* mprotect PROT_SIGNAL
@ 2024-07-09 16:44 Soni "They/Them" L.
2024-07-16 15:13 ` Florian Weimer
0 siblings, 1 reply; 3+ messages in thread
From: Soni "They/Them" L. @ 2024-07-09 16:44 UTC (permalink / raw)
To: linux-api
we'd like an mprotect PROT_SIGNAL flag for a compiler we're making
PROT_SIGNAL - marks the pages as unmapped while running signal handlers
this would be very useful, do you think you could provide it?
(not much more to say about it, it's supposed to do what it says on the
tin, we want to unmap pages in signal handlers so as to catch bugs
without causing memory corruption.)
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: mprotect PROT_SIGNAL
2024-07-09 16:44 mprotect PROT_SIGNAL Soni "They/Them" L.
@ 2024-07-16 15:13 ` Florian Weimer
2024-07-16 16:16 ` Soni "They/Them" L.
0 siblings, 1 reply; 3+ messages in thread
From: Florian Weimer @ 2024-07-16 15:13 UTC (permalink / raw)
To: Soni "They/Them" L.; +Cc: linux-api
* Soni L.:
> we'd like an mprotect PROT_SIGNAL flag for a compiler we're making
>
> PROT_SIGNAL - marks the pages as unmapped while running signal handlers
>
> this would be very useful, do you think you could provide it?
>
> (not much more to say about it, it's supposed to do what it says on
> the tin, we want to unmap pages in signal handlers so as to catch bugs
> without causing memory corruption.)
The challenge is going to be to detect abnormal exit from the signal
handler.
You can already get some of this behavior to today with memory
protection keys, on x86-64 at least. (I consider this a glitch in the
implementation, it makes it less useful.) Access is revoked
automatically when the hander is invoked. However, access is not
restored if you jump out of the handler using longjmp or by throwing an
exception.
Thanks,
Florian
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: mprotect PROT_SIGNAL
2024-07-16 15:13 ` Florian Weimer
@ 2024-07-16 16:16 ` Soni "They/Them" L.
0 siblings, 0 replies; 3+ messages in thread
From: Soni "They/Them" L. @ 2024-07-16 16:16 UTC (permalink / raw)
To: Florian Weimer; +Cc: linux-api
On 2024-07-16 12:13, Florian Weimer wrote:
> * Soni L.:
>
> > we'd like an mprotect PROT_SIGNAL flag for a compiler we're making
> >
> > PROT_SIGNAL - marks the pages as unmapped while running signal handlers
> >
> > this would be very useful, do you think you could provide it?
> >
> > (not much more to say about it, it's supposed to do what it says on
> > the tin, we want to unmap pages in signal handlers so as to catch bugs
> > without causing memory corruption.)
>
> The challenge is going to be to detect abnormal exit from the signal
> handler.
>
> You can already get some of this behavior to today with memory
> protection keys, on x86-64 at least. (I consider this a glitch in the
> implementation, it makes it less useful.) Access is revoked
> automatically when the hander is invoked. However, access is not
> restored if you jump out of the handler using longjmp or by throwing an
> exception.
As it should be - POSIX specifies that longjmping out of a handler
remains in handler context, so you still can't call signal-unsafe functions.
Presumably, an API to manually map them back in would be necessary in
the case of e.g. the JVM, which uses signal handlers for
hardware-accelerated null checks.
> Thanks,
> Florian
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-07-16 16:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-07-09 16:44 mprotect PROT_SIGNAL Soni "They/Them" L.
2024-07-16 15:13 ` Florian Weimer
2024-07-16 16:16 ` Soni "They/Them" L.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).