PowerPC paxtest results w/ gcc-4.1
Paul Mackerras
paulus at samba.org
Sun Aug 13 13:23:16 EST 2006
Albert Cahalan writes:
> VM_STACK_DEFAULT_FLAGS32 is wrong. A fail-safe
> default is important for security. If gcc on PowerPC ever
> does generate code which puts trampolines on the stack,
> then that can be fixed by converting to legal C code or
> by adding the fragile marking to the defective executables.
> Did gcc ever generate such code on PowerPC? If not,
> then there is no reason to ever allow an executable stack.
I believe it did for nested procedures in C.
Now that we have the VDSO and use it for signal trampolines, we
probably could change the default stack protections.
> No. Look in the segment registers. The granularity
> isn't great, but the stack can be protected at least.
No, ld.so tends to go just below the stack:
f7fe6000-f7fff000 r-xp 00000000 08:05 17069 /lib/ld-2.3.6.so
f800e000-f800f000 r--p 00018000 08:05 17069 /lib/ld-2.3.6.so
f800f000-f8010000 rwxp 00019000 08:05 17069 /lib/ld-2.3.6.so
ffe67000-ffe7c000 rw-p ffe67000 00:00 0 [stack]
Paul.
More information about the Linuxppc-dev
mailing list