lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 15 May 2014 10:05:35 +0100
From:	Will Deacon <will.deacon@....com>
To:	Kyle McMartin <kyle@...hat.com>
Cc:	"linux-arm-kernel@...ts.infradead.org" 
	<linux-arm-kernel@...ts.infradead.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Catalin Marinas <Catalin.Marinas@....com>
Subject: Re: [PATCH] arm64: don't set READ_IMPLIES_EXEC for EM_AARCH64

On Wed, May 14, 2014 at 07:57:21PM +0100, Kyle McMartin wrote:
> current->personality & READ_IMPLIES_EXEC is currently being set for
> AArch64 binaries, resulting in an executable stack, when no explicit
> PT_GNU_STACK header is present.
> 
> [kmcmarti@...ition ~]$ uname -p
> aarch64
> [kmcmarti@...ition ~]$ cat /proc/$$/personality 
> 00400000
> 
> The reason for this is, without an explicit PT_GNU_STACK entry in the
> binary, stk is still set to EXSTACK_DEFAULT (which should be
> non-executable on AArch64.) As a result, elf_read_implies_exec is true,
> and we set READ_IMPLIES_EXEC in binfmt_elf.c:load_elf_binary.
> 
> Fix this to return 0 in the native case, and parrot the logic from
> arch/arm/kernel/elf.c otherwise. With this patch, binaries correctly
> don't have READ_IMPLIES_EXEC set, and we can let PT_GNU_STACK change
> things if it's explicitly requested.

Unfortunately, my understanding is that GCC currently requires this for
nested functions, so this is an effective ABI breakage. On the plus side,
the GCC guys are planning to fix that, so we should see PT_GNU_STACK getting
used more frequently in the future.

Will
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ