Existing execute-only memory (XoM) protections face deployment challenges on stripped x86-64 binaries due to reliance on symbol information or compile-time modifications. This paper proposes PXoM, a runtime XoM enforcement mechanism that requires no compiler instrumentation and avoids embedded data relocations. Its core innovation is a fine-grained memory permission control scheme leveraging Intel Memory Protection Keys (MPK), enabling, for the first time, intra-page differentiation between instruction execution and legitimate data reads—thus overcoming conventional page-level isolation constraints. PXoM seamlessly supports stripped binaries without source or binary rewriting. Evaluation shows negligible runtime overhead (<0.5% on average across SPEC CPU2017 benchmarks), while security analysis demonstrates a drastic reduction in viable ROP gadget search space—up to three orders of magnitude in some cases—confirming its practicality for real-world deployment.

In this paper, we present PXoM, a practical technique to seamlessly retrofit XoM into stripped binaries on the x86-64 platform. As handling the mixture of code and data is a well-known challenge for XoM, most existing methods require the strict separation of code and data areas via either compile-time transformation or binary patching, so that the unreadable permission can be safely enforced at the granularity of memory pages. In contrast to previous approaches, we provide a fine-grained memory permission control mechanism to restrict the read permission of code while allowing legitimate data reads within code pages. This novelty enables PXoM to harden stripped binaries but without resorting to error-prone embedded data relocation. We leverage Intel's hardware feature, Memory Protection Keys, to offer an efficient fine-grained permission control. We measure PXoM's performance with both micro- and macro-benchmarks, and it only introduces negligible runtime overhead. Our security evaluation shows that PXoM leaves adversaries with little wiggle room to harvest all of the required gadgets, suggesting PXoM is practical for real-world deployment.