Helge Deller <deller@xxxxxx> writes: > On 11/3/23 13:53, Sam James wrote: >> Sam James <sam@xxxxxxxxxx> writes: >>> I recently hit an issue with systemd-254 which tries to use the new >>> prctl(PR_SET_MDWE) for systemd's MemoryDenyWriteExecute functionality. > > Is this still a problem? Yes. When I get time, I will play with Dave's changes to allow using non-exeuctable stacks, but for now, it is broken until I can test these (thanks dave for working on that, and helge for the kernel side). > >>> On HPPA, we still need executable stacks, so this option doesn't work >>> and leads to a segfault on boot. > > For kernel we don't need it any longer. > But there might be dependencies on glibc version and/or combination. > So, I've currently lost overview if we still need executable stacks... > I don't remember which kernel version either.. I think it was last year that you finished off all the DSO bits. I had to configure binutils with --enable-default-execstack=no for it to work in addition to Dave's GCC patches. But I did not test systemd yet... (sorry, I know this is equally vague.) >>> Should this call be succeeeding on HPPA, or should we reject it for >>> now until we have things wired up? >>> >>> Reported to systemd at https://github.com/systemd/systemd/issues/29775. >> >> Lennart has made clear (and I don't think I disagree) that he considers >> this squarely a kernel bug. > > I've read the various bug reports and looked at the kernel commits regarding, e.g. > > commit b507808ebce23561d4ff8c2aa1fb949fe402bc61 > Author: Joey Gouly <joey.gouly@xxxxxxx> > Date: Thu Jan 19 16:03:43 2023 +0000 > > mm: implement memory-deny-write-execute as a prctl > > but what is prctl(PR_SET_MDWE, PR_MDWE*, 0, 0)... expected to return on parisc? > EINVAL? ENOTSUP? Maybe we can ask Joey or the ARM people what they expect the semantics to be. > > Helge
