Date: Fri, 04 Nov 2005 00:39:54 +0100 From: martinko <martinkov@pobox.sk> To: freebsd-security@freebsd.org Subject: Re: Non-executable stack Message-ID: <dke74a$ebb$2@sea.gmane.org> In-Reply-To: <43690E40.5040705@elischer.org> References: <200510270608.51571.db@traceroute.dk> <200510291242.16461.db@traceroute.dk> <20051029131519.GA22254@ada.devbox.be> <200510291412.57656.db@traceroute.dk> <86pspjz0xu.fsf@xps.des.no> <43690E40.5040705@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Julian Elischer wrote: > Dag-Erling Smørgrav wrote: > >> db <db@traceroute.dk> writes: >> >> >>> Memory on ia32 can be writable and readable. When it is readable it >>> is also executable. On other arch's like AMD64 and IA64, I believe >>> memory can be readable, writable and executable. >>> >> >> >> Not quite. IA32 can make individual segments readable, writable and / >> or executable, but lacks the ability to do so on a per-page basis. >> Since we have trampoline code at the top of the stack, the entire >> stack segment must be executable. Moving the trampoline off the stack >> would solve the problem on all platforms. >> >> > > There has been recent talk of a shared kernel/user memory page.. > that could be used for trampoline code. > >> W^X across the board is not an option - it would break HotSpot and >> other JIT-based software. >> >> DES >> >> > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > > and what exactly is that trampoline btw/pls ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?dke74a$ebb$2>