIG_CRYPTO_SEQIV=m
 CONFIG_DAB=y
 CONFIG_DAVICOM_PHY=y
 CONFIG_DEBUG_INFO=y
+CONFIG_DEBUG_RODATA=y
 CONFIG_DEFAULT_CFQ=y
 # CONFIG_DEFAULT_DEADLINE is not set
 CONFIG_DEFAULT_IOSCHED="cfq"
diff --git a/debian.master/config/config.common.ubuntu b/debian.master/config/config.common.ubuntu
index 12c278c..a7bc00e 100644
--- a/debian.master/config/config.common.ubuntu
+++ b/debian.master/config/config.common.ubuntu
@@ -1026,7 +1026,6 @@  CONFIG_DEBUG_MEMORY_INIT=y
 # CONFIG_DEBUG_PAGEALLOC is not set
 # CONFIG_DEBUG_PERF_USE_VMALLOC is not set
 # CONFIG_DEBUG_PER_CPU_MAPS is not set
-CONFIG_DEBUG_RODATA=y
 # CONFIG_DEBUG_RODATA_TEST is not set
 # CONFIG_DEBUG_RT_MUTEXES is not set
 CONFIG_DEBUG_SET_MODULE_RONX=y
diff --git a/debian.master/config/enforce b/debian.master/config/enforce
index 19316ea..bd98fd9 100644
--- a/debian.master/config/enforce
+++ b/debian.master/config/enforce
@@ -15,7 +15,8 @@  value CONFIG_DEFAULT_SECURITY_APPARMOR y
 # For architectures which support this option ensure it is enabled.
 !exists CONFIG_SECCOMP | value CONFIG_SECCOMP y
 !exists CONFIG_CC_STACKPROTECTOR | value CONFIG_CC_STACKPROTECTOR y
-!exists CONFIG_DEBUG_RODATA | value CONFIG_DEBUG_RODATA y
+!exists CONFIG_DEBUG_RODATA | value CONFIG_DEBUG_RODATA y | \
+	(flavour virtual & arch i386 & value CONFIG_DEBUG_RODATA n)
 !exists CONFIG_DEBUG_SET_MODULE_RONX | value CONFIG_DEBUG_SET_MODULE_RONX y
 !exists CONFIG_STRICT_DEVMEM | value CONFIG_STRICT_DEVMEM y
 # For architectures which support this option ensure it is disabled.
diff --git a/debian.master/config/i386/config.flavour.generic b/debian.master/config/i386/config.flavour.generic
index 05a1d1e..260d311 100644
--- a/debian.master/config/i386/config.flavour.generic
+++ b/debian.master/config/i386/config.flavour.generic
@@ -3,6 +3,7 @@ 
 #
 # CONFIG_ARCH_DMA_ADDR_T_64BIT is not set
 # CONFIG_ARCH_PHYS_ADDR_T_64BIT is not set
+CONFIG_DEBUG_RODATA=y
 CONFIG_HIGHMEM4G=y
 # CONFIG_HIGHMEM64G is not set
 CONFIG_INTEL_IDLE=y
diff --git a/debian.master/config/i386/config.flavour.generic-pae b/debian.master/config/i386/config.flavour.generic-pae
index 434da81..8d547c1 100644
--- a/debian.master/config/i386/config.flavour.generic-pae
+++ b/debian.master/config/i386/config.flavour.generic-pae
@@ -3,6 +3,7 @@ 
 #
 CONFIG_ARCH_DMA_ADDR_T_64BIT=y
 CONFIG_ARCH_PHYS_ADDR_T_64BIT=y
+CONFIG_DEBUG_RODATA=y
 # CONFIG_HIGHMEM4G is not set
 CONFIG_HIGHMEM64G=y
 CONFIG_INTEL_IDLE=y
diff --git a/debian.master/config/i386/config.flavour.virtual b/debian.master/config/i386/config.flavour.virtual
index 4a7ce91..dc24f94 100644
--- a/debian.master/config/i386/config.flavour.virtual
+++ b/debian.master/config/i386/config.flavour.virtual
@@ -3,6 +3,7 @@ 
 #
 CONFIG_ARCH_DMA_ADDR_T_64BIT=y
 CONFIG_ARCH_PHYS_ADDR_T_64BIT=y
+# CONFIG_DEBUG_RODATA is not set
 # CONFIG_HIGHMEM4G is not set
 CONFIG_HIGHMEM64G=y
 # CONFIG_INTEL_IDLE is not set
diff --git a/debian.master/config/powerpc/config.common.powerpc b/debian.master/config/powerpc/config.common.powerpc
index 45d31c0..783c546 100644
--- a/debian.master/config/powerpc/config.common.powerpc
+++ b/debian.master/config/powerpc/config.common.powerpc
@@ -52,6 +52,7 @@  CONFIG_CRYPTO_HMAC=y
 # CONFIG_DAB is not set
 CONFIG_DAVICOM_PHY=m
 # CONFIG_DEBUG_INFO is not set
+CONFIG_DEBUG_RODATA=y
 CONFIG_DEFAULT_CFQ=y
 # CONFIG_DEFAULT_DEADLINE is not set
 CONFIG_DEFAULT_IOSCHED="cfq"
-- 
1.7.0.4