| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20191120191752.GC4799@willie-the-truck>
Date: Wed, 20 Nov 2019 19:17:52 +0000
From: Will Deacon <will@...nel.org>
To: Alexey Dobriyan <adobriyan@...il.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org,
security@...nel.org, ben.dooks@...ethink.co.uk
Subject: Re: [PATCH] exec: warn if process starts with executable stack
On Tue, Nov 19, 2019 at 12:52:27AM +0300, Alexey Dobriyan wrote:
> There were few episodes of silent downgrade to an executable stack:
>
> 1) linking innocent looking assembly file
>
> $ cat f.S
> .intel_syntax noprefix
> .text
> .globl f
> f:
> ret
>
> $ cat main.c
> void f(void);
> int main(void)
> {
> f();
> return 0;
> }
>
> $ gcc main.c f.S
> $ readelf -l ./a.out
> GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000
> 0x0000000000000000 0x0000000000000000 RWE 0x10
>
> 2) converting C99 nested function into a closure
> https://nullprogram.com/blog/2019/11/15/
>
> void intsort2(int *base, size_t nmemb, _Bool invert)
> {
> int cmp(const void *a, const void *b)
> {
> int r = *(int *)a - *(int *)b;
> return invert ? -r : r;
> }
> qsort(base, nmemb, sizeof(*base), cmp);
> }
>
> will silently require stack trampolines while non-closure version will not.
>
> While without a double this behaviour is documented somewhere, add a warning
> so that developers and users can at least notice. After so many years of x86_64
> having proper executable stack support it should not cause too much problems.
>
> If the system is old or CPU is old, then there will be an early warning
> against init and/or support personnel will write that "uh-oh, our Enterprise
> Software absolutely requires executable stack" and close tickets and customers
> will nod heads and life moves on.
>
> Signed-off-by: Alexey Dobriyan <adobriyan@...il.com>
> ---
>
> fs/exec.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -762,6 +762,11 @@ int setup_arg_pages(struct linux_binprm *bprm,
> goto out_unlock;
> BUG_ON(prev != vma);
>
> + if (vm_flags & VM_EXEC) {
> + pr_warn_once("process '%s'/%u started with executable stack\n",
> + current->comm, current->pid);
> + }
Given that this is triggerable by userspace, is there a concern about PID
namespaces here?
Will
Powered by blists - more mailing lists