Hey, As mentioned in the commit message FreeBSD 9 / head now does not allow mmap'ing at zero by default, and this may break some apps. If anyone encounters applications which break because of this change, please let report it so we can see if it can be fixed. It might not be possible to fix some applications, but we at least would know which applications might need a special note in the documentation. ----- Forwarded message from "Simon L. Nielsen" <simon_at_FreeBSD.org> ----- Date: Sun, 27 Sep 2009 14:49:51 +0000 (UTC) From: "Simon L. Nielsen" <simon_at_FreeBSD.org> To: src-committers_at_freebsd.org, svn-src-all_at_freebsd.org, svn-src-head_at_freebsd.org Subject: svn commit: r197537 - head/sys/vm Author: simon Date: Sun Sep 27 14:49:51 2009 New Revision: 197537 URL: http://svn.freebsd.org/changeset/base/197537 Log: Do not allow mmap with the MAP_FIXED argument to map at address zero. This is done to make it harder to exploit kernel NULL pointer security vulnerabilities. While this of course does not fix vulnerabilities, it does mitigate their impact. Note that this may break some applications, most likely emulators or similar, which for one reason or another require mapping memory at zero. This restriction can be disabled with the security.bsd.mmap_zero sysctl variable. Discussed with: rwatson, bz Tested by: bz (Wine), simon (VirtualBox) Submitted by: jhb Modified: head/sys/vm/vm_mmap.c [...] ----- End forwarded message ----- -- Simon L. Nielsen Hat: FreeBSD Security TeamReceived on Sun Sep 27 2009 - 13:02:35 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:56 UTC