months ago, but no one reviewed it - probably because it's not a trivial
change.
This change fixes the following bug: when loading a PaX'ed binary, the
kernel updates the PaX flag of the calling process before it makes sure
the new process is actually launched. If the kernel fails to launch the
new process, it does not restore the PaX flag of the calling process,
leaving it in an inconsistent state.
Actually, simply restoring it would be horrible as well, since in the
meantime another thread may have used the flag.
The solution is therefore: modify all the functions used by PaX so that
they take as argument the exec package instead of the lwp, and set the PaX
flag in the process *right before* launching the new process - it cannot
fail in the meantime.
libc api uses. For example syscallnames[293] = "__sigprocmask14",
altsyscallnames[293] = "sigprocmask". This is so that things like dtrace
can use the system call names everyone uses. The array is sparse; if the
names were the same (or for compat names) they are not copied and the array
has NULL for them.
possible so that we can provide in most situations the absolute
pathname in the AUX vector so that $ORIGIN works. The following
are implementation issues:
1. deep path execs still don't work (can't provide path to the AUX vector)
2. the returned path is not normalized (cosmetic)
to init_sysctl_base (only base kernel defs). Main motivation was to
fix sysconf(_SC_NPROCESSORS) for Rumprun. As reported by neeraj on irc,
it returned -1 before this fix, so we were doing imaginary computing.
output to drain to five seconds so that exiting processes with
buffered output for a serial port blocked by flow control or a pty
that is not being read do not hang indefinitely. Should fix PRs
kern/12534 and kern/17171. This is an updated version of the change
of tty.c 1.263.
the journal into a function. Make that function work correctly with
sector sizes != DEV_BSIZE when compiled outside the kernel (i.e.
fsck_ffs).
Fixes PR bin/45933
- move the P_PAX_ flags out of #ifdef PAX_ASLR in pax.h
- add a generic pax_flags_active() function
- fix a comment in exec_elf.c; interp is not static
- KNF for return
- rename pax_aslr() to pax_aslr_mmap()
- rename pax_segvguard_cb() to pax_segvguard_cleanup_cb()
2. honor O_CLOEXEC, so the children of daemons that use cloning devices, don't
end up with the parents descriptors
fd_clone and in general the fd approach of 'allocate' > 'play with guts' >
'attach' should be converted to be more constructor like.
XXX: pullup-{6,7}
