[ubuntu-hardened] PATCH: PT_PAX_FLAGS for mainline

John Richard Moser nigelenki at comcast.net
Mon Mar 28 22:26:40 CST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is the experimental PT_PAX_FLAGS parser for mainline.  Currently
the features I believe I have ported include:

 - Only parsing PT_PAX_FLAGS (not EI_PAX)
 - Only parsing for PT_PAX_FLAGS in ELF executable binaries (ET_DYN and
ET_EXEC main executables)
 - Parsing in hardmode for all flags
 - Checking for EMUTRAMP with PAGEEXEC, though the kill logic was removed
 - Setting the proper flags for the task
 - Using an unset MF_PAX_PAGEEXEC to indicate a set PT_GNU_STACK
 - Fallback to PT_GNU_STACK logic if PT_PAX_FLAGS is non-existant

It compiles and links, no warnings.  I need my logic checked before I
attempt to put this on LKML and sell it for mainline.  I should also
probably locate the mainline ASLR code so I'll be ready with a follow-up
patch soon, both to help argue this one in and to add before this one is
removed (if it gets in).


The next patch will be the one to add MF_PAX_RANDMMAP testing to the new
mainline ASLR code, if possible; it's possible that said randomization
could occur before PT_PAX_FLAGS is parsed :/

After that I'm hoping to port over trampoline emulation so that mainline
and ES can benefit from having non-executable stacks when nested
functions are used.  This of course may be quite far out of my league to
understand at all, much less port safely; but I'll try.

- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

    Creative brains are a valuable, limited resource. They shouldn't be
    wasted on re-inventing the wheel when there are so many fascinating
    new problems waiting out there.
                                                 -- Eric Steven Raymond
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCSNj7hDd4aOud5P8RAhWCAJ4o21/6O3IP8a85m9oXiA69WGXf/ACcCFz9
ngwmkCtyq+58UEAA0GhQBrY=
=nV++
-----END PGP SIGNATURE-----

More information about the ubuntu-hardened mailing list