Comment by fwsgonzo
5 years ago
I would use this in a heartbeat if you make execute-only a first-class feature. That means segments with E only, no reading.
My experience with every linker so far is that to have XO I will need to specify the memory layout in a linker script manually. It's not as nice as simple linker argument, if that is possible.
By execute-only segment, you mean a segment which is not readable but executable, right?
If so, that's a relatively new CPU security feature. I think some ARM processors support it, but AFAIK x86 doesn't support it at the moment. On x86, if you make a page executable, it automatically makes the page readable. R and X bits are not separated in the page table. I bet Intel and AMD will ad NR bit (no read bit - analogous to NX bit) soon, though.
Intel slide deck here: https://linuxplumbersconf.org/event/4/contributions/283/atta...
If they really support it, I didn't pay too close attention, but at least it's on their mind.
Ooh, I didn't know that x86 had such feature. But is this virtualization only?