From owner-freebsd-hackers@FreeBSD.ORG Tue Nov 17 12:29:00 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6D7761065672 for ; Tue, 17 Nov 2009 12:29:00 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from mail.zoral.com.ua (skuns.zoral.com.ua [91.193.166.194]) by mx1.freebsd.org (Postfix) with ESMTP id B23BB8FC08 for ; Tue, 17 Nov 2009 12:28:59 +0000 (UTC) Received: from deviant.kiev.zoral.com.ua (root@deviant.kiev.zoral.com.ua [10.1.1.148]) by mail.zoral.com.ua (8.14.2/8.14.2) with ESMTP id nAHCStie044064 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 17 Nov 2009 14:28:55 +0200 (EET) (envelope-from kostikbel@gmail.com) Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.14.3/8.14.3) with ESMTP id nAHCSslt074054; Tue, 17 Nov 2009 14:28:54 +0200 (EET) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.14.3/8.14.3/Submit) id nAHCSsoB074053; Tue, 17 Nov 2009 14:28:54 +0200 (EET) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Tue, 17 Nov 2009 14:28:54 +0200 From: Kostik Belousov To: Sharad Chandra Message-ID: <20091117122854.GB2331@deviant.kiev.zoral.com.ua> References: <200911171529.20098.sharadc@in.niksun.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="zxXm0cXfUFja8sIt" Content-Disposition: inline In-Reply-To: <200911171529.20098.sharadc@in.niksun.com> User-Agent: Mutt/1.4.2.3i X-Virus-Scanned: clamav-milter 0.95.2 at skuns.kiev.zoral.com.ua X-Virus-Status: Clean X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on skuns.kiev.zoral.com.ua Cc: freebsd-hackers@freebsd.org, Manprit Singh Subject: Re: mprotect(2) clears the flag for whole page which causes program crash. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Nov 2009 12:29:00 -0000 --zxXm0cXfUFja8sIt Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Nov 17, 2009 at 03:29:19PM +0530, Sharad Chandra wrote: > Hi, >=20 > mportect clears the exec flag of whole page by which my program crashed. = I am=20 > attaching sample code. It is performing below task >=20 > 1) allocate memory1 > 2) allocate memory2 > 3) change permission of memory 1 and 2 to exec by mprotect. > 4) clear the exec permission of memory 1 and free it. > 5) execute the memory2 by mapping to pointer function. > 6) clear the exec permission of memory 2 and free it. >=20 > Program crashed at step 5 if memory 1 and 2 are in same page. >=20 > $ uname -a > FreeBSD app164.in.niksun.com 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Fri May = 1=20 > 07:18:07 UTC 2009 =20 > root@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 >=20 > $ gcc -g -o test -Wall mprotect.c > $ ./test > mem1 at: 34369183888 > mem2 at: 34369183892 > address difference: 4 > test_func1 function returned 0 > test_func2 will crash here > Segmentation fault (core dumped) >=20 > Is it known bug or is there any workaround? How will a userland process m= ake=20 > sure that process will not crash as malloc(3) can allocate where ever it = get=20 > the memory free to use. Attachment was stripped. Anyway, mprotect(2) works on the page granularity. The first sentence from the mprotect manpage says: The mprotect() system call changes the specified pages to have protection prot. By design, mprotect uses hardware capabilities of the processor' MMU to enforce the protection, and MMU works on the page granularity. --zxXm0cXfUFja8sIt Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (FreeBSD) iEYEARECAAYFAksClwYACgkQC3+MBN1Mb4hdwgCglwB2VNql/2G/hZeK8W4gs6sa 5GsAoNym0s9XTi0Vergq9WFGNzBqc7AH =ioon -----END PGP SIGNATURE----- --zxXm0cXfUFja8sIt--