On 6/7/19 12:49 PM, Yu-cheng Yu wrote: >> >> This also gives us an excellent opportunity to make it read-only as seen from >> userspace to prevent exploits from just poking it full of ones before >> redirecting execution. > GLIBC sets bits only for legacy code, and then makes the bitmap read-only. > That > avoids most issues: > > To populate bitmap pages, mprotect() is required. > Reading zero bitmap pages would not waste more physical memory, right?
Huh, how does glibc know about all possible past and future legacy code in the application?
