Change the PaX mprotect(2) restrictions' "global_protection" knob to

just "global" -- it's shorter and more readable. Update documentation.
2006-09-26 14:48:40 +00:00 · 2006-09-26 14:48:40 +00:00 · 5c38108d28
parent 2f417d0f92
commit 5c38108d28
4 changed files with 11 additions and 11 deletions
--- a/lib/libc/gen/sysctl.3
+++ b/lib/libc/gen/sysctl.3
@ -1,4 +1,4 @@
-.\"	$NetBSD: sysctl.3,v 1.182 2006/09/06 18:59:21 wiz Exp $
+.\"	$NetBSD: sysctl.3,v 1.183 2006/09/26 14:48:40 elad Exp $
 .\"
 .\" Copyright (c) 1993
 .\"	The Regents of the University of California.  All rights reserved.
@ -29,7 +29,7 @@
 .\"
 .\"	@(#)sysctl.3	8.4 (Berkeley) 5/9/95
 .\"
-.Dd September 6, 2006
+.Dd September 26, 2006
 .Dt SYSCTL 3
 .Os
 .Sh NAME
@ -2083,7 +2083,7 @@ restrictions to better enforce a W^X policy. The value of this
 knob must be non-zero for PaX MPROTECT to be enabled, even if a
 process is already marked with
 .Em P_PAXMPROTECT .
-.It Li security.pax.mprotect.global_protection
+.It Li security.pax.mprotect.global
 Specifies the default global policy for programs without an
 explicit enable/disable flag.
 .Pp
--- a/sbin/sysctl/sysctl.8
+++ b/sbin/sysctl/sysctl.8
@ -1,4 +1,4 @@
-.\"	$NetBSD: sysctl.8,v 1.153 2006/09/05 00:29:35 rpaulo Exp $
+.\"	$NetBSD: sysctl.8,v 1.154 2006/09/26 14:48:40 elad Exp $
 .\"
 .\" Copyright (c) 2004 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@ -61,7 +61,7 @@
 .\"
 .\"	@(#)sysctl.8	8.1 (Berkeley) 6/6/93
 .\"
-.Dd September 5, 2006
+.Dd September 26, 2006
 .Dt SYSCTL 8
 .Os
 .Sh NAME
@ -554,7 +554,7 @@ privilege can change the value.
 .It proc.\*[Lt]pid\*[Gt].stopfork	int	yes
 .It security.curtain	integer	yes
 .It security.pax.mprotect.enabled	integer	yes
-.It security.pax.mprotect.global_protection	integer	yes
+.It security.pax.mprotect.global	integer	yes
 .It user.bc_base_max	integer	no
 .It user.bc_dim_max	integer	no
 .It user.bc_scale_max	integer	no
--- a/share/man/man4/options.4
+++ b/share/man/man4/options.4
@ -1,4 +1,4 @@
-.\"	$NetBSD: options.4,v 1.334 2006/09/23 11:16:50 wiz Exp $
+.\"	$NetBSD: options.4,v 1.335 2006/09/26 14:48:40 elad Exp $
 .\"
 .\" Copyright (c) 1996
 .\" 	Perry E. Metzger.  All rights reserved.
@ -30,7 +30,7 @@
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 .\"
-.Dd September 20, 2006
+.Dd September 26, 2006
 .Os
 .Dt OPTIONS 4
 .Sh NAME
@ -2204,7 +2204,7 @@ restrictions from the PaX project.
 The
 .Ar value
 is the default value for the
-.Em global_protection
+.Em global
 knob, see
 .Xr sysctl 3 .
 If 0, PaX MPROTECT will be enabled only if explicitly set on programs
--- a/sys/kern/kern_pax.c
+++ b/sys/kern/kern_pax.c
@ -1,4 +1,4 @@
-/* $NetBSD: kern_pax.c,v 1.3 2006/05/20 15:45:37 elad Exp $ */
+/* $NetBSD: kern_pax.c,v 1.4 2006/09/26 14:48:40 elad Exp $ */

 /*-
 * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
@ -73,7 +73,7 @@ SYSCTL_SETUP(sysctl_security_pax_setup, "sysctl security.pax setup")
 		       CTL_CREATE, CTL_EOL);
 	sysctl_createv(clog, 0, &rnode, NULL,
 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
-		       CTLTYPE_INT, "global_protection",
+		       CTLTYPE_INT, "global",
 		       SYSCTL_DESCR("When enabled, unless explicitly "
 				    "specified, apply restrictions to"
 				    "all processes."),