Ticket History #7813: AES-NI support in 1.12 and executable stacks

# Fri Jan 03 13:25:38 2014 <nalin@redhat.com> - Ticket created

Date:	Fri, 3 Jan 2014 00:01:55 -0500
From:	Nalin Dahyabhai <nalin@redhat.com>
To:	krb5-bugs@mit.edu
Subject:	AES-NI support in 1.12 and executable stacks

Download (untitled) / with headers
text/plain 632B

I just recently tweaked the build of 1.12 for our development branch to
take advantage of the new AES-NI support, but overlooked that by
default, the assembler-generated object files don't include an empty
.note.GNU-stack section.

When the linker goes to include them into the libk5crypto shared
library, the resulting library is marked as needing its stack to be set
executable, and that trips various protections implemented elsewhere.

Dhiru Kholia was kind enough to supply a candidate patch which adds the
section in a bug report [1]; I'm attaching it.

Thanks,

Nalin

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1045699

Download krb5-1.12-enable-NX.patch
text/plain 1.1KiB

Message body is not shown because sender requested not to inline it.

# Fri Jan 03 20:05:07 2014 ghudson@mit.edu (Greg Hudson) - Given to ghudson@mit.edu (Greg Hudson)

# Fri Jan 03 20:05:07 2014 ghudson@mit.edu (Greg Hudson) - Target_Version 1.12.1 added

# Fri Jan 03 20:05:07 2014 ghudson@mit.edu (Greg Hudson) - Status changed from 'new' to 'review'

# Fri Jan 03 20:05:07 2014 ghudson@mit.edu (Greg Hudson) - Tags pullup added

# Fri Jan 03 20:05:07 2014 ghudson@mit.edu (Greg Hudson) - Correspondence added

From:	ghudson@mit.edu
Subject:	git commit

Download (untitled) / with headers
text/plain 837B

Mark AESNI files as not needing executable stacks

Some Linux systems now come with facilities to mark the stack as
non-executable, making it more difficult to exploit buffer overrun
bugs. For this to work, object files built from assembly need a
section added to note whether they require an executable stack.

Patch from Dhiru Kholia with comments added. More information at:
https://bugzilla.redhat.com/show_bug.cgi?id=1045699
https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart

https://github.com/krb5/krb5/commit/c64e39c69a9a7ee32c00b0cf7918f6274a565544
Author: Greg Hudson <ghudson@mit.edu>
Commit: c64e39c69a9a7ee32c00b0cf7918f6274a565544
Branch: master
src/lib/crypto/builtin/aes/iaesx64.s | 11 +++++++++++
src/lib/crypto/builtin/aes/iaesx86.s | 11 +++++++++++
2 files changed, 22 insertions(+), 0 deletions(-)

# Wed Jan 08 22:30:41 2014 tlyu (Taylor Yu) - Status changed from 'review' to 'resolved'

# Wed Jan 08 22:30:41 2014 tlyu (Taylor Yu) - Version_Fixed 1.12.1 added

# Wed Jan 08 22:30:41 2014 tlyu (Taylor Yu) - Correspondence added

From:	tlyu@mit.edu
Subject:	git commit

Download (untitled) / with headers
text/plain 943B

Mark AESNI files as not needing executable stacks

Some Linux systems now come with facilities to mark the stack as
non-executable, making it more difficult to exploit buffer overrun
bugs. For this to work, object files built from assembly need a
section added to note whether they require an executable stack.

Patch from Dhiru Kholia with comments added. More information at:
https://bugzilla.redhat.com/show_bug.cgi?id=1045699
https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart

(cherry picked from commit c64e39c69a9a7ee32c00b0cf7918f6274a565544)

https://github.com/krb5/krb5/commit/1cc36f83ae13d91c255c92add19bbfea54a4e9a0
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: 1cc36f83ae13d91c255c92add19bbfea54a4e9a0
Branch: krb5-1.12
src/lib/crypto/builtin/aes/iaesx64.s | 11 +++++++++++
src/lib/crypto/builtin/aes/iaesx86.s | 11 +++++++++++
2 files changed, 22 insertions(+), 0 deletions(-)

# Wed Dec 16 18:03:01 2015 tlyu (Taylor Yu) - CustomField pullup deleted