diff options
| author | Alexey Dobriyan <adobriyan@gmail.com> | 2020-01-30 22:17:29 -0800 | 
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2020-01-31 10:30:41 -0800 | 
| commit | 47a2ebb7f5053387f5753b524f4920b9b829f922 (patch) | |
| tree | ead8bf068e3fc1bedf768953f751c619d2fc93b1 /lib/mpi/mpi-bit.c | |
| parent | aacee5446a2a1aa35d0a49dab289552578657fb4 (diff) | |
execve: warn if process starts with executable stack
There were few episodes of silent downgrade to an executable stack over
years:
1) linking innocent looking assembly file will silently add executable
   stack if proper linker options is not given as well:
	$ cat f.S
	.intel_syntax noprefix
	.text
	.globl f
	f:
	        ret
	$ cat main.c
	void f(void);
	int main(void)
	{
	        f();
	        return 0;
	}
	$ gcc main.c f.S
	$ readelf -l ./a.out
	  GNU_STACK      0x0000000000000000 0x0000000000000000 0x0000000000000000
                         0x0000000000000000 0x0000000000000000  RWE    0x10
			 					 ^^^
2) converting C99 nested function into a closure
   https://nullprogram.com/blog/2019/11/15/
	void intsort2(int *base, size_t nmemb, _Bool invert)
	{
	    int cmp(const void *a, const void *b)
	    {
	        int r = *(int *)a - *(int *)b;
	        return invert ? -r : r;
	    }
	    qsort(base, nmemb, sizeof(*base), cmp);
	}
will silently require stack trampolines while non-closure version will
not.
Without doubt this behaviour is documented somewhere, add a warning so
that developers and users can at least notice.  After so many years of
x86_64 having proper executable stack support it should not cause too
many problems.
Link: http://lkml.kernel.org/r/20191208171918.GC19716@avx2
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Will Deacon <will@kernel.org>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'lib/mpi/mpi-bit.c')
0 files changed, 0 insertions, 0 deletions
