CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2019/06/01 16:42:21
Modified files:
sys/sys : proc.h syscall_mi.h
sys/uvm : uvm_map.c uvm_map.h
sys/arch/alpha/alpha: trap.c
sys/arch/amd64/amd64: trap.c
sys/arch/arm/arm: fault.c
sys/arch/arm64/arm64: trap.c
sys/arch/hppa/hppa: trap.c
sys/arch/i386/i386: trap.c
sys/arch/mips64/mips64: trap.c
sys/arch/powerpc/powerpc: trap.c
sys/arch/sparc64/sparc64: trap.c
Log message:
Refactor the MAP_STACK feature, and introduce another similar variation:
Lookup the address that a syscall instruction is executed from, and kill
the process if that page is writeable. This brings an aspect of W^X
behaviour to W|X mappings (in JITs not yet adapted to W^X). The goal is
to remove simple attack methods and force use of ret2libc or other more
complicated means.
ok kettenis stefan visa
