On Sat, Aug 23, 2008 at 05:13:30PM -0700, Matthew Macy wrote:
> On Sat, Aug 23, 2008 at 5:04 PM, Ivan Voras wrote:
> > I stumbled upon this Wikipedia page:
> > http://en.wikipedia.org/wiki/Compari...urity_features
> > and it mentions NX bit is supported in FreeBSD. Is this true? Is it
> > enabled by default?
>
> Yes. However, it is in the upper word so it only works with PAE or
> amd64. "jemalloc" maps the heap NX and thread stacks are mapped NX.
> The default process stack currently needs to be executable because
> sigcode is placed at the start of the stack at the time of process
> creation.

Oh, I was looking into this a few months ago, and came to the
conclusion that NX wasn't turned on at all.

How do applications/languages that use JIT or other run-time
code generation get around the non-executable heap? Just not
use jemalloc?

I've been using 7-STABLE on amd64 for a long time, and haven't
noticed any problems with Java or SBCL lisp or PLT-scheme, all
of which use JIT code generation (but probably neither use
jemalloc?)

Cheers,

--
Andrew
_______________________________________________
freebsd-arch@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"