]> Projects (at) Tadryanom (dot) Me - AdrOS.git/commitdiff
projects / AdrOS.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ebc5fee)
x86: enforce W^X and non-exec stack
authorTulio A M Mendes <[email protected]>
Fri, 6 Feb 2026 14:31:32 +0000 (11:31 -0300)
committerTulio A M Mendes <[email protected]>
Fri, 6 Feb 2026 14:31:32 +0000 (11:31 -0300)
src/arch/x86/boot.S patch | blob | blame | history
src/arch/x86/gdt_flush.S patch | blob | blame | history
src/arch/x86/interrupts.S patch | blob | blame | history
src/arch/x86/linker.ld patch | blob | blame | history
src/arch/x86/process.S patch | blob | blame | history
src/arch/x86/tss_flush.S patch | blob | blame | history

diff --git a/src/arch/x86/boot.S b/src/arch/x86/boot.S
index dfc68be116da5f1d72c173655539e6662f6524d8..958003896962cc607f11c43f6076b32e1dc88619 100644 (file)
--- a/src/arch/x86/boot.S
+++ b/src/arch/x86/boot.S
@@ -189,5 +189,7 @@ stack_bottom:
     .skip 16384
 stack_top:
 
+.section .note.GNU-stack,"",@progbits
+
 /* Helper symbol for map loop limit */
 _kernel_physical_end:
\ No newline at end of file
diff --git a/src/arch/x86/gdt_flush.S b/src/arch/x86/gdt_flush.S
index 18adc3131d04a88b2564c15d49dd68a20fce18d2..93b266374f30559457a94dfae836300f742176d5 100644 (file)
--- a/src/arch/x86/gdt_flush.S
+++ b/src/arch/x86/gdt_flush.S
@@ -14,3 +14,5 @@ gdt_flush:
     ljmp $0x08, $flush_cs
 flush_cs:
     ret
+
+ .section .note.GNU-stack,"",@progbits
diff --git a/src/arch/x86/interrupts.S b/src/arch/x86/interrupts.S
index 235e31c23b03e8f5748b662b6c53e3e9ffc17cdb..4f448211ccfc3065d0ab3636d680904d4e7f9977 100644 (file)
--- a/src/arch/x86/interrupts.S
+++ b/src/arch/x86/interrupts.S
@@ -133,3 +133,5 @@ IRQ 15, 47
 
 /* Syscall vector (int 0x80 -> 128) */
 ISR_NOERRCODE 128
+
+ .section .note.GNU-stack,"",@progbits
diff --git a/src/arch/x86/linker.ld b/src/arch/x86/linker.ld
index 1c8284370ec66e38bac45a3633648bcbab6fbb6c..82e99da19c57d63cdcd6dcdc1391ea9bd70a51fa 100644 (file)
--- a/src/arch/x86/linker.ld
+++ b/src/arch/x86/linker.ld
@@ -11,6 +11,13 @@ PHYSICAL_BASE = 0x00100000;
 /* But we want to run at 3GB + 1MB virtual */
 KERNEL_VIRT_BASE = 0xC0000000;
 
+PHDRS
+{
+    text PT_LOAD FLAGS(5);
+    rodata PT_LOAD FLAGS(4);
+    data PT_LOAD FLAGS(6);
+}
+
 SECTIONS
 {
     /* 
@@ -30,23 +37,29 @@ SECTIONS
         *(.boot_text)
         /* Rest of the kernel code */
         *(.text)
-    }
+    } :text
+
+    . = ALIGN(0x1000);
 
     .rodata : AT(ADDR(.rodata) - KERNEL_VIRT_BASE)
     {
         *(.rodata)
-    }
+    } :rodata
+
+    . = ALIGN(0x1000);
 
     .data : AT(ADDR(.data) - KERNEL_VIRT_BASE)
     {
         *(.data)
-    }
+    } :data
+
+    . = ALIGN(0x1000);
 
     .bss : AT(ADDR(.bss) - KERNEL_VIRT_BASE)
     {
         *(.bss)
         *(COMMON)
-    }
+    } :data
 
     _end = .;
 }
diff --git a/src/arch/x86/process.S b/src/arch/x86/process.S
index 51c62b788ca580b389bd838ef4e00e998ee9e2ff..b1528a99320f2345bb1f34aa089136d850e36c00 100644 (file)
--- a/src/arch/x86/process.S
+++ b/src/arch/x86/process.S
@@ -32,3 +32,5 @@ context_switch:
     /* 5. Return */
     /* Since we changed ESP, this 'ret' pops the EIP from the NEW stack! */
     ret
+
+ .section .note.GNU-stack,"",@progbits
diff --git a/src/arch/x86/tss_flush.S b/src/arch/x86/tss_flush.S
index fd911659ff117688b6f72a1b6062168338ce311a..45d1098c4d44f5e7f7253a2db7af94a91f455bfe 100644 (file)
--- a/src/arch/x86/tss_flush.S
+++ b/src/arch/x86/tss_flush.S
@@ -4,3 +4,5 @@ tss_flush:
     mov 4(%esp), %ax
     ltr %ax
     ret
+
+ .section .note.GNU-stack,"",@progbits
AdrOS - A Unix-like Operating System for hobby/academic study.