tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: PAX mprotect and JIT
In article <20170226153519.GA28284%britannica.bec.de@localhost>,
Joerg Sonnenberger <joerg%bec.de@localhost> wrote:
>On Sun, Feb 26, 2017 at 03:20:46PM +0000, Christos Zoulas wrote:
>> Any type of foreign API we introduce (MREMAP_DUP or whatever) we'll have to
>> maintain separate patches for (which is not that bad), instead of teaching
>> libffi (and friends) that we are like SE/Linux and we need to write
>> files for PaX (which is disgusting). Perhaps it is simpler to just allow
>> these transitions (rw- <-> r-x) by using an madvise(2) call.
>
>They are somewhat unrelated problems. Allow mprotect to move from RW to
>RX is one thing. That doesn't help if you want to do lazy compilation in
>a multi-threaded programs for example. That's the part that MREMAP_DUP
>solves. I wouldn't be surprised if other systems pick up the
>interface...
In that case, why don't we make an mdup(void *, size_t, ) system call instead
that dups the pages and sets the new permission on them; this way we get the
desired effect without touching mprotect? Or even call that mmap(, ... M_DUP)
to get the second ref (the M_DUP flag needs to be alone, except for the
alignment constraints).
christos
Home |
Main Index |
Thread Index |
Old Index