One last thing before I commit this version. I'm trying to decide if I care about being able to detect PROT_MAX(PROT_NONE) and mostly leaning towards "no, use MAP_GUARD instead". Any alternative views?
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Jun 19 2019
In D18880#447385, @emaste wrote:Interesting, NetBSD has a related change from 2017: https://github.com/NetBSD/src/commit/6508f5143a1028fc68b4de2151c3a33f65eece53
They list "extra" perms that may be added later rather than the full list.Example from their test case: map = mmap(NULL, page, PROT_MPROTECT(PROT_EXEC)|PROT_WRITE|PROT_READ, MAP_ANON, -1, 0);
As far as I can tell there's only one non-test use in the NetBSD base system userland:
external/bsd/llvm/dist/llvm/lib/Support/Unix/Memory.inc 110:#if defined(__NetBSD__) && defined(PROT_MPROTECT) 111: Protect |= PROT_MPROTECT(PROT_READ | PROT_WRITE | PROT_EXEC);
Jun 18 2019
In D18880#446910, @alc wrote:Are the "max protection" semantics what you would wish for or just convenient to implement? Do you have further extensions in mind, for example, don't allow deallocation of a region until address space termination?
- Make 'values' plural here.
- Grammer fixes from @alc.
- Document EINVAL when (prot & max_prot) != prot.
- Drop an assertion that is wrong when CAPABILITIES is no defined.
Jun 17 2019
- Document new error case in mprotect(2).
- No period at the end of sysctl description.
- Verify that prot isn't larger than max_prot.
- Avoid the need for a goto in mmprotect().
- Add a KASSERT that cap_maxprot is contained in max_prot.
- Fix cut-n-pasto
- Add a check that no invalid prot flags have been passed.
In D18880#446473, @emaste wrote:*** Check failed: /root/freebsd/tests/sys/vm/mmap_test.c:107: MAP_ANON with extra PROT flags succeeded *** Check failed: /root/freebsd/tests/sys/vm/mmap_test.c:107: shm fd with garbage PROT succeededI'll start on updating the tests for this change, but as it is initially disabled by default (after correcting the copy-pasteo, at least) IMO it can go in now.
Jun 14 2019
- Fix a typo resulting in unbootable systems.
- Don't imply max_prot when prot is PROT_NONE.
Jun 12 2019
- Add some minimal docs for PROT_MAX.
- Simplify setting initial max_prot.
- style(9): spaces around '|'s.
Jun 7 2019
The latest diff simplifies the whole change to add a sysctl to enable implying PROT_MAX system wide. I've also added mprotect() support. The current code compiles, but is untested.
- Move the EXTRACT macros into the PROT_ namespace.
- Make implying PROT_MAX values conditional on a sysctl.
- Allow mprotect() to set maximum protections.
Jun 6 2019
May 30 2019
- Use ${.CURDIR} instead of ".".
May 22 2019
One commit is fine. Any revert except of the xe(4) removal will conflict on this file anyway.
May 21 2019
It looks like there's a missing pkg-plist update. When I build under poudriere I get:
May 20 2019
May 18 2019
There are some other mentions, but most seem to be docs that haven't been updated in some time.
May 17 2019
The pull request has been updated to not remove ae(4).
May 16 2019
May 15 2019
May 10 2019
In D20230#435945, @jhb wrote:Just don't forget 'Relnotes: yes' on each commit? (I assume you were planning to do that but didn't see it in my spot check of a GitHub commit log)
universe kernel's build (except for a few with unrelated errors) and amd64, i386, and powerpc universe builds.
May 8 2019
May 7 2019
LGTM
May 1 2019
Since this is a new file, you might want to consider formatting it in the new, more readable style used in sys/kern/syscalls.master.
Apr 30 2019
Apr 26 2019
Apr 17 2019
Apr 16 2019
This generally looks good to me.
Apr 12 2019
Apr 3 2019
Apr 1 2019
Mar 27 2019
We can certainly delay removal if this is a significant loss. I didn't see this one since it's hard to see dependencies on platforms I don't run.
Mar 25 2019
Mar 20 2019
Mar 19 2019
Mar 14 2019
I confirm that I see no uses.