From nobody Mon Jan 31 14:56:39 2022
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 6DA371995079;
	Mon, 31 Jan 2022 14:56:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4JnWNm1mTGz4SxD;
	Mon, 31 Jan 2022 14:56:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1643641000;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=oDWJ4v+3vc+66WWoxIBDJOEXCGdLQvdIr3lkxgR7nD8=;
	b=ury+LNAZlABFVZqNVpbjw1vHoAS3HGomRBrJNPSh756+Vg/3w8RljJlMTj+8sxwdL1XC6N
	eNnqrJEzXmqjG9LFoGbYLdLSP6XAwqmUDW+DFRGGjpsOF/YUldvtU6BdWRGDf9HtgPKVkv
	OWnF8EB8YuMHWh+Psv5rfGV+SNpiSO+Q0hLAxettFKZK6Yv8lt0HS8/mWhlXSNVhsvlEqb
	uKeqZb9b+nhlguOsJ+oyZ7R8fOPRRA7u8YcGpBBYJWQzX8get9o7ufRC9WR+VVuvKiFhTb
	qVtlUCBeW5mXYtrA+CK3CKmWf2dxirRxpXiqqpF5CUfB3FqCM+KwgDnxhYcEqg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F06651E435;
	Mon, 31 Jan 2022 14:56:39 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 20VEuduj082296;
	Mon, 31 Jan 2022 14:56:39 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 20VEudsZ082295;
	Mon, 31 Jan 2022 14:56:39 GMT
	(envelope-from git)
Date: Mon, 31 Jan 2022 14:56:39 GMT
Message-Id: <202201311456.20VEudsZ082295@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 40d6b2a3624c - stable/13 - exec: Remove the stack gap implementation
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 40d6b2a3624ca91ab6ee084d4f99bf2694276b7b
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1643641000;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=oDWJ4v+3vc+66WWoxIBDJOEXCGdLQvdIr3lkxgR7nD8=;
	b=gsw70vvPbdDBQFttj0W2TVw0nTS8RcWc7YVMcC1KeJMADj2z9lz3phl4EDb8NMU1TIDAq4
	WoJI+wWcwEoZA/LfPIeqH8bKzyvrYdGS1c8+WNEduBL1Wa30TMa2ZtX749bu9a5mx8raH0
	zbmkjIjLIFw4nmvTA8or05+qNn5DxAU9IGoUCuqs66IMc3COxzwXRgf48hcGAJbCu6iGta
	IYY/H9GCUz24BKCbM8l/vxC2+HDSEC0/8R5WtBhq6/BHj8fYNr8uv0TBSlIppJMuC84YH8
	jITUwAnSBzpKbi4V7Rnebu0woYBX6wlIY2Pi855zQQXL0qVQ4gnpFIUmxSHU8g==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643641000; a=rsa-sha256; cv=none;
	b=mBjY5reNd0vEJoGvNeZg1H9azSWwzM28wsHPxfdZOzmnY9WcR5HUwkoDQL1dl+35wUkXeb
	e7XGbgdibMYBoGT9ZkvTwkd398Y/Vos+4dkIDAAFJvnLRe5yajREkSvY/0d4OyWjY4zZHw
	YOatXRMr3ZHK8NWe6e6VbNQMlUW6C/+1n8yqTORW0krXcrGemlHLdczi3Orxr22pfJOneX
	zCYpiHKfr2V6EgT33nC4CuIFxsqtcd0S/qW+Cq/xtkiIUKKBpHJJBvD5lI4wVEj0TFSy7U
	0Kg8gszA+z6Tdx1yvga+N2V6fkMTAVpBZsk3Oqc1Y1oHEZlA4G4OfjPTfBGt3w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch stable/13 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=40d6b2a3624ca91ab6ee084d4f99bf2694276b7b

commit 40d6b2a3624ca91ab6ee084d4f99bf2694276b7b
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2022-01-17 16:42:46 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2022-01-31 14:48:57 +0000

    exec: Remove the stack gap implementation
    
    ASLR stack randomization will reappear in a forthcoming commit.  Rather
    than inserting a random gap into the stack mapping, the entire stack
    mapping itself will be randomized in the same way that other mappings
    are when ASLR is enabled.
    
    No functional change intended, as the stack gap implementation is
    currently disabled by default.
    
    Reviewed by:    kib
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 758d98debec43ff83b8a1ed9a3d3a8441b83b3cc)
---
 contrib/elftoolchain/readelf/readelf.c |  1 -
 sys/amd64/amd64/elf_machdep.c          |  2 --
 sys/compat/freebsd32/freebsd32_misc.c  |  2 --
 sys/compat/ia32/ia32_sysvec.c          |  1 -
 sys/kern/imgact_elf.c                  | 19 -------------------
 sys/kern/kern_exec.c                   | 20 --------------------
 sys/sys/elf_common.h                   |  2 +-
 sys/sys/imgact.h                       |  2 --
 sys/sys/imgact_elf.h                   |  1 -
 sys/sys/sysent.h                       |  1 -
 usr.bin/elfctl/elfctl.c                |  2 --
 11 files changed, 1 insertion(+), 52 deletions(-)

diff --git a/contrib/elftoolchain/readelf/readelf.c b/contrib/elftoolchain/readelf/readelf.c
index 987a2ffb128b..84855038d0ef 100644
--- a/contrib/elftoolchain/readelf/readelf.c
+++ b/contrib/elftoolchain/readelf/readelf.c
@@ -3755,7 +3755,6 @@ static struct flag_desc note_feature_ctl_flags[] = {
 	{ NT_FREEBSD_FCTL_STKGAP_DISABLE,	"STKGAP_DISABLE" },
 	{ NT_FREEBSD_FCTL_WXNEEDED,		"WXNEEDED" },
 	{ NT_FREEBSD_FCTL_LA48,			"LA48" },
-	{ NT_FREEBSD_FCTL_ASG_DISABLE,		"ASG_DISABLE" },
 	{ 0, NULL }
 };
 
diff --git a/sys/amd64/amd64/elf_machdep.c b/sys/amd64/amd64/elf_machdep.c
index 0c4a864acf16..c6d539618447 100644
--- a/sys/amd64/amd64/elf_machdep.c
+++ b/sys/amd64/amd64/elf_machdep.c
@@ -89,7 +89,6 @@ struct sysentvec elf64_freebsd_sysvec_la48 = {
 	.sv_schedtail	= NULL,
 	.sv_thread_detach = NULL,
 	.sv_trap	= NULL,
-	.sv_stackgap	= elf64_stackgap,
 	.sv_onexec_old	= exec_onexec_old,
 	.sv_onexit	= exit_onexit,
 };
@@ -128,7 +127,6 @@ struct sysentvec elf64_freebsd_sysvec_la57 = {
 	.sv_schedtail	= NULL,
 	.sv_thread_detach = NULL,
 	.sv_trap	= NULL,
-	.sv_stackgap	= elf64_stackgap,
 	.sv_onexec_old	= exec_onexec_old,
 	.sv_onexit	= exit_onexit,
 };
diff --git a/sys/compat/freebsd32/freebsd32_misc.c b/sys/compat/freebsd32/freebsd32_misc.c
index 3b62cf582866..e56ab423f538 100644
--- a/sys/compat/freebsd32/freebsd32_misc.c
+++ b/sys/compat/freebsd32/freebsd32_misc.c
@@ -3417,8 +3417,6 @@ freebsd32_copyout_strings(struct image_params *imgp, uintptr_t *stack_base)
 	destp = rounddown2(destp, sizeof(uint32_t));
 	ustringp = destp;
 
-	exec_stackgap(imgp, &destp);
-
 	if (imgp->auxargs) {
 		/*
 		 * Allocate room on the stack for the ELF auxargs
diff --git a/sys/compat/ia32/ia32_sysvec.c b/sys/compat/ia32/ia32_sysvec.c
index de6d8540e1de..2acebcd0e05f 100644
--- a/sys/compat/ia32/ia32_sysvec.c
+++ b/sys/compat/ia32/ia32_sysvec.c
@@ -135,7 +135,6 @@ struct sysentvec ia32_freebsd_sysvec = {
 	.sv_schedtail	= NULL,
 	.sv_thread_detach = NULL,
 	.sv_trap	= NULL,
-	.sv_stackgap	= elf32_stackgap,
 	.sv_onexec_old	= exec_onexec_old,
 	.sv_onexit	= exit_onexit,
 };
diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c
index 4bba6b21153b..4857c848ee67 100644
--- a/sys/kern/imgact_elf.c
+++ b/sys/kern/imgact_elf.c
@@ -2902,22 +2902,3 @@ __elfN(untrans_prot)(vm_prot_t prot)
 		flags |= PF_W;
 	return (flags);
 }
-
-vm_size_t
-__elfN(stackgap)(struct image_params *imgp, uintptr_t *stack_base)
-{
-	uintptr_t range, rbase, gap;
-	int pct;
-
-	pct = __elfN(aslr_stack_gap);
-	if (pct == 0)
-		return (0);
-	if (pct > 50)
-		pct = 50;
-	range = imgp->eff_stack_sz * pct / 100;
-	arc4rand(&rbase, sizeof(rbase), 0);
-	gap = rbase % range;
-	gap &= ~(sizeof(u_long) - 1);
-	*stack_base -= gap;
-	return (gap);
-}
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index 301490b9ad28..331508a59895 100644
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -1209,9 +1209,6 @@ exec_new_vmspace(struct image_params *imgp, struct sysentvec *sv)
 	} else {
 		ssiz = maxssiz;
 	}
-	imgp->eff_stack_sz = lim_cur(curthread, RLIMIT_STACK);
-	if (ssiz < imgp->eff_stack_sz)
-		imgp->eff_stack_sz = ssiz;
 	stack_addr = sv->sv_usrstack - ssiz;
 	stack_prot = obj != NULL && imgp->stack_prot != 0 ?
 	    imgp->stack_prot : sv->sv_stackprot;
@@ -1631,21 +1628,6 @@ exec_args_get_begin_envv(struct image_args *args)
 	return (args->endp);
 }
 
-void
-exec_stackgap(struct image_params *imgp, uintptr_t *dp)
-{
-	struct proc *p = imgp->proc;
-
-	if (imgp->sysent->sv_stackgap == NULL ||
-	    (p->p_fctl0 & (NT_FREEBSD_FCTL_ASLR_DISABLE |
-	    NT_FREEBSD_FCTL_ASG_DISABLE)) != 0 ||
-	    (imgp->map_flags & MAP_ASLR) == 0) {
-		p->p_vmspace->vm_stkgap = 0;
-		return;
-	}
-	p->p_vmspace->vm_stkgap = imgp->sysent->sv_stackgap(imgp, dp);
-}
-
 /*
  * Copy strings out to the new process address space, constructing new arg
  * and env vector tables. Return a pointer to the base so that it can be used
@@ -1725,8 +1707,6 @@ exec_copyout_strings(struct image_params *imgp, uintptr_t *stack_base)
 	destp = rounddown2(destp, sizeof(void *));
 	ustringp = destp;
 
-	exec_stackgap(imgp, &destp);
-
 	if (imgp->auxargs) {
 		/*
 		 * Allocate room on the stack for the ELF auxargs
diff --git a/sys/sys/elf_common.h b/sys/sys/elf_common.h
index f65c64af30ff..30f717d32ac7 100644
--- a/sys/sys/elf_common.h
+++ b/sys/sys/elf_common.h
@@ -804,7 +804,7 @@ typedef struct {
 #define	NT_FREEBSD_FCTL_STKGAP_DISABLE	0x00000004
 #define	NT_FREEBSD_FCTL_WXNEEDED	0x00000008
 #define	NT_FREEBSD_FCTL_LA48		0x00000010
-#define	NT_FREEBSD_FCTL_ASG_DISABLE	0x00000020 /* ASLR STACK GAP Disable */
+/* was ASG_DISABLE, do not reuse	0x00000020 */
 
 /* Values for n_type.  Used in core files. */
 #define	NT_PRSTATUS	1	/* Process status. */
diff --git a/sys/sys/imgact.h b/sys/sys/imgact.h
index 9e884ef08d96..4c333b74b7b8 100644
--- a/sys/sys/imgact.h
+++ b/sys/sys/imgact.h
@@ -84,7 +84,6 @@ struct image_params {
 	int pagesizeslen;
 	vm_prot_t stack_prot;
 	u_long stack_sz;
-	u_long eff_stack_sz;
 	struct ucred *newcred;		/* new credentials if changing */
 #define IMGACT_SHELL	0x1
 #define IMGACT_BINMISC	0x2
@@ -122,7 +121,6 @@ int	exec_copyin_args(struct image_args *, const char *, enum uio_seg,
 	char **, char **);
 int	exec_copyin_data_fds(struct thread *, struct image_args *, const void *,
 	size_t, const int *, size_t);
-void	exec_stackgap(struct image_params *imgp, uintptr_t *dp);
 int	pre_execve(struct thread *td, struct vmspace **oldvmspace);
 void	post_execve(struct thread *td, int error, struct vmspace *oldvmspace);
 #endif
diff --git a/sys/sys/imgact_elf.h b/sys/sys/imgact_elf.h
index b4e8d8d42980..5ad26e5c1084 100644
--- a/sys/sys/imgact_elf.h
+++ b/sys/sys/imgact_elf.h
@@ -106,7 +106,6 @@ int	__elfN(remove_brand_entry)(Elf_Brandinfo *entry);
 int	__elfN(freebsd_fixup)(uintptr_t *, struct image_params *);
 int	__elfN(coredump)(struct thread *, struct vnode *, off_t, int);
 size_t	__elfN(populate_note)(int, void *, void *, size_t, void **);
-vm_size_t	__elfN(stackgap)(struct image_params *, uintptr_t *);
 int	__elfN(freebsd_copyout_auxargs)(struct image_params *, uintptr_t);
 
 /* Machine specific function to dump per-thread information. */
diff --git a/sys/sys/sysent.h b/sys/sys/sysent.h
index e0551fa51eff..fec49bc90790 100644
--- a/sys/sys/sysent.h
+++ b/sys/sys/sysent.h
@@ -115,7 +115,6 @@ struct sysentvec {
 	int		(*sv_coredump)(struct thread *, struct vnode *, off_t, int);
 					/* function to dump core, or NULL */
 	int		(*sv_imgact_try)(struct image_params *);
-	vm_size_t	(*sv_stackgap)(struct image_params *, uintptr_t *);
 	int		(*sv_copyout_auxargs)(struct image_params *,
 			    uintptr_t);
 	int		sv_minsigstksz;	/* minimum signal stack size */
diff --git a/usr.bin/elfctl/elfctl.c b/usr.bin/elfctl/elfctl.c
index ef7f915ded30..de14551f76d9 100644
--- a/usr.bin/elfctl/elfctl.c
+++ b/usr.bin/elfctl/elfctl.c
@@ -71,8 +71,6 @@ static struct ControlFeatures featurelist[] = {
 	{ "nostackgap",	NT_FREEBSD_FCTL_STKGAP_DISABLE, "Disable stack gap" },
 	{ "wxneeded",	NT_FREEBSD_FCTL_WXNEEDED, "Requires W+X mappings" },
 	{ "la48",	NT_FREEBSD_FCTL_LA48, "amd64: Limit user VA to 48bit" },
-	{ "noaslrstkgap", NT_FREEBSD_FCTL_ASG_DISABLE,
-	    "Disable ASLR stack gap" },
 };
 
 static struct option long_opts[] = {