| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 5 Aug 2015 16:55:43 -0700
From: Paul Burton <paul.burton@...tec.com>
To: Leonid Yegoshin <Leonid.Yegoshin@...tec.com>
CC: <daniel.sanders@...tec.com>, <linux-mips@...ux-mips.org>,
<cernekee@...il.com>, <Zubair.Kakakhel@...tec.com>,
<geert+renesas@...der.be>, <david.daney@...ium.com>,
<peterz@...radead.org>, <heiko.carstens@...ibm.com>,
<paul.gortmaker@...driver.com>, <behanw@...verseincode.com>,
<macro@...ux-mips.org>, <cl@...ux.com>, <pkarat@...sta.com>,
<linux@...ck-us.net>, <tkhai@...dex.ru>, <james.hogan@...tec.com>,
<alexinbeijing@...il.com>, <rusty@...tcorp.com.au>,
<Steven.Hill@...tec.com>, <lars.persson@...s.com>,
<aleksey.makarov@...iga.com>, <linux-kernel@...r.kernel.org>,
<ralf@...ux-mips.org>, <luto@...capital.net>,
<dahi@...ux.vnet.ibm.com>, <markos.chandras@...tec.com>,
<eunb.song@...sung.com>, <kumba@...too.org>
Subject: Re: [PATCH v4 3/3] MIPS: set stack/data protection as non-executable
On Wed, Aug 05, 2015 at 04:49:36PM -0700, Leonid Yegoshin wrote:
> This is a last step of 3 patches which shift FPU emulation out of
> stack into protected area. So, it disables a default executable stack.
>
> Additionally, it sets a default data area non-executable protection.
>
> Signed-off-by: Leonid Yegoshin <Leonid.Yegoshin@...tec.com>
> ---
> arch/mips/include/asm/page.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/mips/include/asm/page.h b/arch/mips/include/asm/page.h
> index 89dd7fed1a57..0b6cec4a1b80 100644
> --- a/arch/mips/include/asm/page.h
> +++ b/arch/mips/include/asm/page.h
> @@ -228,7 +228,7 @@ extern int __virt_addr_valid(const volatile void *kaddr);
> #define virt_addr_valid(kaddr) \
> __virt_addr_valid((const volatile void *) (kaddr))
>
> -#define VM_DATA_DEFAULT_FLAGS (VM_READ | VM_WRITE | VM_EXEC | \
> +#define VM_DATA_DEFAULT_FLAGS (VM_READ | VM_WRITE | \
> VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC)
>
> #define UNCAC_ADDR(addr) ((addr) - PAGE_OFFSET + UNCAC_BASE)
>
Hi Leonid,
As was pointed out last time you posted this, it breaks backwards
compatibility with userland & thus cannot be applied. We should only be
changing executability of memory in the presence of a PT_GNU_STACK
header indicating that it's safe to do so, with cooperation from the
toolchain team to begin emitting it for MIPS. See the way ARM did it, or
the patches I've posted for this in the past.
Thanks,
Paul
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists