"Michael Karcher" wine@mkarcher.dialup.fu-berlin.de wrote:
The meaning of "enable" is the same in Windows and Wine: it enables the execute permission, not the data execution prevention. This patch precedes the test as the inverted logic would make the test case fail in interesting ways. There is no sense in first adding a lot of (partly conditional) todo_wines to the test just to make this fix come later.
JFYI, I based my original patch on the information at http://www.uninformed.org/?v=2&a=4 (To enable NX support, the MEM_EXECUTE_OPTION_DISABLE flag (0x1) is specified. To disable NX support, the MEM_EXECUTE_OPTION_ENABLE flag (0x2) is specified) and Chromium sources: http://src.chromium.org/viewvc/chrome/trunk/src/sandbox/src/dep.cc
Am Montag, den 27.07.2009, 13:24 +0900 schrieb Dmitry Timoshkov:
"Michael Karcher" wine@mkarcher.dialup.fu-berlin.de wrote:
The meaning of "enable" is the same in Windows and Wine: it enables the execute permission, not the data execution prevention.
JFYI, I based my original patch on the information at http://www.uninformed.org/?v=2&a=4 (To enable NX support, the MEM_EXECUTE_OPTION_DISABLE flag (0x1) is specified. To disable NX support, the MEM_EXECUTE_OPTION_ENABLE flag (0x2) is specified) and Chromium sources: http://src.chromium.org/viewvc/chrome/trunk/src/sandbox/src/dep.cc
The information you used is right. MEM_EXECUTE_OPTION_ENABLE disables NX support. But the parameter to the function VIRTUAL_SetForceExec does not tell whether to enable NX, but whether to enable execution permission on data pages. So to disable NX (i.e. MEM_EXECUTE_OPTION_ENABLE), execute permission on data pages must be forced, so SetForceExec must be called with TRUE.
Thanks for review, Michael Karcher
-
Dmitry Timoshkov -
Michael Karcher