Brian Stecher
07/18/2008 3:43 PM
post10753
|
On Fri, Jul 18, 2008 at 01:57:40PM -0400, Thomas Fletcher wrote:
> Brian Stecher wrote:
> > It's intentional. When GCC takes the address of a nested function (an
> > extension), it actually ends up dynamically generating a little code thunk
> > on to the thread's stack so they have to be executable for that to work.
> > Actually, in the current code base, we've added a new suboption to the
> > -m switch to control this: -m~x will turn off PROT_EXEC for system allocated
> > stacks, while -mx (the default) will turn on PROT_EXEC.
> >
>
> So does this only become an issue if you are using nested functions. If
> you don't use them, you
> should never need the PROT_EXEC flag turned on?
More specifically, it's only if you're taking the address of a nested
function do you need the PROT_EXEC. However, a lot of CPU's don't have
a separate permission bit for PROT_EXEC in the MMU hardware, so turning
it off doesn't buy you any extra security.
--
Brian Stecher (bstecher@qnx.com) QNX Software Systems
phone: +1 (613) 591-0931 (voice) 175 Terence Matthews Cr.
+1 (613) 591-3579 (fax) Kanata, Ontario, Canada K2M 1W8
|
|
|