Change Details

- We load the kernel at 0x200000. Memory below that address need not be executable. - Pad the .bss to a 2MB boundary, like we do between .text and .data. This forces the loader to load additional files starting at a different 2MB page. Doing so allows us to keep using superpage mappings for data. - Map memory above the kernel with NX. The kernel linker will be modified to use pmap_change_prot() to request execute access. Other preloaded data (/boot/entropy, CPU microcode, etc.) need not be mapped with execute permissions.

- We load the kernel at 0x200000. Memory below that address need not be executable. - Remove references to the .ldata section and related sections. They were just copied from the default GNU ld linker script, but we now use lld (which doesn't embed a default linker script(!)) and we are not going to use ldata anytime soon anyway. - Pad the .bss to a 2MB boundary, like we do between .text and .data. This forces the loader to load additional files starting at a different 2MB page. Doing so allows us to keep using superpage mappings for data. - Map memory above the kernel with NX. The kernel linker will be modified to use pmap_change_prot() to request execute access. Other preloaded data (/boot/entropy, CPU microcode, etc.) need not be mapped with execute permissions.

- We load the kernel at 0x200000. Memory below that address need not be executable. - Remove references to the .ldata section and related sections. They were just copied from the default GNU ld linker script, but we now use lld (which doesn't embed a default linker script(!)) and we are not going to use ldata anytime soon anyway. - Pad the .bss to a 2MB boundary, like we do between .text and .data. This forces the loader to load additional files starting at a different 2MB page. Doing so allows us to keep using superpage mappings for data. - Map memory above the kernel with NX. The kernel linker will be modified to use pmap_change_prot() to request execute access. Other preloaded data (/boot/entropy, CPU microcode, etc.) need not be mapped with execute permissions.