This is the mail archive of the libffi-discuss@sourceware.org mailing list for the libffi project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Avoid stack/heap executable memory

That is quite slow, incurring no-execute traps. 

 - Jay

On May 4, 2016, at 5:42 AM, Anthony Green <green@moxielogic.com> wrote:

> Can't there be special kernel support for this kind of situation?
> Like https://pax.grsecurity.net/docs/emutramp.txt
> 
> (resent because original was bounced by sourceware)
> 
> AG
> 
> On Wed, May 4, 2016 at 6:17 AM, Andrew Haley <aph@redhat.com> wrote:
>> On 05/04/2016 12:32 AM, Richard Henderson wrote:
>>> Of course, this will change the ABI, but I think we can work around that (at
>>> least for ELF with symbol versioning), and also preserve the API.  Of course,
>>> there's a *lot* that can be cleaned up if we're willing to change the API...
>> 
>> For a long while now I've wanted to go in the opposite direction: to
>> use a small JIT compiler to generate efficient code for invocations in
>> both directions.  It doesn't have to be very complicated, and once
>> you've generated code for any particular set of arguments that shim
>> can be cached for use by any function with the same argument types.
>> This could either use an existing JIT library or a custom JIT created
>> just for libffi.  It would often be way more efficient than what we do
>> at present.
>> 
>> But it would keep bumping up against the "no executable and writable
>> memory!" meme.  Of course security is important, but I can't help
>> thinking that by being rigid about this we're performing a DOS attack
>> on ourselves.
>> 
>> Andrew.
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]