Hello
I'm using Linux/x86 with the Grsecurity.org patch applied, which is enforcing page execution permissions (PAX) unless you turn them off on a binary using the "chpax" userspace tool.
This means - unless you turn it off - an executable that is executing code in a page which is not marked as executable is killed by the kernel, since this could be some attacker trying to execute code he had put into the process by abusing some buffer overflow or the like.
As I said, you can turn it off by modifying the executable with the chpax utility; but "perl Configure.pl" is compiling and executing binaries without leaving the user a chance to run this utility. The result is that parrot is (somewhat "correctly") built without JIT.
I've tried to find out where I could put a call to "chpax -s test" into the configuration process, but given up so far, that looks quite complicated.
The correct solution would be to mark the respective memory pages executable. I guess this would be done by calling mprotect(2). I'd welcome tips on whether this would be easy to do, or how - if I get enough confidence to get this work without too much work I'll do it and provide a patch.
Here's the output of perl Configure.pl --optimize:
...
Determining if your C library has a working S_ISREG...................done.
Determining architecture, OS and JIT capability.......................p = 0x8050000 PAGE_SIZE = 4096 (0x1000)
failure: Permission denied
done.
Running CPU specific stuff............................................done.
...
and here what the kernel log is telling:
Oct 15 21:19:05 elvis kernel: PAX: From 129.132.126.110: execution attempt in: <anonymous mapping>, 08050000-08051000 00006000
Oct 15 21:19:05 elvis kernel: PAX: From 129.132.126.110: terminating task: /COMPILE/parrot-0.1.1/test(test):23401, uid/euid: 1000/1000, PC: 08050000, SP: 5c994f3c
Oct 15 21:19:05 elvis kernel: PAX: bytes at PC: b8 01 00 00 00 c3 00 00 00 00 00 00 f9 0f 02 00 00 00 00 00
(.. repeating same thing several times.)
Christian.
