| To: | Miodrag Dinic <Miodrag.Dinic@mips.com> |
|---|---|
| Subject: | RE: [PATCH v2] MIPS: Add nonxstack=on|off kernel parameter |
| From: | "Maciej W. Rozycki" <macro@mips.com> |
| Date: | Wed, 6 Dec 2017 17:50:52 +0000 |
| Cc: | James Hogan <James.Hogan@mips.com>, David Daney <ddaney@caviumnetworks.com>, Aleksandar Markovic <aleksandar.markovic@rt-rk.com>, "linux-mips@linux-mips.org" <linux-mips@linux-mips.org>, Aleksandar Markovic <Aleksandar.Markovic@mips.com>, Andrew Morton <akpm@linux-foundation.org>, DengCheng Zhu <DengCheng.Zhu@mips.com>, Ding Tianhong <dingtianhong@huawei.com>, Douglas Leung <Douglas.Leung@mips.com>, "Frederic Weisbecker" <frederic@kernel.org>, Goran Ferenc <Goran.Ferenc@mips.com>, "Ingo Molnar" <mingo@kernel.org>, James Cowgill <James.Cowgill@imgtec.com>, "Jonathan Corbet" <corbet@lwn.net>, "linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>, "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>, Marc Zyngier <marc.zyngier@arm.com>, "Matt Redfearn" <Matt.Redfearn@mips.com>, Mimi Zohar <zohar@linux.vnet.ibm.com>, Paul Burton <Paul.Burton@mips.com>, "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>, Petar Jovanovic <Petar.Jovanovic@mips.com>, Raghu Gandham <Raghu.Gandham@mips.com>, Ralf Baechle <ralf@linux-mips.org>, Thomas Gleixner <tglx@linutronix.de>, Tom Saeger <tom.saeger@oracle.com> |
| In-reply-to: | <48924BBB91ABDE4D9335632A6B179DD6A8D102@MIPSMAIL01.mipstec.com> |
| List-archive: | <http://www.linux-mips.org/archives/linux-mips/> |
| List-help: | <mailto:ecartis@linux-mips.org?Subject=help> |
| List-id: | linux-mips <linux-mips.eddie.linux-mips.org> |
| List-owner: | <mailto:ralf@linux-mips.org> |
| List-post: | <mailto:linux-mips@linux-mips.org> |
| List-software: | Ecartis version 1.0.0 |
| List-subscribe: | <mailto:ecartis@linux-mips.org?subject=subscribe%20linux-mips> |
| List-unsubscribe: | <mailto:ecartis@linux-mips.org?subject=unsubscribe%20linux-mips> |
| Original-recipient: | rfc822;linux-mips@linux-mips.org |
| References: | <1511272574-10509-1-git-send-email-aleksandar.markovic@rt-rk.com> <dda5572e-0617-3427-7a90-07b3cf43d808@caviumnetworks.com> <48924BBB91ABDE4D9335632A6B179DD6A8CFEA@MIPSMAIL01.mipstec.com>,<20171130100957.GG5027@jhogan-linux.mipstec.com> <48924BBB91ABDE4D9335632A6B179DD6A8D102@MIPSMAIL01.mipstec.com> |
| Sender: | linux-mips-bounce@linux-mips.org |
| User-agent: | Alpine 2.00 (DEB 1167 2008-08-23) |
Hi Miodrag,
> When kernel is detecting the type of mapping it should apply :
>
> fs/binfmt_elf.c:
> ...
> if (elf_read_implies_exec(loc->elf_ex, executable_stack))
> current->personality |= READ_IMPLIES_EXEC;
> ...
>
> this effectively calls mips_elf_read_implies_exec() which performs a check:
> ...
> if (!cpu_has_rixi) {
> /* The CPU doesn't support non-executable memory */
> return 1;
> }
>
> return 0;
> }
>
> This will in turn make stack & heap executable on processors without
> RIXI, which are practically all processors with MIPS ISA R < 6.
>
> We would like to have an option to override this and force
> non-executable mappings for such systems.
Of course you can't force a non-executable mapping with a system where
all valid pages are executable, as David has already noted. Did you mean
the other condition, that is:
if (exstack != EXSTACK_DISABLE_X) {
/* The binary doesn't request a non-executable stack */
return 1;
}
? In which case you do want to respect the lack of the RIXI feature,
i.e.:
int mips_elf_read_implies_exec(void *elf_ex, int exstack)
{
if (!cpu_has_rixi) {
/* The CPU doesn't support non-executable memory */
return 1;
}
switch (nonxstack) {
case EXSTACK_DISABLE_X:
return 0;
case EXSTACK_ENABLE_X:
return 1;
default:
break;
}
if (exstack != EXSTACK_DISABLE_X) {
/* The binary doesn't request a non-executable stack */
return 1;
}
return 0;
}
(I'd replace `break' with `return exstack != EXSTACK_DISABLE_X' and
discard the code that follows, but that can be a separate optimisation).
What problem are you trying to solve anyway? Is it not something that
can be handled with the `execstack' utility?
NB as someone has observed with programs that do not request a
non-executable stack we actually propagate the execute permission to all
data pages. Is it not something we would want to handle differently?
Maciej
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH] MIPS: CM: Drop WARN_ON(vp != 0), Paul Burton |
|---|---|
| Next by Date: | Re: [PATCH v2] MIPS: Add nonxstack=on|off kernel parameter, Paul Burton |
| Previous by Thread: | Re: [PATCH v2] MIPS: Add nonxstack=on|off kernel parameter, David Daney |
| Next by Thread: | Re: [PATCH v2] MIPS: Add nonxstack=on|off kernel parameter, Paul Burton |
| Indexes: | [Date] [Thread] [Top] [All Lists] |