Re: [PATCH v2] MIPS: Add nonxstack=on|off kernel parameter

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On Thu, Dec 07, 2017 at 11:33:47AM +0000, Miodrag Dinic wrote:
> > On Wed, Dec 06, 2017 at 05:50:52PM +0000, Maciej W. Rozycki wrote:
> > >  What problem are you trying to solve anyway?  Is it not something that 
> > > can be handled with the `execstack' utility?
> > 
> > The commit message states that for Android "non-exec stack is required".
> > Is Android checking that then Aleksandar? If so, how? 
> 
> Android is using SELinux configured to disallow NX mappings by handling
> the following sepolicy rules :
> * Executable stack (execstack)
> * Executable heap (execheap)
> * File-based executable code which has been modified (execmod)
> * All other executable memory (execmem)

...

> The effect of not having some workaround like this in the kernel, would
> be to run Android only in SELinux permissive mode.

So you want to override the lack of RIXI so that SELinux sees an
RX->RW->RX transition as execmod instead of execmem (since without RIXI
its effectively RX->RWX->RX which is execmem)?

Looking at file_map_prot_check(), it does the execmem check on this
condition:

if (default_noexec &&
    (prot & PROT_EXEC) && (!file || IS_PRIVATE(file_inode(file)) ||
			   (!shared && (prot & PROT_WRITE)))) {
	/*
	 * We are making executable an anonymous mapping or a
	 * private file mapping that will also be writable.
	 * This has an additional check.
	 */

default_noexec is set if VM_DATA_DEFAULT_FLAGS doesn't have the exec
flag set, and that flag depends on current->personality &
READ_IMPLIES_EXEC, which depends on elf_read_implies_exec(), i.e.
mips_elf_read_implies_exec(), and that should already return 1 if RIXI
is unavailable.

I.e.

mips_elf_read_implies_exec() == 1

elf_read_implies_exec() == 1

READ_IMPLIES_EXEC will be set in current->personality

VM_DATA_DEFAULT_FLAGS will have VM_EXEC set

default_noexec will be set to 0 in selinux_init()

none of the execmem, execheap, execstack, execmod permission
checks should take place.

So whats the problem exactly? Perhaps I misinterpreted something.

Cheers
James

Attachment: signature.asc
Description: Digital signature


[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux