cf9b36ab1d
VM_PROT_READ|VM_PROT_EXECUTE. The previous default (VM_PROT_ALL) would cause the following scenario: - someone attempts to write kernel text (my test was writing to an offset of /dev/kmem which was known to be in the text segment, while in single-user mode). - enter trap() with MMU fault (because of RO pte). - trap() calls vm_fault(), which looks up vm_map_entry for fauling address. - vm_fault interprets write fault and VM_PROT_WRITE (in VM_PROT_ALL) as COW; new page allocated, data copied to new page, new page mapped in at trunc_page(<faulting va>). - wow, look at the fireworks! Fixes two potential symptoms: - kernacc() returns TRUE when checking for permission to write an offset in kernel text, which is bogus, since the text has been mapped RO by pmap_bootstrap(). - Handling of a stray pointer that attempted to scribble into kernel text would not be executed properly. |
||
|---|---|---|
| bin | ||
| distrib | ||
| etc | ||
| games | ||
| gnu | ||
| include | ||
| lib | ||
| libexec | ||
| regress | ||
| sbin | ||
| share | ||
| sys | ||
| usr.bin | ||
| usr.sbin | ||
| Makefile | ||