1272343Sngie/* $NetBSD: exec_prot_support.c,v 1.1 2011/07/18 23:16:09 jym Exp $ */ 2272343Sngie 3272343Sngie/*- 4272343Sngie * Copyright (c) 2011 The NetBSD Foundation, Inc. 5272343Sngie * All rights reserved. 6272343Sngie * 7272343Sngie * This code is derived from software contributed to The NetBSD Foundation 8272343Sngie * by Jean-Yves Migeon. 9272343Sngie * 10272343Sngie * Redistribution and use in source and binary forms, with or without 11272343Sngie * modification, are permitted provided that the following conditions 12272343Sngie * are met: 13272343Sngie * 1. Redistributions of source code must retain the above copyright 14272343Sngie * notice, this list of conditions and the following disclaimer. 15272343Sngie * 2. Redistributions in binary form must reproduce the above copyright 16272343Sngie * notice, this list of conditions and the following disclaimer in the 17272343Sngie * documentation and/or other materials provided with the distribution. 18272343Sngie * 19272343Sngie * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20272343Sngie * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21272343Sngie * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22272343Sngie * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23272343Sngie * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24272343Sngie * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25272343Sngie * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26272343Sngie * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27272343Sngie * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28272343Sngie * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29272343Sngie * POSSIBILITY OF SUCH DAMAGE. 30272343Sngie */ 31272343Sngie 32272343Sngie#include <sys/cdefs.h> 33272343Sngie__RCSID("$NetBSD: exec_prot_support.c,v 1.1 2011/07/18 23:16:09 jym Exp $"); 34272343Sngie 35272343Sngie#include <stdlib.h> 36272343Sngie#include <sys/sysctl.h> 37272343Sngie 38272343Sngie#include "../../common/exec_prot.h" 39272343Sngie 40272343Sngie/* 41272343Sngie * Support for executable space protection has always been erratic under i386. 42272343Sngie * Originally IA-32 can't do per-page execute permission, so it is 43272343Sngie * implemented using different executable segments for %cs (code segment). 44272343Sngie * This only allows coarse grained protection, especially when memory starts 45272343Sngie * being fragmented. 46272343Sngie * Later, PAE was introduced together with a NX/XD bit in the page table 47272343Sngie * entry to offer per-page permission. 48272343Sngie */ 49272343Sngieint 50272343Sngieexec_prot_support(void) 51272343Sngie{ 52272343Sngie int pae; 53272343Sngie size_t pae_len = sizeof(pae); 54272343Sngie 55272343Sngie if (sysctlbyname("machdep.pae", &pae, &pae_len, NULL, 0) == -1) 56272343Sngie return PARTIAL_XP; 57272343Sngie 58272343Sngie if (pae == 1) { 59272343Sngie if (system("cpuctl identify 0 | grep -q NOX") == 0 || 60272343Sngie system("cpuctl identify 0 | grep -q XD") == 0) 61272343Sngie return PERPAGE_XP; 62272343Sngie } 63272343Sngie 64272343Sngie return PARTIAL_XP; 65272343Sngie} 66