Kernel warns of executable stack

Christophe Leroy christophe.leroy at c-s.fr
Thu Apr 23 06:00:33 UTC 2020 

Hi again Chris,

On 04/23/2020 05:29 AM, Christophe Leroy wrote:
> Hi,
> 
> Christophe
> 
> Le 23/04/2020 à 03:13, Chris Packham a écrit :
>> Hi,
>>
>> I'm just in the process of updating our products to Linux v5.6 and one
>> of them produces a new warning message from the kernel about busybox
>> (v1.31.1)
>>
>>    kernel: process '/bin/busybox' started with executable stack
> 
> Got similar discussion about klibc 2 monthes ago, look at 
> https://lists.zytor.com/archives/klibc/2020-February/004271.html
> 
>>
>> The target in question is a mips64 (octeon3). We have other targets
>> (mips32, armv7, ppc32, ppc64) which don't complain.
>>
>> Some searching led me to
>>
>> https://lore.kernel.org/lkml/20191208171918.GC19716@avx2/
>>
>> Which suggests I should be filing a bug report with the vendor so here
>> I am.
> 
> Did you have a look into busybox bugzilla ? https://bugs.busybox.net/
> 
>>
>> Here's some readelf output from the binary
> 
> Can you perform "objdump -x " on your binary ?
> 

I tried readelf on my busybox binary (ppc32), I get:


Elf file type is EXEC (Executable file)
Entry point 0x100046bc
There are 8 program headers, starting at offset 52

Program Headers:
   Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
   PHDR           0x000034 0x10000034 0x10000034 0x00100 0x00100 R E 0x4
   INTERP         0x000134 0x10000134 0x10000134 0x0000d 0x0000d R   0x1
       [Requesting program interpreter: /lib/ld.so.1]
   LOAD           0x000000 0x10000000 0x10000000 0xbbb40 0xbbb40 R E 0x10000
   LOAD           0x0bbb40 0x100cbb40 0x100cbb40 0x0029f 0x01c58 RWE 0x10000
   DYNAMIC        0x0bbb90 0x100cbb90 0x100cbb90 0x000e8 0x000e8 RW  0x4
   NOTE           0x000144 0x10000144 0x10000144 0x00020 0x00020 R   0x4
   GNU_EH_FRAME   0x0bba18 0x100bba18 0x100bba18 0x00024 0x00024 R   0x4
   GNU_STACK      0x000000 0x00000000 0x00000000 0x00000 0x00000 RW  0x10


As a comparison, for the klibc topic I was mentionning earlier, I get:


Elf file type is EXEC (Executable file)
Entry point 0x10000140
There are 5 program headers, starting at offset 52

Program Headers:
   Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
   PHDR           0x000034 0x10000034 0x10000034 0x000a0 0x000a0 R E 0x4
   INTERP         0x0000d4 0x100000d4 0x100000d4 0x0002a 0x0002a R   0x1
       [Requesting program interpreter: 
/lib/klibc-WRQRzWcFMzsfxuuIUVGHxDcgmhA.so]
   LOAD           0x000000 0x10000000 0x10000000 0x10928 0x10928 R E 0x10000
   LOAD           0x010928 0x10020928 0x10020928 0x00144 0x04880 RW  0x10000
   GNU_STACK      0x000000 0x00000000 0x00000000 0x00000 0x00000 RWE 0x10


Which here clearly shows the GNU_STACK is RWE in the problematic case.

In your readelfs, we can't see the stack.

Christophe

More information about the busybox mailing list