lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 6 Dec 2017 17:50:52 +0000
From:   "Maciej W. Rozycki" <macro@...s.com>
To:     Miodrag Dinic <Miodrag.Dinic@...s.com>
CC:     James Hogan <James.Hogan@...s.com>,
        David Daney <ddaney@...iumnetworks.com>,
        Aleksandar Markovic <aleksandar.markovic@...rk.com>,
        "linux-mips@...ux-mips.org" <linux-mips@...ux-mips.org>,
        Aleksandar Markovic <Aleksandar.Markovic@...s.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        DengCheng Zhu <DengCheng.Zhu@...s.com>,
        Ding Tianhong <dingtianhong@...wei.com>,
        Douglas Leung <Douglas.Leung@...s.com>,
        "Frederic Weisbecker" <frederic@...nel.org>,
        Goran Ferenc <Goran.Ferenc@...s.com>,
        "Ingo Molnar" <mingo@...nel.org>,
        James Cowgill <James.Cowgill@...tec.com>,
        "Jonathan Corbet" <corbet@....net>,
        "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Marc Zyngier <marc.zyngier@....com>,
        "Matt Redfearn" <Matt.Redfearn@...s.com>,
        Mimi Zohar <zohar@...ux.vnet.ibm.com>,
        Paul Burton <Paul.Burton@...s.com>,
        "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
        Petar Jovanovic <Petar.Jovanovic@...s.com>,
        Raghu Gandham <Raghu.Gandham@...s.com>,
        Ralf Baechle <ralf@...ux-mips.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Tom Saeger <tom.saeger@...cle.com>
Subject: RE: [PATCH v2] MIPS: Add nonxstack=on|off kernel parameter

Hi Miodrag,

> When kernel is detecting the type of mapping it should apply :
> 
> fs/binfmt_elf.c:
> ...
> 	if (elf_read_implies_exec(loc->elf_ex, executable_stack))
> 		current->personality |= READ_IMPLIES_EXEC;
> ...
> 
> this effectively calls mips_elf_read_implies_exec() which performs a check:
> ...
> 	if (!cpu_has_rixi) {
> 		/* The CPU doesn't support non-executable memory */
> 		return 1;
> 	}
> 
> 	return 0;
> }
> 
> This will in turn make stack & heap executable on processors without 
> RIXI, which are practically all processors with MIPS ISA R < 6.
> 
> We would like to have an option to override this and force 
> non-executable mappings for such systems.

 Of course you can't force a non-executable mapping with a system where 
all valid pages are executable, as David has already noted.  Did you mean 
the other condition, that is:

	if (exstack != EXSTACK_DISABLE_X) {
		/* The binary doesn't request a non-executable stack */
		return 1;
	}

?  In which case you do want to respect the lack of the RIXI feature, 
i.e.:

int mips_elf_read_implies_exec(void *elf_ex, int exstack)
{
	if (!cpu_has_rixi) {
		/* The CPU doesn't support non-executable memory */
		return 1;
        }

	switch (nonxstack) {
	case EXSTACK_DISABLE_X:
		return 0;
	case EXSTACK_ENABLE_X:
		return 1;
	default:
		break;
	}

	if (exstack != EXSTACK_DISABLE_X) {
		/* The binary doesn't request a non-executable stack */
		return 1;
	}

	return 0;
}

(I'd replace `break' with `return exstack != EXSTACK_DISABLE_X' and 
discard the code that follows, but that can be a separate optimisation).

 What problem are you trying to solve anyway?  Is it not something that 
can be handled with the `execstack' utility?

 NB as someone has observed with programs that do not request a 
non-executable stack we actually propagate the execute permission to all 
data pages.  Is it not something we would want to handle differently?

  Maciej

Powered by blists - more mailing lists