| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZD9kKTsPVlzlEZLp@casper.infradead.org>
Date: Wed, 19 Apr 2023 04:46:49 +0100
From: Matthew Wilcox <willy@...radead.org>
To: Waiman Long <longman@...hat.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, Joe Mario <jmario@...hat.com>,
Barry Marson <bmarson@...hat.com>,
Rafael Aquini <aquini@...hat.com>
Subject: Re: [PATCH] mm/mmap: Map MAP_STACK to VM_STACK
On Tue, Apr 18, 2023 at 09:16:37PM -0400, Waiman Long wrote:
> 1) App runs creating lots of threads.
> 2) It mmap's 256K pages of anonymous memory.
> 3) It writes executable code to that memory.
> 4) It calls mprotect() with PROT_EXEC on that memory so
> it can subsequently execute the code.
>
> The above mprotect() will fail if the mmap'd region's VMA gets merged with
> the VMA for one of the thread stacks. That's because the default RHEL
> SELinux policy is to not allow executable stacks.
By the way, this is a daft policy. The policy you really want is
EXEC|WRITE is not allowed. A non-writable stack is useless, so it's
actually a superset of your current policy. Forbidding _simultaneous_
write and executable is just good programming. This way, you don't need
to care about the underlying VMA's current permissions, you just need
to do:
if ((prot & (PROT_EXEC|PROT_WRITE)) == (PROT_EXEC|PROT_WRITE))
return -EACCESS;
Powered by blists - more mailing lists