CVS commit: src/sys

["Maxime Villard" <maxv%netbsd.org@localhost>]

Module Name:    src
Committed By:   maxv
Date:           Sat Sep 26 16:12:24 UTC 2015

Modified Files:
        src/sys/kern: exec_elf.c exec_subr.c kern_exec.c kern_pax.c
        src/sys/sys: pax.h

Log Message:
Revamp the way processes are PaX'ed in the kernel. Sent on tech-kern@ two
months ago, but no one reviewed it - probably because it's not a trivial
change.

This change fixes the following bug: when loading a PaX'ed binary, the
kernel updates the PaX flag of the calling process before it makes sure
the new process is actually launched. If the kernel fails to launch the
new process, it does not restore the PaX flag of the calling process,
leaving it in an inconsistent state.

Actually, simply restoring it would be horrible as well, since in the
meantime another thread may have used the flag.

The solution is therefore: modify all the functions used by PaX so that
they take as argument the exec package instead of the lwp, and set the PaX
flag in the process *right before* launching the new process - it cannot
fail in the meantime.


To generate a diff of this commit:
cvs rdiff -u -r1.76 -r1.77 src/sys/kern/exec_elf.c
cvs rdiff -u -r1.71 -r1.72 src/sys/kern/exec_subr.c
cvs rdiff -u -r1.416 -r1.417 src/sys/kern/kern_exec.c
cvs rdiff -u -r1.31 -r1.32 src/sys/kern/kern_pax.c
cvs rdiff -u -r1.15 -r1.16 src/sys/sys/pax.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.