[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#382746: powerpc libgcc writes code to the stack

forwarded 382746 http://gcc.gnu.org/PR29231
tags 382746 + upstream
thanks

Albert, please could you consider subscribing to the upstram report?

Albert Cahalan writes:
> Package: gcc-4.1
> Version: 4.1.1-5
> Severity: important
> 
> __trampoline_setup in /lib/libgcc_s.so.1 puts code on the stack.
> 
> This contributes to insecurity on powerpc.
> 
> A half-way fix is to mmap a page for this evil crud.
> This still violates good practice, needing the OS to
> allow either write+execute or a dangerous transition
> from write to execute. It'd be an improvement though.
> Doing write+execute may be better, allowing the OS
> to locate the page within a segment (256 MiB chunk
> on PowerPC) which already has executable pages.
> 
> A better method would be to supply a page full of
> trampoline functions in libgcc. Each function would:
> 
> 1. examine its own address
> 2. map from the page of code to a page of data
> 3. use that data to implement the trampoline
> 
> Trampoline setup would thus involve filling in the
> data and choosing the matching function to use.
> 
> Once libgcc stops putting code on the stack, gcc
> needs to mark all executables as not requiring an
> executable stack.
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-gcc-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: