Re: [gtk-vnc-devel] Fix mmap permissions for coroutine stacks

From: "Daniel P. Berrange" <berrange redhat com>
To: Anthony Liguori <anthony codemonkey ws>
Cc: gtk-vnc-devel <gtk-vnc-devel lists sourceforge net>
Subject: Re: [gtk-vnc-devel] Fix mmap permissions for coroutine stacks
Date: Wed, 26 Sep 2007 23:57:10 +0100

On Wed, Sep 26, 2007 at 10:06:43PM +0100, Daniel P. Berrange wrote:
> On Wed, Sep 26, 2007 at 04:00:28PM -0500, Anthony Liguori wrote:
> > Daniel P. Berrange wrote:
> > >Our current code mmaps a region with PROT_EXEC for use as stack space in 
> > >the swapcontext() calls. This is bogus because the stack should not be
> > >executable. On any Fedora / RHEL system with SELinux enabled this results
> > >in the process being terminated with extreme prejudice the moment we do
> > >the swapcontext() call.
> > >
> > >The attach patch removes the use of PROT_EXEC, and it also switches to use
> > >MAP_PRIVATE instead of MAP_SHARED since ther is no reason for stack to be
> > >shared across processes, and finally removes MAP_GROWSDOWN since it is a
> > >broken concept that should not be used according to GLibC guys.
> > >  
> > 
> > Very interesting patch.   GROWSDOWN seemed like the Right Thing to do 
> > but I'm not surprised if it's broken.  Removing EXEC seems sane to me.  
> > It was just a guess as what the right permissions should be.
> 
> >From my understanding, GORWSDOWN may have been relevant in older kernels 
> (eg on 2.4 era) but today it is not. It is linux specific anyway.
> 
> > BTW, if the coroutine stuff ever gets too weird, we can very easily 
> > switch over to lock-step threads.  I know that there's been some 
> > concerns about the portability of coroutines in the context of the gnome 
> > community before (gstreamer initialized used a coroutine mechanism).  
> > I'd still want to stick with lock-step execution of threads b/c I think 
> > it simplifies locking.
> 
> Personally I'd like to avoid threads. The coroutine stuff is a little
> odd if you're not familiar with the idea, but it works well in practice.
> If portability becomes an issue we can deal with it later - perhaps even
> fake the current coroutine API using pthreads on platforms without the
> swapcontext() stuff.

I've changed my mind. No pthreads ever!  GNU Pth has code to do context
switching even on platforms without the POSIX swapcontext/makecontext
APIs. They have code which uses sigaltstack() tricks, and other code using
setjmp tricks :-) So if the need arises we can either use Pth directly,
or leverage their code - it is LGPL 2.1 so compatible with our codebase.

Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=|

References:
- [gtk-vnc-devel] Fix mmap permissions for coroutine stacks
  - From: Daniel P. Berrange
- Re: [gtk-vnc-devel] Fix mmap permissions for coroutine stacks
  - From: Anthony Liguori
- Re: [gtk-vnc-devel] Fix mmap permissions for coroutine stacks
  - From: Daniel P. Berrange

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]