Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20120805224501.GM544@brightrain.aerifal.cx>
Date: Sun, 5 Aug 2012 18:45:01 -0400
From: Rich Felker <dalias@...ifal.cx>
To: musl@...ts.openwall.com
Subject: Re: noexecstack

On Sun, Aug 05, 2012 at 03:01:08PM -0700, Nathan McSween wrote:
> On Sun, Aug 5, 2012 at 2:46 PM, Rich Felker <dalias@...ifal.cx> wrote:
> > On Sun, Aug 05, 2012 at 11:35:36PM +0200, Daniel Cegiełka wrote:
> >> Vasily Kulikov published a patch for nonexecutable stack for glibc in Owl.
> >>
> >> http://openwall.com/lists/owl-dev/2012/08/05/1
> >> http://openwall.com/lists/owl-dev/2012/08/05/3
> >>
> >> Should we support this in the musl?
> >
> > Yes, but there should be a way to do it without putting ugly stuff
> > like this in every single asm file. Why isn't there a command-line
> > option to the assembler to do it? Or a way to do it globally with
> > objcopy?
> >
> > Better yet, why is executable stack even still supported by Linux at
> > all?
> >
> > Rich
> 
> GCC nested functions require executable stack

Yes, I'm aware...

> and consequently quite a
> few GNU / bad projects utilize this 'feature'.

I doubt they do anymore since, as far as I know, most
security-hardened kernels permanently disable executable stack even in
programs that "request" it (by failing to put a GNU-specific header
not requesting it). A while back I had to fix musl's thread stack
allocation to use PROT_READ|PROT_WRITE without PROT_EXEC because
hardened kernels were refusing to make the mapping altogether with
both PROT_WRITE and PROT_EXEC specified. So at present, executable
stack is not supported in musl anyway except in the main thread, and
I'd be plenty happy to just kill it off completely if there were a
way..

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.