svn commit: r197714 - in stable/8/sys: . amd64/include/xen
cddl/contrib/opensolaris contrib/dev/acpica contrib/pf
dev/xen/xenpci kern
Simon L. Nielsen
simon at FreeBSD.org
Fri Oct 2 17:58:49 UTC 2009
Author: simon
Date: Fri Oct 2 17:58:47 2009
New Revision: 197714
URL: http://svn.freebsd.org/changeset/base/197714
Log:
MFC r197711:
Add no zero mapping feature.
NOTE: Unlike in the other branches where this change will be "merged"
to, the 'no zero mapping' is enabled by default in stable/8.
Errata: FreeBSD-EN-09:05.null
Approved by: re (kib)
Modified:
stable/8/sys/ (props changed)
stable/8/sys/amd64/include/xen/ (props changed)
stable/8/sys/cddl/contrib/opensolaris/ (props changed)
stable/8/sys/contrib/dev/acpica/ (props changed)
stable/8/sys/contrib/pf/ (props changed)
stable/8/sys/dev/xen/xenpci/ (props changed)
stable/8/sys/kern/init_main.c
stable/8/sys/kern/kern_exec.c
Modified: stable/8/sys/kern/init_main.c
==============================================================================
--- stable/8/sys/kern/init_main.c Fri Oct 2 17:53:48 2009 (r197713)
+++ stable/8/sys/kern/init_main.c Fri Oct 2 17:58:47 2009 (r197714)
@@ -492,6 +492,11 @@ proc0_init(void *dummy __unused)
pmap_pinit0(vmspace_pmap(&vmspace0));
p->p_vmspace = &vmspace0;
vmspace0.vm_refcnt = 1;
+
+ /*
+ * proc0 is not expected to enter usermode, so there is no special
+ * handling for sv_minuser here, like is done for exec_new_vmspace().
+ */
vm_map_init(&vmspace0.vm_map, p->p_sysent->sv_minuser,
p->p_sysent->sv_maxuser);
vmspace0.vm_map.pmap = vmspace_pmap(&vmspace0);
Modified: stable/8/sys/kern/kern_exec.c
==============================================================================
--- stable/8/sys/kern/kern_exec.c Fri Oct 2 17:53:48 2009 (r197713)
+++ stable/8/sys/kern/kern_exec.c Fri Oct 2 17:58:47 2009 (r197714)
@@ -122,6 +122,11 @@ u_long ps_arg_cache_limit = PAGE_SIZE /
SYSCTL_ULONG(_kern, OID_AUTO, ps_arg_cache_limit, CTLFLAG_RW,
&ps_arg_cache_limit, 0, "");
+static int map_at_zero = 0;
+TUNABLE_INT("security.bsd.map_at_zero", &map_at_zero);
+SYSCTL_INT(_security_bsd, OID_AUTO, map_at_zero, CTLFLAG_RW, &map_at_zero, 0,
+ "Permit processes to map an object at virtual address 0.");
+
static int
sysctl_kern_ps_strings(SYSCTL_HANDLER_ARGS)
{
@@ -999,7 +1004,7 @@ exec_new_vmspace(imgp, sv)
int error;
struct proc *p = imgp->proc;
struct vmspace *vmspace = p->p_vmspace;
- vm_offset_t stack_addr;
+ vm_offset_t sv_minuser, stack_addr;
vm_map_t map;
u_long ssiz;
@@ -1015,13 +1020,17 @@ exec_new_vmspace(imgp, sv)
* not disrupted
*/
map = &vmspace->vm_map;
- if (vmspace->vm_refcnt == 1 && vm_map_min(map) == sv->sv_minuser &&
+ if (map_at_zero)
+ sv_minuser = sv->sv_minuser;
+ else
+ sv_minuser = MAX(sv->sv_minuser, PAGE_SIZE);
+ if (vmspace->vm_refcnt == 1 && vm_map_min(map) == sv_minuser &&
vm_map_max(map) == sv->sv_maxuser) {
shmexit(vmspace);
pmap_remove_pages(vmspace_pmap(vmspace));
vm_map_remove(map, vm_map_min(map), vm_map_max(map));
} else {
- error = vmspace_exec(p, sv->sv_minuser, sv->sv_maxuser);
+ error = vmspace_exec(p, sv_minuser, sv->sv_maxuser);
if (error)
return (error);
vmspace = p->p_vmspace;
More information about the svn-src-stable-8
mailing list