Re: [PATCH v5] powerpc: Do not make the entire heap executable

On 09/28, Kees Cook wrote: > > This is where the flags are actually built from what's coming in > through the newly created exported function vm_brk_flags() below. The > only flag we're acting on is VM_EXEC (passed in from set_brk() above). > I think do_brk_flags() should mask the valid flags, or

Re: [PATCH v5] powerpc: Do not make the entire heap executable

On 09/28, Kees Cook wrote: > > This is where the flags are actually built from what's coming in > through the newly created exported function vm_brk_flags() below. The > only flag we're acting on is VM_EXEC (passed in from set_brk() above). > I think do_brk_flags() should mask the valid flags, or

Re: [PATCH v5] powerpc: Do not make the entire heap executable

On Tue, Sep 27, 2016 at 6:42 PM, Michael Ellerman wrote: > Denys Vlasenko writes: > >> On 32-bit powerpc the ELF PLT sections of binaries (built with --bss-plt, >> or with a toolchain which defaults to it) look like this: > > Or (it seems), for all

Re: [PATCH v5] powerpc: Do not make the entire heap executable

On Tue, Sep 27, 2016 at 6:42 PM, Michael Ellerman wrote: > Denys Vlasenko writes: > >> On 32-bit powerpc the ELF PLT sections of binaries (built with --bss-plt, >> or with a toolchain which defaults to it) look like this: > > Or (it seems), for all programs built with -pg (profiling). > >>

Re: [PATCH v5] powerpc: Do not make the entire heap executable

* Jason Gunthorpe: > Eg that 32 bit powerpc currently unconditionally injects writable, > executable pages into a user space process. > > This critically undermines all the W^X security work that has been > done in the tool chain and user space by the PPC community. Exactly, this is how we found

Re: [PATCH v5] powerpc: Do not make the entire heap executable

* Jason Gunthorpe: > Eg that 32 bit powerpc currently unconditionally injects writable, > executable pages into a user space process. > > This critically undermines all the W^X security work that has been > done in the tool chain and user space by the PPC community. Exactly, this is how we found

Re: [PATCH v5] powerpc: Do not make the entire heap executable

On Wed, Sep 28, 2016 at 11:42:11AM +1000, Michael Ellerman wrote: > But this is not really a powerpc patch, and I'm not an ELF expert. So > I'm not comfortable merging it via the powerpc tree. It doesn't look > like we really have a maintainer for binfmt_elf.c, so I'm not sure who > should be

Re: [PATCH v5] powerpc: Do not make the entire heap executable

On Wed, Sep 28, 2016 at 11:42:11AM +1000, Michael Ellerman wrote: > But this is not really a powerpc patch, and I'm not an ELF expert. So > I'm not comfortable merging it via the powerpc tree. It doesn't look > like we really have a maintainer for binfmt_elf.c, so I'm not sure who > should be

Re: [PATCH v5] powerpc: Do not make the entire heap executable

Denys Vlasenko writes: > On 32-bit powerpc the ELF PLT sections of binaries (built with --bss-plt, > or with a toolchain which defaults to it) look like this: Or (it seems), for all programs built with -pg (profiling). > [17] .sbss NOBITS 0002aff8

Re: [PATCH v5] powerpc: Do not make the entire heap executable

Denys Vlasenko writes: > On 32-bit powerpc the ELF PLT sections of binaries (built with --bss-plt, > or with a toolchain which defaults to it) look like this: Or (it seems), for all programs built with -pg (profiling). > [17] .sbss NOBITS 0002aff8 01aff8 14 00 WA 0

[PATCH v5] powerpc: Do not make the entire heap executable

On 32-bit powerpc the ELF PLT sections of binaries (built with --bss-plt, or with a toolchain which defaults to it) look like this: [17] .sbss NOBITS 0002aff8 01aff8 14 00 WA 0 0 4 [18] .plt NOBITS 0002b00c 01aff8 84 00 WAX 0 0 4

[PATCH v5] powerpc: Do not make the entire heap executable

On 32-bit powerpc the ELF PLT sections of binaries (built with --bss-plt, or with a toolchain which defaults to it) look like this: [17] .sbss NOBITS 0002aff8 01aff8 14 00 WA 0 0 4 [18] .plt NOBITS 0002b00c 01aff8 84 00 WAX 0 0 4