Re: ppc64 sbrk returns executable heap in 32-bit emulation mode

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Alan Modra <amodra@gmail.com>
To: Florian Weimer <fweimer@redhat.com>
Cc: linuxppc-dev@lists.ozlabs.org
Subject: Re: ppc64 sbrk returns executable heap in 32-bit emulation mode
Date: Mon, 16 May 2016 15:54:25 +0930	[thread overview]
Message-ID: <20160516062425.GA24091@bubble.grove.modra.org> (raw)
In-Reply-To: <5590cf46-aaa2-451e-f21d-acf5f2eb4928@redhat.com>

On Thu, May 12, 2016 at 03:41:09PM +0200, Florian Weimer wrote:
> We noticed that on ppc64, the sbrk system call in the 32-bit subsystem 
> returns executable memory.  I assume it is related to this, in 
> arch/powerpc/include/asm/page.h:
> 
> /*
>   * Unfortunately the PLT is in the BSS in the PPC32 ELF ABI,
>   * and needs to be executable.  This means the whole heap ends
>   * up being executable.
>   */
> #define VM_DATA_DEFAULT_FLAGS32 (VM_READ | VM_WRITE | VM_EXEC | \
>                                   VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC)
> 
> 
> What is the rationale for this?  This comment must be *really* old, 

I think the comment is just plain wrong.  ppc32 needs an executable
stack because it builds trampolines on the stack to support calling
nested functions.  I presume that's why the heap is executable.  (If
I'm wrong about heap+stack needing the same protection then I can't
think of any reason to require an executable heap.)

> because ld.so in glibc should make sure that the PLT is executable.  And 
> for current binaries, .bss is *not* executable, contrary to what the 
> comment suggests.
> 
> Is this comment about pre-ELF binaries?  If yes, would it possible to 
> change the default for ELF binaries?
> 
> Thanks,
> Florian

-- 
Alan Modra
Australia Development Lab, IBM

next prev parent reply	other threads:[~2016-05-16  6:24 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-05-12 13:41 ppc64 sbrk returns executable heap in 32-bit emulation mode Florian Weimer
2016-05-16  6:24 ` Alan Modra [this message]
2016-05-16  8:51   ` Florian Weimer
     [not found] ` <20160516062425.GA24091__32035.8907142237$1463379977$gmane$org@bubble.grove.modra.org>
2016-05-16  8:49   ` Andreas Schwab
2016-05-16  8:59     ` Florian Weimer
2016-05-16  9:09       ` Andreas Schwab
2016-05-16 16:27         ` Florian Weimer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160516062425.GA24091@bubble.grove.modra.org \
    --to=amodra@gmail.com \
    --cc=fweimer@redhat.com \
    --cc=linuxppc-dev@lists.ozlabs.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.