[Vm-dev] Cog will require changes to JIT on the next version of Mac
Tobias Pape
Das.Linux at gmx.de
Wed Aug 14 06:22:21 UTC 2019
Hi
> On 14.08.2019, at 04:29, Ryan Macnak <rmacnak at gmail.com> wrote:
>
> Cog will need to be signed with the JIT entitlement and to pass MAP_JIT when it allocates executable memory.
>
> https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_security_cs_allow-jit
Interesting.
It seems the ideas of OpenBSD W^X finally reached Mac OS X [1], but in a different way.
Other JITs handle that by
* mmap-ing the to-be-written code region R/W
* jitting to that region
* when done mprotect to remove the w and add the x
Example: Firefox [2].
I have no idea why Apple came up with MAP_JIT. If we used the above,
maybe we don't need to be singend to at least run…
Best regards
-Tobias
[1]: https://en.wikipedia.org/wiki/W%5EX , https://www.openbsd.org/33.html
[2]: https://jandemooij.nl/blog/2015/12/29/wx-jit-code-enabled-in-firefox/
More information about the Vm-dev
mailing list