Re: how to determine if the noexec stack is defined by an application
On Fri, 2007-06-29 at 18:21 -0700, Florin Andrei wrote: > Arjan van de Ven wrote: > >> But it's running a Web service which is a combination of C code and > >> Tomcat/Java. I have no clue how to determine which portions specify a > >> noexec stack and which don't. > > > > like this: > > > > $ eu-readelf -l /bin/true | grep STACK > > GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 > > Is Sun Java 1.5 a known exception - as an application that doesn't set a > noexec stack and reverts to default? > > # eu-readelf -l ./java | grep STACK | wc -l > 0 > > But then, this bug report seems to indicate otherwise, if I'm reading it > correctly: > > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5051381 that's not a mainline kernel; and I don't rule out that early RHEL3 versions had a 64/32 bug in this area > -- if you want to mail me at work (you don't), use arjan (at) linux.intel.com Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
Arjan van de Ven wrote: But it's running a Web service which is a combination of C code and Tomcat/Java. I have no clue how to determine which portions specify a noexec stack and which don't. like this: $ eu-readelf -l /bin/true | grep STACK GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 Is Sun Java 1.5 a known exception - as an application that doesn't set a noexec stack and reverts to default? # eu-readelf -l ./java | grep STACK | wc -l 0 But then, this bug report seems to indicate otherwise, if I'm reading it correctly: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5051381 -- Florin Andrei http://florin.myip.org/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
On Sat, 2007-06-30 at 00:41 +0200, Andreas Schwab wrote: > Arjan van de Ven <[EMAIL PROTECTED]> writes: > > > (all others default to executable stack) > > Except ia64. for ia64 it depends on the personality actually .. just to make it more complex. -- if you want to mail me at work (you don't), use arjan (at) linux.intel.com Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
Arjan van de Ven <[EMAIL PROTECTED]> writes: > (all others default to executable stack) Except ia64. Andreas. -- Andreas Schwab, SuSE Labs, [EMAIL PROTECTED] SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
On Sat, 2007-06-30 at 00:15 +0200, Andreas Schwab wrote: > Arjan van de Ven <[EMAIL PROTECTED]> writes: > > > like this: > > > > $ eu-readelf -l /bin/true | grep STACK > > GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 > > > > > > (replace /bin/true with the binary or library you want to check) > > > > if it says "RW" like here, it'll have non-executable stack. If it says > > "RWX" or if this line is absent entirely, the stack will be executable. > > The last part is not true. Some architectures (especially newer ones) > default to non-exec stack. The absense of a GNU_STACK header represents > the default. ok you're right; powerpc64 defaults to non-executable stack (all others default to executable stack) -- if you want to mail me at work (you don't), use arjan (at) linux.intel.com Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
Arjan van de Ven <[EMAIL PROTECTED]> writes: > like this: > > $ eu-readelf -l /bin/true | grep STACK > GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 > > > (replace /bin/true with the binary or library you want to check) > > if it says "RW" like here, it'll have non-executable stack. If it says > "RWX" or if this line is absent entirely, the stack will be executable. The last part is not true. Some architectures (especially newer ones) default to non-exec stack. The absense of a GNU_STACK header represents the default. Andreas. -- Andreas Schwab, SuSE Labs, [EMAIL PROTECTED] SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
> But it's running a Web service which is a combination of C code and > Tomcat/Java. I have no clue how to determine which portions specify a > noexec stack and which don't. > > In case it turns out some portions do not specify a noexec stack, my > next question is how to get the application to create a noexec stack > (assume I can make that request to the developers). like this: $ eu-readelf -l /bin/true | grep STACK GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 (replace /bin/true with the binary or library you want to check) if it says "RW" like here, it'll have non-executable stack. If it says "RWX" or if this line is absent entirely, the stack will be executable. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
how to determine if the noexec stack is defined by an application
I'm reading Ingo's NX quick start document: http://people.redhat.com/mingo/nx-patches/QuickStart-NX.txt Quote: "If an application defines a noexec stack then the kernel will enforce this executability, and all attempts to execute on the stack will be prevented by the hardware." My question is related to the conditional "if an application". So it looks like it depends on the app. Now, the OS/hardware combination that I'm using (RHEL4 WS 32 bit on AMD64 CPU - long story, don't ask) definitely enables NX: # grep -i nx /var/log/dmesg NX (Execute Disable) protection: active But it's running a Web service which is a combination of C code and Tomcat/Java. I have no clue how to determine which portions specify a noexec stack and which don't. In case it turns out some portions do not specify a noexec stack, my next question is how to get the application to create a noexec stack (assume I can make that request to the developers). (please do NOT Cc me, I'm subscribed to the list) -- Florin Andrei http://florin.myip.org/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
how to determine if the noexec stack is defined by an application
I'm reading Ingo's NX quick start document: http://people.redhat.com/mingo/nx-patches/QuickStart-NX.txt Quote: If an application defines a noexec stack then the kernel will enforce this executability, and all attempts to execute on the stack will be prevented by the hardware. My question is related to the conditional if an application. So it looks like it depends on the app. Now, the OS/hardware combination that I'm using (RHEL4 WS 32 bit on AMD64 CPU - long story, don't ask) definitely enables NX: # grep -i nx /var/log/dmesg NX (Execute Disable) protection: active But it's running a Web service which is a combination of C code and Tomcat/Java. I have no clue how to determine which portions specify a noexec stack and which don't. In case it turns out some portions do not specify a noexec stack, my next question is how to get the application to create a noexec stack (assume I can make that request to the developers). (please do NOT Cc me, I'm subscribed to the list) -- Florin Andrei http://florin.myip.org/ - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
But it's running a Web service which is a combination of C code and Tomcat/Java. I have no clue how to determine which portions specify a noexec stack and which don't. In case it turns out some portions do not specify a noexec stack, my next question is how to get the application to create a noexec stack (assume I can make that request to the developers). like this: $ eu-readelf -l /bin/true | grep STACK GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 (replace /bin/true with the binary or library you want to check) if it says RW like here, it'll have non-executable stack. If it says RWX or if this line is absent entirely, the stack will be executable. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
Arjan van de Ven [EMAIL PROTECTED] writes: like this: $ eu-readelf -l /bin/true | grep STACK GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 (replace /bin/true with the binary or library you want to check) if it says RW like here, it'll have non-executable stack. If it says RWX or if this line is absent entirely, the stack will be executable. The last part is not true. Some architectures (especially newer ones) default to non-exec stack. The absense of a GNU_STACK header represents the default. Andreas. -- Andreas Schwab, SuSE Labs, [EMAIL PROTECTED] SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 And now for something completely different. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
On Sat, 2007-06-30 at 00:15 +0200, Andreas Schwab wrote: Arjan van de Ven [EMAIL PROTECTED] writes: like this: $ eu-readelf -l /bin/true | grep STACK GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 (replace /bin/true with the binary or library you want to check) if it says RW like here, it'll have non-executable stack. If it says RWX or if this line is absent entirely, the stack will be executable. The last part is not true. Some architectures (especially newer ones) default to non-exec stack. The absense of a GNU_STACK header represents the default. ok you're right; powerpc64 defaults to non-executable stack (all others default to executable stack) -- if you want to mail me at work (you don't), use arjan (at) linux.intel.com Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
Arjan van de Ven [EMAIL PROTECTED] writes: (all others default to executable stack) Except ia64. Andreas. -- Andreas Schwab, SuSE Labs, [EMAIL PROTECTED] SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 And now for something completely different. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
On Sat, 2007-06-30 at 00:41 +0200, Andreas Schwab wrote: Arjan van de Ven [EMAIL PROTECTED] writes: (all others default to executable stack) Except ia64. for ia64 it depends on the personality actually .. just to make it more complex. -- if you want to mail me at work (you don't), use arjan (at) linux.intel.com Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
Arjan van de Ven wrote: But it's running a Web service which is a combination of C code and Tomcat/Java. I have no clue how to determine which portions specify a noexec stack and which don't. like this: $ eu-readelf -l /bin/true | grep STACK GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 Is Sun Java 1.5 a known exception - as an application that doesn't set a noexec stack and reverts to default? # eu-readelf -l ./java | grep STACK | wc -l 0 But then, this bug report seems to indicate otherwise, if I'm reading it correctly: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5051381 -- Florin Andrei http://florin.myip.org/ - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: how to determine if the noexec stack is defined by an application
On Fri, 2007-06-29 at 18:21 -0700, Florin Andrei wrote: Arjan van de Ven wrote: But it's running a Web service which is a combination of C code and Tomcat/Java. I have no clue how to determine which portions specify a noexec stack and which don't. like this: $ eu-readelf -l /bin/true | grep STACK GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 Is Sun Java 1.5 a known exception - as an application that doesn't set a noexec stack and reverts to default? # eu-readelf -l ./java | grep STACK | wc -l 0 But then, this bug report seems to indicate otherwise, if I'm reading it correctly: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5051381 that's not a mainline kernel; and I don't rule out that early RHEL3 versions had a 64/32 bug in this area -- if you want to mail me at work (you don't), use arjan (at) linux.intel.com Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
