Changeset View
Standalone View
sys/kern/imgact_elf.c
Show First 20 Lines • Show All 177 Lines • ▼ Show 20 Lines | SYSCTL_INT(ASLR_NODE_OID, OID_AUTO, honor_sbrk, CTLFLAG_RW, | ||||
__XSTRING(__CONCAT(ELF, __ELF_WORD_SIZE)) ": assume sbrk is used"); | __XSTRING(__CONCAT(ELF, __ELF_WORD_SIZE)) ": assume sbrk is used"); | ||||
static int __elfN(aslr_stack_gap) = 3; | static int __elfN(aslr_stack_gap) = 3; | ||||
SYSCTL_INT(ASLR_NODE_OID, OID_AUTO, stack_gap, CTLFLAG_RW, | SYSCTL_INT(ASLR_NODE_OID, OID_AUTO, stack_gap, CTLFLAG_RW, | ||||
&__elfN(aslr_stack_gap), 0, | &__elfN(aslr_stack_gap), 0, | ||||
__XSTRING(__CONCAT(ELF, __ELF_WORD_SIZE)) | __XSTRING(__CONCAT(ELF, __ELF_WORD_SIZE)) | ||||
": maximum percentage of main stack to waste on a random gap"); | ": maximum percentage of main stack to waste on a random gap"); | ||||
static int __elfN(fast_sigblock) = 1; | |||||
SYSCTL_INT(__CONCAT(_kern_elf, __ELF_WORD_SIZE), OID_AUTO, fast_sigblock, | |||||
CTLFLAG_RWTUN, &__elfN(fast_sigblock), 0, | |||||
"enable fast sigblock for new processes"); | |||||
emaste: is this just for testing? i.e., would we remove this in the future? | |||||
Done Inline ActionsI revert the defaults in the update, but I want the control to stay. Even of only for emergency to allow people to boot if something goes wrong. kib: I revert the defaults in the update, but I want the control to stay. Even of only for… | |||||
Not Done Inline ActionsIf this is a tunable, then report fast sigblock support should probably be something like enable fast sigblock support or fast sigblock support enabled or fast sigblock enabled; something other than report, in any case, since this is a control. rpokala: If this is a tunable, then `report fast sigblock support` should probably be something like… | |||||
Done Inline ActionsIt is not 'enable_fast_sigblock' or anything like that. The fast sigblock support is always enabled. The tunable governs the report of the presence of the feature in auxv. kib: It is not 'enable_fast_sigblock' or anything like that. The fast sigblock support is always… | |||||
Not Done Inline ActionsPerhaps change the description to "enable fast sigblock in new processes" since that is what it does in practice. Of course, code can be written that tries to use fast sigblock even if auxv does not indicate it is supported, but I think that can be ignored for such a short description. jilles: Perhaps change the description to "enable fast sigblock in new processes" since that is what it… | |||||
Not Done Inline Actions+1. I think jilles' proposed text is a reasonable proxy for actual functionality affected by the sysctl given both the constraints of the sysctl description length convention, and most common audience (non-developers). cem: +1. I think jilles' proposed text is a reasonable proxy for actual functionality affected by… | |||||
static Elf_Brandinfo *elf_brand_list[MAX_BRANDS]; | static Elf_Brandinfo *elf_brand_list[MAX_BRANDS]; | ||||
#define aligned(a, t) (rounddown2((u_long)(a), sizeof(t)) == (u_long)(a)) | #define aligned(a, t) (rounddown2((u_long)(a), sizeof(t)) == (u_long)(a)) | ||||
static const char FREEBSD_ABI_VENDOR[] = "FreeBSD"; | static const char FREEBSD_ABI_VENDOR[] = "FreeBSD"; | ||||
Elf_Brandnote __elfN(freebsd_brandnote) = { | Elf_Brandnote __elfN(freebsd_brandnote) = { | ||||
.hdr.n_namesz = sizeof(FREEBSD_ABI_VENDOR), | .hdr.n_namesz = sizeof(FREEBSD_ABI_VENDOR), | ||||
▲ Show 20 Lines • Show All 1,168 Lines • ▼ Show 20 Lines | __elfN(freebsd_copyout_auxargs)(struct image_params *imgp, uintptr_t base) | ||||
} | } | ||||
AUXARGS_ENTRY(pos, AT_STACKPROT, imgp->sysent->sv_shared_page_obj | AUXARGS_ENTRY(pos, AT_STACKPROT, imgp->sysent->sv_shared_page_obj | ||||
!= NULL && imgp->stack_prot != 0 ? imgp->stack_prot : | != NULL && imgp->stack_prot != 0 ? imgp->stack_prot : | ||||
imgp->sysent->sv_stackprot); | imgp->sysent->sv_stackprot); | ||||
if (imgp->sysent->sv_hwcap != NULL) | if (imgp->sysent->sv_hwcap != NULL) | ||||
AUXARGS_ENTRY(pos, AT_HWCAP, *imgp->sysent->sv_hwcap); | AUXARGS_ENTRY(pos, AT_HWCAP, *imgp->sysent->sv_hwcap); | ||||
if (imgp->sysent->sv_hwcap2 != NULL) | if (imgp->sysent->sv_hwcap2 != NULL) | ||||
AUXARGS_ENTRY(pos, AT_HWCAP2, *imgp->sysent->sv_hwcap2); | AUXARGS_ENTRY(pos, AT_HWCAP2, *imgp->sysent->sv_hwcap2); | ||||
AUXARGS_ENTRY(pos, AT_BSDFLAGS, __elfN(fast_sigblock) ? | |||||
ELF_BSDF_SIGFASTBLK : 0); | |||||
AUXARGS_ENTRY(pos, AT_NULL, 0); | AUXARGS_ENTRY(pos, AT_NULL, 0); | ||||
free(imgp->auxargs, M_TEMP); | free(imgp->auxargs, M_TEMP); | ||||
imgp->auxargs = NULL; | imgp->auxargs = NULL; | ||||
KASSERT(pos - argarray <= AT_COUNT, ("Too many auxargs")); | KASSERT(pos - argarray <= AT_COUNT, ("Too many auxargs")); | ||||
error = copyout(argarray, (void *)base, sizeof(*argarray) * AT_COUNT); | error = copyout(argarray, (void *)base, sizeof(*argarray) * AT_COUNT); | ||||
free(argarray, M_TEMP); | free(argarray, M_TEMP); | ||||
▲ Show 20 Lines • Show All 1,390 Lines • Show Last 20 Lines |
is this just for testing? i.e., would we remove this in the future?