This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] W^X Java closure fixes


Jakub Jelinek writes:

 > libjava now (thanks to Alex) uses ffi_closure_{alloc,free} to allocate
 > trampolines separately.  But boehm-gc's default hasn't been changed, which
 > means all GC memory is still executable (where allowed) or just will fail
 > to mmap (if e.g. SELinux policy disallows PROT_WRITE|PROT_EXEC mappings).
 > The following patch changes that, by setting NO_EXECUTE_PERMISSION always
 > to 1 in gcc's boehm-gc (not sure what should boehm-gc's upstream do here,
 > it can't be so sure nobody uses GC memory for code).
 > Additionally, the patch has a quick check for SELinux presence on Linux
 > and will skip the PROT_READ|PROT_WRITE|PROT_EXEC mmap if it is (while try it
 > if SELinux is not present or on other OSes), because such mmap would trigger
 > annoying audit messages.
 > 
 > Ok for trunk?

This should go upstream.  We don't want any divergence here.

Andrew.

-- 
Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SL4 1TE, UK
Registered in England and Wales No. 3798903


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]