kern_pax.c revision 1.1
1 1.1 elad /* $NetBSD: kern_pax.c,v 1.1 2006/05/16 00:08:25 elad Exp $ */ 2 1.1 elad 3 1.1 elad /*- 4 1.1 elad * Copyright (c) 2006 Elad Efrat <elad (at) NetBSD.org> 5 1.1 elad * All rights reserved. 6 1.1 elad * 7 1.1 elad * Redistribution and use in source and binary forms, with or without 8 1.1 elad * modification, are permitted provided that the following conditions 9 1.1 elad * are met: 10 1.1 elad * 1. Redistributions of source code must retain the above copyright 11 1.1 elad * notice, this list of conditions and the following disclaimer. 12 1.1 elad * 2. Redistributions in binary form must reproduce the above copyright 13 1.1 elad * notice, this list of conditions and the following disclaimer in the 14 1.1 elad * documentation and/or other materials provided with the distribution. 15 1.1 elad * 3. All advertising materials mentioning features or use of this software 16 1.1 elad * must display the following acknowledgement: 17 1.1 elad * This product includes software developed by Elad Efrat. 18 1.1 elad * 4. The name of the author may not be used to endorse or promote products 19 1.1 elad * derived from this software without specific prior written permission. 20 1.1 elad * 21 1.1 elad * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 22 1.1 elad * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 23 1.1 elad * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 24 1.1 elad * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 25 1.1 elad * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 26 1.1 elad * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 1.1 elad * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 1.1 elad * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 1.1 elad * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 30 1.1 elad * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 1.1 elad */ 32 1.1 elad 33 1.1 elad #include "opt_pax.h" 34 1.1 elad 35 1.1 elad #include <sys/param.h> 36 1.1 elad #include <sys/proc.h> 37 1.1 elad #include <sys/exec_elf.h> 38 1.1 elad #include <uvm/uvm_extern.h> 39 1.1 elad #include <sys/pax.h> 40 1.1 elad #include <sys/sysctl.h> 41 1.1 elad 42 1.1 elad int pax_mprotect_enabled; 43 1.1 elad int pax_mprotect_global; 44 1.1 elad 45 1.1 elad SYSCTL_SETUP(sysctl_security_pax_setup, "sysctl security.pax setup") 46 1.1 elad { 47 1.1 elad const struct sysctlnode *rnode = NULL; 48 1.1 elad 49 1.1 elad sysctl_createv(clog, 0, NULL, &rnode, 50 1.1 elad CTLFLAG_PERMANENT, 51 1.1 elad CTLTYPE_NODE, "security", NULL, 52 1.1 elad NULL, 0, NULL, 0, 53 1.1 elad CTL_CREATE, CTL_EOL); 54 1.1 elad 55 1.1 elad sysctl_createv(clog, 0, &rnode, &rnode, 56 1.1 elad CTLFLAG_PERMANENT, 57 1.1 elad CTLTYPE_NODE, "pax", 58 1.1 elad SYSCTL_DESCR("PaX (exploit mitigation) features."), 59 1.1 elad NULL, 0, NULL, 0, 60 1.1 elad CTL_CREATE, CTL_EOL); 61 1.1 elad 62 1.1 elad sysctl_createv(clog, 0, &rnode, &rnode, 63 1.1 elad CTLFLAG_PERMANENT, 64 1.1 elad CTLTYPE_NODE, "mprotect", 65 1.1 elad SYSCTL_DESCR("mprotect(2) W^X restrictions."), 66 1.1 elad NULL, 0, NULL, 0, 67 1.1 elad CTL_CREATE, CTL_EOL); 68 1.1 elad sysctl_createv(clog, 0, &rnode, NULL, 69 1.1 elad CTLFLAG_PERMANENT|CTLFLAG_READWRITE|CTLFLAG_IMMEDIATE, 70 1.1 elad CTLTYPE_INT, "enabled", 71 1.1 elad SYSCTL_DESCR("Restrictions enabled."), 72 1.1 elad NULL, 1, &pax_mprotect_enabled, 0, 73 1.1 elad CTL_CREATE, CTL_EOL); 74 1.1 elad sysctl_createv(clog, 0, &rnode, NULL, 75 1.1 elad CTLFLAG_PERMANENT|CTLFLAG_READWRITE|CTLFLAG_IMMEDIATE, 76 1.1 elad CTLTYPE_INT, "global_protection", 77 1.1 elad SYSCTL_DESCR("When enabled, unless explicitly " 78 1.1 elad "specified, apply restrictions to" 79 1.1 elad "all processes."), 80 1.1 elad NULL, PAX_MPROTECT, &pax_mprotect_global, 0, 81 1.1 elad CTL_CREATE, CTL_EOL); 82 1.1 elad } 83 1.1 elad 84 1.1 elad void 85 1.1 elad pax_mprotect_adjust(struct lwp *l, int f) 86 1.1 elad { 87 1.1 elad if (!pax_mprotect_enabled || 88 1.1 elad (f & (PF_PAXMPROTECT|PF_PAXNOMPROTECT))) 89 1.1 elad return; 90 1.1 elad 91 1.1 elad if (f & PF_PAXMPROTECT) 92 1.1 elad l->l_proc->p_flag |= P_PAXMPROTECT; 93 1.1 elad if (f & PF_PAXNOMPROTECT) 94 1.1 elad l->l_proc->p_flag |= P_PAXNOMPROTECT; 95 1.1 elad } 96 1.1 elad 97 1.1 elad void 98 1.1 elad pax_mprotect(struct lwp *l, struct uvm_object *obj, vm_prot_t *new_prot) 99 1.1 elad { 100 1.1 elad if (!pax_mprotect_enabled || 101 1.1 elad (pax_mprotect_global && (l->l_proc->p_flag & P_PAXNOMPROTECT)) || 102 1.1 elad (!pax_mprotect_global && !(l->l_proc->p_flag & P_PAXMPROTECT))) 103 1.1 elad return; 104 1.1 elad 105 1.1 elad if (obj == NULL) { 106 1.1 elad /* Anonymous mappings always get their execute bit stripped. */ 107 1.1 elad *new_prot &= ~VM_PROT_EXECUTE; 108 1.1 elad } else { 109 1.1 elad /* File mappings. */ 110 1.1 elad if ((*new_prot & (VM_PROT_WRITE|VM_PROT_EXECUTE)) == 111 1.1 elad VM_PROT_WRITE) 112 1.1 elad *new_prot &= ~VM_PROT_EXECUTE; 113 1.1 elad else 114 1.1 elad *new_prot &= ~VM_PROT_WRITE; 115 1.1 elad } 116 1.1 elad } 117
Indexes created Sun Sep 21 16:09:51 GMT 2025