Date: Tue, 1 Feb 2005 12:46:59 +0100
From: Ingo Molnar <mingo@elte.hu>
To: Peter Busser <busser@m-privacy.de>
Cc: Arjan van de Ven <arjan@infradead.org>, linux-kernel@vger.kernel.org
Subject: Re: Sabotaged PaXtest (was: Re: Patch 4/6  randomize the stack pointer)
Message-ID: <20050201114659.GA30978@elte.hu>
References: <200501311015.20964.arjan@infradead.org> <200501311357.59630.busser@m-privacy.de> <1107189699.4221.124.camel@laptopd505.fenrus.org> <200502011044.39259.busser@m-privacy.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200502011044.39259.busser@m-privacy.de>
User-Agent: Mutt/1.4.1i
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1211
Lines: 35


* Peter Busser <busser@m-privacy.de> wrote:

> > ok the paxtest 0.9.5 I downloaded from a security site (not yours) had
> > this gem in:

> > +               do_mprotect((unsigned long)argv & ~4095U, 4096, PROT_READ|PROT_WRITE|PROT_EXEC);

> > which is clearly there to sabotage any segmentation based approach (eg
> > execshield and openwall etc); it cannot have any other possible use or
> > meaning.

> > the paxtest 0.9.6 that John Moser mailed to this list had this gem in
> > it:

> > +       /* Dummy nested function */
> > +       void dummy(void) {}

> > which is clearly there with the only possible function of sabotaging the
> > automatic PT_GNU_STACK setting by the toolchain (which btw is not fedora
> > specific but happens by all new enough (3.3 or later) gcc compilers on
> > all distros) since that requires an executable stack.
[...]

> No, these things are also in the officially released sources. I put
> them in myself in fact.

*PLONK*

	Ingo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/