Date: Thu, 25 Nov 2010 17:48:52 +0200 From: Kostik Belousov <kostikbel@gmail.com> To: arch@freebsd.org, amd64@freebsd.org Subject: Non-executable stacks Message-ID: <20101125154852.GR2392@deviant.kiev.zoral.com.ua>
next in thread | raw e-mail | index | archive | help
--IltA/rM2wonYuhj8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello, at the http://people.freebsd.org/~kib/misc/nxstacks.1.patch please find the patch that implements non-executable stack support for amd64 (and FreeBSD/ia32 processes executed on amd64 host). The implementation is done to take advantage of GNU toolchain PT_GNU_STACK markers. The description of them I was able to find, except the binutils and gcc source code, is at http://www.redhat.com/archives/fedora-devel-list/2003-November/msg00838.html http://www.gentoo.org/proj/en/hardened/gnu-stack.xml Notes about the patch. It consists of the following pieces that are relatively independed from each other: - Added .note.GNU-stack section for all assembly sources for i386 and amd64, used to build rtld, libc, libm and libthr. The libraries do not need executable stack, so shall be marked as such. This is the biggest and most trivial part of the patch. I had to modify contributed source for compiler-rt library. - Changed gcc configuration to emit .note.GNU-stack as appropriate, for i386 and amd64. - Moved signal trampolines off the main process stack. For this, I had to implement the global shared page n-th time. Simple allocator is provided to carve properly aligned chunks of the page space. Used by image activators to allocate space for the trampolines. - ELF activator parses PT_GNU_STACK phdr and sets the stack protection as specified in the image. If the phdr is missing, rwx is used, as before. - rtld is supplied with the main stack protection mode a by new aux vector. If any dso is loaded that requires executable stack and current protection disables execution from stack, __pthread_map_stacks_exec() is called. - For single-threaded process, libc provides the weak implementation of __pthread_map_stacks_exec that calls mprotect() on the main process stack. - For multi-threaded process, libthr provides __pthread_map_stacks_exec() that changes protection of all allocated stacks. New rtld interface _rtld_get_stack_prot() is used to properly set protection for created threads. It is curious enough that HEAD allocates the main stack on amd64 as executable, but libthr marks all stacks for non-initial thread as not executable ! This should already break some gcc features when used from non-initial thread. --IltA/rM2wonYuhj8 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) iEYEARECAAYFAkzuhWQACgkQC3+MBN1Mb4gougCgyFDpcpeBGccPLew59uVgmJUA S+oAniEHKhH3MdzbIHI62wt0yOrP4QIp =xe92 -----END PGP SIGNATURE----- --IltA/rM2wonYuhj8--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101125154852.GR2392>