[patch] Adding stack markings to the x86 assembly for not using executable stack
Tom Rodriguez
Thomas.Rodriguez at Sun.COM
Tue Sep 1 13:29:39 PDT 2009
>> Are you sending this patch upstream? It would be good to have some
>> feedback from the HotSpot developers before we commit this for a
>> release.
>>
>> Does this affect SPARC too?
>
> I'm not familiar with SPARC hardware, but if it supports "execute"
> memory
> protections, then it is a valuable change there too. It it doesn't,
> it
> won't hurt anything, IIUC.
The machinery for this on Solaris is completely different. On Solaris
it's done using mapfiles and it wouldn't be a bad idea to request non-
executable stacks though this brings up a question about how all this
interacts with shared libraries. If you have an executable that
disables execute and it dlopens a library that doesn't, what happens?
Presumably the executables and libraries have to be in agreement for
this to really work, right?
tom
>
> -Kees
>
> --
> Kees Cook
> Ubuntu Security Team
More information about the distro-pkg-dev
mailing list