Hi,
On Sat, 11 Jan 2014, Michael Matz wrote:
I just submitted a tentative patch to the mob branch about mmap. When
selinux is enabled, tccrun.c uses mmap to hold the dynamically
generated code/data. It is backed by a randomly named file under /tmp
directory. My patch is to use an anonymous file in mmap instead, so
that the generated code/data only resides in memory, and tcc does not
depend on a writable /tmp anymore.
It's customary to actually test changes before committing. In your case:
% ./configure --with-selinux
% make && make test
...
------------ test3 ------------
../tcc -B.. -I.. -I.. -I../include -DCONFIG_LDDIR="\"lib64\""
-DTCC_TARGET_X86_64 -DONE_SOURCE -run ../tcc.c -B.. -I.. -I.. -I../include
-DCONFIG_LDDIR="\"lib64\"" -DTCC_TARGET_X86_64 -DONE_SOURCE -run ../tcc.c
-B.. -I.. -I.. -I../include -DCONFIG_LDDIR="\"lib64\"" -DTCC_TARGET_X86_64
-DONE_SOURCE -run ../tcc.c -B.. -I.. -I.. -I../include -run tcctest.c >
test.out3
/bin/sh: line 1: 15954 Segmentation fault ../tcc -B.. -I.. -I..
-I../include -DCONFIG_LDDIR="\"lib64\"" -DTCC_TARGET_X86_64 -DONE_SOURCE -run
../tcc.c -B.. -I.. -I.. -I../include -DCONFIG_LDDIR="\"lib64\""
-DTCC_TARGET_X86_64 -DONE_SOURCE -run ../tcc.c -B.. -I.. -I.. -I../include
-DCONFIG_LDDIR="\"lib64\"" -DTCC_TARGET_X86_64 -DONE_SOURCE -run ../tcc.c
-B.. -I.. -I.. -I../include -run tcctest.c > test.out3
make[1]: *** [test3] Error 139
Actually I take back that this is caused by your change (it's not). I'll
maintain that the change you introduced would break a very confined
SElinux system for the stated reasons, _if it were working at all before
your change_. But after some more poking I conclude the whole SElinux
support seems to have either bitrotted or never was complete. In
particular ->runtime_mem (the mapping that's supposed to point to
non-writable executable memory reflecting the same data as ->write_mem) is
never used anywhere in the SElinux case except for munmapping it again,
and tcc tries to mprotect ->write_mem also in the SElinux case to be
WRITE|EXEC, which won't work for the reasons I mentioned in a very closed
down SElinux system.
That is all a preexisting problem, and from that perspective the whole
initialization and separation of ->runtime_mem and ->write_mem is useless
and merely confusing; it would probably be better to just do away with
that and use just one mapping (WRITE|EXEC, and because it's only one it
can then indeed be ANON) also in the SElinux case even though it wouldn't
work for all situations, like before (well, of course even better would be
to make the whole thing work for real even in a confined system :) ).
Ciao,
Michael.
_______________________________________________
Tinycc-devel mailing list
Tinycc-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/tinycc-devel