Module Name: src
Committed By: bouyer
Date: Thu Aug 31 08:32:39 UTC 2017
Modified Files:
src/lib/libpthread [netbsd-8]: TODO pthread.c pthread_attr.c
pthread_attr_getguardsize.3 pthread_int.h
src/sys/arch/amd64/include [netbsd-8]: vmparam.h
src/sys/arch/i386/include [netbsd-8]: vmparam.h
src/sys/arch/mips/include [netbsd-8]: vmparam.h
src/sys/arch/powerpc/include [netbsd-8]: vmparam.h
src/sys/arch/riscv/include [netbsd-8]: vmparam.h
src/sys/kern [netbsd-8]: exec_subr.c
src/sys/uvm [netbsd-8]: uvm_meter.c uvm_param.h
src/tests/lib/libpthread [netbsd-8]: t_join.c
Log Message:
Pull up following revision(s) (requested by joerg in ticket #234):
sys/arch/amd64/include/vmparam.h: revision 1.43
sys/kern/exec_subr.c: revision 1.79
lib/libpthread/pthread_int.h: revision 1.94
sys/arch/mips/include/vmparam.h: revision 1.58
sys/arch/mips/include/vmparam.h: revision 1.59
lib/libpthread/TODO: revision 1.19
sys/arch/powerpc/include/vmparam.h: revision 1.20
sys/arch/riscv/include/vmparam.h: revision 1.2
sys/arch/riscv/include/vmparam.h: revision 1.3
sys/arch/i386/include/vmparam.h: revision 1.85
tests/lib/libpthread/t_join.c: revision 1.9
sys/uvm/uvm_meter.c: revision 1.66
sys/uvm/uvm_param.h: revision 1.36
sys/kern/exec_subr.c: revision 1.80
sys/uvm/uvm_param.h: revision 1.37
sys/kern/exec_subr.c: revision 1.81
sys/kern/exec_subr.c: revision 1.82
lib/libpthread/pthread_attr_getguardsize.3: revision 1.4
lib/libpthread/pthread.c: revision 1.148
lib/libpthread/pthread_attr.c: revision 1.17
sys/arch/amd64/include/vmparam.h: revision 1.42
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-1000374 and CVE-2017-1000375 from
Qualys.
Revert for the moment, creates problems on i386.
Recommit exec_subr.c revision 1.79:
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-1000374 and CVE-2017-1000375 from
Qualys.
Additionally, change VM_DEFAULT_ADDRESS_TOPDOWN to include
user_stack_guard_size in the size reservation.
Update VM_DEFAULT_ADDRESS32_TOPDOWN to include guard area.
Export the guard size of the main thread via vm.guard_size. Add a
complementary writable sysctl for the initial guard size of threads
created via pthread_create. Let the existing attribut accessors do the
right thing. Raise the default guard size for threads to 64KB.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.18.4.1 src/lib/libpthread/TODO
cvs rdiff -u -r1.147.8.2 -r1.147.8.3 src/lib/libpthread/pthread.c
cvs rdiff -u -r1.16 -r1.16.24.1 src/lib/libpthread/pthread_attr.c
cvs rdiff -u -r1.3 -r1.3.8.1 src/lib/libpthread/pthread_attr_getguardsize.3
cvs rdiff -u -r1.93 -r1.93.4.1 src/lib/libpthread/pthread_int.h
cvs rdiff -u -r1.39 -r1.39.6.1 src/sys/arch/amd64/include/vmparam.h
cvs rdiff -u -r1.84 -r1.84.6.1 src/sys/arch/i386/include/vmparam.h
cvs rdiff -u -r1.57 -r1.57.8.1 src/sys/arch/mips/include/vmparam.h
cvs rdiff -u -r1.19 -r1.19.12.1 src/sys/arch/powerpc/include/vmparam.h
cvs rdiff -u -r1.1 -r1.1.12.1 src/sys/arch/riscv/include/vmparam.h
cvs rdiff -u -r1.78.2.2 -r1.78.2.3 src/sys/kern/exec_subr.c
cvs rdiff -u -r1.65 -r1.65.10.1 src/sys/uvm/uvm_meter.c
cvs rdiff -u -r1.35 -r1.35.10.1 src/sys/uvm/uvm_param.h
cvs rdiff -u -r1.8 -r1.8.24.1 src/tests/lib/libpthread/t_join.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
