CVSROOT: /cvs
Module name: src
Changes by: s...@cvs.openbsd.org 2018/07/13 02:30:34
Modified files:
sys/arch/amd64/amd64: codepatch.c mainbus.c
sys/arch/amd64/conf: ld.script
sys/arch/amd64/include: codepatch.h
Log message:
Disable codepatching infrastructure after boot
This way, it is not available for use in ROP attacks. This diff puts the
codepatching code into a separate section and unmaps that section after boot.
In the future, the memory could potentially be reused but that would require
larger changes.
ok pguenther@
