[src/trunk]: src/sys/arch Compile in PaX support for Xen x86 kernels (dom0 an...

[jym <jym%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/09db3b57fc97
branches:  trunk
changeset: 750125:09db3b57fc97
user:      jym <jym%NetBSD.org@localhost>
date:      Thu Dec 17 23:53:24 2009 +0000

description:
Compile in PaX support for Xen x86 kernels (dom0 and domU).

ok bouyer@. Compiled and tested by me under i386. Only compile tested for
amd64.

diffstat:

 sys/arch/amd64/conf/XEN3_DOM0 |  5 ++++-
 sys/arch/amd64/conf/XEN3_DOMU |  5 ++++-
 sys/arch/i386/conf/XEN3_DOM0  |  5 ++++-
 sys/arch/i386/conf/XEN3_DOMU  |  5 ++++-
 4 files changed, 16 insertions(+), 4 deletions(-)

diffs (73 lines):

diff -r c94f3239497c -r 09db3b57fc97 sys/arch/amd64/conf/XEN3_DOM0
--- a/sys/arch/amd64/conf/XEN3_DOM0     Thu Dec 17 21:03:10 2009 +0000
+++ b/sys/arch/amd64/conf/XEN3_DOM0     Thu Dec 17 23:53:24 2009 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: XEN3_DOM0,v 1.47 2009/12/05 20:11:03 pooka Exp $
+# $NetBSD: XEN3_DOM0,v 1.48 2009/12/17 23:53:24 jym Exp $
 
 include        "arch/amd64/conf/std.xen"
 
@@ -808,3 +808,6 @@
 pseudo-device  xenevt
 pseudo-device  xvif
 pseudo-device  xbdback
+
+options        PAX_MPROTECT=0          # PaX mprotect(2) restrictions
+options        PAX_ASLR=0              # PaX Address Space Layout Randomization
diff -r c94f3239497c -r 09db3b57fc97 sys/arch/amd64/conf/XEN3_DOMU
--- a/sys/arch/amd64/conf/XEN3_DOMU     Thu Dec 17 21:03:10 2009 +0000
+++ b/sys/arch/amd64/conf/XEN3_DOMU     Thu Dec 17 23:53:24 2009 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: XEN3_DOMU,v 1.20 2009/12/05 20:11:03 pooka Exp $
+# $NetBSD: XEN3_DOMU,v 1.21 2009/12/17 23:53:24 jym Exp $
 
 include        "arch/amd64/conf/std.xen"
 
@@ -213,6 +213,9 @@
 #pseudo-device pf                      # PF packet filter
 #pseudo-device pflog                   # PF log if
 
+options        PAX_MPROTECT=0          # PaX mprotect(2) restrictions
+options        PAX_ASLR=0              # PaX Address Space Layout Randomization
+
 # miscellaneous pseudo-devices
 pseudo-device  pty                     # pseudo-terminals
 pseudo-device  rnd                     # /dev/random and in-kernel generator
diff -r c94f3239497c -r 09db3b57fc97 sys/arch/i386/conf/XEN3_DOM0
--- a/sys/arch/i386/conf/XEN3_DOM0      Thu Dec 17 21:03:10 2009 +0000
+++ b/sys/arch/i386/conf/XEN3_DOM0      Thu Dec 17 23:53:24 2009 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: XEN3_DOM0,v 1.23 2009/12/05 20:11:15 pooka Exp $
+#      $NetBSD: XEN3_DOM0,v 1.24 2009/12/17 23:53:24 jym Exp $
 #
 #      XEN3_0: Xen 3.0 domain0 kernel
 
@@ -799,6 +799,9 @@
 pseudo-device  xvif
 pseudo-device  xbdback
 
+options        PAX_MPROTECT=0          # PaX mprotect(2) restrictions
+options        PAX_ASLR=0              # PaX Address Space Layout Randomization
+
 ppb*   at pci? dev ? function ?        # PCI-PCI bridges
 pci*   at ppb? bus ?
 
diff -r c94f3239497c -r 09db3b57fc97 sys/arch/i386/conf/XEN3_DOMU
--- a/sys/arch/i386/conf/XEN3_DOMU      Thu Dec 17 21:03:10 2009 +0000
+++ b/sys/arch/i386/conf/XEN3_DOMU      Thu Dec 17 23:53:24 2009 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: XEN3_DOMU,v 1.19 2009/12/05 20:11:15 pooka Exp $
+# $NetBSD: XEN3_DOMU,v 1.20 2009/12/17 23:53:24 jym Exp $
 
 include        "arch/xen/conf/std.xen"
 
@@ -247,6 +247,9 @@
 # userland interface to drivers, including autoconf and properties retrieval
 pseudo-device   drvctl
 
+options        PAX_MPROTECT=0          # PaX mprotect(2) restrictions
+options        PAX_ASLR=0              # PaX Address Space Layout Randomization
+
 # PCI pass-through support: 
 #xpci* at xenbus ?                     #Xen3 PCI front end driver
 #pci* at xpci ?