PowerPC paxtest results w/ gcc-4.1

Paul Mackerras paulus at samba.org
Sun Aug 13 13:23:16 EST 2006

Albert Cahalan writes:

> VM_STACK_DEFAULT_FLAGS32 is wrong. A fail-safe
> default is important for security. If gcc on PowerPC ever
> does generate code which puts trampolines on the stack,
> then that can be fixed by converting to legal C code or
> by adding the fragile marking to the defective executables.
> Did gcc ever generate such code on PowerPC? If not,
> then there is no reason to ever allow an executable stack.

I believe it did for nested procedures in C.

Now that we have the VDSO and use it for signal trampolines, we
probably could change the default stack protections.

> No. Look in the segment registers. The granularity
> isn't great, but the stack can be protected at least.

No, ld.so tends to go just below the stack:

f7fe6000-f7fff000 r-xp 00000000 08:05 17069          /lib/ld-2.3.6.so
f800e000-f800f000 r--p 00018000 08:05 17069          /lib/ld-2.3.6.so
f800f000-f8010000 rwxp 00019000 08:05 17069          /lib/ld-2.3.6.so
ffe67000-ffe7c000 rw-p ffe67000 00:00 0              [stack]


More information about the Linuxppc-dev mailing list