From: Jakub Jelinek <jakub@redhat.com>
To: davidm@hpl.hp.com
Cc: Ulrich Drepper <drepper@redhat.com>, linux-kernel@vger.kernel.org
Subject: Re: Non-Exec stack patches
Date: Wed, 24 Mar 2004 02:00:20 -0500 [thread overview]
Message-ID: <20040324070020.GI31589@devserv.devel.redhat.com> (raw)
In-Reply-To: <16480.59229.808025.231875@napali.hpl.hp.com>
On Tue, Mar 23, 2004 at 05:41:49PM -0800, David Mosberger wrote:
> Uli> First, the ELF bits are limited and very crowded on some archs. There
> Uli> is no central assignment so conflicts will happen.
>
> Fair enough, but I don't see why this should imply that platforms that
> already do have support for no-exec data/stack should be forced into
> using PT_GNU_STACK. Just for uniformity's sake? Or is there a real
> benefit?
Note that PT_GNU_STACK program header is not generated on EM_IA_64 and
EM_PPC64 ATM, because initially I thought it shouldn't be needed
(these 2 arches are the only ones which don't need executable stack
for GCC trampolines).
But I think we should change the toolchain and generate it on IA64 and PPC64
as well (only GCC would need changing, emitting
.section .note.GNU-stack,"",@progbits
at the end of every compile unit, ld takes care of the rest) exactly for
uniformity's sake and because you get ld.so handling free.
GLIBC dynamic linker will take care of making the stack executable if
say a binary which doesn't need executable stack depends on a shared library
which needs executable stack or even dlopens a library which needs
executable stack.
> Uli> And one single bit does not cut it. If you'd take a look, the
> Uli> PT_GNU_STACK entry's permissions field specifies what permissions the
> Uli> stack must have, not the presence of the field. So at least two bits
> Uli> are needed which only adds to the problems of finding appropriate bits.
>
> What stack protections other than RW- and RWX are useful?
At least RW- (read-write but not executable stack), RWX (rw and executable
stack) and no PT_GNU_STACK segment (unknown, not marked binary), but it is
certainly extendable.
Jakub
next prev parent reply other threads:[~2004-03-24 7:02 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-03-23 23:12 Non-Exec stack patches Kurt Garloff
2004-03-23 23:22 ` Ingo Molnar
2004-03-23 23:49 ` Andrew Morton
2004-03-24 0:21 ` Kurt Garloff
2004-03-24 0:38 ` David Mosberger
2004-03-24 1:20 ` Ulrich Drepper
2004-03-24 1:41 ` David Mosberger
2004-03-24 2:01 ` Ulrich Drepper
2004-03-24 7:09 ` David Mosberger
2004-03-24 7:00 ` Jakub Jelinek [this message]
2004-03-24 7:16 ` David Mosberger
2004-03-24 7:28 ` Jakub Jelinek
2004-03-24 7:45 ` David Mosberger
2004-03-24 16:29 ` John Reiser
2004-03-24 17:12 ` David Mosberger
2004-03-24 17:24 ` Jakub Jelinek
2004-03-24 18:01 ` David Mosberger
2004-03-24 19:02 ` John Reiser
2004-03-24 19:18 ` David Mosberger
2004-03-24 0:41 ` Andrew Morton
2004-03-24 0:41 ` Ingo Molnar
2004-03-24 10:53 ` Kurt Garloff
[not found] <1D3lO-3dh-13@gated-at.bofh.it>
[not found] ` <1D3YZ-3Gl-1@gated-at.bofh.it>
2004-03-24 6:01 ` Andi Kleen
2004-03-24 10:23 ` Stefan Smietanowski
2004-03-24 11:27 ` Andi Kleen
2004-03-24 22:03 ` Kurt Garloff
[not found] <20040324002149.GT4677@tpkurt.garloff.de.suse.lists.linux.kernel>
[not found] ` <16480.55450.730214.175997@napali.hpl.hp.com.suse.lists.linux.kernel>
[not found] ` <4060E24C.9000507@redhat.com.suse.lists.linux.kernel>
[not found] ` <16480.59229.808025.231875@napali.hpl.hp.com.suse.lists.linux.kernel>
[not found] ` <20040324070020.GI31589@devserv.devel.redhat.com.suse.lists.linux.kernel>
[not found] ` <16481.13780.673796.20976@napali.hpl.hp.com.suse.lists.linux.kernel>
[not found] ` <20040324072840.GK31589@devserv.devel.redhat.com.suse.lists.linux.kernel>
[not found] ` <16481.15493.591464.867776@napali.hpl.hp.com.suse.lists.linux.kernel>
[not found] ` <4061B764.5070008@BitWagon.com.suse.lists.linux.kernel>
[not found] ` <16481.49534.124281.434663@napali.hpl.hp.com.suse.lists.linux.kernel>
[not found] ` <20040324172454.GP31589@devserv.devel.redhat.com.suse.lists.linux.kernel>
2004-03-24 17:49 ` Andi Kleen
2004-03-24 17:54 ` Jakub Jelinek
-- strict thread matches above, loose matches on Subject: below --
2004-04-14 7:28 Siddha, Suresh B
2004-04-14 8:23 ` Jamie Lokier
2004-04-14 9:47 ` Jamie Lokier
2004-04-14 18:30 ` Kurt Garloff
2004-04-14 20:54 ` Jeff Dike
2004-04-14 8:45 Siddha, Suresh B
2004-04-14 9:38 ` Jamie Lokier
2004-04-14 19:14 Siddha, Suresh B
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040324070020.GI31589@devserv.devel.redhat.com \
--to=jakub@redhat.com \
--cc=davidm@hpl.hp.com \
--cc=drepper@redhat.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox