From f2e49d373091b1b3b633aadd3ef904005fccbab6 Mon Sep 17 00:00:00 2001 From: deraadt Date: Fri, 21 Oct 2022 18:11:55 +0000 Subject: [PATCH] sigaltstack() was adapted to work on mimmutable regions (an unfortunate compromise...), but it means the stack can be marked immutable again. ok kettenis --- sys/kern/exec_subr.c | 22 +++++++++++----------- sys/kern/kern_exec.c | 6 +++--- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/sys/kern/exec_subr.c b/sys/kern/exec_subr.c index dc4053a5f89..0cf207ae33f 100644 --- a/sys/kern/exec_subr.c +++ b/sys/kern/exec_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exec_subr.c,v 1.59 2022/10/21 18:10:56 deraadt Exp $ */ +/* $OpenBSD: exec_subr.c,v 1.60 2022/10/21 18:11:55 deraadt Exp $ */ /* $NetBSD: exec_subr.c,v 1.9 1994/12/04 03:10:42 mycroft Exp $ */ /* @@ -419,21 +419,21 @@ exec_setup_stack(struct proc *p, struct exec_package *epp) * ep_minsaddr */ #ifdef MACHINE_STACK_GROWS_UP - NEW_VMCMD(&epp->ep_vmcmds, vmcmd_map_zero, + NEW_VMCMD2(&epp->ep_vmcmds, vmcmd_map_zero, ((epp->ep_minsaddr - epp->ep_ssize) - epp->ep_maxsaddr), - epp->ep_maxsaddr + epp->ep_ssize, NULLVP, 0, - PROT_NONE); + epp->ep_maxsaddr + epp->ep_ssize, + NULLVP, 0, PROT_NONE, VMCMD_IMMUTABLE); NEW_VMCMD2(&epp->ep_vmcmds, vmcmd_map_zero, epp->ep_ssize, - epp->ep_maxsaddr, NULLVP, 0, - PROT_READ | PROT_WRITE, VMCMD_STACK); + epp->ep_maxsaddr, + NULLVP, 0, PROT_READ | PROT_WRITE, VMCMD_STACK | VMCMD_IMMUTABLE); #else - NEW_VMCMD(&epp->ep_vmcmds, vmcmd_map_zero, + NEW_VMCMD2(&epp->ep_vmcmds, vmcmd_map_zero, ((epp->ep_minsaddr - epp->ep_ssize) - epp->ep_maxsaddr), - epp->ep_maxsaddr, NULLVP, 0, - PROT_NONE); + epp->ep_maxsaddr, + NULLVP, 0, PROT_NONE, VMCMD_IMMUTABLE); NEW_VMCMD2(&epp->ep_vmcmds, vmcmd_map_zero, epp->ep_ssize, - (epp->ep_minsaddr - epp->ep_ssize), NULLVP, 0, - PROT_READ | PROT_WRITE, VMCMD_STACK); + (epp->ep_minsaddr - epp->ep_ssize), + NULLVP, 0, PROT_READ | PROT_WRITE, VMCMD_STACK | VMCMD_IMMUTABLE); #endif return (0); diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 0e4ac0170fb..3b95c73bc8d 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_exec.c,v 1.235 2022/10/12 02:39:16 deraadt Exp $ */ +/* $OpenBSD: kern_exec.c,v 1.236 2022/10/21 18:11:55 deraadt Exp $ */ /* $NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $ */ /*- @@ -466,13 +466,13 @@ sys_execve(struct proc *p, void *v, register_t *retval) #ifdef MACHINE_STACK_GROWS_UP pr->ps_strings = (vaddr_t)vm->vm_maxsaddr + sgap; if (uvm_map_protect(&vm->vm_map, (vaddr_t)vm->vm_maxsaddr, - trunc_page(pr->ps_strings), PROT_NONE, TRUE, TRUE)) + trunc_page(pr->ps_strings), PROT_NONE, TRUE, FALSE)) goto exec_abort; #else pr->ps_strings = (vaddr_t)vm->vm_minsaddr - sizeof(arginfo) - sgap; if (uvm_map_protect(&vm->vm_map, round_page(pr->ps_strings + sizeof(arginfo)), - (vaddr_t)vm->vm_minsaddr, PROT_NONE, TRUE, TRUE)) + (vaddr_t)vm->vm_minsaddr, PROT_NONE, TRUE, FALSE)) goto exec_abort; #endif -- 2.20.1