The stub occupies the same region that execve() would create
for the original progam. The stub copies everything to a new area,
erases the original region, replaces it with the de-compressed
program, and erases the copy of itself via the escape hatch.
The copy is inexpensive via mmap() of /proc/self/exe.
modified: stub/src/i386-linux.elf-entry.S
modified: stub/src/i386-linux.elf-fold.S
modified: stub/src/i386-linux.elf-main.c
modified: p_lx_elf.cpp
modified: p_lx_elf.h
modified: p_lx_interp.cpp
modified: p_lx_interp.h
modified: p_lx_sh.cpp
modified: p_lx_sh.h
modified: p_mach.cpp
modified: p_mach.h
modified: p_unix.cpp
modified: p_unix.h
modified: p_vmlinx.cpp
plus .h, .map, .dump
into class PackLinuxElf32x86 : public PackLinuxElf32Le : public PackLinuxElf32
which makes the code for compressing ELF (for direct-to-memory decompression)
cleaner because ELF has some of the class tree to itself.
This assumes PROT_EXEC|PROT_WRITE ought to work.
This is checked at runtime, and if it fails then
give a message on stderr and exit(127).
Modify --force-execve so that runtime avoids PROT_EXEC|PROT_WRITE.
Then executables compressed with --force-execve will run under
PaX, grSecurity, and strict SELinux.
