So, W^X means that any given area of memory is either writable, or executable, but not both. That part seems simple enough.
However, what does it mean that the policy is only “advisory”? Can someone explain what W^X means in practical terms? As a user, is there a way to enable it “better”, like we do with malloc.conf(5)?
Where do you look to see if the advisories have been violated? mprotect(1) seems rather silent on these matters.
These protections will still have to be disabled for other JIT software like emacs, correct? Will it be possible to enable/disable these protections only for certain apps? Is it currently disabled for all apps outside of the kernel space?
Because it is light on specifics, how would one do a W^X JIT engine?
Very briefly:
https://bugzilla.mozilla.org/show_bug.cgi?id=677272
@tedu what browser are you going to be working on?
Not entirely decided. The objective is to accomplish what can be done, without necessarily getting bogged down in one spot.
So,
W^Xmeans that any given area of memory is either writable, or executable, but not both. That part seems simple enough.However, what does it mean that the policy is only “advisory”? Can someone explain what W^X means in practical terms? As a user, is there a way to enable it “better”, like we do with malloc.conf(5)?
Is it basically only enforced for kernel map, as http://bxr.su/OpenBSD/sys/uvm/uvm_map.c#uvm_map_protect (which gets called from http://bxr.su/OpenBSD/sys/uvm/uvm_mmap.c#sys_mprotect) seems to suggest:
Where do you look to see if the advisories have been violated? mprotect(1) seems rather silent on these matters.
These protections will still have to be disabled for other JIT software like emacs, correct? Will it be possible to enable/disable these protections only for certain apps? Is it currently disabled for all apps outside of the kernel space?
Well, for instance, one can run: