| #
09bb7d6a |
| 06-Dec-2024 |
riastradh <riastradh@NetBSD.org> |
sys/kern/kern_exec.c, exec_*.c: Nix trailing whitespace.
No functional change intended.
|
| #
b5090f27 |
| 06-Dec-2024 |
riastradh <riastradh@NetBSD.org> |
sys/kern/kern_exec.c, exec_*.c: Sprinkle SET_ERROR dtrace probes.
PR kern/58378: Kernel error code origination lacks dtrace probes
|
| #
f47e8594 |
| 06-Dec-2024 |
riastradh <riastradh@NetBSD.org> |
sys/kern/kern_exec.c, exec_*.c: Sort includes.
No functional change intended.
|
| #
82de273b |
| 21-Nov-2023 |
riastradh <riastradh@NetBSD.org> |
pax(9): Rework header file more coherently to nix some needless #ifs.
Cleans up some of the fallout from PR kern/57711 fixes.
Could do a little more to nix PAX_SEGVGUARD conditionals but maybe
not
pax(9): Rework header file more coherently to nix some needless #ifs.
Cleans up some of the fallout from PR kern/57711 fixes.
Could do a little more to nix PAX_SEGVGUARD conditionals but maybe
not worth it.
show more ...
|
| #
0d92cf4b |
| 21-Nov-2023 |
martin <martin@NetBSD.org> |
Stopgap build fix for kernels w/o PAX_MPROTECT after the fixes
for PR 57711: mark variable as unused (sometimes, e.g. in macppc kernels).
|
| #
bf53af40 |
| 21-Nov-2023 |
riastradh <riastradh@NetBSD.org> |
exec: Map noaccess part of stack with prot=NONE, maxprot=READ|WRITE.
This way, setrlimit(RLIMT_STACK) can grant READ|WRITE access when
increasing the stack size.
PR kern/57711
XXX pullup-10
XXX pu
exec: Map noaccess part of stack with prot=NONE, maxprot=READ|WRITE.
This way, setrlimit(RLIMT_STACK) can grant READ|WRITE access when
increasing the stack size.
PR kern/57711
XXX pullup-10
XXX pullup-9
XXX pullup-8
show more ...
|
| #
0dec6ba3 |
| 09-Apr-2023 |
riastradh <riastradh@NetBSD.org> |
kern: KASSERT(A && B) -> KASSERT(A); KASSERT(B)
|
| #
23bf8800 |
| 13-Apr-2020 |
ad <ad@NetBSD.org> |
Replace most uses of vp->v_usecount with a call to vrefcnt(vp), a function
that hides the details and does atomic_load_relaxed(). Signature matches
FreeBSD.
|
| #
f1ecb271 |
| 12-Jan-2020 |
ad <ad@NetBSD.org> |
Tidy up the vnode locking around execve() on ELF images to acquire and
release the locks fewer times. Proposed on tech-kern a very long time go.
|
| #
5f391f4a |
| 02-Jul-2017 |
joerg <joerg@NetBSD.org> |
Export the guard size of the main thread via vm.guard_size. Add a
complementary writable sysctl for the initial guard size of threads
created via pthread_create. Let the existing attribut accessors d
Export the guard size of the main thread via vm.guard_size. Add a
complementary writable sysctl for the initial guard size of threads
created via pthread_create. Let the existing attribut accessors do the
right thing. Raise the default guard size for threads to 64KB.
show more ...
|
| #
b77121f1 |
| 23-Jun-2017 |
joerg <joerg@NetBSD.org> |
Recommit exec_subr.c revision 1.79:
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all bin
Recommit exec_subr.c revision 1.79:
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-1000374 and CVE-2017-1000375 from
Qualys.
Additionally, change VM_DEFAULT_ADDRESS_TOPDOWN to include
user_stack_guard_size in the size reservation.
show more ...
|
| #
2e851f55 |
| 19-Jun-2017 |
joerg <joerg@NetBSD.org> |
Revert for the moment, creates problems on i386.
|
| #
5bcc4a51 |
| 19-Jun-2017 |
joerg <joerg@NetBSD.org> |
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-100
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-1000374 and CVE-2017-1000375 from
Qualys.
show more ...
|
| #
1e7fb326 |
| 07-May-2017 |
christos <christos@NetBSD.org> |
de-triplicate.
|
| #
4f77b889 |
| 06-May-2017 |
joerg <joerg@NetBSD.org> |
Extend the mmap(2) interface to allow requesting protections for later
use with mprotect(2), but without enabling them immediately.
Extend the mremap(2) interface to allow duplicating mappings, i.e.
Extend the mmap(2) interface to allow requesting protections for later
use with mprotect(2), but without enabling them immediately.
Extend the mremap(2) interface to allow duplicating mappings, i.e.
create a second range of virtual addresses references the same physical
pages. Duplicated mappings can have different effective protections.
Adjust PAX mprotect logic to disallow effective protections of W&X, but
allow one mapping W and another X protections. This obsoletes using
temporary files for purposes like JIT.
Adjust PAX logic for mmap(2) and mprotect(2) to fail if W&X is requested
and not silently drop the X protection.
Improve test cases to ensure correct operation of the changed
interfaces.
show more ...
|
| #
b039ee77 |
| 22-May-2016 |
christos <christos@NetBSD.org> |
reduce #ifdef mess caused by PaX
|
| #
f305e57d |
| 13-May-2016 |
christos <christos@NetBSD.org> |
- make pax aslr stack eat up to 1/8 of the max stack space insted of 1/4
and reduce the length of the randomization bits since this is unused.
- call the pax aslr stack function sooner so we don't
- make pax aslr stack eat up to 1/8 of the max stack space insted of 1/4
and reduce the length of the randomization bits since this is unused.
- call the pax aslr stack function sooner so we don't need to re-adjust the
stack size.
- adjust the stack max resource limit to account for the maximum space that
can be lost by aslr
- tidy up debugging printfs
show more ...
|
| #
57b625b6 |
| 07-Apr-2016 |
christos <christos@NetBSD.org> |
remove more ifdefs
|
| #
03c12592 |
| 07-Apr-2016 |
christos <christos@NetBSD.org> |
Add PAX_MPROTECT_DEBUG
|
| #
9ed59591 |
| 26-Sep-2015 |
maxv <maxv@NetBSD.org> |
Revamp the way processes are PaX'ed in the kernel. Sent on tech-kern@ two
months ago, but no one reviewed it - probably because it's not a trivial
change.
This change fixes the following bug: when l
Revamp the way processes are PaX'ed in the kernel. Sent on tech-kern@ two
months ago, but no one reviewed it - probably because it's not a trivial
change.
This change fixes the following bug: when loading a PaX'ed binary, the
kernel updates the PaX flag of the calling process before it makes sure
the new process is actually launched. If the kernel fails to launch the
new process, it does not restore the PaX flag of the calling process,
leaving it in an inconsistent state.
Actually, simply restoring it would be horrible as well, since in the
meantime another thread may have used the flag.
The solution is therefore: modify all the functions used by PaX so that
they take as argument the exec package instead of the lwp, and set the PaX
flag in the process *right before* launching the new process - it cannot
fail in the meantime.
show more ...
|
| #
687880ac |
| 29-Mar-2014 |
maxv <maxv@NetBSD.org> |
Style
|
| #
a154f93a |
| 08-Aug-2011 |
enami <enami@NetBSD.org> |
Bounds process's stack size with max_stack_size so that 32bit
binary works regardless of stack size limit setting.
|
| #
65bd0920 |
| 23-Jun-2011 |
matt <matt@NetBSD.org> |
Allow PAX_ASLR to be used by itself.
|
| #
72233ad7 |
| 04-Mar-2011 |
christos <christos@NetBSD.org> |
PR/44673: Arna Clauson: Latest MAXSSIZ bump broke netbsd32 emulation on amd64.
- Use MAXSSIZ32 instead of MAXSSIZ for 32 bit binaries
- Default MAXXSIZ32 to a quarter of MAXSSIZ (good enough?)
- Add
PR/44673: Arna Clauson: Latest MAXSSIZ bump broke netbsd32 emulation on amd64.
- Use MAXSSIZ32 instead of MAXSSIZ for 32 bit binaries
- Default MAXXSIZ32 to a quarter of MAXSSIZ (good enough?)
- Add debugging
XXX: Note that:
- sparc32 MAXSSIZ is larger than sparc64 MAXSSIZ
- sparc64 MAXSSIZ32 != sparc32 MAXSSIZ
show more ...
|
| #
9d567f00 |
| 17-Jan-2011 |
uebayasi <uebayasi@NetBSD.org> |
Include internal definitions (uvm/uvm.h) only where necessary.
|