diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-02-06 23:58:13 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-02-06 23:58:13 +0000 |
| commit | 10bf69cce0d92c5a9e6d252f99e02345c220f30f (patch) | |
| tree | 130e4fe2b0d54ad814d081fc8fff9cba9e9342f1 /sys | |
| parent | 8a9300f5ce7c3a6e63c67274dc5cca83fc7efcaf (diff) | |
Raise ELF_RANDOMIZE_LIMIT to 64K, so that programs and libraries can
legitimately use random section variables without execve failures...
Because this section is not demand faulted, yield() every page during
the fill otherwise the costs are charged poorly.
ok tedu matthew
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/exec_elf.c | 5 | ||||
| -rw-r--r-- | sys/kern/exec_subr.c | 24 | ||||
| -rw-r--r-- | sys/sys/exec.h | 5 |
3 files changed, 23 insertions, 11 deletions
diff --git a/sys/kern/exec_elf.c b/sys/kern/exec_elf.c index 36882bdf65f..1f2fbc84360 100644 --- a/sys/kern/exec_elf.c +++ b/sys/kern/exec_elf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exec_elf.c,v 1.110 2015/01/27 00:33:21 kurt Exp $ */ +/* $OpenBSD: exec_elf.c,v 1.111 2015/02/06 23:58:12 deraadt Exp $ */ /* * Copyright (c) 1996 Per Fogelstrom @@ -129,9 +129,6 @@ extern char *syscallnames[]; */ #define ELF_MAX_VALID_PHDR 32 -/* Limit on total PT_OPENBSD_RANDOMIZE bytes. */ -#define ELF_RANDOMIZE_LIMIT 1024 - /* * This is the basic elf emul. elf_probe_funcs may change to other emuls. */ diff --git a/sys/kern/exec_subr.c b/sys/kern/exec_subr.c index 538e20ecb65..e51b6af910f 100644 --- a/sys/kern/exec_subr.c +++ b/sys/kern/exec_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exec_subr.c,v 1.46 2014/12/17 06:58:11 guenther Exp $ */ +/* $OpenBSD: exec_subr.c,v 1.47 2015/02/06 23:58:12 deraadt Exp $ */ /* $NetBSD: exec_subr.c,v 1.9 1994/12/04 03:10:42 mycroft Exp $ */ /* @@ -289,16 +289,28 @@ vmcmd_randomize(struct proc *p, struct exec_vmcmd *cmd) { char *buf; int error; + size_t off = 0, len; if (cmd->ev_len == 0) return (0); - if (cmd->ev_len > 1024) + if (cmd->ev_len > ELF_RANDOMIZE_LIMIT) return (EINVAL); - buf = malloc(cmd->ev_len, M_TEMP, M_WAITOK); - arc4random_buf(buf, cmd->ev_len); - error = copyout(buf, (void *)cmd->ev_addr, cmd->ev_len); - free(buf, M_TEMP, cmd->ev_len); + buf = malloc(PAGE_SIZE, M_TEMP, M_WAITOK); + len = cmd->ev_len; + do { + size_t sublen = MIN(len, PAGE_SIZE); + + arc4random_buf(buf, sublen); + error = copyout(buf, (void *)cmd->ev_addr + off, sublen); + if (error) + break; + off += sublen; + len -= sublen; + if (len) + yield(); + } while (len); + free(buf, M_TEMP, PAGE_SIZE); return (error); } diff --git a/sys/sys/exec.h b/sys/sys/exec.h index 3d8cf92e33a..e74ae18bc1e 100644 --- a/sys/sys/exec.h +++ b/sys/sys/exec.h @@ -1,4 +1,4 @@ -/* $OpenBSD: exec.h,v 1.28 2015/01/26 22:51:37 kettenis Exp $ */ +/* $OpenBSD: exec.h,v 1.29 2015/02/06 23:58:12 deraadt Exp $ */ /* $NetBSD: exec.h,v 1.59 1996/02/09 18:25:09 christos Exp $ */ /*- @@ -214,6 +214,9 @@ extern struct execsw execsw[]; extern int nexecs; extern int exec_maxhdrsz; +/* Limit on total PT_OPENBSD_RANDOMIZE bytes. */ +#define ELF_RANDOMIZE_LIMIT 64*1024 + #endif /* _KERNEL */ #ifndef N_PAGSIZ |