summaryrefslogtreecommitdiffstats
path: root/sys/kern/exec_elf.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Track size of an opaque allocation to pass to free() laterderaadt2015-09-281-3/+4
| | | | ok guenther tedu
* Now we use p_filesz - 1 to test for NUL check that p_filesz isjsg2015-04-301-2/+2
| | | | | | | | at least two and while here allow the upper bound to be MAXPATHLEN by changing a >= to > as suggested by krw@ in a thread on tech where Maxime Villard proposed additional PT_INTERP checks. tested by and ok guenther@
* Error out if the PT_INTERP segment isn't NUL terminatedguenther2015-04-301-1/+3
| | | | ok deraadt@ millert@ miod@
* Require a PT_LOAD segment's p_filesz to be no larger than its p_memsz.guenther2015-04-261-1/+7
| | | | | test cases provided by Alejandro Herna'ndez (nitrousenador (at) gmail.com) ok deraadt@ jsg@
* Extend uvm_map_hint() to get an address range as extra arguments, and makemiod2015-03-301-2/+3
| | | | | | | | | | sure it will return an address within that range. Use this in uaddr_rnd_select() to make sure we will not attempt to pick an address beyond what we are allowed to map. In my trees for 9 months, blackmailed s2k15 attendees into agreeing now would be a good time to commit.
* Don't use an uninitialized variable when a PT_LOAD segment withguenther2015-02-101-11/+10
| | | | | | | | | | alignment 0 or 1 is encountered. The result before was just a spurious failure by execve(), though I had to manually mangle a binary to hit this case: segments are all long-aligned or better in practice. uninitialized variable noted by Maxime Villard (rustyBSD (at) gmx.fr) ok and prod jsg@
* Raise ELF_RANDOMIZE_LIMIT to 64K, so that programs and libraries canderaadt2015-02-061-4/+1
| | | | | | | legitimately use random section variables without execve failures... Because this section is not demand faulted, yield() every page during the fill otherwise the costs are charged poorly. ok tedu matthew
* Require EFT shared objects have a PT_PHDR entry to be consideredkurt2015-01-271-5/+11
| | | | | | | | | | a pie binary. The kernel will now reject executing a typical shared library with EINVAL. This breaks compatibility with initial static pie binaries and requires a recent user-land prior to upgrading. In addition, more fine grained errors can be returned from execve(2) when errors occur while attempting to execute ELF objects. okay guenther@, kettenis@, deraadt@
* Move ps_strings "after" the random stackgap. This makes its location akettenis2015-01-201-2/+2
| | | | | | | | per-process value, and therefpore turns the VM_PSSTRINGS sysctl into a per-process one as well. This gets rid of a pointer to the bottom of the stack at a fixed location. Also clears the road for unmapping the stackgap. ok deraadt@
* Make it possible to execute PIE binaries that don't have an PT_INTERP segmentkettenis2014-12-221-9/+12
| | | | | | | | | | | | (and therefore no interpreter). Necessary to make self-relocating "static" PIE working. This will also allow execution of shared libraries that have the 'x' bit set. Those shouldn't exist, but unfortunately people outside OpenBSD think differently which means third-party software sometimes installs shared libraries with the 'x' bit set. ok kurt@, deraadt@
* primary change: move uvm_vnode out of vnode, keeping only a pointer.tedu2014-12-161-1/+3
| | | | | | objective: vnode.h doesn't include uvm_extern.h anymore. followup changes: include uvm_extern.h or lock.h where necessary. ok and help from deraadt
* Replace a plethora of historical protection options with justderaadt2014-11-161-10/+10
| | | | | | | PROT_NONE, PROT_READ, PROT_WRITE, and PROT_EXEC from mman.h. PROT_MASK is introduced as the one true way of extracting those bits. Remove UVM_ADV_* wrapper, using the standard names. ok doug guenther kettenis
* prefer sizeof(*ptr) to sizeof(struct) for malloc and freetedu2014-11-141-2/+2
|
* printf debugging worked! figured out the bug (in free()) just aftertedu2014-11-061-3/+1
| | | | committing the printfs. revert.
* Make better use of the value of psectionslen instead of recomputingmillert2014-11-061-11/+8
| | | | it multiple times. Also remove an unused variable. OK deraadt@ tedu@
* resort to printf debugging hints until we can figure this out. ok deraadttedu2014-11-061-1/+3
|
* pass size argument to free()deraadt2014-11-031-9/+10
| | | | ok doug tedu
* use mallocarray for multiplied value checkingtedu2014-07-131-5/+5
|
* add a size argument to free. will be used soon, but for now default to 0.tedu2014-07-121-10/+10
| | | | after discussions with beck deraadt kettenis.
* decouple struct uvmexp into a new file, so that uvm_extern.h and sysctl.hderaadt2014-07-081-2/+1
| | | | | don't need to be married. ok guenther miod beck jsing kettenis
* Eliminates struct pcred by moving the real and saved ugids intoguenther2014-03-301-5/+5
| | | | | | | | | struct ucred; struct process then directly links to the ucred Based on a discussion at c2k10 or so before noting that FreeBSD and NetBSD did this too. ok matthew@
* Move p_emul and p_sigcode from proc to process.guenther2014-03-261-3/+3
| | | | | | | | | Tweak the handling of ktrace EMUL when changing ktracing: only generate one per process (not one per thread) and pass the correct proc pointer down to the VFS layer. Permit generating of NAMI and CSW records inside ktrace(2) itself. ok deraadt@ millert@
* Move p_sigacts from struct proc to struct process.guenther2014-03-221-3/+3
| | | | testing help mpi@
* bzero -> memsettedu2014-01-211-3/+3
|
* now that free(null) is safe, delete checkstedu2013-07-041-7/+4
|
* Coredumping is now single-threaded, so update comment about lockingguenther2013-06-021-3/+4
|
* do not include machine/cpu.h from a .c file; it is the responsibility ofderaadt2013-03-281-2/+1
| | | | | .h files to pull it in, if needed ok tedu
* Slice & dice coredump write requests into MAXPHYS blocks, andderaadt2013-01-151-1/+4
| | | | | | yield between operations. Re-grab the vnode every operation, so that multiple coredumps can be saved at the same time. ok guenther beck etc
* Recognize executables tagged with ELFOSABI_OPENBSD (such as generatedmatthew2012-09-171-2/+3
| | | | | | | | by the Go linker) as native executables even if they don't contain an OpenBSD PT_NOTE segment. Confirmed to fix Go by sthen ok kettenis, deraadt
* Remove the 'OLF method' used for the transition from a.out to ELF andderaadt2012-09-111-21/+7
| | | | | | | for all the compat layers which are now gone. Linux compat still works because it always used another method in any case, and nothing looks at p_os anymore. ok jsing
* Add support for .openbsd.randomdata sections and PT_OPENBSD_RANDOMIZEmatthew2012-08-201-1/+26
| | | | | | | | segments to the kernel, ld (2.15), and ld.so. Tested on alpha, amd64, i386, macppc, and sparc64 (thanks naddy, mpi, and okan!). Idea discussed for some time; committing now for further testing. ok deraadt
* New vmmap implementation.ariane2012-03-091-12/+14
| | | | | | | | | | | | no oks (it is really a pain to review properly) extensively tested, I'm confident it'll be stable 'now is the time' from several icb inhabitants Diff provides: - ability to specify different allocators for different regions/maps - a simpler implementation of the current allocator - currently in compatibility mode: it will generate similar addresses as the old allocator
* Recommit the reverted sigacts change now that the NFS use-after-freeguenther2011-07-051-5/+5
| | | | | | | | problem has been tracked down. This fixes the sharing of the signal handling state: shared bits go in sigacts, per-rthread bits goes in struct proc. ok deraadt@
* remove compat_svr4 support. ok deraadttedu2011-07-041-8/+1
|
* Backout vmmap in order to repair virtual address selection algorithmsariane2011-06-061-13/+11
| | | | outside the tree.
* Reimplement uvm/uvm_map.ariane2011-05-241-11/+13
| | | | | | | | | | | | | vmmap is designed to perform address space randomized allocations, without letting fragmentation of the address space go through the roof. Some highlights: - kernel address space randomization - proper implementation of guardpages - roughly 10% system time reduction during kernel build Tested by alot of people on tech@ and developers. Theo's machines are still happy.
* Revert the sigacts diff: NFS can apparently retain pointers to processesguenther2011-04-181-5/+5
| | | | | | until they're zombies and then send them signals (for intr mounts). Until that is untangled, the sigacts change is unsafe. sthen@ was the victim for this one
* Correct the sharing of the signal handling state: stuff that shouldguenther2011-04-151-5/+5
| | | | | | | | | | | | be shared (p_sigignore, p_sigcatch, P_NOCLDSTOP, P_NOCLDWAIT) moves to struct sigacts, wihle stuff that should be per rthread (ps_oldmask, SAS_OLDMASK, ps_sigstk) moves to struct proc. Treat the coredumping state bits (ps_sig, ps_code, ps_type, ps_sigval) as per-rthread until our locking around coredumping is better. Oh, and remove the old SunOS-compat ps_usertramp member. "I like the sound of this" tedu@
* Push COMPAT_FREEBSD in front of a whale. Buggy, out of date, noguenther2011-04-051-8/+1
| | | | | | one has been weeding it, and it makes life harder. Toasts of Brennivin for its passing from many; diff ok henning@
* add a BRKSIZ define and use it for the heap gap constant, decouplingtedu2010-12-151-4/+4
| | | | heap gap from max data size. nothing else changes yet. ok deraadt
* don't forget to free program header sections when writingmikeb2010-09-171-1/+3
| | | | | | | core files. fixes a local DoS that can be carried out by an unprivileged user. ok kettenis
* Correct the links between threads, processes, pgrps, and sessions,guenther2010-07-261-7/+8
| | | | | | | | | so that the process-level stuff is to/from struct process and not struct proc. This fixes a bunch of problem cases in rthreads. Based on earlier work by blambert and myself, but mostly written at c2k10. Tested by many: deraadt, sthen, krw, ray, and in snapshots
* struct emul's e_arglen member is expected to count in units ofguenther2010-07-241-2/+2
| | | | | | | sizeof(char *), not in bytes, so we've been allocating and copying around four or eight times as many bytes as we needed to ok kettenis@ deraadt@
* Eliminate RTHREADS kernel option in favor of a sysctl. The actual statustedu2010-06-291-5/+1
| | | | | (not done) hasn't changed, but now it's less work to test things. ok art deraadt
* Use intermediate vaddr_t cast when casting a pointer to off_t. Preventskettenis2010-05-021-2/+2
| | | | | | | gcc4 from complaining about casting a pointer to an integer type of different size. ok guenther@, jsg@
* fix typos in comments, no code changes;schwarze2010-01-141-4/+4
| | | | | from Brad Tilley <brad at 16systems dot com>; ok oga@
* Dell's SVR4 apparently mapped page zero to the executable. We don'tguenther2009-11-191-10/+1
| | | | | | | do that and, given the security issues it exacerbates, never will. So document it and delete the disabled support. ok deraadt@ tedu@
* We need miod's no-coredumps-on-ramdisks diff, because we have grown thederaadt2009-06-061-1/+17
| | | | media just a wee bit too much.
* If a session leader exists s_leader is set to NULL, so don't dereference itkettenis2009-03-081-2/+5
| | | | | | unconditionally. ok miod@
* Make ELF platforms generate ELF core dumps. Somewhat based on code fromkettenis2009-03-051-1/+475
| | | | | | NetBSD. ok kurt@, drahn@, miod@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.