more on non-executable mappings on NetBSD

From: Pedro F. Giffuni (giffunip_at_yahoo.com)
Date: 11/30/03

  • Next message: Michael Bretterklieber: "libradius - missing defines" 
    Date: Sun, 30 Nov 2003 20:46:08 +0000 (GMT)
To: freebsd-current@FreeBSD.org

    Hi;

    I know everyone is busy with the upcoming release, but JIC someone is
    interested on this, I found this recent progress report post on NetBSD's lists:
    ______
    Subject: more on non-executable mappings
    To: None <tech-kern@netbsd.org>
    From: Chuck Silvers <chuq@chuq.com>
    List: tech-kern
    Date: 11/28/2003 11:57:21
    I'm getting back to looking at the rest of the non-executable mapping work
    from openbsd. (well, really this goes beyond that, to what they're calling
    "W^X", meaning that any given part of the user address space should not be
    both writable and executable.) the remaining items are:

     (1) update the kernel ELF code to handle more than 2 PT_LOAD sections.

     (2) change the linker to put the PLT, GOT and rodata into their PT_LOAD
         sections so that they can have different permissions than the existing
         "text" and "data" load sections.

     (3) change the runtime linker to use mprotect() to enable write access
         to the PLT only when needed, leaving it read-only the rest of the time.

     (4) other MD issues with kernel support for non-executable mappings

         (a) i386 currently only supports non-execute for the part of the
             address space where the traditional unix stack lives. this doesn't
             do anything for the data or bss sections, or the heap or mmap()d
             files (eg. shared libraries), or pthread stacks.
             the openbsd guys rearranged their user address space layout on i386
             fairly drastically to put all the executable mappings below
             a certain threshold.

         (b) powerpc OEA hardware only supports execute permissions at a
             segment (256MB) granularity. ideally we would rearrange the
             user address space layout here as well to put all the executable
             mappings down in segment 0 in the usual case.

    the first of these should be non-controversial and I have attached
    a patch which implements it. I'll commit it in a week or so if
    there are no objections.

    as for the other items, I'd like opinions on whether or not we want them,
    and if we do, how we might achieve them with the fewest headaches.

    -Chuck
    --------
    The patch is here:
    http://mail-index.netbsd.org/tech-kern/2003/11/28/0019.html
    ___________________
    FWIW, I posted the CVS commit log of the initial work on the -hackers list some
    time ago.

    cheers,

        Pedro.

    ps. I attempted to post this on -security but there was some error on my side
    of the network.

    ________________________________________________________________________
    Download Yahoo! Messenger now for a chance to win Live At Knebworth DVDs
    http://www.yahoo.co.uk/robbiewilliams
    _______________________________________________
    freebsd-current@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-current
    To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

  • Next message: Michael Bretterklieber: "libradius - missing defines"