Bug#382746: powerpc libgcc writes code to the stack

To: submit@bugs.debian.org
Subject: Bug#382746: powerpc libgcc writes code to the stack
From: "Albert Cahalan" <acahalan@gmail.com>
Date: Sun, 13 Aug 2006 00:00:44 -0400
Message-id: <[🔎] 787b0d920608122100g1cf31227j81a5a649ef159ead@mail.gmail.com>
Reply-to: "Albert Cahalan" <acahalan@gmail.com>, 382746@bugs.debian.org

Package: gcc-4.1
Version: 4.1.1-5
Severity: important

__trampoline_setup in /lib/libgcc_s.so.1 puts code on the stack.

This contributes to insecurity on powerpc.

A half-way fix is to mmap a page for this evil crud.
This still violates good practice, needing the OS to
allow either write+execute or a dangerous transition
from write to execute. It'd be an improvement though.
Doing write+execute may be better, allowing the OS
to locate the page within a segment (256 MiB chunk
on PowerPC) which already has executable pages.

A better method would be to supply a page full of
trampoline functions in libgcc. Each function would:

1. examine its own address
2. map from the page of code to a page of data
3. use that data to implement the trampoline

Trampoline setup would thus involve filling in the
data and choosing the matching function to use.

Once libgcc stops putting code on the stack, gcc
needs to mark all executables as not requiring an
executable stack.

Reply to:

Prev by Date: Bug#382741: note.GNU-stack missing on powerpc
Next by Date: Bug#382748: broken -msecure-plt and -mbss-plt on powerpc
Previous by thread: Bug#382741: note.GNU-stack missing on powerpc
Next by thread: Bug#382748: broken -msecure-plt and -mbss-plt on powerpc
Index(es):
- Date
- Thread