This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH] W^X Java closure fixes
- From: Andrew Haley <aph at redhat dot com>
- To: Jakub Jelinek <jakub at redhat dot com>
- Cc: gcc-patches at gcc dot gnu dot org, java-patches at gcc dot gnu dot org, Alexandre Oliva <aoliva at redhat dot com>
- Date: Fri, 30 Mar 2007 11:03:05 +0100
- Subject: Re: [PATCH] W^X Java closure fixes
- References: <20070329223135.GH355@devserv.devel.redhat.com>
Jakub Jelinek writes:
> libjava now (thanks to Alex) uses ffi_closure_{alloc,free} to allocate
> trampolines separately. But boehm-gc's default hasn't been changed, which
> means all GC memory is still executable (where allowed) or just will fail
> to mmap (if e.g. SELinux policy disallows PROT_WRITE|PROT_EXEC mappings).
> The following patch changes that, by setting NO_EXECUTE_PERMISSION always
> to 1 in gcc's boehm-gc (not sure what should boehm-gc's upstream do here,
> it can't be so sure nobody uses GC memory for code).
> Additionally, the patch has a quick check for SELinux presence on Linux
> and will skip the PROT_READ|PROT_WRITE|PROT_EXEC mmap if it is (while try it
> if SELinux is not present or on other OSes), because such mmap would trigger
> annoying audit messages.
>
> Ok for trunk?
This should go upstream. We don't want any divergence here.
Andrew.
--
Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SL4 1TE, UK
Registered in England and Wales No. 3798903