Christian Jaeger <[EMAIL PROTECTED]> wrote:
> Hello
> I'm using Linux/x86 with the Grsecurity.org patch applied, which is
> enforcing page execution permissions (PAX) unless you turn them off
> on a binary using the "chpax" userspace tool.
[ ... ]
> The correct solution would be to mark the respective memory pages
> executable. I guess this would be done by calling mprotect(2).
We should already do that - or better the hooks are there.
> welcome tips on whether this would be easy to do, or how - if I get
> enough confidence to get this work without too much work I'll do it
> and provide a patch.
Ok. There is a test in config/auto/jit/test_exec_openbsd.in, which is
run from jit.pl. This should result in $PConfig{has_exec_protect} = 1.
You can verify that by e.g.
$ perl Configure.pl --verbose-step=JIT
> Here's the output of perl Configure.pl --optimize:
> ...
> Determining if your C library has a working S_ISREG...................done.
> Determining architecture, OS and JIT
> capability.......................p = 0x8050000 PAGE_SIZE = 4096
> (0x1000)
> failure: Permission denied
But it seems that the test has the $osname in it, and the test isn't
running. And the next test (for fcomip) will fail too. That needs either
duplicating the test or running it for bsd and linux.
Anyway, JIT memory is allocate by mem_alloc_executable(), which should
do the right thing i.e. call mprotect().
> Christian.
Thanks,
leo
