[klibc] Latest kernel reports "process '/bin/sh' started with executable stack"
Anatoly Pugachev
matorola at gmail.com
Wed Feb 26 11:05:22 PST 2020
On Wed, Feb 26, 2020 at 12:37 AM Kees Cook <keescook at chromium.org> wrote:
>
> On Thu, Feb 06, 2020 at 04:38:34PM +0100, Christophe Leroy wrote:
> > With latest kernel (Linus tree as of 5.6 merge window), I get the following
> > warning in the kernel 'dmesg':
> >
> > [ 5.746588] process '/bin/sh' started with executable stack
> >
> > This comes from commit https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/exec.c?id=47a2ebb7f5053387f5753b524f4920b9b829f922
> > "execve: warn if process starts with executable stack"
>
> This commit is not a good idea. Does it think it's only in x86_64 land?
...
> >
> > Indeed, the stack is rwx, which is unexpected. And it is the case for all
> > klibc tools.
> >
> > How can we fix that ?
>
> klibc uses trampolines for its setjmp implementation. I ran into this
> years ago when eradicating executable stacks from Ubuntu:
> https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks
debian sid/unstable sparc64
$ uname -a
Linux ttip 5.6.0-rc3 #27 SMP Mon Feb 24 14:11:35 MSK 2020 sparc64 GNU/Linux
$ dmesg | grep -i exec
[ 5.312263] process '/usr/bin/fstype' started with executable stack
$ readelf -lW /usr/lib/klibc/bin/fstype |grep GNU_STACK
GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000
0x000000 0x000000 RWE 0x10
$ objdump -x /usr/lib/klibc/bin/fstype | grep -A1 STACK
STACK off 0x0000000000000000 vaddr 0x0000000000000000 paddr
0x0000000000000000 align 2**4
filesz 0x0000000000000000 memsz 0x0000000000000000 flags rwx
More information about the klibc
mailing list