3571e53040
patches for easier mirroring, to eliminate a special copy, to make www.freebsd.org/security a full copy of security.freebsd.org and be eventually be the same. For now files are just sitting there. The symlinks are missing. Discussed on: www (repository location) Discussed with: simon (so)
48 lines
1.5 KiB
Diff
48 lines
1.5 KiB
Diff
Index: sys/kern/kern_exec.c
|
|
===================================================================
|
|
--- sys/kern/kern_exec.c (revision 197682)
|
|
+++ sys/kern/kern_exec.c (working copy)
|
|
@@ -104,6 +104,13 @@
|
|
SYSCTL_ULONG(_kern, OID_AUTO, ps_arg_cache_limit, CTLFLAG_RW,
|
|
&ps_arg_cache_limit, 0, "");
|
|
|
|
+SYSCTL_DECL(_security_bsd);
|
|
+
|
|
+static int map_at_zero = 1;
|
|
+TUNABLE_INT("security.bsd.map_at_zero", &map_at_zero);
|
|
+SYSCTL_INT(_security_bsd, OID_AUTO, map_at_zero, CTLFLAG_RW, &map_at_zero, 0,
|
|
+ "Permit processes to map an object at virtual address 0.");
|
|
+
|
|
static int
|
|
sysctl_kern_ps_strings(SYSCTL_HANDLER_ARGS)
|
|
{
|
|
@@ -914,7 +921,7 @@
|
|
int error;
|
|
struct proc *p = imgp->proc;
|
|
struct vmspace *vmspace = p->p_vmspace;
|
|
- vm_offset_t stack_addr;
|
|
+ vm_offset_t sv_minuser, stack_addr;
|
|
vm_map_t map;
|
|
|
|
imgp->vmspace_destroyed = 1;
|
|
@@ -928,14 +935,18 @@
|
|
* not disrupted
|
|
*/
|
|
map = &vmspace->vm_map;
|
|
- if (vmspace->vm_refcnt == 1 && vm_map_min(map) == sv->sv_minuser &&
|
|
+ if (map_at_zero)
|
|
+ sv_minuser = sv->sv_minuser;
|
|
+ else
|
|
+ sv_minuser = MAX(sv->sv_minuser, PAGE_SIZE);
|
|
+ if (vmspace->vm_refcnt == 1 && vm_map_min(map) == sv_minuser &&
|
|
vm_map_max(map) == sv->sv_maxuser) {
|
|
shmexit(vmspace);
|
|
pmap_remove_pages(vmspace_pmap(vmspace), vm_map_min(map),
|
|
vm_map_max(map));
|
|
vm_map_remove(map, vm_map_min(map), vm_map_max(map));
|
|
} else {
|
|
- vmspace_exec(p, sv->sv_minuser, sv->sv_maxuser);
|
|
+ vmspace_exec(p, sv_minuser, sv->sv_maxuser);
|
|
vmspace = p->p_vmspace;
|
|
map = &vmspace->vm_map;
|
|
}
|