[pcre-dev] [Bug 1749] PCRE-JITted code should be executed fr…

Top Page
Delete this message
Author: admin
Date:  
To: pcre-dev
Old-Topics: [pcre-dev] [Bug 1749] New: PCRE-JITted code should be executed from non-writable memory to obey execmem SELinux restriction
Subject: [pcre-dev] [Bug 1749] PCRE-JITted code should be executed from non-writable memory to obey execmem SELinux restriction
https://bugs.exim.org/show_bug.cgi?id=1749

--- Comment #49 from Petr Pisar <ppisar@???> ---
I think this is the dead end.

The only way to guard a fork is registering callbacks with pthread_atfork()
function but I'm not familiar with it and it is said it has its own issues.
Even if we managed to run some code at a fork, what could we do? We could open
a new file, copy the content there, then mmap the new file, but we would end up
with different memory addresses. mmap() accepts a pointer as a recommended new
mapping addresses, but there is no guarantee it will use this address.

Applications could be told not to use the compiled patterns across forks but
that would be a new restrictions that could break existing applications. (JIT
allocator could store PID there and other functions could check current PID
against the value. But that would be slow.)

How does the JIT matching cope with multi-threaded applications? Since the JIT
memory is on a heap it's shared among the threads and the application is not
allowed to use it simultaneously. Am I right?

I'm

--
You are receiving this mail because:
You are on the CC list for the bug.