On 17/12/2018 23:18, Dave Taht wrote:
Rosen Penev <[email protected]> writes:
On Sun, Dec 16, 2018 at 4:54 PM Dave Taht <[email protected]> wrote:
A pretty deep look at home MIPS and arm routers, and a surprising
bug in Linux/MIPS - by mudge and co:
https://cyber-itl.org/2018/12/07/a-look-at-home-routers-and-linux-mips.html
I have no idea if current openwrt, or what prior releases... are subject to
the problems they outline.
As of kernel 4.14.88, I see the same problems.
Well, I see that the stack, at least, on kernel 4.4.92 on mips and
4.14 on openwrt 18.06...
is mapped rw only, with no execute bit.
That doesn't mean the other other flaws discussed in the paper don't
exist, but at least current openwrt HEAD is using the right gcc version
to turn the right linkage on. Someone here with waaaay more expertise in
the compiler, here, should take a hard look at this and the paper.
root@lupin-jeff:~# cat /proc/self/maps
00400000-0044b000 r-xp 00000000 1f:04 879 /bin/busybox
0045b000-0045c000 rw-p 0004b000 1f:04 879 /bin/busybox
77182000-771a4000 r-xp 00000000 1f:04 611 /lib/libgcc_s.so.1
771a4000-771a5000 rw-p 00012000 1f:04 611 /lib/libgcc_s.so.1
771a6000-77238000 r-xp 00000000 1f:04 653 /lib/libc.so
77245000-77246000 r--p 00000000 00:00 0 [vvar]
77246000-77247000 r-xp 00000000 00:00 0 [vdso]
77247000-77249000 rw-p 00091000 1f:04 653 /lib/libc.so
77249000-7724b000 rwxp 00000000 00:00 0 # is this the heap?
7fe06000-7fe27000 rw-p 00000000 00:00 0 [stack]
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Dave,
too lazy to read thd pdf, in a nutshell whats the issue and what do we
need to do do to mitigate it ?
John
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
