> Date: Thu, 03 Apr 2008 16:32:20 -0800 (PST)
> From: Gary Winiger <gww at eng.sun.com>
...
> The second was that there seemed to be some possible interactions between
> mmapfd and validated execution and I wanted to ask both project teams to
> take a quick look at the other project to see if some alignment might
> be needed?
>
> Please consider this a request to both projects.
The execution-time validation of libraries being introduced into
process images is expected to be triggered by rtld's idiomatic use of
mmap(..., PROT_EXEC, ...). Since mmapfd() would subsume multiple
mmap() calls into a single call producing essentially the same effects
on the process image, it would appear that mmapfd() would provide the
same opportunity for triggering the validation of the mapped object.
The general nature of mmapfd() mapping represents a possible solution
to a concern being discussed in 2008/195. The issue is that
interpreters other than rtld often have the equivalent of libraries,
for example, perl's .pm and .pl or the shell "source" or "." commands.
These extended forms of library are presently introduced into the
process "execution" using general interfaces (open(), read()),
precluding any reliable triggering for validition of the object. As
much as mmapfd() provides a generalized mechanism for accessing these
forms of libraries, it would serve as a enabler for validated
execution.
-JZ
