lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150805235543.GG2057@NP-P-BURTON>
Date:	Wed, 5 Aug 2015 16:55:43 -0700
From:	Paul Burton <paul.burton@...tec.com>
To:	Leonid Yegoshin <Leonid.Yegoshin@...tec.com>
CC:	<daniel.sanders@...tec.com>, <linux-mips@...ux-mips.org>,
	<cernekee@...il.com>, <Zubair.Kakakhel@...tec.com>,
	<geert+renesas@...der.be>, <david.daney@...ium.com>,
	<peterz@...radead.org>, <heiko.carstens@...ibm.com>,
	<paul.gortmaker@...driver.com>, <behanw@...verseincode.com>,
	<macro@...ux-mips.org>, <cl@...ux.com>, <pkarat@...sta.com>,
	<linux@...ck-us.net>, <tkhai@...dex.ru>, <james.hogan@...tec.com>,
	<alexinbeijing@...il.com>, <rusty@...tcorp.com.au>,
	<Steven.Hill@...tec.com>, <lars.persson@...s.com>,
	<aleksey.makarov@...iga.com>, <linux-kernel@...r.kernel.org>,
	<ralf@...ux-mips.org>, <luto@...capital.net>,
	<dahi@...ux.vnet.ibm.com>, <markos.chandras@...tec.com>,
	<eunb.song@...sung.com>, <kumba@...too.org>
Subject: Re: [PATCH v4 3/3] MIPS: set stack/data protection as non-executable

On Wed, Aug 05, 2015 at 04:49:36PM -0700, Leonid Yegoshin wrote:
> This is a last step of 3 patches which shift FPU emulation out of
> stack into protected area. So, it disables a default executable stack.
> 
> Additionally, it sets a default data area non-executable protection.
> 
> Signed-off-by: Leonid Yegoshin <Leonid.Yegoshin@...tec.com>
> ---
>  arch/mips/include/asm/page.h |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/mips/include/asm/page.h b/arch/mips/include/asm/page.h
> index 89dd7fed1a57..0b6cec4a1b80 100644
> --- a/arch/mips/include/asm/page.h
> +++ b/arch/mips/include/asm/page.h
> @@ -228,7 +228,7 @@ extern int __virt_addr_valid(const volatile void *kaddr);
>  #define virt_addr_valid(kaddr)						\
>  	__virt_addr_valid((const volatile void *) (kaddr))
>  
> -#define VM_DATA_DEFAULT_FLAGS	(VM_READ | VM_WRITE | VM_EXEC | \
> +#define VM_DATA_DEFAULT_FLAGS	(VM_READ | VM_WRITE | \
>  				 VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC)
>  
>  #define UNCAC_ADDR(addr)	((addr) - PAGE_OFFSET + UNCAC_BASE)
> 

Hi Leonid,

As was pointed out last time you posted this, it breaks backwards
compatibility with userland & thus cannot be applied. We should only be
changing executability of memory in the presence of a PT_GNU_STACK
header indicating that it's safe to do so, with cooperation from the
toolchain team to begin emitting it for MIPS. See the way ARM did it, or
the patches I've posted for this in the past.

Thanks,
    Paul
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ