Re: [PATCH v4 3/3] MIPS: set stack/data protection as non-executable

[Leonid Yegoshin]

On 08/05/2015 05:14 PM, David Daney wrote:
> On 08/05/2015 05:06 PM, Leonid Yegoshin wrote:
> > On 08/05/2015 04:55 PM, Paul Burton wrote:
> > > As was pointed out last time you posted this, it breaks backwards
> > > compatibility with userland & thus cannot be applied.
> >
> > Never observed since first version.
> >
> > In other side, the problem with apps like ssh_keygen is observed in
> > absence of executable stack protection.
>
> You cannot change the default.
>
> If your ssh_keygen is broken, get a working version.

It is actually any application which requests non-executable stack 
protection and needs some emulation BEFORE GLIBC cancels that 
non-executable stack protection due to libraries.

If you build all libraries with PT_GNU_STACK 'non-executable' and use 
application with the same protection then you can't emulate even a 
single instruction - it crashes immediately. So, it is not a bad 
application, it is a bad choice for emulation space in past.

> I have never had a problem running ssh_keygen (on platforms requiring 
> emulation).

Create a buildroot FS with PT_GNU_STACK 'non-executable' libraries. Then 
run ssh_keygen on CPU without FPU and look.

You also may try to run MIPS R2 Debian on MIPS R6 CPU, and see a 
spectacular failure of ssh_keygen (it tries to emulate MIPS R2 
instruction before first library is loaded and that fails due to 
non-executable stack protection.

- Leonid.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/