Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753883AbbHFAYB (ORCPT ); Wed, 5 Aug 2015 20:24:01 -0400 Received: from mailapp01.imgtec.com ([195.59.15.196]:41256 "EHLO mailapp01.imgtec.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751867AbbHFAYA (ORCPT ); Wed, 5 Aug 2015 20:24:00 -0400 Message-ID: <55C2A91B.1090704@imgtec.com> Date: Wed, 5 Aug 2015 17:23:55 -0700 From: Leonid Yegoshin User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 MIME-Version: 1.0 To: David Daney CC: Paul Burton , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: Re: [PATCH v4 3/3] MIPS: set stack/data protection as non-executable References: <20150805234348.20722.71740.stgit@ubuntu-yegoshin> <20150805234936.20722.60927.stgit@ubuntu-yegoshin> <20150805235543.GG2057@NP-P-BURTON> <55C2A50A.50805@imgtec.com> <55C2A6FE.1020003@caviumnetworks.com> In-Reply-To: <55C2A6FE.1020003@caviumnetworks.com> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [10.20.3.79] Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1670 Lines: 45 On 08/05/2015 05:14 PM, David Daney wrote: > On 08/05/2015 05:06 PM, Leonid Yegoshin wrote: >> On 08/05/2015 04:55 PM, Paul Burton wrote: >>> >>> >>> As was pointed out last time you posted this, it breaks backwards >>> compatibility with userland & thus cannot be applied. >> >> Never observed since first version. >> >> In other side, the problem with apps like ssh_keygen is observed in >> absence of executable stack protection. > > You cannot change the default. > > If your ssh_keygen is broken, get a working version. It is actually any application which requests non-executable stack protection and needs some emulation BEFORE GLIBC cancels that non-executable stack protection due to libraries. If you build all libraries with PT_GNU_STACK 'non-executable' and use application with the same protection then you can't emulate even a single instruction - it crashes immediately. So, it is not a bad application, it is a bad choice for emulation space in past. > > I have never had a problem running ssh_keygen (on platforms requiring > emulation). Create a buildroot FS with PT_GNU_STACK 'non-executable' libraries. Then run ssh_keygen on CPU without FPU and look. You also may try to run MIPS R2 Debian on MIPS R6 CPU, and see a spectacular failure of ssh_keygen (it tries to emulate MIPS R2 instruction before first library is loaded and that fails due to non-executable stack protection. - Leonid. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/