11.1Sjym/*      $NetBSD: exec_prot_support.c,v 1.1 2011/07/18 23:16:09 jym Exp $ */
21.1Sjym
31.1Sjym/*-
41.1Sjym * Copyright (c) 2011 The NetBSD Foundation, Inc.
51.1Sjym * All rights reserved.
61.1Sjym *
71.1Sjym * This code is derived from software contributed to The NetBSD Foundation
81.1Sjym * by Jean-Yves Migeon.
91.1Sjym *
101.1Sjym * Redistribution and use in source and binary forms, with or without
111.1Sjym * modification, are permitted provided that the following conditions
121.1Sjym * are met:
131.1Sjym * 1. Redistributions of source code must retain the above copyright
141.1Sjym *    notice, this list of conditions and the following disclaimer.
151.1Sjym * 2. Redistributions in binary form must reproduce the above copyright
161.1Sjym *    notice, this list of conditions and the following disclaimer in the
171.1Sjym *    documentation and/or other materials provided with the distribution.
181.1Sjym *
191.1Sjym * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
201.1Sjym * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
211.1Sjym * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
221.1Sjym * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
231.1Sjym * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
241.1Sjym * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
251.1Sjym * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
261.1Sjym * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
271.1Sjym * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
281.1Sjym * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
291.1Sjym * POSSIBILITY OF SUCH DAMAGE.
301.1Sjym */
311.1Sjym
321.1Sjym#include <sys/cdefs.h>
331.1Sjym__RCSID("$NetBSD: exec_prot_support.c,v 1.1 2011/07/18 23:16:09 jym Exp $");
341.1Sjym
351.1Sjym#include <stdlib.h>
361.1Sjym#include <sys/sysctl.h>
371.1Sjym
381.1Sjym#include "../../common/exec_prot.h"
391.1Sjym
401.1Sjym/*
411.1Sjym * Support for executable space protection has always been erratic under i386.
421.1Sjym * Originally IA-32 can't do per-page execute permission, so it is
431.1Sjym * implemented using different executable segments for %cs (code segment).
441.1Sjym * This only allows coarse grained protection, especially when memory starts
451.1Sjym * being fragmented.
461.1Sjym * Later, PAE was introduced together with a NX/XD bit in the page table
471.1Sjym * entry to offer per-page permission.
481.1Sjym */
491.1Sjymint
501.1Sjymexec_prot_support(void)
511.1Sjym{
521.1Sjym	int pae;
531.1Sjym	size_t pae_len = sizeof(pae);
541.1Sjym
551.1Sjym	if (sysctlbyname("machdep.pae", &pae, &pae_len, NULL, 0) == -1)
561.1Sjym		return PARTIAL_XP;
571.1Sjym
581.1Sjym	if (pae == 1) {
591.1Sjym		if (system("cpuctl identify 0 | grep -q NOX") == 0 ||
601.1Sjym		    system("cpuctl identify 0 | grep -q XD") == 0)
611.1Sjym			return PERPAGE_XP;
621.1Sjym	}
631.1Sjym
641.1Sjym	return PARTIAL_XP;
651.1Sjym}
66