This is the mail archive of the
libffi-discuss@sourceware.org
mailing list for the libffi project.
Re: [PATCH] Add support for PaX enable kernels (MPROTECT)
tisdag 30 oktober 2012 14.10.29 skrev Anthony Green:
> Hi Magnus,
>
> I'm OK with this change. Does the PaX kernel feature really
> identify libffi trampolines, or do they look enough like the GCC
> nested function trampolines that it just works?
Yes, it identify both libffi trampolines and GCC
nested function trampolines.
> I would like an explanation for FFI_DISABLE_EMUTRAMP. Why would I
> want to disable this at runtime?
To increase performance in some use cases, because EMUTRAMP is slower than
native code execution.
> Please also send me a patch for the
> README explaining its use.
>
> Thanks!
>
> Anthony Green
>
Gentoo Hardened Project
Magnus Granberg
New Changelog
2012-11-07 Magnus Granberg <zorry@gentoo.org>
Pavel Labushev <pavel.labushev@runbox.no>
* configure.ac: Add --enable-pax_emutramp for PaX enable kernels.
* src/closures.c: Add emutramp_enabled_check. Don't mmap with PROT_EXEC
on PaX enable Kernels.
* README: Add description for --enable-pax_emutramp.
* fficonfig.h.in: Rebuilt.
* configure.ac: Rebuilt.
------
--- a/configure.ac 2012-09-17 16:51:53.188615663 +0200
+++ b/configure.ac 2012-09-19 23:20:49.321666120 +0200
@@ -347,6 +347,13 @@ if test x$TARGET = xX86_WIN64; then
fi
fi
+# On PaX enable kernels that have MPROTECT enable we can't use PROT_EXEC.
+AC_ARG_ENABLE(pax_emutramp,
+ [ --enable-pax_emutramp enable pax emulated trampolines, for we can't use PROT_EXEC],
+ if test "$enable_pax_emutramp" = "yes"; then
+ AC_DEFINE(FFI_MMAP_EXEC_EMUTRAMP_PAX, 1,
+ [Define this if you want to enable pax emulated trampolines])
+ fi)
FFI_EXEC_TRAMPOLINE_TABLE=0
case "$target" in
--- a/src/closures.c 2012-09-19 23:37:09.648695333 +0200
+++ b/src/closures.c 2012-09-19 23:19:30.000000000 +0200
@@ -172,6 +172,27 @@ selinux_enabled_check (void)
#endif /* !FFI_MMAP_EXEC_SELINUX */
+/* On PaX enable kernels that have MPROTECT enable we can't use PROT_EXEC. */
+#ifdef FFI_MMAP_EXEC_EMUTRAMP_PAX
+#include <stdlib.h>
+
+static int emutramp_enabled = -1;
+
+static int
+emutramp_enabled_check (void)
+{
+ if (getenv ("FFI_DISABLE_EMUTRAMP") == NULL)
+ return 1;
+ else
+ return 0;
+}
+
+#define is_emutramp_enabled() (emutramp_enabled >= 0 ? emutramp_enabled \
+ : (emutramp_enabled = emutramp_enabled_check ()))
+#else
+#define is_emutramp_enabled() 0
+#endif /* FFI_MMAP_EXEC_EMUTRAMP_PAX */
+
#elif defined (__CYGWIN__) || defined(__INTERIX)
#include <sys/mman.h>
@@ -458,6 +479,12 @@ dlmmap (void *start, size_t length, int
printf ("mapping in %zi\n", length);
#endif
+ if (execfd == -1 && is_emutramp_enabled ())
+ {
+ ptr = mmap (start, length, prot & ~PROT_EXEC, flags, fd, offset);
+ return ptr;
+ }
+
if (execfd == -1 && !is_selinux_enabled ())
{
ptr = mmap (start, length, prot | PROT_EXEC, flags, fd, offset);
--- a/README 2012-09-17 16:51:53.172615663 +0200
+++ b/README 2012-11-07 00:21:24.446551682 +0100
@@ -118,6 +118,12 @@ will add some extra code which will supp
are using Purify with libffi. Only use this switch when using
Purify, as it will slow down the library.
+If you want to enable support for emulated trampolines on PaX-enabled
+Linux kernels, use the --enable-pax-emutramp configure switch. It will also
+prevent libffi from allocating memory that is both writable and executable
+on the Linux target architectures for which libffi doesn't use executable
+trampolines at all.
+
It's also possible to build libffi on Windows platforms with
Microsoft's Visual C++ compiler. In this case, use the msvcc.sh
wrapper script during configuration like so: