When i put the security feature w^x on the os (freebsd) i.e.
sysctl:
kern.elf64.nxstack=0,
so pages are write-able OR executable but not both, the ocaml compiler spits out errors.
Maybe this is normal & expected behavior, maybe it isn’t ?
Can someone enlighten ?
I don’t know about freebsd but openbsd has been w^x for sometime.
Ocaml I understand runs fine on it which leads me to believe that this could be something specific to freebsd and not intrinsic to the Ocaml compiler/runtime.
I vaguely know that @avsm is familiar with openbsd – perhaps he would be familiar with freebsd too?
A compiler has to be written in a certain way in order not to make use of pages with execute & write flag.
I think it’s not O.S. related as other compilers also not function with the security feature w^x enabled.
What I wanted to say is:
- AFAIK OCaml on openBSD works fine. OpenBSD has W^X by default. Given that OCaml works on it, this means that OCaml is capable of producing code that will work in a W^X situation
- It’s possible OCaml does not run on Freebsd with W^X enabled because some special compiler switches need to be used or OCaml compiler cannot deal with the specific FreeBSD implementation
- Its also possible that there is something wrong with FreeBSD assumptions of W^X implementation that violate OCaml’s W^X implementation. There might also be some OS settings you may need to tweak…
To be honest I don’t know much about this.
It might be a better idea to file a detailed bug report on github.com/ocaml/ocaml – the OCaml maintainers are quite responsive and you will have definitive answer soon. Please give as many details as possible when filing your ticket…
1 Like
OP created an upstream issue, it seems to be a matter of fixing the build configuration.
1 Like