Richard Henderson <richard.hender...@linaro.org> writes:
> On 6/17/19 9:18 AM, Alex Bennée wrote: >> >> Richard Henderson <richard.hender...@linaro.org> writes: >> >>> Check page flags before letting an invalid pc cause a SIGSEGV. >>> >>> Prepare for eventially validating PROT_EXEC. The current wrinkle being >>> that we have a problem with our implementation of signals. We should >>> be using a vdso like the kernel, but we instead put the trampoline on >>> the stack. In the meantime, let PROT_READ match PROT_EXEC. >> >> We can come up with a test case for this right? Would it be triggered by >> having: >> >> __attribute__((aligned(PAGE_SIZE))) >> void some_func(void) { >> /* does something */ >> } >> >> __attribute__((aligned(PAGE_SIZE))) >> ... rest of code ... >> >> main () { >> mmap(&some_func, PAGE_SIZE, PROT_READ, MAP_ANONYMOUS, 0, 0); >> some_func() >> /* causes SEGV */ >> mmap(&some_func, PAGE_SIZE, PROT_READ|PROT_EXEC, MAP_ANONYMOUS, 0, 0); >> some_func() >> /* works */ >> } >> >> Or is it trickier to mess with your own mapped memory? > > It's trickier than that, but I do have a simple test case. > > https://bugs.launchpad.net/qemu/+bug/1832916 > > But fixing that, as I mention above, makes signal trampolines fail. Ahh I missed that. I guess we add it once we have the full solution. > > Or did you mean for Christophe's failure? That's easier -- just make a NULL > function call. > > > r~ -- Alex Bennée