more on non-executable mappings on NetBSD

Pedro F. Giffuni giffunip at
Sun Nov 30 12:46:11 PST 2003


I know everyone is busy with the upcoming release, but JIC someone is
interested on this, I found this recent progress report post on NetBSD's lists:
Subject: more on non-executable mappings
To: None <tech-kern at>
From: Chuck Silvers <chuq at>
List: tech-kern
Date: 11/28/2003 11:57:21 
I'm getting back to looking at the rest of the non-executable mapping work
from openbsd.  (well, really this goes beyond that, to what they're calling
"W^X", meaning that any given part of the user address space should not be
both writable and executable.)  the remaining items are:

 (1) update the kernel ELF code to handle more than 2 PT_LOAD sections.

 (2) change the linker to put the PLT, GOT and rodata into their PT_LOAD
     sections so that they can have different permissions than the existing
     "text" and "data" load sections.

 (3) change the runtime linker to use mprotect() to enable write access
     to the PLT only when needed, leaving it read-only the rest of the time.

 (4) other MD issues with kernel support for non-executable mappings

     (a) i386 currently only supports non-execute for the part of the
         address space where the traditional unix stack lives.  this doesn't
         do anything for the data or bss sections, or the heap or mmap()d
         files (eg. shared libraries), or pthread stacks.
         the openbsd guys rearranged their user address space layout on i386
         fairly drastically to put all the executable mappings below
         a certain threshold.

     (b) powerpc OEA hardware only supports execute permissions at a
         segment (256MB) granularity.  ideally we would rearrange the
         user address space layout here as well to put all the executable
         mappings down in segment 0 in the usual case.

the first of these should be non-controversial and I have attached
a patch which implements it.  I'll commit it in a week or so if
there are no objections.

as for the other items, I'd like opinions on whether or not we want them,
and if we do, how we might achieve them with the fewest headaches.

The patch is here:
FWIW, I posted the CVS commit log of the initial work on the -hackers list some
time ago.



ps. I attempted to post this on -security but there was some error on my side
of the network.

Download Yahoo! Messenger now for a chance to win Live At Knebworth DVDs

More information about the freebsd-current mailing list