Summary: | MemoryDenyWriteExecute breaks ARMv5 due to RWX mappings in binaries | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Calvin Owens <calvin> |
Component: | Current packages | Assignee: | Gentoo Kernel Bug Wranglers and Kernel Maintainers <kernel> |
Status: | RESOLVED UPSTREAM | ||
Severity: | minor | CC: | calvin, systemd |
Priority: | Low | ||
Version: | unspecified | ||
Hardware: | ARM | ||
OS: | Linux | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=916469 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Calvin Owens
2024-03-10 08:20:14 UTC
There's a fix on its way for older ARM: https://lore.kernel.org/linux-parisc/20240227013546.15769-4-zev@bewilderbeest.net/T/#t. Thanks Sam, I'll just mark this as fixed when that hits upstream. Answering my own question, as to how READ_IMPLIES_EXEC can be true, yet I can find a supposedly non-executable stack: armv5 ~ # grep stack /proc/1/maps bee62000-bee83000 rw-p 00000000 00:00 0 [stack] ...it's here, it effectively skips the check in do_mmap everything else hits: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/exec.c#n750 I'm a little surprised there wasn't more pushback on that kernel patch. Unlike with parisc, systemd is arguably at fault: it could check for READ_IMPLIES_EXEC in the return from sys_personality() and not issue the PR_SET_MDWE prctl() in that case. Maybe it should anyway. Something like https://gist.github.com/jcalvinowens/cdbddd7749c390b723146e7b4c9c9f2f |