Date: Fri, 5 Feb 1999 13:05:03 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: John Polstra <jdp@polstra.com> Cc: committers@FreeBSD.ORG Subject: Re: cvs commit: src/sys/vm vm_unix.c Message-ID: <199902052105.NAA99296@apollo.backplane.com> References: <199902051827.KAA22713@vashon.polstra.com>
next in thread | previous in thread | raw e-mail | index | archive | help
:Wouldn't this change break things like just-in-time compilers, if :it weren't for the quirk that our currently-supported architectures :ignore VM_PROT_EXECUTE? : :I think it would be more correct to take the opposite approach and :make the ELF loader use VM_PROT_ALL. That's what is done for a.out. :I believe the stack already needs to be VM_PROT_ALL, because of the :signal trampoline code. : :I think we should change the ELF loader and RTLD to grant execute :permission whenever read permission is present. I'm willing to do :the work if there's agreement. : :John :-- : John Polstra jdp@polstra.com It shouldn't have an effect, simply because IA32 does not have an execute flag in its pte. Also, dynamic loaders and ( I expect ) JIT compilers use mmap() to allocate space. Using malloc() is rather dangerous since you can't be sure that the memory is pristine from the point of view of the instruction cache. Plus, a JIT compiler would also use mprotect(). So, given all of that plus the fact that the 'default' should be 'more secure' rather then 'less secure', I think it makes more sense to use VM_PROT_READ/WRITE rather then VM_PROT_ALL. -Matt Matthew Dillon <dillon@backplane.com> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199902052105.NAA99296>