| 1 |
zorry 15/02/28 23:50:59 |
| 2 |
|
| 3 |
Added: issue177_prot_exec.patch |
| 4 |
Log: |
| 5 |
Bump to fix bug #525494 proc_exec on pax enable kernel |
| 6 |
|
| 7 |
(Portage version: 2.2.17/cvs/Linux x86_64, signed Manifest commit with key FD79807F) |
| 8 |
|
| 9 |
Revision Changes Path |
| 10 |
1.1 dev-python/cffi/files/issue177_prot_exec.patch |
| 11 |
|
| 12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-python/cffi/files/issue177_prot_exec.patch?rev=1.1&view=markup |
| 13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-python/cffi/files/issue177_prot_exec.patch?rev=1.1&content-type=text/plain |
| 14 |
|
| 15 |
Index: issue177_prot_exec.patch |
| 16 |
=================================================================== |
| 17 |
# HG changeset patch |
| 18 |
# User Armin Rigo <arigo@×××××.org> |
| 19 |
# Date 1424942568 -3600 |
| 20 |
# Node ID c7edb1e84eb3c29cac0674790cb4efcbcf1683b2 |
| 21 |
# Parent 95e0563201602a2e1a8d83cc95a6a70048dfeece |
| 22 |
issue #177: workaround for some Linux kernels |
| 23 |
|
| 24 |
diff --git a/c/malloc_closure.h b/c/malloc_closure.h |
| 25 |
--- a/c/malloc_closure.h |
| 26 |
+++ b/c/malloc_closure.h |
| 27 |
@@ -14,6 +14,54 @@ |
| 28 |
# endif |
| 29 |
#endif |
| 30 |
|
| 31 |
+/* On PaX enable kernels that have MPROTECT enable we can't use PROT_EXEC. |
| 32 |
+ |
| 33 |
+ This is, apparently, an undocumented change to ffi_prep_closure(): |
| 34 |
+ depending on the Linux kernel we're running on, we must give it a |
| 35 |
+ mmap that is either PROT_READ|PROT_WRITE|PROT_EXEC or only |
| 36 |
+ PROT_READ|PROT_WRITE. In the latter case, just trying to obtain a |
| 37 |
+ mmap with PROT_READ|PROT_WRITE|PROT_EXEC would kill our process(!), |
| 38 |
+ but in that situation libffi is fine with only PROT_READ|PROT_WRITE. |
| 39 |
+ There is nothing in the libffi API to know that, though, so we have |
| 40 |
+ to guess by parsing /proc/self/status. "Meh." |
| 41 |
+ */ |
| 42 |
+#ifdef __linux__ |
| 43 |
+#include <stdlib.h> |
| 44 |
+ |
| 45 |
+static int emutramp_enabled = -1; |
| 46 |
+ |
| 47 |
+static int |
| 48 |
+emutramp_enabled_check (void) |
| 49 |
+{ |
| 50 |
+ char *buf = NULL; |
| 51 |
+ size_t len = 0; |
| 52 |
+ FILE *f; |
| 53 |
+ int ret; |
| 54 |
+ f = fopen ("/proc/self/status", "r"); |
| 55 |
+ if (f == NULL) |
| 56 |
+ return 0; |
| 57 |
+ ret = 0; |
| 58 |
+ |
| 59 |
+ while (getline (&buf, &len, f) != -1) |
| 60 |
+ if (!strncmp (buf, "PaX:", 4)) |
| 61 |
+ { |
| 62 |
+ char emutramp; |
| 63 |
+ if (sscanf (buf, "%*s %*c%c", &emutramp) == 1) |
| 64 |
+ ret = (emutramp == 'E'); |
| 65 |
+ break; |
| 66 |
+ } |
| 67 |
+ free (buf); |
| 68 |
+ fclose (f); |
| 69 |
+ return ret; |
| 70 |
+} |
| 71 |
+ |
| 72 |
+#define is_emutramp_enabled() (emutramp_enabled >= 0 ? emutramp_enabled \ |
| 73 |
+ : (emutramp_enabled = emutramp_enabled_check ())) |
| 74 |
+#else |
| 75 |
+#define is_emutramp_enabled() 0 |
| 76 |
+#endif |
| 77 |
+ |
| 78 |
+ |
| 79 |
/* 'allocate_num_pages' is dynamically adjusted starting from one |
| 80 |
page. It grows by a factor of PAGE_ALLOCATION_GROWTH_RATE. This is |
| 81 |
meant to handle both the common case of not needing a lot of pages, |
| 82 |
@@ -77,9 +125,12 @@ |
| 83 |
if (item == NULL) |
| 84 |
return; |
| 85 |
#else |
| 86 |
+ int prot = PROT_READ | PROT_WRITE | PROT_EXEC; |
| 87 |
+ if (is_emutramp_enabled ()) |
| 88 |
+ prot &= ~PROT_EXEC; |
| 89 |
item = (union mmaped_block *)mmap(NULL, |
| 90 |
allocate_num_pages * _pagesize, |
| 91 |
- PROT_READ | PROT_WRITE | PROT_EXEC, |
| 92 |
+ prot, |
| 93 |
MAP_PRIVATE | MAP_ANONYMOUS, |
| 94 |
-1, |
| 95 |
0); |
Archives