Kernel: Set NX bit on expanded kmalloc memory mappings if supported

We never want to execute kmalloc memory.
author: Andreas Kling <kling@serenityos.org> 2021-12-25 19:55:52 +0100
committer: Andreas Kling <kling@serenityos.org> 2021-12-25 22:07:59 +0100
commit: 4d585cdb825d23743f1d677ee0a904a16724eef9 (patch)
tree: eac6120f6fa2bc81bcfa59501a44ef4840ebd5d8 /Kernel/Heap/kmalloc.cpp
parent: da5c257e2e9e727694d309ce54f684c99a99e777 (diff)
download: serenity-4d585cdb825d23743f1d677ee0a904a16724eef9.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/Kernel/Heap/kmalloc.cpp b/Kernel/Heap/kmalloc.cpp
index 4c4e8946d8..b6e2ff1737 100644
--- a/Kernel/Heap/kmalloc.cpp
+++ b/Kernel/Heap/kmalloc.cpp
@@ -127,6 +127,8 @@ struct KmallocGlobalData {
 
         expansion_data->next_virtual_address = expansion_data->next_virtual_address.offset(new_subheap_size);
 
+        auto cpu_supports_nx = Processor::current().has_feature(CPUFeature::NX);
+
         SpinlockLocker mm_locker(Memory::s_mm_lock);
         SpinlockLocker pd_locker(MM.kernel_page_directory().get_lock());
 
@@ -146,6 +148,8 @@ struct KmallocGlobalData {
             pte->set_global(true);
             pte->set_user_allowed(false);
             pte->set_writable(true);
+            if (cpu_supports_nx)
+                pte->set_execute_disabled(true);
             pte->set_present(true);
         }
author	Andreas Kling <kling@serenityos.org>	2021-12-25 19:55:52 +0100
committer	Andreas Kling <kling@serenityos.org>	2021-12-25 22:07:59 +0100
commit	4d585cdb825d23743f1d677ee0a904a16724eef9 (patch)
tree	eac6120f6fa2bc81bcfa59501a44ef4840ebd5d8 /Kernel/Heap/kmalloc.cpp
parent	da5c257e2e9e727694d309ce54f684c99a99e777 (diff)
download	serenity-4d585cdb825d23743f1d677ee0a904a16724eef9.zip