Date: Sun, 27 Sep 2009 17:02:34 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: freebsd-current@freebsd.org Subject: mmap zero mapping disallowed (Re: svn commit: r197537 - head/sys/vm]) Message-ID: <20090927150233.GH1495@arthur.nitro.dk>
next in thread | raw e-mail | index | archive | help
Hey, As mentioned in the commit message FreeBSD 9 / head now does not allow mmap'ing at zero by default, and this may break some apps. If anyone encounters applications which break because of this change, please let report it so we can see if it can be fixed. It might not be possible to fix some applications, but we at least would know which applications might need a special note in the documentation. ----- Forwarded message from "Simon L. Nielsen" <simon@FreeBSD.org> ----- Date: Sun, 27 Sep 2009 14:49:51 +0000 (UTC) From: "Simon L. Nielsen" <simon@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r197537 - head/sys/vm Author: simon Date: Sun Sep 27 14:49:51 2009 New Revision: 197537 URL: http://svn.freebsd.org/changeset/base/197537 Log: Do not allow mmap with the MAP_FIXED argument to map at address zero. This is done to make it harder to exploit kernel NULL pointer security vulnerabilities. While this of course does not fix vulnerabilities, it does mitigate their impact. Note that this may break some applications, most likely emulators or similar, which for one reason or another require mapping memory at zero. This restriction can be disabled with the security.bsd.mmap_zero sysctl variable. Discussed with: rwatson, bz Tested by: bz (Wine), simon (VirtualBox) Submitted by: jhb Modified: head/sys/vm/vm_mmap.c [...] ----- End forwarded message ----- -- Simon L. Nielsen Hat: FreeBSD Security Team
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090927150233.GH1495>