Hi, On Wed, May 26, 2010 at 12:58:01AM -0700, Roland McGrath wrote: > Kyle said: > > Doesn't appear to work? > > > > kyle@dreadnought ~/src/linux-2.6 $ git remote > > add kees-execshield git://kernel.ubuntu.com/kees/linux-2.6.git > > kyle@dreadnought ~/src/linux-2.6 $ git fetch kees-execshield > > kernel.ubuntu.com[0: 91.189.94.216]: errno=Connection timed out > > fatal: unable to connect a socket (Connection timed out) > > It worked for me. > That seems to be a large uncoordinated branch of many topics. > I guessed just from the log summary which commits are these ones: > > git log -n3 6bf4df3 > > (I haven't really reviewed the changes.) > > Kees, if you are looking for review, putting these on an isolated topic > branch for people to look at easily is probably a good idea. Yes, sorry, I'm trying to make a collection of stuff to get ready for upstream. I will switch to topic branches, good idea: http://kernel.ubuntu.com/git?p=kees/linux-2.6.git;a=shortlog;h=refs/heads/nx-emu The "x86: brk away from exec rand area" patch represents a fix to a real problem, though, so at the very least, please review that one. It's a corner case only for PIE, but it does happen. There might be a more elegant solution, but my patch seems to do the job. > > Yes, we've been saying for a while that the randomization stuff needs to > > be gutted from exec-shield. There is still a lot of work left cleaning > > up exec-shield, all the hooks are pretty out of order. > > It was vaguely on my list for ages to clean up execshield and slice it into > separate patches, but I just gave up on ever getting around to it. One > should probably ping Ingo, since (AFAIK) he did it all to begin with, back > in the beforetime, the long, long ago. Well, to use the mainline ASLR, it would have to grow a little more knowledge about memory ranges to distinguish where the CS line was. The NX-emulation is "just" the CS-limit bits. (I've been trying to avoid saying "exec-shield" since AFAIU, exec-shield as a project covered much more than just NX-emu and ASLR.) But yeah, a good first step would be to port the NX-emu to using mainline ASLR. > The exec-shield boot/sysctl parameter has never made a whole lot of sense > to me. The "exec-shield" stuff is really about three separate things. If > they need knobs, it's always seemed to me they should have separate knobs. Sounds like we all agree on this. :) Currently it sounds like 3 knobs: nonexec: off, anything, hw-only stack-exec: follow ELF markings, always nonexec > > I suspect all this is still too invasive in the generic code to be > > palatable. > > I haven't really looked at Kees' patches. But having considered before > factoring this stuff out to cleanish, the i386 "NX emulation" stuff seemed > like the first thing to do and not hard to do fairly cleanly. (Not that > this motivated me to bother doing it.) Other objections are that it isn't "perfect" (i.e. the bss areas of loaded libraries end up being executable). I personally don't mind this -- it's better than nothing on hardware lacking the NX bit. -Kees -- Kees Cook Ubuntu Security Team _______________________________________________ kernel mailing list kernel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/kernel
