ppc64 sbrk returns executable heap in 32-bit emulation mode
Alan Modra
amodra at gmail.com
Mon May 16 16:24:25 AEST 2016
On Thu, May 12, 2016 at 03:41:09PM +0200, Florian Weimer wrote:
> We noticed that on ppc64, the sbrk system call in the 32-bit subsystem
> returns executable memory. I assume it is related to this, in
> arch/powerpc/include/asm/page.h:
>
> /*
> * Unfortunately the PLT is in the BSS in the PPC32 ELF ABI,
> * and needs to be executable. This means the whole heap ends
> * up being executable.
> */
> #define VM_DATA_DEFAULT_FLAGS32 (VM_READ | VM_WRITE | VM_EXEC | \
> VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC)
>
>
> What is the rationale for this? This comment must be *really* old,
I think the comment is just plain wrong. ppc32 needs an executable
stack because it builds trampolines on the stack to support calling
nested functions. I presume that's why the heap is executable. (If
I'm wrong about heap+stack needing the same protection then I can't
think of any reason to require an executable heap.)
> because ld.so in glibc should make sure that the PLT is executable. And
> for current binaries, .bss is *not* executable, contrary to what the
> comment suggests.
>
> Is this comment about pre-ELF binaries? If yes, would it possible to
> change the default for ELF binaries?
>
> Thanks,
> Florian
--
Alan Modra
Australia Development Lab, IBM
More information about the Linuxppc-dev
mailing list