summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2012-05-04 22:51:59 -0400
committerRich Felker <dalias@aerifal.cx>2012-05-04 22:51:59 -0400
commit7e4d79464adc3140b03f6e92a902d061c99b9ebe (patch)
tree9ba88cd3bcefe5bb23234c21de44dbc550d779d6 /src
parentf8e054f95197bf9c4463122fba3ebc586d4a99f6 (diff)
downloadmusl-7e4d79464adc3140b03f6e92a902d061c99b9ebe.tar.gz
musl-7e4d79464adc3140b03f6e92a902d061c99b9ebe.tar.bz2
musl-7e4d79464adc3140b03f6e92a902d061c99b9ebe.tar.xz
musl-7e4d79464adc3140b03f6e92a902d061c99b9ebe.zip
make pthread stacks non-executable
this change is necessary or pthread_create will always fail on security-hardened kernels. i considered first trying to make the stack executable and simply retrying without execute permissions when the first try fails, but (1) this would incur a serious performance penalty on hardened systems, and (2) having the stack be executable is just a bad idea from a security standpoint. if there is real-world "GNU C" code that uses nested functions with threads, and it can't be fixed, we'll have to consider other ways of solving the problem, but for now this seems like the best fix.
Diffstat (limited to 'src')
-rw-r--r--src/thread/pthread_create.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/thread/pthread_create.c b/src/thread/pthread_create.c
index c3b65ae9..917be54f 100644
--- a/src/thread/pthread_create.c
+++ b/src/thread/pthread_create.c
@@ -104,7 +104,7 @@ int pthread_create(pthread_t *res, const pthread_attr_t *attr, void *(*entry)(vo
size = guard + ROUND(attr->_a_stacksize + DEFAULT_STACK_SIZE);
}
size += __pthread_tsd_size;
- map = mmap(0, size, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANON, -1, 0);
+ map = mmap(0, size, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANON, -1, 0);
if (map == MAP_FAILED) return EAGAIN;
if (guard) mprotect(map, guard, PROT_NONE);