Re: Non-Exec stack patches

From: David Mosberger
Date: Wed Mar 24 2004 - 12:13:57 EST

Next message: Tim Bird: "Re: Bloat report 2.6.3 -> 2.6.4"
Previous message: Christoph Pleger: "Kernel 2.6 Hotplugging"
In reply to: John Reiser: "Re: Non-Exec stack patches"
Next in thread: Jakub Jelinek: "Re: Non-Exec stack patches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> On Wed, 24 Mar 2004 08:29:24 -0800, John Reiser <jreiser@xxxxxxxxxxxx> said:

Jakub> but it is still possible some language interpreter or
Jakub> something builds code on the fly on the stack).

David> That's why there is mprotect().

John> But mprotect() costs enough (hundreds of cycles) to be a
John> significant burden in some cases. Generating code to a stack
John> region that is inherently executable is inexpensive (even
John> allowing for restrictive alignment and avoiding I/D cache
John> conflicts), is thread safe, is async-signal safe, and takes
John> less work than other alternatives. Yes, the "black hats" do
John> this; so do the "white hats." Please do not increase the
John> minimum cost for applications that want generate-and-execute
John> on the stack at upredictable high frequency.

Huh? Only one mprotect() call is needed to make the entire stack
executable.

--david
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tim Bird: "Re: Bloat report 2.6.3 -> 2.6.4"
Previous message: Christoph Pleger: "Kernel 2.6 Hotplugging"
In reply to: John Reiser: "Re: Non-Exec stack patches"
Next in thread: Jakub Jelinek: "Re: Non-Exec stack patches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]