backout to insert correct commit message

5 files changed, 21 insertions, 48 deletions

diff --git a/sys/kern/exec_elf.c b/sys/kern/exec_elf.c
index 61550fbec81..f0093ea45fd 100644
--- a/sys/kern/exec_elf.c
+++ b/sys/kern/exec_elf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: exec_elf.c,v 1.122 2016/05/30 21:22:45 deraadt Exp $	*/
+/*	$OpenBSD: exec_elf.c,v 1.123 2016/05/30 21:25:48 deraadt Exp $	*/
 
 /*
  * Copyright (c) 1996 Per Fogelstrom
@@ -76,7 +76,6 @@
 #include <sys/namei.h>
 #include <sys/vnode.h>
 #include <sys/core.h>
-#include <sys/syslog.h>
 #include <sys/exec.h>
 #include <sys/exec_elf.h>
 #include <sys/file.h>
@@ -881,23 +880,6 @@ ELFNAME(os_pt_note)(struct proc *p, struct exec_package *epp, Elf_Ehdr *eh,
 		goto out1;
 
 	for (ph = hph;  ph < &hph[eh->e_phnum]; ph++) {
-		if (ph->p_type == PT_OPENBSD_WXNEEDED) {
-			int wxallowed = (epp->ep_vp->v_mount &&
-			    (epp->ep_vp->v_mount->mnt_flag & MNT_WXALLOWED));
-			
-			if (!wxallowed) {
-				log(LOG_NOTICE,
-				    "%s(%d): W^X binary outside wxallowed mountpoint\n",
-				    epp->ep_name, p->p_pid);
-				error = ENOEXEC;
-				goto out1;
-			}
-			epp->ep_flags |= EXEC_WXNEEDED;
-			break;
-		}
-	}
-
-	for (ph = hph;  ph < &hph[eh->e_phnum]; ph++) {
 		if (ph->p_type != PT_NOTE ||
 		    ph->p_filesz > 1024 ||
 		    ph->p_filesz < sizeof(Elf_Note) + name_size)
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index ec1996a827a..694015e9617 100644
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_exec.c,v 1.179 2016/05/30 21:22:45 deraadt Exp $	*/
+/*	$OpenBSD: kern_exec.c,v 1.180 2016/05/30 21:25:48 deraadt Exp $	*/
 /*	$NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $	*/
 
 /*-
@@ -707,9 +707,6 @@ sys_execve(struct proc *p, void *v, register_t *retval)
 	if ((pack.ep_flags & EXEC_HASFD) && pack.ep_fd < 255)
 		p->p_descfd = pack.ep_fd;
 
-	if (pack.ep_flags & EXEC_WXNEEDED)
-		p->p_p->ps_flags |= PS_WXNEEDED;
-
 	/*
 	 * Call exec hook. Emulation code may NOT store reference to anything
 	 * from &pack.
diff --git a/sys/sys/exec.h b/sys/sys/exec.h
index 7f6f43857e8..87b4aedbd01 100644
--- a/sys/sys/exec.h
+++ b/sys/sys/exec.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: exec.h,v 1.32 2016/05/30 21:22:45 deraadt Exp $	*/
+/*	$OpenBSD: exec.h,v 1.33 2016/05/30 21:25:48 deraadt Exp $	*/
 /*	$NetBSD: exec.h,v 1.59 1996/02/09 18:25:09 christos Exp $	*/
 
 /*-
@@ -142,7 +142,6 @@ struct exec_package {
 #define	EXEC_HASARGL	0x0004		/* has fake args vector */
 #define	EXEC_SKIPARG	0x0008		/* don't copy user-supplied argv[0] */
 #define	EXEC_DESTR	0x0010		/* destructive ops performed */
-#define	EXEC_WXNEEDED	0x0020		/* executable will violate W^X */
 
 #ifdef _KERNEL
 /*
diff --git a/sys/sys/proc.h b/sys/sys/proc.h
index 6cfa7c3d7a3..143a2e477a0 100644
--- a/sys/sys/proc.h
+++ b/sys/sys/proc.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: proc.h,v 1.221 2016/05/30 21:22:45 deraadt Exp $	*/
+/*	$OpenBSD: proc.h,v 1.222 2016/05/30 21:25:48 deraadt Exp $	*/
 /*	$NetBSD: proc.h,v 1.44 1996/04/22 01:23:21 christos Exp $	*/
 
 /*-
@@ -190,8 +190,6 @@ struct process {
 	struct	rusage ps_cru;		/* sum of stats for reaped children */
 	struct	itimerval ps_timer[3];	/* timers, indexed by ITIMER_* */
 
-	u_int64_t ps_wxcounter;
-
 /* End area that is zeroed on creation. */
 #define	ps_endzero	ps_startcopy
 
@@ -261,7 +259,6 @@ struct process {
 #define	PS_ZOMBIE	0x00040000	/* Dead and ready to be waited for */
 #define	PS_NOBROADCASTKILL 0x00080000	/* Process excluded from kill -1. */
 #define	PS_PLEDGE	0x00100000	/* Has called pledge(2) */
-#define	PS_WXNEEDED	0x00200000	/* Process may violate W^X */
 
 #define	PS_BITS \
     ("\20" "\01CONTROLT" "\02EXEC" "\03INEXEC" "\04EXITING" "\05SUGID" \
diff --git a/sys/uvm/uvm_mmap.c b/sys/uvm/uvm_mmap.c
index bc9374cc9cd..9aa0d2d08ca 100644
--- a/sys/uvm/uvm_mmap.c
+++ b/sys/uvm/uvm_mmap.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: uvm_mmap.c,v 1.127 2016/05/30 21:22:46 deraadt Exp $	*/
+/*	$OpenBSD: uvm_mmap.c,v 1.128 2016/05/30 21:25:48 deraadt Exp $	*/
 /*	$NetBSD: uvm_mmap.c,v 1.49 2001/02/18 21:19:08 chs Exp $	*/
 
 /*
@@ -312,32 +312,30 @@ int	uvm_wxabort;
  * W^X violations are only allowed on permitted filesystems.
  */
 static inline int
-uvm_wxcheck(struct proc *p, char *call)
+uvm_wxcheck(struct proc *p)
 {
 #if (defined(__mips64__) || defined(__hppa))
 	/* XXX got/plt repairs still needed */
 	return 0;
 #endif
-	int wxallowed = (p->p_p->ps_textvp->v_mount &&
+	int mpwx = (p->p_p->ps_textvp->v_mount &&
 	    (p->p_p->ps_textvp->v_mount->mnt_flag & MNT_WXALLOWED));
 
-	if (wxallowed && (p->p_p->ps_flags & PS_WXNEEDED))
-		return (0);
-
-	/* Report W^X failures, and potentially SIGABRT */
-	if (p->p_p->ps_wxcounter++ == 0)
-		log(LOG_NOTICE, "%s(%d): %s W^X violation\n",
-		    p->p_comm, p->p_pid, call);
-	if (uvm_wxabort) {
+	if (!mpwx) {
 		struct sigaction sa;
 
-		/* Send uncatchable SIGABRT for coredump */
-		memset(&sa, 0, sizeof sa);
-		sa.sa_handler = SIG_DFL;
-		setsigvec(p, SIGABRT, &sa);
-		psignal(p, SIGABRT);
+		log(LOG_NOTICE, "%s(%d): mmap W^X violation\n",
+		    p->p_comm, p->p_pid);
+		if (uvm_wxabort) {
+			/* Send uncatchable SIGABRT for coredump */
+			memset(&sa, 0, sizeof sa);
+			sa.sa_handler = SIG_DFL;
+			setsigvec(p, SIGABRT, &sa);
+			psignal(p, SIGABRT);
+		}
+		return (ENOTSUP);
 	}
-	return (0);		/* ENOTSUP later */
+	return (0);
 }
 
 /*
@@ -387,7 +385,7 @@ sys_mmap(struct proc *p, void *v, register_t *retval)
 	if ((prot & PROT_MASK) != prot)
 		return (EINVAL);
 	if ((prot & (PROT_WRITE | PROT_EXEC)) == (PROT_WRITE | PROT_EXEC) &&
-	    (error = uvm_wxcheck(p, "mmap")))
+	    (error = uvm_wxcheck(p)))
 		return (error);
 
 	if ((flags & MAP_FLAGMASK) != flags)
@@ -704,7 +702,7 @@ sys_mprotect(struct proc *p, void *v, register_t *retval)
 	if ((prot & PROT_MASK) != prot)
 		return (EINVAL);
 	if ((prot & (PROT_WRITE | PROT_EXEC)) == (PROT_WRITE | PROT_EXEC) &&
-	    (error = uvm_wxcheck(p, "mprotect")))
+	    (error = uvm_wxcheck(p)))
 		return (error);
 
 	error = pledge_protexec(p, prot);