freebsd-nq/sys/conf
Jonathan T. Looney beb2406556 amd64: Protect the kernel text, data, and BSS by setting the RW/NX bits
correctly for the data contained on each memory page.

There are several components to this change:
 * Add a variable to indicate the start of the R/W portion of the
   initial memory.
 * Stop detecting NX bit support for each AP.  Instead, use the value
   from the BSP and, if supported, activate the feature on the other
   APs just before loading the correct page table.  (Functionally, we
   already assume that the BSP and all APs had the same support or
   lack of support for the NX bit.)
 * Set the RW and NX bits correctly for the kernel text, data, and
   BSS (subject to some caveats below).
 * Ensure DDB can write to memory when necessary (such as to set a
   breakpoint).
 * Ensure GDB can write to memory when necessary (such as to set a
   breakpoint).  For this purpose, add new MD functions gdb_begin_write()
   and gdb_end_write() which the GDB support code can call before and
   after writing to memory.

This change is not comprehensive:
 * It doesn't do anything to protect modules.
 * It doesn't do anything for kernel memory allocated after the kernel
   starts running.
 * In order to avoid excessive memory inefficiency, it may let multiple
   types of data share a 2M page, and assigns the most permissions
   needed for data on that page.

Reviewed by:	jhb, kib
Discussed with:	emaste
MFC after:	2 weeks
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D14282
2018-03-06 14:28:37 +00:00
..
config.mk
dtb.mk Move sys/boot/fdt/dts to sys/dts and adjust scripts. 2017-11-14 21:03:57 +00:00
files Add a generic Proportional Integral Derivative (PID) controller algorithm and 2018-02-23 22:51:51 +00:00
files.amd64 imcsmb(4): Intel integrated Memory Controller (iMC) SMBus controller driver 2018-03-03 01:53:51 +00:00
files.arm Revert r327250 as it broke the build for some armv6 kernel and all armv4/5 2017-12-28 07:31:14 +00:00
files.arm64 dwmmc_rockchip: Add support for rk3328-dw-mshc 2018-02-26 21:29:01 +00:00
files.i386 imcsmb(4): Intel integrated Memory Controller (iMC) SMBus controller driver 2018-03-03 01:53:51 +00:00
files.mips Finally, fix Zstd kernel build on MIPS and RISC-V 2018-01-10 06:30:59 +00:00
files.powerpc PowerNV: Initial support for OPAL I2C transfers 2018-03-01 14:11:07 +00:00
files.riscv Include ffsll() on riscv kernels. 2018-01-10 17:36:43 +00:00
files.sparc64
kern.mk Add kernel retpoline option for amd64 2018-02-28 14:57:45 +00:00
kern.opts.mk Add kernel retpoline option for amd64 2018-02-28 14:57:45 +00:00
kern.post.mk ports modules: Don't leak AUTO_OBJ changes into the port builds. 2018-02-13 17:51:16 +00:00
kern.pre.mk Nudge lld to break the kernel read-only and read-write sections into 2018-03-06 14:18:45 +00:00
kmod_syms_prefix.awk
kmod_syms.awk
kmod.mk Correct module symbol export handling 2018-02-16 15:38:02 +00:00
ldscript.amd64 amd64: Protect the kernel text, data, and BSS by setting the RW/NX bits 2018-03-06 14:28:37 +00:00
ldscript.arm
ldscript.arm64
ldscript.i386
ldscript.mips
ldscript.mips.cfe
ldscript.mips.mips64
ldscript.mips.octeon1
ldscript.powerpc
ldscript.powerpc64 Add support for 64-bit PowerPC kernels to be directly loaded by kexec, which 2017-12-29 20:30:10 +00:00
ldscript.powerpcspe
ldscript.riscv
ldscript.sparc64
Makefile.amd64
Makefile.arm Make kernel option KERNVIRTADDR optional, remove it from std.<platform> 2017-12-30 00:20:49 +00:00
Makefile.arm64
Makefile.i386
Makefile.mips
Makefile.powerpc
Makefile.riscv Support for v1.10 (latest) of RISC-V privilege specification. 2017-08-10 14:18:09 +00:00
Makefile.sparc64
makeLINT.mk Rework r325568 so all 'make LINT' targets work. 2017-11-13 20:49:08 +00:00
makeLINT.sed
newvers.sh Indent protection and some other oops from the prvious commits. 2017-11-20 19:56:11 +00:00
NOTES jedec_dimm(4): report asset info and temperatures for DDR3 and DDR4 DIMMs 2018-02-22 23:18:46 +00:00
options This is an implementation of the client side of TCP Fast Open (TFO) 2018-02-26 02:53:22 +00:00
options.amd64
options.arm Add a new ARM kernel option, LOCORE_MAP_MB, to control the size of the 2017-12-26 19:02:56 +00:00
options.arm64 rk3328: Add support for this SoC 2018-02-26 21:25:50 +00:00
options.i386
options.mips Remove CPU_HAVEFPU. 2017-10-18 17:23:16 +00:00
options.powerpc PowerNV: XICS support for PowerNV/OPAL 2018-01-16 06:24:19 +00:00
options.riscv
options.sparc64
systags.sh sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
WITHOUT_SOURCELESS
WITHOUT_SOURCELESS_HOST
WITHOUT_SOURCELESS_UCODE