PowerPC paxtest results w/ gcc-4.1

Paul Mackerras paulus at samba.org
Sun Aug 13 09:54:14 EST 2006

Albert Cahalan writes:

> gcc version 4.1.2 20060613 (prerelease) (Debian 4.1.1-5)

OK, so I think that version should have the new -msecure-plt flag,
which changes the ppc32 ABI so that the PLT no longer has to be
writable and executable.  Previously the dynamic linker would rewrite
each PLT entry, the first time it is used, to jump directly to the
target routine.  That was the reason why the heap had to be

To get the full benefit of -msecure-plt, every object file in your
executable has to be compiled with it, and I think every shared
library the program uses has to be compiled with it too.  On a system
where everything has been compiled with -msecure-plt, I believe the
heap and stack will automatically be made non-executable.

Of course, that won't make all that much difference on your Cube,
because the G4 CPU doesn't have hardware support for non-executable
pages (any readable page is executable).  The G5 does, as do the 4xx
and Book E 32-bit CPUs, and any 64-bit CPU from POWER4 on.

As for the randomization, I'm surprised we got no stack randomization,
since that appears to be handled generically (randomize_stack_stop()
in fs/binfmt_elf.c).  What does cat /proc/sys/kernel/randomize_va_space
give you?  (i386 also does arch-specific randomization of some low
bits of the stack pointer, which we could do too.)

Shared library randomization is a glibc thing, I assume.  (It is
incompatible with prelink, of course.)  I don't believe we can do
ET_EXEC address randomization, and I don't think x86 can do it either.


More information about the Linuxppc-dev mailing list