On Thu, Oct 13, 2011 at 11:30:12AM -0700, Marcel Moolenaar wrote: > > On Oct 13, 2011, at 11:20 AM, Kostik Belousov wrote: > > > The two commits removed NX support for .data/.bss for 32bit binaries > > Thon amd64. is is too unfortunate. Can we claim that only old > > Thbinaries need this hack ? > > I don't know. When did our ABI for i386 change to have NX by default? I think it changed de-facto when NX appears to be supported by hardware. In other words, PF_R->PF_X was always considered a coincident, and not a promise.
I think we can claim that the moment FreeBSD gained PAE support, it happen. I would suggest to add a sysctl, say kern.elf32.readable_nx, with the values: 0 - strictly follow segment permissions 1 - PF_R implies PF_X if p_osrel < 600000 2 - PF_R always implied PF_X for 32bit binaries.
pgpsygOha8gqW.pgp
Description: PGP signature
