Source-Changes-D archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: src/sys/arch/mips/include
On Jul 22, 2014, at 2:40 PM, Alexander Nasonov <alnsn%yandex.ru@localhost>
wrote:
> Matt Thomas wrote:
>>
>> On Jul 22, 2014, at 2:27 PM, Alexander Nasonov <alnsn%yandex.ru@localhost>
>> wrote:
>>> I allocate with the X flag and it seems to work:
>>>
>>> /* in sljitExecAllocator.c */
>>> return (void *)uvm_km_alloc(module_map, size,
>>> PAGE_SIZE, UVM_KMF_WIRED | UVM_KMF_ZERO | UVM_KMF_EXEC);
>>
>> ok. Then you need don't a hook for cache flushing
>>
>> pmap_protect(vm_map_pamp(module_map), va, size) will do that for you.
>> At least for arm/mips/ppc/vax. (e.g. changing a writeable exec page
>> to read-only automatically causes it exec cleaned).
>
> sljit allocates 64K exec chucks which are managed by a special allocator.
> You need to run pmap_protect for each chunk. I think it's cheaper to
> flush icache.
Maybe. But I'd prefer executable code to be in read-only pages so that
malicious code can't be placed in them and executed. I think trading
space for security is a valid tradeoff.
Home |
Main Index |
Thread Index |
Old Index