[klibc] Latest kernel reports "process '/bin/sh' started with executable stack"
Christophe Leroy
christophe.leroy at c-s.fr
Thu Feb 6 07:38:34 PST 2020
With latest kernel (Linus tree as of 5.6 merge window), I get the
following warning in the kernel 'dmesg':
[ 5.746588] process '/bin/sh' started with executable stack
This comes from commit
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/exec.c?id=47a2ebb7f5053387f5753b524f4920b9b829f922
"execve: warn if process starts with executable stack"
objdump -x shows:
/usr/lib/klibc/bin/sh: file format elf32-powerpc
/usr/lib/klibc/bin/sh
architecture: powerpc:common, flags 0x00000102:
EXEC_P, D_PAGED
start address 0x10000140
Program Header:
PHDR off 0x00000034 vaddr 0x10000034 paddr 0x10000034 align 2**2
filesz 0x000000a0 memsz 0x000000a0 flags r-x
INTERP off 0x000000d4 vaddr 0x100000d4 paddr 0x100000d4 align 2**0
filesz 0x0000002a memsz 0x0000002a flags r--
LOAD off 0x00000000 vaddr 0x10000000 paddr 0x10000000 align 2**16
filesz 0x00010928 memsz 0x00010928 flags r-x
LOAD off 0x00010928 vaddr 0x10020928 paddr 0x10020928 align 2**16
filesz 0x00000144 memsz 0x00004880 flags rw-
STACK off 0x00000000 vaddr 0x00000000 paddr 0x00000000 align 2**4
filesz 0x00000000 memsz 0x00000000 flags rwx
Indeed, the stack is rwx, which is unexpected. And it is the case for
all klibc tools.
How can we fix that ?
Thanks
Christophe
More information about the klibc
mailing list