Module Name: src
Committed By: maxv
Date: Sat Sep 26 16:33:16 UTC 2015
Modified Files:
src/sys/arch/alpha/conf: GENERIC
src/sys/arch/amd64/conf: ALL
src/sys/arch/evbarm64/conf: A64EMUL
src/sys/arch/i386/conf: ALL
src/sys/arch/shark/conf: GENERIC
Log Message:
Disable PAX_SEGVGUARD.
We actually have a big problem: the fileassocs are never deleted.
Therefore, if a user generates a lot of buggy binaries and launches them
all, the kernel will allocate memory again again and again for all these
entries and will never free them (unless the files are deleted from the
disk). Which means that a user can too easily put the kernel under memory
pressure.
To generate a diff of this commit:
cvs rdiff -u -r1.365 -r1.366 src/sys/arch/alpha/conf/GENERIC
cvs rdiff -u -r1.30 -r1.31 src/sys/arch/amd64/conf/ALL
cvs rdiff -u -r1.4 -r1.5 src/sys/arch/evbarm64/conf/A64EMUL
cvs rdiff -u -r1.395 -r1.396 src/sys/arch/i386/conf/ALL
cvs rdiff -u -r1.122 -r1.123 src/sys/arch/shark/conf/GENERIC
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/alpha/conf/GENERIC
diff -u src/sys/arch/alpha/conf/GENERIC:1.365 src/sys/arch/alpha/conf/GENERIC:1.366
--- src/sys/arch/alpha/conf/GENERIC:1.365 Sat Aug 8 06:36:24 2015
+++ src/sys/arch/alpha/conf/GENERIC Sat Sep 26 16:33:16 2015
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.365 2015/08/08 06:36:24 maxv Exp $
+# $NetBSD: GENERIC,v 1.366 2015/09/26 16:33:16 maxv Exp $
#
# This machine description file is used to generate the default NetBSD
# kernel.
@@ -19,7 +19,7 @@ include "arch/alpha/conf/std.alpha"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-ident "GENERIC-$Revision: 1.365 $"
+ident "GENERIC-$Revision: 1.366 $"
maxusers 32
@@ -789,5 +789,4 @@ pseudo-device putter # for puffs and p
#options VERIFIED_EXEC_FP_MD5
options PAX_MPROTECT=0 # PaX mprotect(2) restrictions
-#options PAX_SEGVGUARD=0 # PaX Segmentation fault guard
options PAX_ASLR=0 # PaX Address Space Layout Randomization
Index: src/sys/arch/amd64/conf/ALL
diff -u src/sys/arch/amd64/conf/ALL:1.30 src/sys/arch/amd64/conf/ALL:1.31
--- src/sys/arch/amd64/conf/ALL:1.30 Sat Aug 8 06:36:24 2015
+++ src/sys/arch/amd64/conf/ALL Sat Sep 26 16:33:16 2015
@@ -1,4 +1,4 @@
-# $NetBSD: ALL,v 1.30 2015/08/08 06:36:24 maxv Exp $
+# $NetBSD: ALL,v 1.31 2015/09/26 16:33:16 maxv Exp $
# From NetBSD: GENERIC,v 1.787 2006/10/01 18:37:54 bouyer Exp
#
# ALL machine description file
@@ -17,7 +17,7 @@ include "arch/amd64/conf/std.amd64"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "ALL-$Revision: 1.30 $"
+#ident "ALL-$Revision: 1.31 $"
maxusers 64 # estimated number of users
@@ -1633,7 +1633,7 @@ options VERIFIED_EXEC_FP_MD5
options PAX_MPROTECT=0 # PaX mprotect(2) restrictions
options PAX_ASLR=0 # PaX Address Space Layout Randomization
-options PAX_SEGVGUARD=0 # PaX Segmentation fault guard
+#options PAX_SEGVGUARD=0 # PaX Segmentation fault guard
#
# NetBSD: GENERIC_ISDN,v 1.16 2010/01/03 03:53:34 dholland Exp
Index: src/sys/arch/evbarm64/conf/A64EMUL
diff -u src/sys/arch/evbarm64/conf/A64EMUL:1.4 src/sys/arch/evbarm64/conf/A64EMUL:1.5
--- src/sys/arch/evbarm64/conf/A64EMUL:1.4 Wed Aug 12 07:53:57 2015
+++ src/sys/arch/evbarm64/conf/A64EMUL Sat Sep 26 16:33:16 2015
@@ -1,4 +1,4 @@
-# $NetBSD: A64EMUL,v 1.4 2015/08/12 07:53:57 maxv Exp $
+# $NetBSD: A64EMUL,v 1.5 2015/09/26 16:33:16 maxv Exp $
#
# This machine description file is used to generate the default NetBSD
# kernel.
@@ -19,7 +19,7 @@ include "arch/evbarm64/conf/std.a64emul
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-ident "A64EMUL-$Revision: 1.4 $"
+ident "A64EMUL-$Revision: 1.5 $"
maxusers 32
@@ -267,5 +267,4 @@ pseudo-device putter # for puffs and p
#options VERIFIED_EXEC_FP_MD5
#options PAX_MPROTECT=0 # PaX mprotect(2) restrictions
-#options PAX_SEGVGUARD=0 # PaX Segmentation fault guard
#options PAX_ASLR=0 # PaX Address Space Layout Randomization
Index: src/sys/arch/i386/conf/ALL
diff -u src/sys/arch/i386/conf/ALL:1.395 src/sys/arch/i386/conf/ALL:1.396
--- src/sys/arch/i386/conf/ALL:1.395 Sat Sep 26 11:16:12 2015
+++ src/sys/arch/i386/conf/ALL Sat Sep 26 16:33:16 2015
@@ -1,4 +1,4 @@
-# $NetBSD: ALL,v 1.395 2015/09/26 11:16:12 maxv Exp $
+# $NetBSD: ALL,v 1.396 2015/09/26 16:33:16 maxv Exp $
# From NetBSD: GENERIC,v 1.787 2006/10/01 18:37:54 bouyer Exp
#
# ALL machine description file
@@ -17,7 +17,7 @@ include "arch/i386/conf/std.i386"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "ALL-$Revision: 1.395 $"
+#ident "ALL-$Revision: 1.396 $"
maxusers 64 # estimated number of users
@@ -1823,7 +1823,7 @@ options VERIFIED_EXEC_FP_MD5
options PAX_MPROTECT=0 # PaX mprotect(2) restrictions
options PAX_ASLR=0 # PaX Address Space Layout Randomization
-options PAX_SEGVGUARD=0 # PaX Segmentation fault guard
+#options PAX_SEGVGUARD=0 # PaX Segmentation fault guard
#
# NetBSD: GENERIC_ISDN,v 1.16 2010/01/03 03:53:34 dholland Exp
Index: src/sys/arch/shark/conf/GENERIC
diff -u src/sys/arch/shark/conf/GENERIC:1.122 src/sys/arch/shark/conf/GENERIC:1.123
--- src/sys/arch/shark/conf/GENERIC:1.122 Sat Aug 8 06:36:26 2015
+++ src/sys/arch/shark/conf/GENERIC Sat Sep 26 16:33:16 2015
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.122 2015/08/08 06:36:26 maxv Exp $
+# $NetBSD: GENERIC,v 1.123 2015/09/26 16:33:16 maxv Exp $
#
# Generic Shark configuration.
#
@@ -7,7 +7,7 @@ include "arch/shark/conf/std.shark"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "GENERIC-$Revision: 1.122 $"
+#ident "GENERIC-$Revision: 1.123 $"
# estimated number of users
maxusers 32
@@ -330,5 +330,4 @@ pseudo-device putter # for puffs and p
#options VERIFIED_EXEC_FP_MD5
options PAX_MPROTECT=0 # PaX mprotect(2) restrictions
-#options PAX_SEGVGUARD=0 # PaX Segmentation fault guard
options PAX_ASLR=0 # PaX Address Space Layout Randomization
