Bug#188475: /usr/bin/localedef confilicts with PAX

To: "mikee" <mpokrywka@hoga.pl>
Cc: "GOTO Masanori" <gotom@debian.or.jp>, <188475@bugs.debian.org>, chpax@packages.qa.debian.org
Subject: Bug#188475: /usr/bin/localedef confilicts with PAX
From: GOTO Masanori <gotom@debian.or.jp>
Date: Sat, 12 Apr 2003 13:34:41 +0900
Message-id: <[🔎] 801y085o66.wl@oris.opensource.jp>
Reply-to: GOTO Masanori <gotom@debian.or.jp>, 188475@bugs.debian.org
In-reply-to: <[🔎] 079601c30021$c36988a0$3200000a@pocztaiis>
References: <[🔎] 079601c30021$c36988a0$3200000a@pocztaiis>

Hi!

At Fri, 11 Apr 2003 13:59:10 +0200,
mikee wrote:
> >   Please send under LANG=C.  I don't know what "Unicestwiony" means.
> sorry for that, here we go: 
> 
> mim:~# dpkg-reconfigure locales
> Generating locales...
>   pl_PL.ISO-8859-2.../usr/sbin/locale-gen: line 24:  9159 Killed                  localedef -i $input -c -f $charset $locale -A /etc/locale.alias
> mim:~#
> 
> 9159 is PID of killed process rather than source code line number :-)
>
> disabling segmentation based PAGE_EXEC (chpax -s /usr/bin/localedef) was enough
> but i compiled kernel with:
> CONFIG_GRKERNSEC_PAX_NOEXEC=y
> # CONFIG_GRKERNSEC_PAX_PAGEEXEC is not set
> CONFIG_GRKERNSEC_PAX_SEGMEXEC=y
> for performance reasons (according to compile options help)
> i'm not sure enable/disable paging based PAGE_EXEC works
> (chpax -s /usr/bin/localedef), because kernel was not
> compiled with this option...
> 
> i have to add that i am no kernel/security expert, i only wanted
> to be on safe side after that ptrace bug discovery.
> i installed and run debian on vulnerable kernel so i cannot be
> 100% sure everything is PAX "compatible" - i only know that
> after reboot with new "secure" kernel there was no trouble until now...

The malloc_initialize_hook is glibc's malloc() hook routine.  I guess
this program gets also sigsegv:

	#include <stdio.h>
	#include <stdlib.h>
	
	void check(void)
	{
	        printf("malloc\n");
	}
	
	void (*__malloc_initialize_hook) (void) = check;
	
	int main(void)
	{
	        int *a = malloc(4);
	}

So, this kind of malloc_initialize_hook may need to set "chpax" to be
enable data segment execution under some grsecurity pax kernel
configurations.  The kernel patch in kernel-patch-2.4-grsecurity says:

CONFIG_GRKERNSEC_PAX_NOEXEC
+  This will also break programs that rely on the old behaviour and
+  expect that dynamically allocated memory via the malloc() family
+  of functions is executable (which it is not).  Notable examples
+  are the XFree86 4.x server, the java runtime and wine.

OK, look at http://pageexec.virtualave.net/.  There are scripts
"chpax.sh" and "chpax.cfg".  Do you have any problems in X11 or java
with pax?  This script may be suite for your purpose.  Add "localedef"
into this configuration file.  If you succeed to achive to fix this
problem, please tell me.  I reassign this bug to "chpax" package to
ask adding this configuration file.

Regards,
-- gotom

Reply to:

References:
- Bug#188475: /usr/bin/localedef confilicts with PAX
  - From: "mikee" <mpokrywka@hoga.pl>

Prev by Date: Bug#184573: also with res_mkquery
Next by Date: cvs commit to glibc-package/debian by gotom
Previous by thread: Bug#188475: /usr/bin/localedef confilicts with PAX
Next by thread: Bug#188475: /usr/bin/localedef confilicts with PAX
Index(es):
- Date
- Thread