This is the mail archive of the
libffi-discuss@sourceware.org
mailing list for the libffi project.
Re: Protection errors on Mac OS X 10.6 (Snow Leopard)
On Sep 8, 2009, at 4:03 AM, Timothy Wall wrote:
What is it doing on previous darwin releases? Is OSX only now
disabling executable memory by default?
Only in 64-bit (which confirms my observation).
Apparently they've been adding more restrictions with each version.
(I just upgraded to 10.6 from 10.4 and skipped 10.5).
From
http://developer.apple.com/mac/library/releasenotes/MacOSX/WhatsNewInOSX/Articles/MacOSX10_5.html
In Mac OS X v10.4, a change was made to prevent the execution of code
in a program’s stack space on Intel-based Macintosh computers by
default. If needed, a program could override this behavior by passing
the allow_stack_execute option to the ld program at link time or by
dynamically allowing execution in this space using the mprotect system
call.
In Mac OS X v10.5, the system is increasing the restrictions on
executing code in two ways. First, the system now disallows the
execution of stack-based code on both PowerPC-based and Intel-based
Macintosh computers by default. Second, for 64-bit programs, the
system now disallows attempts to execute code in any portion of the
process space unless that portion is explicitly marked as executable.
Most developers may not notice these changes because code compiled and
linked statically is automatically marked as executable by the ld
program. If your 64-bit application generates code dynamically,
however, you must explicitly mark that code as executable or your
program will receive a SIGBUS signal and exit when trying to execute
that code. As before, you can use the mprotect system call with the
PROT_EXEC option to grant execute permissions to a block of memory
containing dynamically generated code. For information on how to use
this call, see mprotect man page.
Aziz,,,