sigaltstack() was adapted to work on mimmutable regions (an unfortunate

compromise...), but it means the stack can be marked immutable again.
ok kettenis

diff --git a/sys/kern/exec_subr.c b/sys/kern/exec_subr.c
index dc4053a..0cf207a 100644 (file)
--- a/sys/kern/exec_subr.c
+++ b/sys/kern/exec_subr.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: exec_subr.c,v 1.59 2022/10/21 18:10:56 deraadt Exp $  */
+/*     $OpenBSD: exec_subr.c,v 1.60 2022/10/21 18:11:55 deraadt Exp $  */
 /*     $NetBSD: exec_subr.c,v 1.9 1994/12/04 03:10:42 mycroft Exp $    */
 
 /*
@@ -419,21 +419,21 @@ exec_setup_stack(struct proc *p, struct exec_package *epp)
         * <stack> ep_minsaddr
         */
 #ifdef MACHINE_STACK_GROWS_UP
-       NEW_VMCMD(&epp->ep_vmcmds, vmcmd_map_zero,
+       NEW_VMCMD2(&epp->ep_vmcmds, vmcmd_map_zero,
            ((epp->ep_minsaddr - epp->ep_ssize) - epp->ep_maxsaddr),
-           epp->ep_maxsaddr + epp->ep_ssize, NULLVP, 0,
-           PROT_NONE);
+           epp->ep_maxsaddr + epp->ep_ssize,
+           NULLVP, 0, PROT_NONE,  VMCMD_IMMUTABLE);
        NEW_VMCMD2(&epp->ep_vmcmds, vmcmd_map_zero, epp->ep_ssize,
-           epp->ep_maxsaddr, NULLVP, 0,
-           PROT_READ | PROT_WRITE, VMCMD_STACK);
+           epp->ep_maxsaddr,
+           NULLVP, 0, PROT_READ | PROT_WRITE, VMCMD_STACK | VMCMD_IMMUTABLE);
 #else
-       NEW_VMCMD(&epp->ep_vmcmds, vmcmd_map_zero,
+       NEW_VMCMD2(&epp->ep_vmcmds, vmcmd_map_zero,
            ((epp->ep_minsaddr - epp->ep_ssize) - epp->ep_maxsaddr),
-           epp->ep_maxsaddr, NULLVP, 0,
-           PROT_NONE);
+           epp->ep_maxsaddr,
+           NULLVP, 0, PROT_NONE, VMCMD_IMMUTABLE);
        NEW_VMCMD2(&epp->ep_vmcmds, vmcmd_map_zero, epp->ep_ssize,
-           (epp->ep_minsaddr - epp->ep_ssize), NULLVP, 0,
-           PROT_READ | PROT_WRITE, VMCMD_STACK);
+           (epp->ep_minsaddr - epp->ep_ssize),
+           NULLVP, 0, PROT_READ | PROT_WRITE, VMCMD_STACK | VMCMD_IMMUTABLE);
 #endif
 
        return (0);

diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index 0e4ac01..3b95c73 100644 (file)
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: kern_exec.c,v 1.235 2022/10/12 02:39:16 deraadt Exp $ */
+/*     $OpenBSD: kern_exec.c,v 1.236 2022/10/21 18:11:55 deraadt Exp $ */
 /*     $NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $  */
 
 /*-
@@ -466,13 +466,13 @@ sys_execve(struct proc *p, void *v, register_t *retval)
 #ifdef MACHINE_STACK_GROWS_UP
        pr->ps_strings = (vaddr_t)vm->vm_maxsaddr + sgap;
         if (uvm_map_protect(&vm->vm_map, (vaddr_t)vm->vm_maxsaddr,
-            trunc_page(pr->ps_strings), PROT_NONE, TRUE, TRUE))
+            trunc_page(pr->ps_strings), PROT_NONE, TRUE, FALSE))
                 goto exec_abort;
 #else
        pr->ps_strings = (vaddr_t)vm->vm_minsaddr - sizeof(arginfo) - sgap;
         if (uvm_map_protect(&vm->vm_map,
             round_page(pr->ps_strings + sizeof(arginfo)),
-            (vaddr_t)vm->vm_minsaddr, PROT_NONE, TRUE, TRUE))
+            (vaddr_t)vm->vm_minsaddr, PROT_NONE, TRUE, FALSE))
                 goto exec_abort;
 #endif