Date: Sun, 31 Oct 2010 23:04:15 +0000 (UTC) From: Nathan Whitehorn <nwhitehorn@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r214610 - head/sys/powerpc/aim Message-ID: <201010312304.o9VN4Fxg011479@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: nwhitehorn Date: Sun Oct 31 23:04:15 2010 New Revision: 214610 URL: http://svn.freebsd.org/changeset/base/214610 Log: Add a security nit to recent copyin/out changes: map the user segment no-execute in case of exploitable kernel bugs. MFC after: 1 week Modified: head/sys/powerpc/aim/copyinout.c Modified: head/sys/powerpc/aim/copyinout.c ============================================================================== --- head/sys/powerpc/aim/copyinout.c Sun Oct 31 23:03:11 2010 (r214609) +++ head/sys/powerpc/aim/copyinout.c Sun Oct 31 23:04:15 2010 (r214610) @@ -95,6 +95,9 @@ set_user_sr(pmap_t pm, const void *addr) slbv = slb->slbv; } + /* Mark segment no-execute */ + slbv |= SLBV_N; + /* If we have already set this VSID, we can just return */ if (curthread->td_pcb->pcb_cpu.aim.usr_vsid == slbv) return; @@ -117,6 +120,9 @@ set_user_sr(pmap_t pm, const void *addr) if (curthread->td_pcb->pcb_cpu.aim.usr_vsid == vsid) return; + /* Mark segment no-execute */ + vsid |= SR_N; + __asm __volatile("isync"); curthread->td_pcb->pcb_cpu.aim.usr_vsid = vsid; __asm __volatile("mtsr %0,%1; isync" :: "n"(USER_SR), "r"(vsid));
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201010312304.o9VN4Fxg011479>