and make the stack and heap non-executable by default. the changes
fall into two basic catagories:
- pmap and trap-handler changes. these are all MD:
= alpha: we already track per-page execute permission with the (software)
PG_EXEC bit, so just have the trap handler pay attention to it.
= i386: use a new GDT segment for %cs for processes that have no
executable mappings above a certain threshold (currently the
bottom of the stack). track per-page execute permission with
the last unused PTE bit.
= powerpc/ibm4xx: just use the hardware exec bit.
= powerpc/oea: we already track per-page exec bits, but the hardware only
implements non-exec mappings at the segment level. so track the
number of executable mappings in each segment and turn on the no-exec
segment bit iff the count is 0. adjust the trap handler to deal.
= sparc (sun4m): fix our use of the hardware protection bits.
fix the trap handler to recognize text faults.
= sparc64: split the existing unified TSB into data and instruction TSBs,
and only load TTEs into the appropriate TSB(s) for the permissions.
fix the trap handler to check for execute permission.
= not yet implemented: amd64, hppa, sh5
- changes in all the emulations that put a signal trampoline on the stack.
instead, we now put the trampoline into a uvm_aobj and map that into
the process separately.
originally from openbsd, adapted for netbsd by me.
truncate64() wrapper to translate args structure
NetBSD truncate() and ftrucate() have hidden 'pad' argument, so we have
to do the argument translation
Problem found and patch supplied in PR kern/22360 by Ales Krenek
This is the last of syscalls with hidden 'pad' arg we didn't have
wrapper for; all the others (lseek, mmap, pwrite, pread) already had
wrapper before.
* translate MSG_* flags
* rewrite CMSG level/type to appropriate NetBSD value on input, and to Linux
value on output
* handle different CMSG_DATA alignment for some archs
This fixes SCM_RIGHTS passing. Other SCM_* types are not supported -
the set is different on NetBSD and Linux. SCM_TIMESTAMP doesn't seem
to be actually implemented in Linux 2.5.15, so it's not supported
for Linux binaries either (for now).
PR: 21577 by Todd Vierling
be inserted into ktrace records. The general change has been to replace
"struct proc *" with "struct lwp *" in various function prototypes, pass
the lwp through and use l_proc to get the process pointer when needed.
Bump the kernel rev up to 1.6V
Avoids a lot of casting and removes the need for some line breaks.
Removed a load of (caddr_t) casts from calls to copyin/copyout as well.
(approved by christos - he has a plan to remove caddr_t...)
lookup and allocation, and any dependency on NPROC or MAXUSERS.
NO_PID changed to -1 (and renamed NO_PGID) to remove artificial limit
on PID_MAX.
As discussed on tech-kern.
of cycles off the syscall overhead.
Since all COMPAT_LINUX platforms now support __HAVE_SYSCALL_INTERN,
garbage-collect the LINUX_SYSCALL_FUNCTION stuff.
the passed device number to only contain lower 16 bits; older glibc
appears to pass some junk in upper bits sometimes, resulting in incorrect
device entries being created
Problem initially analyzed by Thor Lancelot Simon.
it checks both the alternative/emul tree, and the non-emul tree.
This makes it possible to run chrooted emulated binaries without need
to setup shadow /emul tree within the chroot hierarchy.
Only tested for COMPAT_LINUX, changes to other compat modules were
mechanical.
Fixes kern/19161 by Christian Groessler.
