Executing from readablee, no-exec pages
Segher Boessenkool
segher at kernel.crashing.org
Fri Jul 6 23:36:36 EST 2007
>> As revealed by the recent "Prevent data exception in kernel space"
>> patch, versions of glibc prior to 2.4[1] assume that, on
>> powerpc32, they
>> can execute out of any readable mapping, regardless of whether it is
>> marked for execution. This happens in the elf_machine_load_address()
>> function.
>
> Umm, are you sure about this? The "prevent data exception in kernel
> space" patch came from a test program I had that attempted to
> execute a
> page with /no permissions/ at all!
I haven't looked at the code path in detail, but I believe Scott's
analysis is correct. The kernel would merrily let a program run
code from a page without execute permission (so also from a page
without any permissions at all); not anymore, after my patch.
Programs relying on this behaviour are obviously buggy, but the
problem is that one of these broken programs is glibc, at least
some not-all-that-new but also not-all-that-old versions.
> I know that I used to have problems with mono making this
> assumption but
> these have since been fixed; however if I understand you correctly
> then
> you can always pre-fault the page by a read and then execute it so I
> don't see the point in not doing the change you suggest.
Too many negatives, I don't see which way you're arguing :-)
I think you're saying to treat read access as including execute
access? I believe that would be too permissive here.
Anyway, let's first decide what is the right thing to do, and
only then look at the code ;-)
Segher
More information about the Linuxppc-dev
mailing list