From: | "René Rhéaume" <rene.rheaume@×××××.com> |
---|---|
To: | gentoo-hardened@l.g.o |
Subject: | [gentoo-hardened] JIT code and mprotect |
Date: | Mon, 11 Jun 2012 00:02:15 |
Message-Id: | CAPLjCyLeaEqbo8w==jctVb43ugkYvhQe41q2+a==mrLb2kGeow@mail.gmail.com |
1 | I have a somewhat crazy idea to run JIT code with mprotect enforced: |
2 | instead of putting the generated code into anonymous memory, why not put it |
3 | as a shared library inside a tmpfs, the the host program simply call dlopen |
4 | on it? This way, we would have JIT code (faster than interpreted code), |
5 | ahead-of-time compiled code keeps all mprotect restrictions in place. JIT |
6 | code would also benefit from ASLR. |
7 | |
8 | What do you think? |
Subject | Author |
---|---|
Re: [gentoo-hardened] JIT code and mprotect | PaX Team <pageexec@××××××××.hu> |
Re: [gentoo-hardened] JIT code and mprotect | Maxim Kammerer <mk@×××.su> |