[klibc] Latest kernel reports "process '/bin/sh' started with executable stack"

Christophe Leroy christophe.leroy at c-s.fr
Thu Feb 6 07:38:34 PST 2020


With latest kernel (Linus tree as of 5.6 merge window), I get the 
following warning in the kernel 'dmesg':

[    5.746588] process '/bin/sh' started with executable stack

This comes from commit 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/exec.c?id=47a2ebb7f5053387f5753b524f4920b9b829f922
"execve: warn if process starts with executable stack"

objdump -x shows:

/usr/lib/klibc/bin/sh:     file format elf32-powerpc
/usr/lib/klibc/bin/sh
architecture: powerpc:common, flags 0x00000102:
EXEC_P, D_PAGED
start address 0x10000140

Program Header:
     PHDR off    0x00000034 vaddr 0x10000034 paddr 0x10000034 align 2**2
          filesz 0x000000a0 memsz 0x000000a0 flags r-x
   INTERP off    0x000000d4 vaddr 0x100000d4 paddr 0x100000d4 align 2**0
          filesz 0x0000002a memsz 0x0000002a flags r--
     LOAD off    0x00000000 vaddr 0x10000000 paddr 0x10000000 align 2**16
          filesz 0x00010928 memsz 0x00010928 flags r-x
     LOAD off    0x00010928 vaddr 0x10020928 paddr 0x10020928 align 2**16
          filesz 0x00000144 memsz 0x00004880 flags rw-
    STACK off    0x00000000 vaddr 0x00000000 paddr 0x00000000 align 2**4
          filesz 0x00000000 memsz 0x00000000 flags rwx


Indeed, the stack is rwx, which is unexpected. And it is the case for 
all klibc tools.

How can we fix that ?

Thanks
Christophe


More information about the klibc mailing list