Re: Hooks and stacking

From: Stephen Smalley (sds@private)
Date: Thu Mar 31 2005 - 05:02:07 PST

On Wed, 2005-03-30 at 20:52 -0500, John Richard Moser wrote:
> 3.  I want control over the memory protections on the stack and heap.
> PT_GNU_STACK allows for an executable stack/heap.  Is there a way for me
> to control this so that I can i.e. mandatorily make the stack/heap
> PROT_READ|PROT_WRITE and never PROT_EXEC?  The only way I can see is to
> add a hook in load_elf_binary(). . . .
> In case anyone is wondering, as an excercise (but potentially as
> something I may aim at mainline), I'm trying to port some of the stuff
> from PaX into an LSM; particularly, the memory protection enhancements.
>  As a proof of concept, I'm considering supporting PT_PAX_FLAGS from the
> module; but I'm also considering a security label.  My concern with a
> security label is conflicting with SeLinux and having issues with ReiserFS.

Have you looked at the execmem and execmod controls added to SELinux in
kernels >= 2.6.11?  Look at the selinux_file_mmap and
selinux_file_mprotect hook functions and their shared helper function

As far as security labeling goes, you can easily start using your own
attribute name in the security namespace (e.g. security.pax) without any
conflict with SELinux, and reiserfs was recently fixed upstream to
interact well with security modules in dealing with security attributes.

Stephen Smalley <sds@private>
National Security Agency

This archive was generated by hypermail 2.1.3 : Thu Mar 31 2005 - 05:10:37 PST