DragonFly BSD
DragonFly commits List (threaded) for 2003-12
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: cvs commit: src/contrib/gcc protector.c protector.h Makefile.in calls.c combine.c cse.c explow.c expr.c flags.h function.c gcse.c integrate.c libgcc2.c loop.c optabs.c reload1.c toplev.c src/gnu/usr.bin/cc/cc_int Makefile


To: Richard Coleman <Richard.Coleman@xxxxxxxxxx>
From: Max Laier <max@xxxxxxxxxxxxxx>
Date: Fri, 12 Dec 2003 15:46:58 +0100
Cc: Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx>

Richard Coleman wrote:
Matthew Dillon wrote:

I don't know who comes up with these names. W^X? IA32 does not support
fine-grained permissions, the only way to make the stack non-executable
is to modify the SS segment register and while this does work, it creates
severe restrictions on how threaded programs can operate.
-Matt
Matthew Dillon <dillon@xxxxxxxxxxxxx>



Yes, but OpenBSD supports other archs besides IA32. I think it was IA32 and PowerPC that didn't have the bits necessary to do W^X properly. So the OpenBSD folks did the best they could with the bits that were provided. I think it's pretty exciting stuff.

from http://www.openbsd.org/papers/csw03.mgp: >> i386 PROT_EXEC best-effort >> >> i386 lacks per-page X bit >> >> Only significant relevant hardware feature: >> code segment limit >> 3.2/3.3: points below bottom of stack -> no-exec stack >> >> Link each shared object to have 1GB gap between code & data >> >> Map all text segments low, all data segments 1GB higher >> >> Set code segment limit register to point up to highest PROT_EXEC page >> (floating CS limit) >> Normally somewhere below 1GB >> >> Will be in 3.4: W^X on i386 >> >> Changing CS limit is a bit expensive: slight overhead

--
Best regards,				| max@xxxxxxxxxxxxxx
Max Laier				| ICQ #67774661
http://pf4freebsd.love2party.net/	| mlaier@EFnet #DragonFlyBSD




[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]