All geek questions in one place

Ada executable code on the stack

I just watched a conversation about safety concerns for rail systems from last year 32C3 . At minute 25, the speaker briefly talks about Hell. In particular, he says:

Typical Ada implementations have a mechanism called "(tramp / trunk /?). And this means that it will execute code on the stack, which is not very suitable for C programs. And [...] if you want to link Ada code with the C library, one of the security mechanisms will not work.

Here is the (YouTube) link to the relevant part of the conversation. This is a slide in the background. As you can see, I'm not sure of one of the words. Perhaps these are trampolines ?

Now my stupid question is : is there any truth in this statement? If so, can anyone explain this mysterious feature of the Ada language and the security mechanism that it seems to influence?

Until now, I have always believed that code lives in a code segment (in other words, “text”), while data (including the stack) is placed in a data segment in another memory location (as shown in this figure ). And reading about memory management in Ada suggests that there shouldn't be much more.

Although there are ways to get around this layout (see, for example, this question C on the stack "and this C on the heap ", I believe that modern OSs usually prevent such attempts by protecting the executable space if the stack explicitly made the executable . - However, for embedded systems, this can be a problem if the code is not stored in ROM (can anyone clarify?).

+4
source share
3 answers

They are called "trampolines." Here is my understanding of what they are intended for, although I am not a GNAT expert, so some of my concepts may be wrong.

: Ada ( C) . , . :

procedure Outer is
    Some_Variable : Integer;

    procedure Inner is
    begin
        ...
        Some_Variable := Some_Variable + 1;
        ...

, , Inner Outer , Some_Variable, Outer Inner, Outer , Inner. - Inner, " ", Outer . Inner Some_Variable.

, Inner'Access, access procedure. Inner access procedure. prodcedure. 'Access, ​​ Outer - Outer, - , Outer . GNAT Ada 'Unrestricted_Access, , Outer , Inner. , , , , .

, , Inner'Access Inner, Inner . , , ?

(Irvine Compiler , , ) , - ( access procedure " ", ). ( ). [ Irvine Compiler , , .] , , C ( Ada, C, gtk). C , , .

GNAT , , , . , Inner'Unrestricted_Access', ( "" ) . Inner ( ). , , . , C , , Inner.

, .

: GNAT . , , - GNAT. [ .] , , , , , , . , , Windows , , , .

+8

2003 Ada (D. Wheeler, SigAda 2003) 7: ()

Ada ?
...
Ada ( "", , ).

(C) , , .

(: , , )

gcc-:
[Ada] 2007 , Gnat DEP ( ), .

, , , "" Ada ( ) , , , Gnat 2007 , , .

: , , , , Gnat.

...

: , - Gnat, .

+4

FSF GCC 5 . , ; , ’Access ’Unrestricted_Access .

, ,

pragma Restrictions (No_Implicit_Dynamic_Code);

( , . PR 67205). .

, gnat.adc. gnatmake, -gnatec=foo.adc. gprbuild gnat.adc; package Builder ,

package Builder is
   for Global_Configuration_Pragmas use "foo.adc";
end Builder;

Violations result in compilation errors, for example

$ gprbuild -P trampoline tramp
gcc -c tramp.adb
tramp.adb:26:12: violation of restriction "No_Implicit_Dynamic_Code" at /Users/simon/cortex-gnat-rts/test-arduino-due/gnat.adc:1
+2
source

Source: https://habr.com/ru/post/1625748/

More articles:


All Articles