]> Projects (at) Tadryanom (dot) Me - AdrOS.git/commitdiff
projects / AdrOS.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6171075)
x86: enforce W^X and non-exec stack
authorTulio A M Mendes <[email protected]>
Fri, 6 Feb 2026 14:31:32 +0000 (11:31 -0300)
committerTulio A M Mendes <[email protected]>
Fri, 6 Feb 2026 14:31:32 +0000 (11:31 -0300)
src/arch/x86/boot.S patch | blob | blame | history
src/arch/x86/gdt_flush.S patch | blob | blame | history
src/arch/x86/interrupts.S patch | blob | blame | history
src/arch/x86/linker.ld patch | blob | blame | history
src/arch/x86/process.S patch | blob | blame | history
src/arch/x86/tss_flush.S patch | blob | blame | history

diff --git a/src/arch/x86/boot.S b/src/arch/x86/boot.S
index 60ee8f4d5693be2158891d4aef0cfd23904df3dd..1ba273a0fbba66c56fc4c976afeede22bb6cffdb 100644 (file)
--- a/src/arch/x86/boot.S
+++ b/src/arch/x86/boot.S
@@ -198,5 +198,7 @@ stack_bottom:
     .skip 16384
 stack_top:
 
+.section .note.GNU-stack,"",@progbits
+
 /* Helper symbol for map loop limit */
 _kernel_physical_end:
\ No newline at end of file
diff --git a/src/arch/x86/gdt_flush.S b/src/arch/x86/gdt_flush.S
index 6f18e80b0b6a2e10a38e85d6fcc363606a15132c..1150c627e7f60acdcc2a555f5da7f79799da8660 100644 (file)
--- a/src/arch/x86/gdt_flush.S
+++ b/src/arch/x86/gdt_flush.S
@@ -23,3 +23,5 @@ gdt_flush:
     ljmp $0x08, $flush_cs
 flush_cs:
     ret
+
+ .section .note.GNU-stack,"",@progbits
diff --git a/src/arch/x86/interrupts.S b/src/arch/x86/interrupts.S
index 2727f0512ba08e26aec6287b0bb384f9815334bd..4c2240c2937803674e2ac2a9742011ab0cf03c89 100644 (file)
--- a/src/arch/x86/interrupts.S
+++ b/src/arch/x86/interrupts.S
@@ -142,3 +142,5 @@ IRQ 15, 47
 
 /* Syscall vector (int 0x80 -> 128) */
 ISR_NOERRCODE 128
+
+ .section .note.GNU-stack,"",@progbits
diff --git a/src/arch/x86/linker.ld b/src/arch/x86/linker.ld
index fb4b7e6e0da027ba93b70ca5f6130bae8cda4f8f..8a1e1af2baff38ce4a82897f02dff4db1a508138 100644 (file)
--- a/src/arch/x86/linker.ld
+++ b/src/arch/x86/linker.ld
@@ -20,6 +20,13 @@ PHYSICAL_BASE = 0x00100000;
 /* But we want to run at 3GB + 1MB virtual */
 KERNEL_VIRT_BASE = 0xC0000000;
 
+PHDRS
+{
+    text PT_LOAD FLAGS(5);
+    rodata PT_LOAD FLAGS(4);
+    data PT_LOAD FLAGS(6);
+}
+
 SECTIONS
 {
     /* 
@@ -39,23 +46,29 @@ SECTIONS
         *(.boot_text)
         /* Rest of the kernel code */
         *(.text)
-    }
+    } :text
+
+    . = ALIGN(0x1000);
 
     .rodata : AT(ADDR(.rodata) - KERNEL_VIRT_BASE)
     {
         *(.rodata)
-    }
+    } :rodata
+
+    . = ALIGN(0x1000);
 
     .data : AT(ADDR(.data) - KERNEL_VIRT_BASE)
     {
         *(.data)
-    }
+    } :data
+
+    . = ALIGN(0x1000);
 
     .bss : AT(ADDR(.bss) - KERNEL_VIRT_BASE)
     {
         *(.bss)
         *(COMMON)
-    }
+    } :data
 
     _end = .;
 }
diff --git a/src/arch/x86/process.S b/src/arch/x86/process.S
index f17291679bf34b4f27764a50ef3dcdd5f071e78c..d847e0a26735129a9b5365ed431e519270512eac 100644 (file)
--- a/src/arch/x86/process.S
+++ b/src/arch/x86/process.S
@@ -41,3 +41,5 @@ context_switch:
     /* 5. Return */
     /* Since we changed ESP, this 'ret' pops the EIP from the NEW stack! */
     ret
+
+ .section .note.GNU-stack,"",@progbits
diff --git a/src/arch/x86/tss_flush.S b/src/arch/x86/tss_flush.S
index 2028d089a0f1e04dd33f720d3690505097996e37..f7b990d86a1b68148019e95890d77af167d6ae28 100644 (file)
--- a/src/arch/x86/tss_flush.S
+++ b/src/arch/x86/tss_flush.S
@@ -13,3 +13,5 @@ tss_flush:
     mov 4(%esp), %ax
     ltr %ax
     ret
+
+ .section .note.GNU-stack,"",@progbits
AdrOS - A Unix-like Operating System for hobby/academic study.