| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 6 Dec 2017 17:50:52 +0000
From: "Maciej W. Rozycki" <macro@...s.com>
To: Miodrag Dinic <Miodrag.Dinic@...s.com>
CC: James Hogan <James.Hogan@...s.com>,
David Daney <ddaney@...iumnetworks.com>,
Aleksandar Markovic <aleksandar.markovic@...rk.com>,
"linux-mips@...ux-mips.org" <linux-mips@...ux-mips.org>,
Aleksandar Markovic <Aleksandar.Markovic@...s.com>,
Andrew Morton <akpm@...ux-foundation.org>,
DengCheng Zhu <DengCheng.Zhu@...s.com>,
Ding Tianhong <dingtianhong@...wei.com>,
Douglas Leung <Douglas.Leung@...s.com>,
"Frederic Weisbecker" <frederic@...nel.org>,
Goran Ferenc <Goran.Ferenc@...s.com>,
"Ingo Molnar" <mingo@...nel.org>,
James Cowgill <James.Cowgill@...tec.com>,
"Jonathan Corbet" <corbet@....net>,
"linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Marc Zyngier <marc.zyngier@....com>,
"Matt Redfearn" <Matt.Redfearn@...s.com>,
Mimi Zohar <zohar@...ux.vnet.ibm.com>,
Paul Burton <Paul.Burton@...s.com>,
"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
Petar Jovanovic <Petar.Jovanovic@...s.com>,
Raghu Gandham <Raghu.Gandham@...s.com>,
Ralf Baechle <ralf@...ux-mips.org>,
Thomas Gleixner <tglx@...utronix.de>,
Tom Saeger <tom.saeger@...cle.com>
Subject: RE: [PATCH v2] MIPS: Add nonxstack=on|off kernel parameter
Hi Miodrag,
> When kernel is detecting the type of mapping it should apply :
>
> fs/binfmt_elf.c:
> ...
> if (elf_read_implies_exec(loc->elf_ex, executable_stack))
> current->personality |= READ_IMPLIES_EXEC;
> ...
>
> this effectively calls mips_elf_read_implies_exec() which performs a check:
> ...
> if (!cpu_has_rixi) {
> /* The CPU doesn't support non-executable memory */
> return 1;
> }
>
> return 0;
> }
>
> This will in turn make stack & heap executable on processors without
> RIXI, which are practically all processors with MIPS ISA R < 6.
>
> We would like to have an option to override this and force
> non-executable mappings for such systems.
Of course you can't force a non-executable mapping with a system where
all valid pages are executable, as David has already noted. Did you mean
the other condition, that is:
if (exstack != EXSTACK_DISABLE_X) {
/* The binary doesn't request a non-executable stack */
return 1;
}
? In which case you do want to respect the lack of the RIXI feature,
i.e.:
int mips_elf_read_implies_exec(void *elf_ex, int exstack)
{
if (!cpu_has_rixi) {
/* The CPU doesn't support non-executable memory */
return 1;
}
switch (nonxstack) {
case EXSTACK_DISABLE_X:
return 0;
case EXSTACK_ENABLE_X:
return 1;
default:
break;
}
if (exstack != EXSTACK_DISABLE_X) {
/* The binary doesn't request a non-executable stack */
return 1;
}
return 0;
}
(I'd replace `break' with `return exstack != EXSTACK_DISABLE_X' and
discard the code that follows, but that can be a separate optimisation).
What problem are you trying to solve anyway? Is it not something that
can be handled with the `execstack' utility?
NB as someone has observed with programs that do not request a
non-executable stack we actually propagate the execute permission to all
data pages. Is it not something we would want to handle differently?
Maciej
Powered by blists - more mailing lists