* Ingo Molnar <[EMAIL PROTECTED]> wrote:
> > > [...] when the program has trampolines and has PT_GNU_STACK
> > > header with an E bit on the stack it still won't get an executable
> > > heap by default (this is what broke grub)
> > So I rather see the patch below merged instead; it fixes the worst
> > problems (RWE not marking the heap executable) while keeping this
> > useful feature enabled.
> >
> > Signed-off-by: Arjan van de Ven <[EMAIL PROTECTED]>
>
> looks good.
>
> Signed-off-by: Ingo Molnar <[EMAIL PROTECTED]>
>
> (I'd like to stress that this problem only affects packages
> _recompiled_ with new gcc, running on NX capable CPUs - legacy apps or
> CPUs are in no way affected. Also, even with a recompile,
> apps/kernels/distros have a number of other options as well even
> without this kernel fix, of varying granularity: to use the setarch
> utility, to set the READ_IMPLIES_EXEC personality bit within the code,
> or to pass in the noexec=off kernel commandline option, or to add a
> oneliner patch to their heap of 1500+ kernel patches, or to fix the
> application. Also, with Arjan's patch applied, the execstack utility
> can be used to remark the binary permanently, if needed.)
another, purely userspace solution is to add an execstack.c flag that
clears the PT_GNU_STACK ELF program header and changes it to e.g.
PT_NULL. That makes it a 'legacy' binary for the purposes of the kernel.
Ingo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
