> > > >Which does the PT_SUNWSTACK header apply to? > > It sets the fields in the proc structure which > defines the stack > protection. > > >I'm not sure what point there would be in per-thread > >control; if any one thread in an address space is > exploitable, > >the whole address space is potentially corruptible. > > > It's different because mprotect() works on the > process. Using mprotect > requires you to run mprotect on all process stacks > (as long as they are > created by the library). I'm not sure that the > kernel has sufficient > information to figure that out.
Looks to me like http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/lib/libc/port/threads/thr.c checks sysconf(_SC_STACK_PROT) and honors it. The only problem is that it caches the return value (static variable stackprot), which would have to be invalidated by the mprotect() wrapper when the magic ADDR_STACK was used (so that it would pick up the new process-wide value that was also set in the proc structure). That would make that setting apply to all future thread stacks. In other words, that source file would have to add a _-prefixed library internal function that zeros stackprot. Maybe the best one can do is the main stack (current+future) and the thread stacks (future), if one can't readily figure out from either user space (syscall wrapper check) or kernel space the location and size of all the current thread stacks. I haven't looked at how sigaltstack() handling might get involved... -- This message posted from opensolaris.org _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
