Jason A. Donenfeld, author of VPN WireGuard, drew the attention of developers to a dirty hack present in the Linux kernel code that changes the behavior for processes whose name begins with the character "X". At first glance, fixes like this are usually applied in rootkits to leave a hidden loophole in process binding, but analysis showed that the change was added in 2019 to temporarily fix a user-space compatibility violation that had surfaced, in accordance with the principle that changes in the kernel should not break application compatibility.
Problems arose when trying to use the atomic video mode change mechanism in the xf86-video-modesetting DDX driver used in the X.Org server, which caused binding to processes starting with the character “X” (it was assumed that the workaround was applied to the “ xorg"). Almost immediately, the problem in X.Org was fixed (the use of the atomic API was disabled by default), but the interim fix was forgotten to be removed from the kernel, and an attempt to send an ioctl to atomically change the mode for all processes starting with the character "X" still continues to result to return an error. if (current->comm[0] == 'X' && req->value == 1) { pr_info("broken atomic modeset userspace detected, disabling atomic\n"); return -EOPNOTSUPP; }
Source: opennet.ru