Alexandre Julliard wrote:
Peter Beutner p.beutner@gmx.net writes:
Why should this exception be visible to the application? Plus if you make it visible, you can just forget this whole workaround idea, because it won't work reliable anyways.
Well, yes, the workaround is really a hack that should be replaced by a proper fix; I was hoping it would encourage someone to look into it and fix it properly, I can't do it because my box doesn't have noexec support.
Certainly some more testing on windows is needed, but this check_no_exec() workaround was regardless introduced a long time ago. This patch just fixes this workaround. Otherwise it could as well be removed at all.
Well, yes, it could certainly be removed; I added it mostly to make sure that we generated the exception properly, and to demonstrate how the exception can be handled. The proper fix is clearly more complex than that, but moving that hack into the exception code isn't a step in the right direction IMO.
hm, at least for that message box that was talked about, I don't see another choice than to put it into the exception code. But that probably should then only be the message box (and maybe a possibility to change the noexecute configuration for this app) and no code for trying to workaround the protection.
I also took a closer look on the windows behaviour. There is no (at least application visible) difference in how the memory areas(heap, stack,valloc,image) are mapped between NX disabled/enabled mode. (Apart from the mysterious fact that a bunch of more dlls are loaded when it is disabled.) The only difference is whether code runs from non-executable memory or not. I'll attach the output of a small testcase I've written which shows the memory layout for both cases.
There is however one exception. If the noexecute policy is set to OptOut[1] and windows loads a PE file where the AddressEntryPoint is in a non-executable section, NX protection is automatically switched off for this process. According to some paper[2] there are even more specific compatibility checks, e.g. for the safedisc driver. Sadly MS just speaks of "System compatibility fixes" without further detailed explanation :/
But as linux can't just switch on/off the protection for specific processes, wine has to emulate it by marking all readable memory as executable as well. And as all this happens behind the application's back, I would still go with my first proposal to just pair every PROT_READ with a PROT_EXEC in dlls/ntdll/virtual.c:VIRTUAL_GetUnixProt().
Does that sound acceptable?
1) means: apply protection for all apps, but allow to disable it for specific apps 2) http://www.uninformed.org/?v=2&a=4
run tests: execute on stack: failed execute on .rodata: failed execute on .data: failed execute on heap: failed execute on valloc: failed ----------------------------------------------- dump memory info: 0x00010000 - 0x00011fff -rw- private 0x00020000 - 0x00020fff -rw- private 0x0022d000 - 0x0022dfff grw- private 0x0022e000 - 0x0022ffff -rw- private (stack) 0x00230000 - 0x00232fff -r-- mapped 0x00240000 - 0x00243fff -rw- private (heap) 0x00340000 - 0x00345fff -rw- private 0x00350000 - 0x00352fff -rw- mapped 0x00360000 - 0x00375fff -r-- mapped 0x00380000 - 0x003bcfff -r-- mapped 0x003c0000 - 0x003c5fff -r-- mapped 0x003d0000 - 0x003d5fff -rw- private 0x003e0000 - 0x003e2fff -r-- mapped 0x003f0000 - 0x003f0fff -rwe private 0x00400000 - 0x00400fff -r-- image file: test_mem.exe (400000 - 408000) 0x00401000 - 0x00403fff -r-e image section: .text flags: r-x CODE 0x00404000 - 0x00404fff -rw- image section: .data flags: rw- DATA 0x00405000 - 0x00405fff -r-- image section: .rdata flags: r-- DATA 0x00406000 - 0x00407fff -rw- image section: .bss flags: rw- BSS 0x00410000 - 0x00450fff -r-- mapped 0x00460000 - 0x00460fff -rw- private (valloc) 0x77be0000 - 0x77be0fff -r-- image file: msvcrt.dll (77be0000 - 77c38000) 0x77be1000 - 0x77c2cfff -r-e image section: .text flags: r-x CODE 0x77c2d000 - 0x77c2efff -rw- image section: .data flags: rw- DATA 0x77c2f000 - 0x77c2ffff -rw- image section: .data flags: rw- DATA 0x77c30000 - 0x77c30fff -rw- image section: .data flags: rw- DATA 0x77c31000 - 0x77c33fff -rw- image section: .data flags: rw- DATA 0x77c34000 - 0x77c37fff -r-- image section: .rsrc flags: r-- DATA 0x7c800000 - 0x7c800fff -r-- image file: kernel32.dll (7c800000 - 7c906000) 0x7c801000 - 0x7c882fff -r-e image section: .text flags: r-x CODE 0x7c883000 - 0x7c885fff -rw- image section: .data flags: rw- DATA 0x7c886000 - 0x7c887fff -rw- image section: .data flags: rw- DATA 0x7c888000 - 0x7c905fff -r-- image section: .rsrc flags: r-- DATA 0x7c910000 - 0x7c910fff -r-- image file: ntdll.dll (7c910000 - 7c9c7000) 0x7c911000 - 0x7c98bfff -r-e image section: .text flags: r-x CODE 0x7c98c000 - 0x7c98efff -rw- image section: .data flags: rw- DATA 0x7c98f000 - 0x7c990fff -rw- image section: .data flags: rw- DATA 0x7c991000 - 0x7c9c6fff -r-- image section: .rsrc flags: r-- DATA 0x7f6f0000 - 0x7f6f6fff -r-e mapped 0x7ffb0000 - 0x7ffd3fff -r-- mapped 0x7ffdc000 - 0x7ffdcfff -rw- private 0x7ffdf000 - 0x7ffdffff -rw- private 0x7ffe0000 - 0x7ffe0fff -r-- private
run tests: execute on stack: succeeded execute on .rodata: succeeded execute on .data: succeeded execute on heap: succeeded execute on valloc: succeeded ----------------------------------------------- dump memory info: 0x00010000 - 0x00011fff -rw- private 0x00020000 - 0x00020fff -rw- private 0x00030000 - 0x00036fff -rw- private 0x0023c000 - 0x0023cfff grw- private 0x0023d000 - 0x0023ffff -rw- private (stack) 0x00240000 - 0x00242fff -r-- mapped 0x00250000 - 0x00259fff -rw- private (heap) 0x00350000 - 0x00355fff -rw- private 0x00360000 - 0x00362fff -rw- mapped 0x00370000 - 0x00385fff -r-- mapped 0x00390000 - 0x003ccfff -r-- mapped 0x003d0000 - 0x003d5fff -r-- mapped 0x003e0000 - 0x003e7fff -rw- private 0x003f0000 - 0x003f3fff -rw- private 0x00400000 - 0x00400fff -r-- image file: test_mem.exe (400000 - 408000) 0x00401000 - 0x00403fff -r-e image section: .text flags: r-x CODE 0x00404000 - 0x00404fff -rw- image section: .data flags: rw- DATA 0x00405000 - 0x00405fff -r-- image section: .rdata flags: r-- DATA 0x00406000 - 0x00407fff -rw- image section: .bss flags: rw- BSS 0x00410000 - 0x00450fff -r-- mapped 0x00460000 - 0x00461fff -r-e mapped 0x00520000 - 0x00521fff -r-e mapped 0x00530000 - 0x00530fff -rw- private 0x00540000 - 0x00540fff -rw- private 0x00550000 - 0x00551fff -r-- mapped 0x00560000 - 0x00563fff -rw- private 0x00570000 - 0x00571fff -r-- mapped 0x00580000 - 0x00580fff -rwe private 0x00590000 - 0x00592fff -r-- mapped 0x005a0000 - 0x005a2fff -rw- private 0x005e0000 - 0x006e2fff -r-- mapped 0x006f0000 - 0x0073cfff -r-e mapped 0x009f0000 - 0x009f0fff -rw- private 0x00a70000 - 0x00a70fff -rw- private (valloc) 0x5b0f0000 - 0x5b0f0fff -r-- image file: UxTheme.dll (5b0f0000 - 5b128000) 0x5b0f1000 - 0x5b120fff -r-e image section: .text flags: r-x CODE 0x5b121000 - 0x5b121fff -rw- image section: .data flags: rw- DATA 0x5b122000 - 0x5b127fff -r-- image section: .rsrc flags: r-- DATA 0x5cf00000 - 0x5cf00fff -r-- image file: ShimEng.dll (5cf00000 - 5cf26000) 0x5cf01000 - 0x5cf0efff -r-e image section: .text flags: r-x CODE 0x5cf0f000 - 0x5cf11fff -rw- image section: .data flags: rw- DATA 0x5cf12000 - 0x5cf21fff -rw- image section: .data flags: rw- DATA 0x5cf22000 - 0x5cf22fff -rw- image section: .data flags: rw- DATA 0x5cf23000 - 0x5cf25fff -r-- image section: .rsrc flags: r-- DATA 0x5d450000 - 0x5d450fff -r-- image file: comctl32.dll (5d450000 - 5d4e7000) 0x5d451000 - 0x5d4c0fff -r-e image section: .text flags: r-x CODE 0x5d4c1000 - 0x5d4c2fff -rw- image section: .data flags: rw- DATA 0x5d4c3000 - 0x5d4c3fff -rw- image section: .data flags: rw- DATA 0x5d4c4000 - 0x5d4e6fff -r-- image section: .rsrc flags: r-- DATA 0x6fd90000 - 0x6fd90fff -r-- image file: AcGenral.DLL (6fd90000 - 6ff5a000) 0x6fd91000 - 0x6fdc2fff -r-e image section: .text flags: r-x CODE 0x6fdc3000 - 0x6fdc3fff -rw- image section: .data flags: rw- DATA 0x6fdc4000 - 0x6fdc7fff -rw- image section: .data flags: rw- DATA 0x6fdc8000 - 0x6fdc8fff -rw- image section: .data flags: rw- DATA 0x6fdc9000 - 0x6fdc9fff -rw- image section: .data flags: rw- DATA 0x6fdca000 - 0x6fdcbfff -rw- image section: .data flags: rw- DATA 0x6fdcc000 - 0x6ff59fff -r-- image section: .rsrc flags: r-- DATA 0x76620000 - 0x76620fff -r-- image file: USERENV.dll (76620000 - 766d5000) 0x76621000 - 0x766bffff -r-e image section: .text flags: r-x CODE 0x766c0000 - 0x766c1fff -rw- image section: .data flags: rw- DATA 0x766c2000 - 0x766d4fff -r-- image section: .rsrc flags: r-- DATA 0x76af0000 - 0x76af0fff -r-- image file: WINMM.dll (76af0000 - 76b1e000) 0x76af1000 - 0x76b0ffff -r-e image section: .text flags: r-x CODE 0x76b10000 - 0x76b10fff -rw- image section: .data flags: rw- DATA 0x76b11000 - 0x76b11fff -rw- image section: .data flags: rw- DATA 0x76b12000 - 0x76b1dfff -r-- image section: .rsrc flags: r-- DATA 0x770f0000 - 0x770f0fff -r-- image file: OLEAUT32.dll (770f0000 - 7717c000) 0x770f1000 - 0x77171fff -r-e image section: .text flags: r-x CODE 0x77172000 - 0x77172fff -rw- image section: .data flags: rw- DATA 0x77173000 - 0x77174fff -rw- image section: .data flags: rw- DATA 0x77175000 - 0x7717bfff -r-- image section: .rsrc flags: r-- DATA 0x773a0000 - 0x773a0fff -r-- image file: comctl32.dll (773a0000 - 774a2000) 0x773a1000 - 0x77430fff -r-e image section: .text flags: r-x CODE 0x77431000 - 0x77431fff -rw- image section: .data flags: rw- DATA 0x77432000 - 0x774a1fff -r-- image section: .rsrc flags: r-- DATA 0x774b0000 - 0x774b0fff -r-- image file: ole32.dll (774b0000 - 775ed000) 0x774b1000 - 0x775d5fff -r-e image section: .text flags: r-x CODE 0x775d6000 - 0x775d6fff -rw- image section: .data flags: rw- DATA 0x775d7000 - 0x775dcfff -rw- image section: .data flags: rw- DATA 0x775dd000 - 0x775ecfff -r-- image section: .rsrc flags: r-- DATA 0x77bb0000 - 0x77bb0fff -r-- image file: MSACM32.dll (77bb0000 - 77bc5000) 0x77bb1000 - 0x77bc0fff -r-e image section: .text flags: r-x CODE 0x77bc1000 - 0x77bc1fff -rw- image section: .data flags: rw- DATA 0x77bc2000 - 0x77bc4fff -r-- image section: .rsrc flags: r-- DATA 0x77bd0000 - 0x77bd0fff -r-- image file: VERSION.dll (77bd0000 - 77bd8000) 0x77bd1000 - 0x77bd4fff -r-e image section: .text flags: r-x CODE 0x77bd5000 - 0x77bd5fff -rw- image section: .data flags: rw- DATA 0x77bd6000 - 0x77bd7fff -r-- image section: .rsrc flags: r-- DATA 0x77be0000 - 0x77be0fff -r-- image file: msvcrt.dll (77be0000 - 77c38000) 0x77be1000 - 0x77c2cfff -r-e image section: .text flags: r-x CODE 0x77c2d000 - 0x77c2efff -rw- image section: .data flags: rw- DATA 0x77c2f000 - 0x77c2ffff -rw- image section: .data flags: rw- DATA 0x77c30000 - 0x77c30fff -rw- image section: .data flags: rw- DATA 0x77c31000 - 0x77c33fff -rw- image section: .data flags: rw- DATA 0x77c34000 - 0x77c37fff -r-- image section: .rsrc flags: r-- DATA 0x77d10000 - 0x77d10fff -r-- image file: USER32.dll (77d10000 - 77da0000) 0x77d11000 - 0x77d6ffff -r-e image section: .text flags: r-x CODE 0x77d70000 - 0x77d70fff -rw- image section: .data flags: rw- DATA 0x77d71000 - 0x77d71fff -rw- image section: .data flags: rw- DATA 0x77d72000 - 0x77d9ffff -r-- image section: .rsrc flags: r-- DATA 0x77da0000 - 0x77da0fff -r-- image file: ADVAPI32.dll (77da0000 - 77e4a000) 0x77da1000 - 0x77e15fff -r-e image section: .text flags: r-x CODE 0x77e16000 - 0x77e16fff -rw- image section: .data flags: rw- DATA 0x77e17000 - 0x77e1afff -rw- image section: .data flags: rw- DATA 0x77e1b000 - 0x77e49fff -r-- image section: .rsrc flags: r-- DATA 0x77e50000 - 0x77e50fff -r-- image file: RPCRT4.dll (77e50000 - 77ee1000) 0x77e51000 - 0x77ed9fff -r-e image section: .text flags: r-x CODE 0x77eda000 - 0x77edafff -rw- image section: .data flags: rw- DATA 0x77edb000 - 0x77ee0fff -r-- image section: .rsrc flags: r-- DATA 0x77ef0000 - 0x77ef0fff -r-- image file: GDI32.dll (77ef0000 - 77f36000) 0x77ef1000 - 0x77f31fff -r-e image section: .text flags: r-x CODE 0x77f32000 - 0x77f32fff -rw- image section: .data flags: rw- DATA 0x77f33000 - 0x77f35fff -r-- image section: .rsrc flags: r-- DATA 0x77f40000 - 0x77f40fff -r-- image file: SHLWAPI.dll (77f40000 - 77fb6000) 0x77f41000 - 0x77facfff -r-e image section: .text flags: r-x CODE 0x77fad000 - 0x77fadfff -rw- image section: .data flags: rw- DATA 0x77fae000 - 0x77fb5fff -r-- image section: .rsrc flags: r-- DATA 0x7c800000 - 0x7c800fff -r-- image file: kernel32.dll (7c800000 - 7c906000) 0x7c801000 - 0x7c882fff -r-e image section: .text flags: r-x CODE 0x7c883000 - 0x7c885fff -rw- image section: .data flags: rw- DATA 0x7c886000 - 0x7c887fff -rw- image section: .data flags: rw- DATA 0x7c888000 - 0x7c905fff -r-- image section: .rsrc flags: r-- DATA 0x7c910000 - 0x7c910fff -r-- image file: ntdll.dll (7c910000 - 7c9c7000) 0x7c911000 - 0x7c98bfff -r-e image section: .text flags: r-x CODE 0x7c98c000 - 0x7c98efff -rw- image section: .data flags: rw- DATA 0x7c98f000 - 0x7c990fff -rw- image section: .data flags: rw- DATA 0x7c991000 - 0x7c9c6fff -r-- image section: .rsrc flags: r-- DATA 0x7c9d0000 - 0x7c9d0fff -r-- image file: SHELL32.dll (7c9d0000 - 7d1ee000) 0x7c9d1000 - 0x7cbcbfff -r-e image section: .text flags: r-x CODE 0x7cbcc000 - 0x7cbdbfff -rw- image section: .data flags: rw- DATA 0x7cbdc000 - 0x7cbe1fff -rw- image section: .data flags: rw- DATA 0x7cbe2000 - 0x7cbe8fff -rw- image section: .data flags: rw- DATA 0x7cbe9000 - 0x7d1edfff -r-- image section: .rsrc flags: r-- DATA 0x7f6f0000 - 0x7f6f6fff -r-e mapped 0x7ffb0000 - 0x7ffd3fff -r-- mapped 0x7ffdc000 - 0x7ffdcfff -rw- private 0x7ffdf000 - 0x7ffdffff -rw- private 0x7ffe0000 - 0x7ffe0fff -r-- private