diff options
| author | Richard Lowe <richlowe@richlowe.net> | 2014-04-16 02:39:14 +0100 |
|---|---|---|
| committer | Richard Lowe <richlowe@richlowe.net> | 2016-10-15 12:02:16 -0400 |
| commit | d2a70789f056fc6c9ce3ab047b52126d80b0e3da (patch) | |
| tree | bcf5eedbc5aeec80cac59ea37052e3b87108c253 /usr/src/uts/sun4 | |
| parent | 8ab1c3f559468e655c4eb8acce993320403dd72b (diff) | |
| download | illumos-gate-d2a70789f056fc6c9ce3ab047b52126d80b0e3da.tar.gz | |
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (ASLR)
7031 noexec_user_stack should be a security-flag
7032 want a means to forbid mappings around NULL
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
Reviewed by: Patrick Mooney <pmooney@joyent.com>
Approved by: Dan McDonald <danmcd@omniti.com>
Diffstat (limited to 'usr/src/uts/sun4')
| -rw-r--r-- | usr/src/uts/sun4/os/mlsetup.c | 2 | ||||
| -rw-r--r-- | usr/src/uts/sun4/vm/vm_dep.c | 12 |
2 files changed, 14 insertions, 0 deletions
diff --git a/usr/src/uts/sun4/os/mlsetup.c b/usr/src/uts/sun4/os/mlsetup.c index 02dbdb874c..b9ade98a26 100644 --- a/usr/src/uts/sun4/os/mlsetup.c +++ b/usr/src/uts/sun4/os/mlsetup.c @@ -189,8 +189,10 @@ mlsetup(struct regs *rp, kfpu_t *fp) p0.p_brkpageszc = 0; p0.p_t1_lgrpid = LGRP_NONE; p0.p_tr_lgrpid = LGRP_NONE; + psecflags_default(&p0.p_secflags); sigorset(&p0.p_ignore, &ignoredefault); + CPU->cpu_thread = &t0; CPU->cpu_dispthread = &t0; bzero(&cpu0_disp, sizeof (disp_t)); diff --git a/usr/src/uts/sun4/vm/vm_dep.c b/usr/src/uts/sun4/vm/vm_dep.c index 291122177a..f80ecf7cf7 100644 --- a/usr/src/uts/sun4/vm/vm_dep.c +++ b/usr/src/uts/sun4/vm/vm_dep.c @@ -37,6 +37,7 @@ #include <sys/machsystm.h> #include <sys/kdi.h> #include <sys/cpu_module.h> +#include <sys/secflags.h> #include <vm/hat_sfmmu.h> @@ -364,6 +365,13 @@ valid_va_range(caddr_t *basep, size_t *lenp, size_t minlen, int dir) } /* + * Default to forbidding the first 64k of address space. This protects most + * reasonably sized structures from dereferences through NULL: + * ((foo_t *)0)->bar + */ +uintptr_t forbidden_null_mapping_sz = 0x10000; + +/* * Determine whether [addr, addr+len] with protections `prot' are valid * for a user address space. */ @@ -377,6 +385,10 @@ valid_usr_range(caddr_t addr, size_t len, uint_t prot, struct as *as, if (eaddr <= addr || addr >= userlimit || eaddr > userlimit) return (RANGE_BADADDR); + if ((addr <= (caddr_t)forbidden_null_mapping_sz) && + secflag_enabled(as->a_proc, PROC_SEC_FORBIDNULLMAP)) + return (RANGE_BADADDR); + /* * Determine if the address range falls within an illegal * range of the MMU. |