CVS commit: [netbsd-5-0] src/sys/kern

Tue, 31 Aug 2010 03:55:59 -0700 

Module Name:    src
Committed By:   bouyer
Date:           Tue Aug 31 10:55:34 UTC 2010

Modified Files:
        src/sys/kern [netbsd-5-0]: exec_subr.c kern_pax.c

Log Message:
Pull up following revision(s) (requested by christos in ticket #1444):
        sys/kern/kern_pax.c: revision 1.24
        sys/kern/exec_subr.c: revision 1.65
Fix issues with stack allocation and pax aslr:
- since the size is unsigned, don't check just that it is > 0, but limit
  it to the MAXSSIZ
- if the stack size is reduced because of aslr, make sure we reduce the
  actual allocation by the same size so that the size does not wrap around.
NB: Must be pulled up to 5.x!


To generate a diff of this commit:
cvs rdiff -u -r1.61.8.1 -r1.61.8.1.2.1 src/sys/kern/exec_subr.c
cvs rdiff -u -r1.22 -r1.22.14.1 src/sys/kern/kern_pax.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/exec_subr.c
diff -u src/sys/kern/exec_subr.c:1.61.8.1 src/sys/kern/exec_subr.c:1.61.8.1.2.1
--- src/sys/kern/exec_subr.c:1.61.8.1	Wed Apr  1 00:25:22 2009
+++ src/sys/kern/exec_subr.c	Tue Aug 31 10:55:34 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: exec_subr.c,v 1.61.8.1 2009/04/01 00:25:22 snj Exp $	*/
+/*	$NetBSD: exec_subr.c,v 1.61.8.1.2.1 2010/08/31 10:55:34 bouyer Exp $	*/
 
 /*
  * Copyright (c) 1993, 1994, 1996 Christopher G. Demetriou
@@ -31,7 +31,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: exec_subr.c,v 1.61.8.1 2009/04/01 00:25:22 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: exec_subr.c,v 1.61.8.1.2.1 2010/08/31 10:55:34 bouyer Exp $");
 
 #include "opt_pax.h"
 
@@ -386,6 +386,7 @@
 		epp->ep_minsaddr = USRSTACK;
 		max_stack_size = MAXSSIZ;
 	}
+	epp->ep_ssize = l->l_proc->p_rlimit[RLIMIT_STACK].rlim_cur;
 
 #ifdef PAX_ASLR
 	pax_aslr_stack(l, epp, &max_stack_size);
@@ -395,7 +396,6 @@
 	
 	epp->ep_maxsaddr = (u_long)STACK_GROW(epp->ep_minsaddr,
 		max_stack_size);
-	epp->ep_ssize = l->l_proc->p_rlimit[RLIMIT_STACK].rlim_cur;
 
 	/*
 	 * set up commands for stack.  note that this takes *two*, one to
@@ -410,11 +410,11 @@
 	noaccess_size = max_stack_size - access_size;
 	noaccess_linear_min = (u_long)STACK_ALLOC(STACK_GROW(epp->ep_minsaddr,
 	    access_size), noaccess_size);
-	if (noaccess_size > 0) {
+	if (noaccess_size > 0 && noaccess_size <= MAXSSIZ) {
 		NEW_VMCMD2(&epp->ep_vmcmds, vmcmd_map_zero, noaccess_size,
 		    noaccess_linear_min, NULL, 0, VM_PROT_NONE, VMCMD_STACK);
 	}
-	KASSERT(access_size > 0);
+	KASSERT(access_size > 0 && access_size <= MAXSSIZ);
 	NEW_VMCMD2(&epp->ep_vmcmds, vmcmd_map_zero, access_size,
 	    access_linear_min, NULL, 0, VM_PROT_READ | VM_PROT_WRITE,
 	    VMCMD_STACK);

Index: src/sys/kern/kern_pax.c
diff -u src/sys/kern/kern_pax.c:1.22 src/sys/kern/kern_pax.c:1.22.14.1
--- src/sys/kern/kern_pax.c:1.22	Wed Jun  4 12:26:20 2008
+++ src/sys/kern/kern_pax.c	Tue Aug 31 10:55:34 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_pax.c,v 1.22 2008/06/04 12:26:20 ad Exp $	*/
+/*	$NetBSD: kern_pax.c,v 1.22.14.1 2010/08/31 10:55:34 bouyer Exp $	*/
 
 /*-
  * Copyright (c) 2006 Elad Efrat <e...@netbsd.org>
@@ -28,7 +28,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_pax.c,v 1.22 2008/06/04 12:26:20 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_pax.c,v 1.22.14.1 2010/08/31 10:55:34 bouyer Exp $");
 
 #include "opt_pax.h"
 
@@ -353,6 +353,8 @@
 #endif
 		epp->ep_minsaddr -= d;
 		*max_stack_size -= d;
+		if (epp->ep_ssize > *max_stack_size)
+			epp->ep_ssize = *max_stack_size;
 	}
 }
 #endif /* PAX_ASLR */

Reply via email to