MIPS: non-exec stack & heap when non-exec PT_GNU_STACK is present

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The stack and heap have both been executable by default on MIPS until
now. This patch changes the default to be non-executable, but only for
ELF binaries with a non-executable PT_GNU_STACK header present. This
does apply to both the heap & the stack, despite the name PT_GNU_STACK,
and this matches the behaviour of other architectures like ARM & x86.

Current MIPS toolchains do not produce the PT_GNU_STACK header, which
means that we can rely upon this patch not changing the behaviour of
existing binaries. The new default will only take effect for newly
compiled binaries once toolchains are updated to support PT_GNU_STACK,
and since those binaries are newly compiled they can be compiled
expecting the change in default behaviour. Again this matches the way in
which the ARM & x86 architectures handled their implementations of
non-executable memory.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Cc: Leonid Yegoshin <leonid.yegoshin@imgtec.com>
Cc: Maciej Rozycki <maciej.rozycki@imgtec.com>
Cc: Faraz Shahbazker <faraz.shahbazker@imgtec.com>
Cc: Raghu Gandham <raghu.gandham@imgtec.com>
Cc: Matthew Fortune <matthew.fortune@imgtec.com>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/13765/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>

authored by

Paul Burton and committed by

Ralf Baechle 9 years ago 1a770b85 432c6bac

+26 -2

3 changed files

expand all

arch

mips

include

asm

elf.h

page.h

kernel

elf.c

arch/mips/include/asm/elf.h

··· 499 499 extern void mips_set_personality_nan(struct arch_elf_state *state); 500 500 extern void mips_set_personality_fp(struct arch_elf_state *state); 501 501 502 + #define elf_read_implies_exec(ex, stk) mips_elf_read_implies_exec(&(ex), stk) 503 + extern int mips_elf_read_implies_exec(void *elf_ex, int exstack); 504 + 502 505 #endif /* _ASM_ELF_H */

+4 -2

arch/mips/include/asm/page.h

··· 229 229 #define virt_addr_valid(kaddr) \ 230 230 __virt_addr_valid((const volatile void *) (kaddr)) 231 231 232 - #define VM_DATA_DEFAULT_FLAGS (VM_READ | VM_WRITE | VM_EXEC | \ 233 - VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC) 232 + #define VM_DATA_DEFAULT_FLAGS \ 233 + (VM_READ | VM_WRITE | \ 234 + ((current->personality & READ_IMPLIES_EXEC) ? VM_EXEC : 0) | \ 235 + VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC) 234 236 235 237 #define UNCAC_ADDR(addr) ((addr) - PAGE_OFFSET + UNCAC_BASE) 236 238 #define CAC_ADDR(addr) ((addr) - UNCAC_BASE + PAGE_OFFSET)

+19

arch/mips/kernel/elf.c

··· 8 8 * option) any later version. 9 9 */ 10 10 11 + #include <linux/binfmts.h> 11 12 #include <linux/elf.h> 13 + #include <linux/export.h> 12 14 #include <linux/sched.h> 13 15 16 + #include <asm/cpu-features.h> 14 17 #include <asm/cpu-info.h> 15 18 16 19 /* Whether to accept legacy-NaN and 2008-NaN user binaries. */ ··· 329 326 BUG(); 330 327 } 331 328 } 329 + 330 + int mips_elf_read_implies_exec(void *elf_ex, int exstack) 331 + { 332 + if (exstack != EXSTACK_DISABLE_X) { 333 + /* The binary doesn't request a non-executable stack */ 334 + return 1; 335 + } 336 + 337 + if (!cpu_has_rixi) { 338 + /* The CPU doesn't support non-executable memory */ 339 + return 1; 340 + } 341 + 342 + return 0; 343 + } 344 + EXPORT_SYMBOL(mips_elf_read_implies_exec);