Re: can we make anonymous memory non-EXECUTABLE?

From: David Mosberger (davidm@napali.hpl.hp.com)
Date: Tue Jan 08 2002 - 14:12:45 EST

Next message: David Mosberger: "Re: [Linux-ia64] Re: can we make anonymous memory non-EXECUTABLE?"
Previous message: Eric S. Raymond: "Re: Missing entries in Configuure.help)"
In reply to: David S. Miller: "Re: can we make anonymous memory non-EXECUTABLE?"
Next in thread: Albert D. Cahalan: "Re: can we make anonymous memory non-EXECUTABLE?"
Reply: Albert D. Cahalan: "Re: can we make anonymous memory non-EXECUTABLE?"
Reply: H. Peter Anvin: "Re: can we make anonymous memory non-EXECUTABLE?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> On Mon, 07 Jan 2002 22:02:08 -0800 (PST), "David S. Miller" <davem@redhat.com> said:

  DaveM> I assume this hack is "have a software EXECUTE bit, initially
  DaveM> only set the software one, when we take a fault on execute
  DaveM> set the hardware bit and maybe flush the Icache". If so,
  DaveM> what is the big deal? :-)

Yes. Hey, don't get me wrong: I'm *proud* of that solution, but if
the alternative is to completely get rid of the problem in the first
place, that is always preferable (simplicity rules).

DaveM> I think changing this behavior is going to silently break
DaveM> things on many architectures.

I don't consider SIGSEGV to be a silent failure. Also, I think
all the evidence is that it's unlikely to break many existing
apps:

        o The bug I described has been present for *years* on
          Alpha and probably all other platforms other than x86;
          even on ia64 it took almost two years before someone
          noticed. It's possible that nobody noticed because
          the code generators were part of a larger program,
          but it's very likely that anyone writing a test program
          would have allocated the non-executable memory, so you'd
          expect *someone* to have run into it at some point.

        o Certain libraries such as the Boehm Garbage Collector
          already turn off execute permission by default. While
          there may not be that many apps that use it in a production
          environment, it is my impression that many developers are
          using it as a memory-leak detector (e.g., Mozilla does that).

  DaveM> Secondly, I do not see any
  DaveM> real gain from any of this and my ports are those that have
  DaveM> I-cache coherency issues :-)

I think that's fine. If the consensus is that apps *should* use
mprotect() to get executable permission (Linus implied as much) and
it's an architecture specific choice as to whether this is enforced,
I'm happy. My belief is that we could make this change on ia64
without undue burden on programmers. If not, I'm sure I'll find out
about it and I'm willing to take the responsibility.

--david
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Mosberger: "Re: [Linux-ia64] Re: can we make anonymous memory non-EXECUTABLE?"
Previous message: Eric S. Raymond: "Re: Missing entries in Configuure.help)"
In reply to: David S. Miller: "Re: can we make anonymous memory non-EXECUTABLE?"
Next in thread: Albert D. Cahalan: "Re: can we make anonymous memory non-EXECUTABLE?"
Reply: Albert D. Cahalan: "Re: can we make anonymous memory non-EXECUTABLE?"
Reply: H. Peter Anvin: "Re: can we make anonymous memory non-EXECUTABLE?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Jan 15 2002 - 21:00:23 EST