On Wed, 2020-04-29 at 20:41 +0200, Helge Deller wrote: > On 29.04.20 15:36, Ben Hutchings wrote: > > Control: tag -1 upstream fixed-upstream patch > > > > On Wed, 2020-04-29 at 14:12 +1000, Russell Coker wrote: > > > Package: klibc-utils > > > Version: 2.0.7-1 > > > Severity: normal > > > > > > root@sevm:~/pol# /usr/lib/klibc/bin/fstype < /dev/sda2 > > > Segmentation fault > > > root@sevm:~/pol# execstack -c /usr/lib/klibc/bin/fstype > > > root@sevm:~/pol# /usr/lib/klibc/bin/fstype < /dev/sda2 > > > FSTYPE=btrfs > > > FSSIZE=719360278528 > > > > > > The fstype program is listed as needing an executable stack, which will > > > cause > > > it to crash when run on a system with a security policy preventing > > > executable > > > stacke. If you clear the execstack bit it appears to work correctly. > > [...] > > > > I've fixed this upstream but not made a new release yet: > > > > https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9d8d648e604026b32cad00a84ed6c29cbd157641 > > On hppa/parisc we still need executable stacks for the signal trampoline > return code. > Might your patch then maybe break fstype on hppa? > I didn't tested it...
Kees Cook mentioned that too: https://lists.zytor.com/archives/klibc/2020-February/004273.html but I couldn't find any sign of it in the current code. Looking again, I see that I was confused: the *kernel* creates these trampolines on the stack. On some architecturers (m68k and parisc) this is done unconditionally; on others (alpha, s390, and sparc 32-bit) it's done if sa_restorer is not set (and we don't set it for them). Presumably m68k and parisc are actually fine at the moment, as gcc won't disable execstack on its output. However alpha, s390, and sparc will be broken if gcc is configured assuming the C library will set sa_restorer and it disables execstack. I shall make the execstack flag setting arch-dependent. Ben. -- Ben Hutchings Horngren's Observation: Among economists, the real world is often a special case.
signature.asc
Description: This is a digitally signed message part
