1 |
zorry 15/02/28 23:50:59 |
2 |
|
3 |
Added: issue177_prot_exec.patch |
4 |
Log: |
5 |
Bump to fix bug #525494 proc_exec on pax enable kernel |
6 |
|
7 |
(Portage version: 2.2.17/cvs/Linux x86_64, signed Manifest commit with key FD79807F) |
8 |
|
9 |
Revision Changes Path |
10 |
1.1 dev-python/cffi/files/issue177_prot_exec.patch |
11 |
|
12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-python/cffi/files/issue177_prot_exec.patch?rev=1.1&view=markup |
13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-python/cffi/files/issue177_prot_exec.patch?rev=1.1&content-type=text/plain |
14 |
|
15 |
Index: issue177_prot_exec.patch |
16 |
=================================================================== |
17 |
# HG changeset patch |
18 |
# User Armin Rigo <arigo@×××××.org> |
19 |
# Date 1424942568 -3600 |
20 |
# Node ID c7edb1e84eb3c29cac0674790cb4efcbcf1683b2 |
21 |
# Parent 95e0563201602a2e1a8d83cc95a6a70048dfeece |
22 |
issue #177: workaround for some Linux kernels |
23 |
|
24 |
diff --git a/c/malloc_closure.h b/c/malloc_closure.h |
25 |
--- a/c/malloc_closure.h |
26 |
+++ b/c/malloc_closure.h |
27 |
@@ -14,6 +14,54 @@ |
28 |
# endif |
29 |
#endif |
30 |
|
31 |
+/* On PaX enable kernels that have MPROTECT enable we can't use PROT_EXEC. |
32 |
+ |
33 |
+ This is, apparently, an undocumented change to ffi_prep_closure(): |
34 |
+ depending on the Linux kernel we're running on, we must give it a |
35 |
+ mmap that is either PROT_READ|PROT_WRITE|PROT_EXEC or only |
36 |
+ PROT_READ|PROT_WRITE. In the latter case, just trying to obtain a |
37 |
+ mmap with PROT_READ|PROT_WRITE|PROT_EXEC would kill our process(!), |
38 |
+ but in that situation libffi is fine with only PROT_READ|PROT_WRITE. |
39 |
+ There is nothing in the libffi API to know that, though, so we have |
40 |
+ to guess by parsing /proc/self/status. "Meh." |
41 |
+ */ |
42 |
+#ifdef __linux__ |
43 |
+#include <stdlib.h> |
44 |
+ |
45 |
+static int emutramp_enabled = -1; |
46 |
+ |
47 |
+static int |
48 |
+emutramp_enabled_check (void) |
49 |
+{ |
50 |
+ char *buf = NULL; |
51 |
+ size_t len = 0; |
52 |
+ FILE *f; |
53 |
+ int ret; |
54 |
+ f = fopen ("/proc/self/status", "r"); |
55 |
+ if (f == NULL) |
56 |
+ return 0; |
57 |
+ ret = 0; |
58 |
+ |
59 |
+ while (getline (&buf, &len, f) != -1) |
60 |
+ if (!strncmp (buf, "PaX:", 4)) |
61 |
+ { |
62 |
+ char emutramp; |
63 |
+ if (sscanf (buf, "%*s %*c%c", &emutramp) == 1) |
64 |
+ ret = (emutramp == 'E'); |
65 |
+ break; |
66 |
+ } |
67 |
+ free (buf); |
68 |
+ fclose (f); |
69 |
+ return ret; |
70 |
+} |
71 |
+ |
72 |
+#define is_emutramp_enabled() (emutramp_enabled >= 0 ? emutramp_enabled \ |
73 |
+ : (emutramp_enabled = emutramp_enabled_check ())) |
74 |
+#else |
75 |
+#define is_emutramp_enabled() 0 |
76 |
+#endif |
77 |
+ |
78 |
+ |
79 |
/* 'allocate_num_pages' is dynamically adjusted starting from one |
80 |
page. It grows by a factor of PAGE_ALLOCATION_GROWTH_RATE. This is |
81 |
meant to handle both the common case of not needing a lot of pages, |
82 |
@@ -77,9 +125,12 @@ |
83 |
if (item == NULL) |
84 |
return; |
85 |
#else |
86 |
+ int prot = PROT_READ | PROT_WRITE | PROT_EXEC; |
87 |
+ if (is_emutramp_enabled ()) |
88 |
+ prot &= ~PROT_EXEC; |
89 |
item = (union mmaped_block *)mmap(NULL, |
90 |
allocate_num_pages * _pagesize, |
91 |
- PROT_READ | PROT_WRITE | PROT_EXEC, |
92 |
+ prot, |
93 |
MAP_PRIVATE | MAP_ANONYMOUS, |
94 |
-1, |
95 |
0); |