Re: [PROPOSAL/PATCH] Remove PT_GNU_STACK support before 2.6.11

From: Ingo Molnar (mingo_at_elte.hu)
Date: 02/06/05

  • Next message: Arnd Bergmann: "Re: [PATCH] PPC/PPC64: Abstract cpu_feature checks." 
    Date:	Sun, 6 Feb 2005 13:02:44 +0100
To: Arjan van de Ven <arjan@infradead.org>

    * Arjan van de Ven <arjan@infradead.org> wrote:

    > > [...] when the program has trampolines and has PT_GNU_STACK
    > > header with an E bit on the stack it still won't get an executable
    > > heap by default (this is what broke grub)
    >
    > this I can fix easy, see the patch below
    >
    > the problem is in the read_implies_exec() design, it passed in "does
    > it have a PT_GNU_STACK flag" not the value. Easy fix.

    > So I rather see the patch below merged instead; it fixes the worst
    > problems (RWE not marking the heap executable) while keeping this
    > useful feature enabled.
    >
    > Signed-off-by: Arjan van de Ven <arjan@infradead.org>

    looks good.

     Signed-off-by: Ingo Molnar <mingo@elte.hu>

    (I'd like to stress that this problem only affects packages _recompiled_
    with new gcc, running on NX capable CPUs - legacy apps or CPUs are in no
    way affected. Also, even with a recompile, apps/kernels/distros have a
    number of other options as well even without this kernel fix, of varying
    granularity: to use the setarch utility, to set the READ_IMPLIES_EXEC
    personality bit within the code, or to pass in the noexec=off kernel
    commandline option, or to add a oneliner patch to their heap of 1500+
    kernel patches, or to fix the application. Also, with Arjan's patch
    applied, the execstack utility can be used to remark the binary
    permanently, if needed.)

            Ingo
    -
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  • Next message: Arnd Bergmann: "Re: [PATCH] PPC/PPC64: Abstract cpu_feature checks."

    Relevant Pages

    • Linux-2.4.31-hf1
      ... I still produce updates for this kernel. ... Fix cmsg length checks in Solaris emulation layer. ... [PATCH] ... Check for canonical addresses in ptrace ...
      (Linux-Kernel)
    • Re: const versus __attribute__((const))
      ... nice warnign that tells you so, and it will be trivial to fix. ... it wasn't a problem - and the kernel ... tends to be the single most active user of inline asm's of all ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)
    • Re: PATCH/RFC: [kdump] fix APIC shutdown sequence
      ... , and perhaps fix the dest ID, instead of ... totally clearing the registers. ... You are talking about EOI sent in the kdump kernel, ... With my patch ...
      (Linux-Kernel)
    • Re: Granting some root permissions to certain users
      ... We use a kernel patch called trustees to do just what you're talking ... Unfortunately the patch hasn't really been kept up-to-date. ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)
    • Re: can device drivers return non-ram via vm_ops->nopage?
      ... Ok, so, how the fsck do we fix the sound drivers? ... providing an architecture dma_coherent_to_pageinterface isn't ... OSS from the kernel because they are abusing existing kernel ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)