hi,

a while back I started on updating all the pmaps to support VM_PROT_EXEC
(at least, as much as the hardware allows).  I've put the code for the last
version that I had working at

	ftp://ftp.netbsd.org/pub/NetBSD/misc/chs/noexec/diff.20021123

there's support for alpha, sparc (sun4m), and x86 (stack only, from frank).
some of the non-pmap code in that diff is bogus, it contains a couple hacks
to allow things to work even though there are other changes needed.
basically, the pmap parts are what I want to share, but you need the
rest to have a system that works at all.  if anyone else wants to run
with this, that'd be great.

-Chuck


On Sun, Feb 02, 2003 at 07:16:36PM +0100, Emmanuel Dreyfus wrote:
> Hi all
> 
> Where are we exactly with respect to non executable stack? Jason
> switched our signal implementation to a libc version, thus removing the
> need at this level.


> As far as I understand the problem, we have the following problems:
> - COMPAT_* Binaries need executable stacks, we will never be able to fix
> that, but at least we can try to do non executable stacks for our
> natives binaries
> 
> - C++ code needs to execute the stack. Is there a way of dealing with
> that? 
> - i386 is unable to have a non executable page which is writable.
> 
> The C++ issue is only for userland processes, we have no C++ in the
> kernel. What would prevent us from having non executable heap and stacks
> for kernel space on non i386 CPUs?
> 
> And for userland process, do we have some plans?
> 
> -- 
> Emmanuel Dreyfus.
> Microsoft is not the answer, Microsoft is the question.
> "No, thank you" is the answer.
> manu@netbsd.org