forked from libffi/libffi
/
emutramp
128 lines (118 loc) · 3.96 KB
/
emutramp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
Index: libffi/ChangeLog
===================================================================
--- libffi.orig/ChangeLog
+++ libffi/ChangeLog
@@ -1,3 +1,11 @@
+2012-10-30 Magnus Granberg <zorry@gentoo.org>
+ Pavel Labushev <pavel.labushev@runbox.ru>
+
+ * configure.ac: New options pax_emutramp
+ * configure, fficonfig.h.in: Regenerated
+ * src/closures.c: New function emutramp_enabled_check() and
+ checks.
+
2012-10-30 Frederick Cheung <frederick.cheung@gmail.com>
* configure.ac: Enable FFI_MAP_EXEC_WRIT for Darwin 12 (mountain
Index: libffi/README
===================================================================
--- libffi.orig/README
+++ libffi/README
@@ -154,6 +154,7 @@ See the ChangeLog files for details.
Add Blackfin support.
Add TILE-Gx/TILEPro support.
Add AArch64 support.
+ Add support for PaX enabled kernels with MPROTECT.
3.0.11 Apr-11-12
Lots of build fixes.
Index: libffi/configure
===================================================================
--- libffi.orig/configure
+++ libffi/configure
@@ -826,6 +826,7 @@ enable_libtool_lock
enable_portable_binary
with_gcc_arch
enable_maintainer_mode
+enable_pax_emutramp
enable_debug
enable_structs
enable_raw_api
@@ -1473,6 +1474,7 @@ Optional Features:
unportable binaries
--enable-maintainer-mode enable make rules and dependencies not useful
(and sometimes confusing) to the casual installer
+ --enable-pax_emutramp enable pax emulated trampolines, for we can't use PROT_EXEC
--enable-debug debugging mode
--disable-structs omit code for struct support
--disable-raw-api make the raw api unavailable
@@ -14457,6 +14459,16 @@ $as_echo "#define SYMBOL_UNDERSCORE 1" >
fi
fi
+# On PaX enable kernels that have MPROTECT enable we can't use PROT_EXEC.
+# Check whether --enable-pax_emutramp was given.
+if test "${enable_pax_emutramp+set}" = set; then :
+ enableval=$enable_pax_emutramp; if test "$enable_pax_emutramp" = "yes"; then
+
+$as_echo "#define FFI_MMAP_EXEC_EMUTRAMP_PAX 1" >>confdefs.h
+
+ fi
+fi
+
FFI_EXEC_TRAMPOLINE_TABLE=0
case "$target" in
Index: libffi/configure.ac
===================================================================
--- libffi.orig/configure.ac
+++ libffi/configure.ac
@@ -352,6 +352,13 @@ if test x$TARGET = xX86_WIN64; then
fi
fi
+# On PaX enable kernels that have MPROTECT enable we can't use PROT_EXEC.
+AC_ARG_ENABLE(pax_emutramp,
+ [ --enable-pax_emutramp enable pax emulated trampolines, for we can't use PROT_EXEC],
+ if test "$enable_pax_emutramp" = "yes"; then
+ AC_DEFINE(FFI_MMAP_EXEC_EMUTRAMP_PAX, 1,
+ [Define this if you want to enable pax emulated trampolines])
+ fi)
FFI_EXEC_TRAMPOLINE_TABLE=0
case "$target" in
Index: libffi/src/closures.c
===================================================================
--- libffi.orig/src/closures.c
+++ libffi/src/closures.c
@@ -172,6 +172,27 @@ selinux_enabled_check (void)
#endif /* !FFI_MMAP_EXEC_SELINUX */
+/* On PaX enable kernels that have MPROTECT enable we can't use PROT_EXEC. */
+#ifdef FFI_MMAP_EXEC_EMUTRAMP_PAX
+#include <stdlib.h>
+
+static int emutramp_enabled = -1;
+
+static int
+emutramp_enabled_check (void)
+{
+ if (getenv ("FFI_DISABLE_EMUTRAMP") == NULL)
+ return 1;
+ else
+ return 0;
+}
+
+#define is_emutramp_enabled() (emutramp_enabled >= 0 ? emutramp_enabled \
+ : (emutramp_enabled = emutramp_enabled_check ()))
+#else
+#define is_emutramp_enabled() 0
+#endif /* FFI_MMAP_EXEC_EMUTRAMP_PAX */
+
#elif defined (__CYGWIN__) || defined(__INTERIX)
#include <sys/mman.h>
@@ -458,6 +479,12 @@ dlmmap (void *start, size_t length, int
printf ("mapping in %zi\n", length);
#endif
+ if (execfd == -1 && is_emutramp_enabled ())
+ {
+ ptr = mmap (start, length, prot & ~PROT_EXEC, flags, fd, offset);
+ return ptr;
+ }
+
if (execfd == -1 && !is_selinux_enabled ())
{
ptr = mmap (start, length, prot | PROT_EXEC, flags, fd, offset);