> IIUC they would differ on OSes where libffi can't get a single mapping > with both W and X access. On those OSes libffi uses a workaround, two > mappings are allocated one with RW, the other with RX. While we want to > disable RWX on OpenBSD as an end goal, I don't think we want to let > libffi use this hack, 'cause it it basically the same as RWX.
Yes we do. In general, shadow mappings are probably less attackable on a case to case basis. Pure RWX mappings are worse. The roadmap is to remove as much RWX as possible. If we can split some RWX uses off into shadow mappings, that is progress. At least code using shadow mappings is half-ready for using mprotect correctly.
