[src/trunk]: src/sys/arch Disable PAX_SEGVGUARD.

[maxv <maxv%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/27dd09fd1206
branches:  trunk
changeset: 340731:27dd09fd1206
user:      maxv <maxv%NetBSD.org@localhost>
date:      Sat Sep 26 16:33:16 2015 +0000

description:
Disable PAX_SEGVGUARD.

We actually have a big problem: the fileassocs are never deleted.
Therefore, if a user generates a lot of buggy binaries and launches them
all, the kernel will allocate memory again again and again for all these
entries and will never free them (unless the files are deleted from the
disk). Which means that a user can too easily put the kernel under memory
pressure.

diffstat:

 sys/arch/alpha/conf/GENERIC    |  5 ++---
 sys/arch/amd64/conf/ALL        |  6 +++---
 sys/arch/evbarm64/conf/A64EMUL |  5 ++---
 sys/arch/i386/conf/ALL         |  6 +++---
 sys/arch/shark/conf/GENERIC    |  5 ++---
 5 files changed, 12 insertions(+), 15 deletions(-)

diffs (126 lines):

diff -r 41cf5c97e497 -r 27dd09fd1206 sys/arch/alpha/conf/GENERIC
--- a/sys/arch/alpha/conf/GENERIC       Sat Sep 26 16:12:24 2015 +0000
+++ b/sys/arch/alpha/conf/GENERIC       Sat Sep 26 16:33:16 2015 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.365 2015/08/08 06:36:24 maxv Exp $
+# $NetBSD: GENERIC,v 1.366 2015/09/26 16:33:16 maxv Exp $
 #
 # This machine description file is used to generate the default NetBSD
 # kernel.
@@ -19,7 +19,7 @@
 
 options        INCLUDE_CONFIG_FILE     # embed config file in kernel binary
 
-ident          "GENERIC-$Revision: 1.365 $"
+ident          "GENERIC-$Revision: 1.366 $"
 
 maxusers 32
 
@@ -789,5 +789,4 @@
 #options       VERIFIED_EXEC_FP_MD5
 
 options PAX_MPROTECT=0                 # PaX mprotect(2) restrictions
-#options PAX_SEGVGUARD=0                       # PaX Segmentation fault guard
 options PAX_ASLR=0                     # PaX Address Space Layout Randomization
diff -r 41cf5c97e497 -r 27dd09fd1206 sys/arch/amd64/conf/ALL
--- a/sys/arch/amd64/conf/ALL   Sat Sep 26 16:12:24 2015 +0000
+++ b/sys/arch/amd64/conf/ALL   Sat Sep 26 16:33:16 2015 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: ALL,v 1.30 2015/08/08 06:36:24 maxv Exp $
+# $NetBSD: ALL,v 1.31 2015/09/26 16:33:16 maxv Exp $
 # From NetBSD: GENERIC,v 1.787 2006/10/01 18:37:54 bouyer Exp
 #
 # ALL machine description file
@@ -17,7 +17,7 @@
 
 options        INCLUDE_CONFIG_FILE     # embed config file in kernel binary
 
-#ident                 "ALL-$Revision: 1.30 $"
+#ident                 "ALL-$Revision: 1.31 $"
 
 maxusers       64              # estimated number of users
 
@@ -1633,7 +1633,7 @@
 
 options        PAX_MPROTECT=0          # PaX mprotect(2) restrictions
 options        PAX_ASLR=0              # PaX Address Space Layout Randomization
-options        PAX_SEGVGUARD=0         # PaX Segmentation fault guard
+#options       PAX_SEGVGUARD=0         # PaX Segmentation fault guard
 
 #
 # NetBSD: GENERIC_ISDN,v 1.16 2010/01/03 03:53:34 dholland Exp
diff -r 41cf5c97e497 -r 27dd09fd1206 sys/arch/evbarm64/conf/A64EMUL
--- a/sys/arch/evbarm64/conf/A64EMUL    Sat Sep 26 16:12:24 2015 +0000
+++ b/sys/arch/evbarm64/conf/A64EMUL    Sat Sep 26 16:33:16 2015 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: A64EMUL,v 1.4 2015/08/12 07:53:57 maxv Exp $
+# $NetBSD: A64EMUL,v 1.5 2015/09/26 16:33:16 maxv Exp $
 #
 # This machine description file is used to generate the default NetBSD
 # kernel.
@@ -19,7 +19,7 @@
 
 options        INCLUDE_CONFIG_FILE     # embed config file in kernel binary
 
-ident          "A64EMUL-$Revision: 1.4 $"
+ident          "A64EMUL-$Revision: 1.5 $"
 
 maxusers 32
 
@@ -267,5 +267,4 @@
 #options       VERIFIED_EXEC_FP_MD5
 
 #options PAX_MPROTECT=0                        # PaX mprotect(2) restrictions
-#options PAX_SEGVGUARD=0                       # PaX Segmentation fault guard
 #options PAX_ASLR=0                    # PaX Address Space Layout Randomization
diff -r 41cf5c97e497 -r 27dd09fd1206 sys/arch/i386/conf/ALL
--- a/sys/arch/i386/conf/ALL    Sat Sep 26 16:12:24 2015 +0000
+++ b/sys/arch/i386/conf/ALL    Sat Sep 26 16:33:16 2015 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: ALL,v 1.395 2015/09/26 11:16:12 maxv Exp $
+# $NetBSD: ALL,v 1.396 2015/09/26 16:33:16 maxv Exp $
 # From NetBSD: GENERIC,v 1.787 2006/10/01 18:37:54 bouyer Exp
 #
 # ALL machine description file
@@ -17,7 +17,7 @@
 
 options        INCLUDE_CONFIG_FILE     # embed config file in kernel binary
 
-#ident                 "ALL-$Revision: 1.395 $"
+#ident                 "ALL-$Revision: 1.396 $"
 
 maxusers       64              # estimated number of users
 
@@ -1823,7 +1823,7 @@
 
 options        PAX_MPROTECT=0          # PaX mprotect(2) restrictions
 options        PAX_ASLR=0              # PaX Address Space Layout Randomization
-options        PAX_SEGVGUARD=0         # PaX Segmentation fault guard
+#options       PAX_SEGVGUARD=0         # PaX Segmentation fault guard
 
 #
 # NetBSD: GENERIC_ISDN,v 1.16 2010/01/03 03:53:34 dholland Exp
diff -r 41cf5c97e497 -r 27dd09fd1206 sys/arch/shark/conf/GENERIC
--- a/sys/arch/shark/conf/GENERIC       Sat Sep 26 16:12:24 2015 +0000
+++ b/sys/arch/shark/conf/GENERIC       Sat Sep 26 16:33:16 2015 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: GENERIC,v 1.122 2015/08/08 06:36:26 maxv Exp $
+#      $NetBSD: GENERIC,v 1.123 2015/09/26 16:33:16 maxv Exp $
 #
 # Generic Shark configuration.
 #
@@ -7,7 +7,7 @@
 
 options        INCLUDE_CONFIG_FILE     # embed config file in kernel binary
 
-#ident         "GENERIC-$Revision: 1.122 $"
+#ident         "GENERIC-$Revision: 1.123 $"
 
 # estimated number of users
 maxusers       32
@@ -330,5 +330,4 @@
 #options VERIFIED_EXEC_FP_MD5
 
 options PAX_MPROTECT=0                 # PaX mprotect(2) restrictions
-#options PAX_SEGVGUARD=0                       # PaX Segmentation fault guard
 options PAX_ASLR=0                     # PaX Address Space Layout Randomization