Module Name: src
Committed By: maxv
Date: Sat Mar 14 05:19:50 UTC 2020
Modified Files:
src/sys/arch/x86/x86: pmap.c
Log Message:
On amd64, mark the whole tree as NX. No real functional change, just to
prevent possible future surprises, and to make it a little harder to map
executable pages in ROP chains.
To generate a diff of this commit:
cvs rdiff -u -r1.363 -r1.364 src/sys/arch/x86/x86/pmap.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/x86/x86/pmap.c
diff -u src/sys/arch/x86/x86/pmap.c:1.363 src/sys/arch/x86/x86/pmap.c:1.364
--- src/sys/arch/x86/x86/pmap.c:1.363 Tue Mar 10 22:38:41 2020
+++ src/sys/arch/x86/x86/pmap.c Sat Mar 14 05:19:50 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: pmap.c,v 1.363 2020/03/10 22:38:41 ad Exp $ */
+/* $NetBSD: pmap.c,v 1.364 2020/03/14 05:19:50 maxv Exp $ */
/*
* Copyright (c) 2008, 2010, 2016, 2017, 2019, 2020 The NetBSD Foundation, Inc.
@@ -130,7 +130,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: pmap.c,v 1.363 2020/03/10 22:38:41 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: pmap.c,v 1.364 2020/03/14 05:19:50 maxv Exp $");
#include "opt_user_ldt.h"
#include "opt_lockdebug.h"
@@ -4601,7 +4601,7 @@ pmap_get_physpage(void)
/*
* Expand the page tree with the specified amount of PTPs, mapping virtual
* addresses starting at kva. We populate all the levels but the last one
- * (L1). The nodes of the tree are created as RWX, but the pages covered
+ * (L1). The nodes of the tree are created as RW, but the pages covered
* will be kentered in L1, with proper permissions.
*
* Used only by pmap_growkernel.
@@ -4632,6 +4632,9 @@ pmap_alloc_level(struct pmap *cpm, vaddr
KASSERT(!pmap_valid_entry(pdep[i]));
pa = pmap_get_physpage();
pte = pmap_pa2pte(pa) | PTE_P | PTE_W;
+#ifdef __x86_64__
+ pte |= pmap_pg_nx;
+#endif
pmap_pte_set(&pdep[i], pte);
#ifdef XENPV
