Skip to content

Commit

Permalink
mark the assembly object stacks as non-executable
Browse files Browse the repository at this point in the history
Closes rust-lang#5643

This also removes the need to pass noexecstack to gcc, but that wasn't
actually working anymore.
  • Loading branch information
thestinger committed Mar 31, 2013
1 parent 75d615d commit c0be7df
Show file tree
Hide file tree
Showing 16 changed files with 94 additions and 24 deletions.
8 changes: 3 additions & 5 deletions mk/platform.mk
Original file line number Diff line number Diff line change
Expand Up @@ -61,8 +61,6 @@ ifdef CFG_VALGRIND
endif

ifneq ($(findstring linux,$(CFG_OSTYPE)),)
# -znoexecstack is here because librt is for some reason being created
# with executable stack and Fedora (or SELinux) doesn't like that (#798)
ifdef CFG_PERF
ifneq ($(CFG_PERF_WITH_LOGFD),)
CFG_PERF_TOOL := $(CFG_PERF) stat -r 3 --log-fd 2
Expand Down Expand Up @@ -126,7 +124,7 @@ CFG_GCCISH_CXXFLAGS_x86_64-unknown-linux-gnu := -fno-rtti
CFG_GCCISH_LINK_FLAGS_x86_64-unknown-linux-gnu := -shared -fPIC -ldl -lpthread -lrt -g -m64
CFG_GCCISH_DEF_FLAG_x86_64-unknown-linux-gnu := -Wl,--export-dynamic,--dynamic-list=
CFG_GCCISH_PRE_LIB_FLAGS_x86_64-unknown-linux-gnu := -Wl,-whole-archive
CFG_GCCISH_POST_LIB_FLAGS_x86_64-unknown-linux-gnu := -Wl,-no-whole-archive -Wl,-znoexecstack
CFG_GCCISH_POST_LIB_FLAGS_x86_64-unknown-linux-gnu := -Wl,-no-whole-archive
CFG_DEF_SUFFIX_x86_64-unknown-linux-gnu := .linux.def
CFG_INSTALL_NAME_x86_64-unknown-linux-gnu =
CFG_LIBUV_LINK_FLAGS_x86_64-unknown-linux-gnu =
Expand All @@ -152,7 +150,7 @@ CFG_GCCISH_CXXFLAGS_i686-unknown-linux-gnu := -fno-rtti
CFG_GCCISH_LINK_FLAGS_i686-unknown-linux-gnu := -shared -fPIC -ldl -lpthread -lrt -g -m32
CFG_GCCISH_DEF_FLAG_i686-unknown-linux-gnu := -Wl,--export-dynamic,--dynamic-list=
CFG_GCCISH_PRE_LIB_FLAGS_i686-unknown-linux-gnu := -Wl,-whole-archive
CFG_GCCISH_POST_LIB_FLAGS_i686-unknown-linux-gnu := -Wl,-no-whole-archive -Wl,-znoexecstack
CFG_GCCISH_POST_LIB_FLAGS_i686-unknown-linux-gnu := -Wl,-no-whole-archive
CFG_DEF_SUFFIX_i686-unknown-linux-gnu := .linux.def
CFG_INSTALL_NAME_i686-unknown-linux-gnu =
CFG_LIBUV_LINK_FLAGS_i686-unknown-linux-gnu =
Expand Down Expand Up @@ -228,7 +226,7 @@ CFG_GCCISH_CXXFLAGS_arm-linux-androideabi := -fno-rtti
CFG_GCCISH_LINK_FLAGS_arm-linux-androideabi := -shared -fPIC -ldl -g -lm -lsupc++ -lgnustl_shared
CFG_GCCISH_DEF_FLAG_arm-linux-androideabi := -Wl,--export-dynamic,--dynamic-list=
CFG_GCCISH_PRE_LIB_FLAGS_arm-linux-androideabi := -Wl,-whole-archive
CFG_GCCISH_POST_LIB_FLAGS_arm-linux-androideabi := -Wl,-no-whole-archive -Wl,-znoexecstack
CFG_GCCISH_POST_LIB_FLAGS_arm-linux-androideabi := -Wl,-no-whole-archive
CFG_DEF_SUFFIX_arm-linux-androideabi := .android.def
CFG_INSTALL_NAME_arm-linux-androideabi =
CFG_LIBUV_LINK_FLAGS_arm-linux-androideabi =
Expand Down
13 changes: 9 additions & 4 deletions src/rt/arch/arm/_context.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

.text
.code 32
.arm
Expand All @@ -17,12 +22,12 @@ swap_registers:
str r10, [r0, #40]
str r11, [r0, #44]
str r12, [r0, #48]
str sp, [r0, #52]
str sp, [r0, #52]
str lr, [r0, #56]

mrs r2, cpsr
str r2, [r0, #64]


ldr r0, [r1, #0]
ldr r3, [r1, #12]
Expand All @@ -35,10 +40,10 @@ swap_registers:
ldr r10, [r1, #40]
ldr r11, [r1, #44]
ldr r12, [r1, #48]

ldr sp, [r1, #52]
ldr lr, [r1, #56]

ldr r2, [r1, #64]
msr cpsr_cxsf, r2

Expand Down
6 changes: 5 additions & 1 deletion src/rt/arch/arm/ccall.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

.text
.code 32
.arm
Expand All @@ -19,4 +24,3 @@ __morestack:
pop {r4, fp, lr}
mov pc, lr
.fnend

5 changes: 5 additions & 0 deletions src/rt/arch/arm/morestack.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

.text
.code 32
.arm
Expand Down
11 changes: 8 additions & 3 deletions src/rt/arch/arm/record_sp.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

.text
.code 32
.arm
Expand Down Expand Up @@ -45,17 +50,17 @@ get_sp_limit:
get_sp:
mov r0, sp
mov pc, lr

.data
my_cpu: .long 0
.global my_array
my_array:
my_array:
.long 0
.long 0
.long 0
.long 0
.long 0
.long 0
.long 0
.long 0
.long 0
.end
5 changes: 5 additions & 0 deletions src/rt/arch/i386/_context.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

.text

/*
Expand Down
5 changes: 5 additions & 0 deletions src/rt/arch/i386/ccall.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

/*
The function for switching to the C stack. It is called
__morestack because gdb allows any frame with that name to
Expand Down
11 changes: 8 additions & 3 deletions src/rt/arch/i386/morestack.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

/*
__morestack
Expand Down Expand Up @@ -218,11 +223,11 @@ MORESTACK:
.L$bail:
movl 32(%esp),%eax
inc %eax

addl $44, %esp
popl %ebp
addl $4+8,%esp

jmpl *%eax

#if defined(__linux__) || defined(__APPLE__) || defined(__FreeBSD__)
Expand All @@ -241,7 +246,7 @@ L_rust_get_task$stub:
L_upcall_new_stack$stub:
.indirect_symbol _upcall_new_stack
.ascii "\364\364\364\364\364"

L_upcall_del_stack$stub:
.indirect_symbol _upcall_del_stack
.ascii "\364\364\364\364\364"
Expand Down
4 changes: 4 additions & 0 deletions src/rt/arch/i386/record_sp.S
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif
5 changes: 5 additions & 0 deletions src/rt/arch/mips/_context.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

.text
.globl swap_registers
.align 2
Expand Down
5 changes: 5 additions & 0 deletions src/rt/arch/mips/ccall.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

.text

.globl __morestack
Expand Down
5 changes: 5 additions & 0 deletions src/rt/arch/mips/record_sp.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

.text

.globl record_sp_limit
Expand Down
15 changes: 10 additions & 5 deletions src/rt/arch/x86_64/_context.S
Original file line number Diff line number Diff line change
@@ -1,7 +1,12 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

#include "regs.h"
#define ARG0 RUSTRT_ARG0_S
#define ARG1 RUSTRT_ARG1_S

.text

/*
Expand All @@ -11,7 +16,7 @@ and Microsoft discussion at
http://msdn.microsoft.com/en-US/library/9z1stfyw%28v=VS.80%29.aspx.
BOTH CALLING CONVENTIONS
Callee save registers:
R12--R15, RDI, RSI, RBX, RBP, RSP
XMM0--XMM5
Expand All @@ -30,7 +35,7 @@ User flags have no specified role and are not preserved
across calls, with the exception of DF in %rFLAGS,
which must be clear (set to "forward" direction)
on function entry and return.
MICROSOFT CALLING CONVENTIONS
Return value: RAX
Expand All @@ -39,15 +44,15 @@ First four arguments:
RCX, RDX, R8, R9
XMM0, XMM1, XMM2, XMM3
*/

/*
Stores current registers into arg0/RCX and restores
registers found in arg1/RDX. This is used by our
implementation of getcontext. Only saves/restores nonvolatile
registers and the register used for the first argument.
Volatile registers in general ought to be saved by the caller
anyhow.
*/
*/

#if defined(__APPLE__) || defined(_WIN32)
#define SWAP_REGISTERS _swap_registers
Expand Down
7 changes: 6 additions & 1 deletion src/rt/arch/x86_64/ccall.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

/*
The function for switching to the C stack. It is called
__morestack because gdb allows any frame with that name to
Expand All @@ -10,7 +15,7 @@
#define ARG0 RUSTRT_ARG0_S
#define ARG1 RUSTRT_ARG1_S
#define ARG2 RUSTRT_ARG2_S

.text

#if defined(__APPLE__) || defined(_WIN32)
Expand Down
9 changes: 7 additions & 2 deletions src/rt/arch/x86_64/morestack.S
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

/*
__morestack
Expand Down Expand Up @@ -78,7 +83,7 @@ MORESTACK:
movq %r11, %rdx // Size of stack arguments
movq %rax, %rsi // Address of stack arguments
movq %r10, %rdi // The amount of stack needed

#ifdef __APPLE__
call UPCALL_NEW_STACK
#endif
Expand Down Expand Up @@ -132,7 +137,7 @@ MORESTACK:
popq %rax // Restore the return value
popq %rbp
ret

.cfi_endproc

#else
Expand Down
4 changes: 4 additions & 0 deletions src/rt/arch/x86_64/record_sp.S
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
// Mark stack as non-executable
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack, "", @progbits
#endif

0 comments on commit c0be7df

Please sign in to comment.