This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

trampolines: __disable_execute_stack ?


On some OSes, having the stack non executable is a security decision.

The current model of gcc does turn the stack executable to run trampolines,
and then, that's all....


Would it be possible to have a finer model, where you could possibly (if
it's defined) call later a __disable_execute_stack, once you've called
your trampoline.

I don't know how good the optimization machinery would be for grouping
this stuff together... Looking at the generated code with gcc 4.0 compared 
to 3.3.5, I already see a lot less calls to __enable_execute_stack.

This problem is especially dire on i386, where you can't protect
independent pages, but you have a frontier address, beyond which everything
is executable.   On that architecture, trampolines effectively disable
the protection...


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]