Solaris noexec_user_stack Issues

Question

Would enabling noexec_user_stack parameter in Solaris prevent some geniune programs from running? Has anyone tested this setting please?

Answer 1

Java uses just in time (JIT) compiling which means it will generate code on the fly and run it in writable/data sections. This is most likely implemented in the heap with mprotect() on pages or in an anonymous mapping via mmap(), both of which will probably have PROT_READ|PROT_WRITE|PROT_EXEC at a low level. However, I don't believe Java does JIT on the actual stack, so you may not have issues with Java on Solaris with this limited memory protection, though you would have problems on Linux systems with PaX in Linux (fixable with paxctlor problems with the relatively newer W^X on OpenBSD. When it comes to Solaris, I suspect you probably won't since Oracle owns both Sun and Java and strongly pushes their use together.

So, if Java immediately and consistently crashes, no-exec stack is likely why. But you should be OK.

EDIT: I said "relatively new" not to imply W^X is "new" but to point out that it came along after PaX was "a thing." W^X is just a small subset of the features of PaX that came along later

Answer 2

Older versions of GCC in 32bit mode can create code that relies on executable stacks (Nested Functions / Trampolines). See also Implementation of nested functions and Example of executable stack in Linux (i386 architecture) on StackOverflow.

This is known to be "broken" by noexec_user_stack in Solaris (just as noexec stacks do in Linux), and yes it's one way to test the effectiveness of the feature.