| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Nov 2019 17:13:41 +0000
From: Ben Dooks <ben.dooks@...ethink.co.uk>
To: Alexey Dobriyan <adobriyan@...il.com>, akpm@...ux-foundation.org
Cc: linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org,
security@...nel.org
Subject: Re: [PATCH] ELF: warn if process starts with executable stack
On 18/11/2019 14:51, Alexey Dobriyan wrote:
> PT_GNU_STACK is fail open design, at least warn people that something
> isn't right.
>
> Signed-off-by: Alexey Dobriyan <adobriyan@...il.com>
> ---
>
> fs/exec.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -762,6 +762,13 @@ int setup_arg_pages(struct linux_binprm *bprm,
> goto out_unlock;
> BUG_ON(prev != vma);
>
it might be worth to use:
if (IS_ENABLED(CONFIG_MMU) && vm_flags & VM_EXEC) {
instead of the #ifdef
> +#ifdef CONFIG_MMU
> + if (vm_flags & VM_EXEC) {
> + pr_warn_once("process '%s'/%u started with executable stack\n",
> + current->comm, current->pid);
> + }
> +#endif
> +
> /* Move stack pages down in memory. */
> if (stack_shift) {
> ret = shift_arg_pages(vma, stack_shift);
>
--
Ben Dooks http://www.codethink.co.uk/
Senior Engineer Codethink - Providing Genius
https://www.codethink.co.uk/privacy.html
Powered by blists - more mailing lists