Date: Mon, 13 Apr 2015 15:17:04 +0200 (CEST) From: Wojciech Puchar <wojtek@puchar.net> To: Oliver Pinter <oliver.pinter@hardenedbsd.org> Cc: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org> Subject: Re: another question - VM mappings Message-ID: <alpine.BSF.2.20.1504131516570.5550@laptop.wojtek.intra> In-Reply-To: <CAPQ4ffurO0yrmSUKH911sQQau57mi1SU2UfBUt_Pr7VmCqt7ww@mail.gmail.com> References: <alpine.BSF.2.20.1504130928460.921@laptop.wojtek.intra> <CAPQ4ffurO0yrmSUKH911sQQau57mi1SU2UfBUt_Pr7VmCqt7ww@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
thanks! On Mon, 13 Apr 2015, Oliver Pinter wrote: > Under amd64 exists an so called shared-page - similar to linux's vdso > mechanism - https://github.com/freebsd/freebsd/blob/master/sys/kern/kern_exec.c#L1045 > . > > This page is double mapped with user-space and with kernel. From > security reason it's only RO, otherwise, when mapped with RW or RWX, > then you could write kernel memory from user-space. > > On Mon, Apr 13, 2015 at 9:31 AM, Wojciech Puchar <wojtek@puchar.net> wrote: >> below is mapping for very simple process (no libc etc) >> >> [wojtek@laptop ~]$ procstat -v 917 >> PID START END PRT RES PRES REF SHD FL TP >> PATH >> 917 0x400000 0x401000 r-x 1 0 1 0 CN-- vn >> /home/wojtek/test/1 >> 917 0x600000 0x601000 rw- 1 0 1 0 ---- df >> 917 0x7ffffffdf000 0x7ffffffff000 rw- 1 0 1 0 ---D df >> 917 0x7ffffffff000 0x800000000000 r-x 0 0 39 0 ---- ph >> >> >> what is "ph" mapping and why read&executable? > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.20.1504131516570.5550>