artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0cb184f) | patch
Prevent writing to the kernel area via the direct map. We do this by padding
authormlarkin <mlarkin@openbsd.org>
Sun, 21 Dec 2014 16:27:07 +0000 (16:27 +0000)
committermlarkin <mlarkin@openbsd.org>
Sun, 21 Dec 2014 16:27:07 +0000 (16:27 +0000)
commitc7636a68831104520cbf866b4b8d6bf887102168
tree7e5170045c24394e7bb19d05abd7943edaee72e7tree | snapshot
parent0cb184ff3152d91d51ca4d7a8d0c4a1f71cb15bfcommit | diff
Prevent writing to the kernel area via the direct map. We do this by padding
the end of the kernel area to 2MB, so that the direct map pages can then
have the W permission removed (X permission was already removed in a previous
diff). This creates a VA hole at the end of bss, so adjust for that since
that's where symbols get loaded by the bootloader (for now, map that region
RO until the boot loader can be updated to place the symbols at "end" instead
of "end of bss").

with help from and ok deraadt@
sys/arch/amd64/amd64/locore.S diff | blob | history
sys/arch/amd64/amd64/machdep.c diff | blob | history
sys/arch/amd64/conf/ld.script diff | blob | history
sys/ddb/db_sym.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim