Change the PaX mprotect(2) restrictions' "global_protection" knob to

just "global" -- it's shorter and more readable. Update documentation.

lib/libc/gen/sysctl.3

@@ -1,4 +1,4 @@
-.\"	$NetBSD: sysctl.3,v 1.182 2006/09/06 18:59:21 wiz Exp $
+.\"	$NetBSD: sysctl.3,v 1.183 2006/09/26 14:48:40 elad Exp $
 .\"
 .\" Copyright (c) 1993
 .\"	The Regents of the University of California.  All rights reserved.
@@ -29,7 +29,7 @@
 .\"
 .\"	@(#)sysctl.3	8.4 (Berkeley) 5/9/95
 .\"
-.Dd September 6, 2006
+.Dd September 26, 2006
 .Dt SYSCTL 3
 .Os
 .Sh NAME
@@ -2083,7 +2083,7 @@ restrictions to better enforce a W^X policy. The value of this
 knob must be non-zero for PaX MPROTECT to be enabled, even if a
 process is already marked with
 .Em P_PAXMPROTECT .
-.It Li security.pax.mprotect.global_protection
+.It Li security.pax.mprotect.global
 Specifies the default global policy for programs without an
 explicit enable/disable flag.
 .Pp

sbin/sysctl/sysctl.8

@@ -1,4 +1,4 @@
-.\"	$NetBSD: sysctl.8,v 1.153 2006/09/05 00:29:35 rpaulo Exp $
+.\"	$NetBSD: sysctl.8,v 1.154 2006/09/26 14:48:40 elad Exp $
 .\"
 .\" Copyright (c) 2004 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -61,7 +61,7 @@
 .\"
 .\"	@(#)sysctl.8	8.1 (Berkeley) 6/6/93
 .\"
-.Dd September 5, 2006
+.Dd September 26, 2006
 .Dt SYSCTL 8
 .Os
 .Sh NAME
@@ -554,7 +554,7 @@ privilege can change the value.
 .It proc.\*[Lt]pid\*[Gt].stopfork	int	yes
 .It security.curtain	integer	yes
 .It security.pax.mprotect.enabled	integer	yes
-.It security.pax.mprotect.global_protection	integer	yes
+.It security.pax.mprotect.global	integer	yes
 .It user.bc_base_max	integer	no
 .It user.bc_dim_max	integer	no
 .It user.bc_scale_max	integer	no

share/man/man4/options.4

@@ -1,4 +1,4 @@
-.\"	$NetBSD: options.4,v 1.334 2006/09/23 11:16:50 wiz Exp $
+.\"	$NetBSD: options.4,v 1.335 2006/09/26 14:48:40 elad Exp $
 .\"
 .\" Copyright (c) 1996
 .\" 	Perry E. Metzger.  All rights reserved.
@@ -30,7 +30,7 @@
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 .\"
-.Dd September 20, 2006
+.Dd September 26, 2006
 .Os
 .Dt OPTIONS 4
 .Sh NAME
@@ -2204,7 +2204,7 @@ restrictions from the PaX project.
 The
 .Ar value
 is the default value for the
-.Em global_protection
+.Em global
 knob, see
 .Xr sysctl 3 .
 If 0, PaX MPROTECT will be enabled only if explicitly set on programs

sys/kern/kern_pax.c

@@ -1,4 +1,4 @@
-/* $NetBSD: kern_pax.c,v 1.3 2006/05/20 15:45:37 elad Exp $ */
+/* $NetBSD: kern_pax.c,v 1.4 2006/09/26 14:48:40 elad Exp $ */
 
 /*-
  * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
@@ -73,7 +73,7 @@ SYSCTL_SETUP(sysctl_security_pax_setup, "sysctl security.pax setup")
 		       CTL_CREATE, CTL_EOL);
 	sysctl_createv(clog, 0, &rnode, NULL,
 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
-		       CTLTYPE_INT, "global_protection",
+		       CTLTYPE_INT, "global",
 		       SYSCTL_DESCR("When enabled, unless explicitly "
 				    "specified, apply restrictions to"
 				    "all processes."),