Module Name: src
Committed By: joerg
Date: Fri Jun 23 21:28:39 UTC 2017
Modified Files:
src/sys/arch/amd64/include: vmparam.h
src/sys/arch/i386/include: vmparam.h
src/sys/arch/mips/include: vmparam.h
src/sys/arch/powerpc/include: vmparam.h
src/sys/arch/riscv/include: vmparam.h
src/sys/kern: exec_subr.c
src/sys/uvm: uvm_param.h
Log Message:
Recommit exec_subr.c revision 1.79:
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-1000374 and CVE-2017-1000375 from
Qualys.
Additionally, change VM_DEFAULT_ADDRESS_TOPDOWN to include
user_stack_guard_size in the size reservation.
To generate a diff of this commit:
cvs rdiff -u -r1.41 -r1.42 src/sys/arch/amd64/include/vmparam.h
cvs rdiff -u -r1.84 -r1.85 src/sys/arch/i386/include/vmparam.h
cvs rdiff -u -r1.57 -r1.58 src/sys/arch/mips/include/vmparam.h
cvs rdiff -u -r1.19 -r1.20 src/sys/arch/powerpc/include/vmparam.h
cvs rdiff -u -r1.1 -r1.2 src/sys/arch/riscv/include/vmparam.h
cvs rdiff -u -r1.80 -r1.81 src/sys/kern/exec_subr.c
cvs rdiff -u -r1.35 -r1.36 src/sys/uvm/uvm_param.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
