Re: [RFC] Enable nxstack by default

From: Oliver Pinter <oliver.pntr_at_gmail.com> Date: Tue, 18 Oct 2011 12:22:31 +0200 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:19 UTC

Looks good to me.

On 10/18/11, Kostik Belousov <kostikbel_at_gmail.com> wrote:
> On Mon, Oct 17, 2011 at 09:30:56PM +0200, Oliver Pinter wrote:
>> Hi all!
>>
>> I think, it's the time to enable the nxstack feature. Any comments,
>> pros, cons?
>
> I dragged the change long enough for it to miss the 9.0.
> After the 9.0 is released, I will flip the switch with the following
> change.
>
> diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c
> index 8455f48..926fe64 100644
> --- a/sys/kern/imgact_elf.c
> +++ b/sys/kern/imgact_elf.c
> _at__at_ -118,7 +118,12 _at__at_ static int elf_legacy_coredump = 0;
>  SYSCTL_INT(_debug, OID_AUTO, __elfN(legacy_coredump), CTLFLAG_RW,
>      &elf_legacy_coredump, 0, "");
>
> -static int __elfN(nxstack) = 0;
> +int __elfN(nxstack) =
> +#if defined(__amd64__) || defined(__powerpc64__) /* both 64 and 32 bit */
> +	1;
> +#else
> +	0;
> +#endif
>  SYSCTL_INT(__CONCAT(_kern_elf, __ELF_WORD_SIZE), OID_AUTO,
>      nxstack, CTLFLAG_RW, &__elfN(nxstack), 0,
>      __XSTRING(__CONCAT(ELF, __ELF_WORD_SIZE)) ": enable non-executable
> stack");
> diff --git a/sys/powerpc/aim/mmu_oea64.c b/sys/powerpc/aim/mmu_oea64.c
> index 7500462..0e27351 100644
> --- a/sys/powerpc/aim/mmu_oea64.c
> +++ b/sys/powerpc/aim/mmu_oea64.c
> _at__at_ -1445,6 +1445,8 _at__at_ moea64_uma_page_alloc(uma_zone_t zone, int bytes,
> u_int8_t *flags, int wait)
>  	return (void *)va;
>  }
>
> +extern int elf32_nxstack;
> +
>  void
>  moea64_init(mmu_t mmu)
>  {
> _at__at_ -1464,6 +1466,8 _at__at_ moea64_init(mmu_t mmu)
>  		uma_zone_set_allocf(moea64_mpvo_zone,moea64_uma_page_alloc);
>  	}
>
> +	elf32_nxstack = 1;
> +
>  	moea64_initialized = TRUE;
>  }
>
> diff --git a/sys/powerpc/booke/machdep.c b/sys/powerpc/booke/machdep.c
> index c2b5e6f..82a37e1 100644
> --- a/sys/powerpc/booke/machdep.c
> +++ b/sys/powerpc/booke/machdep.c
> _at__at_ -192,6 +192,8 _at__at_ void print_kernel_section_addr(void);
>  void print_kenv(void);
>  u_int booke_init(uint32_t, uint32_t);
>
> +extern int elf32_nxstack;
> +
>  static void
>  cpu_e500_startup(void *dummy)
>  {
> _at__at_ -227,6 +229,9 _at__at_ cpu_e500_startup(void *dummy)
>  	/* Set up buffers, so they can be used to read disk labels. */
>  	bufinit();
>  	vm_pager_bufferinit();
> +
> +	/* Cpu supports execution permissions on the pages. */
> +	elf32_nxstack = 1;
>  }
>
>  static char *
>
>