This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v2 0/3] Mips support for PT_GNU_STACK
- From: Faraz Shahbazker <fshahbazker at wavecomp dot com>
- To: Adhemerval Zanella <adhemerval dot zanella at linaro dot org>, Dragan Mladjenovic <dmladjenovic at wavecomp dot com>, "libc-alpha at sourceware dot org" <libc-alpha at sourceware dot org>
- Cc: Joseph Myers <joseph at codesourcery dot com>, Carlos O'Donell <carlos at redhat dot com>, "Maciej W . Rozycki" <macro at linux-mips dot org>
- Date: Wed, 17 Jul 2019 22:59:12 +0000
- Subject: Re: [PATCH v2 0/3] Mips support for PT_GNU_STACK
- Arc-authentication-results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=wavecomp.com;dmarc=pass action=none header.from=wavecomp.com;dkim=pass header.d=wavecomp.com;arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jvJTUdg7yZqmsUfU6lLcDL+MMcBKnNAAygTVJ0bbsK0=; b=hVCxXz3S0tog0+fG/CAgQcH52YFIuG0rX5d2olKa1IM7/gYjo4YSHxUG49ITiH5sYRsnJvhoEzGbcJLoBhB7nMZPifsU1cohRkXZ4xy+1uTlFd57chVR7/AlaFQWdC51IMgbWe9Sof/+wjbyosETcvAh8pLTXxGADx9WU2qaO6lUlTZAIldKVq9DoCAHShMH7gnSpLs0V9E3UIOrxRP6OlRnFiuzwGpDfKOv792/F4SwTz6pmx7qVHR0PVfWGm+OK+cxJv9ZmnAZrHLYAnScTo0SbJjfxbU9M2b7zewbBimiWRGsfUCeBeT6MmSVNloAQiYSRxr+VkswLBeAJWOhuw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=C9NG0PSCayiOR7AzyqyfkhfDZlpIf9lKVsEqczfUGlUGxESqyxDAfeDQORsiDQ6JQgg6UcDLaPAUP1BbVoZIqHvj9dT6KR/d1hbxhYjs8u4ixFCbDuUtw+vshpXs5GHn8PA4RxDGQWdDjf4OPMW7pw9Bt+Jls+gjVXZmC0FnK73Pd5OLbi2FxrYMYdLnzoC7VoSMpeNaOCnNa/2pP0fAgX8VAykSyq/NLE3kSP7hH1Q4qvJ5xVvL96N3Wclk7b+51Yku9Vzz+YvlOPZ4hWdRjY94bMgIY8Ykk8tSgHZBY66webZ3BdGjXbdIs64J0qVdnhr1CBae/LQH5wW7AtjQpg==
- References: <1563214941-16203-1-git-send-email-dmladjenovic@wavecomp.com> <a21dabcc-4f24-8d74-08c6-3ee57b3df2bb@linaro.org>
On 07/17/2019 12:43 PM, Adhemerval Zanella wrote:
> I think checking the kernel version is the wrong approach, it prevents a distribution
> to backport the kernel fix without also applying a out-of-tree patch to fix it on glibc
> as well. IMHO the proper way would be to make kernel advertise it through hwcap, as
> other architectures do for similar kernel features and not tie it to any specific
> version.
The original proposal was to advertise through AT_FLAGS. I've heard this suggestion of using
hwcap from multiple sources, so I am curious - what other *purely* software kernel features
are advertised using hwcap?
>> The last patch increments the ABI Version number in order to disallow new
>> binaries to run with older glibc. The number is not set in stone.
>> I'm assuming it will probably land after GNU_HASH [3] support which consumes
>> ABI version 5 for MIPS. I will send a proposal for Binutils and GCC after this
>> part gets finalized.
>
> If the idea is to fallback to executable stack for the case of underlying missing
> kernel support, which is the net gain in adding this requirement? My understanding
> it ABI bump should be used to fail early for the cases where the new binaries
> requires loader support that can not be provided (iFUNC or new relocations), not
> for hardening.
It is not really hardening, the way glibc handles PT_GNU_STACK is along the lines of
'may have non-executable stack' rather than 'must have non-executable stack'. However
the MIPS backend overrides *any* incoming PT_GNU_STACK permissions using the default (RWX)
permissions for MIPS, in effect enforcing 'will not have non-executable stack'. What is
being indicated here is a change in this default behaviour. The ABI version bump would
indicate whether PT_GNU_STACK permissions will be honoured (at least to the extent it is
by other architectures) or simply ignored (as it has historically been).
IMO, the current behaviour of PT_GNU_STACK for MIPS is an anomaly in itself. What should
have been, is a rejection of non-executable PT_GNU_STACK at some level, instead of silently
overriding it in glibc. So are you of the opinion that this change in glibc behaviour is not
worth being published at all, or that it should be advertised using a different mechanism
instead of an ABI version bump?
Regards,
Faraz