Page MenuHomeFreeBSD
Differential D56711

execve: Add guard pages around execve KVA buffers
ClosedPublic
Actions

Authored by markj on Wed, Apr 29, 3:07 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, May 26, 8:16 AM
Unknown Object (File)
Tue, May 26, 8:09 AM
Unknown Object (File)
Tue, May 26, 1:21 AM
Unknown Object (File)
Tue, May 26, 1:11 AM
Unknown Object (File)
Tue, May 19, 9:35 PM
Unknown Object (File)
Mon, May 18, 12:07 AM
Unknown Object (File)
Mon, May 18, 12:03 AM
Unknown Object (File)
Sat, May 16, 11:58 AM
View All 28 Files
Subscribers
imp
olce

Details

Reviewers
brooks
alc
kib
Commits
rGa1e4bc883c5d: execve: Add guard pages around execve KVA buffers
rGeca4dd133883: execve: Add guard pages around execve KVA buffers
Summary

This helps ensure that overflows will trigger a panic instead of
silently corrupting adjacent buffers, as happened in SA-26:13.exec.

Extend kmap_alloc_wait() to support allocation of guard pages on both
sides of a KVA allocation. Modify the exec_map setup accordingly.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj created this revision.Wed, Apr 29, 3:07 PM
Herald added subscribers: olce, imp. · View Herald TranscriptWed, Apr 29, 3:07 PM
markj requested review of this revision.Wed, Apr 29, 3:07 PM
Harbormaster completed remote builds in B72638: Diff 176812.Wed, Apr 29, 3:07 PM
kib added inline comments.Wed, Apr 29, 11:26 PM
sys/vm/vm_init.c
277

I wonder if exec_map_guard_size should be allowed to set to 0. This might matter on 32bit arches.

kib added inline comments.Wed, Apr 29, 11:28 PM
sys/vm/vm_init.c
277

Or at least we could export exec_map_entr* as RO sysctls to get more visibility there.

markj updated this revision to Diff 177119.Sun, May 3, 11:54 PM
markj marked 2 inline comments as done.

Add a tunable to control the number of guard pages

Harbormaster completed remote builds in B72746: Diff 177119.Sun, May 3, 11:54 PM
kib accepted this revision.Mon, May 4, 7:06 AM
This revision is now accepted and ready to land.Mon, May 4, 7:06 AM
Closed by commit rGeca4dd133883: execve: Add guard pages around execve KVA buffers (authored by markj). · Explain WhyMon, May 4, 5:28 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rGeca4dd133883: execve: Add guard pages around execve KVA buffers.
markj added a commit: rGa1e4bc883c5d: execve: Add guard pages around execve KVA buffers.Tue, May 19, 2:09 PM

Revision Contents
Changeset List

PathSize
sys/
kern/
3 lines
vm/
2 lines
8 lines
1 line
39 lines

Diff 177178

View Options

sys/kern/kern_exec.c

Loading...
View Options

sys/vm/vm_extern.h

Loading...
View Options

sys/vm/vm_init.c

Loading...
View Options

sys/vm/vm_kern.h

Loading...
View Options

sys/vm/vm_kern.c

Loading...