[llvm] [llvm][Support][Memory] Add memfd based fallback for strict W^X Linux systems (PR #98538)
David Spickett via llvm-commits
llvm-commits at lists.llvm.org
Thu Jul 25 02:18:50 PDT 2024
================
@@ -177,6 +181,78 @@ std::error_code Memory::protectMappedMemory(const MemoryBlock &M,
alignAddr((const uint8_t *)M.Address + M.AllocatedSize, PageSize);
bool InvalidateCache = (Flags & MF_EXEC);
+ bool SkipMprotect = false;
+
+#if defined(__linux__)
+ // Check for cases where the EXEC protection flag changes and a possible
+ // strict W^X policy cannot be bypassed via mprotect() alone, e.g. under
+ // PaX's MPROTECT or SELinux's deny_execmem.
+ //
+ // To support such systems, we need to create a fresh mapping with the
+ // target protection flags.
+ if ((M.Flags ^ Flags) & MF_EXEC && execProtChangeNeedsNewMapping()) {
+ static unsigned int flags = MFD_CLOEXEC | MFD_EXEC;
+ class FDWrapper {
----------------
DavidSpickett wrote:
Weirdly, there is a wrapper like this for locking in `llvm/include/llvm/Support/FileSystem.h` (FileLocker), but none for closing.
https://github.com/llvm/llvm-project/pull/98538
More information about the llvm-commits
mailing list