From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/1427 Path: news.gmane.org!not-for-mail From: orc Newsgroups: gmane.linux.lib.musl.general Subject: Re: noexecstack Date: Mon, 6 Aug 2012 16:05:32 +0800 Message-ID: <20120806160532.78e11db5@sibserver.ru> References: <20120806144521.565b32cc@sibserver.ru> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Trace: dough.gmane.org 1344240461 16611 80.91.229.3 (6 Aug 2012 08:07:41 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Mon, 6 Aug 2012 08:07:41 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-1428-gllmg-musl=m.gmane.org@lists.openwall.com Mon Aug 06 10:07:41 2012 Return-path: Envelope-to: gllmg-musl@plane.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1SyILi-0005Ry-Gj for gllmg-musl@plane.gmane.org; Mon, 06 Aug 2012 10:07:38 +0200 Original-Received: (qmail 5408 invoked by uid 550); 6 Aug 2012 08:07:37 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 5374 invoked from network); 6 Aug 2012 08:07:32 -0000 In-Reply-To: X-Mailer: claws-mail Xref: news.gmane.org gmane.linux.lib.musl.general:1427 Archived-At: On Mon, 6 Aug 2012 09:16:10 +0200 Daniel Cegie=C5=82ka wrote: > 2012/8/6 orc : > > On Sun, 5 Aug 2012 23:35:36 +0200 >=20 > > Correct me if I'm wrong, but this is ugly stuff. > > > > - binutils ld has -z noexecstack command line option. > > - this (GNU_STACK) is binutils-specific (tinycc, for example, does > > not generate ELFs with that section, and future direction should be > > on that plain ELFs without any gnuish extensions IMO) > > - Kernel sets executable stack by default, kernel can be patched > > not to do that (that's one line patch per architecture) >=20 > Can you give some example of how to do it? It might be worthwhile to > introduce it into the main repository of Linux. What do you think? I used to set it globally for all archs directly in binfmt_elf.c (here is a patch example): diff -Naur linux-3.2.12.o/fs/binfmt_elf.c linux-3.2.12/fs/binfmt_elf.c --- linux-3.2.12.o/fs/binfmt_elf.c 2012-03-20 00:03:17.000000000 +0800 +++ linux-3.2.12/fs/binfmt_elf.c 2012-08-06 15:41:51.774013640 +0800 @@ -571,7 +571,7 @@ unsigned long interp_load_addr =3D 0; unsigned long start_code, end_code, start_data, end_data; unsigned long reloc_func_desc __maybe_unused =3D 0; - int executable_stack =3D EXSTACK_DEFAULT; + int executable_stack =3D EXSTACK_DISABLE_X; unsigned long def_flags =3D 0; struct { struct elfhdr elf_ex; This is a hack, and maybe executable_stack maybe set elsewhere. I did not tried to trace that code. But it works (of course ELFs marked to be with execstack will crash). I think this may have benefits, but it always was controlled in userspace, kernel defaults to executable stack because there are some other compilers can be that may rely on this default. I tested tinycc, it has no any issues (i.e. generates code that does not need executable stack, and does not generates GNU_STACK extended section) >=20 > > - binutils can be patched to not produce ELFs with executable stack > > by default > > > > While some of options I listed here may harm some GCC or binutils > > internals (I don't know), I see an utility that comes with > > grsecurity patches (paxctl) that operates that section (GNU_STACK), > > converting it into it's own. > > I tested a system with patched binutils and kernel (but binutils > > patch here will be enough) without any problems. >=20 > It would be very nice if we could solve this problem in this way. I'm > currently using this patch, but this is not the best solution in my > opinion. Ideally if the system (kernel, binutils, libc) enforce > noexecstack by default... definitely worth look closer at this issue. Consider this patch as enforcing binutils' noexecstack by default: diff -Naur binutils-2.17.50.0.17.o/ld/ldmain.c binutils-2.17.50.0.17/ld/ldmain.c --- binutils-2.17.50.0.17.o/ld/ldmain.c 2007-06-19 01:31:40.000000000 +0800 +++ binutils-2.17.50.0.17/ld/ldmain.c 2012-08-03 19:59:26.658980680 +0800 @@ -281,6 +281,8 @@ link_info.pei386_auto_import =3D -1; link_info.spare_dynamic_tags =3D 5; link_info.sharable_sections =3D FALSE; + link_info.execstack =3D FALSE; + link_info.noexecstack =3D TRUE; =20 ldfile_add_arch (""); emulation =3D get_emulation (argc, argv); (this one for binutils 2.17.50.0.17, recent maybe patched with finding where link_info is initialized and appending this two lines) GCC generates same .note.GNU-stack section definition in it's asm output, as seen in your patch, but I don't know when it needs executable stack and generates another definition. libc plays no role here at enforcing executable stacks last time I checked. It does some initialization of memory permissions in dynamic linker, but better to ask Rich about that code. Applying kernel patch may render your existing systems unbootable if it is not glibc system. If you don't want to patch and rebuild binutils and kernel, then the best way to enforce noexecstack notes into ELFs is passing this command line opts: gcc: gcc -Wl,-z -Wl,noexecstack [the rest here...] ld: ld -z noexecstack [...] > Thanks, > Daniel