Re: ratelimit_plz

Tue, 24 May 2016 04:46:50 -0700 

On 2016/05/24 14:34, Artturi Alm wrote:
> On Tue, May 24, 2016 at 11:31:31AM +0100, Stuart Henderson wrote:
> > On 2016/05/24 11:47, Artturi Alm wrote:
> > > >How-To-Repeat:
> > > modern browser
> > ..
> > > chrome(83796): mmap: mandatory W^X
> > > chrome(19957): mmap: mandatory W^X
> > > firefox(74606): mmap: mandatory W^X
> > > chrome(6007): mmap: mandatory W^X
> > > chrome(50373): mmap: mandatory W^X
> > 
> > Any idea what you were doing in Firefox when this triggered?
> > 
> it was totally fresh firefox install w/no existing config nor plugins/addons
> w/e they are on that browser, figured i would uninstall once i found it
> suffering from mmap: mandatory W^X too, however i believe it was
> running/idling with these tabs:
> https://github.com
> http://ftp.openbsd.org/
> https://www.google.com/
> http://www.openbsd.org/faq/ 
> http://cvsweb.openbsd.org/cgi-bin/cvsweb/
> 
> can still provide exact urls off-list if you want, as it still seemed to
> launch with same set of tabs i left it running with while i was testing it
> before reboot to get rid of the msg.

Any chance you could try it with this diff and obtain a
backtrace? Knowing browsers it might not be useful anyway, but
it may just give us some clues..

Index: uvm_mmap.c
===================================================================
RCS file: /cvs/src/sys/uvm/uvm_mmap.c,v
retrieving revision 1.125
diff -u -p -u -r1.125 uvm_mmap.c
--- uvm_mmap.c  11 May 2016 21:52:51 -0000      1.125
+++ uvm_mmap.c  20 May 2016 20:40:40 -0000
@@ -351,6 +351,10 @@ sys_mmap(struct proc *p, void *v, regist
         */
        if ((prot & PROT_MASK) != prot)
                return (EINVAL);
+       if ((prot & (PROT_EXEC|PROT_WRITE)) == (PROT_EXEC|PROT_WRITE)) {
+               printf("%s(%d): mmap: mandatory W^X\n", p->p_comm, p->p_pid);
+               return (EACCES);
+       }
        if ((flags & MAP_FLAGMASK) != flags)
                return (EINVAL);
        if (flags & MAP_OLDCOPY)
@@ -664,6 +668,11 @@ sys_mprotect(struct proc *p, void *v, re
        
        if ((prot & PROT_MASK) != prot)
                return (EINVAL);
+
+       if ((prot & (PROT_EXEC|PROT_WRITE)) == (PROT_EXEC|PROT_WRITE)) {
+               printf("%s(%d): mprotect: mandatory W^X\n", p->p_comm, 
p->p_pid);
+               sigexit(p, SIGSEGV);
+       }
 
        error = pledge_protexec(p, prot);
        if (error)

Reply via email to