Bug 127686 - RHEL3 U3 kernel has execstack support, but no PROT_GROWSDOWN
RHEL3 U3 kernel has execstack support, but no PROT_GROWSDOWN
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kernel (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Ingo Molnar
: FutureFeature
Depends On:
Blocks: 123574 127692
  Show dependency treegraph
Reported: 2004-07-12 12:17 EDT by Jakub Jelinek
Modified: 2007-11-30 17:07 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-12-20 15:55:37 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jakub Jelinek 2004-07-12 12:17:19 EDT
Without PROT_GROWSDOWN, especially on RHEL3 Ux where there are still
many shared libraries either without PT_GNU_STACK or with RWE PT_GNU_STACK,
the dynamic linker needs to mprotect stack the slow way, e.g.
with main binary PT_GNU_STACK PF_R|PF_W, but some shared library
it depends on or dlopens doesn't have PT_GNU_STACK or has PF_X bit
set in its p_flags, ld.so ends up doing:
mprotect(0xbfffb000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC|PROT_GROWSDOWN) = -1 EINVAL (Invalid argument)
mprotect(0xbfff4000, 32768, PROT_READ|PROT_WRITE|PROT_EXEC) = -1 ENOMEM (Cannot allocate memory)
mprotect(0xbfff8000, 16384, PROT_READ|PROT_WRITE|PROT_EXEC) = -1 ENOMEM (Cannot allocate memory)
mprotect(0xbfffa000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC) = -1 ENOMEM (Cannot allocate memory)
mprotect(0xbfffb000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) = 0
mprotect(0xbfffa000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) = -1 ENOMEM (Cannot allocate memory)

Patch for this is available in bug #127341.
(or if we have time, just move the PROT_GROWSDOWN definitions to
where they belong instead of the hack I put together in the hope
it could make RHEL3 U3 beta).
Comment 1 Ernie Petrides 2004-07-12 13:08:11 EDT
This seems like a reasonable feature request for U4.  It's
basically a back-port from 2.6.  I think the mprotect(2)
man page should also be updated.
Comment 2 Ingo Molnar 2004-08-18 07:26:09 EDT
Yep, agreed for U4, i'd suggest to apply the patch in #127341.
Comment 3 Ingo Molnar 2004-08-21 04:08:19 EDT
patch submitted for taroon.
Comment 4 Ernie Petrides 2004-08-31 14:59:07 EDT
The patch in comment #28 bug #127341 was committed to the RHEL3 U4
patch pool yesterday evening (in kernel version 2.4.21-20.1.EL).
Comment 5 John Flanagan 2004-12-20 15:55:37 EST
An errata has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.