Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
The ExecShield patchesThe ExecShield patchesPosted Jul 19, 2005 17:10 UTC (Tue) by jreiser (subscriber, #11027)Parent article: Kernel Summit 2005: The ExecShield patches
Random placement of the AT_SYSINFO page is another feature which is used by Fedora Core 4. The AT_SYSINFO page is a kernel-generated copy of linux-gate.so.1 which contains the "prefered" instructions for invoking a system call, and the code for sigreturn and rt_sigreturn. glibc-2.3.5 and FC4 kernels exploit these features.
There are unfortunate side effects, particularly on 32-bit x86. Random placement of the AT_SYSINFO page increases fragmentation of the address space; fewer large arrays are possible. Random placement tends to defeat pre-linking: process startup gets slower in proportion to the number and size of pre-linked shared libraries. Sigreturn will crash if the user moves the AT_SYSINFO page. See https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162797 .
(Log in to post comments)
The ExecShield patches Posted Jul 21, 2005 10:13 UTC (Thu) by mingo (subscriber, #31122) [Link] What do you mean by "fewer large arrays are possible"? Randomization of shared libraries in FC4 happens in the first ~128MB of virtual memory. You should have no expectation of continuity in that area, and it's not a problem. The other 2.9 GB of virtual memory is not affected by this, there you can have as large arrays as you wish to.
|
|||||||||||