about summary refs log tree commit diff
path: root/sysdeps/unix/sysv/linux/dl-execstack.c
blob: c2b964bf7f23125ccbb0d6d3bce0d8e1632bb9f7 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
/* Stack executability handling for GNU dynamic linker.  Linux version.
   Copyright (C) 2003, 2004 Free Software Foundation, Inc.
   This file is part of the GNU C Library.

   The GNU C Library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 2.1 of the License, or (at your option) any later version.

   The GNU C Library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Lesser General Public License for more details.

   You should have received a copy of the GNU Lesser General Public
   License along with the GNU C Library; if not, write to the Free
   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
   02111-1307 USA.  */

#include <ldsodefs.h>
#include <sys/mman.h>
#include <errno.h>
#include <libintl.h>
#include <stdbool.h>
#include <stackinfo.h>
#include <caller.h>

#include "kernel-features.h"


int __stack_prot attribute_hidden attribute_relro
#if _STACK_GROWS_DOWN
     = PROT_READ|PROT_WRITE|PROT_GROWSDOWN;
#elif _STACK_GROWS_UP
     = PROT_READ|PROT_WRITE|PROT_GROWSUP;
#endif


int
internal_function
_dl_make_stack_executable (void **stack_endp)
{
  /* This gives us the highest/lowest page that needs to be changed.  */
  uintptr_t page = ((uintptr_t) *stack_endp
		    & -(intptr_t) GLRO(dl_pagesize));

  /* Challenge the caller.  */
  if (__builtin_expect (__check_caller (RETURN_ADDRESS (0),
					allow_ldso|allow_libpthread) != 0, 0)
      || __builtin_expect (*stack_endp != __libc_stack_end, 0))
    return EPERM;

#if _STACK_GROWS_DOWN
  /* Newer Linux kernels support a flag to make our job easy.  */
# ifdef PROT_GROWSDOWN
#  if __ASSUME_PROT_GROWSUPDOWN == 0
  static bool no_growsdown;
  if (! no_growsdown)
#  endif
    {
      if (__builtin_expect (__mprotect ((void *) page, GLRO(dl_pagesize),
					__stack_prot) == 0, 1))
	goto return_success;
#  if __ASSUME_PROT_GROWSUPDOWN == 0
      if (errno == EINVAL)
	no_growsdown = true;
      else
#  endif
	return errno;
    }
# endif

  /* There is always a hole in the address space below the bottom of the
     stack.  So when we make an mprotect call that starts below the bottom
     of the stack, it will include the hole and fail with ENOMEM.

     We start with a random guess at how deep the stack might have gotten
     so as to have extended the GROWSDOWN mapping to lower pages.  */

# if __ASSUME_PROT_GROWSUPDOWN == 0
  size_t size = GLRO(dl_pagesize) * 8;
  page = page + GLRO(dl_pagesize) - size;
  while (1)
    {
      if (__mprotect ((void *) page, size,
		      __stack_prot & ~PROT_GROWSDOWN) == 0)
	/* We got this chunk changed; loop to do another chunk below.  */
	page -= size;
      else
	{
	  if (errno != ENOMEM)	/* Unexpected failure mode.  */
	    return errno;

	  if (size == GLRO(dl_pagesize))
	    /* We just tried to mprotect the top hole page and failed.
	       We are done.  */
	    break;

	  /* Our mprotect call failed because it started below the lowest
	     stack page.  Try again on just the top half of that region.  */
	  size /= 2;
	  page += size;
	}
    }
# endif

#elif _STACK_GROWS_UP
  /* Newer Linux kernels support a flag to make our job easy.  */
# ifdef PROT_GROWSUP
#  if __ASSUME_PROT_GROWSUPDOWN == 0
  static bool no_growsup;
  if (! no_growsup)
#  endif
    {
      if (__mprotect ((void *) page, GLRO(dl_pagesize),
		      PROT_READ|PROT_WRITE|PROT_EXEC|PROT_GROWSUP) == 0)
	goto return_success;
#  if __ASSUME_PROT_GROWSUPDOWN == 0
      if (errno == EINVAL)
	no_growsup = true;
      else
#  endif
	return errno;
    }
# endif

  /* There is always a hole in the address space above the top of the
     stack.  So when we make an mprotect call that spans past the top
     of the stack, it will include the hole and fail with ENOMEM.

     We start with a random guess at how deep the stack might have gotten
     so as to have extended the GROWSUP mapping to higher pages.  */

# if __ASSUME_PROT_GROWSUPDOWN == 0
  size_t size = GLRO(dl_pagesize) * 8;
  while (1)
    {
      if (__mprotect ((void *) page, size,
		      PROT_READ|PROT_WRITE|PROT_EXEC) == 0)
	/* We got this chunk changed; loop to do another chunk below.  */
	page += size;
      else
	{
	  if (errno != ENOMEM)	/* Unexpected failure mode.  */
	    return errno;

	  if (size == GLRO(dl_pagesize))
	    /* We just tried to mprotect the lowest hole page and failed.
	       We are done.  */
	    break;

	  /* Our mprotect call failed because it extended past the highest
	     stack page.  Try again on just the bottom half of that region.  */
	  size /= 2;
	}
    }
# endif

#else
# error "Define either _STACK_GROWS_DOWN or _STACK_GROWS_UP"
#endif

 return_success:
  /* Clear the address.  */
  *stack_endp = NULL;

  /* Remember that we changed the permission.  */
  GL(dl_stack_flags) |= PF_X;

  return 0;
}
rtld_hidden_def (_dl_make_stack_executable)