Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262902AbUFFFZN (ORCPT ); Sun, 6 Jun 2004 01:25:13 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262905AbUFFFZN (ORCPT ); Sun, 6 Jun 2004 01:25:13 -0400 Received: from mx2.elte.hu ([157.181.151.9]:2504 "EHLO mx2.elte.hu") by vger.kernel.org with ESMTP id S262902AbUFFFZI (ORCPT ); Sun, 6 Jun 2004 01:25:08 -0400 Date: Sun, 6 Jun 2004 07:26:15 +0200 From: Ingo Molnar To: Mike McCormack Cc: linux-kernel@vger.kernel.org Subject: Re: WINE + NX (No eXecute) support for x86, 2.6.7-rc2-bk2 Message-ID: <20040606052615.GA14988@elte.hu> References: <40C2B51C.9030203@codeweavers.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <40C2B51C.9030203@codeweavers.com> User-Agent: Mutt/1.4.1i X-ELTE-SpamVersion: MailScanner 4.26.8-itk2 (ELTE 1.1) SpamAssassin 2.63 ClamAV 0.65 X-ELTE-VirusStatus: clean X-ELTE-SpamCheck: no X-ELTE-SpamCheck-Details: score=-4.9, required 5.9, autolearn=not spam, BAYES_00 -4.90 X-ELTE-SpamLevel: X-ELTE-SpamScore: -4 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1524 Lines: 38 * Mike McCormack wrote: > Fedore Code 1's exec-shield patch broke Wine badly, as there was no > way for an application to turn it off from user space, and Wine > depended upon certain areas of virtual memory being free. there are multiple methods in FC1 to turn this off: - FC1 has PT_GNU_STACK support and all binaries that have no PT_GNU_STACK program header will have the stock Linux VM layout. (including executable stack/heap) So by stripping the PT_GNU_STACK header from the wine binary you get this effect. - you get the same effect by setting the personality to PER_LINUX32 via: personality(PER_LINUX32); this is a NOP on stock x86 Linux, and turns off exec-shield on FC1. all these methods were present in FC1 from day 1 on. In fact we specifically targetted Wine (and similar applications) with these methods to make it easy for them to be built under FC1. (of course existing binaries of Wine worked and work fine because they dont have PT_GNU_STACK.) > We developed a hack to work around this problem by creating a staticly > linked binary to reserve memory then load ld-linux.so.2 and a > dynamically executable into memory manually and run start them. while this should work too - why not one of the methods above? Ingo - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/