Christian Weisgerber <na...@mips.inka.de> wrote:
> Christian Weisgerber:
>
> > If I move
> >
> > vaddr_t ps_timekeep; /* User pointer to timekeep */
> >
> > up into the zeroed area, I get a properly randomized _timekeep in
> > userland.
>
> Also note that exec_sigcode_map() has this
>
> pr->ps_sigcode = 0; /* no hint */
> uao_reference(e->e_sigobject);
> if (uvm_map(&pr->ps_vmspace->vm_map, &pr->ps_sigcode, round_page(sz),
>
> I don't know if we want to
> * explicitly set ps_timekeep to 0 in exec_timekeep_map(), or
> * move it into the zeroed area, which we should also do with ps_sigcode
> then.
Placing it in the zero'd area probably needs some careful consideration and
testing in relationship to MD signal delivery, we would not want
tf->tf_pr = (int)p->p_p->ps_sigcode
to become a pointer to userland NULL, resulting in a fault, which sends
a signal and ....
Looking at ps_sigcode use in the kernel, I also find a special case for it
in uvm_should_coredump(). The same "avoid dumping" logic should probably
be there for timekeep also.
