Now
MAIN commitmail json YAML
src/lib/libc/sys/mmap.2@1.45
/
diff
/
nxr@1.45
src/sys/sys/mman.h@1.43 / diff / nxr@1.43
src/sys/sys/proc.h@1.312 / diff / nxr@1.312
src/sys/uvm/uvm_extern.h@1.177 / diff / nxr@1.177
src/sys/uvm/uvm_map.c@1.308 / diff / nxr@1.308
src/sys/uvm/uvm_mmap.c@1.140 / diff / nxr@1.140
src/sys/sys/mman.h@1.43 / diff / nxr@1.43
src/sys/sys/proc.h@1.312 / diff / nxr@1.312
src/sys/uvm/uvm_extern.h@1.177 / diff / nxr@1.177
src/sys/uvm/uvm_map.c@1.308 / diff / nxr@1.308
src/sys/uvm/uvm_mmap.c@1.140 / diff / nxr@1.140
Add a MAP_NOSYSCALLS flag to mmap. This flag prohibits executing of system
calls from the mapped region. This can be used for emulation perposed or for
extra security in the case of generated code.
Its implemented by adding mapping-attributes to each uvm_map_entry. These can
then be queried when needed.
Currently the MAP_NOSYSCALLS is only implemented for x86 but other
architectures are easy to adapt; see the sys/arch/x86/x86/syscall.c patch.
Port maintainers are encouraged to add them for their processor ports too.
When this feature is not yet implemented for an architecture the
MAP_NOSYSCALLS is simply ignored with virtually no cpu cost..
calls from the mapped region. This can be used for emulation perposed or for
extra security in the case of generated code.
Its implemented by adding mapping-attributes to each uvm_map_entry. These can
then be queried when needed.
Currently the MAP_NOSYSCALLS is only implemented for x86 but other
architectures are easy to adapt; see the sys/arch/x86/x86/syscall.c patch.
Port maintainers are encouraged to add them for their processor ports too.
When this feature is not yet implemented for an architecture the
MAP_NOSYSCALLS is simply ignored with virtually no cpu cost..