Commit Graph

237961 Commits

Author SHA1 Message Date
maxv
87ee1fdec1 Disable PAX_SEGVGUARD.
We actually have a big problem: the fileassocs are never deleted.
Therefore, if a user generates a lot of buggy binaries and launches them
all, the kernel will allocate memory again again and again for all these
entries and will never free them (unless the files are deleted from the
disk). Which means that a user can too easily put the kernel under memory
pressure.
2015-09-26 16:33:16 +00:00
maxv
9ed595918a Revamp the way processes are PaX'ed in the kernel. Sent on tech-kern@ two
months ago, but no one reviewed it - probably because it's not a trivial
change.

This change fixes the following bug: when loading a PaX'ed binary, the
kernel updates the PaX flag of the calling process before it makes sure
the new process is actually launched. If the kernel fails to launch the
new process, it does not restore the PaX flag of the calling process,
leaving it in an inconsistent state.

Actually, simply restoring it would be horrible as well, since in the
meantime another thread may have used the flag.

The solution is therefore: modify all the functions used by PaX so that
they take as argument the exec package instead of the lwp, and set the PaX
flag in the process *right before* launching the new process - it cannot
fail in the meantime.
2015-09-26 16:12:24 +00:00
skrll
a6c0d63949 Deal with polling in usbd_start_next 2015-09-26 13:59:28 +00:00
christos
c4bba3a5cb Put -Isys after the ioctl Makefile has a chance to add other paths first. 2015-09-26 13:31:27 +00:00
christos
fae14d9262 CID 1324963: Remove bogus NULL test
CID 1324962: This is not python, one needs braces too.
2015-09-26 13:04:10 +00:00
maxv
e1ac029c45 Curious typo. Harmless. Found by Brainy 2015-09-26 12:16:28 +00:00
maxv
d42b2b5ae7 Remove KMEMSTATS. Normally it's ok now. 2015-09-26 11:16:12 +00:00
mlelstv
820518ec94 Don't link partially with static libraries.
Don't link with kerberos librararies, nothing is using them.
Don't link with libipsec, our local patch, that requires it, is gone.
2015-09-26 09:48:27 +00:00
christos
ec9d924643 rename sun ioctls 2015-09-26 04:13:39 +00:00
christos
431e9fd675 avoid compiler warnings 2015-09-26 03:32:17 +00:00
christos
b2e2b58c68 avoid conflicts with our own ioctls 2015-09-26 03:31:52 +00:00
christos
f72496b8cd Add dtrace ioctls 2015-09-26 03:31:11 +00:00
christos
7e89f9a479 try to fix sets 2015-09-26 01:46:14 +00:00
christos
3a8db65df5 catch up with unsigned long -> proc_breakpoint_t change. 2015-09-26 00:33:34 +00:00
christos
e09cabee76 args are flipped. 2015-09-25 19:27:31 +00:00
christos
a94376db50 use provide KERN_PROC_PATHNAME in PROC_ARGS. 2015-09-25 19:18:28 +00:00
christos
58ec3b3ba7 remove caddr_t 2015-09-25 19:09:38 +00:00
christos
800ae96385 Fix the broken detach code and make the proc tests detach instead
of continue, so that we don't get kernel diagnostic messages about
detaching traced processes.
2015-09-25 19:08:32 +00:00
christos
9a58287b9b Add a proc_breakpoint_t and a proc_regval_t to abstract some types. 2015-09-25 16:07:32 +00:00
christos
b88569ce68 For processors that have memory breakpoints, add macros for them to help
libproc
2015-09-25 16:05:17 +00:00
christos
c09ba22ef4 Restore previous: only build libproc and librtld_db for dtrace since many
archs are not supported.
2015-09-25 11:39:08 +00:00
christos
c45350533b Restore previous: only build libproc and librtld_db for dtrace support, since
many archs are not supported.
2015-09-25 11:38:12 +00:00
christos
dc1fa8fa85 we always build librtld_db and libproc. 2015-09-25 11:35:05 +00:00
christos
547df74cfc libproc and librtld_db build fine without CTF and should always be available. 2015-09-25 11:34:07 +00:00
martin
e7ce0e573c conditionalize librtld_db docs 2015-09-25 10:43:18 +00:00
martin
1cd8e8787f More conditional dance for librtld_db 2015-09-25 10:30:36 +00:00
martin
2f0225ffc2 librtld_db depends on libproc, so conditionalize it as well 2015-09-25 10:08:35 +00:00
martin
c5c0f1ebc3 Try to fix set lists for libproc and librtld_db. The latter is probably
wrong and needs to be redone with COMPATARCHDIRS magic, but I can't
find any documentation how to do it. Matt?
2015-09-25 09:55:49 +00:00
mrg
a5c0f21e52 move GCC 4.8 users to using gcc.old. should be no functional change. 2015-09-25 08:24:20 +00:00
martin
31c357f656 Conditionalize libproc here as well (why is it entered twice anyway?) 2015-09-25 08:22:02 +00:00
martin
e662b1ba49 libproc depends on libctf, so conditionalize it with the same condition 2015-09-25 07:41:53 +00:00
christos
9657a4f4e1 fix debug and lint sets for i386 2015-09-24 20:27:40 +00:00
christos
810c90eba8 fix typo 2015-09-24 20:27:11 +00:00
christos
450b6a295e bump libdtrace/libctf. 2015-09-24 20:04:57 +00:00
christos
f94f34a53d include <sys/proc.h> explicitly for kthread_t 2015-09-24 19:55:00 +00:00
christos
c4db460182 Elf64_Sym.st_value (Elf64_Addr) which is what GElf_Sym using, is wider than
uintptr_t on 32 bit machines, so cast to it.
2015-09-24 19:25:37 +00:00
christos
bcf65cfcd7 %j needs uintmax_t not uintptr_t 2015-09-24 19:16:06 +00:00
christos
46e2ed0d2c make dtrace follow libproc. 2015-09-24 18:37:33 +00:00
christos
ef15a8ede3 remove extra lintlibrary 2015-09-24 18:03:22 +00:00
macallan
8223c4230d on mips64 we can use the whole PCI space, not just the two 32MB windows
accessible via KSEG*
2015-09-24 17:56:59 +00:00
christos
e3e9fedc50 forgotten lint libraries. 2015-09-24 16:37:09 +00:00
christos
bec53237f7 debug for libproc 2015-09-24 16:36:58 +00:00
christos
a2d53314ad debug for libproc tests 2015-09-24 16:02:39 +00:00
christos
85dc0057a4 Hello lint. 2015-09-24 15:30:39 +00:00
christos
e0fbcc46ac regen 2015-09-24 14:58:19 +00:00
christos
701e13f65d document new sysctls 2015-09-24 14:56:41 +00:00
christos
5255484a24 add new libproc test stuff 2015-09-24 14:50:06 +00:00
christos
afbe6b2d68 update for libproc/librtld_db/dtrace changes 2015-09-24 14:49:38 +00:00
christos
58ad14e816 Hook up libproc and librtld_db into the build 2015-09-24 14:48:36 +00:00
christos
9451a2b98d regen 2015-09-24 14:42:44 +00:00