diff options
| author | Stuart Henderson <sthen@cvs.openbsd.org> | 2016-06-04 16:43:44 +0000 |
|---|---|---|
| committer | Stuart Henderson <sthen@cvs.openbsd.org> | 2016-06-04 16:43:44 +0000 |
| commit | b8142004b0e649ab34f5c5c21561d9f9cbdb49d8 (patch) | |
| tree | 3257a63adb3c386f244711cc76c168a3b606ade8 /sys/uvm/uvm_mmap.c | |
| parent | 1e851a4a3be2821cdbd87a1c8bafd070506bf09a (diff) | |
If a process trips the W^X violation check, abort it unless it came
from a filesystem with the wxallowed flag set. ok deraadt
Current status:
Filesystem Binary Action
---------- ------ ------
wxallowed normal violation -> log but don't abort
wxallowed wxneeded W^X silently allowed
normal normal violation -> abort
normal wxneeded process won't run at all
See http://www.openbsd.org/faq/current.html#r20160527
Diffstat (limited to 'sys/uvm/uvm_mmap.c')
| -rw-r--r-- | sys/uvm/uvm_mmap.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/uvm/uvm_mmap.c b/sys/uvm/uvm_mmap.c index 0911b9689d2..7497c983a9e 100644 --- a/sys/uvm/uvm_mmap.c +++ b/sys/uvm/uvm_mmap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uvm_mmap.c,v 1.131 2016/06/02 17:05:58 schwarze Exp $ */ +/* $OpenBSD: uvm_mmap.c,v 1.132 2016/06/04 16:43:43 sthen Exp $ */ /* $NetBSD: uvm_mmap.c,v 1.49 2001/02/18 21:19:08 chs Exp $ */ /* @@ -328,7 +328,7 @@ uvm_wxcheck(struct proc *p, char *call) if (p->p_p->ps_wxcounter++ == 0) log(LOG_NOTICE, "%s(%d): %s W^X violation\n", p->p_comm, p->p_pid, call); - if (uvm_wxabort) { + if (!wxallowed || uvm_wxabort) { struct sigaction sa; /* Send uncatchable SIGABRT for coredump */ |