Date: Tue, 17 Nov 2009 14:28:54 +0200 From: Kostik Belousov <kostikbel@gmail.com> To: Sharad Chandra <sharadc@in.niksun.com> Cc: freebsd-hackers@freebsd.org, Manprit Singh <manprits@in.niksun.com> Subject: Re: mprotect(2) clears the flag for whole page which causes program crash. Message-ID: <20091117122854.GB2331@deviant.kiev.zoral.com.ua> In-Reply-To: <200911171529.20098.sharadc@in.niksun.com> References: <200911171529.20098.sharadc@in.niksun.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--zxXm0cXfUFja8sIt Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Nov 17, 2009 at 03:29:19PM +0530, Sharad Chandra wrote: > Hi, >=20 > mportect clears the exec flag of whole page by which my program crashed. = I am=20 > attaching sample code. It is performing below task >=20 > 1) allocate memory1 > 2) allocate memory2 > 3) change permission of memory 1 and 2 to exec by mprotect. > 4) clear the exec permission of memory 1 and free it. > 5) execute the memory2 by mapping to pointer function. > 6) clear the exec permission of memory 2 and free it. >=20 > Program crashed at step 5 if memory 1 and 2 are in same page. >=20 > $ uname -a > FreeBSD app164.in.niksun.com 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Fri May = 1=20 > 07:18:07 UTC 2009 =20 > root@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 >=20 > $ gcc -g -o test -Wall mprotect.c > $ ./test > mem1 at: 34369183888 > mem2 at: 34369183892 > address difference: 4 > test_func1 function returned 0 > test_func2 will crash here > Segmentation fault (core dumped) >=20 > Is it known bug or is there any workaround? How will a userland process m= ake=20 > sure that process will not crash as malloc(3) can allocate where ever it = get=20 > the memory free to use. Attachment was stripped. Anyway, mprotect(2) works on the page granularity. The first sentence from the mprotect manpage says: The mprotect() system call changes the specified pages to have protection prot. By design, mprotect uses hardware capabilities of the processor' MMU to enforce the protection, and MMU works on the page granularity. --zxXm0cXfUFja8sIt Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (FreeBSD) iEYEARECAAYFAksClwYACgkQC3+MBN1Mb4hdwgCglwB2VNql/2G/hZeK8W4gs6sa 5GsAoNym0s9XTi0Vergq9WFGNzBqc7AH =ioon -----END PGP SIGNATURE----- --zxXm0cXfUFja8sIt--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091117122854.GB2331>