d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14327f5334
freebsd-dev/sys/conf
History
Mark Johnston 14327f5334 Tighten mapping protections on preloaded files on amd64. 
- We load the kernel at 0x200000.  Memory below that address need not
  be executable, so do not map it as such.
- Remove references to .ldata and related sections in the kernel linker
  script.  They come from ld.bfd's default linker script, but are not
  used, and we now use ld.lld to link the amd64 kernel.  lld does not
  contain a default linker script.
- Pad the .bss to a 2MB as we do between .text and .data.  This
  forces the loader to load additional files starting in the following
  2MB page, preserving the use of superpage mappings for kernel data.
- Map memory above the kernel image with NX.  The kernel linker now
  upgrades protections as needed, and other preloaded file types
  (e.g., entropy, microcode) need not be mapped with execute permissions
  in the first place.

Reviewed by:	kib
MFC after:	1 month
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D21859
2019-10-18 14:05:13 +00:00
..
config.mk Add comments about KERN_OPT here. 2019-07-19 17:48:29 +00:00
dtb.build.mk fdt: Fix installation of aarch64 dtb 2019-05-02 16:56:03 +00:00
dtb.mk Allow kernel config to specify DTS/DTSO to build, and out-of-tree support 2019-03-26 02:45:23 +00:00
files Implement NetGDB(4) 2019-10-17 21:33:01 +00:00
files.amd64 emulate illumos membar_producer with atomic_thread_fence_rel 2019-10-10 07:39:41 +00:00
files.arm emulate illumos membar_producer with atomic_thread_fence_rel 2019-10-10 07:39:41 +00:00
files.arm64 arm64: Add Synopsys DWC3 driver 2019-10-14 22:27:33 +00:00
files.i386 Fix bogusly declared WERRORs in kernel build 2019-08-25 19:39:31 +00:00
files.mips Add support for BERI statcounters. 2019-09-18 16:13:50 +00:00
files.powerpc powerpc: Add AmigaOne platform, a subclass of MPC85xx 2019-10-16 00:38:50 +00:00
files.riscv emulate illumos membar_producer with atomic_thread_fence_rel 2019-10-10 07:39:41 +00:00
files.sparc64 emulate illumos membar_producer with atomic_thread_fence_rel 2019-10-10 07:39:41 +00:00
files.x86 itwd(4): driver for watchdog function in ITE Super I/O chips 2019-10-16 14:57:38 +00:00
kern.mk Honor CWARNFLAGS.clang/gcc in the kernel build 2019-09-22 18:27:57 +00:00
kern.opts.mk Disable REPRODUCIBLE_BUILD for kernel builds. 2019-09-28 14:14:42 +00:00
kern.post.mk Back out r351799 2019-09-04 14:32:04 +00:00
kern.pre.mk Fix the EMBEDFS_FORMAT helper variable for riscv64. 2019-10-02 21:49:39 +00:00
kmod_syms_prefix.awk Add the infrastructure to support loading multiple versions of TCP 2017-06-08 20:41:28 +00:00
kmod_syms.awk
kmod.mk Formalize the use of linker scripts for kernel modules. 2019-10-16 22:19:56 +00:00
ldscript.amd64 Tighten mapping protections on preloaded files on amd64. 2019-10-18 14:05:13 +00:00
ldscript.arm Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
ldscript.arm64 Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
ldscript.i386 Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
ldscript.kmod.amd64 Add an ldscript for amd64 kernel modules. 2019-10-17 21:39:23 +00:00
ldscript.kmod.i386 Formalize the use of linker scripts for kernel modules. 2019-10-16 22:19:56 +00:00
ldscript.mips Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
ldscript.mips.cfe Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
ldscript.mips.mips64 Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
ldscript.mips.octeon1 Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
ldscript.powerpc Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
ldscript.powerpc64 Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
ldscript.powerpcspe Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
ldscript.riscv riscv: Ensure that BSS is 8-byte aligned 2019-09-09 15:57:24 +00:00
ldscript.sparc64 Expose the kernel's build-ID through sysctl 2019-06-04 13:07:10 +00:00
Makefile.amd64 Retire CLANG_NO_IAS34 2018-11-01 23:11:47 +00:00
Makefile.arm Remove support for kernel.tramp and kernel.tramp.gz 2019-07-27 17:24:19 +00:00
Makefile.arm64 Revert r336353 completely based on protest; compatibility shims incoming 2018-07-17 14:11:30 +00:00
Makefile.i386 Retire CLANG_NO_IAS34 2018-11-01 23:11:47 +00:00
Makefile.mips Update MIPS kernel builds to work with mips-gcc. 2019-10-15 17:11:42 +00:00
Makefile.powerpc Revert r336353 completely based on protest; compatibility shims incoming 2018-07-17 14:11:30 +00:00
Makefile.riscv Revert r336353 completely based on protest; compatibility shims incoming 2018-07-17 14:11:30 +00:00
Makefile.sparc64 Revert r336353 completely based on protest; compatibility shims incoming 2018-07-17 14:11:30 +00:00
makeLINT.mk Clean LINT* kernel configurations for arm* 2019-09-24 01:56:27 +00:00
makeLINT.sed
newvers.sh newvers: append commit count to uname version string 2019-08-01 14:13:04 +00:00
NOTES Implement NetGDB(4) 2019-10-17 21:33:01 +00:00
options Implement NetGDB(4) 2019-10-17 21:33:01 +00:00
options.amd64 Remove iBCS2, part2: general kernel 2018-12-19 21:57:58 +00:00
options.arm Remove now the cow unused CPU_ARM9 and CPU_FA526 options. These are for 2018-07-28 11:00:45 +00:00
options.arm64 arm64: allwinner: Add Allwinner H6 Support 2019-10-14 21:53:53 +00:00
options.i386 i386: Merge PAE and non-PAE pmaps into same kernel. 2019-01-30 02:07:13 +00:00
options.mips Add SMP support for BERI CPU. 2018-04-12 17:43:19 +00:00
options.powerpc powerpc: Add AmigaOne platform, a subclass of MPC85xx 2019-10-16 00:38:50 +00:00
options.riscv o Add driver for PLIC (Platform-Level Interrupt Controller) device. 2018-06-12 17:45:15 +00:00
options.sparc64
systags.sh sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
WITHOUT_SOURCELESS
WITHOUT_SOURCELESS_HOST
WITHOUT_SOURCELESS_UCODE Remove adv(4) and adw(4) 2018-10-22 02:34:47 +00:00