Slashdot Mirror

← Back to Stories (view on slashdot.org)

Portal 2 Incompatible With SELinux

Posted by timothy on from the are-you-telling-us-the-whole-truth? dept.

jones_supa writes "Valve has recently released Portal 2 on Steam for Linux and opened a GitHub entry to gather all the bugs from the community. When one of the Valve developers closed a bug related to Portal 2 recommending that the users disable a security feature, the Linux community reacted. A crash is caused by the game's interaction with SELinux, the Linux kernel subsystem that deals with access control security policies. Portal 2 uses the third-party Miles Sound System MP3 decoder which, in turn, uses execheap, a feature that is normally disabled by SELinux. Like its name suggests, execheap allows a program to map a part of the memory so that it is both writable and executable. This could be a problem if someone chose to use that particular memory section for buffer overflow attacks; that would eventually permit the hacker to gain access to the system by running code. In the end, Valve developer David W. took responsibility of the problem: 'I apologize for the mis-communication: Some underlying infrastructure our games rely on is incompatible with SELinux. We are hoping to correct this. Of course closing this bug isn't appropriate and I am re-opening it.' This is more of an upstream problem for Valve. It's not something that they can fix directly, and most likely they will have to talk with the Miles developers and try to repair the problem from that direction."

16 of 212 comments (clear)

  1. why does a decoder need execheap? by mrvan · · Score: 5, Interesting

    Why does a decoder need execheap? Is there some sort of optimization that causes the processing and data to be not separated? It sounds like an invitation for all kind of exploits (which is presumably why it is banned by execheap).

    Also, is there a reason to use a specific MP3 decoder? Is it because of licensing, or are there technical reasons?

    1. Re:why does a decoder need execheap? by Barny · · Score: 5, Informative

      The Miles Sound System is a game sound API that does more than just play a single MP3. It plays lots and lots at once, with spacial geometry, allowing accurate 2D and 3D sound to be produced. Many, many games use RAD Tools' stuff, this likely wont be a Valve-only issue but one facing a lot of game companies should they port to linux.

      --
      ...
      /me sighs
    2. Re:why does a decoder need execheap? by Barny · · Score: 5, Informative

      Oh, and for a full list of details on this stuff, see the site here http://www.radgametools.com/mi...

      --
      ...
      /me sighs
    3. Re:why does a decoder need execheap? by Antique+Geekmeister · · Score: 4, Interesting

      What you're describing is a sometimes hidden form of the "Not Invented Here" problem, where some deficit in a working software stack is discarded for theoretical, not production reasons. In this case, it can be guaranteed to be unstable because it would replace whatever production grade audio tool is already working with one written in house, requiring maintenance, and _likely vulnerable to the same SELinux problems_.

    4. Re:why does a decoder need execheap? by wiredlogic · · Score: 4, Insightful

      None of which explains why it needs executable code and data mapped into the same memory space.

      --
      I am becoming gerund, destroyer of verbs.
  2. Re:If a computer is important enough to need SELin by Yoda222 · · Score: 4, Insightful

    I think that most Windows gamers run anti-virus. Do you also have good advises for them ?

  3. I don't think it was a malicious mistake. by Johnny+Loves+Linux · · Score: 5, Informative

    I think it's a culture clash of developers who've only worked in a Windows environment and consequently are used to turning off operating system security so they can run a program, usually a game, vs. the Linux community who inherited the Unix culture where you can play games on the operating system, but you can't play games with the operating system.

  4. Re:Bad Practice by tepples · · Score: 5, Interesting

    Without allowing code to be switched between writable and executable, how can dynamic recompilation work at all? Otherwise, your OS becomes iOS, whose strict W^X policy forbids third-party JIT engines.

  5. no need to disable SELinux by ssam · · Score: 5, Informative

    you just need to allow the portal2 binary to use execheap. Now obviously its not good that portal2 uses execheap, but SELinux is fine grained enough to allow for it.

    1. Re:no need to disable SELinux by Nimey · · Score: 4, Funny

      Your facts are not welcome here, this room is Hysteria and Abuse.

      --
      Hail Eris, full of mischief...

      E pluribus sanguinem
    2. Re:no need to disable SELinux by jones_supa · · Score: 4, Insightful

      you just need to allow the portal2 binary to use execheap. Now obviously its not good that portal2 uses execheap, but SELinux is fine grained enough to allow for it.

      So it's either one of these that is the solution...

      a) Go to System Settings -> SELinux -> Exceptions tab -> Tick a checkbox next to "Portal 2".

      b) Read complex technical documentation with no good examples and spend a full day crafting the proper configuration by manually editing various text files.

      I wonder which one...

    3. Re:no need to disable SELinux by Anonymous Coward · · Score: 5, Funny

      The bug is a lie.

  6. Re: oh my god!! by sjames · · Score: 4, Informative

    SELinux may have improved by leaps and bounds since I last touched it, but honestly it IS a wrong headed approach designed for an environment where a single security violation can be a disaster of global proportions.

    That's not to say that MAC is bad (it most certainly isn't) or that it's not a good idea on a desktop machine (it is). More that if you make something too draconian and too painful to relax a bit when needed, it tends to get turned off.

  7. Re:Learning experience by Opportunist · · Score: 5, Insightful

    While not false, the cost associated with NOT relying on third party tools also means that smaller studios could not possibly develop anything halfway competitive. Larger studios in turn would have to dedicate far more resources to developing the underlying basic engines rather than content.

    Yes, reliance on third party tools, APIs, engines and libraries makes you dependent on them. But it also frees a lot of resources that you can invest in the game rather than developing its foundation.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  8. Feigned outrage by Mr.+Freeman · · Score: 4, Insightful

    The same people complaining about Valve instructing people do disable SELinux are the very first people to recommend doing exactly the same thing when someone online asks "How do I do [basic thing] in Linux? It doesn't seem to be working." There isn't a single message board dedicated to Linux that isn't filled with "disable SELinux" posts.

    --
    -1 disagree is not a modifier for a reason. -1 troll, flaimbait, redundant, overrated are NOT acceptable substitutes.
  9. Re:AV sucks. by Anonymous Coward · · Score: 4, Informative

    They do.
    0% detection rate by all major AVs is pretty much a must-have if you want to sell a dropper.