Anyone protecting the stack?
Matthew Dillon
dillon at apollo.backplane.com
Thu Sep 18 18:07:26 PDT 2003
The problem is that it's a big hack. On IA32 there is *NO* pte
flag to control the ability to execute within a page, so the only
way to protect against execution is to limit the user code segment (%cs)
GDT entry.
-Matt
Matthew Dillon
<dillon at xxxxxxxxxxxxx>
:Pedro Giffuni wrote:
:
:: I posted this to freebsd-hackers and everyone seemed to agree it was
:: extremely interesting and that it had to be done, but AFAICT no one is
:: doing the tough work. JIC anyone here is interested I repost the link to
:: NetBSD's commit log:
::
:: http://mail-index.netbsd.org/source-changes/2003/08/24/0027.html
::
:
: Hmm, is this just the pmap mappings that are made non executable
: if supported by hardware? Well, aside from the pmap parts, I am
: not sure we really want this...
:
: ... I am understanding right and per the research I have done
: previously on non-exec stacks, it seems JIT compilers and the
: new Perl interpreter do not support this, although, I maybe a
: little outdated on this information.
:
: If it can be done without harming any functionality, it will be
: great!
:
: Regards,
:
:--
:Hiten Pandya
:hmp at xxxxxxxxxxxxx
More information about the Kernel
mailing list