RFR: 8253795: Implementation of JEP 391: macOS/AArch64 Port [v9]
Vladimir Kempik
vkempik at openjdk.java.net
Thu Feb 4 14:43:51 UTC 2021
On Thu, 4 Feb 2021 14:27:53 GMT, Andrew Haley <aph at openjdk.org> wrote:
> > > You read my mind, Andrew. Unless, of course, it's optimized to leverage the fact that it's thread-specific..
> >
> >
> > it's thread-specific
> > https://developer.apple.com/documentation/apple_silicon/porting_just-in-time_compilers_to_apple_silicon
> > > Because pthread_jit_write_protect_np changes only the current thread’s permissions, avoid accessing the same memory region from multiple threads. Giving multiple threads access to the same memory region opens up a potential attack vector, in which one thread has write access and another has executable access to the same region.
>
> Umm, so how does patching work? We don't even know if other threads are executing the code we need to patch.
I thought java can handle that scenario in usual (non W^X systems) just fine, so we just believe jvm did everything right and it's safe to rewrite some code at specific moment.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2200
More information about the security-dev
mailing list