Re: How to make stack executable on demand?

From: Arjan van de Ven
Date: Sat Apr 17 2004 - 02:19:15 EST

Next message: Willy Tarreau: "Re: [BUG] e1000 fails on 2.4.26+bk with CONFIG_SMP=y"
Previous message: Mukker, Atul: "RE: [PATCH][RELEASE]: megaraid unified driver version 2.20.0.B1"
In reply to: Dave Jones: "Re: How to make stack executable on demand?"
Next in thread: Jamie Lokier: "Re: How to make stack executable on demand?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Apr 16, 2004 at 01:46:51PM -0700, H. J. Lu wrote:
> On Fri, Apr 16, 2004 at 10:02:58PM +0200, Arjan van de Ven wrote:
> > > But it will either fail if
> > > kernel is set with non-executable stack,
> >
> > eh no. mprotect with prot_exec is still supposed to work. The stacks
> > still have MAY_EXEC attribute, just not the actual EXEC attribute
>
> Ok. It looks like a bug in Red Hat EL 3 kernel. In fs/exec.c, there
> are
>
> if (executable_stack)
> mpnt->vm_flags = VM_STACK_FLAGS | VM_MAYEXEC | VM_EXEC;
> else
> mpnt->vm_flags = VM_STACK_FLAGS & ~(VM_MAYEXEC|VM_EXEC);

yep that's a bug

> The VM_MAYEXEC bit is untouched. Now the question is if it is a good
> idea for user to change stack permission.

it's required for correct operation and "security wise" it doesn't matter,
if someone can execute an mprotect syscall the game is over anyway

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Willy Tarreau: "Re: [BUG] e1000 fails on 2.4.26+bk with CONFIG_SMP=y"
Previous message: Mukker, Atul: "RE: [PATCH][RELEASE]: megaraid unified driver version 2.20.0.B1"
In reply to: Dave Jones: "Re: How to make stack executable on demand?"
Next in thread: Jamie Lokier: "Re: How to make stack executable on demand?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]