RE: Unexecutable stack

Richard B. Johnson (root@chaos.analogic.com)
Tue, 28 Dec 1999 10:33:16 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andrea Arcangeli: "Re: [PATCH] 2.3.34/pre-2.3.35-3 ramdisk/initrd NOT as a"
Previous message: Lord Satanus of Acheron: "[OT] There is indeed a lurker here harvesting addresses and spamming instantly [the bait was taken]"

Could the designer of the non-executable-stack code please explain how
this works on an ix86 machine? The ix86 can't differentiate
between read and execute in hardware. This means that either the
patch for ix86 is a no-op or, (I shudder), a trap is executed on
every user stack access, and the kernel code does a comparison.

Now, if the trap occurs on every access, you have a lot of overhead that
should be bench-marked so that users can make security decisions based
upon knowledge rather than emotion.

If the trap occurs only when the code-segment is changed within the
user environment, you haven't fixed anything because the stack may
be reachable within the current code-segment, although not at the
current offset.

If the trap occurs by marking pages not present and having the page-fault
handler confirm/deny access, you have the problem of granularity. A
lot of rogue code can fit within a page.

So, just how does this new code work? Or is it a feature for the Suns
only?

Cheers,
Dick Johnson

Penguin : Linux version 2.3.13 on an i686 machine (400.59 BogoMips).
Warning : The end of the world as we know it requires a new calendar.
Seconds : 307604 (until Y2K)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrea Arcangeli: "Re: [PATCH] 2.3.34/pre-2.3.35-3 ramdisk/initrd NOT as a"
Previous message: Lord Satanus of Acheron: "[OT] There is indeed a lurker here harvesting addresses and spamming instantly [the bait was taken]"