Kernel - Enable NX for PROT_READ by default
* We've had NX support for a while, requiring a loader.conf tunable to
enable (machdep.pmap_nx_enable).
* Enhance the feature to support two modes. Mode 1 allows NX support
for PROT_READ mappings, Mode 2 allows NX support for both PROT_READ
and PROT_WRITE mappings.
Third party code should work universally with Mode 1, but apparently
quite a bit still does not work with mode 2.
* Change the default from disabled to Mode 1 in master, lets see if
anyone has any problems with it.
Suggested-by: Theo de Raadt
projects / dragonfly.git / commit