Content deleted Content added
Guy Harris (talk | contribs) That's not an example of a place where self-modified code is used, it's an implementation issue with self-modified code. |
Guy Harris (talk | contribs) And that's a security issue with allowing code modification, and an example of OS mechanisms to allow it to be less insecure, not an example of how code modification is used in operating systems. |
||
Line 151:
===Operating systems===
The [[Linux kernel]] notably makes wide use of self-modifying code; it does so to be able to distribute a single binary image for each major architecture (e.g. x86, x86-64, ARM...) while adapting the kernel code in memory during boot depending on the specific CPU model detected, e.g. to be able to take advantage of new CPU instructions or to work around hardware bugs.<ref name="linux_self_modifying_Paltsev">{{cite web |last1=Paltsev |first1=Evgeniy |title=Self Modifying Code in Linux Kernel - What, Where and How |url=https://talk.telematika.org/2019/all/self_modifying_code_in_linux_kernel_-_what_where_and_how/ |access-date=27 November 2022}}</ref><ref name="linux_self_modifying_altinstructions">{{cite web |last1=Wieczorkiewicz |first1=Pawel |title=Linux Kernel Alternatives |url=https://grsecurity.net/linux_kernel_alternatives |access-date=27 November 2022}}</ref>
Because of the security implications of self-modifying code, all of the major [[operating system]]s are careful to remove such vulnerabilities as they become known. The concern is typically not that programs will intentionally modify themselves, but that they could be maliciously changed by an [[exploit (computer security)|exploit]].▼
One mechanism for preventing malicious code modification is an operating system feature called [[W^X]] (for "write [[xor]] execute"). This mechanism prohibits a program from making any page of memory both writable and executable. Some systems prevent a writable page from ever being changed to be executable, even if write permission is removed.{{citation needed|date=May 2022}} Other systems provide a '[[backdoor (computing)|back door]]' of sorts, allowing multiple mappings of a page of memory to have different permissions. A relatively portable way to bypass W^X is to create a file with all permissions, then map the file into memory twice. On Linux, one may use an undocumented SysV shared memory flag to get executable shared memory without needing to create a file.{{Citation needed|date=August 2018}}▼
Regardless, at a [[meta-level]], programs can still modify their own behavior by changing data stored elsewhere (see [[metaprogramming]]) or via use of [[type polymorphism|polymorphism]].
Line 173 ⟶ 169:
Most modern processors load the machine code before they execute it, which means that if an instruction that is too near the [[instruction pointer]] is modified, the processor will not notice, but instead execute the code as it was ''before'' it was modified. See [[prefetch input queue]] (PIQ). PC processors must handle self-modifying code correctly for backwards compatibility reasons but they are far from efficient at doing so.{{Citation needed|date=March 2008}}
==Security issues==
▲Because of the security implications of self-modifying code, all of the major [[operating system]]s are careful to remove such vulnerabilities as they become known. The concern is typically not that programs will intentionally modify themselves, but that they could be maliciously changed by an [[exploit (computer security)|exploit]].
▲One mechanism for preventing malicious code modification is an operating system feature called [[W^X]] (for "write [[xor]] execute"). This mechanism prohibits a program from making any page of memory both writable and executable. Some systems prevent a writable page from ever being changed to be executable, even if write permission is removed.{{citation needed|date=May 2022}} Other systems provide a '[[backdoor (computing)|back door]]' of sorts, allowing multiple mappings of a page of memory to have different permissions. A relatively portable way to bypass W^X is to create a file with all permissions, then map the file into memory twice. On Linux, one may use an undocumented SysV shared memory flag to get executable shared memory without needing to create a file.{{Citation needed|date=August 2018}}
==Advantages==
| |||