Theo De Raadt akukonzekera kulimbikitsa njira yotetezera kukumbukira ya W^X (Lembani XOR Execute). Chofunikira cha makinawa ndikuti masamba amakumbukidwe sangathe kupezeka nthawi imodzi kuti alembe ndi kuphedwa. Choncho, code ikhoza kuchitidwa pokhapokha kulembedwa kwatsekedwa, ndipo kulembera ku tsamba la kukumbukira n'kotheka pokhapokha kuphedwa kwaletsedwa. Dongosolo la W^X limathandizira kuteteza malo ogwiritsira ntchito ogwiritsa ntchito kuti asawonongedwe pafupipafupi, kuphatikiza kusefukira kwa stack, ndipo imagwira ntchito mu OpenBSD. .
Kuyambira pachiyambi cha ntchito pa W ^ X, zinali zoonekeratu kuti iyi inali msewu wautali, popeza panali ntchito zambiri zogwiritsira ntchito JIT. Kukhazikitsa kwa JIT kungagawidwe m'magulu atatu:
- Kusintha kukumbukira pakati pa W ndi X, kuvomereza "mtengo" wa foni yamakono .
- Kupanga ma aliase pakati pa awiri a W ndi X ma mapu a kukumbukira komweko.
- Njira "yonyansa" kwambiri imafuna mtundu wa kukumbukira wa W | X womwe umalola kujambula ndi kuphedwa nthawi imodzi.
Pakalipano, pali mapulogalamu ochepa kwambiri omwe amagwiritsa ntchito njira yachitatu ndikugwiritsanso ntchito yoyamba ndi yachiwiri. Komabe, popeza kunali kofunikira kuyendetsa mapulogalamu ndi W | X JIT (makamaka Chromium ndi Iridum), njira ya "wxallowed" yowonjezera mafayilo inawonjezeredwa, yomwe inalola kukumbukira kugwiritsidwa ntchito nthawi imodzi polemba ndi kupha, ngati ELF yotheka Fayilo imalembedwa ndi chikhomo cha "wxneeded", ndipo mapulogalamu omwewo adatetezedwanso pogwiritsa ntchito njira. ΠΈ kuchepetsa mndandanda wama foni omwe amagwiritsidwa ntchito ndi magawo a mafayilo omwe amapezeka pakugwiritsa ntchito, motsatana.
Pofuna kusokoneza kugwiritsa ntchito ziwopsezo m'mapulogalamu otere, kuwonjezera pa makinawo akufunsidwa. , yomwe imayang'ana ngati kuyimba foni ikuchitidwa kuchokera patsamba lolemba lolemba. Ngati tsambalo likulembedwa, ndondomekoyo imakakamizika kuthetsa. Mwanjira iyi, wowukira sangathe kugwiritsa ntchito mafoni amtundu uliwonse ndipo adzakakamizika kuyesa kupeza zida zofunikira pakukhazikitsa kwa JIT kapena kuchita ntchito yovuta kwambiri yozindikira ma call stubs mkati. .
Njira za Chrome/Iridium zatetezedwa kale pogwiritsa ntchito chikole ndi kuwulula, koma kuchotsa kuthekera kogwiritsa ntchito, mwachitsanzo, kuyimba (2) dongosolo mwachiwonekere kuli ndi mwayi, chifukwa kumabweretsa zovuta zina kwa wowukirayo. Komabe, zovuta zimathanso kubwera ngati kukhazikitsa kwa JIT kumagwiritsa ntchito mafoni amtundu wa W | X kukumbukira. Komabe, pali chifukwa choyembekezera kuti izi sizidzakhala choncho, popeza ABI yasinthidwa kangapo, koma palibe amene adanenapo za mavuto.
Zosinthazo zilipo kale pazithunzi zokhazikika za nthambi ya OpenBSD-Current, aliyense wokonda akuitanidwa kuti ayese.
Nkhani zokhudzana ndi maonekedwe a mawonekedwe mu Chrome / Iridium akuyenera ndemanga yosiyana ndi Theo . Kuchokera kumalingaliro ake, izi ndizovomerezeka kwa zitsanzo zina zogwiritsira ntchito, koma mwina osati kwa onse, chifukwa njirayi mwachiwonekere idzawonjezera katundu pa purosesa. Pakadali pano, Chrome idzagwira ntchito makamaka ngati muyimitsa "wxallowed" pa /usr/local, ngakhale pangakhale zovuta ndi zowonjezera zina (ghostery ndi chitsanzo). Njira imodzi kapena imzake, Theo akuyembekeza kuti ntchito yokhazikika mu JITless mode idzabweretsedwa bwino posachedwapa.
Source: opennet.ru