Re: PAX mprotect and JIT

To: Kamil Rytarowski <n54%gmx.com@localhost>
Subject: Re: PAX mprotect and JIT
From: coypu%SDF.ORG@localhost
Date: Sun, 26 Feb 2017 14:43:25 +0000

On Sun, Feb 26, 2017 at 03:27:05PM +0100, Kamil Rytarowski wrote:
> On 26.02.2017 15:05, coypu%SDF.ORG@localhost wrote:
> > On Sun, Feb 26, 2017 at 02:52:39PM +0100, Kamil Rytarowski wrote:
> >> Can we have something like MAP_NOMPROTECT?  Something like it would be
> >> used to mmap(2) RWX region:
> >>
> >> void *mapping = mmap(NULL, rounded_size, PROT_READ | PROT_WRITE |
> >> PROT_EXEC, MAP_ANON | MAP_PRIVATE | MAP_NOMPROTECT, -1, 0);
> >>
> >> Are doubled mappings more secure than this?
> >>
> > 
> > what pax mprotect does is silently turn RWX mapping to RW.
> > 
> 
> What's the [security] difference between fooling and disabling mprotect
> for a memory region?
> 
> Is there a room to add this nomprotect allocator in libutil(3) to make
> it convenient to reuse out of libffi?
> 

Just disable it if you want RWX mappings. I don't see the problem.

References:
- PAX mprotect and JIT
  - From: Joerg Sonnenberger
- Re: PAX mprotect and JIT
  - From: Kamil Rytarowski
- Re: PAX mprotect and JIT
  - From: coypu
- Re: PAX mprotect and JIT
  - From: Kamil Rytarowski

Prev by Date: Re: PAX mprotect and JIT
Next by Date: Re: PAX mprotect and JIT
Previous by Thread: Re: PAX mprotect and JIT
Next by Thread: Re: PAX mprotect and JIT
Indexes:

Home | Main Index | Thread Index | Old Index