libADM_vf_ssa.so cannot be loaded

Started by douche, October 15, 2016, 03:55:57 PM

Previous topic - Next topic

douche

The plugin libADM_vf_ssa.so uses writable+executable memory and cannot be loaded when you use a grsecurity kernel with PaX.

When starting Avidemux i get this message in its log:
$ avidemux
...
[ADM_vf_plugin] Plugin loaded version 1.0.0, name changeFps/Change FPS
[ADM_vf_plugin] Plugin loaded version 1.0.0, name kerndelDeint/Kernel Deint.
Unable to load [/usr/lib/ADM_plugins6//videoFilters/libADM_vf_ssa.so]: /usr/lib/ADM_plugins6//videoFilters/libADM_vf_ssa.so: cannot change memory protections: Permission denied
[ADM_vf_plugin] Unable to load libADM_vf_ssa.so
[ADM_vf_plugin] Plugin loaded version 1.0.0, name fluxsmooth/FluxSmooth
[ADM_vf_plugin] Plugin loaded version 1.0.0, name rotate/Rotate
...


This is the output of dmesg:
# dmesg -c
[10545.764669] grsec: denied marking stack executable as requested by PT_GNU_STACK marking in /usr/lib/ADM_plugins6/videoFilters/libADM_vf_ssa.so by /usr/bin/avidemux3_qt4[avidemux:9292] uid/euid:1011/1011 gid/egid:1011/1011, parent /bin/bash[bash:9287] uid/euid:1011/1011 gid/egid:1011/1011
[10545.764755] grsec: denied RWX mprotect of /lib/x86_64-linux-gnu/ld-2.18.so by /usr/bin/avidemux3_qt4[avidemux:9292] uid/euid:1011/1011 gid/egid:1011/1011, parent /bin/bash[bash:9287] uid/euid:1011/1011 gid/egid:1011/1011


I have really a hard time believing that libADM_vf_ssa.so really needs an executable stack.

$ objdump -p /usr/lib/ADM_plugins6/videoFilters/libADM_vf_ssa.so

/usr/lib/ADM_plugins6/videoFilters/libADM_vf_ssa.so:     file format elf64-x86-64

Program Header:
    LOAD off    0x0000000000000000 vaddr 0x0000000000000000 paddr 0x0000000000000000 align 2**21
         filesz 0x000000000002b4c4 memsz 0x000000000002b4c4 flags r-x
    LOAD off    0x000000000002b908 vaddr 0x000000000022b908 paddr 0x000000000022b908 align 2**21
         filesz 0x0000000000001038 memsz 0x0000000000001298 flags rw-
DYNAMIC off    0x000000000002bcf8 vaddr 0x000000000022bcf8 paddr 0x000000000022bcf8 align 2**3
         filesz 0x0000000000000290 memsz 0x0000000000000290 flags rw-
    NOTE off    0x00000000000001c8 vaddr 0x00000000000001c8 paddr 0x00000000000001c8 align 2**2
         filesz 0x0000000000000024 memsz 0x0000000000000024 flags r--
EH_FRAME off    0x0000000000027bc0 vaddr 0x0000000000027bc0 paddr 0x0000000000027bc0 align 2**2
         filesz 0x0000000000000814 memsz 0x0000000000000814 flags r--
   STACK off    0x0000000000000000 vaddr 0x0000000000000000 paddr 0x0000000000000000 align 2**4
         filesz 0x0000000000000000 memsz 0x0000000000000000 flags rwx
   RELRO off    0x000000000002b908 vaddr 0x000000000022b908 paddr 0x000000000022b908 align 2**0
         filesz 0x00000000000006f8 memsz 0x00000000000006f8 flags r--


How is possible to find out why the library gets its stack marked as "rwx" (read, write and also execute/executable)? I think the file libADM_vf_ssa.so is generated from the source file ADM_vidASS.cpp, but there i don't see any strange code that could require an executable stack (maybe i just don't see it).
I use Avidemux built from deb-multimedia, but all other libraries load and avidemux works perfectly. So i think that the gcc compiling flags are ok. If there is some code that forces the usage of an executable stack such as trampolines it would be nice if somebody could rewrite such code without forcing the gcc to generate them  ;D