Executing from readablee, no-exec pages
Johannes Berg
johannes at sipsolutions.net
Fri Jul 6 23:43:00 EST 2007
On Fri, 2007-07-06 at 15:36 +0200, Segher Boessenkool wrote:
> > Umm, are you sure about this? The "prevent data exception in kernel
> > space" patch came from a test program I had that attempted to
> > execute a
> > page with /no permissions/ at all!
>
> I haven't looked at the code path in detail, but I believe Scott's
> analysis is correct. The kernel would merrily let a program run
> code from a page without execute permission (so also from a page
> without any permissions at all); not anymore, after my patch.
>
> Programs relying on this behaviour are obviously buggy, but the
> problem is that one of these broken programs is glibc, at least
> some not-all-that-new but also not-all-that-old versions.
Ok I can see how your patch changes that if the page is readable but not
executable and hasn't been faulted in yet, then executing it will kill
the program. However, reading first (prefaulting) and then executing
code on the page will not kill the program.
> Too many negatives, I don't see which way you're arguing :-)
Heh.
> I think you're saying to treat read access as including execute
> access? I believe that would be too permissive here.
Yeah well what I was trying to say is that there's no point in having
read without execute if prefaulting the page can get you around that.
johannes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.ozlabs.org/pipermail/linuxppc-dev/attachments/20070706/be2e2380/attachment.pgp>
More information about the Linuxppc-dev
mailing list