This is the mail archive of the libffi-discuss@sourceware.org mailing list for the libffi project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Add support for PaX enable kernels (MPROTECT)

Hi Magnus,

  I'm OK with this change.  Does the PaX kernel feature really
identify libffi trampolines, or do they look enough like the GCC
nested function trampolines that it just works?

  I would like an explanation for FFI_DISABLE_EMUTRAMP.   Why would I
want to disable this at runtime?  Please also send me a patch for the
README explaining its use.

Thanks!

Anthony Green


On Wed, Sep 26, 2012 at 7:47 PM, Magnus Granberg <zorry@gentoo.org> wrote:
> lördag 22 september 2012 16.08.18 skrev  Magnus Granberg:
>> Hi
>>
>> When we use the libffi on PaX enable kernels with MPROTECT enable we can't
>> use PROT_EXEC for it get killed. We use the EMUTRAMP Option in PaX enable
>> kernels to make it work and we need some code added to the src/closures.c
>> to make it work.The new configure option will turn the code of or on.
>> You can read more of the problem we have on
>> https://bugs.gentoo.org/show_bug.cgi?id=329499
>>
> ......
> Can the patch be included in next version of libffi?
>
> Gentoo Hardened Project
> Magnus Granberg
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]