#
ed54b5b8 |
| 08-Aug-2017 |
maxv <maxv@NetBSD.org> |
Remove compat_freebsd from the list of autoloaded modules. Interested users will now have to type 'modload' to use it, or uncomment the entry in GENERIC. I should have removed it when I disabled COMP
Remove compat_freebsd from the list of autoloaded modules. Interested users will now have to type 'modload' to use it, or uncomment the entry in GENERIC. I should have removed it when I disabled COMPAT_FREEBSD by default, sorry about that.
show more ...
|
#
3fd6d8c7 |
| 21-Apr-2017 |
christos <christos@NetBSD.org> |
- Propagate the signal mask from the ucontext_t to the newly created thread as specified by _lwp_create(2) - Reset the signal stack for threads created with _lwp_create(2)
|
#
8acb16b7 |
| 25-Jan-2017 |
christos <christos@NetBSD.org> |
es_arglen is already in bytes...
|
#
9a6fddca |
| 09-Jan-2017 |
kamil <kamil@NetBSD.org> |
Cleanup dead code after revert of racy vfork(2) commit
This removes dead code introduced with the following commit:
date: 2012-07-27 22:52:49 +0200; author: christos; state: Exp; lines: +8 -2; r
Cleanup dead code after revert of racy vfork(2) commit
This removes dead code introduced with the following commit:
date: 2012-07-27 22:52:49 +0200; author: christos; state: Exp; lines: +8 -2; revert racy vfork() parent-blocking-before-child-execs-or-exits code. ok rmind
show more ...
|
#
640b00d4 |
| 06-Jan-2017 |
kamil <kamil@NetBSD.org> |
Introduce new SIGTRAP code: TRAP_EXEC
On exec() events under a debugger generate the SIGTRAP signal with TRAP_EXEC property. This allows tracer to distinguish exec() events easily.
Sponsored by <Th
Introduce new SIGTRAP code: TRAP_EXEC
On exec() events under a debugger generate the SIGTRAP signal with TRAP_EXEC property. This allows tracer to distinguish exec() events easily.
Sponsored by <The NetBSD Foundation>
show more ...
|
#
2bb614eb |
| 03-Nov-2016 |
kamil <kamil@NetBSD.org> |
Prefer modern simple past tense and past participle of catch
The "catched" form is obsolete and nonstandard, prefer "caught".
|
#
9d946c88 |
| 15-Sep-2016 |
christos <christos@NetBSD.org> |
m68k binaries load @ pagesize. unbreak.
|
#
e9652cc8 |
| 06-Aug-2016 |
maxv <maxv@NetBSD.org> |
The way the kernel tries to prevent a userland process from allocating page zero is hugely flawed. It is easy to demonstrate that one can trick UVM into chosing a NULL hint after the user_va0_disable
The way the kernel tries to prevent a userland process from allocating page zero is hugely flawed. It is easy to demonstrate that one can trick UVM into chosing a NULL hint after the user_va0_disable check from uvm_map. Such a bypass allows kernel NULL pointer dereferences to be exploitable on architectures with a shared userland<->kernel VA, like amd64.
Fix this by increasing the limit of the vm space made available for userland processes. This way, UVM will never chose a NULL hint, since it would be outside of the vm space.
The user_va0_disable sysctl still controls this feature.
show more ...
|
#
575a7585 |
| 07-Jul-2016 |
msaitoh <msaitoh@NetBSD.org> |
KNF. Remove extra spaces. No functional change.
|
#
d41a8355 |
| 20-Jun-2016 |
christos <christos@NetBSD.org> |
put back commented out name resolution code that was gc'ed after previous refactoring.
|
#
b923f1a6 |
| 09-Jun-2016 |
christos <christos@NetBSD.org> |
fix variable name
|
#
e447c3c9 |
| 08-Jun-2016 |
christos <christos@NetBSD.org> |
ignore EACCES
|
#
9468c974 |
| 25-May-2016 |
christos <christos@NetBSD.org> |
Give 0,1,2 for security.pax.mprotect.ptrace and make it default to 1 as documented in sysctl(7): 0 - ptrace does not affect mprotect 1 - (default) mprotect is disabled for processes that start execut
Give 0,1,2 for security.pax.mprotect.ptrace and make it default to 1 as documented in sysctl(7): 0 - ptrace does not affect mprotect 1 - (default) mprotect is disabled for processes that start executing from the debugger (being traced) 2 - mprotect restrictions are relaxed for traced processes
show more ...
|
#
cb0ef59b |
| 22-May-2016 |
christos <christos@NetBSD.org> |
reduce #ifdef mess caused by PaX
|
#
96b5b8fd |
| 11-May-2016 |
ozaki-r <ozaki-r@NetBSD.org> |
Fix builds of ALL kernels that define DEBUG_EXEC
|
#
6f9b0b4f |
| 08-May-2016 |
christos <christos@NetBSD.org> |
Enable DEBUG_EXEC, if we have DEBUG (since it only fires on errors) and disable the super verbose printing by protecting it against TRACE_EXEC.
|
#
df7c7fe0 |
| 08-May-2016 |
christos <christos@NetBSD.org> |
Move all the randomization inside kern_pax.c so we can control it directly. Add debugging flags to be able to set the random number externally.
|
#
b144b784 |
| 04-Apr-2016 |
christos <christos@NetBSD.org> |
no need to pass the coredump flag to exit1() since it is set and known in one place.
|
#
c13c59ca |
| 04-Apr-2016 |
christos <christos@NetBSD.org> |
Split p_xstat (composite wait(2) status code, or signal number depending on context) into: 1. p_xexit: exit code 2. p_xsig: signal number 3. p_sflag & WCOREFLAG bit to indicated that the process co
Split p_xstat (composite wait(2) status code, or signal number depending on context) into: 1. p_xexit: exit code 2. p_xsig: signal number 3. p_sflag & WCOREFLAG bit to indicated that the process core-dumped.
Fix the documentation of the flag bits in <sys/proc.h>
show more ...
|
#
14b7cf3c |
| 20-Mar-2016 |
khorben <khorben@NetBSD.org> |
Let PaX ASLR know about the current emulation
This effectively fixes PaX ASLR with 32-bits emulation on 64-bits platforms. Without this knowledge, the offset applied for 32-bits programs was really
Let PaX ASLR know about the current emulation
This effectively fixes PaX ASLR with 32-bits emulation on 64-bits platforms. Without this knowledge, the offset applied for 32-bits programs was really meant for a 64-bits address space - thus shifting the address up to 12 bits, with a success rate of about 1/4096. This offset is calculated once in the lifetime of the process, which therefore behaved normally when able to start.
Fixes kern/50469, probably also kern/50986
Tested on NetBSD/amd64 (emul_netbsd32)
show more ...
|
#
fa160f14 |
| 30-Nov-2015 |
pgoyette <pgoyette@NetBSD.org> |
Make the list of syscalls which can trigger a module autoload an attribute of each emulation, rather than having a single global list which applies only to the default emulation.
This changes 'struc
Make the list of syscalls which can trigger a module autoload an attribute of each emulation, rather than having a single global list which applies only to the default emulation.
This changes 'struct emul' so
Welcome to 7.99.23 !
show more ...
|
#
e68465aa |
| 26-Nov-2015 |
martin <martin@NetBSD.org> |
We never exec(2) with a kernel vmspace, so do not test for that, but instead KASSERT() that we don't. When calculating the load address for the interpreter (e.g. ld.elf_so), we need to take into acco
We never exec(2) with a kernel vmspace, so do not test for that, but instead KASSERT() that we don't. When calculating the load address for the interpreter (e.g. ld.elf_so), we need to take into account wether the exec'd process will run with topdown memory or bottom up. We can not use the current vmspace's flags to test for that, as this happens too early. Luckily the execpack already knows what the new state will be later, so instead of testing the current vmspace, pass the info as additional argument to struct emul e_vm_default_addr. Fix all such functions and adopt all callers.
show more ...
|
#
a8b41879 |
| 22-Oct-2015 |
maxv <maxv@NetBSD.org> |
Reset the PaX flags, make sure ep_emul_arg is NULL, and add a comment.
|
#
0e6dcdec |
| 13-Oct-2015 |
pgoyette <pgoyette@NetBSD.org> |
In spawn_return() we temporarily move the process state to SSTOP, but without updating its p_waited value or its parent's p_nstopchild counter. Later, we restore the original state, again without an
In spawn_return() we temporarily move the process state to SSTOP, but without updating its p_waited value or its parent's p_nstopchild counter. Later, we restore the original state, again without any adjustment of the related values. This leaves a relatively short window when the values are inconsistent and could interfere with the proper operation of sys_wait() for the parent (if it manages to be scheduled; it's not totally clear what, if anything, prevents scheduling/execution of the parent).
If during this window, any of the checks being made result in an error, we call exit1() which will eventually migrate the process's state to SDEAD (with an intermediate transition to SDYING). At this point the other variables get updated, and we finally restore a consistent state.
This change updates the p_waited and parent's p_nstopchild at each step to eliminate any windows during which the values could lead to incorrect decisions.
Fixes PR kern/50330
Pullups will be requested for NetBSD-7, -6, -6-0, and -6-1
show more ...
|
#
1c73ff97 |
| 13-Oct-2015 |
pgoyette <pgoyette@NetBSD.org> |
In execve_runproc(), update the p_waited entry for the process being moved to SSTOP state, not for its parent. (It is correct to update the parent's p_nstopchild count.) If the value is not already
In execve_runproc(), update the p_waited entry for the process being moved to SSTOP state, not for its parent. (It is correct to update the parent's p_nstopchild count.) If the value is not already zero, it could prevent its parent from waiting for the process.
Fixes PR kern/50298
Pullups will be requested for:
NetBSD-7, -6, -6-0, -6-1, -5, -5-0, -5-1, and -5-2
show more ...
|