Date: Tue, 18 Oct 2011 11:16:20 -0400 From: Arnaud Lacombe <lacombar@gmail.com> To: Kostik Belousov <kostikbel@gmail.com> Cc: current@freebsd.org, Oliver Pinter <oliver.pntr@gmail.com> Subject: Re: [RFC] Enable nxstack by default Message-ID: <CACqU3MWftO=FG4GbnKCFjTcKg1narJWuYnCwv-Mcu=WGriScwA@mail.gmail.com> In-Reply-To: <20111018090750.GG50300@deviant.kiev.zoral.com.ua> References: <CAPjTQNFCT5LBKwVQFf9FHk4aTzrJ243j2uN1nPmMeFp=cTdMUA@mail.gmail.com> <20111018090750.GG50300@deviant.kiev.zoral.com.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
On Tue, Oct 18, 2011 at 5:07 AM, Kostik Belousov <kostikbel@gmail.com> wrot=
e:
> On Mon, Oct 17, 2011 at 09:30:56PM +0200, Oliver Pinter wrote:
>> Hi all!
>>
>> I think, it's the time to enable the nxstack feature. Any comments,
>> pros, cons?
>
> I dragged the change long enough for it to miss the 9.0.
> After the 9.0 is released, I will flip the switch with the following
> change.
>
> diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c
> index 8455f48..926fe64 100644
> --- a/sys/kern/imgact_elf.c
> +++ b/sys/kern/imgact_elf.c
> @@ -118,7 +118,12 @@ static int elf_legacy_coredump =3D 0;
> =A0SYSCTL_INT(_debug, OID_AUTO, __elfN(legacy_coredump), CTLFLAG_RW,
> =A0 =A0 &elf_legacy_coredump, 0, "");
>
> -static int __elfN(nxstack) =3D 0;
> +int __elfN(nxstack) =3D
> +#if defined(__amd64__) || defined(__powerpc64__) /* both 64 and 32 bit *=
/
>
Why leaving 32bits x86 CPU supporting the NX feature behind ?
- Arnaud
> + =A0 =A0 =A0 1;
> +#else
> + =A0 =A0 =A0 0;
> +#endif
> =A0SYSCTL_INT(__CONCAT(_kern_elf, __ELF_WORD_SIZE), OID_AUTO,
> =A0 =A0 nxstack, CTLFLAG_RW, &__elfN(nxstack), 0,
> =A0 =A0 __XSTRING(__CONCAT(ELF, __ELF_WORD_SIZE)) ": enable non-executabl=
e stack");
> diff --git a/sys/powerpc/aim/mmu_oea64.c b/sys/powerpc/aim/mmu_oea64.c
> index 7500462..0e27351 100644
> --- a/sys/powerpc/aim/mmu_oea64.c
> +++ b/sys/powerpc/aim/mmu_oea64.c
> @@ -1445,6 +1445,8 @@ moea64_uma_page_alloc(uma_zone_t zone, int bytes, u=
_int8_t *flags, int wait)
> =A0 =A0 =A0 =A0return (void *)va;
> =A0}
>
> +extern int elf32_nxstack;
> +
> =A0void
> =A0moea64_init(mmu_t mmu)
> =A0{
> @@ -1464,6 +1466,8 @@ moea64_init(mmu_t mmu)
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0uma_zone_set_allocf(moea64_mpvo_zone,moea6=
4_uma_page_alloc);
> =A0 =A0 =A0 =A0}
>
> + =A0 =A0 =A0 elf32_nxstack =3D 1;
> +
> =A0 =A0 =A0 =A0moea64_initialized =3D TRUE;
> =A0}
>
> diff --git a/sys/powerpc/booke/machdep.c b/sys/powerpc/booke/machdep.c
> index c2b5e6f..82a37e1 100644
> --- a/sys/powerpc/booke/machdep.c
> +++ b/sys/powerpc/booke/machdep.c
> @@ -192,6 +192,8 @@ void print_kernel_section_addr(void);
> =A0void print_kenv(void);
> =A0u_int booke_init(uint32_t, uint32_t);
>
> +extern int elf32_nxstack;
> +
> =A0static void
> =A0cpu_e500_startup(void *dummy)
> =A0{
> @@ -227,6 +229,9 @@ cpu_e500_startup(void *dummy)
> =A0 =A0 =A0 =A0/* Set up buffers, so they can be used to read disk labels=
. */
> =A0 =A0 =A0 =A0bufinit();
> =A0 =A0 =A0 =A0vm_pager_bufferinit();
> +
> + =A0 =A0 =A0 /* Cpu supports execution permissions on the pages. */
> + =A0 =A0 =A0 elf32_nxstack =3D 1;
> =A0}
>
> =A0static char *
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACqU3MWftO=FG4GbnKCFjTcKg1narJWuYnCwv-Mcu=WGriScwA>