This may be a bit of a silly question. There is talk about an upcoming
Common Criteria requirement that no memory may be executable and
writable at the same time. OpenBSD is said to meet this requirement.
However, I installed the amd64 variant of OpenBSD 5.9, and ran short
test program which allocates a W|X page using:
void *addr = mmap (NULL, page_size,
PROT_READ | PROT_WRITE | PROT_EXEC,
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
mmap succeeds, and the page is writable and executable. (The test case
even writes it, executes, writes it again with different contents, and
executes it again.)
Is there a knob to enable W^X enforcement? Or does W^X just mean that
you won't get W|X memory unless you ask for it explicitly? (I know that
historically, if you asked for W|R memory, say using malloc, you got
W|R|X on i386 because there was no separate per-page flag for read and
exec, and the segment size limit kludge wasn't invented yet.)
I understand that we (the larger ecosystem) still need to change some
applications not to perform PROT_WRITE | PROT_EXEC (or the equivalent
alias mapping kludge).
Thanks,
Florian
