I had previously missed this bug report on the same issue: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1799237
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1813179 Title: Bionic (4.15.0-43.46), x86: mprotect(..., PROT_NONE) failure for VM_PFNMAP VMAs (fixed in mainline) Status in linux package in Ubuntu: Confirmed Bug description: Version: Distributor ID: Ubuntu Description: Ubuntu 18.04.1 LTS Release: 18.04 Codename: bionic Ubuntu 4.15.0-43.46-generic 4.15.18 This is a bug that has been fixed in mainline. When calling 'mprotect(..., PROT_NONE)' on a virtual memory area with VM_PFNMAP set it fails with a EACCESS (Permission denied) error even though it is a valid call. In my particular case this happens when calling mprotect(..., PROT_NONE) on a set of pages within the range of an Intel SGX enclave. The bug is fully described on the Linux kernel mailing list here: https://lkml.org/lkml/2018/8/16/697 The bug has been fixed in mainline in August, see https://github.com/torvalds/linux/commit/f19f5c49bbc3ffcc9126cc245fc1b24cc29f4a37 According to https://launchpad.net/ubuntu/+source/linux/+changelog the patch has been backported to Xenial and Cosmic, but not yet to Bionic. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1813179/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp